Security Directory

G

Gemeinde Fisibach

fisibach.ch

10

Gemeinde Fisibach operates as the official municipal government website for the community of Fisibach in Switzerland. It provides residents and visitors with comprehensive information and services including political updates, administrative details, educational resources, safety information, and local events. The site targets local citizens and stakeholders, offering an accessible online portal for municipal services such as the online counter and e-move registration. The business model is that of a public sector entity focused on community service and information dissemination. Technically, the website is built on a modern CMS platform (i-web.ch) with responsive design and accessibility considerations. It uses standard web technologies including HTML5, CSS3, JavaScript, and SVG icons, with Bootstrap framework elements evident. The site demonstrates good SEO and mobile optimization, though hosting provider details are not explicit. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, indicating awareness of privacy compliance. However, explicit security headers are not detected in the HTML content, and no dedicated security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the content. The WHOIS data aligns with the municipal nature of the site, confirming legitimacy. Overall, the website is a trustworthy, well-maintained municipal portal with good content quality and user experience. Strategic improvements could include enhanced security headers, explicit security policies, and publishing a vulnerability disclosure policy to strengthen security posture and trust.

S

Springer Medizin

springermedizin.at

64

Springer Medizin operates a professional medical information portal primarily targeting healthcare professionals in Austria and German-speaking regions. The website offers scientific medical news, journals, podcasts, and continuing education resources, positioning itself as a trusted source affiliated with the reputable Springer Nature publishing group. The business model focuses on content delivery and professional education within the healthcare sector. Technically, the site employs modern web technologies including responsive design, SVG icons, and asynchronous script loading, hosted likely on Springer Nature's infrastructure. Privacy compliance is partially implemented with a cookie consent mechanism but lacks a clearly accessible privacy policy page and terms of service. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are not published. Overall, the site is professional, trustworthy, and safe for its target audience.

C

coolLabs Technologies Bt.

safetyper.com

50

Safetyper is a technology startup offering a privacy-focused alternative to Grammarly, emphasizing user ownership of typed content. The website presents a clean, modern design built with the Astro framework, hosted on Hetzner infrastructure. It is mobile optimized and uses privacy-friendly analytics (Plausible). The site is currently in a pre-launch or coming soon state, with limited content and no active forms or user data collection. Security posture is basic but adequate, with HTTPS enabled and no critical vulnerabilities detected. However, the site lacks privacy and cookie policies, contact information, and security incident response details, which are important for trust and compliance. The domain registration is consistent with the business entity and startup age, indicating legitimacy.

C

coolLabs Technologies Bt.

jata.app

50

Jata.app is a minimalist todo list web application developed by coolLabs Technologies Bt., a small technology company based in Hungary. The app focuses on providing users with a simple, bloat-free interface to manage daily tasks and organize todos using hashtags. The website demonstrates a clean, modern design with good mobile optimization and fast performance, leveraging the Astro framework and custom fonts. The company maintains an active community presence on Discord and social media, enhancing user engagement and support. However, the website lacks formal privacy, cookie, and security policies, which are critical for compliance and user trust. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information indicates room for improvement. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

P

PERI Deutschland

peri.de

70

PERI Deutschland is a well-established company specializing in formwork, scaffolding, wood-based materials, and related construction services. The company targets construction firms, scaffolding companies, and craft businesses, offering both sales and rental solutions complemented by digital tools and training programs. The website reflects a strong market position with comprehensive service offerings and a professional online presence. Technically, the site employs modern web technologies including Usercentrics for consent management and Google Tag Manager for analytics, hosted on a reputable provider. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-designed, and compliant with GDPR requirements.

D

Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI)

dfki.de

60

The Deutsches Forschungszentrum für Künstliche Intelligenz GmbH (DFKI) is a leading German research institute specializing in artificial intelligence. With over 30 years of experience, DFKI combines scientific excellence with practical applications, targeting industry, academia, and government sectors. Their website reflects a mature digital presence with comprehensive content about their research areas, projects, and collaborations. The site is professionally designed, multilingual, and optimized for accessibility and SEO. Technically, it is built on TYPO3 CMS with modern web technologies and uses self-hosted Matomo analytics to respect user privacy. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, DFKI presents a trustworthy and authoritative online presence aligned with its reputation as a premier AI research center.

S

Stadt Mannheim

mannheim.de

68

The website www.mannheim.de serves as the official digital portal for the city of Mannheim, Germany. It provides comprehensive information and services related to municipal administration, citizen services, economic development, culture, education, tourism, and career opportunities. The site targets residents, businesses, tourists, and public service users, positioning itself as a key government resource with a broad service offering. The content is well-structured, multilingual, and accessible, reflecting a mature digital presence for a large municipal entity. Technically, the website is built on Drupal 10, utilizing modern web technologies such as Matomo for analytics, SVG icons, and slick carousel for UI elements. The site demonstrates good performance, mobile optimization, and accessibility features. Security is robust with HTTPS enforced, multiple security headers present, and consent-based tracking mechanisms implemented. However, explicit security policies and incident response contacts are not prominently published, and no vulnerability disclosure or security.txt files were found. Overall, the security posture is strong with no detected vulnerabilities or suspicious activity. Privacy compliance is well addressed with clear privacy and cookie policies and user consent mechanisms. The business credibility is high, supported by official domain registration, consistent branding, and transparent contact information. The site is safe for general audiences with no adult or questionable content. Strategically, the site could enhance trust and security culture by publishing dedicated security policies and incident response information, and by implementing a vulnerability disclosure program. Regular audits of third-party scripts and form input sanitization are recommended to maintain security integrity.

G

Gesellschaft für Freiheitsrechte e.V.

freiheitsrechte.org

62

Gesellschaft für Freiheitsrechte e.V. (GFF) is a German non-profit organization dedicated to defending fundamental and human rights through legal means. Established in 2015, it has built a reputable position in the human rights advocacy sector, focusing on strategic litigation, public education, and policy influence. The website reflects a professional and consistent brand image, targeting activists, legal professionals, and supporters of civil liberties. Technically, the site employs modern web technologies with good mobile optimization and accessibility, though some security enhancements like DNSSEC and security headers could be improved. The security posture is solid with HTTPS and domain transfer protections, but lacks explicit incident response or security policy disclosures. Overall, the site is trustworthy, transparent, and well-aligned with its mission.

E

easyname

easyname.eu

67

easyname is a medium-sized Austrian technology company specializing in web hosting, domain registration, and website building services. The company targets individuals and businesses seeking reliable and easy-to-use online presence solutions. Their market position is that of an established regional player with a multilingual website offering a broad portfolio of services including VPS hosting, SSL certificates, and marketing tools. The website content is professional, well-structured, and designed to facilitate user engagement and conversion. Technically, the website leverages modern web technologies such as React and Chakra UI, with integrations for Google Tag Manager and a consent management platform to ensure privacy compliance. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data. Performance is moderate, with deferred scripts and optimized assets. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business claims, supporting legitimacy. Overall, easyname presents a trustworthy and professional online presence with good privacy compliance and a solid technical foundation. Strategic improvements in security headers and transparency around security policies would further enhance their security posture and trustworthiness.

A

astradirect Schließfächer GmbH

astradirect.de

51

astradirect Schließfächer GmbH is a German company specializing in providing locker rental services primarily for schools and students. They position themselves as the largest locker provider in Germany with over 6,300 satisfied schools. Their offerings include locker rentals, insurance packages for lockers and valuables, and innovative modular locker designs with digital locking systems using RFID technology. The company targets educational institutions and students, providing convenient online rental and service portals. Technically, the website is built using modern Angular framework (version 19.2.14) with good mobile optimization, accessibility, and SEO practices. Security-wise, the site enforces HTTPS, includes anti-clickjacking measures, and provides cookie consent mechanisms, although explicit security headers like CSP are not clearly visible. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the business information, indicating legitimacy and consistency. Overall, the website demonstrates a mature digital presence with good security posture and compliance, supporting a trustworthy business operation.

M

McDonald's Gerhard Schmid

mcdonalds-ulm.de

57

McDonald's Gerhard Schmid operates a regional franchise network of McDonald's restaurants across multiple towns in Germany. The website serves as an informational and promotional platform for the franchise, offering details on locations, job opportunities, delivery services, and current offers. The site is built on the Squarespace platform, leveraging its CMS and hosting capabilities, with a moderate level of technical sophistication and mobile optimization. Security posture is strong with HTTPS and HSTS enabled, though cookie consent mechanisms and detailed security policies are lacking. Overall, the site reflects a professional local franchise business with consistent branding and good user experience.

H

Hostsharing eG

hs.coop

56

Hostsharing eG operates hostsharing.coop, a Mastodon instance dedicated to members of their cooperative hosting community. The website serves as a social networking platform within the Fediverse, enabling decentralized communication. The business is positioned as a niche cooperative provider in the technology sector, focusing on privacy-respecting social media hosting since 2018. The site content is primarily in German, targeting cooperative members and Fediverse users. Technically, the platform uses Mastodon version 4.4.8 with modern web technologies including React and ES modules, providing a responsive and user-friendly experience. Security posture is generally good with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not evident. Privacy compliance is basic, with a privacy policy present but no cookie consent or terms of service pages found. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

F

Fachhochschule Dortmund

fh-dortmund.de

61

Fachhochschule Dortmund is a well-established public university of applied sciences in Germany offering approximately 70 Bachelor and Master degree programs across eight faculties. The institution targets prospective students, current students, academic staff, alumni, and industry partners, positioning itself as a key regional educational and research hub. The website reflects a professional and comprehensive digital presence with clear navigation, multilingual support, and extensive information on academic offerings, research, and career services. Technically, the site is built on the Sitepark CMS platform, employs modern JavaScript and SVG assets, and integrates Matomo analytics with privacy-conscious configurations. Security posture is strong with HTTPS enforcement, privacy-respecting analytics, and cookie consent mechanisms. No critical vulnerabilities or blocking mechanisms were detected. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

G

Große Kreisstadt Annaberg-Buchholz

annabergerweihnachtsmarkt.de

67

The Annaberger Weihnachtsmarkt website represents the official online presence of the Annaberg-Buchholz Christmas market, a culturally significant and family-friendly event in Germany. The site effectively promotes the event with rich content including program overviews, vendor information, and service offerings. It targets tourists, families, and local visitors, positioning itself as one of Germany's most beautiful Christmas markets with strong municipal backing. Technically, the site uses the Sitepark CMS platform with modern JavaScript libraries and is hosted on rzone.de servers. The website is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks explicit security policies and incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site is trustworthy, professional, and well-maintained, supporting the event's reputation and visitor engagement.

S

Shazam

shazam.com

65

Shazam is a globally recognized music discovery platform that enables users to identify songs quickly and access related music content such as concerts and charts. Owned by Apple Inc., it integrates deeply with the Apple ecosystem, including Apple Music and the App Store. The website demonstrates a modern, performant, and mobile-optimized design with clear navigation and professional branding. Technically, it leverages Next.js and JavaScript frameworks, with custom beacon tracking for analytics and error reporting. Security posture is good with HTTPS enforced and error beacons implemented, though explicit security headers and vulnerability disclosure mechanisms are absent. Privacy compliance is limited as no privacy or cookie policies were detected in the provided content. WHOIS data is unavailable, likely due to privacy or registry restrictions, but the website's legitimacy is supported by strong brand presence and Apple affiliation.

B

bildung.social

bildung.social

58

bildung.social is an independent Mastodon social network instance focused on education and digital transformation topics. It provides a federated platform for users interested in these areas to connect and share content. The platform is based on the open-source Mastodon software, version 4.4.8, and is hosted using OVH Cloud infrastructure. The website demonstrates good content quality and user experience with a consistent brand and active user engagement. Technically, the site uses modern web technologies including React and ES modules, with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enforced and some security best practices observed, though additional security headers could improve protection. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms and terms of service. WHOIS data is privacy protected, which is typical for such platforms, and does not raise immediate concerns. Overall, bildung.social is a legitimate, well-maintained social platform serving a niche educational community.

The website www.annaberg-buchholz.de serves as the official municipal portal for the Große Kreisstadt Annaberg-Buchholz in Saxony, Germany. It provides local news, event information, tourism details, and citizen services, positioning itself as a key information hub for residents and visitors. The site is professionally designed with consistent branding and good content quality, targeting a general audience interested in municipal affairs and local culture. Technically, the website is built on the Information Enterprise Server platform by Sitepark GmbH, utilizing modern JavaScript libraries such as jQuery and Slick Carousel for interactive elements. It is hosted on infrastructure likely provided by Deutsche Telekom AG, with HTTPS enabled ensuring secure communications. The site demonstrates good mobile optimization and accessibility features, though performance is moderate. From a security perspective, the site benefits from HTTPS and lacks visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and does not provide clear privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is available, indicating room for improvement in security transparency. Overall, the website is trustworthy and credible as a government portal but would benefit from enhanced privacy compliance and security policy disclosures to strengthen user trust and regulatory adherence.

B

Burgtheater

burgtheater.at

69

The Burgtheater website represents a well-established cultural institution in Austria, offering a comprehensive program of theatrical performances, educational offerings, and subscription services. The site targets theatergoers, educational institutions, and cultural enthusiasts, positioning itself as a key player in Vienna's cultural landscape. Technically, the website is built on Drupal with Bootstrap theming and uses modern JavaScript libraries such as Swiper for carousels and Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and accessible, with a professional design and clear navigation. However, there are notable gaps in privacy and security compliance, including the absence of visible privacy and cookie policies, lack of security headers, and no incident response contacts, which could expose the organization to compliance risks and reduce user trust. Overall, the domain registration data aligns well with the website's claims, supporting its legitimacy. Strategic improvements in privacy compliance and security posture are recommended to enhance trust and regulatory adherence.

Unilever PLC is a global leader in consumer goods, specializing in nutrition, hygiene, and personal care products. The company operates a large portfolio of well-known brands aimed at improving everyday life for consumers worldwide. The website reflects a mature digital presence with comprehensive content on corporate strategy, sustainability, and investor relations, targeting a broad audience including consumers, investors, suppliers, and partners. Technically, the website employs modern web technologies such as the Astro framework, optimized for performance and mobile responsiveness. It uses HTTPS with strong security headers and implements structured data for SEO enhancement. The site integrates standard analytics tools like Google Analytics and Tag Manager, with clear cookie and privacy policies indicating GDPR compliance. From a security perspective, the site demonstrates good practices including HTTPS enforcement, content security policies, and no visible vulnerabilities or exposed sensitive data. However, explicit incident response contacts and a security.txt file are not found, which could improve transparency and vulnerability management. Overall, the website is professional, secure, and compliant with privacy regulations, supporting Unilever's reputation as a trustworthy multinational corporation. The WHOIS data is not publicly available, likely due to privacy protection, which is justified for a company of this scale. Strategic recommendations include enhancing incident response visibility and maintaining regular security audits.

G

GranChef

granchefpremiumfood.it

56

GranChef is a specialized B2B e-commerce platform focused on distributing premium food products to upscale gastronomy clients, primarily in Italy and German-speaking markets. The website presents a professional and well-structured catalog with multi-level navigation, targeting professional chefs and hospitality businesses. Technically, the site is built on the Shopware CMS platform, leveraging modern JavaScript and SVG icons, with Google Tag Manager and CookieFirst for analytics and consent management. Security posture is solid with HTTPS enforced and cookie consent implemented, though improvements are needed in security headers and published policies. Overall, the site is trustworthy and functional but lacks some compliance documentation such as privacy policy and terms of service.

B

beige.party

beige.party

73

beige.party is an independent Mastodon social media server launched in 2022, serving a niche community described as friendly weirdos within the Fediverse. It operates on the open-source Mastodon platform version 4.4.7, providing decentralized social networking services without ads or algorithms. The website demonstrates a moderate level of digital maturity with modern web technologies, mobile optimization, and a functional user interface. However, it lacks comprehensive privacy and security policies such as cookie consent and terms of service. Security posture is adequate with HTTPS and domain transfer protection but could be improved by enabling DNSSEC and security headers. Overall, the site is legitimate and trustworthy for its community but would benefit from enhanced compliance and security transparency.

S

Schedler Music

schedlermusic.com

52

Schedler Music is a well-established independent music publishing company operating primarily in the German-speaking regions of Europe, including Austria, Germany, Switzerland, and Italy. Founded in 2004, it manages a broad repertoire of music rights and offers comprehensive services such as A&R, licensing, copyright management, and creative marketing. The company positions itself as a leading indie music publisher with the capabilities of a major label, supported by an international partner network. Their website reflects a professional and modern digital presence, built on WordPress, with responsive design and accessibility considerations. Social media integration and regular news updates indicate active engagement with their audience and industry stakeholders. Security-wise, the site uses HTTPS and has domain transfer protections, though DNSSEC is not enabled. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security or incident response policies are found. Overall, the website and domain registration data support a credible and trustworthy business with a solid market position in the music publishing industry.

M

muenster.im

muenster.im

51

muenster.im operates as an independent Mastodon server providing a federated social media platform primarily targeting users in Münster, Germany, and the broader fediverse community. The platform offers microblogging services with a focus on community engagement and decentralized social networking. The website content reflects active user participation with trending posts and a visible admin presence, indicating a small but engaged user base. Technically, the site leverages modern web technologies including React and ES modules, ensuring a responsive and user-friendly experience across devices. However, the hosting provider is not explicitly identified, and media assets are served from third-party object storage, suggesting a cloud-based infrastructure. Security posture is moderate; HTTPS is enforced, but critical security headers are missing, and the domain registration is expired, posing a risk to service continuity. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms and terms of service. Overall, the site is functional and trustworthy for general audiences but requires urgent domain renewal and enhanced security and compliance measures to improve resilience and user trust.

B

Bundesministerium für Digitales und Verkehr

mobilithek.info

65

Mobilithek.info is a German government-operated platform under the Bundesministerium für Digitales und Verkehr, providing open mobility data and serving as a national access point and marketplace for mobility data in Germany. The platform targets businesses, municipalities, data providers, and mobility enthusiasts from various sectors including economy, science, and public administration. It offers services such as data searching, data delivery facilitation, and community networking through a professional and well-maintained website. Technically, the website employs modern web technologies including JavaScript ES modules and Vue.js framework, with a responsive and accessible design optimized for mobile devices. The site demonstrates good SEO practices and fast performance, although no common CMS or hosting provider details are evident. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and explicit incident response or vulnerability disclosure mechanisms. Overall, the security posture is solid but could be improved by implementing additional security headers and publishing a security.txt or vulnerability disclosure policy. The WHOIS data is limited due to TLD restrictions and privacy, but the domain's association with a federal ministry strongly supports legitimacy. No signs of malicious activity or suspicious content were found, and the site maintains high standards of professionalism and trustworthiness.

C

checkdomain

checkdomain.de

64

Checkdomain.de is a professional German domain registration and web hosting service provider offering a wide range of digital solutions including domain checks, web hosting, website builders, SSL certificates, and marketing tools. The company targets individuals and businesses seeking to establish or enhance their online presence, with a strong market position supported by positive customer reviews and a comprehensive product portfolio. Technically, the website employs modern web technologies such as Vue.js, Google Tag Manager, and a consent management platform, ensuring good performance, mobile optimization, and SEO compliance. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, well-designed, and compliant with privacy regulations, making it a reliable platform for domain and hosting services.

H

Horizon Europe Community Österreich

horizon-europe-community.at

60

The Horizon Europe Community Österreich website serves as a specialized networking and collaboration platform for researchers, organizations, and citizens engaged with Horizon Europe funding in Austria. It facilitates matchmaking, event participation, and dissemination of funding opportunities, positioning itself as a niche community hub supported by the b2match platform. The site is well-structured, content-rich, and targets a professional audience interested in European research funding and cooperation. Technically, the site leverages modern web technologies including React with Next.js, Google OAuth for authentication, and WebSocket for real-time features, hosted on Google Cloud infrastructure. It demonstrates good digital maturity with mobile optimization and accessibility considerations. Security-wise, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms compliant with GDPR. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is trustworthy, professionally maintained, and aligned with its business purpose, with no signs of malicious content or vulnerabilities.

B

Börsenmedien AG

deraktionaer.de

60

DER AKTIONÄR is a leading German financial news and stock market magazine operated by Börsenmedien AG, established in 1996. The website offers daily updated market news, investment advice, podcasts, videos, and subscription services including e-paper and reports. It targets investors and financial market participants primarily in Germany. The business model combines content publishing with subscription and e-commerce revenue streams. Technically, the site uses modern JavaScript, GDPR-compliant consent management, and integrates advertising and tracking services responsibly. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS, privacy management, and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. WHOIS data confirms legitimacy and consistency with the business claims. Overall, the site is professional, trustworthy, and well-maintained.

O

ORF - Österreichischer Rundfunk

orf.at

73

ORF.at is the official news portal of ORF - Österreichischer Rundfunk, Austria's public broadcasting organization. The website delivers up-to-date news content including text, images, videos, weather, and sports, targeting the general Austrian public and international audiences interested in Austrian news. The site is well-branded and consistent with ORF's identity, reflecting its position as a leading media outlet in Austria. Technically, the website employs modern web technologies such as ES6 JavaScript, WOFF2 fonts, asynchronous script loading, and responsive design, ensuring good performance and accessibility across devices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response contacts are not found in the provided content. Privacy compliance is limited by the absence of visible privacy and cookie policies, which should be addressed to meet GDPR requirements fully. Overall, ORF.at is a professional, trustworthy, and technically mature news platform with room for improvement in privacy transparency and security disclosures.

V

Viega

viega.de

72

Viega Deutschland operates a professional and comprehensive website focused on plumbing, heating, and building technology products and services. The company positions itself as an established leader in energy-efficient and hygienic building solutions, targeting professionals and businesses in the construction and building services sector. The website is built on a mature technical infrastructure leveraging Adobe Experience Manager and Adobe Analytics, with GDPR-compliant consent management via Usercentrics. Security posture is good with HTTPS and tracking controls, though explicit security policies and contact information for incidents are not publicly visible. Overall, the site is well-designed, user-friendly, and trustworthy, supporting Viega's market position as a quality manufacturer and service provider in the energy and manufacturing sectors.

P

Peter Kaiser

peter-kaiser.com

63

Peter Kaiser is a historic and established European women's shoe brand with a strong online presence through its e-commerce platform. The website offers a wide range of women's shoes and bags, emphasizing quality, style, and fast delivery. The brand leverages modern digital tools including Shopware CMS, Google Tag Manager, and Usercentrics for consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The lack of WHOIS data reduces domain trustworthiness but the website content and branding strongly indicate a legitimate business. Overall, the site is professional, user-friendly, and trustworthy for its target audience.

J

Jugamax-Casino

jugamax-casino.com

57

Jugamax Casino is an online gambling platform targeting the Paraguayan market, offering a wide range of casino games including slots, live casino, video bingo, and poker. The site emphasizes legal compliance with Paraguayan regulations and provides various bonuses and promotions to attract players. Technically, the website uses modern web technologies such as JavaScript modules, React-like components, and Google Tag Manager for analytics and marketing. The site is well-optimized for mobile devices and provides a professional user experience with clear navigation and rich content. Security-wise, the platform employs SSL 256-bit encryption and holds PCI DSS certification, but lacks some advanced security headers and DNSSEC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. The domain WHOIS data is suspicious due to a future creation date and lack of registrant transparency, which lowers trust in the domain's legitimacy. Overall, Jugamax Casino presents a professional and engaging gambling platform with room for improvement in privacy and domain transparency.

F

Fastweb S.p.A.

fastweb.it

75

Fastweb S.p.A. is a leading Italian telecommunications and energy service provider offering fiber optic and ADSL internet, mobile telephony, and energy solutions for families, businesses, and enterprises. The company positions itself as a major player in Italy's digital transformation, providing bundled services and innovative digital tools such as FastwebAI and a comprehensive customer app. The website reflects a mature digital presence with clear service segmentation and strong branding consistency. Technically, the website employs modern web technologies including responsive design, video backgrounds, SVG icons, and advanced analytics tools like Piwik PRO and Google Tag Manager. The site is optimized for performance and mobile devices, with good accessibility and SEO practices. Security is robust with HTTPS enforcement, security headers, and privacy compliance mechanisms integrated into forms and user interactions. The security posture is strong, with publicly available security policies and responsible disclosure channels, although explicit DPO contact details and a security.txt file are not found. No vulnerabilities or suspicious patterns were detected. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and secure, supporting Fastweb's market position as a reputable telecommunications and energy provider in Italy. Strategic recommendations include enhancing transparency around data protection officer contacts and formalizing vulnerability reporting mechanisms.

D

Docusign

springcm.com

73

The website login.springcm.com serves as the secure login portal for DocuSign's SpringCM Contract Lifecycle Management platform. DocuSign, a leading enterprise in digital agreement management, provides this portal to enable business users to securely access contract management services. The site features professional branding consistent with DocuSign's corporate identity and supports advanced security features such as two-factor authentication. The technical infrastructure leverages modern web technologies including AngularJS and SpringCM's UX framework, with assets delivered via Akamai CDN to ensure performance and reliability. From a security perspective, the site enforces HTTPS and includes anti-CSRF tokens in its forms, demonstrating adherence to standard security best practices. However, explicit security headers such as Content-Security-Policy or X-Frame-Options are not evident in the HTML content, and no cookie consent mechanism is present, which could be improved to enhance privacy compliance. The absence of contact information and vulnerability disclosure pages limits transparency but is typical for login portals. Overall, the website presents a secure and professional interface aligned with enterprise standards. The lack of WHOIS data for the subdomain is expected and does not detract from legitimacy, as subdomains are not separately registered. Strategic recommendations include implementing security headers, adding cookie consent for GDPR compliance, and publishing vulnerability disclosure information to strengthen trust and compliance.

P

Parkhotel Laurin

laurin.it

63

Parkhotel Laurin is a historic luxury hotel located in Bolzano, Italy, established in 1910. The website presents a comprehensive hospitality business offering hotel accommodations, gourmet dining, bar services, meeting and event spaces, and direct booking benefits. The site targets tourists and business travelers seeking premium services in the South Tyrol region. Technically, the website employs modern tracking and consent management tools such as Google Tag Manager, Matomo Analytics, and Usercentrics CMP, hosted likely on Zeppelin Group infrastructure. The design is professional, mobile-optimized, and SEO-friendly, with clear navigation and multilingual support. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers could enhance protection. Privacy compliance is supported by a consent mechanism, but explicit privacy and terms of service pages were not detected. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website is trustworthy, professional, and well-maintained.

S

Stadtwerke Krefeld

swk.de

63

Stadtwerke Krefeld (SWK) is a regional utility provider in Germany offering a broad range of services including electricity, gas, heat, water, mobility, and waste management primarily serving private and business customers in Krefeld and the Niederrhein region. The company positions itself as a strong local partner with a focus on sustainable energy solutions such as 100% TÜV-certified green electricity and innovative mobility offerings including car sharing and public transport services. The website reflects a professional and modern digital presence built on Next.js with a focus on user experience and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms in place, though explicit privacy policies and security disclosures are not prominently found. The domain is hosted on Vodafone IP infrastructure and appears legitimate with consistent branding and partner ecosystem integration. Overall, SWK demonstrates a mature business and digital infrastructure with room for improvement in transparency around privacy and security policies.

S

Stadt Wuppertal

wuppertal.de

63

The website www.wuppertal.de serves as the official digital presence of the city government of Wuppertal, Germany. It provides comprehensive information and services related to citizen services, culture, education, economy, tourism, politics, and administration. The site targets residents, tourists, businesses, and cultural enthusiasts, positioning itself as a central hub for municipal information and interaction. The business model is that of a public sector entity delivering government services and information digitally. Technically, the website is built on the Sitepark CMS platform, leveraging modern web technologies including responsive design, SVG icons, and privacy-focused analytics via Matomo. Hosting and DNS are managed through Cloudflare, ensuring performance and security benefits. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs DNSSEC, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and minimal user tracking. However, explicit security policies and incident response contacts are not prominently available, which could be improved. Overall, the website reflects a mature digital infrastructure appropriate for a large municipal government entity. It balances user experience, privacy, and security effectively, supporting its role as a trusted source of official information and services.

M

MerchantPro

merchantpro.com

66

MerchantPro is a SaaS eCommerce platform provider offering a comprehensive suite of tools for merchants to create, manage, and grow online shops and marketplaces. With over 15 years of experience and more than 5000 merchants worldwide, the company positions itself as a stable and scalable solution for businesses of all sizes. The website reflects a professional and modern digital presence, emphasizing performance, security, and customer support. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and LinkedIn Insight for analytics and marketing, with responsive design and good SEO practices. Security posture is solid with HTTPS and secure cookie settings, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Privacy and cookie policies are comprehensive and GDPR compliant, but no direct company contact emails or phone numbers are provided, relying instead on contact forms and social media channels.

P

PlanetHoster

planethoster.com

60

PlanetHoster is a medium-sized technology company specializing in premium web hosting solutions including shared hosting, dedicated servers, hybrid cloud, and private cloud services. Established in 2007, it operates data centers in Canada, France, and Switzerland, serving over 60,000 customers worldwide. The company emphasizes performance, security, customer experience, and environmental responsibility, positioning itself as a top hosting provider in its markets. Technically, the website is built on a modern Angular framework with responsive design and good SEO practices. The infrastructure is self-hosted with proprietary network and advanced security measures such as DDoS protection, firewalls, SSL encryption, and regular backups. However, explicit security headers are not detected, and no public security policy or incident response contacts are found. The security posture is strong with 99.9% uptime guarantees and multiple certifications including ISO, PCI, SOC 2, and ICANN accreditations. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanism. The absence of WHOIS data for the domain is a concern, creating some uncertainty about domain registration legitimacy. Overall, PlanetHoster presents a professional and trustworthy web hosting service with robust technical and security foundations. Strategic improvements in transparency around security policies and domain registration details would enhance trust and compliance.

N

Netim

netim.com

76

Netim is a well-established ICANN-accredited domain registrar founded in 2004, offering a broad portfolio of over 1,300 TLDs including ccTLDs. The company provides domain registration, transfer services, email hosting, SSL certificates, and reseller and affiliate programs targeting individuals, SMEs, agencies, and corporations globally. The website demonstrates a professional and user-friendly design with clear navigation and relevant content tailored to its audience. Technically, the site uses modern frameworks such as Bootstrap and integrates analytics tools like Matomo and Cloudflare Insights, ensuring moderate performance and good mobile optimization. Security features include HTTPS, 2FA, login alerts, and DNSSEC support, although explicit security headers are not detected. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, but lacks a visible cookie consent mechanism. WHOIS data for the domain is missing or inaccessible, which is unusual and warrants further verification, though the overall legitimacy is supported by the company's market presence and trust signals. Overall, Netim presents a credible and secure platform for domain and hosting services with room for minor improvements in security headers and privacy mechanisms.

S

stempelservice.de

stempelservice.de

52

Stempelservice.de is a well-established German e-commerce retailer specializing in custom stamps and related accessories, boasting over 25 years of industry experience. The website offers a user-friendly online configurator for personalized stamps including text, logos, and various stamp types such as date, wood, and motivational stamps. Their market position is strengthened by strong customer trust signals including Trusted Shops and eKomi certifications, as well as positive customer reviews. The target audience includes businesses, schools, and private customers seeking quality stamp products.

iléwatt is a regional electric vehicle charging service operated by the European Metropolis of Lille (MEL), targeting residents and EV users within the metropolitan area. The service offers a subscription model with preferential rates and a mobile app for locating chargers and monitoring charging sessions in real time. The website is professionally designed, mobile-optimized, and provides comprehensive information about the service, subscription offers, and pricing. It integrates modern web technologies including Angular and Tealium for tag management and analytics. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR requirements. However, the absence of WHOIS data and lack of explicit security policy or incident response contact information slightly reduce the overall trustworthiness. The site maintains a high security posture with HTTPS and secure form practices, but could improve by adding explicit security headers and a vulnerability disclosure policy.

S

Sologne Nature Environnement

obssologne.fr

9

Obs'Sologne is a French regional biodiversity information platform managed by the non-profit association Sologne Nature Environnement. The website provides a comprehensive database of flora and fauna observations in the Sologne region, aiming to enhance knowledge and protection of local biodiversity. It targets naturalists, researchers, and the general public interested in environmental conservation. The platform offers species data, observation records, photos, mapping tools, and news updates. The business model is non-commercial and community-driven, relying on user contributions and association management. Technically, the website is built on a custom or lightweight CMS using Bootstrap 5.3 and SVG icons for a responsive and accessible user interface. Hosting is provided by Scaleway with DNS managed by o2switch.net. The site performs moderately well with good mobile optimization and basic SEO. However, it lacks advanced analytics, advertising, or tracking scripts, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS (implied by domain registrar and modern standards) but lacks visible security headers and explicit incident response or security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with legal mentions present but no cookie consent mechanism. Contact is only available via a form, with no direct emails or phone numbers published. Overall, the website is trustworthy and professionally presented for its niche non-profit purpose. Strategic improvements include implementing cookie consent, enhancing security headers, publishing explicit security and incident response policies, and providing clearer contact information. These steps would improve compliance, security posture, and user trust.

P

PFANNER, spol. s r.o.

pfanner.cz

69

PFANNER, spol. s r.o. is a family-owned company with over 30 years of tradition in the Czech and Slovak markets, specializing in the distribution and sale of premium food and beverage products. The company operates an e-shop and serves gastro businesses and suppliers, offering a portfolio of 31 brands and nearly 1000 products. The website reflects a professional and modern digital presence with clear navigation, mobile optimization, and rich content describing the company's history and offerings. Technically, the site uses modern web technologies including JavaScript modules, Google reCAPTCHA Enterprise for form security, and integrates Google Analytics and Facebook Pixel for marketing and analytics purposes. Security posture is good with HTTPS enforced and secure form handling, though security headers are not explicitly detected and no public security policy or incident response contacts are provided. The WHOIS data is unavailable, which slightly reduces trustworthiness, but the website content and contact information support legitimacy. Overall, the site is well-designed, compliant with GDPR, and suitable for its target audience.

B

Bouvet

bouvet.se

48

Bouvet is a Scandinavian publicly listed IT consultancy specializing in system development, business development, and design, with a strong focus on healthcare, public sector, and energy sectors. The company emphasizes creating digital solutions that contribute to societal benefits such as stable energy supply, efficient public services, and improved public health in Sweden. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation, targeting business and public sector clients. Technically, the site uses modern web technologies including Google Fonts, YouTube embeds, Matomo analytics, and LinkedIn Insight tags, hosted likely behind Cloudflare CDN, and built on the Enonic CMS platform. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and ISO 27001 certification, though some security headers could be improved and incident response contacts are not publicly detailed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, supporting Bouvet's market position as a leading IT consultancy in Scandinavia.

A

Amasty

amasty.com

76

Amasty is a well-established Magento 2 extension developer and ecommerce service provider with over a decade of market presence. The company offers a broad portfolio of Magento 2 Hyva-compatible plugins and professional development services aimed at improving ecommerce store performance and functionality. Their market position is strong within the Magento ecosystem, targeting ecommerce businesses and developers seeking reliable Magento solutions. Technically, the website demonstrates modern frontend technologies including Alpine.js and Hyvä UI, with Cloudflare DNS and CDN services ensuring performance and security. The site is mobile-optimized, SEO-friendly, and provides a smooth user experience. Security posture is solid with HTTPS, domain transfer protection, and no visible vulnerabilities, although DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, including GDPR. Recommendations include enabling DNSSEC, publishing security policies, and adding a vulnerability disclosure page to enhance transparency and security readiness.

M

Městský úřad Nymburk

mesto-nymburk.cz

47

The website www.mesto-nymburk.cz serves as the official online portal for the city of Nymburk, Czech Republic. It provides residents and visitors with comprehensive municipal information including news updates, event calendars, administrative services, and contact details. The site is well-structured to cater to the local community's needs, offering online appointment systems and access to official documents. The presence of social media links and a citizen portal enhances engagement and service accessibility. Technically, the site employs a custom CMS (vismoWeb5) with modern web technologies such as HTML5, CSS3, JavaScript, and integrates Google services like reCAPTCHA and Translate for security and accessibility. The website is mobile-optimized and includes accessibility features, contributing to a positive user experience. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and Google reCAPTCHA to protect forms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is addressed with privacy and cookie policies, though the cookie consent mechanism could be improved for explicit user consent. Overall, the website is a trustworthy and professional municipal portal with good content quality and technical implementation. The absence of WHOIS data limits domain trust verification, but the official nature and consistent branding support legitimacy. Strategic improvements in security headers, incident response transparency, and cookie consent would enhance the security posture and compliance.

B

Be Bouncy

bebouncy.com

9

Be Bouncy is an AI-driven social media management platform designed to simplify and optimize social media growth for creators, SMBs, and agencies. The platform offers a suite of tools including smart scheduling, analytics, automated moderation, and gamified team management, all powered by its AI agent Nimbus. The website demonstrates a modern technical infrastructure built on React and Next.js, providing a responsive and user-friendly experience. However, the absence of WHOIS registration data and some minor issues such as a suspicious YouTube link domain and lack of cookie consent mechanisms slightly reduce trustworthiness. Security posture is moderate with HTTPS implied but no explicit security headers detected. Overall, the platform presents a professional and promising solution in the social media SaaS market, but domain legitimacy verification and enhanced privacy compliance are recommended.

O

OpenStreetMap

osm.org

11

OpenStreetMap is a globally recognized open source mapping platform that provides free, editable maps created by a community of contributors. It holds a strong market position as a leading provider of open geospatial data and mapping services. The website offers a comprehensive suite of tools including map editing, search, directions, GPS trace uploads, and community engagement features, targeting a broad audience from casual users to professional mappers. Technically, the site employs modern JavaScript frameworks such as Leaflet.js and Turbo (Hotwire), with hosting provided by Fastly, ensuring fast performance and excellent mobile optimization. Security measures include HTTPS enforcement, CSRF protection, and use of Content Security Policy nonces, although some standard security headers are missing. Privacy compliance is basic, with a privacy policy and terms of use present but lacking explicit cookie consent mechanisms or GDPR-specific statements. No contact emails or phone numbers are provided on the main page, and no vulnerability disclosure or security.txt files are found. Overall, the site is professional, trustworthy, and safe for general audiences, with a high AI score reflecting strong content quality, technical implementation, and business credibility.

Z

Zalando

zalando.sk

59

Zalando.sk is a localized e-commerce platform operated by Zalando SE, a leading European online fashion retailer. The website offers a comprehensive range of fashion products including clothing, footwear, and accessories for women, men, and children. It features modern design, personalized recommendations, and seasonal promotions, targeting a broad general audience in Slovakia. The platform demonstrates strong digital maturity with a robust technical infrastructure leveraging React, RequireJS, and advanced consent management via Usercentrics. The site is well-optimized for mobile and accessibility, providing a seamless user experience. Security posture is solid with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly evident. Privacy compliance is supported by cookie consent mechanisms but lacks visible detailed privacy policy links in the provided content. Overall, Zalando.sk presents a trustworthy, professional, and secure online retail environment.

M

Mastodon.green

mastodon.green

62

Mastodon.green is an independent Mastodon server focused on providing a federated social networking platform with an environmental mission to plant trees while users engage. The site targets a general audience interested in decentralized social media, originally aimed at EU users but now open globally. The platform offers trending posts, hashtags, and user profiles, leveraging the open-source Mastodon software version 4.4.7. Technically, the site uses modern web technologies including React, ES modules, and secure HTTPS connections with script integrity checks, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and content security policies implied, though explicit security headers and incident response policies are absent. Privacy compliance is moderate with a privacy policy present but lacking cookie consent mechanisms and terms of service. WHOIS data is privacy protected, typical for such community-run servers, and does not detract from the site's legitimacy. Overall, Mastodon.green presents a trustworthy, well-maintained social platform with room for improvement in security transparency and privacy controls.