Security Directory

B

Bochum Marketing GmbH

bochum-tourismus.de

52

Bochum Marketing GmbH operates the official tourism website for the city of Bochum, Germany, providing comprehensive information on local attractions, events, accommodations, and cultural highlights. The website serves as a key digital platform to promote tourism and local engagement, targeting visitors and residents interested in exploring Bochum's offerings. The site is built on TYPO3 CMS and employs modern web technologies, including responsive design and accessibility features, ensuring a positive user experience across devices. While the site is well-branded and professionally maintained, it lacks explicit privacy and terms of service policies, which are important for compliance and user trust. Security posture is adequate with HTTPS enabled, but could be improved by adding security headers and formal incident response contacts. Overall, the website is a reliable and authoritative source for tourism information in Bochum, with room for enhancement in privacy and security transparency.

R

Ruth van Beek

ruthvanbeek.com

45

Ruth van Beek's website serves as a professional portfolio for the artist based in the Netherlands, showcasing her art and related book publications. The site targets art enthusiasts and potential gallery visitors, positioning itself as a niche artist platform with gallery representation and book sales. The business model revolves around art promotion and sales through galleries and publications. Technically, the website is built on the ProcessWire CMS with custom JavaScript and CSS, delivering a visually appealing and moderately performant experience with good mobile optimization. However, accessibility features are basic and could be improved. Security posture is moderate with HTTPS enabled and email obfuscation implemented, but lacks security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible GDPR compliance mechanisms. Overall, the website is trustworthy and professional but would benefit from improved security and privacy practices.

H

Harvey Lloyd Screens

harveylloydscreens.co.uk

55

Harvey Lloyd Screens is a small, established UK-based business specializing in bespoke screen printing services for artists, illustrators, and graphic designers. The company has a long history dating back to 1976 and operates an e-commerce platform hosted on Shopify, targeting creative professionals seeking high-quality screen printing solutions. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site leverages modern Shopify infrastructure and scripts, ensuring moderate performance and mobile optimization. Security posture is adequate with HTTPS enforced and use of hCaptcha for form protection, though explicit security headers are minimal. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. However, the WHOIS data for the domain is unavailable due to domain naming rules errors, which raises concerns about domain registration legitimacy. Overall, the site is trustworthy and functional but would benefit from enhanced security headers and clearer business contact information.

The website wfintern.de currently serves as a placeholder page with minimal content indicating that a new website is under construction. There is no substantive business information, contact details, or service descriptions available. The domain is hosted on servers associated with Agenturserver, a German hosting provider, but no registrant details or company information are provided to establish business identity or credibility. Technically, the site is very basic, consisting only of simple HTML and CSS without any advanced frameworks, scripts, or analytics integrations. Security posture is weak due to the absence of HTTPS and security headers, and there are no privacy or cookie policies to indicate compliance with data protection regulations. Overall, the site is not yet operational and lacks the elements necessary for a professional online presence.

P

People to People

people-to-people.de

58

People to People is a German-based small business specializing in socially conscious group travel, cultural products, books, and specialty goods. Their website reflects a niche market focus with offerings that combine e-commerce and travel services. The technical infrastructure is based on Shopware CMS with Matomo analytics, indicating a moderate level of digital maturity and privacy awareness. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy compliance mechanisms. The absence of direct contact emails and phone numbers reduces immediate customer trust signals. Overall, the website is accessible, well-structured, and professionally presented but could improve in privacy compliance and security best practices.

M

Mutual Aid LA Network

mutualaidla.org

58

Mutual Aid LA Network is a small non-profit organization serving as a connector and information hub for mutual aid efforts across Los Angeles. The website provides information about their projects, resource directories, and community engagement opportunities. Their market position is focused on local community solidarity and abolitionist principles, supporting mutual aid groups and individuals through various projects and donations. Technically, the website is built on WordPress.com using Jetpack and Gutenberg, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain registrar locks but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy and safe for general audiences but could improve in privacy and security transparency.

Ú

ÚZIS ČR

nzip.cz

60

The website www.nzip.cz serves as the National Health Information Portal of the Czech Republic, operated by the Ústav zdravotnických informací a statistiky České republiky (ÚZIS ČR). It provides authoritative and guaranteed information on healthy lifestyles, diseases, medical advice, and contact details for healthcare providers. The portal targets the general public seeking reliable health information. Technically, the site employs modern web technologies including JavaScript and CSS, and uses Matomo analytics hosted on a related domain, indicating a focus on privacy. The site is accessible without any WAF or blocking mechanisms and is optimized for mobile and accessibility standards. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and terms policies. WHOIS data is unavailable, which slightly reduces trust but does not detract from the site's legitimacy given its governmental affiliation. Overall, the site is professional, trustworthy, and serves an essential public health function.

A

AION CS, s.r.o.

zakonyprolidi.cz

54

Zákony pro lidi is a Czech legal information portal operated by AION CS, s.r.o., providing free and premium access to the consolidated collection of Czech laws, regulations, international treaties, EU law, and court decisions. The platform targets legal professionals, students, and the general public seeking reliable legal texts and tools. It operates a freemium business model with a paid subscription offering advanced features and ad-free experience. The website is well-established, with a professional design and consistent branding, positioning itself as a leading resource in the Czech legal information market. Technically, the website uses ASP.NET Web Forms with modern JavaScript libraries such as jQuery 3.5.1, and employs responsive design techniques for good mobile optimization. The site includes SEO best practices and accessibility features, although some security headers are not explicitly detected in the HTML content. Cookie consent mechanisms and privacy policies are implemented in compliance with GDPR requirements. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks visible security headers and published incident response contacts. No vulnerabilities or malware indicators were found. The absence of WHOIS data reduces trust slightly but does not indicate illegitimacy given the professional nature of the site and its clear business information. Overall, the website presents a low risk profile with strong content quality and business credibility. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to improve security posture and trust.

F

Font Squirrel

fontsquirrel.com

69

Font Squirrel is a well-established online platform specializing in providing free, high-quality fonts licensed for commercial use. The website targets graphic designers, web developers, and businesses seeking legally free fonts, offering a curated selection alongside useful tools such as a webfont generator and font identifier. The business model relies primarily on advertising revenue and affiliate partnerships with paid font vendors like Fontspring and Creative Market. The site maintains a professional appearance with clear licensing and privacy policies, supporting a trustworthy user experience. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations for Google Analytics and multiple advertising networks. The presence of a cookie consent mechanism and HTTPS enforcement indicates a mature approach to privacy and security compliance. Performance is moderate with good mobile optimization, though accessibility features are basic. No CMS or hosting provider details were explicitly detected. From a security perspective, the site benefits from HTTPS and cookie consent but lacks explicit security headers and documented incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data reduces domain trust slightly, but the professional site content and policies support legitimacy. Advertising practices are transparent with multiple ad networks and tracking services disclosed. Overall, Font Squirrel presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements include enhancing security headers, publishing security policies, and improving accessibility. These steps would further solidify trust and compliance in an evolving regulatory landscape.

A

Autoankauf Fix

autoankauf-fix.de

46

Autoankauf Fix is a German vehicle purchasing service specializing in buying cars, trucks, and other vehicles across Germany with free pickup. The company operates multiple city-specific locations, indicating a national presence. Their website is built on WordPress using the Astra theme and includes a multi-step form for vehicle sale inquiries. The business targets car owners in Germany seeking quick and convenient vehicle sales. Technically, the site is moderately optimized with good mobile responsiveness and SEO practices but lacks advanced security headers and privacy policies. Security posture is adequate with HTTPS and nonce usage in forms but could be improved with better headers and incident response information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

R

RTL

rtl.de

68

RTL.de is a leading German media and broadcasting website providing news, entertainment, sports, and streaming content primarily targeting a general German-speaking audience. The site offers a comprehensive range of services including live sports coverage, star news, lifestyle advice, and access to RTL's streaming platform RTL+. Technically, the website is built using modern web technologies such as Next.js and React, with optimized images and responsive design for mobile users. Security is well implemented with HTTPS and multiple security headers, although explicit privacy and cookie policies are not clearly found in the provided content. The site integrates several third-party analytics and advertising scripts, managed with consent mechanisms. Overall, RTL.de presents a professional and trustworthy digital presence consistent with a major media enterprise.

V

Verlag Neuer Weg

neuerweg.de

60

Verlag Neuer Weg is a specialized German publishing company focusing on progressive, antifascist, and Marxist-Leninist literature and media. Established in 1972 and part of Mediengruppe Neuer Weg, it serves a niche audience interested in socialist and internationalist content. The website is built on the Plone CMS platform, featuring a moderate technical infrastructure with standard web technologies and a functional but basic mobile and accessibility experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

M

MLPD

rotefahne-tv.de

63

MLPD is a German political party focused on leftist ideology and revolutionary themes, providing a rich media platform with videos, publications, and event information. The website serves as a hub for political content and outreach to supporters and the general public interested in their views. Technically, the site is built on the Plone CMS platform, utilizing modern JavaScript libraries such as Flickity and Masonry for a dynamic user experience. The site is mobile-optimized with good navigation and consistent branding. Security posture is adequate with HTTPS and some security best practices, but lacks advanced security headers and published policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with a moderate risk profile due to some missing security and privacy features.

É

Équipement De Vie

equipementdevie.com

70

Équipement De Vie is a small UK-based e-commerce business specializing in high-performance sailing shoes designed for both sea and land use. The company operates a professionally designed Shopify storefront with a clear brand identity and product focus. Their market position is niche, targeting sailing enthusiasts and customers seeking premium deck shoes. The website features essential e-commerce functionalities including product listings, customization options, and ambassador programs. Technically, the site leverages modern web technologies and Shopify's Broadcast theme, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. However, explicit contact information and security policies are not prominently available. Overall, the website is trustworthy and professionally maintained, suitable for its business model and audience.

H

Houzz

houzz.com

78

Houzz is a leading platform serving both construction and design professionals as well as homeowners seeking inspiration and services for home improvement projects. The company offers a comprehensive suite of software tools for professionals including 3D floor plans, project management, estimates, invoicing, and client dashboards. The website is well-branded, professionally designed, and targets a large audience in the real estate and home remodeling sectors. Technically, the site uses modern web technologies and provides a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and secure forms, though some security headers and explicit incident response information are not publicly visible. Privacy policies are comprehensive and GDPR compliant, but cookie consent mechanisms could be improved. The absence of WHOIS data in the raw output is unusual but does not detract significantly from the site's legitimacy given its market presence and content quality. Overall, Houzz presents a trustworthy and professional online presence with room for minor security and privacy enhancements.

C

Catched

catched.com

62

Catched is a specialized platform offering domain backordering and expired domain auction services, targeting domain investors and businesses seeking premium domains. The company has been established since 2003, indicating a mature presence in the domain marketplace niche. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site leverages Cloudflare for DNS and likely CDN services, and integrates third-party tools such as Tawk.to for live chat, OneSignal for push notifications, and Microsoft Clarity for analytics, reflecting a modern digital infrastructure. Security posture is adequate with HTTPS enabled and CSRF tokens present, but could be improved by enabling DNSSEC and implementing security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

Andrei Polgar's website serves as a professional personal brand platform showcasing his expertise as a PhD economist, entrepreneur, investor, YouTuber, and best-selling author. The site highlights his consulting services, speaking engagements, interviews, and educational content primarily focused on economics, finance, and investing in exotic assets such as cryptocurrencies and premium domains. The business model revolves around personal branding, content creation, and consulting services targeting individuals and organizations interested in economic insights and investment strategies. Technically, the website employs basic HTML, CSS, and JavaScript with older libraries like jQuery 1.7.1 and Cufon font replacement, hosted on StableHost servers. Performance and mobile optimization are basic, with room for modernization and improved accessibility. Security posture is moderate but lacks modern security headers, DNSSEC, and visible HTTPS enforcement details. No privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is trustworthy and professional but would benefit from technical and compliance improvements.

S

SPINX Digital

spinxdigital.com

69

SPINX Digital is a Los Angeles-based web design and development agency with over 18 years of experience serving leading brands. The company positions itself as a top digital agency specializing in creating professional websites and digital solutions for businesses. Their website reflects a mature and professional business model targeting companies seeking high-quality web design and development services. Technically, the website is built on WordPress CMS, utilizing modern frameworks such as Bootstrap and performance optimization tools like NitroPack. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a strong digital maturity. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks publicly available privacy, cookie policies, and incident response contacts, which are areas for improvement. Overall, the website is trustworthy and professional, but the absence of WHOIS data and privacy compliance documentation slightly reduces the trust score. Strategic recommendations include publishing comprehensive privacy and cookie policies, adding a vulnerability disclosure page, and enhancing incident response transparency.

The website spinxweb.net currently hosts minimal content, displaying only a placeholder message indicating that the website is coming soon. The domain is registered since 2008 with GoDaddy.com, LLC and is active until 2026, suggesting a stable registration history. However, the lack of substantive content, contact information, or business descriptions limits the ability to assess the company's market position or services. Technically, the site uses basic HTML and CSS with no detected frameworks or CMS, and no evidence of modern security practices such as HTTPS or security headers was found. The absence of privacy, cookie, or terms of service policies indicates low privacy compliance. Security posture is weak due to missing HTTPS confirmation and lack of DNSSEC. Overall, the site appears to be under development or inactive, with low trust and credibility indicators.

M

Masarykova univerzita

muni.cz

67

Masarykova univerzita is a prominent public university based in Brno, Czech Republic, offering a wide range of educational programs including bachelor, master, doctoral, and lifelong learning. The website reflects a mature digital presence with comprehensive content targeting prospective students, researchers, academic staff, and the general public. It maintains a consistent brand identity and provides multiple official channels for engagement including social media and partner sites. The technical infrastructure leverages modern analytics and tracking tools such as Matomo, Microsoft Clarity, and Google Analytics, integrated via Google Tag Manager, ensuring effective data collection and user behavior insights. The site is well-optimized for mobile and accessibility, with clear navigation and professional design.

A

ANIMA Magazine

anima-magazine.com

66

ANIMA Magazine is a niche digital media publisher specializing in design and architecture content, offering in-depth articles and visual storytelling for professionals and enthusiasts. The website demonstrates a modern technical infrastructure leveraging Cloudflare CDN and Alpine.js for interactivity, with a focus on performance and mobile optimization. Security posture is solid with HTTPS and domain registration protections, though improvements are needed in security headers and privacy compliance. The absence of explicit privacy and cookie policies represents a compliance gap. Overall, the site is professional and trustworthy but should enhance privacy transparency and security best practices to strengthen user trust and regulatory adherence.

The website deutscheurlauber.eu serves as a news aggregation platform focusing on incidents involving German tourists and cruise ships, particularly highlighting tragic maritime events and migration-related news. The site compiles headlines and links from various reputable German news outlets, targeting a general audience interested in these topics. The business model appears to be informational, without direct commercial services or e-commerce functionalities. Technically, the site employs modern web technologies including ES modules and CSS, delivering a moderately optimized and mobile-friendly experience. However, it lacks advanced SEO and accessibility features. From a security perspective, the site is accessible without WAF or blocking mechanisms but shows significant gaps. There is no evidence of HTTPS enforcement or security headers, no privacy or cookie policies, and no contact or incident response information. These deficiencies reduce the site's trustworthiness and compliance posture. No analytics or advertising scripts were detected, indicating minimal user tracking. The WHOIS data shows the domain is registered via a reputable registrar but lacks detailed registrant information, which slightly impacts legitimacy assessment. Overall, the site provides relevant and well-structured content but requires improvements in security, privacy compliance, and business transparency to enhance trust and professional standing. The risk level is moderate due to missing security best practices and lack of user data protection disclosures.

C

Christina Mäckelburg

christina-maeckelburg.de

58

Christina Mäckelburg's website is a professional portfolio showcasing her work as an illustrator and animator specializing in children's books. The site targets a general audience interested in artistic and creative services, positioning itself as a niche personal brand in the illustration industry. The business model is primarily portfolio-based, aimed at attracting clients or collaborators. Technically, the website employs modern web standards including ES modules, CSS, and video content, hosted behind Cloudflare DNS services. The site is mobile optimized with good SEO practices but lacks some accessibility features and security headers. Performance is moderate with a clean and visually appealing design. From a security perspective, the site uses HTTPS with a good SSL configuration and does not expose sensitive data or contain forms that collect user input. However, it lacks security headers and formal privacy or cookie policies, which are important for compliance and trust. Minimal user tracking is done via Plausible Analytics, which respects privacy better than many alternatives. Overall, the website presents a low-risk profile with good professionalism but could improve privacy compliance and security posture. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and enhancing contact options to improve user trust and regulatory compliance.

Affichage Public is a small Swiss cultural association founded in 2015 dedicated to promoting Swiss graphic design as a cultural heritage through exhibitions and events primarily in the French-speaking region of Switzerland. The website serves as an informational platform highlighting upcoming exhibitions, partner organizations, and the association's mission. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with jQuery, without advanced CMS or analytics integrations. Mobile optimization and accessibility are basic but functional. Security posture is minimal with no visible security headers or policies, and no HTTPS verification data available. Privacy and cookie policies are absent, which impacts compliance and user trust. The WHOIS data is consistent with the association's profile, showing no privacy protection and appropriate domain age. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

P

Paperform

paperform.co

64

Paperform is a technology company offering an AI-powered form builder platform designed to simplify the creation of customizable online forms. The website positions itself as a flexible and smart solution for businesses and individuals seeking to streamline workflows and data collection. The company appears to have a medium-sized presence in the SaaS market with a focus on user-friendly design and AI integration. Technically, the website is built using modern frameworks such as React and Gatsby, ensuring fast performance, good SEO, and excellent mobile optimization. However, the site lacks explicit privacy and cookie policies, which are critical for compliance and user trust. Security posture is generally good with HTTPS enabled, but the absence of security headers and incident response information suggests room for improvement. Overall, the website is professional and trustworthy, but enhancing privacy compliance and security transparency would strengthen its risk profile.

G

GitHub

github.blog

71

GitHub Blog is a professionally maintained content platform operated by GitHub, Inc., a leading technology company specializing in software development and collaboration tools. The blog serves as a key communication channel to deliver updates, insights, and educational content to developers worldwide, reinforcing GitHub's market position as a premier developer platform. The site targets software developers, engineers, and technology professionals, offering resources on AI, security, enterprise software, and developer skills. Technically, the website is built on WordPress with modern SEO and accessibility optimizations, ensuring fast performance and a responsive user experience across devices. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and vulnerability disclosure mechanisms are not prominently published on the blog. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Overall, the website demonstrates high business credibility, technical maturity, and content quality, supporting GitHub's brand and community engagement objectives.

G

GitHub

githubuniverse.com

60

GitHub Universe 2025 is a flagship global developer event hosted by GitHub, a leading technology company and subsidiary of Microsoft. The event focuses on innovation, collaboration, and AI-powered software development, targeting developers, engineers, and technology professionals worldwide. The website provides comprehensive event details including dates, location, agenda, speakers, ticketing options, and highlights from previous years. The business model centers on ticket sales for in-person attendance and free virtual participation, positioning GitHub Universe as a premier industry event with strong brand recognition and market presence. Technically, the website is built using modern web technologies such as React and Next.js, ensuring fast performance, mobile optimization, and good accessibility. The site is hosted with reputable DNS and registrar services, and employs HTTPS with strong domain registration security flags. However, there is room for improvement in DNS security (DNSSEC not enabled) and in publishing comprehensive privacy and security policies. From a security perspective, the site demonstrates good baseline practices including HTTPS enforcement and domain locking. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of explicit privacy, cookie, and security policies, as well as contact information for incident response, represents a compliance gap that should be addressed to enhance trust and regulatory adherence. Overall, GitHub Universe 2025's website is professional, trustworthy, and technically sound, supporting its role as a major industry event. Strategic improvements in privacy compliance and security transparency will further strengthen its security posture and user confidence.

Duo d’Art is a Swiss screen printing company established in 1932, recognized as the oldest in its sector in Switzerland. It specializes in screen printing and digital printing services for advertising, art prints, and large visual communication surfaces, including advertising on public transport. Since 2016, it operates as part of the Remarq SA group, enhancing its technical and human resources. The website presents clear contact information and certifications but lacks privacy and cookie policies, which are important for compliance. Technically, the site is basic with no detected CMS or advanced frameworks, and minimal mobile optimization. Security posture is weak due to missing security headers and unclear SSL status. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, the website is functional but could improve in security, privacy compliance, and technical modernization.

D

Diplom-Designer Jonas List

jonaslist.de

48

Jonas List operates as a freelance communication designer and full stack web developer based in Germany, specializing in creative coding and advanced web technologies such as WebGL and Web 3D. The business targets clients seeking innovative and boundary-pushing web design solutions. The website serves as a professional portfolio showcasing selected projects and providing clear contact information. Technically, the site is built using modern frameworks like Next.js and React, hosted behind Cloudflare DNS services, and includes minimal but effective analytics via plausible.io. The design is responsive and user-friendly, with good content relevance and navigation clarity. Security posture is moderate, with HTTPS implied but no explicit security headers detected, and no privacy or cookie policies present, indicating compliance gaps. Overall, the site is legitimate and professional but would benefit from enhanced security and privacy measures.

M

Marc Morro

marcmorro.com

61

Marc Morro is a professional furniture designer based in Barcelona, specializing in creative and commissioned/custom furniture design. The website serves as a portfolio showcasing various furniture projects and collections, targeting individuals and galleries interested in unique designer furniture. The site is built using modern web technologies such as SvelteKit, ensuring a fast, mobile-optimized, and accessible user experience. However, the absence of WHOIS data raises concerns about the domain's registration legitimacy, which impacts overall trust. Security posture is moderate with HTTPS implied but lacking security headers and formal privacy or cookie policies. Contact information is clearly provided, enhancing business credibility.

Tiro Typeworks is a specialized digital type foundry founded by John Hudson and Ross Mills, focusing on creating custom fonts for multilingual publishing and computing. The company operates a professional and well-structured website showcasing a broad catalog of fonts, articles, and licensing information. Their market position is that of a niche player with international reach, serving publishers, typographers, and scholars. The business model revolves around font licensing and custom font creation, targeting a specialized audience in the technology and publishing sectors. Technically, the website is built on Craft CMS and employs modern web technologies including JavaScript, CSS, and HTML5. It uses Cloudflare Turnstile captcha for form security and Fathom Analytics for privacy-conscious visitor tracking. The site is mobile-optimized, SEO-friendly, and performs well with fast loading times and good accessibility features. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, but lacks explicit security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism was found. Contact information is limited to a subscription form, with no direct emails or phone numbers publicly listed. Overall, the website is trustworthy and professional, though the absence of WHOIS data for the domain reduces domain registration transparency and slightly impacts trust. Strategic improvements include adding security headers, publishing security and incident response policies, and implementing cookie consent to enhance privacy compliance.

exljbris.com is the official website of exljbris Font Foundry, owned by Jos Buivenga, specializing in font design and distribution. The site offers a portfolio of proprietary fonts including free and commercial options, targeting graphic designers and typographers. The business operates as a small niche foundry with a long-established domain since 2007, indicating stable market presence. Technically, the website uses legacy font replacement technologies such as Cufon and SIFR, alongside JavaScript libraries like Prototype.js and Scriptaculous. Hosting is provided via Argewebhosting, with moderate performance and basic mobile optimization. SEO and accessibility features are minimal, reflecting a dated technical infrastructure. Security posture is basic with no DNSSEC, no visible security headers, and mixed content loading (http and https). The domain is protected against unauthorized transfers but lacks modern security enhancements. Privacy compliance is weak, with no privacy or cookie policies and moderate user tracking via StatCounter and Google Analytics without clear disclosures. Overall, the website is functional and moderately trustworthy but requires modernization in security, privacy compliance, and technical implementation to improve user trust and regulatory adherence.

Big Cartel is a specialized e-commerce platform designed to empower artists and small businesses to create and manage online stores with ease. The company offers a tiered pricing model starting with a free plan, targeting a niche market of creative entrepreneurs. The website demonstrates a strong market position within the e-commerce sector by providing customizable templates, product management tools, and integrated payment options tailored for small-scale sellers. Technically, the site leverages modern web technologies such as React and Next.js, ensuring fast performance, mobile responsiveness, and good SEO practices. Security is robust with HTTPS enforcement and comprehensive security headers, although there is room for improvement in public security policy disclosures and incident response visibility. Overall, the site is professional, trustworthy, and well-optimized for its target audience, though the lack of publicly available WHOIS data introduces some uncertainty regarding domain registration details.

The website matteovenet.org is a personal portfolio site for an individual named Matteo Venet, primarily showcasing visual projects or artworks. The site is built on WordPress and uses standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is basic but functional, with HTTPS enabled and a moderate performance profile. However, the site lacks key compliance and security features such as privacy and cookie policies, security headers, and contact information. No analytics or tracking tools are present, indicating minimal user data collection. The domain registration is consistent with the website content and shows no suspicious patterns, supporting legitimacy. Overall, the site is suitable for general audiences with safe content but would benefit from improved security and compliance measures.

W

Weltformat Festival

weltformat-festival.ch

48

Weltformat Festival is a Swiss cultural event specializing in typography and graphic arts, offering exhibitions, workshops, and curated programming. The website serves as an informational and promotional platform for the festival, targeting a general audience interested in design and culture. The business operates as a small-scale event organizer within the media sector, with a niche market position focused on cultural and artistic communities. Technically, the website employs modern web technologies including Vue.js and JavaScript ES modules, with a clean and professional design. The site is accessible over HTTPS and includes SEO-friendly metadata and structured data. However, mobile optimization and accessibility features are basic, and no analytics or tracking technologies are detected, indicating a privacy-conscious or minimalistic approach. From a security perspective, the site benefits from HTTPS but lacks important security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No contact or incident response information is provided, limiting transparency and responsiveness in case of security issues. No vulnerabilities or suspicious elements were detected in the provided content. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security hardening, and improved contact transparency to strengthen trust and regulatory adherence.

E

East Side Studio

eastsidestudiolondon.co.uk

66

East Side Studio is a small UK-based e-commerce business specializing in affordable modern art prints, supporting independent artists with framed and unframed options and global shipping. The website is built on the Shopify platform, leveraging a modern tech stack with integrations for marketing, analytics, and user engagement tools. The technical infrastructure is solid with good mobile optimization and performance, though some accessibility features could be improved. Security posture is good with HTTPS and some anti-copy protections, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

G

GitHub, Inc.

gh.io

65

GitHub, Inc. operates one of the world's leading developer platforms, providing a collaborative environment for millions of developers and businesses globally. The platform offers a comprehensive suite of tools including code hosting, code review, CI/CD automation, security scanning, and AI-powered coding assistance. As a Microsoft subsidiary, GitHub holds a strong market position with enterprise-grade services and a vast open source community. The website reflects a mature digital presence with excellent content quality, clear navigation, and professional branding. Technically, GitHub's website leverages modern web technologies such as React and Turbo, hosted on AWS infrastructure with Contentful CMS integration. The site demonstrates fast performance, mobile optimization, and good accessibility standards. Security practices are robust, with HTTPS enforced, multiple security headers, and secure form handling. Minor improvements such as enabling DNSSEC could further enhance DNS security. The security posture is strong, supported by certifications like ISO 27001 and SOC 2, and a clear incident response framework with dedicated security contact channels. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. No critical vulnerabilities or suspicious indicators were found during analysis. Overall, GitHub's website and domain registration details confirm a legitimate, enterprise-grade platform with high trustworthiness. Strategic recommendations include enabling DNSSEC, continuous dependency auditing, and enhanced transparency on data retention to maintain leadership in security and compliance.

European Architectural Supply, Inc. is a specialized supplier of high-performance European windows and doors, focusing on energy-efficient building projects such as Passive House and Net Zero Energy constructions. The company has been operating since 2003 and positions itself as a premier North American provider with a strong emphasis on custom craftsmanship and collaboration with architects and contractors. Their product offerings include custom wood, aluminum, and uPVC windows and doors with advanced energy performance features. Technically, the website uses basic HTML, CSS, and JavaScript with an outdated jQuery version and Google Analytics for tracking. The site is hosted behind Cloudflare DNS but lacks modern security headers and cookie consent mechanisms. Performance and mobile optimization are basic, and SEO is minimally addressed through meta keywords and descriptions. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and visible security policies. No privacy or cookie policies are present, and no incident response or vulnerability disclosure information is provided. The WHOIS data indicates a legitimate, long-standing domain registration consistent with the business claims, enhancing trustworthiness. Overall, the website is functional and professional but would benefit from improved privacy compliance, updated technical stack, and enhanced security practices to better protect users and align with modern standards.

4

475 High Performance Building Supply

475.supply

68

475 High Performance Building Supply operates a professional e-commerce platform specializing in high quality building envelope solutions. The company combines product sales with educational resources and training to support building professionals and contractors. Their market position is niche but well established within the construction and building supply industry. The website is built on Shopify, leveraging modern web technologies and optimized for performance and accessibility. Security posture is strong with HTTPS, security headers, and secure forms, though no explicit security policy or incident response page was found. Privacy compliance is good with clear privacy and cookie policies and GDPR indicators. Overall, the site presents a trustworthy and professional digital presence with moderate business credibility and technical maturity.

W

Wyss Sebastian

wyssseb.ch

45

Wyss Sebastian's website is a personal WordPress blog hosted on a standard WordPress platform using the Twenty Twenty-Five theme. The site currently contains minimal content, with no published blog posts or business-related information. The technical infrastructure is modern and secure, utilizing HTTPS and standard WordPress technologies, but lacks advanced SEO, accessibility, and security headers. There are no privacy or cookie policies, nor any contact or incident response information, which limits compliance and trustworthiness. Overall, the site is safe and suitable for general audiences but lacks professional business features and security maturity.

M

Megi Zumstein

megizumstein.ch

51

Megi Zumstein is a graphic designer based in Luzern, Switzerland, presenting a professional portfolio website showcasing various cultural and artistic projects. The website targets a general audience interested in graphic design and cultural collaborations, positioning itself as a niche individual professional service provider. The site features modern frontend technologies such as Alpine.js and SVG graphics, with a responsive design and good navigation clarity. However, it lacks comprehensive privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. Technically, the website is built with modern web standards, uses HTTPS, and loads efficiently, but it could benefit from improved accessibility features and security best practices such as implementing security headers. No analytics or tracking scripts were detected, indicating minimal user tracking and good privacy from that perspective. From a security standpoint, the site has a good SSL configuration but lacks security headers and formal policies related to privacy and incident response. The domain uses privacy protection for WHOIS data, which is reasonable for a small business or individual professional. No suspicious patterns or vulnerabilities were identified in the content or technical setup. Overall, the website is professional and functional but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve trust and regulatory adherence.

N

Neo Neo

neoneo.ch

51

Neo Neo is a Swiss-based graphic design studio specializing in creative services including graphic design, type design, curating, and publishing. The website serves as a comprehensive portfolio showcasing projects from 2010 through 2024, highlighting a strong presence in cultural and artistic sectors. The business targets a general audience interested in high-quality graphic design and cultural projects. Technically, the website is built on WordPress with Yoast SEO plugin, indicating a moderate level of digital maturity and SEO awareness. The site is mobile optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

S

Studio Tillack Knöll

studiotillackknoell.com

48

Studio Tillack Knöll is a small, specialized design practice based in Stuttgart, Germany, focusing on visual communication, spatial design, and graphic design services. Their portfolio includes exhibitions, wayfinding systems, book design, branding, and digital experiences for clients in architecture, art, science, commerce, cultural institutions, and NGOs. The website presents a professional and well-structured portfolio with recent activity and project showcases, indicating an active and reputable studio with international recognition. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and SEO enhancements via Yoast SEO. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Hosting is inferred to be with GoDaddy.com, LLC, consistent with the domain registrar data. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and DNSSEC. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms. Contact information is primarily via a contact form and physical address; no direct emails or phone numbers are publicly listed. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security headers to strengthen its security posture and regulatory adherence.

F

Fons Hickmann M23

m23.de

38

Fons Hickmann M23 is a Berlin-based design studio specializing in complex communication systems and graphic design projects. The website showcases a professional portfolio with diverse projects including posters, campaigns, animations, and editorial designs, targeting cultural institutions and design professionals. The business is well-established with a domain age dating back to 2002, indicating a mature presence in the design industry. Technically, the website is built on WordPress with modern JavaScript libraries such as Flickity and Plyr, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers which could enhance protection. Privacy compliance is weak due to absence of privacy and cookie policies, representing a compliance risk. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and content-rich but would benefit from improved privacy and security practices.

E

Eddy Terki

eddyterki.fr

38

Eddy Terki's website is a professional portfolio showcasing a graphic design atelier based in France, specializing in editorial design, visual identity, signage, and website creation. The site is built on Drupal 8 and hosted by OVH, reflecting a moderate level of technical maturity. The content is rich and well-structured, targeting clients and collaborators in the creative and educational sectors. However, the site lacks critical privacy and cookie policies, which impacts GDPR compliance and overall privacy posture. Security measures such as HTTP security headers are absent, and no explicit contact information or incident response channels are provided, which could affect trust and responsiveness. Overall, the domain registration data aligns well with the website content, indicating legitimacy and consistency.

Bento is a technology company offering a comprehensive email marketing and CRM platform tailored for small businesses. Founded in 2019, Bento provides an all-in-one solution that includes marketing automation, transactional email services, AI-powered CRM features, and spam protection. The company positions itself as a user-friendly and developer-friendly platform with strong deliverability and enterprise-grade security, evidenced by its SOC 2 Type II compliance. The website reflects a modern, professional brand with clear messaging and a focus on ease of use and integration capabilities. Technically, Bento's website is built using modern web technologies including React and Next.js, hosted with Cloudflare DNS and leveraging cloud media services. The site is fast, mobile-optimized, and accessible, with good SEO practices and structured data enhancing search visibility. Security best practices are observed with HTTPS enforcement, security headers, and domain registration protections, although DNSSEC is not enabled. Privacy compliance is an area for improvement as no explicit privacy or cookie policies are present. From a security perspective, Bento demonstrates a mature posture with SOC 2 Type II certification and features like Spam Shield to maintain email list hygiene. No vulnerabilities or exposed sensitive data were detected in the analysis. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for enhancing transparency and readiness. Overall, Bento presents a trustworthy and professional online presence with strong technical and security foundations. To further improve, the company should address privacy compliance gaps, publish comprehensive policies, and enhance contact options to build greater user trust and regulatory adherence.

N

Netzwerk hdw nrw

hdw-nrw.de

59

Netzwerk hdw nrw operates as a regional educational network focused on higher education didactics in Nordrhein-Westfalen, Germany. The website offers a variety of workshops, coaching, certificates, and working groups aimed at academic professionals such as lecturers, deans, and scientific staff. Their market position is that of a specialized provider for professional development in university teaching within the NRW region. Technically, the site uses a custom CMS with standard web technologies including jQuery and CSS, and it is moderately optimized for mobile devices. Security posture is adequate with HTTPS usage but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and content-rich, serving its target audience effectively.

H

Hochschule Bielefeld

fh-bielefeld.de

61

Hochschule Bielefeld (HSBI) is a German university of applied sciences providing education, research, and transfer services primarily to students, academic staff, and regional partners. The website offers comprehensive information about study programs, research projects, transfer activities, continuing education, and international services. The institution holds a solid regional market position as a medium-sized educational entity in Germany. Technically, the website is built on a custom CMS with jQuery and standard web technologies, featuring good mobile optimization and SEO practices. Security posture is strong with HTTPS and multiple security headers, though some improvements are recommended in privacy compliance and incident response transparency. Overall, the site is professional, trustworthy, and well-structured, serving its target audience effectively.

B

BuySellAds.com, Inc.

coin.network

55

Coin.Network is a specialized crypto advertising network operated by BuySellAds.com, Inc., focusing on connecting advertisers with niche, engaged crypto audiences through programmatic display and native ads. The platform serves over 133 million monthly ad impressions and is trusted by major crypto brands and publishers, positioning itself as a key player in crypto ad tech. The website is professionally designed, mobile-optimized, and built on the HubSpot CMS platform, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, and contact information is readily available. Overall, Coin.Network presents a credible and trustworthy business with a strong market presence in crypto advertising.

G

GitHub, Inc.

githubnext.com

68

GitHub Next is a research and engineering team within GitHub, focusing on exploring the future of software development through prototyping innovative tools and technologies. Their work targets software developers and engineering teams, aiming to improve productivity and collaboration using AI and other advanced technologies. The website reflects a professional and enterprise-grade digital presence consistent with GitHub's brand and market position. Technically, the site is built using modern web technologies including Next.js and React, ensuring good performance, mobile optimization, and accessibility. The infrastructure appears robust with reputable DNS and hosting providers. However, some standard security practices like DNSSEC are not enabled, and security headers information is not available from the data. From a security perspective, the site uses HTTPS and domain registration protections, but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy and cookie policies are also absent, which may impact compliance with regulations like GDPR. No contact emails or phone numbers are provided, which limits direct communication channels. Overall, the website is trustworthy and professional but could improve in privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and incident response information.