Security Directory

The domain jailbulb.com currently serves a 404 Not Found error page with embedded information indicating it is used by Admiral, a service provider specializing in copyright access control and privacy compliance for digital publishers. The site content is minimal and primarily informational about the service's role in managing copyright and privacy consent under laws such as GDPR. The technical infrastructure is hosted on Google Cloud Platform with AWS DNS servers, employing HTTPS with frequent certificate rotation. Security practices are described as robust, with no executable content hosted and continuous scanning for vulnerabilities. However, the site lacks explicit privacy or cookie policies, contact information, and business branding, limiting its content quality and business credibility. No WAF or security challenge was detected, and the domain registration data is consistent and legitimate. Overall, the site functions as a service endpoint rather than a traditional business website.

L

LIPTON

liptonteas.com

69

LIPTON Teas and Infusions is a globally recognized brand specializing in tea blending and infusions, with a heritage dating back to 1871. The website presents a professional and consistent brand image, targeting a general consumer audience interested in tea products. The digital infrastructure leverages modern web technologies including JavaScript frameworks, Google Tag Manager, Microsoft Clarity for analytics, and Usercentrics for consent management, indicating a mature digital presence. However, the absence of WHOIS data and lack of visible privacy and cookie policies suggest areas for improvement in transparency and compliance. Security posture is moderate with room for enhancement in security headers and explicit security policies. Overall, the website is functional, well-branded, and trustworthy but would benefit from improved privacy compliance and clearer contact information.

S

Shopify

shopify.com

69

Shopify is a leading global ecommerce platform that enables entrepreneurs and enterprises to start, grow, and manage online and in-person businesses. The platform offers a comprehensive suite of tools including online store creation, point-of-sale hardware and software, multichannel selling, marketing, analytics, and B2B commerce solutions. Shopify's market position is strong, supported by a large merchant base and a rich ecosystem of apps and developer tools. Technically, the website is built on modern web technologies such as React and is hosted on Shopify's own infrastructure, delivering fast performance and excellent mobile optimization. Security posture is robust with HTTPS enforcement, strong security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Overall, Shopify demonstrates a mature digital presence with high trustworthiness and compliance with privacy regulations like GDPR.

P

Pukka Herbs

pukkaherbs.com

68

Pukka Herbs is a well-established UK-based company specializing in organic herbal teas and supplements, emphasizing sustainability and wellbeing. Their website showcases a comprehensive product range, rich content including wellbeing articles, recipes, and a strong commitment to organic and fair trade certifications. The digital infrastructure is modern, leveraging Vue.js and Vue Storefront 2, providing a responsive and user-friendly experience. Security posture is strong with HTTPS and security headers implemented, though no explicit security policy or incident response information is published. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website reflects a professional and trustworthy e-commerce platform with a focus on organic wellness products.

A

Auth0 Inc.

jwt.io

67

JWT.io is a specialized online tool provided by Auth0 Inc., a leading identity platform company owned by Okta. The website offers developers a secure and user-friendly interface to decode, verify, and generate JSON Web Tokens (JWTs), which are widely used in modern authentication and authorization systems. The site is well-positioned in the developer tools market, leveraging the strong brand and technical expertise of Auth0 and Okta. It targets developers and IT professionals seeking reliable JWT utilities and educational resources.

H

Hoefler&Co.

typography.com

67

Hoefler&Co. is a specialized font foundry that designs and licenses fonts for print, web, and mobile environments. The company has an established market presence since 1996, targeting designers and creative professionals. Their website reflects a professional brand with a focus on typography and font services. Technically, the site uses a modern React-based frontend hosted on AWS infrastructure, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

The website potaroo.net is a personal technical resource maintained by Geoff Huston, a recognized figure in Internet infrastructure and network operations. The site offers a rich collection of ISP articles, technical papers, books, presentations, podcasts, and tools primarily targeting network engineers, researchers, and technology professionals. It is supported by APNIC sponsorship, indicating a degree of authority and trust within the Internet community. The business model is content publishing and knowledge sharing, with a niche market position focused on Internet technology education and research. Technically, the website employs a straightforward HTML/CSS/JavaScript stack with Google Analytics for visitor tracking. The site demonstrates moderate performance and basic mobile optimization and accessibility. However, there is no evidence of a modern CMS or advanced frameworks. SEO and accessibility features are basic but functional. Security-wise, HTTPS usage is implied but not explicitly confirmed, and no security headers were detected in the provided data. The site lacks privacy, cookie, and terms of service policies, which impacts compliance and user trust. No contact or incident response information is provided, limiting transparency. Overall, the security posture is moderate with room for improvement in headers, policies, and disclosure mechanisms. The WHOIS data is notably missing or inaccessible, which raises questions about domain registration legitimacy despite the active and professional content. No WAF or blocking mechanisms were detected, and the content is safe for general audiences with no adult or explicit material. Strategically, the site would benefit from enhanced privacy and security disclosures, improved mobile and accessibility features, and clarification or correction of WHOIS registration data to bolster trust and compliance.

The superficialspring.com domain currently serves a 404 Not Found error page with minimal content describing its role as a domain hosted by Admiral to provide copyright access control and privacy consent management services for digital publishers. The domain is registered with NameCheap and hosted on Google Cloud Platform, using AWS DNS servers. The technical infrastructure is basic, with no advanced frameworks or CMS detected. Security practices are described in the content, including HTTPS enforcement and frequent certificate rotation, but no explicit security headers or privacy policies are published on the domain. The absence of active content, privacy policies, and contact information limits the website's usability and trustworthiness. Overall, the domain appears legitimate as a service domain for Admiral but lacks direct business-facing content or user engagement features.

G

GitHub, Inc.

github.io

76

GitHub Pages documentation site provides comprehensive guidance on creating and managing static websites hosted directly from GitHub repositories. The site targets developers and technical users, offering detailed instructions on using GitHub Pages, Jekyll integration, custom domains, and HTTPS security. As part of GitHub, Inc., a Microsoft subsidiary, the site benefits from a strong market position in the technology sector, serving a large enterprise audience globally. Technically, the site is built using modern web technologies including React and Next.js, ensuring fast performance, mobile optimization, and good accessibility. The hosting infrastructure is robust, likely leveraging GitHub's own platform and Microsoft Azure services. The site demonstrates good SEO practices and a professional design consistent with GitHub's branding. From a security perspective, the site enforces HTTPS and follows best practices to avoid exposing sensitive data. While explicit security headers and vulnerability disclosure information are not directly visible, the overall security posture is strong. Privacy compliance is well addressed with clear links to comprehensive privacy and terms of service documents, although a cookie consent mechanism is absent. Overall, the GitHub Pages documentation site is a high-quality, trustworthy resource with excellent content and technical implementation. Minor improvements could include adding cookie consent and explicit security policy disclosures to enhance compliance and transparency.

The domain fearlessfaucet.com currently serves as a 404 Not Found error page with no accessible business content. The domain is used by Admiral, a service provider specializing in copyright access control and privacy consent management for digital publishers. The page content describes the service's role in enabling compliance with copyright laws and privacy regulations such as GDPR, but does not provide direct business information or user-facing services. Technically, the domain is hosted on Google Cloud Platform with standard web technologies (JavaScript, HTML, CSS) and enforces HTTPS with frequent certificate rotation. Security practices are described as robust, with no executable files hosted and continuous scanning in place. However, no privacy or cookie policies, contact forms, or business contact details are present on the site, limiting user trust and compliance transparency. The domain WHOIS data is consistent and transparent, registered via NameCheap since 2021 without privacy protection, which aligns with its use as a service domain. Overall, the site lacks substantive content and business presence, resulting in a low content quality and business credibility score.

O

OVHCloud

ovh.net

52

The website proof.ovh.net serves as a technical utility platform provided by OVHCloud, offering network speed testing and iperf3 server capabilities. It targets general users and network professionals seeking to measure bandwidth and connection quality using OVHCloud infrastructure. The site integrates third-party speedtest technology from nPerf and links to multiple OVH proof subdomains, reinforcing its role as a service node within OVHCloud's ecosystem. The business model is service-oriented, focusing on infrastructure performance validation rather than direct commercial transactions. From a technical perspective, the site employs basic HTML, CSS, and JavaScript with iframe embedding for the speedtest widget. The hosting is presumably on OVHCloud infrastructure, consistent with the branding. The site is functional but minimalistic, lacking advanced frameworks or CMS. Performance is moderate with basic mobile optimization and accessibility features. SEO and metadata are minimal but adequate for the site's purpose. Security posture is moderate but could be improved. No HTTPS or security headers were explicitly detected in the provided data, and no privacy or cookie policies are present, which limits compliance with GDPR and other regulations. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the content aligns with OVHCloud branding. No forms or user data collection mechanisms reduce attack surface but also limit user engagement. Overall, the site is low risk but lacks comprehensive compliance and security best practices. Strategic improvements in security headers, privacy policies, and domain registration transparency would enhance trust and compliance.

I

InMobi

inmobi.com

64

InMobi is a large technology company specializing in mobile advertising and consumer platforms. Founded in 2007, it operates multiple consumer brands such as Glance, Roposo, Nostra, and 1Weather, alongside a leading mobile advertising platform. The company focuses on leveraging AI and consumer-first technology to enhance mobile experiences and advertising effectiveness. The website reflects a mature digital presence with modern technologies and professional branding. However, the absence of WHOIS data and lack of explicit privacy and cookie policies indicate areas for improvement in transparency and compliance. Security posture is strong with HTTPS and no visible vulnerabilities, but security headers and incident response information are missing. Overall, InMobi presents as a credible and established business with a solid technical foundation but could enhance privacy compliance and security disclosures.

P

Proton AG

protonmail.com

71

Proton AG operates Proton Mail, the world's largest secure email service with over 100 million users, headquartered in Switzerland. The company offers a suite of privacy-focused services including encrypted email, calendar, cloud storage, password manager, VPN, and more, targeting privacy-conscious individuals, journalists, activists, and businesses. Proton's business model is freemium, providing free secure email accounts supported by paid subscription plans with enhanced features. The company is well-positioned in the privacy technology market, emphasizing Swiss privacy laws and open-source transparency. Technically, Proton's website employs modern web technologies including React and Astro frameworks, delivering a fast, mobile-optimized, and accessible user experience. The infrastructure supports multiple platforms including web, desktop, and mobile apps. SEO and content quality are excellent, reflecting a mature digital presence. Security-wise, Proton demonstrates strong practices with HTTPS enforcement, comprehensive security headers, end-to-end and zero-access encryption, and independent audits. However, DNSSEC is not enabled, and explicit incident response contacts or vulnerability disclosure pages are not found, representing minor gaps. Overall, Proton Mail's website and business exhibit high trustworthiness, professionalism, and compliance with privacy regulations such as GDPR. The risk profile is low, with no detected vulnerabilities or suspicious indicators. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and providing clearer incident response contacts to further enhance security posture and transparency.

C

cyberpunk.lol

cyberpunk.lol

62

cyberpunk.lol is a small independent Mastodon social media instance launched in late 2023, focused on fostering a cyberpunk-themed community within the Fediverse. It offers decentralized social networking services powered by the Glitch-soc fork of Mastodon, emphasizing community moderation, content warnings, and inclusivity. The platform targets adult users, enforcing an 18+ age restriction and detailed content policies to maintain a safe environment. Technically, the site uses modern web technologies including React and ES modules, hosted by fedi.monster, a known Fediverse hosting provider. While performance and mobile optimization are good, accessibility and SEO are basic. Security posture is moderate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent or terms of service. Overall, the site demonstrates a credible and community-focused operation with room for improvement in security and compliance.

O

OVHcloud

ovhcloud.com

60

OVHcloud is a major European cloud computing and web hosting provider offering a broad portfolio of infrastructure and platform services including dedicated servers, VPS, bare metal cloud, storage, and network security solutions. The company targets businesses and developers seeking scalable, secure, and cost-effective cloud infrastructure. The website reflects a mature digital presence with consistent branding, comprehensive service descriptions, and multilingual support. Technically, the site employs modern web technologies, including JSON-LD structured data, Sentry for error monitoring, and OVH's own analytics tools, ensuring good performance and accessibility. Security posture is strong with HTTPS enforcement, security headers, and certifications such as ISO 27001 and SecNumCloud, although explicit incident response contacts and vulnerability disclosure policies are not prominently published. WHOIS data is unavailable, likely due to registry restrictions or privacy policies, but this does not detract from the site's legitimacy given OVHcloud's established market position. Overall, the website is professional, secure, and compliant, suitable for enterprise customers.

T

Threads

threads.com

76

Threads is a social media platform closely integrated with Instagram, operated under the Meta Platforms umbrella. It offers users a space to share ideas, ask questions, and engage with communities, leveraging Instagram login for access. The platform targets a broad general audience and positions itself as a modern, community-driven social network. Technically, the website employs modern web technologies including React and JavaScript, hosted on Meta's infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and script nonce usage indicating content security policies, although explicit security headers and public security policies are not evident. The absence of WHOIS data suggests privacy protection or internal registration, common for high-profile brands. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve transparency by publishing privacy and cookie policies.

S

Snap Inc.

snapchat.com

75

Snapchat is a leading social media platform operated by Snap Inc., offering multimedia messaging, creative lenses, stories, and video content sharing. The website serves as a portal for users to access Snapchat services, download apps, and explore features such as Spotlight and Snap Map. The platform targets a broad audience seeking real-time communication and creative expression. Technically, the website employs modern frameworks like React and Next.js, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement and standard security headers, though explicit incident response and vulnerability disclosure information are absent. Privacy policies are comprehensive and GDPR compliant, reflecting a mature approach to user data protection. Overall, Snapchat's web presence is professional, trustworthy, and aligned with its market position as a major technology enterprise.

W

Maintenance is being carried out - OVHcloud

wideangle.co

42

The website wideangle.co is currently inaccessible due to hosting maintenance performed by OVHcloud. The page content is a placeholder indicating temporary unavailability with no business or service information presented. The site is hosted on OVHcloud infrastructure but lacks any visible security or privacy policies, contact information, or business details. Technical infrastructure is minimal with basic HTML and CSS, no advanced frameworks or CMS detected. Security posture cannot be fully assessed due to lack of content and security headers. No analytics or tracking scripts are present, indicating minimal digital maturity at this time. Overall, the site is non-functional for end users and provides no insight into the business or its operations.

AirVPN is a privacy-focused VPN service operated by activists committed to net neutrality, privacy, and anti-censorship. Established in 2010, it offers robust VPN solutions based on OpenVPN and WireGuard protocols, emphasizing strong encryption, no logging, and multiple connection options including OpenVPN over SSH, SSL, and Tor. The service targets privacy-conscious users and activists seeking secure and unrestricted internet access. Technically, the website is built on the IPS Community Suite CMS, optimized for multiple platforms including Windows, macOS, Linux, Android, iOS, and routers. The site is well-designed, mobile-optimized, and provides comprehensive information about its services and mission. Security-wise, AirVPN employs strong cryptographic standards and perfect forward secrecy, but lacks published security policies or incident response details. The domain registration is transparent and consistent with the business history, enhancing trust. Overall, AirVPN demonstrates a mature, privacy-respecting service with excellent content quality and technical implementation.

Fastly, Inc. is a leading technology company specializing in edge cloud computing, content delivery network (CDN) services, and cloud security solutions. Their platform enables faster, safer, and more scalable delivery of websites, applications, and video content to enterprise customers globally. Positioned as a key player in the edge cloud market, Fastly targets developers and digital businesses seeking high-performance and secure cloud infrastructure. The website demonstrates a mature technical infrastructure leveraging modern web technologies such as React and Gatsby, hosted likely on their own edge cloud platform. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. Comprehensive metadata and SEO practices are in place, supporting strong online presence. From a security perspective, Fastly exhibits a robust posture with HTTPS enforcement, multiple security headers, published security policies, and an active vulnerability disclosure program. Certifications such as ISO 27001 and SOC 2 Type II further reinforce their commitment to security and compliance. No significant vulnerabilities or exposed sensitive data were detected. Overall, Fastly presents a low-risk profile with strong business credibility, technical sophistication, and security awareness. The main limitation is the absence of publicly available WHOIS domain registration data, which slightly reduces domain trust analysis confidence. Strategic recommendations include continued vigilance on third-party dependencies, enhanced transparency on data retention, and ongoing accessibility improvements.

A

AUDI AG

audi-mediacenter.com

72

The Audi MediaCenter website serves as a comprehensive corporate media platform for AUDI AG, providing media professionals with access to press releases, images, videos, and other media resources. The site is well-branded, professionally designed, and targets journalists and automotive industry stakeholders. It supports Audi's market position as a leading premium automotive brand with a global presence. Technically, the site uses modern web technologies including lazy loading, JavaScript frameworks, and privacy management scripts, delivering a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers could be verified further. The absence of WHOIS data is notable but likely due to privacy protection or recent registration, not detracting from the site's legitimacy given the strong brand signals. Overall, the site is a trustworthy and professional resource for Audi's media communications.

S

Sandia Corporation

dnsviz.net

51

DNSViz.net is a specialized online tool designed to visualize DNS zones and assist in troubleshooting DNS Security Extensions (DNSSEC). The website is affiliated with Sandia Corporation and supported by reputable organizations such as Verisign and DNS-OARC, positioning it as a trusted resource within the DNS and cybersecurity community. The tool targets DNS administrators and security professionals seeking to analyze DNSSEC deployment and configuration errors. Technically, the site employs standard web technologies including HTML, CSS, JavaScript, and integrates Google Analytics and social media widgets for user engagement and tracking. While the site demonstrates good content quality and professional branding, it lacks explicit privacy and cookie policies, which are important for compliance with data protection regulations. Security-wise, the site uses HTTPS and avoids exposing sensitive data but does not implement advanced security headers or provide vulnerability disclosure information. Overall, DNSViz.net is a credible and useful technical resource with moderate technical sophistication and some room for improvement in privacy and security practices.

P

Paramount Global

cbslocal.com

67

CBS Local is a well-established local news and streaming news service operated under the umbrella of Paramount Global, a major US media conglomerate. The website provides comprehensive local news coverage and live streaming services targeting a general audience interested in regional and national news. The business model is primarily advertising-supported, leveraging digital ad networks and consent-based tracking technologies. The site demonstrates strong branding consistency and a professional digital presence with extensive social media integration.

A

AUDI AG

audi.com

73

Audi AG operates a comprehensive international corporate website showcasing its leadership in the premium automotive sector. The site provides detailed information on innovation, sustainability, investor relations, and career opportunities, targeting investors, job seekers, and automotive enthusiasts. The technical infrastructure leverages Adobe Experience Manager with a modern React-based frontend, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and a robust cookie consent mechanism, although explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is unusual but likely due to registry restrictions rather than malicious intent. Overall, the website reflects a mature digital presence aligned with Audi's market position.

O

OVHcloud

ovh.com

72

OVHcloud is a prominent European cloud service provider offering a wide range of infrastructure and platform services including dedicated servers, VPS, bare metal servers, storage, and network solutions. The company targets businesses and developers seeking scalable and secure cloud infrastructure. Their market position is strong in Europe with a growing global footprint. The website reflects a mature digital presence with good design, mobile optimization, and clear navigation. Technically, the site employs modern web technologies, security best practices including HTTPS and security headers, and integrates analytics and error monitoring tools. Security posture is robust with certifications such as ISO 27001 and SecNumCloud, indicating compliance with recognized standards. However, the absence of WHOIS data reduces transparency and slightly impacts trustworthiness. Overall, the site is professional, secure, and compliant, suitable for enterprise customers.

U

Upsun

platform.sh

72

Upsun is a technology company specializing in providing a highly flexible Platform as a Service (PaaS) designed for developers and organizations seeking customizable cloud application hosting. The platform emphasizes developer flexibility, self-service capabilities, and predictable pricing, supporting multiple frameworks and languages such as Django, Next.js, Drupal, and more. The company has a strong market position as a modern, developer-friendly cloud platform, with a focus on eliminating staging drift and accelerating release confidence. Founded in 2010, Upsun has evolved from its former identity as Platform.sh and maintains a consistent brand presence with a professional and well-structured website. Technically, the website is built using modern web technologies including Gatsby and React, optimized for performance, mobile responsiveness, and SEO. The platform integrates with major cloud providers like AWS, Azure, and Google Cloud Platform, indicating a mature and scalable infrastructure. The site employs extensive analytics and marketing tools with appropriate consent mechanisms, reflecting digital maturity and compliance awareness. From a security perspective, Upsun enforces HTTPS, implements a strict Content-Security-Policy, and maintains domain transfer protections. However, DNSSEC is not enabled, and there is no public security.txt or explicit incident response contact, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Upsun presents a trustworthy and professional online presence with strong business credibility and technical implementation. Strategic recommendations include enabling DNSSEC, publishing a security.txt file, and enhancing incident response transparency to further strengthen security posture and compliance.

State of the Map is a well-established series of annual conferences dedicated to the OpenStreetMap community, providing a platform for knowledge sharing and networking among mapping enthusiasts and geospatial professionals worldwide. The website serves primarily as an informational hub listing past and upcoming events with locations and dates, reflecting a consistent history since 2006. Technically, the site is a simple static HTML implementation with minimal modern web technologies detected, hosted behind Cloudflare DNS but lacking advanced security headers or HTTPS status details in the provided data. Security posture is minimal with no visible privacy or cookie policies, no contact or incident response information, and no vulnerability disclosure mechanisms. The domain registration data is consistent and legitimate, supporting the authenticity of the site and its long-standing presence in the community. Overall, the site is functional for its purpose but would benefit from enhanced security, privacy compliance, and richer technical implementation to improve trust and user experience.

S

SotM-EU

sotm-eu.org

57

SotM-EU is a well-established annual conference focused on the OpenStreetMap community in Europe, hosted by Karlsruhe University of Applied Sciences. The website provides comprehensive information about the event, including schedules, registration, sponsors, and community activities. The target audience includes mappers, developers, and GIS professionals interested in OpenStreetMap. The business operates on a non-profit model relying on sponsorships and ticket sales, positioning itself as a key event in the European OpenStreetMap ecosystem. Technically, the website uses a simple but effective stack with HTML, CSS, JavaScript, and Turbolinks for navigation. Hosting is provided by DreamHost, LLC. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. No CMS is detected, indicating a custom or static site approach. From a security perspective, HTTPS is enabled, but the absence of security headers such as CSP, HSTS, and X-Frame-Options reduces the overall security posture. No privacy or cookie policies are present, which is a compliance gap especially under GDPR. No contact emails or phone numbers are provided on the homepage, limiting direct communication channels. The domain registration is consistent with the website's history and shows no suspicious patterns. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen user trust and regulatory adherence.

N

NAVER

naver.com

64

NAVER is a leading South Korean internet portal offering a wide range of services including search engine capabilities, news aggregation, live streaming, and gaming content. The website demonstrates a high level of digital maturity with modern JavaScript SDKs and responsive design optimized for both desktop and mobile platforms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and privacy policies suggests room for improvement in compliance and security best practices. Overall, NAVER presents a professional, trustworthy, and content-rich platform serving a general audience in South Korea.

UGURUS was a specialized training and mentorship platform targeting digital agencies and freelancers, operating for over 12 years before its discontinuation in March 2025. The platform provided educational resources, community engagement, and a podcast to support agency growth. The website is built on WordPress, uses Cloudflare DNS, and is linked to DigitalOcean and Cloudways for hosting and support. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain protections but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is trustworthy but shows signs of being in a sunset phase with limited active content.

C

CSS-Tricks

css-tricks.com

68

CSS-Tricks is a well-established online platform dedicated to web development education, focusing primarily on CSS and front-end technologies. Founded in 2007, it serves a global audience of web developers, designers, and technologists by providing high-quality articles, guides, and tutorials. The site maintains a strong market position as a reputable resource in the web development community, supported by consistent content updates and a professional digital presence. The business model revolves around content publishing, advertising partnerships, and newsletter subscriptions, with DigitalOcean as a notable sponsor and hosting partner. Technically, the website is built on WordPress, leveraging modern web technologies including PHP, JavaScript, and CSS. It employs Cloudflare for DNS and CDN services, ensuring fast performance and robust availability. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a superior user experience. Hosting on DigitalOcean via Cloudways further supports its performance and scalability needs. From a security perspective, CSS-Tricks enforces HTTPS with strong security headers, protecting user data and enhancing trust. While DNSSEC is not enabled, the domain registration is secured with registrar locks preventing unauthorized transfers or deletions. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. However, explicit security policies or incident response information are not publicly available, representing an area for potential improvement. Overall, CSS-Tricks presents a low-risk profile with a high degree of professionalism and trustworthiness. Strategic recommendations include enabling DNSSEC, publishing a formal security policy and incident response plan, and considering a vulnerability disclosure program to further enhance security posture and stakeholder confidence.

U

Upsun

platformsh.site

70

Upsun is a technology company offering a highly flexible Platform as a Service (PaaS) designed to empower developers with self-service capabilities and predictable pricing. The platform supports multiple popular frameworks and languages, enabling organizations to deploy production-perfect clones of their applications across major cloud providers such as AWS, Azure, and Google Cloud Platform. Formerly known as Platform.sh, Upsun positions itself as a reliable and innovative cloud application platform targeting developers and businesses seeking efficient application delivery and modernization solutions. The website demonstrates a high level of digital maturity with modern technologies like Gatsby and React, excellent mobile optimization, and comprehensive SEO practices. Security posture is strong with HTTPS enforcement, Content Security Policy, and domain transfer protections, although enabling DNSSEC and publishing explicit incident response policies would enhance trust further. Overall, Upsun presents a professional, trustworthy, and technically sound online presence.

G

Germany Trade & Invest

gtai.de

73

Germany Trade & Invest (GTAI) is the official economic promotion agency of the Federal Republic of Germany, dedicated to assisting international companies in establishing and expanding their business operations in Germany. The website serves as a comprehensive resource offering detailed information on Germany's business environment, industry sectors, investment guides, and support services. It targets international investors and companies seeking to enter the German market, providing free confidential advice and project support. The agency maintains a strong market position as a government-backed entity with a wide network of international offices and active participation in global events. Technically, the website is built on CoreMedia CMS and employs modern web technologies including JavaScript, CSS, and asynchronous script loading. It integrates analytics and tracking tools such as eTracker and Crazy Egg, alongside a GDPR-compliant cookie consent mechanism powered by Usercentrics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns with the website's official nature, showing consistent domain registration and hosting information. Overall, GTAI's website reflects a professional, trustworthy, and well-maintained digital presence suitable for its role as a government investment promotion agency. Strategic recommendations include publishing explicit privacy and security policies, enhancing security header implementation, and providing clear incident response contacts to further strengthen trust and compliance.

F

F-Droid Contributors

f-droid.org

74

F-Droid is a well-established open source Android app repository founded in 2010, providing a catalog and client for free and open source software applications. It targets Android users who prefer privacy-respecting and open source alternatives to mainstream app stores. The website is donation-funded and emphasizes community trust and transparency, including PGP verification for downloads. Technically, the site uses standard web technologies with good mobile optimization and SEO practices, hosted under a reputable registrar. Security posture is moderate with HTTPS implied but lacking DNSSEC and security headers, and no formal security or privacy policies published on the main page. Overall, the site is trustworthy and professional but could improve compliance and security transparency.

F

Fullstory

fullstory.com

67

Fullstory operates as an enterprise SaaS company specializing in behavioral data platforms that analyze user sentiment to improve digital products. The website presents a professional and modern interface built on Gatsby and React, indicating a mature technical infrastructure. However, the absence of publicly available WHOIS data suggests domain privacy protection, which is common for technology companies but reduces transparency. Security posture is moderate due to lack of visible security headers, policies, or incident response information. Privacy compliance is weak as no privacy or cookie policies were detected. Overall, the site is trustworthy and well-branded but would benefit from enhanced transparency and security disclosures.

D

DigitalOcean

digitaloceanspaces.com

71

DigitalOcean is a prominent cloud infrastructure provider focused on delivering simple, scalable, and developer-friendly cloud solutions. Their product suite includes virtual machines (Droplets), Kubernetes, managed databases, AI GPU services, and application platforms, targeting developers, startups, and small to medium businesses. The company positions itself as a cost-effective and easy-to-use alternative to larger cloud providers, emphasizing predictable pricing and strong customer support. Technically, the website is built using modern frameworks such as Next.js and React, with a fast, mobile-optimized, and accessible design. The use of analytics tools like Amplitude and Google Tag Manager indicates a mature digital marketing and user tracking strategy, balanced with comprehensive privacy and cookie policies that comply with GDPR standards. From a security perspective, the site enforces HTTPS, implements key security headers, and provides clear incident response channels. Certifications such as SOC 2 Type II and ISO 27001 further demonstrate a commitment to security best practices. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website presents a low-risk profile with strong business credibility, technical maturity, and security posture. The lack of WHOIS data is likely due to privacy protection and does not detract from the legitimacy of the business. Strategic recommendations include ongoing security audits, enhanced transparency on incident response, and continuous improvement of privacy measures.

I

Industrie- und Handelskammer

ihk.de

71

The website www.ihk.de serves as the central portal for the German Chambers of Industry and Commerce (Industrie- und Handelskammer), a large government-related institution providing business support, consulting, certification, and regional economic development services across Germany. It targets businesses and entrepreneurs nationwide, offering access to multiple regional chambers with detailed contact information and localized services. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site is built on the CoreMedia CMS platform, utilizing modern JavaScript libraries and analytics tools such as eTracker. It employs HTTPS with strong SSL configuration and includes a cookie consent mechanism compliant with GDPR. While security headers are not explicitly detected, the presence of CSRF tokens and cookie consent tools indicate a reasonable security posture. No critical vulnerabilities or suspicious content were found. Overall, the security posture is solid but could be improved by adding explicit security headers and publishing a formal security policy or vulnerability disclosure framework. Privacy compliance is good, with clear privacy and cookie policies. The domain WHOIS data aligns with the website's official nature, supporting its legitimacy. No WAF or blocking mechanisms interfere with content access. The site is safe for general audiences, contains no adult or questionable content, and demonstrates high trustworthiness. Strategic recommendations include enhancing security headers, establishing incident response contacts, and improving transparency around security practices to further strengthen trust and compliance.

Dell Technologies is a global leader in technology solutions, offering a broad portfolio of products, services, and support tailored for corporate and enterprise customers. The Finnish localized site provides access to Dell's technology offerings, partner programs, and support resources, reflecting a mature and well-established business presence in the EMEA region. The website infrastructure leverages modern web technologies, content delivery networks, and secure login mechanisms, demonstrating a high level of digital maturity and operational robustness. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policy and incident response information could be enhanced. Overall, the site is professional, trustworthy, and compliant with privacy regulations including GDPR. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to further enhance transparency and trust.

P

PETZI

petzi.ch

64

PETZI is a Swiss federation representing music venues and festivals, providing a centralized platform for event listings, ticketing, and industry support. The website targets music venues, festival organizers, and attendees primarily within Switzerland. It offers services including event aggregation, points of sale information, association details, projects, publications, jobs, and workshops. The business operates as a non-profit federation with a clear focus on the Swiss music and festival sector. Technically, the website employs modern JavaScript frameworks such as Alpine.js and htmx, and uses Piwik/Matomo for analytics, indicating a moderate level of digital maturity with privacy-conscious tracking. The site is mobile-optimized and features good SEO practices, though it lacks explicit CMS identification and some advanced accessibility features. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several recommended security headers and does not provide a cookie consent mechanism, which may impact GDPR compliance. There is no visible security policy or incident response contact information, and no vulnerability disclosure policy is present. Overall, PETZI's website is professional, trustworthy, and well-aligned with its business purpose. The main risks relate to privacy compliance and security header implementation. Strategic improvements in these areas would enhance the site's security posture and regulatory adherence.

X

XING

xing.com

66

XING is a professional networking and job search platform primarily serving German-speaking professionals. The website offers extensive job listings, recruiter access, salary information, and employer reviews, positioning itself as a key player in the online recruitment market. The platform supports profile creation and personalized job matching, enhancing user engagement and service relevance. Technically, the website employs modern web technologies such as React and asynchronous JavaScript loading, ensuring a fast and responsive user experience optimized for mobile devices. Security practices include HTTPS enforcement and sandboxed iframes for third-party content, though explicit security headers were not detected in the provided data. The absence of WHOIS data is unusual but does not detract from the site's apparent legitimacy based on content and branding. Privacy and cookie policies were not found in the provided content, indicating an area for improvement in compliance transparency.

B

Base Design

basedesign.com

64

Base Design is a professional international branding agency specializing in creating culturally impactful brands through design and technology. The company operates globally with offices in Brussels, New York, Geneva, and Melbourne, offering services such as branding, typography, identity, and digital experiences. Their website reflects a high level of professionalism with excellent design quality, clear navigation, and comprehensive content showcasing their portfolio and thought leadership. Technically, the website is built on modern frameworks including Next.js and React, ensuring fast performance and mobile optimization. The site employs cookie consent mechanisms compliant with GDPR and uses analytics tools like Google Analytics and Plausible for visitor insights. Security best practices are observed with HTTPS enforcement and security headers, although no explicit security policy or incident response information is published. The security posture is strong with no evident vulnerabilities, but the absence of WHOIS data and domain registration information raises concerns about domain legitimacy and transparency. This discrepancy impacts the overall trust score despite the professional appearance and content quality. Strategically, the company should consider publishing detailed security and incident response policies and clarifying domain registration details to enhance trust. Overall, Base Design presents as a credible and mature digital branding agency with room for improvement in transparency and security communication.

W

Wikimedia Foundation

wikisource.org

65

Wikisource is a free digital library project operated by the Wikimedia Foundation, providing access to source texts in multiple languages under free licenses. It serves a broad audience including researchers, students, and the general public interested in freely accessible source materials. The website is well-established, with a domain age consistent with the project's founding in 2003, and is part of the trusted Wikimedia ecosystem. Technically, the site is powered by MediaWiki software, a mature and widely used platform for collaborative content management. The infrastructure appears robust, with modern web technologies, good mobile optimization, and fast performance. Security is strong with HTTPS enforced and domain status flags preventing unauthorized domain changes, although DNSSEC is not enabled. Security posture is solid with no visible vulnerabilities or exposed sensitive data. However, explicit security policies, privacy policies, and cookie consent mechanisms are not found on the main page, which slightly reduces privacy compliance scores. The site does not engage in advertising or extensive user tracking, aligning with Wikimedia's non-profit and privacy-respecting ethos. Overall, Wikisource presents a trustworthy, professional, and high-quality educational resource with strong technical and security foundations. Strategic recommendations include publishing explicit privacy and security policies and enabling DNSSEC to further enhance domain security.

W

Wikimedia Foundation, Inc.

mediawiki.org

67

MediaWiki is an established open source collaboration and documentation platform developed and maintained by the Wikimedia Foundation, a large non-profit organization. It powers Wikipedia and tens of thousands of other websites worldwide, offering a multilingual, extensible, and reliable wiki software solution. The platform targets system administrators, users, developers, and contributors who seek to manage and share knowledge effectively. The business model is based on open source software with community contributions and professional consulting services. The website content is comprehensive, professionally presented, and consistent with the Wikimedia brand. Technically, the website runs on the MediaWiki framework version 1.45.0, leveraging modern web technologies such as JavaScript, CSS, and HTML5. It is hosted on Wikimedia Foundation infrastructure, likely in Equinix data centers, and demonstrates fast performance, good mobile optimization, and accessibility. SEO practices and metadata are well implemented, including Open Graph and JSON-LD structured data. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers. CSRF tokens are present, and no vulnerable libraries or exposed sensitive data were detected. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not prominently published, representing an area for improvement. Overall, the website is trustworthy, safe, and professionally maintained with high content quality and technical maturity. The domain is long-established and consistent with the Wikimedia Foundation's history. Privacy policies and terms of use are comprehensive and GDPR compliant. No blocking or WAF challenges were detected, allowing full content access and analysis.

W

Wikimedia Foundation

wikidata.org

65

Wikidata is a globally recognized free and open knowledge base operated by the Wikimedia Foundation. It serves as a central repository for structured data used across Wikimedia projects such as Wikipedia, enabling collaborative data curation and linked open data access. The platform targets a broad audience including researchers, developers, and the general public, supporting knowledge sharing and data interoperability. Technically, Wikidata is built on the MediaWiki platform with modern web technologies, hosted on Wikimedia's robust infrastructure, ensuring fast performance and good mobile optimization. Security is strong with HTTPS enforcement and comprehensive security headers, although formal public security policies and incident response contacts are not prominently published. Privacy and compliance are well addressed with clear privacy and cookie policies, reflecting the organization's commitment to user data protection. Overall, Wikidata demonstrates high professionalism, trustworthiness, and technical maturity, positioning it as a leading open data resource in the technology and non-profit sectors.

Wikivoyage is a free travel guide website operated under the Wikimedia Foundation umbrella, offering multilingual travel content created and maintained by a global community. The platform serves a broad audience of travelers seeking open and reliable travel information. Technically, the site is built on the MediaWiki CMS platform, leveraging modern web standards and optimized for mobile devices, ensuring fast performance and good accessibility. Security-wise, the site enforces HTTPS and secure form submissions but lacks some advanced security headers and explicit vulnerability disclosure policies. Privacy policies are comprehensive and GDPR compliant, though no cookie consent mechanism is present. Overall, the website is trustworthy, professional, and well-maintained, with minor areas for improvement in security and privacy transparency.

T

Thunderbird

thunderbird.net

68

Thunderbird is a well-established open-source email and productivity application supported by the Mozilla Foundation. The website serves as the official distribution and information portal for Thunderbird desktop and mobile applications, targeting general users seeking a free, customizable email client. The site is professionally designed with excellent content quality, multi-language support, and clear navigation, reflecting a mature digital presence. Technically, the site uses modern web technologies, enforces HTTPS, and implements strong security headers, contributing to a robust security posture. However, the absence of WHOIS data for the domain www.thunderbird.net is unusual but likely due to domain registration nuances or privacy measures. Overall, the site is trustworthy and aligns with Mozilla's reputation.

M

Mozilla

firefox.com

75

The website www.firefox.com serves as the official download and informational portal for the Firefox browser, a product of Mozilla, a well-known non-profit organization dedicated to internet health and privacy. The site offers comprehensive information about Firefox's features, download options for multiple platforms, and strong emphasis on user privacy and security. The brand is positioned as a leading privacy-focused browser with a large global user base and a commitment to open source principles. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, along with third-party services like Sentry for error monitoring and Google Tag Manager for analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place. From a security perspective, the site enforces HTTPS and implements cookie consent banners, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain www.firefox.com is notable and reduces trust slightly, though the website content aligns strongly with Mozilla's official branding and services. Overall, the website demonstrates a strong security posture, excellent content quality, and good privacy compliance, making it a trustworthy source for Firefox browser downloads and information. Strategic improvements include publishing explicit security headers, incident response policies, and clearer contact information to enhance trust and security transparency.

M

Microsoft

yammer.com

75

The website www.yammer.com represents Viva Engage, a Microsoft enterprise collaboration platform designed to enhance communication and productivity within organizations. It is positioned as a key component of the Microsoft 365 ecosystem, targeting enterprise customers and business professionals. The site showcases Microsoft branding and integrates tightly with other Microsoft services, reflecting a mature and well-established business offering. Technically, the website employs modern JavaScript frameworks such as RequireJS and CoreUI, hosted on Microsoft Azure infrastructure. It demonstrates excellent mobile optimization, accessibility, and SEO practices, ensuring a high-quality user experience. The site uses HTTPS and includes standard security headers, indicating a strong security posture. From a security and compliance perspective, the site links to comprehensive Microsoft privacy and cookie policies, indicating GDPR compliance and user consent mechanisms. However, no explicit security policy, incident response contacts, or vulnerability disclosure pages were found publicly. WHOIS data is unavailable due to privacy or proxy registration, which is typical for large enterprises like Microsoft. Overall, the website is trustworthy, professionally maintained, and secure, with no signs of suspicious activity or content. Strategic recommendations include enhancing transparency by publishing explicit security policies and vulnerability disclosure information to further strengthen trust and compliance.

Yahoo is a globally recognized technology and media company operating a wide range of web services including search, news, and advertising platforms. This particular page serves as a GDPR-compliant consent management interface for Finnish users, reflecting Yahoo's commitment to privacy and regulatory compliance. The site is part of the broader Yahoo group, which includes subsidiaries such as AOL and Engadget. The business model centers on advertising and data-driven services, targeting general internet users with localized content and consent options. Technically, the site employs modern web standards with JavaScript and CSS, and integrates Yahoo's proprietary analytics framework for user behavior tracking. Security measures include HTTPS enforcement and CSRF protection, though some security headers could be enhanced. Privacy compliance is strong, with clear links to comprehensive privacy and cookie policies, and mechanisms for user consent management. Overall, the website demonstrates a mature digital infrastructure and a high level of professionalism, supporting Yahoo's market position as a trusted internet brand.

R

Read It Later, Inc.

getpocket.com

67

Pocket, operated by Read It Later, Inc. and owned by Mozilla, is a technology company specializing in read-it-later and content discovery services. The website clearly communicates the service shutdown and provides users with export options and subscription refund information. The business is well-positioned in the content curation and browser integration market, leveraging Mozilla's brand and resources. Technically, the site uses modern web frameworks such as Next.js and React, hosted on AWS infrastructure, delivering good performance and mobile optimization. Security posture is solid with HTTPS and domain protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the site is professional, trustworthy, and user-friendly, with no adult or questionable content detected.