Security Directory

P

Premiere San Antonio

premieresanantonioshow.com

52

Premiere San Antonio is an event-focused website promoting a regional beauty industry trade show in the Southwest United States. The site targets beauty professionals and students, offering connections to top brands, educators, and influencers. The business model centers on event organization and industry networking, positioning itself as a growing regional event. Technically, the site is built on Adobe Experience Manager and integrates multiple third-party marketing and tracking tools such as Google Tag Manager and Facebook Pixel. The website demonstrates moderate digital maturity with good design and mobile optimization but lacks comprehensive privacy and security policies. Security posture is limited due to absence of security headers and no visible incident response or vulnerability disclosure information. The domain WHOIS data is missing, raising concerns about domain legitimacy and trustworthiness. Overall, the site is functional and professional but requires improvements in privacy compliance, security best practices, and business transparency to enhance trust and reduce risk.

H

HubSpot

inbound.com

69

INBOUND.com is the official website for HubSpot's annual marketing and sales conference, INBOUND, scheduled for September 3-5, 2025. The site serves as a comprehensive platform for event information, registration, and resources targeting marketing professionals and sales teams. It positions itself as a leading event in the marketing technology space, leveraging HubSpot's strong brand presence. The website demonstrates a modern technical infrastructure built on Nuxt.js and Tailwind CSS, ensuring fast performance and excellent mobile responsiveness. Security best practices are observed with HTTPS and multiple security headers, although dedicated security and incident response policies are not publicly available. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy compliance. The absence of WHOIS data is a notable gap but does not detract significantly from the site's legitimacy given the strong branding and content quality. Overall, the site is professional, secure, and well-optimized, serving its business purpose effectively.

S

Shoptalk

shoptalk.com

63

Shoptalk is a well-established event platform specializing in retail industry conferences and networking opportunities. Founded in 2003, it serves a medium-sized audience of retail professionals, solution providers, media partners, startups, and investors. The website provides comprehensive event-related content, speaker and sponsor applications, and community engagement features. Technically, the site uses a modern JavaScript stack with integrations for analytics, marketing, and consent management, hosted behind Cloudflare DNS and registered with GoDaddy. Security posture is solid with HTTPS, CSRF protections, and domain locking, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the site is professional, safe, and trustworthy but could improve transparency on privacy and security policies.

K

Kentucky Rural Water Association

krwa.org

65

Kentucky Rural Water Association (KRWA) is a prominent non-profit organization dedicated to supporting rural water and wastewater utilities across Kentucky. Serving nearly 95% of the public drinking water and wastewater customers in the state, KRWA offers a comprehensive suite of services including training, compliance assistance, membership benefits, and advocacy. The association maintains a strong market position as the largest utility organization in Kentucky focused on rural water issues, targeting utility operators, industry professionals, and stakeholders. Their business model centers on membership services and educational programs, supported by partnerships with related organizations such as the National Rural Water Association.

Y

Yellowgrape

yellowgrape.nl

64

Yellowgrape is a data-driven e-commerce agency specializing in helping e-commerce organizations grow through data analytics, marketing, and technology solutions. Operating from Amsterdam and Berlin, the company positions itself as a growth partner with a proven approach to explosive growth. The website reflects a professional and modern digital presence, leveraging Webflow CMS and integrating key marketing and analytics tools such as Google Tag Manager and Cookiebot for privacy compliance. The technical infrastructure is sound, with HTTPS enforced and a cookie consent mechanism that aligns with GDPR requirements. Security posture is solid, though there is room for improvement in implementing additional security headers and publishing explicit security policies. Overall, the website and business presence indicate a legitimate and credible agency with a focus on e-commerce growth.

M

MLP Finanzberatung SE

mlp.de

67

MLP Finanzberatung SE is a well-established financial advisory company based in Germany, offering a wide range of services including wealth management, retirement planning, insurance, financing, and investment products. The website targets diverse customer segments such as private customers, medical professionals, legal and tax advisors, and senior citizens. The company operates under the parent company MLP SE and maintains a professional online presence with consistent branding and comprehensive service information. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. The site is mobile-optimized and structured for good user experience, although some accessibility features appear basic. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website enforces HTTPS and uses a recognized consent management platform, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial due to the absence of a clearly accessible privacy policy and terms of service. Contact information for security incidents or data protection officers is not published. Overall, the website presents a low risk profile with a good business credibility score but would benefit from enhanced transparency in privacy and security documentation. Strategic improvements in publishing privacy policies, terms of service, and security incident contacts would strengthen compliance and trust.

L

Lünepedia

luenepedia.de

47

Lünepedia is a community-driven city wiki focused on aggregating and sharing local knowledge about Lüneburg and its surroundings. Originating from a student project in 2020, it serves residents and community members by providing a collaborative platform for information sharing, event listings, and local initiatives. The website is built on the MediaWiki platform, enhanced with map integration using Leaflet, and presents content primarily in German. It maintains a good level of digital maturity with responsive design, clear navigation, and basic accessibility features. Privacy compliance is addressed with a cookie consent banner and a privacy policy, reflecting GDPR adherence. Security posture is solid with HTTPS enforced and CSRF protections, though explicit security policies and incident response contacts are absent.

W

WerkStadt Lüneburg e.V.

werkstadt-lueneburg.de

56

WerkStadt Lüneburg e.V. is a non-profit community workshop based in Germany, offering an open space for creative handcraft, repair, and learning activities. The organization targets a broad audience including children, youth, schools, companies, and the general public. Their services include access to tools and machines, workshops, courses, and space rental. The website is built on Squarespace, hosted via Netcup, and integrates Google Maps and social media platforms for outreach. The site is well-designed, mobile-optimized, and uses HTTPS with HSTS for secure communications. However, it lacks visible privacy and cookie policies, which is a compliance gap. Contact information is primarily via contact pages without explicit emails or phone numbers. Overall, the website presents a trustworthy and professional image suitable for its community-oriented mission.

E

EEX Group

eex-transparency.com

68

The EEX Transparency Platform is a professional and comprehensive online portal operated by the EEX Group, providing inside information and transparency services for European energy markets including power, natural gas, emissions, and hydrogen sectors. The platform targets market participants, regulatory bodies, and the general public interested in energy market data. The website demonstrates a mature digital infrastructure using TYPO3 CMS and modern JavaScript libraries such as Highcharts for interactive data visualization. It features GDPR-compliant privacy and cookie policies with user consent mechanisms, reflecting a strong commitment to privacy and regulatory compliance. Security posture is solid with HTTPS enforcement and basic security headers, though there is room for improvement in advanced security headers and accessibility. The absence of WHOIS data suggests privacy protection or recent domain registration, but the website's branding and content align with the reputable EEX Group, supporting legitimacy. Overall, the platform is a trustworthy and valuable resource for energy market transparency.

N

Nolan Consulting Limited

cryptovoxels.com

54

Cryptovoxels, operated by Nolan Consulting Limited, is a blockchain-based virtual world platform offering users the ability to explore, buy, and build on virtual parcels of land. The platform targets crypto enthusiasts, gamers, and digital artists, positioning itself as a niche leader in the metaverse and virtual real estate market. Key services include virtual land sales, digital asset marketplaces, and hosting virtual events. The website content is basic but functional, with a consistent brand presence and active social media engagement via Discord and Twitter. Technically, the site uses JavaScript and Leaflet.js for mapping features and employs Plausible Analytics for minimal user tracking. The site performance is moderate with basic mobile optimization and accessibility features. However, there is a lack of advanced SEO and security headers, and no cookie consent mechanism is present, indicating room for improvement in privacy compliance. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies. The WHOIS data is unavailable, which raises concerns about domain registration transparency and trustworthiness. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the security posture is moderate but could benefit from enhanced policies and transparency. The overall risk is moderate with no critical vulnerabilities detected, but the absence of WHOIS data and privacy compliance features suggest the need for strategic improvements to enhance trust and security culture.

K

Kreativwirtschaft Sachsen-Anhalt e.V.

kwsa.de

41

Kreativwirtschaft Sachsen-Anhalt e.V. (KWSA) is a regional industry association representing cultural and creative professionals and companies in the German state of Sachsen-Anhalt. The organization focuses on supporting creative entrepreneurs through networking, knowledge transfer, events, and workshops, positioning itself as a key regional player in the creative economy. The website reflects this mission with clear information about services, events, and membership opportunities. Technically, the site is built on TYPO3 CMS, hosted by agenturserver, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no exposed sensitive data, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is adequate with a privacy policy and cookie information present, but no active consent mechanism is detected. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

U

Utility Week

utilityweek.co.uk

64

Utility Week is a UK-based media platform specializing in the energy and utilities sector, providing news, analysis, and industry insights. Established in 2006, it serves professionals and stakeholders within the energy market with subscription-based content and events. The website demonstrates a solid technical infrastructure built on WordPress, enhanced with performance optimizations such as WP Rocket and lazy loading scripts. It integrates multiple third-party advertising and analytics services including Google Tag Manager and AdvertServe. Security posture is adequate with HTTPS enabled and no visible critical vulnerabilities, though the absence of explicit security policies and headers suggests room for improvement. Privacy compliance is limited, with no clear privacy or cookie policies detected in the provided content. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

D

Danone Santé Nutrition

danonesantenutrition.com

67

Danone Santé Nutrition operates a professional platform dedicated to healthcare professionals in France, providing specialized nutrition products, clinical studies, patient support resources, and professional training. The website is built on Adobe Experience Manager cloud infrastructure, leveraging modern technologies such as Algolia search and consent management tools. The platform demonstrates good content quality, professional branding, and a clear focus on its target audience of healthcare professionals. Security posture is moderate with HTTPS and consent mechanisms in place, but lacks visible security headers and published security policies. WHOIS data is unavailable, which is unusual but the site content and branding strongly indicate legitimacy as part of the Danone group. Overall, the site is a well-structured, professional resource with room for improvement in transparency and security best practices.

L

Laboratoire Gallia

laboratoire-gallia.com

69

Laboratoire Gallia is a French specialist in infant nutrition products, providing both commercial products and extensive parental support content. The website targets parents and healthcare professionals with expert advice, calculators, and a dedicated professional portal. The brand is associated with Danone, as indicated by hosting and media assets. The digital infrastructure is modern, leveraging Adobe Experience Manager CMS and multiple analytics and marketing tools. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie policies with consent mechanisms. However, the absence of WHOIS data for the domain is a notable anomaly that requires further verification. Security posture is generally good with HTTPS and cookie consent but lacks explicit security policies and some security headers. Overall, the website is professional, trustworthy, and content-rich, serving its audience effectively.

B

Badoit

badoit.fr

66

Badoit.fr is the official website of Badoit, a historic French brand specializing in naturally sparkling mineral water products. The site showcases the brand's heritage dating back to 1778, product ranges including flavored waters and mocktail recipes, and maintains consistent branding aligned with its parent company Danone. The website is built on Adobe Experience Manager, leveraging modern web technologies and cloud hosting, delivering a good user experience with mobile optimization and clear navigation. Privacy compliance is well addressed with a comprehensive cookie policy and consent mechanism. However, explicit contact information and security policies are not published, and WHOIS data is unavailable, which slightly impacts trustworthiness from a domain registration perspective. Overall, the site is professional, secure, and suitable for a large consumer goods brand.

L

La Salvetat

lasalvetat.fr

68

La Salvetat is a French brand specializing in natural mineral sparkling water with low sodium content, targeting health-conscious consumers. The website is professionally designed, hosted on Adobe Experience Manager Cloud, and integrates modern web technologies and marketing tools. Privacy and cookie policies are well implemented, reflecting GDPR compliance. However, the absence of WHOIS data and lack of explicit contact details on the site slightly reduce trustworthiness. Security posture is adequate with HTTPS enforced but could be improved by adding security headers and explicit security policies. Overall, the site presents a credible and professional digital presence aligned with its parent company Danone.

V

Volvic

volvic.fr

69

Volvic is a well-established French brand specializing in natural mineral water and flavored beverages, operating under the parent company Danone. The website presents a professional and consistent brand image with comprehensive product information, environmental commitments, and visitor experience offerings. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS and cloud hosting, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, although explicit security policy and incident response information are absent. The domain WHOIS data is unavailable, limiting direct verification of domain registration legitimacy, but the website content and branding strongly indicate a legitimate enterprise. Overall, the site is trustworthy, user-friendly, and compliant with privacy regulations.

Activia.fr is the official French website for the Activia brand, a well-known dairy product line specializing in probiotic yogurts and digestive health. The site offers rich content including product information, health advice, and a wide range of recipes, targeting general consumers interested in wellness and nutrition. The website is professionally designed, mobile-optimized, and hosted on Adobe Experience Manager Cloud, indicating a mature digital infrastructure. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response information are not published. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. WHOIS data is unavailable, which slightly impacts domain trust but the overall brand presence and technical setup support legitimacy. The site integrates marketing and analytics tools such as TagCommander and Adobe Helix RUM for performance and user tracking.

Actimel.fr is the official French website for Actimel, a well-established fermented milk product brand enriched with vitamins D and B6 to support immunity. The brand is part of Danone, a global leader in the food and beverage sector. The website offers detailed product information, nutritional benefits, and consumer guidance, targeting a broad general audience including families and health-conscious consumers. The site reflects a mature brand with over 25 years of market presence and strong consumer trust. Technically, the website is built on Adobe Experience Manager (AEM) cloud platform, leveraging modern web technologies including Adobe Helix RUM for performance monitoring, Algolia for search, and TagCommander for tag management. The site is well-optimized for mobile devices, accessible, and SEO-friendly, providing a fast and smooth user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms compliant with GDPR. While explicit security headers are not visible in the HTML, it is likely they are configured server-side. No vulnerabilities or exposed sensitive data were detected. However, the site lacks a public vulnerability disclosure or incident response contact page, which could enhance transparency and security posture. Overall, the domain WHOIS data is not publicly available, likely due to privacy protection, which is justified for a large consumer brand. The website is professionally maintained, trustworthy, and compliant with privacy regulations. Strategic recommendations include adding explicit security headers, publishing a vulnerability disclosure policy, and providing incident response contacts to further strengthen security and trust.

S

SCM Hänssler

scm-haenssler.de

67

SCM Hänssler operates as a Christian-focused e-commerce retailer specializing in books, music, and related products. The website serves a German-speaking audience with a broad catalog of Christian literature and media, positioning itself as a trusted provider within this niche. The business model centers on online retail with a strong emphasis on customer service and compliance with European data protection regulations. Technically, the site is built on the Magento platform, leveraging modern web technologies and analytics tools such as Google Analytics and Matomo. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

I

incognito digitale lösungen

incognito.ms

55

Incognito digitale lösungen is a small German technology service provider specializing in digital solutions including conception, UI/UX design, programming, and hosting since 2006. The website is professionally designed using modern web technologies such as Nuxt.js and TailwindCSS, providing a good user experience and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy despite the active and professional web presence. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal privacy or cookie policies. The site uses Matomo analytics, indicating moderate user tracking but lacks clear privacy compliance indicators. Overall, the business appears credible but would benefit from improved transparency and security practices.

LitVideo, operated by qub media GmbH, provides a specialized online platform for distributing book trailers to online shops and websites, targeting publishers, authors, bloggers, and online retailers. The website serves as a niche marketing tool provider within the German media sector, focusing on enhancing product visibility through video content. The business model centers on B2B services facilitating video marketing content placement, with a consistent brand presence and basic but relevant content quality. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and jQuery 1.x, alongside Google Analytics for visitor tracking. While the site is accessible and functional, it shows signs of technical debt such as the use of an outdated jQuery version and lacks advanced SEO, accessibility, and mobile optimization features. The hosting provider is not explicitly identified, and no CMS is detected. From a security perspective, the site uses HTTPS but lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance and overall security posture. The outdated jQuery version poses a potential vulnerability risk. No incident response or security policy information is provided, limiting transparency in security management. Overall, the website is moderately secure and professionally credible but would benefit from technical modernization and enhanced privacy compliance measures. Strategic improvements in security headers, updated libraries, and cookie consent implementation are recommended to strengthen trust and regulatory adherence.

E

endboss GmbH

endboss.eu

48

Endboss GmbH is a small creative agency specializing in urban development and cultural storytelling projects. They position themselves as partners rather than traditional service providers, focusing on collaborative and inclusive urban projects. The website reflects a niche market presence with a clear emphasis on partnership and creative urban solutions. Technically, the site is built on a modern SvelteKit framework, delivering a good user experience with mobile optimization and modular JavaScript assets. Security posture is solid with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. Privacy compliance is basic but present with a privacy policy and terms of service. Overall, the site is professional and trustworthy, though it could improve transparency by adding contact details and enhancing security headers.

N

N/A

hsu.de

49

The website hsu.de currently serves as a parked domain with minimal content primarily focused on displaying advertisements and related search results. There is no substantive business information, contact details, or service descriptions available, indicating that the domain is not actively used for a commercial or organizational purpose. The technical infrastructure relies on basic HTML, CSS, and JavaScript with integration of Google Adsense and Bodis ad services, typical for domain parking pages. Security posture is weak due to lack of visible HTTPS enforcement, security headers, and privacy compliance mechanisms. Overall, the site presents a low trust profile with limited user engagement or business credibility.

M

Missmaturita.cz - doména na prodej

missmaturita.cz

38

The website missmaturita.cz is a domain parking page offering the domain for sale or rent. It does not represent an active business or service but serves as a marketplace listing for domain investors or buyers interested in Czech domains. The site is minimalistic, with basic HTML and JavaScript, hosted likely by netiq.biz, a domain parking and hosting provider. The technical infrastructure is simple, lacking modern CMS or frameworks, and shows basic mobile optimization and accessibility. Security posture is weak, with no HTTPS enforcement visible in the content, no security headers, and no privacy or cookie policies. The site also includes an automatic redirect to an unrelated external domain, which may reduce trust. WHOIS data shows the domain was registered recently in December 2023, consistent with its use as a domain for sale. Overall, the site scores low on professionalism, security, and privacy compliance, reflecting its nature as a parked domain rather than a full business website.

S

Scottish and Southern Electricity Networks

ssen.co.uk

67

Scottish and Southern Electricity Networks (SSEN) operates as a major electricity distribution network operator in the United Kingdom, serving customers primarily in Scotland and southern England. The company provides essential services including electricity distribution, power cut reporting, and customer support. SSEN is a subsidiary of SSE plc, a well-established energy company. The website reflects a professional and customer-focused approach, offering 24/7 contact centers and real-time power outage information. The target audience includes residential and business electricity consumers within their service regions. From a technical perspective, the website leverages modern technologies such as Episerver CMS, Microsoft Azure Application Insights for analytics, Google Tag Manager, and OneTrust for cookie consent management. The site is hosted likely on Microsoft Azure infrastructure, ensuring reliable performance and scalability. The website demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. Security posture is strong with HTTPS enforcement, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. However, the site lacks a publicly available security policy and incident response contact details, which could enhance transparency and trust. Overall, SSEN's website is a trustworthy and professional platform that effectively supports its business operations and customer engagement. Strategic improvements in security transparency and accessibility could further strengthen its digital maturity and risk management.

B

buff.rocks GmbH

buff.rocks

54

buff.rocks GmbH is a German advertising and digital agency based in Magdeburg, specializing in creative strategy, design, TYPO3 CMS web projects, campaigns, content marketing, hosting, and digital transformation services. The company positions itself as a regional expert with over 20 years of TYPO3 experience and is part of the +Pluswerk network, enhancing its market credibility. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service descriptions, targeting businesses and organizations seeking digital agency services. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as Splide.js for carousels and Matomo for analytics, with a cookie consent mechanism in place. The site demonstrates good SEO and accessibility practices, with structured data markup enhancing search engine understanding. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. The WHOIS data is incomplete and malformed, limiting domain registration transparency and trust verification. Despite this, the website content, customer testimonials, and external trust signals such as ProvenExpert reviews and industry memberships support the legitimacy of the business. No adult or questionable content is present, making the site safe for general audiences. Overall, buff.rocks GmbH presents a credible, professional digital agency with a strong regional presence and modern technical infrastructure. Improvements in domain registration transparency and explicit security documentation would further enhance trust and compliance.

T

termin-direkt

termin-direkt.de

59

termin-direkt.de operates as a German-based SaaS platform specializing in online appointment booking and calendar management tailored for various industries including fitness, healthcare, coaching, beauty, education, and veterinary services. The platform offers automated reminders, multi-employee scheduling, and customizable booking interfaces, positioning itself as a mature and trusted solution with a significant monthly appointment volume and a broad customer base. The website is professionally designed, content-rich, and provides clear navigation and multi-language support, enhancing user experience and accessibility. Technically, the website leverages modern JavaScript libraries such as Swiper.js, integrates Google Analytics and Facebook Pixel for marketing and analytics, and is hosted on Amazon AWS infrastructure. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS, complies with GDPR, and implements a cookie consent mechanism, though it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious content were detected. Overall, termin-direkt.de presents a low-risk profile with strong business credibility and privacy compliance. The absence of a formal security policy and vulnerability disclosure channel represents an area for improvement. The domain WHOIS data aligns well with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen trust and security posture.

M

meettle GmbH

miracode.io

45

MIRAcode, operated by meetle GmbH, is a specialized technology service provider focusing on consulting and production of interactive applications, leveraging gamification and modern digital technologies such as AR, VR, and game engines like Unreal and Unity. The company targets businesses and organizations seeking innovative digital solutions to enhance engagement and learning experiences. The website demonstrates a professional and consistent brand presence with a clear portfolio of projects and services, indicating a niche market position in gaming technology solutions. Technically, the website is built on WordPress with Elementor, utilizing modern web technologies and frameworks. The infrastructure appears stable with moderate performance and good mobile optimization. However, there is room for improvement in accessibility and SEO features. The hosting provider is not explicitly stated but DNS records indicate Microsoft Online services. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and security headers, which are recommended to enhance protection. No explicit privacy, cookie, or security policies are published, and no incident response or vulnerability disclosure information is available, indicating gaps in compliance and transparency. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security best practices, and clearer contact and policy information to improve user trust and regulatory adherence.

E

ELEVEN sportswear

eleven-sportswear.cz

57

ELEVEN sportswear is a Czech-based manufacturer and retailer specializing in sportswear products primarily for cyclists and runners. The company operates an official e-commerce platform offering a wide range of products including clothing for men, women, and children, as well as accessories such as caps, gloves, and socks. The website is professionally designed, supports multiple languages (Czech, English, German), and provides clear navigation and product categorization. The business model focuses on direct online sales complemented by wholesale opportunities. The company maintains an active social media presence and integrates standard marketing and analytics tools to support its digital operations. Technically, the website is built on the Shoptet e-commerce platform, leveraging common web technologies such as JavaScript, jQuery, Google Tag Manager, and Facebook SDK. The site is served over HTTPS with a good SSL configuration and includes cookie consent mechanisms compliant with GDPR. Performance and mobile optimization are adequate, though some accessibility features could be improved. The site uses tracking pixels for marketing and analytics but respects user consent choices. From a security perspective, the website enforces HTTPS and includes CSRF protection on login forms. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, which could be enhanced. No vulnerabilities or exposed sensitive data were found in the analysis. The absence of WHOIS data limits domain trust assessment, but the website content and business presence suggest legitimacy. Overall, ELEVEN sportswear presents a trustworthy and professional online presence with a solid business focus on sportswear retail. Strategic improvements in security headers and transparency around security policies could further enhance trust and compliance.

Content Queen, operated by Ing. Veronika Honsová, is a specialized content marketing service provider based in the Czech Republic. The business focuses on delivering comprehensive content creation and strategy services including social media content, web content, copywriting, and workshops. The website presents a professional image with clear branding and client testimonials, positioning itself as a trusted niche player in the content marketing industry. Technically, the site uses modern web technologies such as Alpine.js and is hosted on websupport.cz, with moderate performance and good mobile optimization. Security posture is basic with HTTPS implied but lacks visible security headers and privacy compliance mechanisms. The absence of privacy and cookie policies represents a compliance gap. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fiskars

fiskars.com

64

Fiskars is a well-established international retail brand specializing in gardening tools, cookware, craft supplies, and scissors. The website presents a professional and consistent brand image targeting consumers interested in home and garden products. The business model is primarily e-commerce with a global presence, supported by localized country sites. Technically, the site uses modern JavaScript frameworks, analytics, and marketing tools such as Datadog RUM, Google Tag Manager, Exponea, and Klarna for payment services. The site is hosted behind Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and user input masking in analytics, though explicit security headers and policies are not evident in the provided content. Privacy compliance is basic with consent mechanisms but lacks visible privacy and cookie policies in the analyzed HTML snippet. WHOIS data is missing or unavailable, which reduces transparency but does not contradict the legitimacy of the brand. Overall, the site is professional, secure, and trustworthy with room for improvement in explicit privacy disclosures and security documentation.

H

H₂ercules Initiative

h2ercules.com

73

The H₂ercules initiative website represents a collaborative project focused on developing a hydrogen infrastructure network in Germany, involving major energy companies such as RWE and Open Grid Europe. The site provides detailed information about hydrogen production, import options, transport, storage, and consumption, targeting industrial stakeholders and policymakers. The digital infrastructure is built on Sitecore CMS with modern frontend technologies and includes GDPR-compliant privacy and cookie management. Security posture is good with HTTPS and consent management, though explicit security policies and incident response information are absent. The missing WHOIS data for the domain is a notable concern for domain legitimacy verification, but the professional content and partner associations support trustworthiness. Overall, the website is well-designed, informative, and serves as a credible platform for the hydrogen initiative.

The RWE Foundation website represents a corporate social responsibility initiative by RWE AG, a major energy company based in Germany. The foundation focuses on sustainable social change through funding charitable projects, supporting education, and providing humanitarian aid. The website is professionally designed, multilingual (German and English), and provides clear navigation to key sections such as funding principles, projects, application forms, and contact information. The presence of an annual report and CEO statement adds to the trustworthiness and transparency of the foundation. Technically, the website is built on the Sitecore CMS platform, utilizing modern web technologies including JavaScript, CSS, and HTML5. It integrates Usercentrics for cookie consent management and Etracker for analytics, demonstrating compliance with GDPR and privacy best practices. The site is mobile-optimized and accessible, with good SEO and performance characteristics. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms effectively. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is unusual but the website's professional presentation and corporate backing mitigate concerns. Overall, the site demonstrates a solid security posture with room for improvement in transparency and security policy publication. The overall risk assessment is low, with recommendations to enhance security headers, publish a security policy and incident response contacts, and consider adding a vulnerability disclosure or security.txt file to improve trust and security culture.

R

RWE Turcas Güney Elektrik Üretim A.Ş.

rwe-turcas.com

64

RWE Turcas Güney Elektrik Üretim A.Ş. is a joint venture between the German utility RWE AG and Turkish energy company Turcas, operating a large, efficient, and environmentally friendly gas-fired combined-cycle power plant in Denizli, Turkey. The company holds a significant market position supplying approximately 1.2% of Turkey's electricity and operates from multiple locations including Ankara, Istanbul, and Denizli. The website presents a professional and comprehensive overview of the business, its mission, and its operations, targeting stakeholders in the energy sector and the general public. Technically, the website uses modern web technologies including JavaScript, CSS, SVG, and UIkit framework, with integration of Google Tag Manager and Usercentrics for consent management. The site is mobile optimized, accessible, and SEO friendly, with good performance metrics. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers and incident response policies are not published. The security evaluation shows no critical vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a clear privacy policy and cookie consent. However, the WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration transparency and reduces overall trustworthiness. Despite this, the website content and branding align with a legitimate corporate entity. Overall, the site is professional, secure, and compliant with privacy regulations, but the lack of WHOIS data and explicit security policies suggests areas for improvement to enhance trust and security posture.

N

North East Combined Authority

northeast-ca.gov.uk

72

The North East Combined Authority (NECA) is a regional governmental body serving the North East England area, focusing on regional governance, economic development, and transport infrastructure. The website serves as an official portal for residents and stakeholders, providing information and resources related to the authority's activities. The site is positioned as a key regional government entity with a medium organizational size and a focus on public sector services. Technically, the website employs modern web technologies including Vue.js, jQuery, Google Tag Manager, Hotjar for analytics, and OneTrust for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some technical details such as hosting provider and CMS are not explicitly identified. Performance is moderate, with a professional design and clear navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies or vulnerability disclosures. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable due to .gov.uk domain privacy policies, but the domain's legitimacy is supported by its official government TLD and consistent branding. Overall, the website presents a trustworthy and professional digital presence for a government authority, with recommendations to enhance security posture by adding security headers, publishing security policies, and improving privacy policy visibility to strengthen compliance and user trust.

T

Tiny Technologies Inc.

tiny.cloud

73

Tiny Technologies Inc. operates the website tiny.cloud, offering the widely trusted TinyMCE WYSIWYG rich text editor, along with complementary products like MoxieManager and Drive for media and cloud file management. The company targets web developers and enterprises seeking advanced text editing solutions, positioning itself as a market leader with over 1.5 million developers relying on its technology. The business model combines SaaS offerings with licensing options, supported by comprehensive documentation and AI-powered tools to enhance user experience. Technically, the website is built on modern frameworks including React and Gatsby, hosted on AWS infrastructure, and integrates multiple marketing and analytics tools such as Google Tag Manager and Visual Website Optimizer. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs security headers, and uses CAPTCHA and consent management tools to protect user data and privacy. While DNSSEC is not enabled, the domain registration is consistent and secure, with clientTransferProhibited status preventing unauthorized transfers. No critical vulnerabilities or exposed sensitive data were detected, indicating a strong security posture. Overall, tiny.cloud presents a professional, trustworthy, and well-maintained online presence with strong business credibility and compliance with privacy regulations. Strategic recommendations include enabling DNSSEC, publishing a formal security policy, and establishing a vulnerability disclosure program to further enhance security transparency and resilience.

E

Equinor

statoil.com

77

Equinor is a large international energy company headquartered in Norway, employing approximately 25,000 people with offices in over 20 countries. The company focuses on delivering energy today while developing sustainable energy solutions for the future. The website reflects a mature digital presence with a professional design, modern technology stack including Next.js and React, and a comprehensive cookie consent mechanism indicating attention to privacy compliance. Security posture is strong with HTTPS enforced and no exposed sensitive data, though explicit security headers and detailed security policies are not evident. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the professional website and branding. Strategic recommendations include publishing clear privacy and security policies, adding security headers, and providing direct contact information for security and privacy inquiries.

Not a number is a Dutch digital agency specializing in knowledge digitization to reduce organizational dependency on specialists by making specialist knowledge accessible across the entire organization. Their market position is supported by over 100 partners and multiple detailed case studies showcasing successful digital transformation projects including product configurators, document configurators, and ERP integrations. The company targets businesses seeking to streamline and scale specialist knowledge digitally. Technically, the website uses a modern stack including React and WordPress as a headless CMS, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response information are not publicly available. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, supporting a positive business credibility profile.

C

Čtenářský deník k maturitě, pro základní školu - Čtenářský-deník.cz

ctenarsky-denik.cz

44

Čtenářský-deník.cz is a Czech educational website providing a large database of literary analyses, summaries, biographies, and study materials primarily targeted at students preparing for maturita exams and basic school students. The platform offers both free and paid downloadable content, positioning itself as a significant resource in the Czech educational market. Technically, the site employs a traditional web stack with JavaScript, jQuery, and integrates multiple third-party advertising and analytics services including Google Tag Manager, Google Analytics, and Gemius Audience. While the site is accessible and functional with a good user experience, it uses an outdated jQuery version and lacks some modern security headers and explicit security policies. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, reflecting GDPR awareness. The absence of WHOIS data limits domain trust assessment, but the website's content and partner ecosystem suggest legitimacy. Overall, the site scores moderately well in content quality, technical implementation, security posture, privacy compliance, and business credibility.

B

Bundesministerium für Arbeit und Soziales (BMAS)

esf.de

62

The website www.esf.de is the official portal for the European Social Fund (ESF) in Germany, operated by the Bundesministerium für Arbeit und Soziales (BMAS). It serves as a comprehensive information and service platform providing details on funding programs, social integration, employment initiatives, and related EU projects. The site targets a broad audience including employees, unemployed persons, educational institutions, entrepreneurs, families, and other social groups. It is positioned as a key government resource for promoting employment and social cohesion through EU funding mechanisms. Technically, the site is built on the Government Site Builder CMS and employs modern web technologies such as jQuery, Bootstrap, RequireJS, and integrates a consent management platform (Consentmanager.net) for GDPR compliance. Analytics are handled via Etracker, with scripts loaded asynchronously to optimize performance. The site is mobile-optimized, accessible, and SEO-friendly, with clear navigation and consistent branding. From a security perspective, the site enforces HTTPS and uses a consent management platform to handle privacy and cookie policies. While explicit security headers are not visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerabilities detected. The WHOIS data aligns with a legitimate government domain, showing consistent registration and authoritative name servers. Overall, the website demonstrates a high level of professionalism, compliance, and trustworthiness, making it a reliable source for information on the European Social Fund in Germany.

N

NBank

nbank.de

67

NBank is the official investment and development bank of the German state of Niedersachsen, providing a broad range of funding programs, consulting, and support services to individuals, companies, municipalities, and institutions within the region. The website reflects a strong government affiliation with clear communication of its mission to foster growth and quality of life in Niedersachsen. The digital infrastructure is modern and well-implemented, featuring responsive design, accessibility considerations, and integration with consent management and analytics tools. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response information are not publicly disclosed. Overall, the website presents a trustworthy and professional front for a large government entity.

R

Redeleit und Junker

redeleitundjunker.de

51

Redeleit und Junker is a German design and branding agency specializing in transforming ideas into remarkable brands through services such as branding, web design, print, packaging, photography, and online marketing. The company targets businesses seeking professional creative services and maintains a consistent brand presence online. The website is built on WordPress and integrates modern marketing and analytics tools including Google Tag Manager, Hotjar, and Cookiebot, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the website is professional, compliant with GDPR, and trustworthy, with room for improvement in accessibility and explicit security disclosures.

C

Cobot

cobot.me

73

Cobot is a well-established technology company founded in 2010, specializing in coworking space management software. Their platform offers a comprehensive suite of tools including mobile apps, booking systems, invoicing, access control, analytics, and member management. Serving over 90 countries, Cobot positions itself as an intuitive and scalable solution for coworking operators. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site leverages modern web technologies and frameworks, including Ruby on Rails and Google Tag Manager, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS, CSRF protections, and cookie consent mechanisms, though explicit security policies and vulnerability disclosure pages are absent. WHOIS data is unavailable due to query failure or privacy protection, but the website's consistency and trust signals support legitimacy. Overall, Cobot presents a credible and professional SaaS business with a solid market position in the coworking software industry.

Luna Giro is a regional online platform affiliated with Sparkasse Lüneburg, offering a suite of financial and lifestyle services including banking account models, cashback programs, travel booking, and ticketing services. The website targets consumers in the Lüneburg region, providing localized benefits and incentives. Technically, the site employs modern web technologies such as the Ionic framework, Font Awesome icons, and integrates Google Tag Manager and Usercentrics for analytics and consent management. The hosting includes Amazon S3 for static assets, indicating a hybrid hosting approach. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and detailed security policies are absent. Contact information is clearly presented, and the site maintains a professional design with good mobile optimization. Overall, the website is trustworthy and well-positioned within its regional banking and service niche.

K

KEDGE Business School

kedgebs.com

68

KEDGE Business School is a leading French business and management educational institution with campuses in Marseille, Bordeaux, Paris, and Toulon. It offers a range of programs including bachelor, master, and specialized master's degrees targeting students, professionals, and corporate clients. The school holds triple accreditation (AACSB, EQUIS, AMBA), reinforcing its market position and credibility. The website reflects a professional and comprehensive digital presence with clear navigation and multilingual support. Technically, the site employs modern analytics and marketing tools such as Google Tag Manager, Hotjar, and Kameleoon, ensuring data-driven insights and user experience optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security and incident response policies are not publicly detailed. Privacy compliance is robust, featuring cookie consent mechanisms and a comprehensive privacy policy aligned with GDPR requirements. Overall, the website demonstrates a mature digital infrastructure supporting the institution's business goals and reputation.

C

Clarksons

clarksons.com

73

Clarksons is a leading global maritime consultancy and shipping services provider, recognized as the world's biggest in this sector. Their comprehensive service portfolio includes ship broking, research, finance, digital tools, port services, and green transition advisory, serving clients across 24 countries. The website reflects a mature digital presence with professional design, clear navigation, and multimedia integration, supporting a strong brand image and user engagement. Technically, the site employs modern web technologies and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers are not evident and WHOIS data is missing, which warrants further investigation. Overall, the site demonstrates high professionalism and trustworthiness, with room for improvement in transparency of registrant data and security disclosures.

D

Dräger Nederland B.V. - Marine & Offshore

draeger-mo.com

62

Dräger Nederland B.V. - Marine & Offshore is a well-established company with over 135 years of experience providing high-quality firefighting, rescue, and safety equipment tailored for marine and offshore industries. Their product portfolio includes fire fighting equipment, rescue gear, safety devices, medical equipment, and comprehensive training services. The company positions itself as a reliable B2B supplier and service provider, supporting clients with installation, maintenance, and certification services. The website reflects a professional and consistent brand image, targeting companies and professionals in the marine and offshore sectors primarily in the Netherlands and internationally. Technically, the website is built with modern web standards, including responsive design and secure HTTPS connections. The site uses Google Fonts and custom JavaScript and CSS but does not reveal a specific CMS. Hosting and domain registration are consistent with the business identity, with DNS hosted by TransIP and domain registered via Key-Systems GmbH. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited status on the domain to prevent unauthorized transfers. However, DNSSEC is not enabled, and security headers are not explicitly detected, representing areas for improvement. No security policy or incident response contact information is published, and no vulnerability disclosure program is evident. Forms include CSRF tokens, indicating some security awareness. Overall, the website is trustworthy, professional, and compliant with privacy regulations, including GDPR, as evidenced by comprehensive privacy and cookie policies with consent mechanisms. The business credibility is strong, supported by certifications and a long-standing market presence. Minor technical and security enhancements could further strengthen the site’s posture.

D

Damen Shipyards Group

damen.com

77

Damen Shipyards Group is a globally recognized family-owned maritime company established in 1927, specializing in shipbuilding, ship repair, and marine equipment supply. The company positions itself as a leader in sustainable and connected shipbuilding, serving diverse markets including defense, offshore energy, public transport, and dredging. Damen operates a large network of shipyards and service hubs worldwide, emphasizing client-driven innovation and lifecycle support services. Technically, the Damen website employs modern web technologies such as React and Next.js, ensuring a responsive and accessible user experience. The site features comprehensive content, multimedia elements, and clear navigation, reflecting a mature digital infrastructure. Privacy and cookie compliance are well implemented, with consent mechanisms and GDPR-aligned policies. From a security perspective, the website enforces HTTPS, utilizes robust security headers, and avoids exposing sensitive data. No critical vulnerabilities were detected in the visible content or scripts. However, the absence of WHOIS registration details is notable and warrants caution, although the website's professional presentation and extensive business information support its legitimacy. Overall, Damen Shipyards Group presents a strong business and digital presence with a high level of trustworthiness and security maturity. Continued vigilance on domain registration transparency and public vulnerability disclosure would further enhance their security posture.

C

Copernica BV

copernica.com

72

Copernica BV is a Netherlands-based technology company specializing in marketing automation and email marketing software. Their platform offers a flexible multichannel marketing solution that enables organizations to create, manage, and optimize campaigns across email, SMS, web, and social channels. With over 20 years of experience, Copernica positions itself as a reliable and advanced provider in the marketing automation space, targeting marketing teams, CRM managers, and organizations focused on customer relationships. The company also owns subsidiary products such as MailerQ and SMTPeter, which cater to high-volume email delivery and cloud SMTP services respectively. Technically, the website demonstrates a mature digital infrastructure with modern JavaScript frameworks, Google Tag Manager, reCAPTCHA v3 for bot protection, and a well-structured SEO-friendly design. The site is mobile-optimized, fast-loading, and uses JSON-LD structured data to enhance search engine visibility. Security best practices are partially implemented, including HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly available. From a security perspective, the website shows a good posture with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data raises some transparency concerns, though the overall legitimacy is supported by consistent business information and a professional online presence. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent. Overall, Copernica presents a trustworthy and professional business with a strong market position in marketing automation. Strategic improvements in security transparency and WHOIS data availability would further enhance trust and compliance.