Security Directory

F

Fontstore Ltd.

fontstore.com

57

Fontstore.com is a specialized e-commerce platform offering premium font distribution services, primarily targeting designers and businesses requiring multilingual font solutions. The company, Fontstore Ltd., has been operating since 2003, positioning itself as a niche player in the font licensing market with a focus on quality and language diversity. The website is professionally designed with good navigation and content relevance, supporting a positive user experience for its target audience. Technically, the site employs modern JavaScript frameworks, likely Vue.js, and integrates Stripe for secure payment processing. Hosting is provided via GoDaddy, and the domain is well-established with standard domain status protections. Performance and mobile optimization are adequate, though accessibility features are basic. SEO practices appear solid with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS and Stripe for payments, which is a strong positive. However, it lacks DNSSEC, visible security headers, and formal privacy or cookie policies, which are important for compliance and trust. No incident response or vulnerability disclosure information is present, indicating room for improvement in security transparency and readiness. Overall, the website is legitimate and professionally maintained but would benefit from enhanced privacy compliance, security headers, and clearer contact information to improve trust and regulatory adherence.

O

OTTO

otto.de

69

OTTO is a major German e-commerce company specializing in fashion, furniture, and technology products. The website presents a professional and comprehensive online shopping platform targeting general consumers in Germany. It offers various services such as installment purchases, purchase on account, old device take-back, and assembly services, positioning itself as a large enterprise in the retail sector. The technical infrastructure leverages modern JavaScript modules, Akamai CDN for hosting, and OneTrust for cookie consent management, indicating a mature digital presence with good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent, but lacks explicit security policies and vulnerability disclosures. Overall, the website is trustworthy and professionally maintained, though improvements in transparency around privacy and security policies are recommended.

F

FGC.Network

fgc.network

66

FGC.Network is a niche social networking platform dedicated to the fighting game community, providing a local timeline and community interaction features within the fediverse ecosystem. The platform leverages open source Soapbox software and cloud storage via Wasabi, indicating a modern and scalable technical infrastructure. The website demonstrates good design quality, mobile optimization, and user experience tailored to its target audience of fighting game enthusiasts. Security posture is solid with HTTPS enabled, though the absence of security headers and privacy policies suggests room for improvement in compliance and protection. Overall, the domain appears legitimate despite privacy-protected WHOIS data, which is common for community platforms. Strategic recommendations include enhancing privacy compliance, adding security headers, and providing clear contact and incident response information to strengthen trust and security culture.

D

Deutsche Handelskammer für Spanien

ahk.es

65

The Deutsche Handelskammer für Spanien (German Chamber of Commerce for Spain) operates as a bilateral chamber supporting German-Spanish economic relations. It offers a broad range of services including market entry consulting, business development, legal and tax advisory, certification, and event organization. The website targets companies and professionals interested in fostering business ties between Germany and Spain, positioning itself as a trusted intermediary with strong governmental and industry partnerships. Technically, the site is built on the Ibexa DXP CMS platform, employs modern JavaScript frameworks, and integrates Piwik PRO for analytics, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant cookie consent mechanisms. No critical vulnerabilities or suspicious content were detected, and the WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the site demonstrates a professional, secure, and user-friendly digital presence suitable for its business objectives.

P

Pegasus Spiele

pegasus.de

69

Pegasus Spiele is a German-based game publisher and retailer specializing in board games, card games, role-playing games, and related accessories. The company maintains a well-structured e-commerce website built on the Shopware platform, offering a broad product catalog and community engagement through events and news. The website demonstrates a good level of technical maturity with modern technologies, mobile optimization, and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit privacy policies and security headers are lacking. The absence of direct contact information and formal security policies suggests room for improvement in transparency and compliance. Overall, the site is professional, trustworthy, and serves a general audience with family-friendly content.

KOSMOS Verlag is a well-established German publishing company specializing in games, children's and youth books, experiment kits, and related educational products. The website reflects a professional e-commerce platform targeting families, children, and hobbyists interested in educational and entertainment products. The site uses modern web technologies including JavaScript modules, AJAX for search suggestions, and integrates a consent management platform (Usercentrics) to comply with privacy regulations. Google Tag Manager is used for analytics and marketing purposes. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a published security policy are absent. WHOIS data is minimal, lacking detailed registrant information, which slightly reduces domain trustworthiness but does not contradict the website's legitimacy. Overall, the site is safe, family-friendly, and professionally maintained.

O

OSM Town

osm.town

67

OSM Town operates as a specialized Mastodon instance serving the OpenStreetMap community within the Fediverse. It provides a social networking platform tailored for OpenStreetMap enthusiasts, supported by funding from the OpenStreetMap Foundation. The website's market position is niche, focusing on community engagement rather than commercial services. The platform leverages modern web technologies including React and Mastodon's backend, ensuring a responsive and user-friendly experience across devices. However, some technical aspects such as explicit security headers and privacy compliance mechanisms could be improved. Security posture is moderate, with HTTPS implied but lacking visible advanced security headers or incident response information. Overall, the site is trustworthy and safe, with no adult or questionable content detected, but the absence of WHOIS data and contact information slightly reduces business credibility.

Z

ZDF

zdf.de

65

ZDF is a major German public television broadcaster offering a comprehensive streaming portal with films, series, documentaries, and live TV. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Next.js and Apollo GraphQL, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly presented in the analyzed content. The domain is legitimate and consistent with the broadcaster's identity, though registrant details are restricted due to DENIC policies. Overall, the site serves a broad general audience with high-quality media content.

P

PlanD

pland.app

67

PlanD is a specialized SaaS provider offering an all-in-one cloud-based software solution tailored for commercial cleaning companies primarily in Germany, Austria, and Switzerland. The platform integrates shift planning, time tracking, payroll, invoicing, and other administrative functions to streamline operations and support business growth. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting cleaning businesses and their employees. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, PostHog analytics, and cookie consent management, ensuring good performance and compliance with GDPR. Security posture is strong with HTTPS, security headers, and encrypted communications, though explicit security policies and incident response information are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

NetOnNet is a large Swedish e-commerce retailer specializing in consumer electronics, offering a wide range of products including computers, gaming, TV, audio, home appliances, and personal care items. The website targets Swedish consumers with content in Swedish and emphasizes competitive pricing and membership benefits. Technically, the site is built using modern frameworks such as Next.js and React, with responsive design and optimized images for performance. Security posture is solid with HTTPS and cookie consent mechanisms in place, although explicit security headers and privacy policies are not clearly visible in the provided content. The WHOIS data for the subdomain is unavailable, but this is typical as WHOIS is registered at the domain level. Overall, the site presents a professional and trustworthy online retail platform.

ServiceNow is a leading enterprise cloud company specializing in AI-powered workflow automation and IT service management solutions. Their website demonstrates a strong market position with comprehensive product offerings targeting enterprises and IT professionals. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS, Akamai CDN, and advanced JavaScript frameworks, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS enforcement, strong security headers, and secure authentication integrations. Privacy and cookie policies are comprehensive and GDPR compliant, though explicit security policy and incident response information are not publicly detailed. Overall, the website reflects a mature, professional enterprise with high trustworthiness and digital maturity.

J

JouwWeb B.V.

webador.be

61

Webador is a well-established technology company founded in 2009, specializing in providing an AI-powered website builder platform tailored for small businesses and entrepreneurs, primarily in Belgium and other European markets. The platform offers comprehensive services including website creation, e-commerce capabilities, domain registration with .BE domains included, professional email services, and SEO optimization. The company maintains a strong market position with over 290,000 users and a high Trustpilot rating, reflecting customer satisfaction and trust. Technically, Webador employs modern web technologies including JavaScript, Google Tag Manager, and responsive design principles ensuring excellent mobile optimization and fast performance. The platform uses proprietary CMS technology and integrates third-party services such as Vimeo for video content and SpeedCurve for performance monitoring. Privacy and cookie consent mechanisms are implemented in compliance with GDPR standards. From a security perspective, the website enforces HTTPS and secure form handling with password strength indicators. However, it lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Webador presents a professional, trustworthy, and technically sound online presence with strong business credibility. The absence of WHOIS data is due to .be domain registry policies and does not detract from the legitimacy of the business. Strategic recommendations include improving security header implementation and publishing a formal security policy to further strengthen trust and compliance.

O

OWIBA AG

iba.ch

69

OWIBA AG operates the website iba.ch, the largest B2B office supplies distributor in Switzerland, offering over 13,000 products with next-day delivery and professional consulting services. The company targets business customers with a comprehensive e-commerce platform featuring a broad product catalog and loyalty programs. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and Dynamic Yield for personalization and analytics, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though a dedicated security policy and incident response information are absent. Privacy compliance is robust with clear cookie consent and GDPR-aligned privacy policies. Overall, the site demonstrates high professionalism, trustworthiness, and market credibility.

W

webways AG

spitexjobs.ch

69

spitexjobs.ch is a specialized online job portal dedicated to the Spitex healthcare sector in Switzerland, connecting job seekers with Spitex organizations. The platform offers comprehensive job listings, employer profiles, and advanced search and filtering capabilities tailored to healthcare roles such as ambulatory care and specialized nursing. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and relevant content for its target audience. Technically, the site employs modern JavaScript frameworks, integrates analytics via Matomo and Google Tag Manager, and uses Sentry for error monitoring, reflecting a mature digital infrastructure. Security is robust with HTTPS enforced, appropriate security headers, and privacy compliance including GDPR-aligned privacy and cookie policies with user consent mechanisms. No critical vulnerabilities or suspicious content were detected, and WHOIS data confirms the domain's legitimacy and consistency with the business profile. Overall, the site demonstrates a strong security posture, good privacy practices, and a credible business presence in the Swiss healthcare job market.

A

Allgemeiner Deutscher Automobil-Club e.V.

adac.de

71

The Allgemeiner Deutscher Automobil-Club (ADAC) is a well-established German automobile club providing a wide range of services including membership benefits, insurance products, travel planning, vehicle leasing, and roadside assistance. The website serves as a comprehensive portal for these services, targeting automobile owners, travelers, and insurance customers primarily in Germany. ADAC holds a strong market position as a leading mobility service provider with a large membership base and multiple subsidiaries supporting its operations. Technically, the website employs modern web technologies such as React and Webpack, with a focus on performance, accessibility, and mobile optimization. The use of Kameleoon indicates active engagement in personalization and A/B testing to enhance user experience. Hosting appears to be managed by a reputable provider, and the site uses HTTPS with strong security headers, reflecting a mature digital infrastructure. From a security perspective, ADAC demonstrates good practices including HTTPS enforcement, security headers, and secure form implementations. However, there is no explicit public vulnerability disclosure policy or incident response contact, which could be improved to enhance transparency and readiness. Privacy compliance is strong with comprehensive privacy and cookie policies aligned with GDPR requirements. Overall, the website is professional, trustworthy, and secure, supporting ADAC's business credibility and user trust. Strategic recommendations include publishing a vulnerability disclosure policy, enhancing incident response transparency, and continuous security audits of third-party scripts to maintain and improve security posture.

D

Delius Klasing Verlag GmbH

yacht.de

61

YACHT.de is the digital presence of Delius Klasing Verlag GmbH, Europe's largest magazine dedicated to sailing. The website offers extensive content including yacht models, equipment, travel and charter guides, regatta news, and a used boat market. It targets sailing enthusiasts primarily in Germany and Europe, providing both free and premium subscription content alongside e-commerce services. The site is built on modern web technologies including React and Next.js, with Shopify integration for commerce. Social media channels are actively linked, enhancing brand reach. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit privacy and cookie policies are missing from the homepage content. Overall, the site is professional, content-rich, and well-positioned in the sailing media market.

E

Eurotrek

eurotrek.ch

74

Eurotrek is a Swiss-based travel company specializing in tailor-made active holidays, primarily cycling and hiking tours across Switzerland and Europe. The company targets active travelers seeking self-guided and guided tours with luggage transport services. Their market position is that of a niche operator with a strong focus on quality and customer satisfaction, supported by positive user ratings and professional digital presence. Technically, the website is built using modern web technologies including React and employs good SEO and accessibility practices. The site is mobile-optimized and features rich multimedia content such as autoplay videos and adaptive images. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks visible incident response or security policies. Privacy compliance is mostly met with a comprehensive privacy policy and GDPR adherence, though a cookie consent mechanism is missing. Overall, the website is professional, trustworthy, and well-suited for its business purpose.

R

Romberg

romberg.de

51

Romberg operates a professional e-commerce platform specializing in gardening and cultivation products, targeting hobbyists and small-scale gardeners primarily in Germany. The website offers a broad product range including greenhouses, seedling pots, substrates, and sustainable gardening accessories, with a dedicated B2B dealer area indicating a dual business model. The company positions itself as a niche retailer focusing on sustainable and innovative gardening solutions. Technically, the website uses modern JavaScript, SVG icons, and integrates PayPal for payments, likely built on the Shopware CMS platform. The site is mobile-optimized with moderate performance and basic accessibility features. Security posture is good with HTTPS enforced and IP anonymization in Google Analytics, but lacks explicit security headers and published security policies. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy or cookie policies. Contact information and incident response details are not clearly provided, which could impact user trust. Overall, the website is safe, professional, and trustworthy for general audiences.

K

Kiepenkerl

kiepenkerl.de

52

Kiepenkerl operates a professional e-commerce platform specializing in seeds, flower bulbs, plants, and related gardening products. The website targets both retail consumers and B2B customers, positioning itself as a premium brand within the German gardening market. The platform offers a broad range of product categories and supports customer engagement through structured navigation and search capabilities. Technically, the website is built on a modern e-commerce framework (Shopware 6) and integrates multiple analytics and marketing tools such as Matomo, Google Tag Manager, and Facebook Pixel. The site is hosted on servers associated with kasserver.com and uses HTTPS with a good SSL configuration. Security measures include the use of Friendly Captcha to mitigate bot activity and a cookie consent mechanism to comply with basic privacy requirements. However, explicit privacy policies, terms of service, and contact information are not found in the provided content, which limits full compliance and trust transparency. Overall, the website demonstrates a solid technical foundation and business credibility but would benefit from enhanced privacy disclosures and security header implementations.

C

CEWE

cewe.de

62

CEWE operates a large-scale e-commerce platform specializing in personalized photo products such as photobooks, calendars, greeting cards, and photo gifts. The website targets a broad consumer audience primarily in Germany and other German-speaking countries, offering a comprehensive range of photo printing services. The company is positioned as a leading European photo service provider with a strong brand presence and consistent digital branding across its platforms. Technically, the website employs modern web technologies including ES modules, custom web components, and advanced tracking and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and published security policies are absent. The site demonstrates extensive user tracking for marketing and analytics purposes, balanced with a consent management platform to address privacy compliance. Overall, the website is professional, trustworthy, and well-optimized for user experience, though it could improve transparency around privacy and security policies.

H

Heldenschmiede Bremen GbR

heldenschmiede-bremen.de

57

Heldenschmiede Bremen GbR is a small education and coaching business based in Bremen, Germany, specializing in workshops, seminars, and coaching services aimed at personal and professional development. The company positions itself as a niche provider focused on empowering individuals and teams to unlock their potential and achieve meaningful change. Their offerings include business coaching, life school programs, speaker training, and events with keynote speakers. The website reflects a professional and consistent brand image with clear service descriptions and event schedules. Technically, the site is built on modern web technologies including React and Next.js, hosted on a custom CMS platform, and optimized for performance and mobile devices. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. Privacy compliance is strong with a comprehensive privacy policy and cookie banner. Contact information is clearly presented with multiple channels. Overall, the website is trustworthy, well-maintained, and suitable for its target audience.

J

Jaguar Land Rover Limited

jaguar.sk

65

Jaguar Land Rover Limited operates the www.jaguar.sk website as a localized digital presence for the Slovakian market, showcasing their premium automotive brand and vehicle offerings. The site provides detailed vehicle information, servicing options, and approved used vehicle programs, targeting consumers interested in Jaguar vehicles in Slovakia. The website is built on a modern technical stack including Adobe Experience Manager CMS, Google Tag Manager, and Adobe Helix RUM for performance monitoring, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit privacy policies and security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

V

Vercorin

vercorin.ch

64

Vercorin.ch is a professionally developed tourism website dedicated to promoting the Vercorin region in Switzerland. It offers comprehensive information on accommodation, activities, events, and practical visitor details, targeting tourists and families interested in outdoor and cultural experiences. The site integrates booking and reservation services through partner domains and maintains a consistent brand presence with official regional partners and media. Technically, the site uses a modern JavaScript stack with Google Tag Manager, reCAPTCHA, and a custom CMS platform (MyCity Tourism Information System). The website is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and reCAPTCHA, though explicit security headers and privacy policies are missing, representing compliance gaps. No direct contact emails or phone numbers are exposed, relying on a contact form. Overall, the site is trustworthy and well-positioned as a regional tourism portal but should improve privacy and security disclosures.

H

Hapag-Lloyd Cruises

hl-cruises.de

67

Hapag-Lloyd Cruises operates a premium luxury and expedition cruise service targeting discerning travelers seeking unique maritime experiences. The website is professionally designed with a clear focus on luxury cruises and expedition travel, offering services such as travel concierge and pre/post cruise programs. The company maintains a strong market position in the luxury cruise sector in Germany, supported by a consistent brand presence and active social media channels. Technically, the website employs modern web technologies including Google Tag Manager for analytics, Friendly Captcha for form security, and OneTrust for cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, though no major CMS or hosting provider details are explicitly detected. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site uses HTTPS and implements captcha protections, but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is basic with cookie consent but no visible privacy or terms of service pages in the analyzed snapshot. Overall, the website is trustworthy and professional with a strong business credibility score. Recommendations include enhancing security headers, publishing privacy and security policies, and adding vulnerability disclosure information to improve transparency and compliance.

R

República Portuguesa

gov.pt

66

The website gov.pt serves as the official digital portal for the Portuguese government, providing citizens, residents, and businesses with access to a wide range of public services and institutional information. It holds a strong market position as the primary gateway for government digital services in Portugal, targeting a broad audience including individuals and economic entities. The portal's business model revolves around government digital transformation and public service delivery online. Technically, the site leverages modern web technologies such as React and Next.js, ensuring fast performance, mobile optimization, and accessibility compliance. The infrastructure appears robust, with secure HTTPS connections and comprehensive security headers, reflecting a mature digital presence. From a security perspective, the portal demonstrates a solid posture with enforced HTTPS, security best practices, and no visible vulnerabilities. However, explicit security policies and incident response details are not prominently published, which could be improved to enhance transparency and trust. Overall, the risk assessment is low given the official nature, strong security measures, and compliance with privacy regulations. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing data protection officer visibility to further strengthen trust and compliance.

A

Aruba PEC S.p.A.

pec.it

79

Aruba PEC S.p.A. operates a comprehensive Italian platform offering certified digital services including certified email (PEC), digital signatures, electronic invoicing, digital preservation, and SPID identity services. The company is a market leader in Italy with a strong enterprise presence and a broad portfolio targeting businesses, professionals, and public administration. The website demonstrates a mature technical infrastructure leveraging ASP.NET, modern JavaScript libraries, and robust analytics and consent management tools. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance evident. No critical vulnerabilities or suspicious indicators were found. Overall, the site reflects a professional, trustworthy, and well-maintained digital presence suitable for its business domain.

S

Sveriges Kommunikationsbyråer

komm.se

57

Sveriges Kommunikationsbyråer (Komm) is a well-established Swedish industry association founded in 2004, serving communication agencies and companies involved in marketing, PR, design, digital media, and related fields. The organization provides membership services, industry news, educational resources, events, and legal guidance to its members, positioning itself as a key player in Sweden's communication sector. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the site is built on WordPress with modern SEO tools like Yoast SEO and uses Plausible Analytics for privacy-conscious visitor tracking. The site is mobile-optimized, accessible, and performs moderately well. Hosting and domain registration are stable and consistent with the business profile, with no signs of suspicious activity or privacy protection that would obscure legitimacy. From a security perspective, the site enforces HTTPS and uses secure forms but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy and GDPR adherence, though a cookie consent mechanism is missing. Overall, the website is trustworthy, professional, and well-maintained, with minor recommendations to enhance security headers and cookie consent to further improve compliance and security posture.

P

Pytek Ltd.

pytek.bg

43

Pytek Ltd. is a Bulgarian technology company specializing in software development services including dedicated teams, project management, web and mobile development, quality assurance, system integrations, UI/UX design, and DevOps & security. The company targets businesses seeking tailored IT solutions and has a portfolio featuring notable clients, indicating a solid market position in the regional technology sector. The website is professionally designed with modern front-end technologies and provides clear contact information across multiple office locations in Bulgaria and Germany. Technically, the site uses libraries such as Barba.js for page transitions and Swiper.js for sliders, hosted on Google Domains nameservers, indicating a reliable infrastructure. Security posture is moderate with HTTPS presumably enabled but lacking explicit security headers and privacy compliance documentation. No WAF or blocking mechanisms were detected, and the site content is safe and business-focused. WHOIS data is privacy protected due to GDPR, consistent with the business type and location. Overall, the website reflects a credible and professional technology service provider with room for improvement in privacy and security compliance.

BMW Motorrad Estonia operates as a regional portal for the BMW Motorrad brand, offering comprehensive information on motorcycles, accessories, events, and brand stories tailored for the Estonian market. The website reflects a premium brand image consistent with BMW Group's global standards, targeting motorcycle enthusiasts and potential buyers in Estonia. The business model focuses on retail sales, brand experience, and customer engagement through digital channels including an online store and event promotions. Technically, the site is built on Adobe Experience Manager, leveraging modern JavaScript frameworks, Adobe Analytics, and Akamai CDN for performance and scalability. The site is well-optimized for mobile and accessibility, with strong SEO practices and structured data enhancing search visibility. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though explicit privacy and security policies are not found, indicating room for compliance improvement. Overall, the domain registration and WHOIS data align with BMW Group's legitimacy and market presence, supporting high trustworthiness. Strategic recommendations include publishing clear privacy and terms of service pages, enhancing incident response transparency, and adding vulnerability disclosure mechanisms to strengthen compliance and user trust.

The website www.aem.live represents Adobe Experience Manager, a high-performance content management system designed to integrate with existing technologies such as Microsoft Office, Google Docs, and various CDN providers. The platform targets business owners, content authors, developers, and quality engineers, emphasizing speed, scalability, and ease of use. The site showcases strong branding, customer testimonials from reputable organizations, and partnerships with trusted digital leaders, positioning itself as an enterprise-grade CMS solution. Technically, the website employs modern web standards including HTML5, CSS3, vanilla JavaScript, and JSON-LD structured data. It uses a custom framework (Franklin) and serves optimized images in WebP format. The site is mobile-optimized and performs well, with a focus on SEO and accessibility. However, no explicit hosting provider or security headers were detected in the provided data. From a security perspective, the site uses HTTPS as indicated by canonical URLs but lacks visible security headers and published privacy or cookie policies. The WHOIS data is incomplete and malformed, which raises concerns about domain registration transparency and trustworthiness. No contact information or incident response channels are provided, limiting the ability to assess compliance and security readiness fully. Overall, the website is professional, content-rich, and technically sound but would benefit from improved transparency in domain registration, published privacy and security policies, and enhanced security header implementation to strengthen trust and compliance.

C

Cognizant Netcentric

netcentric.biz

68

Cognizant Netcentric is a large technology services company specializing in building digital customer experiences leveraging Adobe Experience Cloud. The company positions itself as a trusted advisor and partner to leading brands, offering services such as content supply chain optimization, customer journey management, and digital strategy. Their market position is reinforced by industry awards and sponsorships, including recognition as an Adobe Partner of the Year and Diamond Sponsor at Adobe Summit Germany 2025. Technically, the website employs modern web technologies including ES modules, responsive images, and Adobe's Franklin framework, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, providing an excellent user experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are absent. WHOIS data is unavailable, likely due to privacy protection, but the website's professional branding and trust signals mitigate concerns. Overall, the site demonstrates strong business credibility and technical maturity with minor areas for security and privacy improvement.

H

HackerOne

hackerone.com

89

HackerOne is a leading global platform specializing in offensive security, combining AI capabilities with a large community of security researchers to provide continuous vulnerability discovery and remediation. The company offers a comprehensive suite of services including AI Red Teaming, bug bounty programs, pentesting as a service, and vulnerability disclosure programs. Their market position is strong, supported by partnerships with major enterprises such as Salesforce, IBM, and Adobe. Technically, the website is built on Drupal CMS with modern tracking and marketing technologies, optimized for performance and mobile use. Security posture is robust with HTTPS, CSP nonce usage, and secure form handling, though some security headers could be explicitly confirmed. Privacy compliance is well addressed with clear policies and consent mechanisms. The absence of WHOIS data limits domain registration insights but does not detract from the overall legitimacy and professionalism of the business.

M

MoEngage

moengage.com

75

MoEngage is a leading SaaS platform specializing in insights-led customer engagement, enabling brands to analyze customer behavior and deliver personalized communication across multiple channels including web, mobile, and email. The company targets marketers, product owners, and developers within enterprise organizations, offering a comprehensive suite of services such as customer insights, cross-channel marketing, AI-driven personalization, and real-time transactional alerts. The website reflects a mature digital presence with strong branding, professional design, and extensive resources including industry reports and learning hubs. Technically, the website is built on WordPress with modern SEO and marketing tools like Yoast SEO Premium and HubSpot forms. It employs advanced JavaScript libraries such as Swiper.js for UI components and integrates Google Tag Manager for analytics. The site is mobile-optimized, fast-loading, and accessible, demonstrating a high level of digital maturity. From a security perspective, the site enforces HTTPS, includes anti-clickjacking measures, and likely uses standard security headers, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registrant data suggests privacy protection, which is common for commercial SaaS providers but warrants moderate caution. Overall, the security posture is strong but could be enhanced with more transparent policies. The overall risk assessment is low with recommendations to publish explicit security and incident response policies, implement a vulnerability disclosure program, and maintain regular audits of third-party integrations to sustain trust and compliance.

S

Stack Exchange Inc

stackexchange.com

69

Stack Exchange Inc operates a globally recognized network of community-driven Q&A websites, including Stack Overflow and over 170 other specialized communities. The platform serves a diverse audience of developers, professionals, academics, and enthusiasts, providing expert knowledge sharing across numerous domains. The business model combines community engagement with advertising and enterprise knowledge solutions, positioning Stack Exchange as a leader in the technology and education sectors. Technically, the website employs a modern and performant infrastructure leveraging Cloudflare DNS and CDN services, jQuery, and custom JavaScript assets. The site is well-optimized for mobile and accessibility, with a clean, professional design and clear navigation. The use of HTTPS and clientTransferProhibited domain status reflects a strong security baseline, although DNSSEC is not enabled, and explicit security policies are not published. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and domain transfer protection. However, the absence of a published security policy, incident response details, and vulnerability disclosure program represents an area for improvement. No critical vulnerabilities or suspicious activities were detected in the content or technical setup. Overall, Stack Exchange presents a trustworthy, high-quality platform with excellent content and user experience. Strategic enhancements in DNS security and transparency around security policies would further strengthen its security posture and compliance profile.

F

Fronius International

fronius.com

75

Fronius International is a well-established global company specializing in innovative solutions in welding technology, solar energy, and battery charging systems. The company targets industrial clients and energy sector professionals, positioning itself as a leader in these markets with a strong focus on efficiency and innovation. The website reflects a mature digital presence with a modern tech stack based on React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and comprehensive security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism and trustworthiness, although the absence of WHOIS data slightly impacts domain trust assessment.

P

Post- och telestyrelsen (PTS)

pts.se

62

Post- och telestyrelsen (PTS) is the Swedish government agency responsible for regulating electronic communications and postal services in Sweden. The website pts.se serves as an official information portal providing news, events, and resources related to its regulatory functions and digital inclusion initiatives. The agency holds a strong market position as the national authority in its sector, targeting Swedish citizens, businesses, and stakeholders involved in communication services. Technically, the website employs a modern and responsive design with a likely Episerver CMS backend, supported by custom JavaScript and SVG icons. Hosting is managed via Telia's DNS infrastructure, indicating a stable and reputable hosting environment. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are not explicitly observed. From a security perspective, the site uses HTTPS and a cookie consent mechanism aligned with GDPR requirements. However, DNSSEC is not enabled, and there is no public security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be improved with additional headers and transparency. The overall risk assessment is low, with the site showing high legitimacy, professional content, and compliance with privacy regulations. Strategic recommendations include enabling DNSSEC, publishing security policies, and enhancing HTTP security headers to further strengthen trust and resilience.

N

Nekki Limited

spine.game

46

Nekki Limited operates the official website for SPINE, a cyberpunk-themed single-player gun fu action game. The company targets gamers interested in fast-paced, cinematic combat experiences across multiple platforms including PlayStation, Xbox, Steam, and Epic Games. The website serves as a marketing and community engagement hub, offering game information, blog updates, social media links, and subscription options for related webtoon comics. Technically, the site is built on WordPress with modern SEO and tracking tools like Yoast SEO and Google Tag Manager, and it supports multiple languages for a global audience. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and cookie consent mechanisms. The domain registration is transparent and consistent with the business profile, indicating legitimacy. Overall, the website is professional, user-friendly, and well-positioned to support the game’s market presence.

C

Conplan GmbH

conplan.de

59

Conplan GmbH is a medium-sized German IT services company specializing in tailored IT consulting and services including DevOps, project management, software engineering, and managed services for Microsoft Office and Adobe Acrobat. The company benefits from over 40 years of experience and is part of the larger msg group, positioning it well in the German IT consulting market. The website is professionally designed, well-structured, and targets business clients seeking comprehensive IT solutions. Technically, the site uses modern web technologies including Google Tag Manager and Usercentrics for GDPR compliance, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

U

Universität Zürich

uzh.ch

64

Universität Zürich is a leading European research university offering the broadest range of academic programs in Switzerland. The website serves as a comprehensive portal for prospective and current students, staff, and researchers, providing detailed information on study programs, application processes, and university services. The site is well-structured with extensive navigation and professional branding consistent with a major educational institution. Technically, the site employs modern web technologies including jQuery, SVG icons, and Matomo analytics, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though explicit privacy and cookie policies are not clearly presented. Overall, the site is trustworthy and professional, serving a large academic audience with high-quality content and user experience.

B

Braze

braze.eu

65

Braze is a leading customer engagement platform that enables brands to deliver personalized, AI-powered, cross-channel messaging and journey orchestration. Positioned as a market leader, Braze leverages advanced AI technologies including predictive, generative, and agentic intelligence to optimize customer interactions at scale. The platform targets enterprise-level brands and marketers seeking to unify data and automate customer engagement with high precision. Technically, Braze employs a modern web stack with Next.js and React, integrates Google Tag Manager for analytics, and uses OneTrust for cookie consent management. The website is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security best practices are observed with HTTPS, security headers, and no visible vulnerabilities, although explicit incident response and vulnerability disclosure information are not publicly detailed. The security posture is strong with comprehensive privacy and cookie policies indicating GDPR compliance. The absence of WHOIS transparency slightly reduces trust but is mitigated by the company's strong industry presence, certifications, and customer testimonials. Overall, Braze presents a professional, trustworthy, and technically sound online presence suitable for enterprise clients. Strategic recommendations include publishing a dedicated vulnerability disclosure policy, enhancing incident response transparency, and maintaining continuous compliance updates to reinforce trust and security culture.

E

Euroart93 d.o.o

euroart93.hr

71

Mater.agency is a professional full-service digital agency based in Croatia, operating under the legal entity Euroart93 d.o.o. The company specializes in creating impactful digital experiences including branding, web design, mobile applications, and marketing strategies. Their client portfolio includes Fortune 500 companies and a diverse range of industries, positioning them as a reputable player in the digital technology sector. The website reflects a high level of digital maturity with modern design, multimedia content, and strong SEO practices. Technically, the site is built on WordPress with Yoast SEO, optimized for mobile, and uses modern web technologies such as SVG icons and embedded videos. Security posture is good with HTTPS enabled and cookie consent implemented, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the domain WHOIS is privacy protected but consistent with the business profile, supporting legitimacy. The site is safe for general audiences with no adult or suspicious content detected.

Kanton Basel-Stadt operates an official government website serving as the primary digital portal for residents, businesses, and visitors of the Basel-Stadt canton in Switzerland. The site provides comprehensive access to government topics, administrative services, and public information, positioning itself as an authoritative source for regional governance. The business model is focused on public service delivery and information dissemination. Technically, the website leverages modern web technologies including Nuxt.js and Tailwind CSS, ensuring a responsive and performant user experience across devices. The site demonstrates good accessibility and SEO practices, with structured data and Open Graph metadata enhancing content discoverability. From a security perspective, the site enforces HTTPS and uses modern frameworks, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is professionally designed, trustworthy, and well-positioned as a government portal. Strategic improvements in privacy disclosures, security headers, and incident response information would enhance its security posture and compliance.

M

Mixcloud

mixcloud.com

69

Mixcloud is a global media platform focused on audio culture, providing streaming services for music lovers, DJs, producers, and curators. It offers both free and subscription-based services, including Pro plans for creators and Premium plans for listeners. The platform positions itself as a community-driven alternative to algorithm-based music streaming, emphasizing curated content. Technically, Mixcloud employs modern web technologies such as React, Google Tag Manager, and Facebook SDK, hosted likely behind Cloudflare infrastructure, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and use of security-related scripts, though explicit security headers are not confirmed in the HTML. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given its professional presentation and comprehensive policies.

M

Mondo inc.

espreso.rs

46

Espreso.co.rs is a prominent Serbian online news portal operated by Mondo inc., offering a wide range of news, sports, entertainment, and lifestyle content targeted at the general Serbian-speaking audience. The website holds a strong market position as one of the fastest growing portals in the region, supported by a comprehensive content offering and a subsidiary lifestyle brand 'Glossy'. Technically, the site employs a modern advertising and analytics stack including Google Analytics, Gemius, and multiple ad networks, with a custom CMS platform. The site is mobile optimized and demonstrates good SEO and user experience practices. Security-wise, the site enforces HTTPS and GDPR-compliant consent management but lacks explicit published security policies and incident response contacts, which could be improved. Overall, the site is trustworthy, professionally maintained, and safe for general audiences.

B

BLKB Fund Management AG

blkb-fm.ch

64

BLKB Fund Management AG is a Swiss financial services company specializing in fund management and real estate investment advisory. It operates as a fully regulated entity under FINMA supervision and is a wholly owned subsidiary of the Basellandschaftliche Kantonalbank. The company targets qualified and institutional investors in Switzerland, offering sustainable property funds and comprehensive real estate advisory services. The website reflects a professional and consistent brand image with clear business information and a focus on transparency and compliance. Technically, the site uses modern web technologies, including a strict Content-Security-Policy, multiple analytics tools, and is optimized for mobile devices. Security posture is strong with HTTPS and CSP headers, though explicit security policies and incident response disclosures are absent. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy. Overall, the website and business demonstrate high credibility and trustworthiness within the Swiss financial sector.

S

SI - Schweizer Informatik Gesellschaft

swissinformatics.org

60

The Swiss Informatics Society (SI) is a well-established non-profit professional association dedicated to representing and supporting IT professionals across Switzerland. With a membership base of approximately 1500 IT experts, SI offers a broad range of services including specialized interest groups, high-level events such as the Swiss IT Congress, publications like the Digital Magazine, and certification programs such as IT Expert SI and SI Professional. The organization actively engages in policy advocacy and collaborates with national and international partners to promote IT education and professional standards. The website reflects a professional and consistent brand image targeting IT professionals and educators in Switzerland.

The Mastercard Center for Inclusive Growth is a social impact initiative and non-profit arm of Mastercard, dedicated to advancing sustainable and equitable economic growth and financial inclusion globally. Founded in 2014, it leverages Mastercard's business assets to support millions through grants, data analytics, partnerships, and thought leadership. The website is professionally designed, content-rich, and targets a global audience of social impact stakeholders, small businesses, and policymakers. Technically, the site uses modern frameworks such as Next.js and Builder.io CMS, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be explicitly verified and a vulnerability disclosure policy is absent. Overall, the site is trustworthy and aligned with Mastercard's brand, though WHOIS data is unavailable due to privacy or query issues. Strategic recommendations include enhancing security headers, publishing incident response contacts, and formalizing vulnerability disclosure.

M

Miles & More GmbH

miles-and-more.com

74

Miles & More GmbH operates Europe’s largest frequent flyer and awards program, offering customers the ability to earn and redeem miles across flights, hotels, rental cars, and merchandise. The website is professionally designed, leveraging Adobe Experience Manager and Adobe marketing tools to provide a seamless user experience. The platform targets frequent travelers and loyalty program members, positioning itself strongly in the transportation sector with a large user base. Technically, the site is modern, mobile-optimized, and integrates advanced analytics and personalization frameworks. Security posture is solid with HTTPS and CSRF protections, though explicit security policies and incident response details are absent. WHOIS data is missing, which is unusual for a major brand and slightly impacts trustworthiness. Overall, the site is trustworthy, secure, and user-friendly, serving a large international audience.

T

TechHub

techhub.social

70

TechHub is an independent Mastodon social networking instance primarily targeting passionate technologists but welcoming everyone. It offers federated social networking services with features such as trending posts, hashtags, and a user profile directory. The platform is based on the open-source Mastodon software, version 4.4.5, and leverages modern web technologies including React and Ruby on Rails. The website demonstrates a moderate to good level of digital maturity with responsive design and basic accessibility features. Security posture is strong with HTTPS enforcement and appropriate security headers, though privacy compliance could be improved by adding cookie consent mechanisms and terms of service documentation. Overall, TechHub presents as a credible and trustworthy platform within the federated social media ecosystem.

K

Katzcy

katzcymarketing.com

71

Katzcy is a specialized digital marketing firm focused on B2B technology and cybersecurity sectors, offering comprehensive growth hacking and marketing services. The company positions itself as a niche expert blending technical expertise with influencer engagement to deliver integrated marketing solutions. Their website reflects a professional and consistent brand image with clear service offerings and client testimonials, indicating a strong market presence in their niche. Technically, the site is built on HubSpot CMS with modern marketing and analytics tools, providing good performance and mobile optimization. Security posture is solid with HTTPS and standard best practices, though explicit privacy and cookie policies are missing, which impacts compliance. WHOIS data is unavailable, reducing transparency and trustworthiness. Overall, Katzcy presents as a credible small business with a focused market approach but should improve privacy disclosures and WHOIS transparency to enhance trust.