Security Directory

S

SportClinic Zurich

sportclinic.ch

62

SportClinic Zurich is a specialized healthcare provider focusing on sport surgery and sport medicine services in Zurich, Switzerland. The clinic operates multiple physical locations across Zurich, offering a comprehensive range of treatments including physiotherapy, rehabilitation, diagnostics, and medical consultations. The website is professionally designed, well-structured, and targets patients seeking specialized sport medicine care. Technically, the site uses modern JavaScript libraries such as jQuery and Flatpickr, integrates Google Maps for location display, and is built on the PC3 CMS platform. Security-wise, the site enforces HTTPS, includes a cookie consent mechanism compliant with GDPR, and does not expose sensitive data. However, formal security policies and incident response contacts are not published, representing an area for improvement. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

C

Craft of Scandinavia AB

craftsportswear.ch

75

Craft Sportswear is a Swedish-based company specializing in high-quality training clothing for running, cycling, and cross-country skiing. Established in 1973, the company has a strong market presence in the sportswear retail sector, targeting athletes and fitness enthusiasts. The website reflects a professional e-commerce platform with a consistent brand image and comprehensive product offerings including teamwear and outlet sales. The parent company is New Wave Group SA, indicating a medium-sized enterprise with a solid business foundation. Technically, the website is built on modern technologies including React and Next.js, with Storyblok CMS integration. The site is well-optimized for mobile devices, SEO, and accessibility, providing a smooth user experience. Performance is moderate with good loading times and responsive design. Privacy and cookie policies are clearly presented with consent mechanisms, demonstrating compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces trust slightly, but the overall digital footprint and business information support legitimacy. Overall, Craft Sportswear's website is a professional, secure, and user-friendly platform suitable for its retail business model. Strategic improvements in security transparency and WHOIS data visibility would enhance trust and compliance further.

S

SportPass (Schweiz) AG

sportpassaustria.at

77

SportPass (Schweiz) AG operates the Sportpass Austria platform, a specialized sports streaming and event management service targeting sports federations, clubs, and fans primarily in Austria and Switzerland. The platform offers live and on-demand video content, subscription and pay-per-view services, and tools for content management and highlight creation. The website demonstrates a solid technical infrastructure with modern JavaScript usage, structured data, and integration with payment services like Payrexx. The platform is well-optimized for mobile and desktop users, with clear navigation and professional branding. Security posture is good with HTTPS enforcement and cookie consent mechanisms, though explicit security headers could be improved. Privacy policies and terms of service are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the site is trustworthy, professional, and well-suited for its niche market in sports media.

The website dolne-rakusko.info serves as an official regional tourism portal for Lower Austria, targeting Slovak-speaking tourists interested in cultural, wine, and travel experiences near Vienna. It offers travel packages, tips, and event information, positioning itself as a trusted source for regional tourism. The site employs modern web technologies including Cookiebot for cookie consent management, Matomo and Google Tag Manager for analytics, and Cloudflare for hosting and security. The technical infrastructure is moderately performant and mobile-optimized, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. WHOIS data is privacy protected, which is typical for such portals, and no suspicious patterns were detected. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it could improve transparency by publishing terms of service and security policies.

Wirtshauskultur Niederösterreich is a regional cultural organization promoting approximately 200 inns and traditional restaurants in Lower Austria. The website serves as a comprehensive portal for visitors and locals interested in regional cuisine, offering listings, guides, recipes, and voucher sales. The organization positions itself as a key promoter of local gastronomy culture with a strong regional identity and consistent branding. Technically, the website employs modern JavaScript frameworks, SVG maps, and integrates privacy-respecting analytics tools such as Matomo and Google Tag Manager with DoNotTrack compliance. Cookie consent is managed via Cookiebot, ensuring GDPR compliance. Security posture is good with HTTPS enforced and privacy best practices observed, though some security headers could be improved. Contact information is clearly provided, enhancing trust and credibility. No adult or questionable content is present, making the site safe for general audiences.

M

Molten Ventures

moltenventures.com

71

Molten Ventures is a prominent European venture capital firm specializing in technology investments at Series A and beyond. The company positions itself as a forward-thinking investor backing visionary teams with global ambitions, focusing on sectors such as deeptech, consumer tech, healthtech, SaaS, and enterprise software. Their business model revolves around active portfolio development and long-term value creation, supported by a professional and content-rich website that targets startups and investors alike. The firm maintains a strong market position as a leading tech-focused VC in Europe, with a clear emphasis on innovation and growth. Technically, the website demonstrates a mature digital infrastructure utilizing modern JavaScript libraries, analytics tools including Google Analytics, Google Tag Manager, and Plausible Analytics, and a cookie consent mechanism ensuring compliance with privacy regulations. The site is well-optimized for mobile devices, offers fast performance, and includes SEO best practices. However, explicit security headers are not detected, and no CMS or hosting provider details are evident from the source. From a security perspective, the site enforces HTTPS and integrates reCAPTCHA on forms, indicating a baseline security posture. Privacy and cookie policies are comprehensive and GDPR compliant. The absence of a published security policy, incident response information, or vulnerability disclosure reduces transparency. The WHOIS data is notably missing, which is unusual for a professional entity and slightly impacts trustworthiness. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, Molten Ventures' website is professional, secure, and compliant with privacy standards, serving its business and investor audiences effectively. The primary risk lies in the lack of WHOIS transparency and some missing security best practices, which should be addressed to enhance trust and security posture.

M

My AskAI

myaskai.com

62

My AskAI is a technology startup founded in 2023 that provides AI-powered customer service agents designed to automate and deflect over 75% of support tickets. The company targets businesses that use live chat providers such as Intercom, Zendesk, and Freshdesk, offering seamless integration to improve customer support efficiency. The website reflects a focused business model centered on AI SaaS solutions for customer support automation. Technically, the website is built on the Bubble.io no-code platform, hosted via Cloudflare DNS and Amazon CloudFront CDN, and incorporates a modern tech stack including Google Tag Manager, Amplitude Analytics, Microsoft Clarity, and various marketing and tracking tools. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses Cloudflare DNS with domain transfer protection. However, it lacks DNSSEC, security headers, and published security or privacy policies, which are areas for improvement. Extensive third-party tracking scripts indicate a high level of user data collection, but no explicit privacy or cookie consent mechanisms are present, raising compliance concerns. Overall, the website is professional and trustworthy with moderate security posture and good business credibility. The absence of privacy and cookie policies and security headers lowers the privacy compliance and security scores. Strategic improvements in these areas would enhance trust and regulatory compliance.

D

DENALI

denali-marketing.at

43

DENALI is a small, established marketing and web agency based in Austria, specializing in full-service digital marketing, web design, and e-commerce solutions primarily for small and medium-sized enterprises in the Salzburg, Tirol, and Oberösterreich regions. The company emphasizes comprehensive client support including marketing strategy, web development, and funding assistance. Their website reflects a professional and consistent brand image with clear service offerings and client testimonials, positioning them as a trusted regional partner. Technically, the site is built on WordPress using modern plugins and frameworks, offering good performance and mobile optimization. Security posture is solid with HTTPS and security headers in place, though some improvements in privacy compliance such as cookie consent and explicit security policies are recommended. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

AZ Zeno

azzeno.be

10

AZ Zeno is a well-established regional hospital in Belgium with multiple campuses serving patients, visitors, and healthcare professionals. The website provides comprehensive information about medical services, departments, and patient care, reflecting a strong market position in the healthcare sector. The digital infrastructure uses modern web technologies including JavaScript frameworks, SVG graphics, and integrates popular analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS implied and no exposed sensitive data, but lacks explicit security headers and incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy, but could improve in privacy and security transparency.

S

S.M.A.K.

smak.be

11

S.M.A.K. is a well-established contemporary art museum located in Ghent, Belgium, with a domain age dating back to 1999, reflecting its long-standing presence in the cultural sector. The website effectively showcases exhibitions, collections, events, and membership programs, targeting a diverse audience of art enthusiasts and the general public. The business model is non-profit and focused on cultural enrichment and accessibility. Technically, the site employs modern JavaScript frameworks and integrates multiple analytics and marketing tools, supported by a reputable hosting provider. The site is mobile-optimized, fast, and SEO-friendly, providing an excellent user experience. Security posture is strong with HTTPS and consent management, though there is room for improvement in publishing explicit security policies and incident response details. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a reliable digital presence for the museum.

D

Dewaele Vastgoeddiensten

dewaele.com

9

Dewaele Vastgoeddiensten is a prominent Belgian real estate company specializing in residential, luxury, and commercial properties. The company offers a comprehensive range of services including buying, selling, renting, investing, property management, and advisory services. The website is multilingual, targeting Dutch, French, and English-speaking audiences, reflecting a broad market reach within Belgium. The presence of multiple subsidiary brands under the Dewaele umbrella indicates a diversified and well-established market position. Technically, the website employs modern web technologies such as JavaScript frameworks (likely Alpine.js), Google Tag Manager for analytics, and Imgix for image delivery. The site is mobile-optimized and features a professional design with clear navigation, enhancing user experience. However, some technical improvements could be made, such as adding explicit security headers and improving accessibility features. From a security perspective, the website uses HTTPS and implements cookie consent mechanisms, indicating a baseline security posture and some privacy compliance. However, the absence of a visible privacy policy, terms of service, and WHOIS data raises concerns about transparency and domain legitimacy. No critical vulnerabilities were detected in the provided content, but the lack of security headers and incident response information suggests room for improvement. Overall, the website presents a professional and trustworthy front for a large real estate business, but the missing WHOIS data and privacy documentation reduce the confidence level. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve trust and compliance.

F

Flamant

flamant.com

39

Flamant is a well-established retail and e-commerce business specializing in luxury home furniture, décor, textiles, paint, and gifts. With a history spanning approximately 45 years, the company targets consumers seeking high-quality and elegant home living solutions. The website reflects a professional and consistent brand image, supporting multiple languages and offering a rich catalog of products and inspiration content. Technically, the site employs modern JavaScript frameworks, tracking tools, and content delivery networks, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit privacy policies are missing. The absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts trustworthiness. Overall, Flamant presents a credible and professional online presence with room for improvement in privacy and security disclosures.

RainPharma is a small Finnish company specializing in natural health and wellness products, including supplements, skin care, and aromatherapy. The website is built on the Shopify platform and employs modern JavaScript libraries and marketing tools such as Visual Website Optimizer and Cookiebot for consent management. The domain is well-established since 2009, consistent with the company's founding year, and is registered with Cloudflare, indicating stable hosting and DNS management. Security posture is adequate with HTTPS enabled and clientTransferProhibited domain status, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information is not readily found on the analyzed page, which may impact user trust. Overall, the website presents a professional and consistent brand image focused on natural wellness products.

S

Small Luxury Hotels of the World

myslh.com

58

Small Luxury Hotels of the World operates the mySLH portal as a member login platform for its luxury hospitality services. The website serves as an access point for registered users to manage bookings and membership details. The domain is well-established since 2008, indicating a mature business presence in the luxury hotel sector. The technical infrastructure includes Umbraco CMS and modern JavaScript libraries, with hosting DNS managed via Cloudflare. The site is moderately optimized for mobile and performance but lacks comprehensive SEO and accessibility features. From a security perspective, the website employs basic best practices such as clientTransferProhibited domain status and anti-forgery tokens in forms. However, it lacks DNSSEC, explicit security headers, and published privacy or cookie policies, which are critical for compliance and trust. Google Analytics and Tag Manager are used for user tracking, but no cookie consent mechanism is evident, indicating potential GDPR compliance gaps. Overall, the website is functional and consistent with the brand but requires improvements in privacy compliance, security hardening, and transparency to enhance user trust and regulatory adherence. No adult or explicit content is present, making it safe for general audiences.

N

Nettavisen

nettavisen.no

66

Nettavisen is a prominent Norwegian online news media company providing continuous news coverage across various sectors including economy, sports, and celebrity news. It operates under the parent company Amedia and targets a broad general audience in Norway. The website employs a subscription and advertising-based business model, offering both free and premium content. Technically, Nettavisen utilizes modern web technologies such as service workers, ES modules, and advanced ad serving frameworks to deliver a performant and responsive user experience. The site is well-structured with clear navigation and mobile optimization. Security-wise, the site enforces HTTPS and uses security headers, but lacks publicly visible privacy and cookie policies, which are critical for compliance and user trust. No WHOIS data is available due to Norwegian domain privacy policies, but the domain appears legitimate and consistent with the business profile. Overall, Nettavisen demonstrates a mature digital presence with room for improvement in privacy transparency and security disclosures.

R

RBA Grupo

revistainteriores.es

62

Revista Interiores is a Spanish online magazine specializing in interior design, decoration, architecture, and lifestyle content. It operates under the RBA Grupo, a recognized Spanish publishing group. The website offers rich editorial content, subscription services, and advertising opportunities, targeting a general audience interested in home and design trends. Technically, the site uses a modern JavaScript stack with consent management and multiple ad networks integrated, ensuring monetization and compliance with privacy regulations. Security posture is solid with HTTPS and security headers, though some improvements in incident response transparency are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, but WHOIS data is unavailable due to query restrictions, limiting domain legitimacy assessment.

B

BITel Gesellschaft für Telekommunikation mbH

bitel.de

51

BITel Gesellschaft für Telekommunikation mbH is a regional telecommunications provider operating primarily in Germany, focusing on delivering fiber optic internet, telephone, and TV services to private customers in areas such as Bielefeld and Gütersloh. The company is backed by parent entities Stadtwerke Bielefeld and Stadtwerke Gütersloh, indicating strong regional infrastructure support. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service offerings tailored to local customers. Technically, the site is built on TYPO3 CMS and integrates modern marketing and analytics tools while maintaining GDPR compliance through explicit privacy and cookie policies. Security posture is solid with HTTPS enforcement and consent management, though some security headers could be more explicitly declared. Overall, the website and domain registration data align well, supporting the legitimacy and trustworthiness of the business.

B

BAQUE-Internetservice

baque-internetservice.de

45

BAQUE-Internetservice is a small, established web agency based in Kaiserslautern, Germany, with over 20 years of experience in professional web design, webshops, SEO, and website maintenance. The company targets local businesses and organizations seeking effective and user-friendly websites optimized for search engines. Their business model focuses on providing tailored web solutions using popular CMS and shop systems such as WordPress, Typo3, Joomla, and Shopware. The website reflects a consistent brand image and professional content that supports their market position as a reliable local web agency. Technically, the website is built on WordPress with modern plugins including Yoast SEO and Complianz GDPR for compliance. It uses Google Tag Manager for analytics and tracking. Hosting is provided by kasserver.com, indicated by the nameservers. The site is mobile-optimized and performs moderately well, with good SEO practices in place. However, some security headers are missing, which could be improved to enhance security posture. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. The absence of a dedicated security policy or incident response contact is noted but not uncommon for small businesses. Overall, the security posture is solid but could benefit from additional headers and explicit security documentation. The domain WHOIS data is consistent with the website's claims, showing no privacy protection and a domain age that matches the company's stated history. Contact information is clear and verified, including email, phone, and physical address. The site contains no adult or questionable content, making it safe for general audiences. The AI overall score reflects a well-maintained, professional, and trustworthy website with minor areas for improvement.

E

EKO-PUNKT

eko-punkt.de

65

EKO-PUNKT is a German-based competence center specializing in sustainable packaging management, including packaging licensing, circular contracting, ecodesign, and recycled material delivery. The company operates under the REMONDIS Group umbrella, a well-established waste management conglomerate. Their website reflects a professional and business-focused approach, targeting companies needing compliance and sustainability solutions in packaging. The digital infrastructure is built on TYPO3 CMS, integrating modern tools like Cookiebot for consent management and Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and provides clear navigation, although explicit contact details like emails and phone numbers are not directly visible, relying instead on contact forms.

R

Rhenus

aktenvernichtung.de

72

Rhenus operates a professional German-language website focused on secure destruction and disposal services for documents, data carriers, and hard drives. The company positions itself as a leading provider in Germany with over 40 years of experience and multiple security locations. The website is built on TYPO3 CMS and integrates modern technologies including Google Tag Manager and Usercentrics for consent management. The site is well-structured, mobile-optimized, and SEO-friendly, targeting both business and private customers. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and published policies are lacking. Contact is primarily via a contact form with no direct emails or phone numbers visible. Overall, the domain and website appear legitimate and consistent with the Rhenus Group brand.

R

REMONDIS SE & Co. KG

remondis-whistleblower-policy.de

58

REMONDIS SE & Co. KG operates a dedicated whistleblower policy website providing downloadable policy documents in multiple languages, demonstrating a commitment to corporate compliance and governance. The website targets employees and stakeholders seeking whistleblower information and is part of a large enterprise likely operating in the waste management and recycling sector. The technical infrastructure is based on TYPO3 CMS, indicating a professional and scalable content management approach. The website is moderately optimized for performance and mobile use, with basic accessibility and SEO features. Security posture is adequate with HTTPS usage but lacks visible security headers and explicit privacy or cookie policies. No contact or incident response information is provided, which limits user engagement and compliance transparency. Overall, the site is trustworthy and professionally maintained but could improve in privacy compliance and security best practices.

K

KnowS

knows.ch

52

KnowS is a Swiss-based online platform that connects individuals seeking support with verified local service providers, enabling users to find help or earn money flexibly and securely. The platform emphasizes community trust through verified profiles, user reviews, and insurance coverage via Zurich, positioning itself as a reliable marketplace for various service categories. The website is built on TYPO3 CMS and integrates modern technologies including Google Tag Manager, LiveChat, and Stripe for payments, reflecting a mature digital infrastructure. Security practices include HTTPS enforcement and security headers, though there is room for improvement in publishing formal security policies and incident response information. The absence of WHOIS registration data raises concerns about domain legitimacy, but the professional presentation and active user engagement mitigate some risk. Overall, KnowS demonstrates a solid business and technical foundation with moderate privacy compliance and good security posture.

H

Hotel Château Gütsch

chateau-guetsch.ch

64

Hotel Château Gütsch is a boutique hotel located in Luzern, Switzerland, offering scenic views over the city and Lake Lucerne. The website presents a professional and well-structured digital presence built on WordPress, integrating booking functionalities and analytics tools. The business targets travelers seeking a unique and tranquil hotel experience. Technically, the site uses modern web technologies and plugins to enhance user experience and SEO. Security measures include HTTPS and cookie consent mechanisms, though explicit privacy and terms policies are not found in the provided content. Overall, the site demonstrates a solid security posture with room for improvement in privacy transparency and contact information availability.

황

황동산업(주)

themetal.kr

66

THE METAL (황동몰) is a South Korean e-commerce business specializing in metal products and DIY hardware, including handles, locks, decorative items, and custom manufacturing services. The company operates a well-established online retail platform using the Cafe24 e-commerce system, targeting DIY enthusiasts and professional customers in the metal hardware sector. The website is professionally designed with consistent branding and a clear focus on its niche market. The domain registration data aligns well with the business identity, showing a legitimate and stable presence since 2013. Technically, the website leverages modern JavaScript libraries and integrates Google Analytics and Tag Manager for marketing and analytics purposes. Hosting and platform services are provided by Cafe24, a reputable Korean e-commerce provider. While the site is functional and moderately optimized for performance, mobile optimization and accessibility features are basic and could be improved. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC implementation. From a security and compliance perspective, the site does not prominently display privacy, cookie, or terms of service policies, which may impact GDPR and other regulatory compliance. No incident response or vulnerability disclosure information is found. The site content is safe for general audiences with no adult or explicit material. Overall, the business appears credible and trustworthy, but could enhance its security and privacy practices to improve compliance and user trust.

C

Café Konditorei Reichenau

cafe-konditorei-reichenau.at

53

Café Konditorei Reichenau is a small hospitality business located in Reichenau an der Rax, Austria, specializing in pastries, cakes, breakfast, and savory snacks. The website reflects a local café with a historical reputation and seasonal event focus, targeting tourists, hikers, and local visitors. The business model centers on retail and on-site dining with options for pre-ordering specialty cakes. Technically, the website uses standard web technologies with moderate performance and good mobile optimization but lacks advanced frameworks or CMS identification. Security posture is adequate with HTTPS enforced but lacks security headers and explicit security policies. Privacy compliance is good with a visible cookie consent mechanism and privacy policy. Contact information is clear and professional, enhancing business credibility. Overall, the website is safe, professional, and trustworthy with no adult or questionable content detected.

The website alixon-web.ch presents a small technology business offering a modular web management platform primarily targeting organizations and businesses needing address management, event scheduling, website content editing, and communication tools. The platform uses a proprietary CMS with Ext JS for UI components and provides multiple portal options for different user groups. The site is primarily in German and hosted on subdomains related to alixon-web. Technically, the site uses HTTPS for login forms but lacks visible security headers and privacy policies, indicating room for improvement in security and compliance. No contact emails or phone numbers are provided, which may affect user trust and support accessibility. Overall, the site is functional with basic content and moderate technical implementation but lacks comprehensive privacy and security measures.

Niederoesterreich.at is the official tourism and travel portal for the Lower Austria region, operated by Niederösterreich-Werbung GmbH. The website offers comprehensive travel information, accommodation booking, event calendars, and cultural and natural experience guides targeting tourists interested in exploring the region around Vienna. It holds a strong market position as a government-supported regional tourism authority with consistent branding and a professional online presence. Technically, the website employs modern web technologies including JavaScript, Matomo analytics with privacy-conscious configurations, and Google Tag Manager. The site is mobile-optimized and features good SEO practices, though some security headers could be improved. The site uses HTTPS with good SSL configuration, and disables cookies in analytics to enhance privacy. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy-respecting analytics. However, it lacks a visible cookie consent mechanism and some security headers like Content-Security-Policy and X-Frame-Options are missing, which are recommended for enhanced protection. No vulnerabilities or suspicious activities were detected. Overall, the website is safe, professional, and trustworthy, with no adult or explicit content. The WHOIS data aligns well with the website's identity, confirming legitimacy. Strategic recommendations include implementing a cookie consent banner, adding missing security headers, and enhancing accessibility features to further improve compliance and security posture.

The website www.wieneralpen.at serves as a comprehensive regional tourism portal for the Wiener Alpen area in Lower Austria, Austria. It provides detailed information on hiking, cultural events, accommodation, and travel tips, targeting tourists interested in outdoor and cultural activities. The site is well-branded and consistent with regional tourism authorities, offering a good user experience with clear navigation and multilingual support. Technically, it employs modern web technologies including JavaScript frameworks, Vimeo video integration, Google Tag Manager, Matomo analytics with privacy-conscious configurations, and Cookiebot for cookie consent management. Security posture is strong with HTTPS enforced and privacy-respecting analytics, though explicit security policies and incident response contacts are not published. The site does not expose sensitive data or use vulnerable libraries. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Overall, the site is trustworthy, professional, and safe for general audiences.

M

Ministerium für Kultus, Jugend und Sport Baden-Württemberg

km-bw.de

67

The website km.baden-wuerttemberg.de is the official portal for the Ministry of Education, Youth and Sports of Baden-Württemberg, Germany. It serves as a comprehensive information hub for education policies, youth programs, sports initiatives, cultural affairs, and public services related to schooling and early childhood education in the region. The site targets citizens, students, parents, and educators within Baden-Württemberg, providing official government content and resources. The business model is public service and information dissemination as part of the regional government infrastructure. Technically, the site is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics with a user consent mechanism, reflecting a privacy-conscious approach. The site uses modern web technologies including responsive design, SVG icons, and asynchronous JavaScript loading. Hosting appears to be managed by Baden-Württemberg state infrastructure, ensuring reliability and compliance with government standards. From a security perspective, the site enforces HTTPS and uses cookie consent for analytics. While some standard security headers are present, there is room for improvement by adding additional headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the official nature of the site, showing consistent domain registration and name servers. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. It provides a safe and accessible user experience with clear navigation and relevant content. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

A

APISUMM A. Schuler

apisumm.ch

10

APISUMM A. Schuler is a small Swiss retail business specializing in the production and sale of high-quality Swiss honey, bee cosmetics, and health supplements derived from bee products such as Propolis and Gelée Royal. The company operates an e-commerce platform targeting health-conscious consumers and regional customers in Switzerland. The website presents a professional and consistent brand image with clear navigation and product offerings. Technically, the site is built on the Shopware platform, employs modern web technologies, and integrates security features such as HTTPS, CSRF tokens, and Google reCAPTCHA. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the site lacks explicit security policies and incident response information. Overall, the website is trustworthy, secure, and well-suited for its business model.

C

Charlotte Tilbury

charlottetilbury.com

68

Charlotte Tilbury is a well-established luxury beauty brand specializing in makeup, skincare, and fragrance products. The website targets the European market with localized content and currency options. The brand operates a sophisticated e-commerce platform leveraging modern web technologies such as React and Next.js, ensuring a fast and responsive user experience. The site demonstrates strong branding consistency and professional design, reinforcing its market position as a premium retailer. Security measures including HTTPS and comprehensive security headers are in place, contributing to a robust security posture. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. However, the absence of publicly available WHOIS data limits domain trust verification. Overall, the site presents a low-risk profile with recommendations to enhance transparency around security policies and incident response.

M

Molten Ventures

forwardpartners.com

71

Molten Ventures is a prominent European venture capital firm specializing in technology investments at Series A and beyond. The company positions itself as a forward-thinking investor backing visionary teams across sectors such as deeptech, consumer tech, healthcare, SaaS, and enterprise software. Their business model centers on active portfolio development and scaling support, distinguishing them from traditional VC firms tied to fixed investment cycles. The website reflects a mature market position with a professional and consistent brand presence, targeting startups seeking growth capital and investors interested in technology innovation. Technically, the website employs modern JavaScript libraries and analytics tools including Google Analytics, Google Tag Manager, LinkedIn Insight Tag, and Plausible Analytics, alongside a cookie consent management system. The site is well-optimized for mobile devices, features fast loading times, and includes SEO best practices such as meta tags and structured data. However, no specific CMS or hosting provider is explicitly identified. From a security perspective, the site enforces HTTPS and integrates Google reCAPTCHA for form protection, demonstrating good baseline security hygiene. The presence of cookie consent mechanisms and a comprehensive privacy policy indicates GDPR compliance. Nonetheless, the absence of explicit security headers, incident response contacts, and vulnerability disclosure policies suggests areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, Molten Ventures' website presents a trustworthy and professional digital presence with strong business credibility. The lack of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given the quality of content and transparency. Strategic recommendations include enhancing security header implementation, publishing incident response information, and maintaining ongoing audits of third-party scripts to mitigate potential risks.

S

Spectinga

spectinga.com

54

Spectinga operates as an online marketplace specializing in agricultural and construction equipment dealers. The platform targets dealers and buyers within these sectors, positioning itself as a niche marketplace launched in 2021. The website's technical infrastructure is built on modern web technologies including React and SCSS, hosted on AWS infrastructure as indicated by DNS records. While the site demonstrates basic mobile optimization and SEO practices, there is room for improvement in accessibility and performance tuning. Security posture is moderate; the domain is secured with HTTPS, but lacks DNSSEC and security headers, which are recommended to enhance protection. Privacy and cookie policies are absent, which may impact GDPR compliance and user trust. No contact information or incident response details are provided, limiting transparency. Overall, the website is functional but basic, with moderate trustworthiness and a legitimacy score of 80 based on domain registration data and technical observations.

L

Laundryheap

laundryheap.com

9

Laundryheap is an international on-demand laundry and dry cleaning service operating in 13 countries, offering free delivery within 24 hours. The company targets general consumers seeking convenient laundry solutions. The website is professionally designed with good mobile optimization and clear navigation, supporting multiple languages and countries. Technically, the site uses modern JavaScript frameworks and integrates analytics and error tracking tools such as PostHog, Microsoft Clarity, and Sentry, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and asynchronous loading of tracking scripts; however, the absence of security headers and published security policies limits the overall security maturity. The lack of visible privacy, cookie, and terms of service policies, as well as missing contact information, represents compliance and trust gaps. WHOIS data is unavailable, which is inconsistent with the active website presence and reduces domain trustworthiness. Overall, Laundryheap presents a functional and professional online presence but should improve transparency and compliance documentation to enhance trust and security.

Z

Zumo

zumo.tech

56

Zumo is a UK-based specialist company providing modular, API-first digital asset infrastructure and enablement services tailored for banks, fintechs, exchanges, and crypto businesses aiming to enter or scale in the UK crypto market. Their platform covers custody, trading, onboarding, AML, financial promotions, and fiat integration, complemented by Zumo+, a premium enablement service layer offering regulatory compliance and go-to-market support. The company holds FCA registration and has a strong UK market presence since its founding in 2017. Technically, the website is built on WordPress with modern plugins and hosted on AWS infrastructure. It features good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and no explicit security.txt or vulnerability disclosure pages were found. Cookie consent and privacy policies are comprehensive and GDPR compliant. Overall, the website demonstrates a high level of professionalism, trustworthiness, and business credibility. No critical security issues or content safety concerns were detected. The domain WHOIS data aligns well with the business claims, supporting legitimacy. The site effectively targets financial and technology sectors within the UK, serving a medium-sized enterprise audience. Strategic recommendations include enabling DNSSEC, adding explicit security policies and incident response information, and implementing Content Security Policy headers to further enhance security posture.

U

UnderTheDoormat Ltd

underthedoormat.com

71

UnderTheDoormat Ltd is a UK-based company specializing in luxury short term and vacation rental properties. Established in 2014, it has positioned itself as a premium service provider in the real estate and hospitality sectors, offering handpicked, high-quality rental homes with verified standards and a strong focus on customer experience. The company targets affluent travelers and homeowners seeking professional property management and rental services. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports its market positioning. Technically, the site leverages modern JavaScript frameworks (Vue.js), integrates with multiple third-party marketing and analytics platforms, and uses secure payment and mapping APIs. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers are not explicitly detected. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the business demonstrates credibility through industry awards, trust badges, and consistent domain registration data.

X

XING

xing.de

67

XING is a prominent professional networking platform primarily serving German-speaking professionals and recruiters. It offers a comprehensive job marketplace with over one million job listings, employer reviews, salary insights, and recruitment solutions. The platform targets professionals seeking career advancement and companies looking to hire qualified candidates. Technically, XING employs modern web technologies including React, JavaScript, and integrates consent management tools like Usercentrics and marketing automation via Braze, indicating a mature digital infrastructure. The website is well-optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. Security-wise, the site enforces HTTPS, implements multiple security headers, and manages user consent effectively, though it lacks publicly disclosed incident response contacts and security certifications. The absence of WHOIS registration details limits transparency but does not detract from the platform's established market presence and trustworthiness. Overall, XING demonstrates a strong security posture and compliance with privacy regulations, making it a reliable platform for professional networking and job search.

R

Recisio

karafun.es

72

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a vast catalog of karaoke songs and interactive music quizzes. The service targets a broad audience with multilingual support and multiple subscription plans, including free, premium, and professional tiers. The company also provides karaoke hardware and business solutions, positioning itself as a comprehensive karaoke entertainment provider in the media sector. The website demonstrates strong branding consistency and professional content quality, supported by a modern technical infrastructure leveraging JavaScript, SVG, and privacy-conscious analytics tools like Umami. Technically, the site is well-optimized for performance and mobile responsiveness, with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response information are not publicly disclosed. The domain registration aligns well with the business claims, indicating legitimacy and trustworthiness. Social media presence and partner domains further reinforce the company's market position. Overall, the website is professional, secure, and compliant with privacy regulations, offering a trustworthy user experience. However, improvements could be made by publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and security readiness.

R

Recisio

karafun.nl

70

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a broad catalog of karaoke songs and music quizzes. The company targets karaoke enthusiasts and businesses with subscription-based services and specialized solutions like karaoke bars and business management tools. The website is professionally designed, mobile-optimized, and provides multilingual support, reflecting a mature digital presence. Technically, the site uses modern web technologies, including SVG icons, Google Fonts, and Umami analytics, hosted likely on a CDN associated with Recisio. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

O

Oesterreichisches olympisches Comitee

olympicteamaustria.tv

66

The website olympicteamaustria.tv serves as the official digital platform for the Austrian Olympic Committee, providing live streaming, video on demand, and event information related to Austrian Olympic athletes and sports. It targets sports enthusiasts and the Olympic community, offering pay-per-view and subscription-based access to content. The platform is relatively new, launched in 2023, and leverages a custom streaming infrastructure managed by partners such as Asport and SportPass Austria. The site demonstrates a good level of digital maturity with a modern tech stack, mobile optimization, and clear legal and privacy documentation. Security posture is solid with HTTPS and some security best practices, though improvements in DNSSEC and security headers are recommended. Overall, the platform is trustworthy, professionally designed, and compliant with GDPR requirements.

M

MG Motor

mgmotor.pl

9

MG Motor Poland operates as a regional automotive brand offering a diverse portfolio of vehicles including gasoline, hybrid, plug-in hybrid, and fully electric models. The website is professionally designed, targeting Polish consumers interested in MG vehicles, providing detailed model information, pricing, and promotional offers. The brand is a subsidiary of SAIC Motor, a major automotive company, and is establishing a growing presence in the Polish market with increasing vehicle registrations and dealer network expansion. Technically, the website employs modern web technologies such as responsive design, WebP images, Google Tag Manager, and YouTube APIs, ensuring a good user experience across devices. However, some security best practices like security headers and explicit privacy and cookie policies are missing or not detected in the provided content, which could be improved to enhance compliance and user trust. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but the absence of security headers and lack of visible privacy compliance measures represent areas for enhancement. The WHOIS data is unavailable from the Polish registry, which slightly reduces domain trustworthiness, though the professional branding and content suggest legitimacy. Overall, MG Motor Poland's website is a solid digital presence for an automotive brand with room for improvement in privacy compliance and security hardening to align with best practices and regulatory requirements.

A

adidas

adidas.hr

61

The website www.adidas.hr is the official Croatian localized e-commerce platform for adidas, a globally recognized sportswear brand. It offers a comprehensive catalog of sports footwear, apparel, and accessories targeting a broad audience including men, women, and children. The site is professionally designed with clear navigation, multiple language and country alternates, and a customer loyalty program (adiClub), positioning it strongly in the Croatian retail sportswear market. Technically, the site leverages modern e-commerce infrastructure including Salesforce Commerce Cloud, Global-e for cross-border commerce, and advanced analytics and monitoring tools such as Google Tag Manager, Instana, and Tealium. Security measures include HTTPS enforcement, Google reCAPTCHA Enterprise, and security headers, reflecting a mature security posture. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. Overall, the site is trustworthy, well-structured, and compliant with GDPR, making it a reliable platform for customers.

R

Recisio

tencymusic.fr

67

Tency Music is a professional music licensing platform offering a large catalog of over 80,000 high-quality covers, instrumentals, stems, and karaoke tracks for sync and commercial use. The company targets media producers, advertisers, app developers, and video creators, providing fast licensing with a 48-hour response guarantee and tailored music solutions. The website is well-designed, mobile-optimized, and features notable clients such as Netflix, Amazon Prime, and Universal Music France, indicating a strong market position within the media industry. Technically, the site uses modern web technologies including Google Tag Manager and Google Fonts, hosted on a CDN associated with its parent company, Recisio. Security posture is good with HTTPS enforced and secure forms, but lacks some security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. WHOIS data is missing, which raises some concerns about domain registration transparency, but the professional site and business information mitigate some risk. Overall, the site is trustworthy and functional but should improve privacy compliance and security disclosures.

R

Recisio

karafun.fr

63

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a broad catalog of karaoke songs and music quizzes accessible via multiple apps across devices. The business targets a broad audience including casual users and professional karaoke venues, with subscription-based revenue models and additional commercial offerings. The website is professionally designed, multilingual, and provides clear subscription plans and business solutions. Technically, the site uses modern web technologies, including SVG icons, Google Fonts, and privacy-focused Umami analytics, hosted likely on Recisio's infrastructure with CDN support. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response contacts could be improved. Privacy compliance is good with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Overall, the domain is privacy-protected but consistent with a legitimate, professional business presence.

H

Heyflow

heyflow.id

59

Heyflow is a technology company providing a SaaS platform for building interactive, no-code forms designed to increase user engagement and conversion rates. The platform offers drag & drop design, conditional logic, and seamless integrations with popular CRMs and analytics tools, positioning itself as a flexible and user-friendly solution for marketers and businesses. The website is professionally designed with consistent branding and clear messaging targeting business users seeking enhanced lead generation tools. Technically, the site leverages modern JavaScript frameworks, asynchronous script loading, and integrates with major analytics and marketing platforms such as Google Analytics, Google Tag Manager, and Facebook Pixel. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and domain transfer protections, though additional security headers and a formal security policy could enhance trust. Privacy compliance is addressed with a cookie consent mechanism and links to privacy and imprint pages, indicating GDPR awareness. No direct contact emails or phone numbers are provided on the site, which may impact user trust slightly. Overall, the site is secure, performant, and business credible with room for improvement in explicit security disclosures and contact transparency.

I

Iftra GmbH

deutsche-pflegejobs.de

49

Deutsche Pflegejobs is a specialized German online job board and recruitment platform focused on the healthcare and social care sectors, operated by Iftra GmbH. The platform offers a comprehensive range of services including job listings, recruitment solutions, educational program information, and industry news. With over 10 years of experience, it holds a strong position in the German healthcare recruitment market, targeting both job seekers and employers. The website is professionally designed using TYPO3 CMS and integrates modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site demonstrates high trustworthiness and business credibility.

A

adidas Saudi Arabia

adidas.sa

63

The adidas Saudi Arabia website serves as the official regional online store for adidas, offering a wide range of sportswear, shoes, and accessories tailored to the Saudi Arabian market. The site is well-branded, professionally designed, and provides localized services such as next-day delivery in Riyadh and a welcome discount offer. Technically, the site leverages Salesforce Commerce Cloud, Global-e for international e-commerce, and advanced monitoring and security tools including Google reCAPTCHA Enterprise and Instana. Security posture is strong with HTTPS, security headers, and bot protection in place. Privacy and cookie policies are present and indicate GDPR compliance, although explicit data protection officer contacts and incident response policies are not found. The absence of WHOIS data for the domain is noted but likely due to SaudiNIC domain registration policies rather than a legitimacy concern. Overall, the site demonstrates a mature e-commerce platform with good security and privacy practices, suitable for a large retail brand.

A

adidas UAE

adidas.ae

63

The adidas UAE website is a professionally designed and well-structured e-commerce platform representing the global adidas brand in the United Arab Emirates. It offers a wide range of sportswear, footwear, and accessories targeting consumers interested in athletic and lifestyle products. The site leverages advanced e-commerce technologies including Salesforce Commerce Cloud and integrates third-party services for analytics, marketing, and security. The technical infrastructure demonstrates a mature digital presence with good performance and mobile optimization. Security posture is strong with HTTPS, Google reCAPTCHA Enterprise, and monitoring tools, though some security headers and explicit incident response contacts are not visible. Privacy compliance is partially addressed with a privacy policy and terms of service, but lacks a visible cookie consent mechanism. Overall, the site is trustworthy and aligns well with the adidas brand identity and market positioning in the UAE.

A

adidas

adidas.fi

11

adidas.fi is the official Finnish e-commerce website for adidas, a globally recognized sportswear and equipment brand. The site offers a comprehensive range of sports apparel and equipment tailored to various sports such as swimming, football, and running. The website targets sports enthusiasts and general consumers in Finland, leveraging a strong brand presence and a well-established market position as a leader in the retail sportswear industry. The business model focuses on direct online sales, supported by extensive customer service and account management features. Technically, the website employs modern web technologies including React and Next.js frameworks, ensuring a fast, responsive, and accessible user experience. Hosting and CDN services appear to be provided by Akamai, contributing to excellent performance and global reach. The site is well-optimized for SEO and mobile devices, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, adidas.fi demonstrates a strong posture with enforced HTTPS, robust security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. However, explicit incident response and vulnerability disclosure policies are not publicly found, suggesting areas for improvement. Overall, adidas.fi is a professional, secure, and trustworthy e-commerce platform with a high level of digital maturity. Strategic recommendations include enhancing transparency around security policies, publishing a vulnerability disclosure framework, and maintaining continuous security audits to uphold the strong security posture.

A

adidas Canada

adidas.ca

11

Adidas Canada operates a comprehensive e-commerce platform offering sneakers and activewear tailored for the Canadian market. As a subsidiary of the global adidas AG brand, it maintains a strong market position with a focus on quality, innovation, and customer engagement. The website reflects a mature digital infrastructure leveraging modern technologies such as React and Next.js, supported by robust CDN and monitoring services to ensure performance and reliability. Security posture is strong, with HTTPS enforcement, security headers, and privacy compliance evident throughout the site. No critical vulnerabilities or blocking mechanisms were detected, indicating a well-maintained and trustworthy platform. Strategic recommendations include enhancing incident response visibility and establishing a public vulnerability disclosure policy to further strengthen security culture and compliance.