Security Directory

C

Committee on Space Research (COSPAR)

cospar-assembly.org

0

The Committee on Space Research (COSPAR) operates an official website focused on managing scientific assembly abstract submissions and providing program information for international space research events. The organization is well-established with a domain age of over 17 years, reflecting its longstanding presence in the scientific community. The website targets researchers and professionals in space science, offering key services such as event scheduling, abstract handling, and publication guidance. The business model is non-profit and educational, supporting global scientific collaboration.

F

FAS Advogados

fasadv.com.br

0

FAS Advogados is a Brazilian law firm operating in cooperation with CMS, offering comprehensive legal services across multiple practice areas and sectors. The firm targets corporate clients and businesses, providing expertise in areas such as antitrust, banking, capital markets, compliance, and data protection. The website reflects a well-established medium-sized legal services provider with a strong market position and international cooperation. Technically, the website is built on a modern stack with CMS Legal, Bootstrap, and Cloudflare hosting, delivering fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response details are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with moderate user tracking via Piwik PRO and LinkedIn Insight Tag. No critical vulnerabilities or suspicious content were detected.

S

Slovenská sporiteľňa

digitalneinvestovanie.sk

0

Slovenská sporiteľňa is a leading Slovak bank offering a wide range of financial services including investment savings, loans, insurance, and digital banking solutions. The website focuses on promoting their investment savings product, encouraging customers to invest regularly with low minimum amounts and no fees. The bank leverages a modern technical infrastructure with a proprietary CMS (GEM) and integrates analytics and marketing tools to enhance user experience and business insights. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website reflects a mature digital presence aligned with a reputable financial institution.

E

ELET, s.r.o

sikovnarezerva.sk

0

Šikovná rezerva is an online insurance service based in Slovakia, offering insurance coverage for household monthly bill payments in case of job loss or long-term sick leave. The service is provided in partnership with MetLife Slovensko and operated by ELET, s.r.o. The website targets Slovak residents seeking affordable and simple insurance solutions, emphasizing mobile-first contract and payment processes. The business model relies on monthly SMS payments and electronic contracts, positioning itself as a niche player in the Slovak insurance market. The website content is professionally presented in Slovak language with clear navigation and client testimonials enhancing trust. Technically, the site uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, Google Analytics, Facebook Pixel, and Hotjar for analytics and marketing. Hosting and DNS are managed via Cloudflare, providing robust infrastructure and SSL encryption. Security posture is good with HTTPS enforced and no visible sensitive data exposure, but lacks some security headers and explicit cookie consent mechanisms, which are recommended for full GDPR compliance. Contact information is clearly provided with company email and phone number. Overall, the website is well-structured, trustworthy, and professionally maintained, though improvements in privacy compliance and security policies would enhance its posture.

F

Florian Karsten Studio

floriankarsten.com

0

Florian Karsten Studio is a small creative technology business based in Brno, Czech Republic, specializing in graphic design, UX, and development services. The studio emphasizes open-source projects, peer-to-peer networks, and automation, targeting clients interested in independent and functional digital systems. The website presents a professional portfolio with clear branding and a focus on design and technology integration. Technically, the website uses modern web technologies including HTML5, CSS, JavaScript, and libraries such as jQuery and Slick Carousel. Hosting and DNS are managed via Cloudflare and NameCheap, ensuring reliable performance and security. The site is mobile optimized and includes privacy-respecting analytics via Plausible. However, there is room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and security headers which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. No forms or sensitive data collection mechanisms reduce risk exposure. Overall, the security posture is moderate but could be strengthened with additional policies and technical controls. The overall risk is low given the nature of the business and website content, but strategic improvements in privacy compliance and security best practices are advised to enhance trust and regulatory adherence.

M

Martin Utíkal

martinutikal.com

0

Martin Utíkal is a Prague-based graphic designer with an architectural background, offering creative and art direction services primarily to cultural institutions, businesses, and individuals. The website showcases a professional portfolio with selected clients including universities and design studios, positioning the business as a niche creative service provider. The technical infrastructure is built on WordPress with a modern theme and includes common JavaScript libraries and Google Analytics for tracking. The site is mobile optimized and presents content clearly with good design quality. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content itself appears trustworthy and professional. Overall, the site is functional and credible but would benefit from improved privacy and security policies.

M

Marek Nedelka

mareknedelka.com

0

Marek Nedelka's website serves as a professional portfolio showcasing creative direction and graphic design projects, including book designs, exhibition catalogues, and branding work. The site targets creative professionals and potential clients seeking specialized design services. Technically, the website is built on WordPress, utilizing jQuery and Swiper.js for interactive elements, and integrates Google Analytics for visitor tracking. The site is mobile optimized with a moderate performance profile. Security-wise, HTTPS is properly implemented, but the absence of security headers and privacy policies indicates room for improvement in compliance and protection. The lack of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional and professionally presented but would benefit from enhanced privacy, security, and transparency measures.

A

ams OSRAM

ams-osram.com

0

ams OSRAM is a global leader specializing in innovative light and sensor solutions, offering a broad portfolio including high-performance LEDs, lasers, mixed-signal analog ICs, and sensors tailored for automotive, industrial, medical, and consumer applications. The company operates primarily in the B2B technology sector with a strong market position and enterprise scale. The website reflects a mature digital presence built on modern technologies such as React and Liferay, with integrated analytics and cookie consent mechanisms to support GDPR compliance. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy policies and incident response details are not explicitly published, representing an area for enhancement. Overall, the website is professional, trustworthy, and safe for general audiences.

L

Leo Symon, Digital Fine art

leosymon.com

0

Leo Symon is a digital fine art painter showcasing his creations through a professionally designed Wix website. The site targets general audiences interested in digital fine art and painting, providing a portfolio and artistic expression. The technical infrastructure is based on Wix's platform, utilizing modern JavaScript libraries and Google Analytics for minimal user tracking. The website is mobile optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled and some script-level security hardening, but lacks explicit security headers and formal privacy or cookie policies. The absence of WHOIS data raises concerns about domain legitimacy, though the active site presence suggests possible privacy protection or registration issues. Overall, the site is safe and professional but would benefit from enhanced privacy compliance and clearer business credibility indicators.

S

SIOX s.r.o.

dmvr.sk

0

SIOX s.r.o. operates the DmvRating SK platform, providing comprehensive economic rating and monitoring services for Slovak business entities. The company specializes in dynamic multivariate vector ratings based on long-term financial data, offering valuable insights into company performance, risk, and sustainability. Their services include the DmvRating SK database, ABREM Monitoring, and data integration solutions aimed at improving business processes. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed content about their rating methodology and indices. Technically, the site uses modern front-end technologies such as Google Fonts, Swiper.js, and PureCounter.js, with HTTPS enforced and CSRF protection on forms. Security posture is good but could be improved by adding security headers and a vulnerability disclosure policy. Privacy compliance is strong, with a clear GDPR-compliant privacy policy and cookie consent mechanism. Contact information is complete and transparent, enhancing business credibility. Overall, the site presents a trustworthy and professional digital presence for a specialized technology company serving the Slovak market.

W

Webdesign, Grafik und Print: Mausblau.at, Inh. Gerald H. Reisner

mausblau.at

0

Mausblau.at is a small, professional web design and graphic design agency based in Burgenland, Austria, operated by Gerald H. Reisner. The company offers a range of creative services including web design, print, graphic design, and logo creation, targeting small to medium-sized businesses and professionals primarily within Austria. The website reflects a strong local market position with personalized service and a well-curated portfolio showcasing recent projects. Technically, the site is built on WordPress using the Avada theme and integrates modern web technologies such as jQuery and All in One SEO Pro for optimization. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enabled and secure form handling, though there is room for improvement in implementing additional security headers and explicit security policies. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website demonstrates high business credibility with transparent contact information, testimonials, and consistent branding.

A

Archipel Academy

archipelacademy.com

0

Archipel Academy is a Dutch-based company specializing in smart learning solutions tailored for HR and Learning & Development professionals. Their offerings include skill-based, functional, society, and individual learning solutions, supported by a suite of digital learning platforms such as LXP and LMS. The company targets a broad range of industries including energy, transport, retail, government, and manufacturing, serving medium-sized organizations with scalable and effective learning strategies. The website is professionally designed, leveraging HubSpot CMS and integrating modern marketing and analytics tools, providing a good user experience with mobile optimization and clear navigation. However, the absence of publicly available WHOIS data raises questions about domain registration legitimacy, although the presence of client logos and awards supports business credibility. Privacy compliance is partially addressed with a cookie consent banner but lacks a dedicated privacy policy page. Security posture is strong with HTTPS, security headers, and form protections in place.

I

IT-Recht Kanzlei

it-recht-kanzlei.de

0

IT-Recht Kanzlei is a specialized German legal service provider focusing on IT law, offering comprehensive legal text packages and digital tools tailored for online shops and businesses. Recognized as a top economic law firm in 2024, it holds a strong market position as the largest legally organized trader support in IT law in Germany. The company provides subscription-based legal services, including GDPR-compliant documents, trademark registration, and legal consulting, supported by a mature digital infrastructure. Technically, the website is built on a custom CMS with modern JavaScript libraries and privacy-conscious analytics (Matomo), hosted by a reputable German provider. Security posture is solid with HTTPS and some best practices, though explicit security headers and policies are not publicly detailed. Privacy compliance is partial, lacking visible privacy and cookie policies in the provided content. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

Պ

Պետական գույքի կառավարման կոմիտե

e-auctions.am

0

The website e-auctions.am is an official Armenian government platform operated by the State Property Management Committee, providing electronic auctions for state-owned assets including real estate, vehicles, electronics, shares, and other movable property. It targets Armenian citizens and legal entities interested in participating in these auctions. The platform offers user registration, auction browsing, and bidding functionalities, positioning itself as the authoritative source for state property auctions in Armenia. The domain is recently registered in October 2023, consistent with a newly launched government service. Technically, the website uses a modern tech stack including Bootstrap for responsive design, Google Fonts for typography, FontAwesome icons, and Google Tag Manager for analytics. The site is mobile optimized with good navigation and content structure. However, accessibility features are basic and SEO optimization is minimal. Performance is moderate with no critical errors detected. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible security headers and published security policies. No privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. No incident response or vulnerability disclosure mechanisms are evident. The site does not expose sensitive data or use vulnerable libraries visibly, but improvements are recommended in security headers and policy transparency. Overall, the website is trustworthy and professional, serving a critical government function. The main risks relate to privacy compliance and security policy transparency. Strategic recommendations include publishing privacy and cookie policies, implementing security headers, and establishing vulnerability disclosure processes to enhance trust and compliance.

C

Chargemap Business

chargemap-business.com

0

Chargemap Business is a professional B2B platform specializing in electric vehicle fleet charging management solutions. The company offers a comprehensive suite of services including charging on the road, workplace charging, and home charging reimbursement, supported by a multi-network recharge card and a mobile app used by over one million drivers. Their market position is strong with over 3,300 business customers and a high Trustpilot rating, indicating customer satisfaction and trust. Technically, the website is built on modern technologies such as Webflow CMS, GSAP animations, and integrates major analytics and tracking tools like Google Analytics, Microsoft Clarity, and Facebook Pixel. The site is well optimized for performance, mobile responsiveness, and accessibility. Security posture is good with HTTPS and secure forms, but lacks publicly available security policies or incident response information. WHOIS data is missing, which slightly reduces trust but the professional web presence and business indicators suggest legitimacy. Overall, the website is a high-quality, trustworthy platform serving the EV fleet management sector with room for improvement in transparency of security and contact details.

B

Business Insider Deutschland GmbH

gruenderszene.de

0

Business Insider Deutschland GmbH operates Gründerszene, a leading German-language media platform focused on startups, digital economy, and venture capital. The website offers comprehensive news, insights, events, and subscription-based premium content targeting entrepreneurs, investors, and professionals in the startup ecosystem. It holds a strong market position as part of Axel Springer Deutschland GmbH, leveraging professional branding and consistent content quality. Technically, the website is built on WordPress CMS with modern JavaScript libraries such as jQuery and Underscore.js, integrated with Google Tag Manager, Adobe Tag Manager, and Piano for subscription management. Hosting and DNS are managed via Cloudflare, ensuring robust performance and security. The site demonstrates good mobile optimization, accessibility, and SEO practices, including structured data and meta tags. From a security perspective, the site enforces HTTPS, uses Cloudflare for DNS and CDN, and implements consent management compliant with GDPR via Sourcepoint. While explicit security headers are not fully visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerabilities detected. Privacy policies and cookie consent mechanisms are comprehensive and clearly presented. Overall, the website presents a low risk profile with high business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and improving incident response contact visibility to further strengthen trust and compliance.

U

Notruf und Reparatur Porsche Austria | Unfall Spezialist

unfall-spezialist.at

0

The website Unfall-Spezialist.at serves as a specialized platform providing accident emergency and repair services primarily for Porsche and other VW Group vehicles in Austria. It offers key services such as 24-hour emergency calls, towing, accident report downloads, and online repair requests. The site leverages official VW Group branding and fonts, indicating a close association or authorization by the VW Group. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and OneTrust for cookie consent, reflecting a moderate level of digital maturity. However, no explicit privacy policy or terms of service pages were found, which is a gap in compliance and user transparency. Security posture is adequate with HTTPS enforced but lacks visible security headers and incident response information. Overall, the site is professional and functional but could improve in privacy and security transparency.

P

Porsche Holding

porsche-holding-karriere.com

0

Porsche Holding operates as the largest and most successful automobile dealer in Europe, focusing on mobility and automotive sales. The website analyzed is a career portal targeting job seekers, students, and professionals interested in the automotive sector, offering various entry programs such as apprenticeships, internships, work-study, trainee programs, and direct entry positions. The site is professionally designed with consistent branding and multiple trust indicators including employer awards and certifications. Technically, the site uses modern frameworks like Next.js and React, with cookie consent managed by OneTrust and analytics via Google Tag Manager. Security posture is good with HTTPS enforced, but lacks some security headers and explicit privacy and terms of service pages. WHOIS data is unavailable, which slightly impacts trust but the overall professional presentation supports legitimacy.

P

Porsche

porsche.at

0

Porsche Österreich operates as the official Austrian website for the Porsche brand, providing comprehensive information about Porsche's luxury sports cars, SUVs, and electric vehicles. The site targets automotive enthusiasts and potential buyers in Austria, offering detailed model specifications, online configurators, and customer services. The business is positioned as a premium automotive manufacturer with a strong brand presence and a focus on high-quality user experience. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations such as Google Tag Manager for analytics and OneTrust for cookie consent management. The site is mobile-optimized and accessible, with good SEO practices and consistent branding. Hosting and CMS details are not explicitly disclosed but appear to be custom or proprietary. From a security perspective, the site enforces HTTPS with strong security headers and does not expose sensitive data. Cookie consent mechanisms comply with GDPR requirements. However, there is no explicit security policy or incident response contact information published, and no vulnerability disclosure policy or security.txt file is present. Overall, the security posture is strong but could be improved with more transparency on security governance. The domain WHOIS data aligns well with the Porsche brand and Austrian market, indicating high legitimacy and trustworthiness. No WAF or blocking mechanisms interfere with content access. The website is safe for general audiences, containing no adult or questionable content. Strategic recommendations include publishing a dedicated security policy, providing incident response contacts, and implementing a vulnerability disclosure program to enhance trust and compliance.

A

Automobili Lamborghini S.p.A.

lamborghini.com

0

Automobili Lamborghini S.p.A. is a globally recognized luxury automotive manufacturer specializing in high-performance sports cars and supercars. The official website serves as a comprehensive platform showcasing their product lineup, latest news, events, and dealer information, targeting affluent customers and automotive enthusiasts worldwide. The brand holds a premium market position under the Volkswagen Group umbrella, emphasizing exclusivity and innovation. Technically, the website leverages modern web technologies including React and Next.js frameworks, integrated with Google Tag Manager and New Relic for analytics and performance monitoring. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, ensuring a smooth user experience across devices. Privacy compliance is robust, with clear cookie consent mechanisms and GDPR-aligned policies implemented via OneTrust. From a security perspective, the site enforces HTTPS with strong SSL configurations and employs standard security headers. While no explicit security policy or incident response details are publicly disclosed, no vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable or privacy protected, which is typical for high-profile brands to mitigate spam and abuse risks. Overall, the website presents a secure, professional, and trustworthy digital presence aligned with Lamborghini's luxury brand image. Strategic recommendations include publishing detailed security policies, establishing a vulnerability disclosure program, and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

J

JANUS Werbeagentur

jnetworks.at

0

JANUS Werbeagentur is a small Austrian creative agency founded in 2002, specializing in a broad spectrum of marketing, branding, graphic design, photography, web development, and event marketing services. The website presents a unique branding approach where one individual, Manuel Mair, is portrayed as fulfilling multiple team roles, emphasizing a personalized and multifaceted service offering. The agency targets businesses seeking comprehensive marketing and digital solutions. Technically, the website is built with standard HTML, CSS, and JavaScript, featuring responsive design and client-side form validation. However, there is no evidence of advanced frameworks, CMS, or analytics tools. Performance and mobile optimization are moderate to good, but accessibility and SEO optimizations are basic. No security headers or HTTPS enforcement details were detected, indicating room for improvement in security posture. Security-wise, the site lacks visible security policies, incident response contacts, and privacy or cookie policies, which are critical for GDPR compliance and user trust. The contact form includes basic client-side validation but lacks visible server-side security measures. No tracking or advertising scripts were found, suggesting minimal user tracking. Overall, the website is professional and trustworthy but would benefit from enhanced security measures, privacy compliance, and transparency to improve user trust and regulatory adherence.

Rollbar is a technology company specializing in real-time error tracking and debugging tools for software development teams. Established in 2004, it offers a SaaS platform that helps developers discover, prioritize, and resolve errors efficiently across multiple programming languages and platforms. The company targets software developers, engineering managers, QA teams, and customer support professionals, positioning itself as a trusted solution in the error monitoring market with AI-assisted workflows and session replay features. Technically, Rollbar's website is built on WordPress and leverages modern web technologies including JavaScript, jQuery, and various analytics and marketing tools such as Mixpanel, Google Analytics, HubSpot, and OneTrust for cookie consent. The site is hosted behind Cloudflare DNS and CDN services, ensuring fast performance and good mobile optimization. SEO and accessibility are well implemented, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site enforces HTTPS, uses client-side error monitoring via the Rollbar SDK, and implements GDPR-compliant cookie consent mechanisms. While explicit security headers are not visible in the HTML, the overall posture is strong with no exposed sensitive data or vulnerabilities detected. The domain registration is consistent and long-standing, supporting the company's legitimacy. However, enabling DNSSEC and publishing a security.txt file would further enhance security transparency. Overall, Rollbar's website reflects a mature, professional, and secure online presence aligned with its business goals. The site provides clear business information, trust signals, and complies with privacy regulations, making it a reliable resource for its target audience.

S

Secure Privacy

secureprivacy.ai

0

Secure Privacy is a Denmark-based technology company specializing in cookie consent and privacy compliance solutions. Founded in 2017, it offers SaaS products that help businesses comply with GDPR, CCPA, LGPD, and over 55 other privacy laws worldwide. The company positions itself as a leading provider in the privacy compliance market, targeting businesses that require automated and seamless privacy management. The website reflects a professional and modern digital presence, leveraging React and Gatsby frameworks, hosted with Cloudflare DNS services, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforced, security headers implemented, and no visible vulnerabilities. However, the site lacks explicit security policy and incident response information, which could be improved. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

V

Visme

visme.co

0

Visme is a technology company providing a SaaS platform for creating professional presentations, infographics, documents, and other visual content. Positioned as an established player in the visual content creation market, Visme targets businesses, marketers, educators, and freelancers with a comprehensive suite of design tools including AI-powered features. The website demonstrates a high level of digital maturity with modern technologies, responsive design, and good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response information are not publicly available. Overall, the site is professional, trustworthy, and well-branded, supporting a medium-sized business model in the technology sector.

E

Experian

experian.com

0

Experian is a leading global credit reporting agency providing consumers and businesses with credit reports, FICO® scores, credit monitoring, and identity theft protection services. The company targets consumers seeking to understand and improve their credit health, offering free credit reports and scores as a core service. Experian operates at an enterprise scale with a strong market position in the financial services sector. The website reflects a mature digital presence built on modern technologies such as Gatsby and React, with extensive use of analytics and marketing tools to optimize user engagement and conversion. Security is robust with HTTPS enforcement, comprehensive security headers, and adherence to recognized frameworks like ISO 27001 and NIST. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity, supporting Experian's reputation as a credible and secure financial services provider.

VetFolio is a professional online education platform specializing in veterinary continuing education and certifications. It serves a broad audience of veterinary professionals including veterinarians, nurses, technicians, and practice managers. The platform offers a variety of RACE-approved courses in multiple formats such as videos, webinars, podcasts, and live virtual events, positioning itself as a respected resource in the veterinary education market. The business model is subscription-based with additional paid certifications and premium content offerings. The website demonstrates a high level of digital maturity, leveraging modern web technologies including Ember.js, Google Analytics, Microsoft Clarity, and Stripe for payment processing. The site is well-optimized for mobile devices and provides a seamless user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be explicitly confirmed or improved. Privacy compliance is evident with a comprehensive privacy policy and cookie banner. However, the absence of WHOIS data for the domain www.vetfolio.com introduces some uncertainty regarding domain registration transparency, which slightly impacts the overall trust assessment. Overall, VetFolio presents as a credible and professional educational service with solid technical and security foundations.

S

Smeg S.p.A.

smegstore.us

0

SMEG USA operates as an e-commerce platform retailing stylish and high-quality kitchen appliances under the SMEG brand. The website targets general consumers seeking modern, energy-efficient kitchen products and offers a variety of appliances including major and small appliances, retro refrigerators, and kitchen accessories. The business is positioned as a medium-sized entity with a focus on design and quality, leveraging the established SMEG brand from Italy. Technically, the site is built on Shopify, utilizing modern JavaScript frameworks and integrations with marketing and analytics tools such as Google Analytics, Facebook Pixel, and Klaviyo. The site demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and use of CAPTCHA and fraud filtering apps, though DNSSEC is not enabled and some security headers are not explicitly present. Privacy compliance is weak due to the absence of visible privacy and cookie policies, and no explicit contact information is provided for customer or security inquiries. Overall, the domain registration data aligns well with the SMEG brand and the website content, indicating legitimacy despite the domain's recent creation. Strategic improvements in privacy disclosures and security header implementation would enhance trust and compliance.

M

Maje

maje.com

0

Maje is a retail fashion brand preparing to launch in new markets, exemplified by the Finland-focused coming soon page. The website primarily serves as a subscription landing page to collect emails for early access and promotional offers. The business model centers on e-commerce clothing sales with a focus on direct consumer engagement via email marketing. The site uses Salesforce Commerce Cloud (Demandware) as its platform and integrates CQuotient for personalization and analytics, indicating a moderate level of digital maturity. However, the website currently lacks comprehensive privacy and cookie policies, and no direct contact information is provided, which may impact user trust and compliance. Security posture is moderate with HTTPS implied but no visible security headers or advanced protections. The absence of WHOIS data for the domain raises concerns about domain registration transparency and legitimacy. Overall, the site is functional but basic, with room for improvement in privacy, security, and business credibility aspects.

El Corte Inglés S.A. is a leading Spanish retail and e-commerce company founded in 1940, offering a wide range of products including fashion, electronics, books, sports equipment, groceries, and more. The company operates both physical department stores and a comprehensive online platform targeting general consumers primarily in Spain and Portugal. The website reflects a mature digital presence with extensive product categories and services, supported by a large enterprise infrastructure and multiple subsidiaries.

C

CUF

cuf.pt

0

CUF is a leading healthcare provider in Portugal, operating numerous hospitals, clinics, and health centers nationwide. The website reflects a mature digital presence with comprehensive service offerings including online appointment booking and teleconsultations. CUF targets the general public and families seeking quality healthcare services. The company holds a strong market position as a trusted healthcare leader in Portugal.

A

Avis

avis.com

0

Avis is a globally recognized car rental company providing vehicle rental services through its online platform. The website go.avis.com serves as a subdomain for online booking and customer engagement, offering a variety of vehicles including the premium Avis Signature Series. The site targets general consumers seeking convenient car rental solutions. Technically, the website employs modern frameworks such as React and Next.js, with integrations of analytics and marketing tools like Google Tag Manager and Optimizely. The site demonstrates good design quality and mobile optimization, ensuring a positive user experience. Security posture is moderate; while HTTPS is implied, no explicit security headers or policies are visible in the provided data. Privacy and cookie policies are not clearly found, indicating room for compliance improvement. Overall, the website is professional and trustworthy, consistent with Avis's market position as a leading transportation service provider.

Lenovo's Finnish official website serves as a comprehensive e-commerce platform offering laptops, tablets, smartphones, and data center solutions tailored for the Finnish market. The site reflects Lenovo's global market position as a leading technology provider with a strong focus on both consumer and business segments. The website demonstrates a mature digital infrastructure leveraging modern web technologies, Adobe Experience Platform, and robust analytics tools, ensuring a seamless user experience across devices. Security posture is strong with HTTPS enforcement, bot protection via reCAPTCHA, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies aligned with GDPR requirements. However, WHOIS data for the domain is unavailable, likely due to registry privacy or query limitations, but this does not detract from the site's legitimacy given Lenovo's global brand presence. Overall, the site is professional, secure, and trustworthy, supporting Lenovo's business objectives in Finland.

Subaru Canada, Inc operates the official Canadian website for Subaru vehicles, providing detailed information on their sedans, wagons, and SUVs. The website serves Canadian consumers and supports dealer location services. The company is well-established with a domain age dating back to 2000, reflecting its longstanding presence in the automotive market. The site demonstrates consistent branding and professional content tailored to its target audience. Technically, the website employs a variety of modern analytics and marketing technologies including Google Analytics, Microsoft Application Insights, Facebook Pixel, TikTok Pixel, and Visual Website Optimizer, indicating a mature digital marketing infrastructure. The site is hosted under a reputable registrar and uses HTTPS with standard security headers, although DNSSEC is not enabled, which is a potential area for improvement. Security posture is solid with no evident vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and cookie policies and lack of visible contact information in the analyzed HTML content represent compliance and transparency gaps. Overall, the website is professional, secure, and trustworthy, but could enhance user trust and compliance by publishing clear privacy and cookie policies and providing direct contact details.

N

National Basketball Association

nba.com

0

The National Basketball Association (NBA) operates NBA.com as its official digital platform, providing comprehensive coverage of basketball scores, schedules, player stats, news, and ticketing services. The website serves a global audience of basketball fans and sports enthusiasts, offering key services such as live game streaming via NBA League Pass, fantasy sports, and merchandise sales. NBA.com holds a leading market position as the premier source for professional basketball content and related services. Technically, NBA.com is built on a modern React-based framework (Next.js), leveraging advanced web technologies and third-party integrations including Adobe Tag Manager and Google DoubleClick for advertising and analytics. The site demonstrates excellent performance, mobile optimization, and SEO practices, ensuring a high-quality user experience across devices. From a security perspective, NBA.com enforces HTTPS and employs consent management mechanisms for cookies, reflecting a solid security posture. However, explicit security headers and publicly accessible privacy and terms of service pages were not detected in the provided content, indicating areas for improvement in transparency and compliance. The absence of WHOIS data limits domain registration verification, but the strong brand presence and secure infrastructure support the site's legitimacy. Overall, NBA.com is a professionally managed, enterprise-grade sports media website with robust content and technical infrastructure. Strategic enhancements in privacy disclosures, security transparency, and incident response information would further strengthen its compliance and trustworthiness.

Z

ZARA

zara.com

0

ZARA is a leading global fashion retailer specializing in fast-fashion clothing, footwear, and accessories for men, women, and children. The website reflects a mature e-commerce platform with extensive international reach, supporting multiple languages and currencies. The brand is part of the Inditex group, a major player in the retail industry. The site is professionally designed with excellent content quality and user experience, targeting a broad general audience interested in fashion products. Technically, the website employs modern web technologies including React, JavaScript, and CSS, supported by analytics and marketing tools such as Google Tag Manager, Riskified, and OneTrust for cookie consent. The site is optimized for performance and mobile responsiveness, with good SEO and accessibility features. Security best practices are observed, including HTTPS enforcement, security headers, and obfuscation tools like Jscrambler. From a security perspective, the site demonstrates a strong posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with consent mechanisms aligned with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the website presents a low-risk profile with high trustworthiness and professionalism. The absence of WHOIS data is noted but likely due to privacy protection common among large brands. Strategic recommendations include enhancing transparency around security policies and incident response to further strengthen user trust and compliance.

The website www.boohoo.com is currently inaccessible due to a 403 Forbidden error triggered by AWS CloudFront's Web Application Firewall (WAF). This blocking prevents retrieval of any meaningful website content, metadata, or business information. Consequently, no direct analysis of the company's services, policies, or technical infrastructure is possible. The WHOIS lookup also failed to return any registration data, indicating either privacy protection, an unregistered domain, or a query mismatch. This lack of transparency limits trust and legitimacy assessments. From a security perspective, the inability to access the site or its headers prevents evaluation of SSL, security headers, or compliance with privacy regulations. Overall, the site is effectively blocked from external analysis, resulting in a low AI score and significant uncertainty about the business and security posture.

B

BOSCH

bosch-home.ca

0

Bosch Home Appliances Canada operates a comprehensive e-commerce and informational website offering a wide range of high-end kitchen and home appliances. The company leverages its long-standing brand reputation of over 125 years to target Canadian consumers seeking quality and innovation in home appliances. The website is well-structured, professionally designed, and optimized for both desktop and mobile users, providing a seamless user experience with clear navigation and accessibility features. Technically, the site employs modern web technologies including Adobe Experience Manager CMS, Adobe Analytics, and robust cookie consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, CSRF protections, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates high legitimacy and trustworthiness despite the absence of detailed WHOIS data, likely due to privacy protection. Strategic recommendations include enhancing transparency around security policies and vulnerability disclosures to further strengthen user trust and compliance.

V

Volkswagen Group

vwgroup.com

0

Volkswagen Group is a leading global automotive manufacturer focused on shaping the future of mobility through innovation, sustainability, and technology leadership. The website reflects a mature digital presence with comprehensive corporate information, investor relations, media resources, and career opportunities. The technical infrastructure uses modern web technologies and includes privacy-conscious analytics with user consent mechanisms. Security posture is strong with HTTPS and cookie consent but lacks explicit security policy and vulnerability disclosure details. The absence of WHOIS data is unusual but the website's professional presentation and official social media presence strongly support legitimacy. Overall, the site is well-structured, user-friendly, and trustworthy.

M

Modix

modix.net

0

Modix is a well-established provider of innovative digital solutions tailored for automotive dealers and manufacturers, aiming to accelerate vehicle sales and enhance brand experiences. As part of Cox Automotive, Modix benefits from a strong market position and access to a comprehensive portfolio of automotive services. The website reflects a mature digital presence with professional design, clear navigation, and targeted content for B2B automotive clients. Technically, the site is built on WordPress with modern plugins and SEO optimizations, supported by Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and policies could be improved. Overall, the site demonstrates a trustworthy and professional business with good compliance to privacy regulations.

Rascals Themes is a small technology business specializing in the development and sale of creative, easy-to-use WordPress themes. Established in 2017 and based in Poland, the company positions itself as a niche provider focusing on usability and outstanding customer support. Their offerings include WordPress themes, support services, and customization options, targeting WordPress users seeking professional and responsive themes. The website is well-designed with a modern React-based frontend, good mobile optimization, and clear navigation, reflecting a moderate level of digital maturity. Hosting is provided via seohost.pl with custom nameservers, and the domain registration is consistent and credible. From a security perspective, the website uses HTTPS and does not expose sensitive data. However, it lacks DNSSEC, security headers, privacy and cookie policies, and a vulnerability disclosure mechanism, indicating room for improvement in compliance and security posture. No analytics or tracking scripts were detected, suggesting minimal user tracking. The absence of direct contact emails or phone numbers limits immediate communication channels, relying solely on a contact form. Overall, the site is safe for general audiences with no adult or questionable content. The overall risk is moderate with no critical vulnerabilities detected, but compliance gaps and security best practices should be addressed to enhance trust and regulatory adherence. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, enabling DNSSEC, adding security headers, and publishing a vulnerability disclosure policy to improve security culture and user trust.

G

Google LLC

mattacreates.org

0

The analyzed website is a Google Consent Management page designed to handle user privacy preferences and consent related to Google services, specifically for users accessing Google News from Germany. It is part of Google's extensive ecosystem, reflecting their commitment to GDPR compliance and user data protection. The page is professionally designed with excellent user experience and mobile optimization, consistent with Google's branding and technical standards. The technical infrastructure leverages modern web technologies and Google Cloud hosting, ensuring fast performance and robust security. Security posture is strong with HTTPS enforcement, comprehensive security headers, and no detected vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies, consent mechanisms, and GDPR adherence. Overall, the domain is legitimate, trustworthy, and part of a globally recognized enterprise with a strong market position in technology and digital advertising.

R

Regional Network Information Center, JSC dba RU-CENTER

userapi.com

0

VK.com is the largest European social networking platform, founded in 1997 and operated under a well-established domain registered with RU-CENTER. The platform offers a wide range of services including social networking, messaging, media sharing, video hosting, mini apps, and advertising. It targets a broad general audience and maintains a strong market position as a leading social network in Russia and Europe. Technically, VK employs modern web technologies such as React and MobX, with a focus on performance, accessibility, and mobile optimization. Security measures include HTTPS enforcement, security headers, and active error monitoring, although DNSSEC is not enabled. Privacy and terms policies are comprehensive and GDPR compliant, but explicit security policies and incident response contacts are not prominently published. Overall, VK demonstrates a mature digital infrastructure and a high level of professionalism and trustworthiness.

N

Nomos

nomos.de

0

Nomos Verlag is a German academic publishing company specializing in literature related to law, social sciences, economics, and history. The website targets academics, legal professionals, and researchers, offering a professional and content-rich platform. The company maintains a consistent brand presence and uses modern web technologies including WordPress and Yoast SEO to optimize content delivery and search visibility. The integration of Cookiebot ensures GDPR-compliant cookie management, reflecting a commitment to privacy and regulatory compliance. Technically, the site is moderately performant with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. No critical vulnerabilities or blocking mechanisms were detected, and the domain appears legitimate though WHOIS data is limited. Overall, the site presents a trustworthy and professional digital presence suitable for its academic audience.

E

evolver group

evolver.center

0

evolver group is a German IT and software company specializing in SaaS marketplace platforms, notably their evolverMARKET product which integrates AI and offers extensive features for businesses, startups, publishers, and municipalities. The company positions itself as a reliable provider of digitalization solutions with a focus on user-friendly, mobile-optimized, and SEO-friendly portals. Their offerings include hosting in German data centers, customer support, and advanced marketplace functionalities such as Click & Reserve and intelligent ad management. Technically, the website employs modern JavaScript libraries, analytics tools like Matomo and Google Tag Manager, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and consent-based tracking, though explicit privacy and terms policies are not clearly presented on the analyzed page. Overall, the domain and website content indicate a legitimate, professional business with a strong market presence in the technology sector.

TariffPilot GmbH operates a specialized AI-powered cloud platform designed to automate and accelerate the customs tariff classification process for companies engaged in cross-border trade. The platform integrates the official EZT-Online customs tariff database and provides detailed classification suggestions with justifications, significantly reducing manual effort and time. The website is professionally designed, mobile-optimized, and rich in relevant content including customer testimonials, partner logos, and comprehensive FAQs. Technically, the site uses modern frameworks such as Astro, integrates Google Analytics and rapidmail for marketing, and is hosted likely on Google Cloud infrastructure. Security posture is strong with HTTPS and a strict Content-Security-Policy, though some additional security headers and explicit incident response policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data is missing or unavailable, which raises concerns about domain registration transparency despite the professional appearance and business legitimacy of the site. Overall, the website presents a credible and trustworthy business front with minor areas for security and compliance improvement.

AWA AUSSENWIRTSCHAFTS-AKADEMIE GmbH operates an e-learning platform focused on external trade and business education, leveraging the Moodle CMS to deliver online courses. The website presents a professional login interface with consistent branding and a clear target audience of students and professionals seeking specialized training. The technical infrastructure is modern, utilizing Moodle 3.17.2, YUI, jQuery, and MathJax for content rendering, indicating a mature digital environment. Performance and mobile optimization are adequate, supporting a good user experience. Security posture is solid with HTTPS enforced and secure login forms, though the absence of security headers and public privacy or terms policies limits compliance and trust. The WHOIS data is missing or inaccessible, raising concerns about domain registration legitimacy despite the active website presence. Overall, the platform is functional and professional but would benefit from enhanced transparency and security disclosures.

S

Staatliche Zentralstelle für Fernunterricht

zfu.de

0

The website https://zfu.de/ represents the Staatliche Zentralstelle für Fernunterricht, a German government authority responsible for regulating distance learning courses and programs under the Fernunterrichtschutzgesetz (FernUSG). It serves as the official body for approving and overseeing Fernunterrichtslehrgänge and Fernstudiengänge, targeting course providers, interested learners, and educational institutions. The site provides authoritative information including recent legal rulings by the Bundesgerichtshof (BGH) relevant to distance education regulation. The content is primarily in German and is professionally presented with clear navigation and consistent branding.

Z

Zwei P PLAN:PERSONAL gGmbH

weiterbildungsbonus.net

0

Zwei P PLAN:PERSONAL gGmbH is a Hamburg-based non-profit organization specializing in providing educational consulting and financial support for professional development, primarily targeting employees, self-employed individuals, and SMEs within Hamburg. The organization has a strong local presence with over 25,000 success stories and is funded by the European Union and the Free and Hanseatic City of Hamburg. Their key services include advisory support and the administration of the Weiterbildungsbonus PLUS funding program. The website is professionally designed, content-rich, and clearly communicates eligibility criteria, application processes, and contact information.

M

Ministerium für Arbeit, Gesundheit und Soziales des Landes Nordrhein-Westfalen

mags.nrw

0

The website https://mags.nrw/ is the official digital presence of the Ministry for Labor, Health, and Social Affairs of the German state North Rhine-Westphalia. It serves as a comprehensive information portal for citizens and institutions, providing news, press releases, and access to government programs related to labor, health, and social welfare. The site is well-branded, professionally designed, and highly accessible, reflecting its government status and public service mission. Technically, it is built on Drupal CMS with modern frameworks like Bootstrap and uses Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The domain registration aligns perfectly with the ministry's identity, enhancing trust and legitimacy. Overall, the site demonstrates a mature digital infrastructure suitable for a government entity, with excellent content quality and user experience.

The website at go.link is currently inaccessible, presenting only a minimal 'Url not found' message. This lack of content prevents any meaningful analysis of the business operations, services, or user engagement. The domain is registered with Gandi SAS since 2017 and is valid until 2026, indicating a legitimate registration history but no active website presence. The absence of metadata, forms, or contact information suggests the site is either under development, deprecated, or blocked. From a technical perspective, no technologies, frameworks, or CMS platforms could be identified due to the lack of content. DNS is managed via NS1 name servers, but DNSSEC is not enabled, which is a minor security shortfall. No security headers or HTTPS status could be verified, and no analytics or advertising scripts were detected. Security posture is weak due to the absence of visible security controls, policies, or compliance documentation. No privacy, cookie, or terms of service policies are present, and no contact or incident response information is available. The domain registration is consistent and not privacy protected, but the lack of website content and security best practices reduces trustworthiness. Overall, the website scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include establishing a functional website with proper security and privacy policies, enabling HTTPS and security headers, and providing clear contact and incident response information to improve trust and compliance.