Security Directory

B

Bundesverband Deutscher Finanzberater e.V.

bundesverband-deutscher-finanzberater.de

58

The Bundesverband Deutscher Finanzberater e.V. (BDF) is a professional association representing financial, asset, and investment advisors in Germany. It acts as a political and professional voice for its members, providing certification, rating services, and continuing education. The website serves multiple audiences including financial experts seeking certification, consumers looking for certified advisors, and media professionals. The organization positions itself as a leading association in the German finance advisory sector with a focus on independence and quality standards. Technically, the website is built on the IONOS MyWebsite platform, using standard JavaScript libraries and CDNs, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response disclosures. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the site is professional and trustworthy but could improve in security and privacy transparency.

B

BWH Hotels Central Europe GmbH

bestwestern.de

72

Best Western Hotels & Resorts Germany (operated by BWH Hotels Central Europe GmbH) is a large hospitality company offering online booking for over 200 hotels across Germany, Austria, Switzerland, and Luxembourg. The website provides detailed hotel information, booking capabilities, and loyalty program access, targeting travelers in Central Europe. Technically, the site uses a custom CMS with modern JavaScript libraries, Google reCAPTCHA for bot protection, and consent management tools to comply with GDPR. Accessibility is a strong focus, with an extensive accessibility tool integrated. Security posture is good with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

S

SoftTec GmbH

hotels-online-buchen.de

62

SoftTec GmbH operates a professional website offering hotel software and cloud hotel program solutions targeted at the hospitality industry in Germany. The website is built on WordPress using Elementor and jQuery, indicating a modern and maintainable technical infrastructure. The site is accessible without any WAF or security challenges, and the content is relevant and professionally presented. However, the website lacks explicit privacy, cookie, and terms of service policies, which are critical for GDPR compliance and user trust. Security headers and incident response information are also missing, which could be improved to enhance the security posture. Overall, the website demonstrates a moderate level of digital maturity with room for improvement in privacy and security compliance.

Ulmer Weihnachtscircus is a small regional event organizer specializing in an annual Christmas circus show in Ulm, Germany. The website provides detailed information about the event schedule, ticket sales, and partners, targeting families and local visitors. The business has a solid regional presence with longstanding tradition and partnerships with local media and sponsors. Technically, the website uses outdated technologies such as jQuery 1.2.3 and Flash, lacks HTTPS enforcement, and does not implement modern privacy or security standards. Security posture is weak due to missing HTTPS, lack of security headers, and use of deprecated libraries. Privacy compliance is minimal with no cookie consent or GDPR indicators. Overall, the site is functional but requires modernization and security improvements to meet current standards.

The website kulturnacht-ulm.de serves as the official portal for the Kulturnacht Ulm/Neu-Ulm 2025 cultural event, providing visitors with information about the event's schedule, partners, and participation opportunities. The site targets a broad audience including families and culture enthusiasts in the Ulm and Neu-Ulm region. The business model centers on event organization and cultural promotion, positioning itself as a regional cultural event organizer. Technically, the site uses traditional web technologies including JavaScript and CSS with custom scripts for image galleries and UI elements. The site lacks modern CMS or frameworks and shows basic mobile and accessibility support. Security posture is limited with no detected security headers or cookie consent mechanisms, and no explicit contact or incident response information is available on the main page. The domain's WHOIS data and name servers indicate local institutional hosting, supporting legitimacy. Overall, the site is functional and content-rich but would benefit from enhanced security and privacy compliance measures.

N

next.motion OHG

next-motion.de

63

next.motion OHG is a German-based small IT and digital services company established in 2003, specializing in web development, IT infrastructure, and digital strategy. The company operates as a full-service partner combining a Kreativagentur and IT-Systemhaus, serving primarily small and medium-sized businesses. Their market position is solid with 20 years of experience and a team of about 20 employees. The website reflects a professional and modern digital presence with comprehensive service offerings including TYPO3 CMS, Symfony Framework, cloud hosting, IT support, and security solutions. Technically, the site uses TYPO3 CMS, PHP, JavaScript, and integrates privacy-conscious analytics tools like Matomo alongside Google Analytics and Facebook Pixel, managed via Google Tag Manager. Cookie consent is handled by Cookiebot, ensuring GDPR compliance. Security posture is good with HTTPS enforced and reCAPTCHA on forms, though explicit security headers are not confirmed. No public security policy or incident response contacts are found, which is a potential area for improvement. WHOIS data is limited due to DENIC privacy policies but consistent with the business claims. Overall, the website is trustworthy, well-structured, and compliant with privacy regulations, making it a reliable digital front for the company.

Landesmusikrat Brandenburg e.V. is a well-established non-profit umbrella organization representing music associations, institutions, and individuals in Brandenburg, Germany. Founded in 1990, it serves as an advocate and advisor in music policy, organizes events, and offers educational and funding programs. The website reflects a professional and content-rich platform targeting musicians, cultural institutions, and the general public interested in music. Technically, the site uses modern web technologies including a CMS likely Drupal, JavaScript libraries for UI components, and is hosted on rzone.de. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and explicit incident response information. Privacy compliance is partial with a clear privacy policy but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with room for improvement in security and privacy transparency.

Cit Studio is a small creative media studio based in Italy specializing in cinema and video production services. The website presents a professional and visually appealing interface targeting film and media professionals or clients seeking creative video production. The technical infrastructure is built on WordPress with common web technologies such as Bootstrap and jQuery, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for improvement in compliance and security maturity. Overall, the site is legitimate and safe, but enhancing privacy compliance and security best practices would strengthen trust and reduce risk.

D

Deutsches Musikinformationszentrum (miz)

miz.org

70

The Deutsches Musikinformationszentrum (miz) is a well-established non-profit organization serving as the central information hub for music life in Germany. Founded in 1998, it offers comprehensive resources including news, studies, thematic portals, and event calendars targeted at music professionals, institutions, and enthusiasts. The website is professionally designed with excellent content quality and clear navigation, supporting a broad audience interested in the German music scene. Technically, the site is built on Drupal 10, hosted via Cloudpit, and employs modern web technologies including Matomo for analytics and a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with clear cookie policies and user consent management. Contact information is primarily via contact forms and social media channels, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates a mature digital presence with a trustworthy reputation in its sector.

D

Deutscher Musikrat gGmbH

popcamp.de

37

PopCamp is a well-established German non-profit artist promotion program operated by Deutscher Musikrat gGmbH. It offers high-level coaching and professional development for emerging musicians, supporting them through workshops, showcases, and project funding. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content focused on artist development. Technically, the site is built on TYPO3 CMS, hosted by Schlundtech, and uses Matomo for analytics, indicating a preference for privacy-conscious tools. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is trustworthy, compliant with GDPR, and serves its target audience effectively.

D

Dein-Job-Magnet

dein-job-magnet.de

52

Dein-Job-Magnet is a German job platform focused on connecting job seekers with employers through online job listings and recruitment marketing services. The website targets primarily the German market and operates as a small-sized business with a niche focus. The platform employs modern web technologies including Vue.js and Leaflet.js for interactive maps, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. The technical infrastructure is moderately performant and mobile-optimized, with a custom or unknown CMS backend. Security posture is solid with HTTPS enforced and CSRF protection implemented, though some security headers could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism via Cookiebot. Overall, the website presents a professional and trustworthy front for its business operations.

The website scientists4future.org currently presents a security challenge page that blocks direct access to its main content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is registered with InterNetX GmbH since 2019 and is valid with no privacy protection, suggesting a legitimate registration. However, the website uses outdated CMS versions (Joomla 1.5 and WordPress 2.5), which are known to have multiple security vulnerabilities and are no longer supported. No privacy, cookie, or terms of service policies are present, and no contact information is available on the accessible page. The site links externally to bitninja.io, indicating use of a security service. Overall, the website's technical infrastructure is outdated, and the content is minimal and inaccessible due to security measures.

I

ITV.SH

itvsh.de

65

ITV.SH is a regional government partner focused on the digital transformation of municipal administrations in Schleswig-Holstein, Germany. The website presents a comprehensive portfolio of digital services including citizen portals, digital archiving, and cloud solutions tailored for public sector needs. The organization positions itself as a key enabler of end-to-end digitalization in local government processes. Technically, the site is built on TYPO3 CMS, leveraging privacy-conscious Matomo analytics with cookies disabled, indicating a mature approach to user privacy. The site is well-structured, mobile-optimized, and uses modern web technologies, although some security best practices such as explicit security headers and cookie consent mechanisms are missing. The WHOIS data aligns with the hosting provider and regional focus, supporting legitimacy. Overall, ITV.SH demonstrates a solid digital presence with room for improvement in security and privacy compliance to enhance trust and regulatory adherence.

D

Deutschland – Land der Ideen

land-der-ideen.de

45

Deutschland – Land der Ideen is a German non-profit initiative focused on promoting innovation and good ideas across the country. The organization supports innovators, educators, and business leaders by organizing competitions, networking events, and conferences to foster a culture of innovation. Their market position is well established as a national platform for innovation promotion with a medium-sized operational scale. Technically, the website uses modern web technologies including JavaScript, CSS, and HTML5, with privacy-respecting Matomo analytics. The site is well optimized for mobile and accessibility, with good SEO practices and a professional design. The platform appears to be custom-built or uses a proprietary CMS. From a security perspective, the site enforces HTTPS and uses secure login forms. While some security headers are not explicitly confirmed, the site follows best practices such as cookie consent and no exposed sensitive data. However, there is no public security policy or incident response contact, and no vulnerability disclosure mechanism is present. Overall, the website is trustworthy, professional, and compliant with GDPR. The lack of detailed WHOIS registrant data slightly reduces domain trust but does not raise significant concerns. Strategic improvements in security transparency and header implementation are recommended to enhance security posture further.

A

Asturias Paraíso Natural Film Commission

filmcommissionasturias.com

60

Asturias Paraíso Natural Film Commission is a regional entity dedicated to facilitating audiovisual production in Asturias, Spain. The website offers comprehensive information on filming locations, permits, professional directories, subsidies, and industry news, targeting audiovisual professionals, property owners, and producers. The site is well-branded and consistent with its official regional government affiliation, although WHOIS data is missing, raising questions about domain registration legitimacy. Technically, the site uses Liferay CMS with modern JavaScript libraries and frameworks, providing a responsive and user-friendly experience. Security posture is strong with HTTPS and security headers, but lacks published security policies and incident response contacts. Privacy compliance is good with cookie consent and GDPR-aligned policies. Overall, the site is professional and trustworthy but would benefit from clarifying domain registration and enhancing security transparency.

E

El Tiempo

eltiempo.es

69

El Tiempo is a prominent weather forecasting website primarily serving Spain and international users with detailed meteorological data and forecasts for over 200,000 cities. The site operates on an advertising-supported model, leveraging multiple ad networks and tracking technologies while implementing consent management via the Didomi SDK. The technical infrastructure includes modern JavaScript frameworks, CDN hosting, and integration with analytics and marketing tools, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding security headers and publishing explicit privacy and security policies. Overall, the website is professional, trustworthy, and well-positioned in the media sector for weather information.

A

Apple Inc.

icloud-content.com

74

Apple's iCloud developer site provides a comprehensive platform for developers to securely store and sync user data across Apple devices using iCloud and CloudKit technologies. The site offers detailed resources, telemetry, dashboards, and push notification tools, positioning Apple as a market leader in cloud services and developer tools. The technical infrastructure is modern and optimized for performance and accessibility, leveraging Apple's proprietary technologies and fonts. Security posture is strong with HTTPS enforced and privacy-respecting telemetry, though explicit security headers and incident response contacts are not evident on this page. Overall, the site demonstrates high professionalism, trustworthiness, and a mature digital presence.

DPG Media Group operates a privacy consent management page as part of its digital media services, primarily targeting users in Belgium and the Netherlands. The page analyzed is a minimal privacy gate interface designed to handle user consent for privacy compliance, featuring a loading animation and redirect logic. The company is a large media group with a strong market position in the media industry. The website uses Google Tag Manager for analytics and tracking purposes, indicating a moderate level of digital maturity. Technically, the site employs standard JavaScript and Google Tag Manager scripts but lacks visible advanced frameworks or CMS indicators. The page is mobile optimized with responsive background images and basic accessibility features. However, no explicit security headers or SSL configuration details were provided, limiting the security posture assessment. The absence of visible privacy and cookie policies on this page reduces privacy compliance confidence. From a security perspective, the site does not show signs of WAF or blocking mechanisms and appears accessible. The WHOIS query for the subdomain failed, which is expected behavior since WHOIS typically does not provide data for subdomains. The main domain likely holds the registration data. No suspicious or malicious indicators were found in the content or scripts. Overall, the security posture is moderate but could be improved by adding explicit privacy policies, security headers, and contact information. The overall risk is moderate with recommendations to enhance privacy transparency, implement security best practices, and provide clear contact channels for privacy and security inquiries to improve trust and compliance.

P

Petőfi Kulturális Ügynökség Nonprofit Zrt.

petofiugynokseg.hu

44

Petőfi Kulturális Ügynökség Nonprofit Zrt. is a Hungarian non-profit cultural agency founded in 2020, focused on promoting national and local cultural values across various sectors of contemporary Hungarian culture. The organization operates multiple subsidiaries and partners with several cultural institutions, positioning itself as a key player in Hungary's cultural landscape. The website reflects a professional and consistent brand image, targeting cultural stakeholders and the general public interested in cultural events and support programs. Technically, the website employs modern JavaScript libraries, consent management tools, and analytics platforms, ensuring GDPR compliance and a good user experience across devices. Security posture is solid with HTTPS and consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration aligns well with the business history, indicating legitimacy and trustworthiness.

The domain agonyshark.com currently serves a 404 Not Found error page with embedded information describing services provided by Admiral, a company specializing in copyright access control and privacy consent management for digital publishers. The site lacks any actual business content, contact information, or interactive features, indicating it is either inactive or used solely as a service endpoint. The technical infrastructure is minimal, hosted on Google Cloud Platform with AWS DNS servers, and uses HTTPS with frequent certificate rotation. Security practices are described as industry standard, with no executable files hosted and continuous scanning in place. However, the absence of DNSSEC and security headers reduces the overall security posture. The domain registration is recent but consistent with a service domain, registered via NameCheap, Inc. Overall, the site is safe but lacks substantive content and business credibility, resulting in a low AI score and limited insights.

M

Minding Creative Minds

mindingcreativeminds.ie

59

Minding Creative Minds is a small non-profit organization founded in 2020, dedicated to providing free 24/7 mental wellbeing support services to individuals in the Irish creative sector. Their offerings include a helpline, counselling, creative arts therapies, specialist trauma support, career services, and legal assistance. The organization targets a broad range of creative professionals including musicians, actors, writers, and arts administrators within Ireland and Irish creatives abroad. The website positions itself as a trusted resource with clear contact information, company registration details, and government cultural support, reinforcing its legitimacy and community focus. Technically, the website is built on WordPress using the Enfold theme, integrating modern web technologies such as Google Analytics, Facebook Pixel, and Google reCAPTCHA v3 for security and analytics. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Hosting details are partially known, with domain registration through Register 365. Security posture is solid with HTTPS enforced and no exposed sensitive data, but could be enhanced by enabling DNSSEC and additional security headers. Security-wise, the site shows adherence to best practices with secure forms and anti-bot measures, but lacks explicit security policies or incident response contacts. Privacy compliance is basic but present, with privacy and cookie policies accessible and a consent mechanism implemented. No critical vulnerabilities or suspicious activities were detected. Overall, the site is professional, trustworthy, and well-aligned with its mission. The overall risk is low, with recommendations focusing on improving DNS security, publishing security policies, and enhancing security headers to further strengthen the security posture and trustworthiness of the platform.

F

First Music Contact

firstmusiccontact.com

62

First Music Contact is a small, Ireland-based non-profit organization dedicated to supporting musicians and the independent music sector through various projects, consultancy services, and development programs. The website is professionally designed using the Squarespace platform, featuring clear navigation and a focus on artist support and regional development. Technically, the site uses modern web technologies and is hosted on Squarespace's CDN, providing good performance and mobile optimization. Security posture is solid with HTTPS enforced, but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data raises concerns about domain legitimacy, though the website content and social media presence suggest a genuine organization. Overall, the site is functional and trustworthy but would benefit from enhanced privacy policies and security practices.

The Irish Recorded Music Association (IRMA) website serves as the official platform for the Irish music industry, providing information on Irish music charts, piracy, copyright, and member services. The site targets music industry professionals, members, and the general public interested in Irish music. It offers key services such as official Irish music charts, piracy information, and member login functionalities. The website positions itself as the authoritative body for the Irish recorded music industry and charts. Technically, the website employs a mix of older and modern JavaScript libraries including jQuery 1.10.2, Prototype.js, and Scriptaculous, alongside Google Analytics, Google Tag Manager, and CookiePro for cookie consent management. The site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but could be improved. The site uses HTTPS, but no explicit security headers were detected in the provided data. From a security perspective, the site implements cookie consent and denies most tracking by default except security storage. No exposed sensitive data or vulnerabilities were identified in the HTML content. However, the absence of WHOIS data and lack of explicit privacy and security policies reduce the overall trustworthiness. No incident response or vulnerability disclosure information is available. The site does not appear to be blocked or protected by a WAF, allowing full content access. Overall, the website is professionally designed with consistent branding and relevant content for its audience. The main risks relate to incomplete WHOIS data and missing explicit privacy and security documentation. Strategic improvements in security headers, privacy policy publication, and WHOIS transparency would enhance trust and compliance.

M

Meta

oculus.com

62

The website www.meta.com/quest is a part of Meta Platforms, Inc., focusing on their Meta Quest virtual reality products. However, the content is fully gated behind a login wall requiring a Meta account, preventing access to substantive content without authentication. The site uses advanced React-based frameworks and Facebook's internal technologies, indicating a modern technical infrastructure. Security posture and privacy compliance cannot be fully assessed due to lack of accessible content and missing WHOIS data. The domain is legitimate but WHOIS transparency is limited, likely due to corporate privacy policies. Overall, the site is a secure, enterprise-grade platform but inaccessible for public analysis.

M

Meta

metacareers.com

80

Meta Careers website serves as the official career portal for Meta, a leading global technology company focused on AI, metaverse, and innovative hardware and software products. The site highlights various technology and business teams, signature events, and career programs, targeting job seekers and professionals interested in cutting-edge technology roles. The website is hosted on Meta's infrastructure, uses modern web technologies including React and Facebook's internal libraries, and integrates analytics and marketing tools from Facebook and Google. Security posture is strong with HTTPS and security headers implied, though explicit privacy and cookie policies are not detected in the provided content. WHOIS data is unavailable publicly, likely due to privacy or internal management, but the domain and content strongly align with Meta's brand and infrastructure, indicating high legitimacy.

N

Nasze Miasto

naszemiasto.pl

58

Nasze Miasto is a Polish local news media portal providing city news, sports, business, health, and event information. It operates under a large media group, likely Polskapress, supported by extensive advertising and analytics infrastructure. The website is technically mature, employing modern JavaScript libraries, header bidding for ads, and consent management tools to comply with privacy regulations. Security posture is good with HTTPS and Content-Security-Policy headers, though explicit security policies and incident response information are not published. The domain is well aged and registered with a reputable registrar, indicating legitimacy. Privacy compliance is basic, with a consent mechanism but lacking explicit privacy and terms pages. Overall, the site is professional, trustworthy, and safe for general audiences.

V

VRT

vrtmax.be

77

VRT MAX is the official online streaming platform of the Flemish public broadcaster VRT, offering free access to a wide range of TV programs, podcasts, and live radio streams. It serves a broad general audience in Belgium, providing high-quality media content with a strong brand presence and consistent user experience. The platform leverages modern web technologies such as React and optimized media delivery to ensure fast and accessible content consumption across devices. Security posture is solid with HTTPS enforced and a responsible disclosure policy in place, though some security headers could be enhanced. Privacy compliance is robust, with clear policies and consent mechanisms aligned with GDPR requirements. Overall, VRT MAX represents a mature, trustworthy media service with strong business credibility and technical implementation.

M

Mesecentrum Nyitólap - IGYIC

mesecentrum.hu

45

Mesecentrum.hu is a Hungarian media website focused on children's literature, cultural content, and educational media. The site offers book recommendations, literary critiques, interviews, event information, essays, and podcasts, targeting a general audience interested in Hungarian children's culture. The website appears to be a niche media outlet with a small but consistent presence since its domain registration in 2020. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Analytics and Hotjar for user behavior tracking. The site is mobile-optimized and has a professional design with clear navigation, although accessibility features are basic. Security posture is moderate with HTTPS enforced but lacks important security headers and visible privacy or cookie policies. No direct company contact emails or phone numbers are found, but a contact form is available. Overall, the site is legitimate and stable but could improve privacy compliance and security best practices.

B

Bahia Kiadó

popkulturalis.hu

58

The website popkulturalis.hu serves as the largest Hungarian pop cultural database, providing extensive archival information on performers, bands, films, albums, and other cultural entities. It also highlights the Bahia Kiadó publishing house, a significant player in Hungary's alternative and underground cultural scene since 1991. The platform targets Hungarian pop culture enthusiasts and researchers, offering detailed data and video content. Technically, the site employs modern JavaScript frameworks, tracking tools like Google Tag Manager, Hotjar, and Facebook Pixel, and enforces HTTPS with cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is solid with encrypted connections and privacy policies, though improvements in security headers and incident response transparency are recommended. Overall, the site is professional, trustworthy, and safe for general audiences, with a moderate to good technical and security maturity.

I

Initiative Open Source LMS

opensourcelms.de

49

The website opensourcelms.de serves as a German-language advocacy platform promoting free and open-source learning management systems (LMS) for educational institutions. It represents a coalition of major LMS communities including ILIAS, Stud.IP, and Moodle, supported by numerous universities and educational organizations across Germany. The site emphasizes the importance of sustainable funding, policy support, and the preservation of digital sovereignty in education through open-source software. Technically, the site is built with standard web technologies including HTML5, CSS3, and JavaScript with jQuery, and is hosted with DNS services from DomainControl (GoDaddy). The website is well-structured, mobile-optimized, and provides extensive content relevant to its audience. Security-wise, while HTTPS usage is assumed, explicit security headers and incident response policies are not evident, and no forms collect sensitive data except a downloadable PDF form. Contact is primarily via an obfuscated email address. Overall, the site is legitimate, trustworthy, and serves an important role in the German education sector.

ABUS is a well-established security technology company offering a broad range of products for private individuals and businesses, including home, property, and vehicle security solutions. The website is professionally designed, localized in Finnish, and demonstrates a mature digital presence with integrated analytics and consent management tools. The company maintains active social media channels and provides clear contact information, reinforcing its market position as a trusted security provider. Technically, the site uses modern JavaScript libraries and optimization tools, ensuring good performance and user experience across devices. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The WHOIS data is missing or protected, which slightly reduces trust but does not negate the legitimacy indicated by the website content and structured data.

N

Nanovital

nanovital.pl

59

Nanovital.pl is a Polish online retailer specializing in healthy food, bee products, natural cosmetics, and ecological cleaning agents. The company targets health-conscious consumers seeking natural and organic products. The website is built on a modern e-commerce platform (Shoper) using JavaScript frameworks and integrates analytics tools such as Google Analytics and Microsoft Clarity. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is legitimate and professionally maintained but would benefit from improved privacy and security disclosures.

S

SOBIENIE KRÓLEWSKIE SPÓŁKA AKCYJNA

sobieniekrolewskie.pl

58

Hotel Sobienie Królewskie is a premium hospitality business located near Warsaw, Poland, offering luxury hotel accommodations, a golf course, conference facilities, wellness and spa services, and event hosting. The website reflects a well-established brand targeting both leisure and business travelers seeking high-end experiences. The company positions itself as a unique and high-standard destination in the region. Technically, the website uses modern JavaScript frameworks and integrates with Profitroom booking and marketing platforms, Google Tag Manager, and other third-party services. The site is mobile-optimized and includes GDPR-compliant cookie consent mechanisms. Security posture is generally strong with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers is noted as an area for improvement. WHOIS data is unavailable, likely due to privacy protection, but external signals and structured data support the legitimacy of the business. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

G

Grupa Zdunek

zdunek.pl

54

Grupa Zdunek operates as a large automotive dealership group based in Poland, offering new and used vehicles across multiple brands. The website provides a comprehensive vehicle search and filtering experience, targeting consumers interested in purchasing cars. Technically, the site leverages modern JavaScript frameworks (likely Vue.js), integrates Google Tag Manager and reCAPTCHA for analytics and bot protection, and uses Cookiebot for cookie consent management. The site is mobile-optimized and presents a professional design with good navigation and content relevance. Security-wise, HTTPS is enforced, but there is room for improvement in security headers and DNSSEC implementation. Privacy compliance is basic, with cookie consent present but no explicit privacy policy or terms of service found. Overall, the website is trustworthy and functional but would benefit from enhanced transparency and security documentation.

F

Fraunhofer-Initiative Roberta

roberta-home.de

60

Roberta is a well-established educational initiative by the Fraunhofer-Gesellschaft focused on teaching children and young people programming and robotics skills through hands-on learning and teacher training. The website serves as a portal for information, resources, and news related to the initiative and its programming platform, Open Roberta Lab. The site is professionally designed using TYPO3 CMS, with responsive and accessible features, and provides clear navigation and relevant content for its target audience of educators and learners. Security posture is good with HTTPS and cookie consent mechanisms implemented, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected. The domain and website show strong legitimacy with consistent branding and multiple trust signals including awards and certifications. Overall, the site is a credible and trustworthy educational resource with moderate tracking and good privacy compliance.

K

KAYAK

kayak.fr

51

The analyzed website is a CAPTCHA verification page for the French domain of KAYAK, a well-known global travel metasearch engine. The page is designed to verify that visitors are legitimate users and not automated bots, employing Google reCAPTCHA Enterprise technology. Due to this security mechanism, the actual website content is inaccessible, limiting the ability to perform a full content and compliance analysis. KAYAK operates under Booking Holdings Inc., serving travelers seeking flights, hotels, and car rentals by aggregating offers from multiple providers. The domain WHOIS data is unavailable, which restricts verification of domain legitimacy and ownership details. The presence of advanced bot mitigation indicates a mature security posture, but the lack of visible privacy, cookie, or contact information on this page reduces transparency and user trust.

I

i-deesign

i-deesign.de

48

i-deesign is a small, established web design agency based in Cologne, Germany, with over 15 years of experience. The company specializes in creating customized, responsive websites primarily using WordPress and WooCommerce, complemented by SEO, graphic design, photography, and hosting services. Their market position is that of a trusted local agency with a strong focus on quality and client satisfaction, supported by numerous positive Google reviews and testimonials. Technically, the website is built on WordPress with modern plugins and themes, hosted on webgo.de servers, and implements good SEO and privacy compliance practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, well-structured, and trustworthy, with no signs of blocking or suspicious activity.

M

Website is not found

mangomarketing.de

47

The website www.mangomarketing.de currently serves a placeholder page indicating that the site has been unpublished or deleted by the owner. No active business content, contact information, or policies are present. The domain uses name servers associated with rzone.de and is in a 'connect' status, but lacks detailed WHOIS registrant information. The absence of content and security features suggests the website is not operational at this time. From a technical perspective, the site uses basic HTML, CSS, and JavaScript with resources hosted on onecdn.io. There is no evidence of a CMS or advanced frameworks. The page is mobile responsive at a basic level but lacks SEO optimization and accessibility features. No security headers or HTTPS information were detected in the provided data. Security posture is weak due to the lack of HTTPS, security headers, and absence of privacy or cookie policies. No forms or data collection mechanisms are present, reducing immediate data protection concerns but also indicating no active user engagement. The WHOIS data is minimal and does not provide sufficient information to verify legitimacy or business claims. Overall, the website is inactive and does not currently represent an operational business presence. Strategic recommendations include reactivating the website with proper security configurations, publishing privacy and cookie policies, adding contact information, and improving technical and content quality to establish trust and compliance.

Deutsche Eigentümer Allianz BVFI24 operates as a real estate community and membership platform targeting property owners, investors, and individuals interested in real estate acquisition primarily in Germany and the D-A-CH region. The website offers networking opportunities, educational content, expert access, and VIP property search services, positioning itself as a modern and comprehensive real estate alliance. Technically, the site is built on a modern stack with CDN delivery, PWA support, and uses Facebook Pixel for marketing analytics. Security posture is adequate with HTTPS and cookie consent but lacks explicit security headers and incident response information. Privacy compliance is partial due to missing privacy policy and terms of service pages. Overall, the site is professional and trustworthy but could improve transparency and security practices.

P

Patronato 50&PiùEnasco

50epiuenasco.it

57

Patronato 50&PiùEnasco is a well-established Italian social assistance institution providing free assistance and consultancy services primarily related to pensions, social security, disability, and family support. The organization operates nationally with a clear focus on serving Italian citizens, especially workers, pensioners, invalids, and immigrants. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive service descriptions. It leverages modern web technologies including WordPress, Bootstrap, and popular plugins for SEO and user engagement. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. However, the site lacks explicit security and incident response policies. Overall, the website is trustworthy, professional, and well-suited to its non-profit social assistance mission.

D

Dropp*d

droppd.com

73

Dropp*d operates as a niche e-commerce marketplace specializing in creator merchandise, offering product lines from influencers worldwide. The platform leverages Shopify's robust infrastructure to provide a seamless shopping experience targeting creators, influencers, and their audiences. The website demonstrates a consistent brand identity and professional design, supporting its market position as a premier creator merch marketplace. Technically, the site is built on Shopify, utilizing modern web technologies and optimized for performance and mobile responsiveness. Security is adequate with HTTPS enforced and standard Shopify protections, though explicit security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business presents a trustworthy and functional online presence with room for enhanced security transparency and direct contact information.

S

Semesterspiegel

semesterspiegel.de

60

Semesterspiegel is a German student-run media platform primarily serving the university community in Münster. It offers a variety of articles covering politics, culture, campus life, and society, supplemented by a weekly newsletter and opportunities for student involvement. The website is built on WordPress and hosted by Variomedia, utilizing modern web technologies and privacy-respecting analytics via Matomo. The site demonstrates good content quality, consistent branding, and a clear focus on its target audience of university students and young adults. Security practices include HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and incident response disclosures. Overall, the domain registration and hosting details align well with the website's purpose, indicating a legitimate and trustworthy operation.

VisitGreece.gr is the official tourism website for Greece, providing comprehensive travel inspiration, guides, event information, and destination details to tourists worldwide. The site is well-positioned as a government-backed platform promoting Greek tourism, offering rich content tailored to various traveler interests including culture, gastronomy, nature, and leisure. The website demonstrates a mature digital infrastructure with modern JavaScript libraries, analytics tools, and a responsive design optimized for accessibility and SEO. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, professional, and serves as a key resource for travelers planning visits to Greece.

S

SemantycaWeb: Realizzazione siti web Prato | Web agency Prato

semantycaweb.it

49

SemantycaWeb is a small, established web agency based in Prato, Italy, specializing in custom website development, e-commerce solutions, SEO, web marketing, social media marketing, and mobile app development. With over 15 years of experience, the company targets businesses in the Tuscany region seeking to enhance their digital presence. The website demonstrates a good level of technical maturity, employing modern web technologies including PWA features, JavaScript libraries like jQuery and SweetAlert2, and integrates cookie consent management via Iubenda. The presence of structured data enhances SEO and local business visibility. Security posture is solid with HTTPS and DNSSEC enabled, though some security headers and policies could be improved. Privacy compliance is well addressed with comprehensive privacy and cookie policies and explicit consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for its target market.

The website devellis.it currently presents a Cloudflare security challenge page, blocking direct access to its main content. The domain is well-established, registered since 2000, and protected with DNSSEC, indicating legitimate ownership. However, the visible content is minimal and primarily technical, showing outdated CMS technologies such as Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No privacy, cookie, or terms of service policies are found, and no contact information is publicly available, limiting transparency and trust. The site uses Cloudflare and BitNinja for security and analytics, but lacks modern security headers and best practices in visible content. Overall, the site’s security posture is moderate due to HTTPS and DNSSEC but weakened by outdated software and lack of visible policies.

C

Consisto GmbH

ratschings-jaufen.it

53

The website www.ratschings-jaufen.it serves as a professional digital portal for the Ratschings-Jaufen ski area in Italy, offering comprehensive information about winter sports, mountain cableways, and related tourism services. The site targets winter tourists, families, and nature enthusiasts, positioning itself as a regional leader with modern infrastructure and a variety of winter activities. The business model revolves around tourism and transportation services in the mountain region, supported by partnerships with ski schools and local tourism entities. Technically, the site is built on the Consisto CMS platform, utilizing modern JavaScript libraries and Google Analytics for tracking. The design is responsive and user-friendly, with good SEO and accessibility practices, although some improvements are possible. Security-wise, the site enforces HTTPS, includes standard security headers, and implements cookie consent mechanisms, but lacks explicit published security policies or incident response contacts. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

S

Schloss Wolfsthurn – Südtiroler Landesmuseum für Jagd und Fischerei

wolfsthurn.it

48

Schloss Wolfsthurn operates as a regional cultural museum in South Tyrol, Italy, focusing on the history of hunting and fishing. The museum is housed in a historic baroque castle and offers exhibitions, educational programs, and events targeting tourists, families, and educational groups. The website reflects a professional and consistent brand image with clear contact details and social media presence. Technically, the site uses modern web technologies including JavaScript libraries and cookie consent management, ensuring GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is trustworthy, well-maintained, and serves its audience effectively.

T

Tourismusverein Ratschings

racines.info

57

The website www.racines.info is a professionally designed tourism portal focused on promoting the Racines region in Italy. It provides comprehensive information about outdoor activities, family programs, ski facilities, sustainability initiatives, and local culture. The site targets tourists interested in mountain vacations, families, and outdoor enthusiasts. Technically, it is built on the Consisto CMS platform, uses modern JavaScript libraries, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and employs a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and standard security headers present, though it lacks explicit security policy or incident response pages. WHOIS data is privacy-protected, which is typical for this business type and does not raise immediate concerns. Overall, the site is trustworthy, well-maintained, and suitable for its audience.

C

Consisto GmbH

colleisarco.org

51

The website www.colleisarco.org serves as a regional tourism portal for Colle Isarco, a mountain vacation destination in Alto Adige, Italy. It provides comprehensive information about local activities, events, and accommodations targeting families and tourists interested in mountain holidays. The site is professionally designed with multilingual support and clear navigation, enhancing user experience. Technically, it is built on ASP.NET Web Forms with a modern CMS (Consisto.CMS), integrates Google Analytics and Tag Manager for analytics, and uses AVACY for cookie consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are not publicly visible. The domain WHOIS data is privacy protected, which is common for such websites, and no suspicious indicators were found. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in its niche.

G

GSMA Training

gsmatraining.com

72

GSMA Training is an online educational platform specializing in telecommunications regulatory training, offering accredited courses certified by the United Kingdom Telecoms Academy (UKTA) and recognized for Continuing Professional Development (CPD). The website targets professionals and regulatory authorities in the mobile industry, providing free and paid online courses to address key industry challenges. The platform supports multilingual content, primarily English and French, enhancing accessibility for a broader audience. Technically, the site is built on WordPress with WPML for multilingual support and integrates modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site employs HTTPS and cookie consent mechanisms, reflecting a baseline commitment to security and privacy compliance.