Security Directory

X

Telegram Channel Preview Widget Generator (Unofficial service)

xn--r1a.website

54

The website xn--r1a.website offers an unofficial Telegram Channel Preview Widget Generator service, allowing users to generate embeddable HTML and CSS widget code to preview Telegram channels on their websites. The service targets a general audience interested in integrating Telegram channel previews, positioning itself as a niche utility within the technology sector. The site was established in 2019 and operates as a small-scale service without evident parent or subsidiary companies. Technically, the site uses Bootstrap 4.1.3 for styling and custom JavaScript for functionality, hosted under the Porkbun, LLC registrar with DNS servers also managed by Porkbun. The website is accessible without any WAF or blocking mechanisms and loads with moderate performance and basic mobile optimization.

W

Before you continue to YouTube

wfaa.com

65

The analyzed domain consent.youtube.com is a subdomain of youtube.com, owned by Google, serving as a consent management interface likely related to GDPR or privacy compliance. The page content is minimal and primarily technical, designed to manage user consent for data processing before accessing YouTube services. The domain is hosted on Google infrastructure and uses modern JavaScript frameworks and Material Design components for UI rendering. Due to the nature of the page, it acts as a gate or checkpoint, limiting access to full content and thus restricting comprehensive analysis. No explicit privacy policies, cookie policies, or contact information are directly accessible from this page. Security headers and best practices are not evident in the provided data, though the domain is secured under Google's enterprise domain management. Overall, the page is safe for general audiences and does not contain adult or explicit content.

Idaho Statesman is a regional news media outlet serving Boise, Idaho, and surrounding communities. Owned by McClatchy, it provides local news, sports, opinion, classifieds, and advertising services. The website demonstrates a mature digital presence with comprehensive content, good design, and strong branding. Technically, it employs modern web technologies including JavaScript frameworks, Google Fonts, and multiple advertising and tracking networks, managed through a consent management platform (Osano) ensuring GDPR compliance. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response information are absent. WHOIS data is unavailable or protected, which slightly reduces transparency but does not detract from the site's legitimacy given its established brand and parent company affiliation. Overall, the site is professional, trustworthy, and well-optimized for users.

ISWEB S.p.A. is an Italian technology company specializing in software solutions for public administration transparency and compliance, notably through its eTRASPARENZA suite. The company targets public sector entities such as local governments, healthcare organizations, and universities, providing integrated tools to meet legal obligations under Italian transparency laws. The website demonstrates a mature digital presence with modern technologies and compliance with GDPR and accessibility standards. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, incident response and vulnerability disclosure information are not explicitly provided. Overall, ISWEB presents a trustworthy and professional profile with clear business focus and technical competence.

D

DatoCMS

datocms.com

69

DatoCMS is a technology company offering a headless CMS platform designed to be user-friendly and performant, targeting web developers, digital marketers, content creators, and enterprises. Their platform supports GraphQL APIs, structured text editing, localization, and modular content management, positioning them as a competitive SaaS provider in the content management space. The website reflects a professional and modern digital presence with excellent design and user experience, optimized for mobile and SEO. However, the absence of WHOIS domain registration data and lack of visible privacy, cookie, and terms of service policies indicate areas for improvement in transparency and compliance. Security posture is moderate due to missing security headers and unclear SSL configuration. Overall, the site is trustworthy and well-branded but would benefit from enhanced privacy and security disclosures.

Unilever PLC is a global leader in consumer goods, specializing in nutrition, hygiene, and personal care products. The company operates a large portfolio of well-known brands aimed at improving everyday life for consumers worldwide. The website reflects a mature digital presence with comprehensive content on corporate strategy, sustainability, and investor relations, targeting a broad audience including consumers, investors, suppliers, and partners. Technically, the website employs modern web technologies such as the Astro framework, optimized for performance and mobile responsiveness. It uses HTTPS with strong security headers and implements structured data for SEO enhancement. The site integrates standard analytics tools like Google Analytics and Tag Manager, with clear cookie and privacy policies indicating GDPR compliance. From a security perspective, the site demonstrates good practices including HTTPS enforcement, content security policies, and no visible vulnerabilities or exposed sensitive data. However, explicit incident response contacts and a security.txt file are not found, which could improve transparency and vulnerability management. Overall, the website is professional, secure, and compliant with privacy regulations, supporting Unilever's reputation as a trustworthy multinational corporation. The WHOIS data is not publicly available, likely due to privacy protection, which is justified for a company of this scale. Strategic recommendations include enhancing incident response visibility and maintaining regular security audits.

U

Unoenergy S.p.a.

unogas.it

71

Unoenergy S.p.a. is a medium-sized Italian energy company specializing in electricity and gas supply for residential, condominium, and business customers. With over 20 years of experience, it holds a strong market position as one of the main private operators in Italy's energy sector. The company offers a broad portfolio of services including photovoltaic systems, electric mobility charging stations, and climate control solutions. The website reflects a professional and customer-centric approach, emphasizing quality, sustainability, and personalized service. Technically, the site is built on WordPress with modern web technologies, optimized for SEO and mobile responsiveness, and integrates Google Tag Manager and customer engagement tools. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks explicit security policies and vulnerability disclosure mechanisms. Contact information is clearly presented, including email, phone, physical address, and social media channels. Overall, the site demonstrates high professionalism and trustworthiness, though improvements in privacy and cookie policy transparency are recommended.

Unilever Italia is a regional branch of the global consumer goods giant Unilever PLC, offering a wide range of well-known brands focused on daily consumer needs. The website reflects a mature enterprise with a strong market position in Italy, emphasizing sustainability and corporate responsibility. The digital infrastructure uses modern web technologies including Astro framework and service workers, ensuring fast performance and excellent mobile optimization. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms. Security posture is solid with HTTPS and cookie management, though explicit security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a general audience with corporate and product information.

G

GranChef

granchefpremiumfood.it

56

GranChef is a specialized B2B e-commerce platform focused on distributing premium food products to upscale gastronomy clients, primarily in Italy and German-speaking markets. The website presents a professional and well-structured catalog with multi-level navigation, targeting professional chefs and hospitality businesses. Technically, the site is built on the Shopware CMS platform, leveraging modern JavaScript and SVG icons, with Google Tag Manager and CookieFirst for analytics and consent management. Security posture is solid with HTTPS enforced and cookie consent implemented, though improvements are needed in security headers and published policies. Overall, the site is trustworthy and functional but lacks some compliance documentation such as privacy policy and terms of service.

U

UniCredit S.p.A.

unicredit.it

65

UniCredit S.p.A. is a major pan-European commercial bank with a strong presence in Italy and Central/Eastern Europe. The website targets private individuals and families, offering a wide range of banking and financial services including current accounts, loans, mortgages, investments, cards, insurance, and digital services. The business model focuses on retail banking with a comprehensive digital presence and customer engagement through promotions and service information. The company is positioned as a large enterprise with consistent branding and trust indicators such as certifications and official contact information. Technically, the website is built on Adobe Experience Manager CMS, utilizing modern JavaScript libraries and analytics tools like Adobe Analytics and Dynatrace. The site is mobile optimized, accessible, and performs moderately well. It employs multiple tracking and marketing tools with a clear cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses cookies with proper domain scoping. While explicit security headers are not fully confirmed, best practices appear to be followed. No vulnerabilities or exposed sensitive data were detected. However, the site lacks publicly visible security policies, incident response information, or vulnerability disclosure mechanisms, which could enhance transparency and trust. Overall, the website presents a professional, secure, and user-friendly platform consistent with a large financial institution. The risk level is low, but improvements in security policy transparency and incident response readiness are recommended to strengthen compliance and customer confidence.

D

dussmann.it | Under Attack Mode - checking your browser

dussmann.it

42

The website dussmann.it is currently inaccessible to normal visitors due to an active Web Application Firewall (WAF) security challenge page labeled 'Under Attack Mode - checking your browser'. This indicates the site is protected against automated attacks or suspicious traffic but also prevents content analysis. The domain is registered since 2006 but has expired 6 days ago, which raises concerns about domain management and continuity. No business content, contact information, or compliance policies are visible on the landing page, limiting the ability to assess the company's operations or compliance posture. Technically, the site uses obfuscated JavaScript to verify browsers but lacks visible security headers or metadata. Overall, the site’s security posture is unclear due to blocking mechanisms, and the expired domain status further reduces trust.

The website www.uil.it represents the Unione Italiana del Lavoro (UIL), a major Italian labor union focused on advocating for workers' rights and social welfare. The site provides news, studies, and reports related to labor issues, social policies, and union activities, targeting workers and stakeholders in Italy. The business model is non-profit and essential within the government and non-profit sectors. Technically, the site uses a custom or unknown CMS with technologies such as Matomo analytics, jQuery, and Google Fonts. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit incident response contacts are absent. Privacy compliance is strong with clear privacy and cookie policies, though no explicit consent mechanism is observed. The WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, the website is professional, trustworthy, and safe for general audiences.

U

Unipol Assicurazioni

unipol.it

71

Unipol Assicurazioni is a leading Italian insurance company specializing in multi-branch insurance products, particularly in the non-life insurance sector. The website presents a professional and modern digital presence, leveraging Next.js and React frameworks, and integrates Dynatrace for real user monitoring to optimize performance and user experience. The site targets Italian customers seeking insurance services and provides online quote capabilities. Security-wise, the website enforces HTTPS and uses secure cookie attributes, but lacks explicit security policies, vulnerability disclosures, and comprehensive privacy and cookie policies, which are important for compliance and user trust. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

T

Tailscale Inc.

tailscale.com

74

Tailscale Inc. is a technology company specializing in secure networking solutions, primarily offering a WireGuard®-based VPN service that enables fast, seamless device connectivity without traditional VPN complexities. The company targets businesses and enterprises seeking zero trust networking and secure remote access, boasting over 10,000 customers worldwide. Their market position is strong as a leading provider of modern VPN and networking solutions with a focus on ease of deployment and security. Technically, the website is built on a modern stack including Next.js and React, hosted on Amazon AWS infrastructure, ensuring fast performance and excellent mobile optimization. The site uses HTTPS with strong security headers and integrates tracking and marketing tools responsibly. The technical implementation reflects a mature digital presence with good SEO and accessibility practices. From a security perspective, Tailscale demonstrates a solid posture with HTTPS enforcement, use of secure VPN protocols, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not published, and DNSSEC is not enabled, which could be improved. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including GDPR considerations. Overall, the website and business present a low-risk profile with high trustworthiness, professional presentation, and strong alignment between domain registration data and business claims. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and considering a vulnerability disclosure program to further enhance trust and security transparency.

P

ProPublica

propublica.org

66

ProPublica is a leading independent non-profit newsroom specializing in investigative journalism and news in the public interest. The organization focuses on producing high-quality, impactful journalism covering topics such as racial justice, healthcare, politics, and criminal justice. Their market position is strong as a trusted source of investigative reporting with a large audience and extensive social media presence. The business model relies on donations and grants, emphasizing transparency and public service. Technically, the website employs modern web technologies including asynchronous JavaScript loading, lazy loading of images, and integration with analytics and marketing tools such as Parsely and Google Tag Manager. The site is well-optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements security headers to protect users. Forms use Google reCAPTCHA to prevent abuse. However, explicit security policies and incident response information are not publicly available, and no vulnerability disclosure program is evident. Overall, the website demonstrates a mature digital presence with strong content quality and security posture. The lack of WHOIS data is mitigated by the organization's well-known reputation and trust signals. Strategic recommendations include publishing formal security policies, establishing a vulnerability disclosure channel, and maintaining regular audits of third-party scripts to enhance security further.

W

WebsitesCreator GmbH

immoprofessional.com

55

immoprofessional is a specialized real estate software provider offering a comprehensive SaaS platform tailored for real estate agents and property managers. The company emphasizes ease of use, multilingual support, and extensive features such as unlimited property listings, lead generation, and integrated web design. Their market position is that of a niche player focused on delivering professional-grade tools at competitive pricing, supported by a strong customer service presence and positive user reviews. Technically, the website employs modern web technologies including Bootstrap, lazy loading, and JSON-LD structured data to enhance SEO and user experience. The site is mobile-optimized and performs well, reflecting a mature digital infrastructure. Security practices include HTTPS enforcement, SSL encryption, and a cookie consent mechanism, though explicit security headers and incident response policies are not publicly detailed. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear GDPR-aligned policies and user consent controls. The absence of WHOIS data introduces some uncertainty about domain registration transparency, but the overall business credibility and trust signals mitigate this concern. Overall, immoprofessional presents a professional, trustworthy, and technically sound online presence suitable for its target market. Continued improvements in security transparency and domain registration disclosure would further enhance trust and compliance.

The website www.berufsausweis.com serves as an informational platform for the EuropeanExpertCard, a unified professional identification card for experts and appraisers across Europe. It is closely associated with the Deutsche Gutachter und Sachverständigen Verband e.V. (DGuSV), which acts as the primary issuing body in Germany. The site targets professionals in the appraisal and expert evaluation sector, aiming to facilitate cross-border recognition of qualifications within the EU. The business model is based on membership and fee-based issuance of the card, positioning itself as a niche but important player in the European professional certification landscape. Technically, the website employs standard web technologies including HTML, CSS, and JavaScript, with cookie consent managed via Usercentrics. The site is accessible without any WAF or security challenges, uses HTTPS, but lacks advanced security headers and comprehensive mobile optimization. SEO and accessibility are basic but functional. No CMS or hosting provider details are evident from the source. From a security perspective, the site benefits from HTTPS and cookie consent mechanisms, but lacks explicit security policies, incident response contacts, and security headers that would enhance protection against common web threats. The absence of WHOIS registration data for the domain is a notable risk factor, potentially indicating privacy protection or registration issues, which impacts domain legitimacy and trust. Overall, the website is professional and trustworthy in content and presentation but would benefit from improved security practices and transparency in domain registration. Strategic improvements in security headers, mobile responsiveness, and explicit security policies are recommended to enhance trust and compliance.

C

cayou media

cayou-media.de

48

Cayou media is a small, specialized web and graphic design agency based in Halle and Leipzig, Germany. They provide a range of digital services including responsive web design, web programming, SEO, online shop development, corporate identity, and social media management. The company emphasizes innovation, individuality, and user-friendly solutions tailored to client needs, positioning itself as a trusted local partner with a professional and consistent brand presence. Technically, the website is built on WordPress using modern themes and plugins, including LayerSlider and Usercentrics for consent management, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and privacy compliance well addressed via GDPR-aligned policies and cookie consent mechanisms, though security headers and incident response information are lacking. Overall, the site is professional, trustworthy, and compliant, with room for improvement in security best practices and accessibility.

Z

Zentralverband des Deutschen Handwerks

zdh.de

51

The Zentralverband des Deutschen Handwerks (ZDH) is the leading umbrella organization representing the interests of approximately one million craft businesses in Germany. The website serves as an authoritative platform providing information on vocational training, policy positions, and member services. It targets craft businesses and stakeholders within the German economy, positioning itself as a key advocate and resource in the sector. Technically, the site is built on TYPO3 CMS, employs Matomo for analytics, and demonstrates good mobile optimization and accessibility. Security posture is adequate with HTTPS and secure login forms, but lacks advanced security headers and explicit privacy or cookie policies. Overall, the site is professional and trustworthy but could improve privacy compliance and security transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response and vulnerability disclosure information to strengthen trust and compliance.

B

Best Western Plus Atrium Hotel

meinbestwesternulm.de

61

Best Western Plus Atrium Hotel Ulm is a 4-star hospitality business located in Ulm, Germany, offering accommodation, meeting facilities, gastronomy, and local city guide services. The website targets travelers and business guests seeking mid-range hotel services with event hosting capabilities. The business operates under the reputable Best Western brand, enhancing its market position and trustworthiness. Technically, the website employs standard web technologies including JavaScript, CSS, and Google Analytics with IP anonymization, indicating a moderate level of digital maturity. The site is moderately optimized for mobile devices and SEO, with a clean navigation structure and professional content presentation. From a security perspective, the site uses HTTPS and anonymizes IP addresses in analytics, but lacks visible security headers, cookie consent mechanisms, and published security policies or incident response information. No vulnerabilities or malicious content were detected, but improvements are recommended to enhance compliance and security posture. Overall, the website is professional, trustworthy, and functional with room for improvement in privacy compliance and security best practices to reduce risk and increase user trust.

M

Milena Quattrocchi, KANUL.ART Art & Design

kanul.art

61

Milena Quattrocchi is an independent visual artist based in Vevey, Switzerland, specializing in minimalist graphic art that embraces imperfection. The website serves as a professional portfolio showcasing recent collections, exhibitions, and design collaborations, notably with ZigZagZurich. The business model centers on art sales via an online shop and partnerships with galleries and design houses, targeting art collectors and enthusiasts. The site is well-branded and consistent, with clear contact information and a focus on artistic expression.

W

Sign in - Matomo

webstats1.de

48

The website webstats1.de serves as a login portal for the Matomo open-source web analytics platform. It provides a free/libre analytics service primarily targeted at website administrators and analytics users. The platform is designed to offer privacy-focused analytics without reliance on third-party services. The site’s content is minimal, focusing on user authentication and configuration of the analytics platform. The business model revolves around providing an open-source analytics solution, likely supported by community contributions or enterprise services. The market position is not explicitly stated but aligns with privacy-conscious analytics providers.

N

netpoint media gmbh

netpoint-media.de

56

Netpoint Media GmbH is a German-based online advertising company established in 2001, specializing in high-quality online media marketing with a strong focus on travel and tourism sectors. The company operates a broad portfolio of digital advertising services including programmatic advertising and addressable TV, targeting media planners, advertisers, and publishers. Their market position is that of a leading independent online media marketer in Germany, supported by memberships in industry bodies such as AGOF, OVK, and BVDW. Technically, the website is built with standard modern web technologies (HTML5, CSS3, JavaScript) and hosted on professional infrastructure (dogado.de). The site is mobile-optimized with good SEO and basic accessibility features. Security posture is moderate with HTTPS and a Content-Security-Policy header implemented, but lacks additional security headers and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and compliant with GDPR in terms of privacy policy presence, though cookie consent is missing. Contact is primarily via a web form, with social media presence on Xing and LinkedIn. The domain registration data aligns well with the business claims, indicating legitimacy and consistency.

S

Stadt Wien

wienwohntbesser.at

64

The website wienwohntbesser.at is an official government platform operated by the City of Vienna (Stadt Wien) focused on providing information and updates about municipal housing initiatives, campaigns, and services. It serves residents and housing seekers in Vienna, offering news, event details, and service area information related to affordable and livable housing. The site is well-branded with consistent city imagery and messaging, reinforcing its authoritative position in the local housing sector. Technically, the website is built on TYPO3 CMS with Bootstrap for responsive design, ensuring good mobile optimization and accessibility. It employs Piwik analytics with a GDPR-compliant cookie consent mechanism, reflecting a mature approach to privacy and user tracking. Performance is moderate, with no critical technical issues detected. However, security headers are not explicitly visible, and no dedicated security or incident response policies are published. From a security perspective, the site uses HTTPS and has implemented cookie consent controls, but lacks visible advanced security headers and formal vulnerability disclosure mechanisms. No exposed sensitive data or vulnerable libraries were detected. The WHOIS data confirms the domain is legitimately registered to the City of Vienna, aligning with the website's governmental nature and enhancing trustworthiness. Overall, the website presents a professional, secure, and privacy-conscious platform suitable for its public service role. Strategic improvements could include publishing explicit security policies, enhancing security headers, and providing clearer contact information for incident response. These steps would further strengthen the site's security posture and user trust.

W

Wiener Wohnen

wienerwohnen.at

64

Wiener Wohnen operates as the largest municipal housing provider in Europe, delivering affordable and quality public housing in Vienna. The website serves tenants and prospective tenants with comprehensive information about housing options, application procedures, tenant services, and community news. The organization maintains a strong market position as a key government entity in the real estate sector, focusing on social housing and tenant support. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates multimedia players and accessibility tools such as JWPlayer and ReadSpeaker. The site is mobile-optimized, accessible, and uses Matomo analytics with a clear cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses cookie consent banners, and avoids exposing sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which are recommended for enhanced transparency and readiness. No vulnerabilities or suspicious elements were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively serves its public sector mission with clear navigation, relevant content, and user-friendly services. Strategic recommendations include publishing a dedicated security policy, incident response information, and implementing additional security headers to further strengthen the security posture.

P

Papoo Software & Media GmbH

clickskeks.at

52

Clickskeks is a specialized technology company offering an automated cookie consent banner solution tailored for Austria and Germany. The company operates a SaaS model providing GDPR-compliant cookie management tools that simplify compliance for website owners and agencies. With over 2,000 clients and a strong partner ecosystem, clickskeks holds a reputable position in the regional market. The website is professionally designed, content-rich, and highly user-friendly, reflecting a mature digital presence. Technically, the site is built on TYPO3 CMS, integrates Google Analytics and Tag Manager for tracking, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS enforced, though some security headers and explicit policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR-aligned consent mechanisms. Overall, clickskeks presents a trustworthy and professional business with clear contact channels and legal transparency.

P

Pronosoft

pronosoft.com

70

Pronosoft is a French media website specializing in sports betting assistance, offering pronostics, betting tips, live scores, statistics, contests, and proprietary software products. The site targets French-speaking sports bettors and pronostiqueurs, providing a comprehensive platform with a long-standing presence since 2000. The business model relies on content, software sales, advertising, and affiliate marketing partnerships. Technically, the site uses a traditional web stack with jQuery, Google Analytics, and multiple ad networks integrated via header bidding technologies. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security-wise, the site enforces HTTPS and cookie consent but lacks advanced security headers and published security policies. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is professional and trustworthy for its niche audience but could improve security posture and transparency.

B

Brest en vue

brestaim.fr

57

Brest en vue is a French public local enterprise specializing in the management of major public equipment and the creation of events within Brest métropole. The company positions itself as a dynamic and responsive entity serving the public interest with a focus on innovation, entertainment, discovery, entrepreneurship, and regional influence. The website reflects a medium-sized organization with a clear mission and a strong local government sector presence. Technically, the site is built on WordPress with Yoast SEO, featuring modern web standards and mobile optimization, though some security headers are missing. Security posture is solid with HTTPS and cookie consent but could be improved with additional headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and legal disclosures.

A

Domain Default page

araoo.tech

44

The website araoo.tech currently hosts a default placeholder page generated by Plesk, a popular web hosting control panel. The content is informational about Plesk services and related tools but does not represent an active business or service offering. The domain is registered with OVH since 2016, indicating a legitimate registration, but the website itself is not yet developed or customized. Technically, the site uses standard HTML5, CSS3, and JavaScript with Plesk branding assets. It is hosted on OVH infrastructure and shows moderate performance and good mobile optimization. However, there are no advanced frameworks or CMS detected, and no analytics or tracking scripts are present. The site lacks security headers and DNSSEC is not enabled, which are areas for improvement. From a security perspective, the site uses HTTPS (implied by the URL scheme), but no additional security headers or policies are implemented. There are no privacy, cookie, or terms of service policies, and no contact or incident response information is provided. No vulnerabilities or suspicious content were detected, but the lack of security best practices and compliance documentation lowers the security posture. Overall, the site is a basic placeholder with minimal content and low business credibility. It is safe for general audiences but lacks any meaningful business or security features. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, and providing contact information to improve trust and compliance.

Emilia Romagna Turismo is the official tourism information website for the Emilia Romagna region in Italy, providing comprehensive travel information, event listings, and itineraries to visitors. The website serves as a key regional portal promoting tourism and experiences in the area, targeting tourists and travelers interested in exploring Emilia Romagna. The business model focuses on information dissemination and regional tourism promotion, positioning itself as a trusted and official source. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates Matomo and Google Analytics for visitor tracking, and uses Cookiebot for GDPR-compliant cookie consent management. The site is well-structured with good SEO and accessibility practices, delivering a professional user experience. Security posture is solid with HTTPS enforced, CSRF protection, and cookie consent mechanisms, though some security headers could be improved and DNSSEC is not enabled. No critical vulnerabilities or suspicious content were detected. Overall, the domain registration and WHOIS data support the legitimacy and trustworthiness of the site. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and improving contact information visibility to strengthen business credibility and compliance.

S

Stadt Wien

wien.at

59

Stadt Wien operates the official website for the city of Vienna, Austria, providing comprehensive information, services, news, and event details to residents and visitors. The site serves as a central hub for municipal services including administrative procedures, health information, cultural events, and public transportation. It holds a strong market position as the authoritative source for city-related information and services. Technically, the website employs modern web technologies including JavaScript modules and custom web components, ensuring a responsive and accessible user experience across devices. The site is well-optimized for SEO and mobile use, with clear navigation and professional design. Security-wise, the website enforces HTTPS and implements cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact details. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a high level of trustworthiness and professionalism, suitable for a government entity.

W

wohnfonds_wien

hauskunft-wien.at

47

Hauskunft is a municipal service operated by wohnfonds_wien, providing free and subsidized consulting for building renovations and energy efficiency upgrades in Vienna. The website offers comprehensive information about their services, including orientation consultations, future checks, and support for creating renovation concepts. The target audience includes homeowners, property managers, architects, and planners in Vienna. The service is well integrated with city initiatives like 'Raus aus Gas' and collaborates with partners such as the City of Vienna and klimaaktiv-gebaut.at. Technically, the website uses modern web technologies, including Matomo for privacy-friendly analytics and Swiper.js for interactive content. It is well optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS, security headers, and secure forms, though incident response and vulnerability disclosure information could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence for a government service.

W

wohnpartner

wohnpartner-wien.at

64

wohnpartner is a Vienna-based social service organization focused on fostering good community living in municipal housing. As part of Wohnservice Wien, it offers conflict mediation, social advice, and neighborhood engagement through various projects and events. The website reflects a mature digital presence built on TYPO3 CMS with a clear structure and good user experience. Privacy and cookie compliance are well implemented, including a consent mechanism and a comprehensive privacy policy. Security posture is solid with HTTPS and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy and professionally maintained, serving a government/non-profit sector audience effectively.

A

Allgemeine Zeitung

azonline.de

57

Allgemeine Zeitung is a regional German news publisher serving the Münsterland area, providing local, national, and cultural news content. The website offers news articles, ePaper subscriptions, and advertising services, targeting the general public in the region. It operates under the Zeitungsgruppe Münster umbrella, indicating a solid market position in regional media. Technically, the website employs modern JavaScript libraries, consent management platforms, and analytics tools such as Google Tag Manager and FingerprintJS, reflecting a mature digital infrastructure. The site is mobile-optimized with good SEO practices and clear navigation. Security-wise, the site enforces HTTPS and uses consent management for GDPR compliance but lacks explicit security headers and a vulnerability disclosure mechanism. Overall, the site is professional, trustworthy, and safe for general audiences.

D

Dülmener Zeitung

dzonline.de

60

Dülmener Zeitung is a regional German news media outlet focused on local news, sports, culture, and community events primarily in Dülmen and the Münsterland region. The website offers news articles, e-paper subscriptions, and an online shop, positioning itself as a trusted local information source with a moderate-sized audience. The site is part of the Zeitungsgruppe Münster media group, indicating a stable market presence in regional media. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Tag Manager, FingerprintJS, and Consentmanager.net for cookie consent management. Hosting appears to be managed by ICS Media, with a well-structured site optimized for mobile devices and moderate performance. The site uses HTTPS and implements cookie consent mechanisms, reflecting a baseline compliance with privacy regulations. From a security perspective, the site enforces HTTPS and uses consent management but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service. Overall, the website is professionally designed and trustworthy for general audiences, with room for improvement in privacy transparency and security policy disclosures. The risk level is moderate with no critical issues detected.

F

Finanz Informatik

fi-update.de

40

The website fi-update.de serves as a platform for the FI Update 2025, a management event targeted at the leadership level within the Sparkassen-Finanzgruppe, a major financial group in Germany. The site primarily functions as an informational and event management portal, with a focus on finance professionals. The business is positioned as an enterprise-level entity within the finance sector, leveraging its parent company Finanz Informatik's brand and network. The content is concise and oriented towards event promotion and user engagement through social media channels such as LinkedIn and Instagram. Technically, the website employs modern web technologies including JavaScript, CSS, and the PrimeReact framework. It integrates etracker analytics with respect for Do Not Track settings, indicating a moderate level of digital maturity and privacy awareness. The site is hosted with DNS services provided by DomainControl (GoDaddy), suggesting a professional hosting environment. Performance and mobile optimization are basic but functional, with room for improvement in accessibility and SEO. From a security perspective, the site uses HTTPS and includes some privacy-conscious analytics configurations. However, it lacks explicit security headers and cookie consent mechanisms, which are important for compliance and protection. No forms or direct contact information are present on the main page, limiting data exposure risks but also reducing user engagement options. The absence of a published security policy, incident response contacts, and vulnerability disclosure reduces transparency and preparedness indicators. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected. Strategic improvements in security headers, privacy compliance, and user contact options would enhance trust and compliance. The business credibility is supported by consistent branding and legitimate domain registration, but the content and technical implementation could be further developed to improve user experience and security posture.

The website www.icloud.com is the official web portal for Apple's iCloud service, a cloud storage and cloud computing platform integrated deeply within the Apple ecosystem. It offers users access to photos, mail, notes, documents, and other personal data synced across Apple devices. The site is professionally designed with consistent branding and clear navigation, targeting Apple device users and general consumers seeking secure cloud services. The business model is subscription-based with free and paid tiers, positioning Apple as a leading technology provider in consumer cloud services. Technically, the site employs modern web technologies including strict Content-Security-Policy headers, HTTPS encryption, and Apple proprietary JavaScript libraries. The infrastructure is hosted on Apple’s own platforms, ensuring high performance and excellent mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the site demonstrates strong best practices such as strict CSP, HTTPS enforcement, and restricted form actions. However, it lacks visible cookie consent mechanisms and publicly available security policies or incident response contacts, which are areas for improvement. No vulnerabilities or suspicious elements were detected in the provided content. Overall, the site is trustworthy and professional with a high security posture and excellent business credibility. The absence of WHOIS data is likely due to privacy protections common for large corporations. Strategic recommendations include adding explicit cookie consent, publishing security policies, and providing vulnerability disclosure information to enhance transparency and compliance.

The website jb-fotografie.de represents a small photography business specializing in family photos, passport photos, portrait, and wedding photography services primarily targeting a German-speaking audience. The site content is minimal but relevant to the business domain, with basic branding and a simple user interface. The technical infrastructure is based on a shared hosting platform (hpage), utilizing standard HTML, CSS, and JavaScript without advanced frameworks or CMS beyond the hosting provider's platform. Security posture is weak due to lack of visible HTTPS confirmation, absence of security headers, and no privacy or cookie policies, which impacts compliance and trust. No contact information or forms are present, limiting user engagement and transparency. Overall, the site is functional but basic, with moderate risk due to missing security and privacy best practices.

archive.is is a web archiving service established in 2012 that allows users to capture and preserve snapshots of web pages permanently. The service targets general internet users who require a reliable method to archive web content. The website is currently protected by a CAPTCHA security check, indicating the presence of a Web Application Firewall or similar security mechanism to mitigate automated access and abuse. This security layer restricts direct access to the site's content, limiting the ability to fully analyze the website's features and policies. Technically, the site uses standard web technologies including HTML5 and JavaScript, with Google reCAPTCHA integrated for bot protection. The domain is hosted by Hetzner Online GmbH and uses HTTPS, but lacks advanced security headers and DNSSEC, which are recommended for enhanced security. No privacy, cookie, or terms of service policies are present on the landing page, and no contact or business information is disclosed, which impacts the site's transparency and compliance posture.

H

Hetzner Online GmbH

your-objectstorage.com

78

Hetzner Online GmbH is a well-established German hosting and data center operator founded in 1997, offering a broad range of IT infrastructure services including dedicated servers, cloud hosting, and scalable S3-compatible Object Storage solutions. The company emphasizes GDPR compliance, sustainability through 100% green electricity, and transparent pricing models. Their Object Storage product targets businesses and private customers needing flexible, secure, and scalable storage solutions with pay-as-you-go billing. Technically, the website is built on modern web technologies including HTML5, CSS3, JavaScript, and uses SilverStripe CMS. It integrates Matomo analytics for privacy-conscious user tracking and provides a responsive, accessible, and well-structured user experience. The hosting is self-managed by Hetzner, ensuring good performance and reliability. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and secures forms with CSRF tokens. However, explicit security headers are not clearly visible in the HTML, and no dedicated security or incident response pages are found. The WHOIS data for the domain is unavailable, which limits domain registration trust analysis but does not detract from the professional presentation and trust signals on the site. Overall, Hetzner Online demonstrates a strong security posture, excellent privacy compliance, and a mature business model. Strategic recommendations include publishing explicit security policies, enhancing security headers, and providing clear incident response contacts to further strengthen trust and compliance.

S

Startseite » Studierzimmer Münster

studierzimmer-muenster.de

35

Studierzimmer Münster is a community-driven campaign focused on facilitating affordable student housing in the city of Münster, Germany. The website serves as a platform to connect landlords, investors, and students seeking housing, emphasizing social support and local collaboration. The campaign is supported by local institutions including the City of Münster, University of Münster, Fachhochschule Münster, and Studentenwerk Münster, indicating strong community ties and trust. Technically, the website is built on the SilverStripe CMS platform, utilizing standard web technologies such as HTML5, CSS, JavaScript, and jQuery. The site demonstrates moderate performance and basic mobile optimization. However, there is room for improvement in accessibility and SEO optimization. The hosting is provided by kasserver.com, a known hosting provider. From a security perspective, the site uses HTTPS as indicated by the base URL, but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No forms with sensitive inputs are present on the homepage, reducing immediate risk exposure. The absence of vulnerability disclosure and incident response information suggests limited security maturity. Overall, the website is a trustworthy and professional community resource with moderate technical and security posture. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and compliance with data protection regulations.

J

JurGrad gGmbH

jurgrad.de

61

JurGrad gGmbH is a specialized educational institution affiliated with the University of Münster, offering part-time master's degree programs and certificate courses primarily in legal studies. The website reflects a professional and well-maintained digital presence, targeting professionals seeking advanced legal education. The business model focuses on continuing education with a strong academic foundation and practical relevance. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and integrates robust cookie consent management via Cookiebot, alongside analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though additional security headers could enhance protection. Privacy compliance is well addressed with clear cookie policies and GDPR adherence. Overall, the site demonstrates a trustworthy and credible online presence suitable for its educational mission.

Z

Zinngrube Ehrenfriedersdorf

zinngrube-ehrenfriedersdorf.de

43

Zinngrube Ehrenfriedersdorf operates as a regional mining heritage museum in Germany, offering guided tours, exhibitions, educational programs, and event hosting. The website is well-structured, professionally designed, and targets families, tourists, and educational groups interested in mining history. It is affiliated with the Zweckverband Sächsisches Industriemuseum, indicating a stable institutional backing. Technically, the site runs on TYPO3 CMS with Matomo analytics, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, with room for improvement in security and privacy transparency.

K

KIDS Regio c/o Deutsche Kindermedienstiftung Goldener Spatz

kids-regio.org

52

KIDS Regio is a German non-profit organization operating under the Deutsche Kindermedienstiftung Goldener Spatz, focusing on children's media and film festivals. The website serves as a platform for events like the KIDS Regio Forum and provides publications and networking opportunities for professionals in the children's media sector. The organization targets a niche audience involved in young audience film festivals and media education. Technically, the website is built on WordPress with common plugins such as LayerSlider and Real Cookie Banner Pro, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, with good content quality and clear navigation. Security-wise, the site uses HTTPS and a GDPR-compliant cookie consent mechanism but lacks DNSSEC and some advanced security headers, which are recommended for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with no signs of adult or questionable content.

V

VGBND

vgbnd.tv

59

VGBND is a media production network established in 2002, offering high-end production services across South America, Spain, Switzerland, and the USA. The company targets media professionals and advertising agencies, positioning itself as a quality-focused service provider with an international footprint. The website showcases a portfolio of projects with rich multimedia content, reflecting a professional and consistent brand image. Technically, the site is built on modern JavaScript frameworks (Vue.js and Nuxt.js) and integrates analytics tools such as Google Tag Manager and Microsoft Clarity. Hosting details are not explicit, but DNS is managed via NS1.net. Security posture is adequate with HTTPS enforced, though improvements are recommended in DNSSEC and security headers. Privacy compliance is supported by a cookie consent mechanism and a basic cookie policy, with GDPR considerations evident. Contact information is primarily via a web form and social media channels, with no direct emails or phone numbers disclosed. The domain is newly registered in 2024 with privacy protection, which contrasts with the company's founding year, suggesting a recent domain acquisition or rebranding. Overall, the website is professional, secure, and compliant, with room for enhanced security policies and transparency.

L

LITES STUDIOS

litesstudios.com

53

LITES STUDIOS operates a specialized underwater and water stage filming facility based in Brussels, Belgium. The company offers advanced water stages with features such as moveable floors, overhead cranes, floodable studio floors, and large sound stages, targeting film and media production professionals. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix technologies and polyfills. The site is mobile optimized and uses HTTPS, but lacks advanced security headers and privacy compliance mechanisms. No WHOIS registration data is available, which raises concerns about domain legitimacy despite the professional appearance of the website. Overall, the security posture is moderate with room for improvement in privacy and contact transparency.

H

HappierLeads

happierleads.com

66

HappierLeads is a B2B SaaS company specializing in identifying, qualifying, and engaging anonymous website visitors to generate high-quality leads. The platform targets sales, growth, and marketing teams, offering a proprietary identification method that surpasses traditional reverse IP lookup technologies. The company operates a subscription model with a free 30-day trial and a monthly fee thereafter. Technically, the website is built on Webflow and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Microsoft Clarity. The site is hosted with Cloudflare DNS but lacks DNSSEC and security headers, which are recommended for enhanced security. Security posture is generally good with HTTPS enabled and no exposed sensitive data, but privacy compliance is limited due to missing privacy and cookie policies. Overall, the website is professional, well-branded, and content-rich, though it could improve transparency and compliance documentation.

F

Football Agency Cup GmbH

agency-cup.com

56

Football Agency Cup GmbH operates a well-established football tournament event for Germany's marketing and creative agencies, positioning itself as the largest industry event of its kind since 1988. The website is professionally designed using the Wix platform, offering good content quality and user experience tailored to its target audience. However, the technical infrastructure is basic with moderate performance and limited advanced SEO or accessibility features. Security posture is average with no evident security headers or policies, and privacy compliance is lacking due to missing privacy and cookie policies. The absence of WHOIS data raises concerns about domain registration legitimacy, which should be addressed to enhance trust. Overall, the digital maturity is moderate with room for improvement in security and compliance.

H

Hopp Foundation for Computer Literacy & Informatics gGmbH

hopp-foundation.de

50

The Hopp Foundation for Computer Literacy & Informatics gGmbH is a small non-profit organization based in Germany focused on promoting digital education in the Rhein-Neckar metropolitan region. Their website offers comprehensive information about workshops, teaching materials, and support services for teachers, school leaders, students, and parents. The foundation emphasizes practical and innovative learning formats to foster digital literacy and informatics skills. Technically, the website is built on a modern stack with Kirby CMS, uses JavaScript libraries for UI enhancements, and is hosted on a domain managed by DomainControl. The site is mobile-optimized, well-structured, and provides clear navigation and professional design. Security-wise, the site enforces HTTPS and cookie consent but lacks explicit security policies or incident response contacts. No tracking or advertising scripts were detected, reflecting a privacy-conscious approach. WHOIS data is minimal but consistent with a legitimate educational entity. Overall, the website is trustworthy, professional, and well-suited for its educational mission.

E

Esri

arcgisonline.com

64

Esri's ArcGIS Online platform provides a comprehensive SaaS solution for geographic information system (GIS) services, enabling users to connect people, locations, and data through interactive maps and spatial analysis tools. The website reflects a mature enterprise-level service with a clear focus on GIS professionals and organizations requiring mapping and data visualization capabilities. The platform is positioned as a leading geospatial technology provider with a strong brand presence and consistent messaging. Technically, the website employs a mature JavaScript stack including the Dojo Toolkit and Esri's own JS API, alongside modern Calcite components for UI. While the technology is somewhat dated, it remains functional and optimized for web and mobile use. The site demonstrates good SEO and basic accessibility features, though there is room for improvement in accessibility and performance optimization. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in the HTML. However, explicit security headers are not evident in the provided data, and there is no visible incident response or vulnerability disclosure information. Privacy compliance is strong with comprehensive policies linked, though no cookie consent mechanism is detected. The absence of direct contact emails or phone numbers on the main page suggests a controlled communication approach via official Esri channels. Overall, the website is trustworthy and professional, with a solid business credibility score. The missing WHOIS data is a notable anomaly but likely due to registry privacy or restrictions rather than malicious intent. Strategic recommendations include enhancing security headers, publishing incident response details, improving accessibility, and implementing cookie consent mechanisms to further strengthen compliance and user trust.