Security Directory

The website kia-albania.com is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, which blocks direct access to its content. This prevents extraction of any meaningful business, contact, or policy information. The domain was registered in 2021 and uses Cloudflare for security and hosting. Due to the lack of accessible content, no detailed business description or services can be identified. The technical infrastructure relies on Cloudflare's security platform, indicating a focus on protection against automated threats. However, the absence of visible content and policies limits the ability to assess compliance and security posture fully. Overall, the site appears to be in a protected state, but this restricts external analysis and user access.

L

Lucead

lucead.com

59

Lucead is a newly established technology company founded in 2024, operating a 100% cookieless advertising marketplace aimed at privacy-conscious advertisers and publishers. The website presents a professional and consistent brand image focused on privacy-friendly digital advertising solutions. The business model centers on providing an innovative ad marketplace that avoids traditional cookie-based tracking, positioning itself as a forward-looking player in the ad tech industry. Technically, the website uses modern web technologies including JavaScript, FontAwesome Pro icons, Bootstrap for responsive design, and Cloudflare for DNS services. The site is mobile-optimized with moderate performance and basic accessibility features. Google Tag Manager and Google Ads tracking are implemented, indicating standard marketing and analytics practices. From a security perspective, the site benefits from HTTPS and domain status protections but lacks DNSSEC and security headers such as Content-Security-Policy or Strict-Transport-Security. No cookie consent mechanism is present despite the use of tracking scripts, which may pose compliance risks. No explicit security policies or incident response contacts are published, limiting transparency. Overall, the website is functional, professional, and moderately secure but would benefit from enhanced privacy compliance measures, improved security headers, and more comprehensive policy disclosures to strengthen trust and regulatory adherence.

D

DREIKON GmbH & Co. KG

dreikon.de

67

DREIKON GmbH & Co. KG is a modern full-service advertising and digital marketing agency based in Münster, Germany. The company offers a broad range of services including SEO, SEA, web design, e-commerce solutions, graphic design, and marketing consulting. They position themselves as a strategic partner combining traditional advertising expertise with innovative digital marketing approaches, serving primarily small and medium-sized enterprises. Their market position is reinforced by multiple industry certifications such as Google Premier Partner and Top 100 SEO awards. Technically, the website is built on the ProcessWire CMS platform, utilizes Cloudflare for DNS and CDN services, and integrates modern marketing and tracking tools like Cookiebot, Google Tag Manager, and Leadinfo. The site is well-optimized for mobile devices, accessible, and SEO-friendly, with a professional design and clear navigation structure. From a security perspective, the website enforces HTTPS, implements cookie consent mechanisms, and does not expose sensitive data. However, there is room for improvement in publishing explicit security policies, incident response contacts, and vulnerability disclosure information. The use of security headers could also be enhanced. Overall, the website presents a low risk profile with strong business credibility and compliance with privacy regulations. Strategic recommendations include enhancing security transparency and further hardening HTTP headers to improve security posture.

Digital Hub Ruhr is a regional innovation hub located in Gelsenkirchen, Germany, focused on fostering digital innovation, particularly in IoT, telecommunications, and smart city applications. The organization operates as a cooperative network platform involving key partners such as Verizon, GELSEN-NET, and K-TEL Communications, providing a physical space for showcasing and developing digital solutions. The website reflects a mature digital presence with multilingual support and comprehensive content targeting municipalities, businesses, and startups interested in digital transformation. Technically, the website is built on TYPO3 CMS with modern frontend frameworks like Bootstrap and Splide.js for interactive elements. Cookie consent is managed via Cookiebot, ensuring GDPR compliance. The site is mobile-optimized and well-structured, though some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but security headers and incident response details could be improved. Overall, the website demonstrates a professional and trustworthy digital footprint with clear business information and partner affiliations. No critical security or privacy issues were detected. Recommendations include adding explicit security policies, improving security headers, and publishing incident response contacts to further enhance trust and compliance.

B

Baytree Interactive Ltd

royalvegas.com

50

Royal Vegas Casino is an established online gambling platform operated by Baytree Interactive Ltd, licensed by the Kahnawake Gaming Commission. The website offers a wide range of casino games including slots, table games, live dealer experiences, and progressive jackpots, targeting adult users globally. The platform emphasizes secure deposits, responsible gaming, and player rewards, supported by trusted payment methods and certifications such as eCogra. Technically, the site uses modern JavaScript libraries, analytics tools, and is optimized for mobile devices, providing a professional and user-friendly experience. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS registration data introduces some uncertainty about domain registration transparency, but overall the site presents as a legitimate and professional online casino. Strategic recommendations include enhancing security header implementation, publishing security policies, and improving transparency around data retention and incident response.

The website connex-gutscheine.net appears to be a coupon or voucher related platform established in 2015. The site uses modern JavaScript frameworks such as Nuxt.js and Vue.js with PrimeVue components, hosted on AWS infrastructure. However, the visible content is minimal with no clear business description, contact information, or user-facing content. The site employs Google Tag Manager for analytics but lacks privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Overall, the site shows basic technical maturity but lacks critical compliance and trust elements.

C

Comune di Bressanone

brixen.it

53

The website www.brixen.it is the official digital presence of the Comune di Bressanone, serving as a comprehensive portal for municipal information, services, news, and community engagement. It targets residents and visitors, providing access to administrative resources, cultural events, and local government updates. The site demonstrates a solid market position as a trusted local government authority in Italy. Technically, the site employs a modern JavaScript stack including jQuery and Moment.js, with integration of Usercentrics for cookie consent management. The site is mobile optimized, accessible, and SEO-friendly, with good performance metrics. The use of HTTPS and security headers indicates a strong commitment to secure communications. From a security perspective, the site enforces HTTPS, anonymizes IPs in Google Analytics, and provides cookie consent mechanisms. However, it lacks explicit security policy pages, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced transparency and security posture. Overall, the site is professional, trustworthy, and compliant with GDPR requirements. Strategic improvements in security documentation and contact transparency would further strengthen its risk profile and user trust.

S

Stiftung Südtiroler Sparkasse

stiftungsparkasse.it

50

Stiftung Südtiroler Sparkasse is a well-established non-profit foundation based in South Tyrol, Italy, focused on supporting social, cultural, and educational projects through grants and sponsorships. The foundation maintains a professional online presence with clear contact information and active social media channels, reinforcing its community engagement and trustworthiness. The website content is relevant and well-structured, targeting local residents and organizations seeking funding or information about foundation activities. Technically, the site uses modern JavaScript libraries and custom UI components, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and DNSSEC enabled, though there is room for improvement in implementing security headers and explicit security policies. Privacy compliance is good, with a clear cookie consent mechanism and privacy policy in place. Overall, the website reflects a credible and trustworthy organization with a solid foundation in its sector.

T

Tempest Film

tempest-film.com

64

Tempest Film is a German-language film and media production company with a professionally designed website built on WordPress using the Elementor page builder. The site targets German-speaking audiences interested in film and media services. The technical infrastructure is modern but basic, with no advanced security headers or privacy policies detected. The security posture is moderate, lacking explicit security best practices and compliance documentation. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security measures to improve trust and regulatory adherence.

WebForce3 is an educational initiative focused on digital skills training that began in 2014 and has recently ended its operations. The website serves primarily as a closure announcement, thanking stakeholders and directing future learners to partner educational institutions. The site is hosted on the Carrd.co platform and uses standard web technologies such as HTML, CSS, and JavaScript. The technical infrastructure is basic but functional, with moderate performance and good mobile optimization. Security posture is minimal with no advanced headers or policies detected, and privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is safe and trustworthy but limited in content and security features.

I

Internet Society France

igf-france.fr

35

The website igf-france.fr serves as the official platform for the Forum on Internet Governance France 2025 and its associated digital future workshops. It is organized by Internet Society France and partners such as AFNIC, targeting stakeholders involved in internet governance, digital policy, and multi-stakeholder dialogue. The site provides event information, agendas, partner details, and contact points primarily via email. Technically, the site uses modern front-end technologies including Bootstrap and jQuery, hosted by OVH, with moderate performance and good mobile optimization. Security posture is moderate with HTTPS implied but lacking explicit security headers and published privacy or cookie policies, which are compliance gaps under GDPR. No forms collect sensitive data beyond email links, and no incident response or vulnerability disclosure information is provided. Overall, the site is professional, trustworthy, and consistent with its non-profit, governmental, and technology sector positioning.

O

OP//TECH USA

optechusa.com

69

OP//TECH USA operates a professionally designed e-commerce website specializing in premium camera straps and accessories, proudly manufactured in the USA. The company targets photographers and optics users seeking quality and comfort in camera carrying solutions. The website is built on the Shopify platform, leveraging modern web technologies and optimized for performance and mobile devices. While the site demonstrates strong branding and product focus, it lacks visible privacy and cookie policies, and no explicit contact information is provided. The WHOIS data is unavailable, which may reduce trust but is common with privacy-protected domains. Security posture is strong with HTTPS and standard security headers, but compliance disclosures could be improved.

M

MandaiX

mandaix.com

60

Mandai X is a purpose-led innovation venture builder focused on creating global ventures that promote harmony between people and nature. The website presents a professional and clean digital presence built on the Wix platform, indicating a small but focused organization. The technical infrastructure leverages Wix's ecosystem with modern JavaScript polyfills and performance optimizations, providing a moderate performance and good mobile experience. Security posture is adequate with HTTPS enforced and some JavaScript security measures, but lacks explicit security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy and business credibility, which impacts overall trust. Strategic recommendations include establishing clear privacy and cookie policies, publishing contact and incident response information, and improving security headers to enhance trust and compliance.

S

Sud Ouest

sudouest.fr

57

Sud Ouest is a prominent French regional news media company providing continuous local and international news coverage, including politics, economy, sports, and cultural content. The website offers both free and subscription-based access, supported by advertising revenue. It targets a general audience primarily in the South West of France. The digital infrastructure is modern, leveraging JavaScript frameworks, Google Tag Manager, and a consent management platform to ensure compliance with privacy regulations. The site is well-structured with good SEO and mobile optimization. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, Sud Ouest demonstrates a mature and professional online presence with strong privacy compliance and trustworthy branding.

L

L'Agglo Hérault Méditerranée

agglo-heraultmediterranee.net

64

L'Agglo Hérault Méditerranée is a regional French government entity providing a broad range of public services including waste management, water and sanitation, public transportation, housing, cultural activities, and environmental protection. The website serves as an information portal for residents and businesses within the Hérault Méditerranée territory, offering access to services, news, and project updates. The organization positions itself as a key regional authority supporting sustainable development and quality of life. Technically, the website is built on WordPress using a custom WonderWP child theme and Bootstrap framework. It employs modern web technologies and is mobile-optimized with good SEO practices. The site uses Google Analytics for audience measurement with a clear cookie consent mechanism, reflecting a moderate level of digital maturity. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent aligned with GDPR. However, it lacks explicit security headers and a published vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is incomplete, which raises some concerns, but the website content and external links strongly indicate legitimacy as a public government entity. Overall, the website is professional, trustworthy, and serves its public service mission effectively. Strategic recommendations include enhancing security headers, publishing a security policy, improving accessibility, and maintaining regular security audits to strengthen the security posture and compliance.

M

Marlene®

marlene.it

50

Marlene® is a well-established brand specializing in the promotion and marketing of South Tyrolean apples, emphasizing quality, sustainability, and culinary inspiration. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies and a CMS platform (Consisto.CMS), with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit privacy and cookie policies. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance could be improved. Overall, the website is trustworthy and serves its business purpose effectively.

K

Kia

kia.com

69

Kia's Finnish website serves as a localized portal for the global automotive brand, offering detailed information about their vehicle lineup, including electric and hybrid models, with a strong emphasis on a 7-year warranty. The site targets Finnish consumers interested in purchasing or learning about Kia vehicles, providing tools such as a car configurator, service booking, and dealer locator. The business model focuses on automotive manufacturing and retail, supported by a consistent and professional online presence.

D

DNZ MEDIA

danzaedanza.com

65

Danza&Danza is a specialized Italian media company focused on dance culture, providing a bimonthly magazine and a dynamic website with news, reviews, and multimedia content. The company, DNZ MEDIA, has a long-standing presence since 1985 and targets professionals and enthusiasts in the dance sector. The website supports subscription sales, advertising, and content publishing, positioning itself as a niche leader in Italian dance journalism. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with a custom or unknown CMS. It is moderately optimized for performance and mobile devices, with good SEO practices and basic accessibility features. The domain is registered with a reputable registrar and protected against unauthorized transfers, though DNSSEC is not enabled. Security-wise, the site uses HTTPS and implements a cookie consent mechanism and secure login forms with CSRF tokens. However, it lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. No critical vulnerabilities or suspicious content were detected, and privacy policies are present and GDPR compliant. Overall, the website is professional, trustworthy, and well-aligned with its business goals. Strategic improvements in security headers and DNS security would further strengthen its posture. The site is safe for general audiences and maintains a clear, consistent brand identity.

R

Rai Cultura

raicultura.it

58

Rai Cultura is a cultural portal operated by RAI, Italy's national public broadcasting company, providing rich content across various cultural domains such as art, literature, history, philosophy, music, cinema, theater, dance, and science. The website targets a broad audience interested in cultural enrichment and serves as a trusted source of cultural information and events in Italy. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and responsive design principles to ensure accessibility across devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity.

R

Rai

raiplaysound.it

64

RaiPlay Sound is the digital audio platform of Rai, Italy's public broadcaster, offering live radio streaming, podcasts, and audiobooks. The platform targets a broad audience interested in Italian radio content and digital audio entertainment. It provides user account features for personalized experiences and supports mobile applications on iOS and Android. The website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and integration with major analytics and advertising services. Privacy and cookie consent mechanisms are robust and GDPR compliant, reflecting the organization's commitment to user data protection. Security posture is strong with HTTPS enforcement and standard best practices, though explicit security headers and vulnerability disclosure mechanisms could be enhanced. Overall, RaiPlay Sound presents a professional, trustworthy, and user-friendly digital media service.

R

Radiotelevisione Italiana S.p.A.

rai.it

69

Rai.it is the official website of Radiotelevisione Italiana S.p.A., Italy's leading public broadcaster. The site offers a comprehensive range of content including news, entertainment, sports, and cultural programming, supported by streaming platforms RaiPlay and RaiPlay Sound. The website demonstrates a mature digital presence with modern technologies, CDN usage, and a strong focus on user privacy and consent management. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, although explicit security and incident response policies are not prominently published. Overall, Rai.it presents a professional, trustworthy, and user-friendly platform serving a broad general audience in Italy.

CrediNet.bg is a Bulgarian online microcredit service specializing in fast loans up to 5000 Bulgarian leva, targeting local consumers seeking quick credit solutions with minimal documentation (only ID card required). The website presents a professional and consistent brand image with a clear business focus on microcredit lending. The technical infrastructure includes modern web technologies, integration with Cookiebot for cookie consent, and Cloudflare DNS with DNSSEC enabled, indicating a secure domain setup. However, the absence of explicit privacy policy and terms of service pages, as well as lack of direct contact information, limits full compliance and trust signals. Security posture is generally good with HTTPS and DNSSEC, but could be improved by adding security headers and publishing security policies. Overall, the site is safe, well-structured, and serves its business purpose effectively, though improvements in transparency and compliance documentation are recommended.

DERTICKETSERVICE.DE GmbH & Co. KG operates as a leading regional ticketing and live entertainment marketing service provider in North Rhine-Westphalia, Germany. With over 35 years of experience, the company offers tailored ticket software solutions, marketing support, and access to a network of regional ticket platforms such as kölnticket, bonnticket, and westticket. Their services target event organizers and end customers, focusing on maximizing event success through technology and marketing expertise. The website is professionally designed using TYPO3 CMS and integrates modern web technologies, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies are absent. The WHOIS data is privacy protected, which is justified for this business type, but limits direct verification of registrant details. Overall, the site demonstrates high trustworthiness and business credibility with strong regional partnerships and professional content.

L

Lieux Publics

lieuxpublics.com

52

Lieux Publics is a French national center for creation in public spaces based in Marseille, supporting artists across disciplines through residencies, coproductions, and cultural actions. It coordinates La Cité des arts de la rue and the international network IN SITU, positioning itself as a key cultural institution in France's public arts sector. The website reflects a professional cultural organization with a clear focus on arts and public space creation. Technically, the site uses modern JavaScript libraries such as Flickity and ScrollReveal, integrates cookie consent via Tarteaucitron, and includes an accessibility widget from UserWay, indicating a mature digital infrastructure with attention to user experience and compliance. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks DNSSEC and security headers, suggesting room for improvement. No privacy policy or terms of service pages were detected, which is a compliance gap. Overall, the domain is long-established and legitimate, with consistent WHOIS data and no suspicious indicators. The site is safe for general audiences with no adult content. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and providing clear contact information for incident response.

A

Albolina Film srl

albolina.org

52

Albolina Film srl is a small but leading cinematic production company based in Bolzano, Italy, founded in 2012. They specialize in producing and co-producing films and providing production services in South Tyrol, catering to a multilingual audience in German, Italian, and English. Their mission focuses on connecting their culturally diverse region with Europe and beyond through film. The website is professionally designed, mobile-optimized, and provides clear contact information and social media presence, reflecting a mature digital infrastructure. Technically, the site uses modern web technologies including Cookiebot for consent management and Vimeo for video content, ensuring good performance and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and published security policies could enhance trust. WHOIS data is unavailable due to privacy or query failure, but the website content and contact details support legitimacy. Overall, the site demonstrates a high level of professionalism and compliance with privacy regulations, making it a trustworthy digital presence for the company.

The Südtiroler Künstlerbund is a well-established cultural association based in Bolzano, Italy, founded in 1946. It serves as a platform for artists across multiple disciplines including visual arts, literature, music, and architecture. The organization promotes emerging talent through exhibitions, events, and partnerships with galleries and institutions both nationally and internationally. The website reflects a medium-sized non-profit entity with a clear focus on arts and culture, targeting artists and art enthusiasts. Technically, the website employs modern front-end technologies such as HTML5, CSS3, JavaScript, FontAwesome, and Swiper.js for interactive event displays. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, the CMS and hosting details are not discernible from the available data. From a security perspective, the site uses HTTPS with an excellent SSL configuration and implements a cookie consent mechanism indicating GDPR compliance awareness. However, it lacks visible security headers and formal security or incident response policies. No vulnerabilities or tracking analytics were detected, suggesting a minimal attack surface but also limited security transparency. Overall, the website is trustworthy and professional in its presentation and content, but the absence of WHOIS data and domain registration details introduces moderate uncertainty regarding domain legitimacy. Strategic improvements in security policies and transparency would enhance trust and compliance.

The website raai.it is currently inaccessible beyond a security challenge page implemented by BitNinja.IO, indicating the presence of a Web Application Firewall or similar security mechanism. The visible content is minimal and primarily serves as a redirect and security check, preventing direct access to business-related information. The domain is registered since 2021 with DNSSEC enabled, suggesting some level of DNS security, but no registrant details or business claims are visible to verify legitimacy. The site uses very outdated CMS versions (Joomla 1.5 and WordPress 2.5), which are known to have multiple security vulnerabilities, raising concerns about the underlying platform's security posture. No privacy, cookie, or terms of service policies are found, and no contact information or social media links are available, limiting trust and compliance evaluation.

U

UNISCA

unisca.it

51

UNISCA is an independent Italian association focused on coordinating and aggregating professionals and organizations in the creativity, arts, and entertainment sectors. Founded in 2021, it serves as a platform for idea exchange, advocacy, and sector synthesis. The website reflects a small-sized non-profit entity with a clear mission to support cultural identity and artistic autonomy within Italy. Technically, the site is built on WordPress using Elementor and related modern web technologies, providing a good user experience with mobile optimization and SEO best practices. Security posture is strong with HTTPS, DNSSEC, and security headers, though explicit security policies and incident response information are absent. Privacy and cookie policies are present with consent mechanisms, indicating GDPR awareness. Overall, the site is professional, trustworthy, and safe for general audiences.

D

D2C Life Science

d2c-lifescience.com

61

D2C Life Science is a specialized consultancy focused on pharmaceutical GMP quality management, offering auditing, consulting, training, and project management services. The company targets pharmaceutical manufacturers, contract manufacturers, and hospitals implementing GMP for advanced therapies. Their website demonstrates a modern technical infrastructure using the Astro framework, with excellent design, mobile optimization, and clear content structure. Security posture is moderate with no detected security headers or incident response information, and the WHOIS data is missing, which raises some trust concerns. Privacy compliance is strong with a comprehensive privacy policy, but cookie consent mechanisms are absent. Overall, the website is professional and trustworthy, but improvements in security transparency and domain registration clarity are recommended.

O

Ornis Birding Expeditions | Global Bird Tours

ornis-birding.com

58

The website www.ornis-birding.com appears to be a Wix-hosted site focused on birding or birdwatching, as suggested by the domain name and typical Wix platform assets. However, the site lacks substantive business content, contact information, and privacy or cookie policies, which limits its credibility and compliance posture. The technical infrastructure is based on Wix's standard JavaScript libraries and polyfills, indicating a modern but basic setup. Security posture is minimal with no detected security headers or explicit SSL configuration details. The absence of WHOIS registration data raises concerns about the domain's legitimacy and longevity. Overall, the site is accessible without WAF or blocking mechanisms but lacks critical business and compliance information.

D

DNForum.com

dnforum.com

67

DNForum.com operates as an online community forum and marketplace dedicated to domain name trading, discussions, appraisals, and related services. The platform targets domain investors, buyers, sellers, and industry professionals, offering a structured environment with active user engagement and verified members. The website leverages XenForo forum software and modern web technologies, providing a good user experience with mobile optimization and clear navigation. Security practices include HTTPS enforcement, CSRF protection, and secure cookies, though explicit security headers and policies are not evident. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the active content and community suggest operational legitimacy. Privacy and cookie policies are not found, indicating compliance gaps.

A

Api Restauration

apirecrute.com

71

Api Restauration is a well-established French family-owned company specializing in collective catering services with a large workforce and extensive operations. The website serves as a recruitment portal highlighting company values, history, and employee testimonials. The technical infrastructure is modern, leveraging the Teamtailor platform, with good mobile optimization and video content integration. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response information are absent. WHOIS data is missing, which slightly impacts trust but the website content and branding are professional and consistent.

V

Connexion Visimodif

visimodif.fr

37

The website visimodif.fr serves primarily as an administration login portal for Visimodif, likely related to Visicod.com. The site is minimalistic, focusing on user authentication for internal or administrative users, with no public-facing business descriptions or contact information. The domain is well-established, registered since 2010 with OVH, a reputable French registrar, indicating a stable presence. Technically, the site uses standard web technologies including HTML5, CSS, and JavaScript with jQuery and validation plugins, hosted on OVH infrastructure. Mobile optimization is adequate, but accessibility and SEO features are basic. Security posture is moderate; while client-side validation is implemented, there is no visible HTTPS enforcement or security headers in the provided HTML content, and no advanced security policies or incident response information is available. Privacy and cookie policies are absent, which is a compliance gap. Overall, the site is functional but lacks comprehensive security and privacy measures, and public business information is minimal.

I

IPcost

ipcost.com

61

IPcost.com is a specialized online service providing users with detailed information about their public IP addresses, including IPv4 and IPv6 detection, geolocation on a world map, and additional network details such as ISP, ASN, and VPN/proxy detection. The website targets general internet users who need quick and free access to IP-related data, positioning itself as a niche informational tool in the technology sector. The business model is primarily ad-supported, with Google Adsense integrated for monetization. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and the Leaflet.js library for interactive map rendering. It uses Google Tag Manager and Google Adsense for analytics and advertising. The site is hosted on infrastructure likely provided by Hetzner Online GmbH, inferred from IP geolocation data. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. From a security perspective, the site benefits from HTTPS encryption and domain transfer lock status, enhancing trustworthiness. However, it lacks DNSSEC, explicit security policies, incident response contacts, and a cookie consent mechanism, which are important for compliance and user trust. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and privacy compliance are recommended. Overall, IPcost.com is a legitimate, moderately mature service with a solid technical foundation and clear business purpose. Strategic enhancements in privacy compliance, security transparency, and DNS security would improve its risk posture and user trust.

C

CPS Test - Check your clicks per second

cpstest.click

64

The website cpstest.click offers a free online service focused on measuring and training users' mouse click speed, primarily targeting gamers and casual users interested in improving their click rate. The site provides multiple click speed tests, reaction time tests, and related gaming tools, supported by advertising revenue through Google Adsense and related ad services. The content is well structured, multilingual, and optimized for mobile devices, providing a good user experience with clear navigation and relevant gaming-related content. From a technical perspective, the site uses modern web technologies including HTML5, CSS3, and JavaScript, with integration of Google Tag Manager and DoubleClick for analytics and advertising. The domain is registered with a reputable registrar and uses Cloudflare DNS, but lacks DNSSEC and explicit security headers, which are areas for improvement. The site is served over HTTPS, ensuring encrypted communication. Security posture is moderate; while HTTPS is enforced and domain transfer protection is enabled, the absence of DNSSEC and security headers reduces the overall security maturity. Privacy compliance is basic, with a privacy policy and terms of service present, but no visible cookie consent mechanism despite use of tracking scripts. Contact information is limited to a contact form with no direct emails or phone numbers, which may affect user trust. Overall, the website is a legitimate, small-scale online gaming utility with a moderate security and privacy posture. Strategic improvements in security headers, DNSSEC implementation, and privacy compliance would enhance trust and security. The site is safe for general audiences with no adult or questionable content detected.

C

Convertall

convertall.com

55

Convertall is a well-established online file conversion service founded in 1999, offering free conversion of various file types including audio, video, images, documents, ebooks, and more. The service emphasizes user privacy by encrypting data with AES-256 and deleting files after conversion, alongside a commitment to eco-friendly operations. The website is professionally designed with excellent content quality and clear navigation, targeting general internet users needing secure and versatile file conversion tools. Technically, the site uses modern JavaScript, is hosted by OVH sas, and employs Cloudflare DNS, with good SSL configuration and fast performance. Security practices include encrypted file transfer and data deletion, but lack DNSSEC and security headers. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though no cookie consent mechanism is present despite use of Google Tag Manager for analytics. Overall, the site is trustworthy and professional with strong business credibility and user trust signals.

I

International Union for Conservation of Nature and Natural Resources

iucnredlist.org

63

The IUCN Red List website represents a globally recognized non-profit organization dedicated to assessing and communicating the conservation status of species worldwide. It serves a diverse audience including researchers, conservationists, policymakers, and the general public. The site offers comprehensive data and resources to support biodiversity conservation efforts and policy development. The organization has a strong market position as the authoritative source for species threat assessments, supported by a broad partnership network and a long history dating back to 1964. Technically, the website employs modern web technologies including HTTPS, JavaScript, and Google Analytics, ensuring good performance, mobile optimization, and accessibility. The infrastructure appears robust with no signs of blocking or WAF interference, and the site uses secure forms with CSRF protection. However, explicit security headers and a cookie consent mechanism could be improved. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement and secure data handling practices. No vulnerabilities or exposed sensitive data were detected. Privacy policies are comprehensive and GDPR compliant, though a visible cookie consent banner is absent. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website is professional, trustworthy, and well-maintained, with high content quality and clear business credibility. Strategic recommendations include enhancing security header implementation, adding a cookie consent mechanism, publishing a vulnerability disclosure policy, and providing incident response contact details to further strengthen trust and compliance.

G

Gravitec.net

gravitec.net

57

Gravitec.net is a technology company specializing in automated web push notification services designed to enhance customer engagement, increase website traffic, and improve user retention. Established in 2016, the company has positioned itself as a market leader with over 40,000 websites and 15,000 companies leveraging its platform. Key services include AI-powered notification content generation, campaign automation, detailed analytics, and seamless integrations with popular platforms such as WooCommerce, Shopify, and WordPress. The technical infrastructure of Gravitec.net is robust, utilizing a modern tech stack with extensive use of JavaScript-based analytics and marketing tools including Google Analytics, Mixpanel, Microsoft Clarity, Hotjar, and Visual Website Optimizer. The website demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital presence. Security best practices are observed with HTTPS enforcement, security headers, and CAPTCHA-protected forms, although a dedicated security policy page and incident response contacts are not currently published. From a security perspective, Gravitec.net maintains a strong posture with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. The domain registration data is consistent with the business claims, supporting the legitimacy and trustworthiness of the entity. Overall, Gravitec.net presents a professional, secure, and user-friendly platform with a strong market position in the web push notification space. Strategic recommendations include enhancing transparency with a dedicated security policy, publishing vulnerability disclosure information, and continuous monitoring of third-party scripts to maintain security integrity.

B

Startseite

bne.nrw

50

The website www.bne.nrw serves as the official state portal for Education for Sustainable Development (BNE) in North Rhine-Westphalia, Germany. It provides comprehensive information, news, events, and resources related to sustainable education initiatives supported by the NRW state government. The portal targets educational institutions, sustainability actors, and the general public interested in sustainable development. It is positioned as a trusted government-backed platform facilitating engagement and knowledge sharing in the sustainability education sector. Technically, the site is built on TYPO3 CMS, a robust open-source content management system, and integrates Matomo for privacy-conscious analytics. The site demonstrates good mobile responsiveness, accessibility, and SEO practices. Cookie consent mechanisms are implemented to comply with privacy regulations. However, no explicit security headers were detected in the HTML source, suggesting room for improvement in security hardening. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. The WHOIS data is privacy protected or unavailable, which is common and justified for this type of government-related portal. The site lacks explicit security policies or incident response contacts, which could be enhanced to improve transparency and readiness. Overall, the website is a well-maintained, professional, and trustworthy portal with strong business credibility and good privacy compliance. Strategic recommendations include implementing security headers, publishing a security policy, and providing explicit security contact information to further strengthen the security posture and user trust.

A

ASEAG

aseag.de

49

ASEAG is the largest mobility service provider in Aachen and the surrounding StädteRegion Aachen, Germany. The company offers comprehensive public transportation services including timetable information, ticket sales, and customer support. The website reflects a well-established public transport business with a clear focus on serving local residents and visitors. ASEAG maintains a strong digital presence with integrated journey planners and departure monitors, leveraging partner services such as auskunft.avv.de. The site is built on TYPO3 CMS and incorporates modern web technologies and analytics tools such as Matomo and Google Tag Manager, ensuring a robust technical infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly disclosed. Overall, ASEAG's website demonstrates professionalism, good user experience, and compliance with privacy regulations, positioning it as a trustworthy and credible transportation service provider.

S

Sparkasse Gelsenkirchen

sparkasse-gelsenkirchen.de

70

Sparkasse Gelsenkirchen operates as a regional financial institution providing a broad range of banking and financial services to private and corporate customers. The website reflects a mature digital presence with comprehensive product offerings including accounts, loans, investments, insurance, and real estate services. The bank holds a strong market position locally, supported by multiple industry awards and a consistent brand image. Technically, the site is built on a modern CMS platform (likely Adobe Experience Manager), with good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

GELSEN-NET Kommunikationsgesellschaft mbH

gelsen-net.de

64

GELSEN-NET Kommunikationsgesellschaft mbH is a regional telecommunications provider based in Gelsenkirchen, Germany, with over 40 years of experience. The company specializes in delivering fiber optic internet, telephony, TV, and tailored IT solutions to private customers, businesses, and the housing industry within the Emscher-Lippe region. Their market position is strong regionally, supported by personalized service and a comprehensive product portfolio. Technically, the website is built on TYPO3 CMS, integrates modern tracking and marketing tools like Google Tag Manager and Ads, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and secure form handling, though explicit security policies and incident response contacts are not published. Overall, the website is professional, accessible, and trustworthy, reflecting a mature digital presence aligned with business goals.

M

Meteored

meteored.com

69

Meteored is a weather forecasting service providing worldwide animated weather maps, satellite imagery, radar data, air quality, pollution, and hurricane tracking. The platform targets meteorology enthusiasts and the general public seeking detailed weather information. It offers multi-language support and mobile applications across major platforms, enhancing accessibility and user engagement. The website demonstrates a good level of professionalism with consistent branding and quality content focused on weather services. Technically, the site employs modern web technologies including JavaScript, WebGL, and integrates Google Tag Manager and advertising services. The site is mobile optimized and provides a moderate performance experience. SEO practices are well implemented with appropriate meta tags and structured navigation. From a security perspective, the website enforces HTTPS and uses a consent management platform for privacy compliance. However, it lacks explicit security policies and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern, potentially indicating privacy protection or registration inconsistencies, which slightly lowers the trust score. Overall, Meteored presents a reliable and professional weather information service with good technical and privacy compliance. Strategic improvements in domain registration transparency and security policy disclosures would enhance trust and security posture.

T

TFGpl sp. z o.o.

ebutik.pl

70

eButik.pl is a well-established Polish online boutique specializing in women's fashion, offering a broad range of clothing categories including plus size and seasonal collections. The company, TFGpl sp. z o.o., has been operating since 2003, positioning itself as a trusted retailer with a focus on quality, style, and affordability. The website demonstrates strong digital maturity with a modern e-commerce platform (IdoSell Shop), comprehensive privacy and cookie policies, and integration of advanced marketing and analytics tools such as Google Analytics, Facebook Pixel, and TrustMate reviews. Security posture is robust with HTTPS enforced and privacy compliance evident, though some security headers could be improved. Overall, the site provides an excellent user experience with mobile optimization and clear navigation, supported by credible business information and positive customer feedback.

W

Westdeutsche Zeitung

wz.de

64

Westdeutsche Zeitung is a German regional news media company providing digital news content through a website that offers both advertising-supported free content and a paid subscription model called WZ+. The website targets a general audience interested in regional and current news. The technical infrastructure includes modern web technologies such as custom web components, web fonts, and Cloudflare for DNS and hosting services. Google Tag Manager is used for analytics and tracking, with a clear consent mechanism for GDPR compliance. Security posture is moderate with HTTPS implied but lacks explicit security headers and published security policies. Overall, the site is functional and compliant but could improve in security transparency and technical SEO. The domain WHOIS data shows Cloudflare nameservers but lacks detailed registrant information, which is common but limits full trust assessment. No adult or explicit content is present, making the site safe for general audiences.

S

Sparkasse Krefeld

sparkasse-krefeld.de

69

Sparkasse Krefeld is a regional financial institution in Germany offering a comprehensive range of banking and financial services including online banking, accounts, loans, investments, insurance, and private banking. The website targets both private and corporate customers with a strong emphasis on secure online services and customer support. The site is well-branded, professionally designed, and provides extensive information and navigation options for its users. Technically, the website is built on a modern CMS platform (likely Adobe Experience Manager), uses HTTPS, and includes accessibility and SEO best practices. Security posture is strong with session management, cookie consent, and no visible vulnerabilities, although explicit security policy and incident response information are not publicly disclosed. The domain WHOIS data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website demonstrates a mature digital presence with good privacy compliance and user experience.

Zoofreunde Krefeld e.V. is a well-established non-profit association dedicated to supporting the Krefeld Zoo through memberships, donations, and sponsorship programs. With over 50 years of history, the organization plays a vital role in enhancing animal welfare and zoo infrastructure. The website reflects a professional and consistent brand image, targeting zoo visitors, animal lovers, and local community members interested in supporting the zoo. Technically, the site is built on TYPO3 CMS, hosted via Rheinmedia, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policy and incident response information. The presence of Meta Pixel tracking is disclosed and controlled via consent. Overall, the domain registration data aligns well with the website content, indicating legitimacy and trustworthiness.

D

Decathlon Outdoor

decathlon-outdoor.com

56

Decathlon Outdoor operates a digital platform focused on providing free access to thousands of outdoor routes for walking, cycling, and snowshoeing primarily in France and its overseas territories. The platform targets outdoor enthusiasts and tourists seeking detailed itineraries with maps and voice navigation. The website is built using modern JavaScript frameworks such as Nuxt.js and integrates analytics and consent management tools like Amplitude and Didomi, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS usage implied, but lacks visible security headers and comprehensive privacy policy documentation, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and consistent branding support the platform's legitimacy. Strategic recommendations include enhancing security headers, publishing clear privacy policies, and improving WHOIS transparency to strengthen trust and compliance.

S

Sinsay

sinsay.com

70

Sinsay operates as an international online fashion retailer targeting women, men, and children across 19 countries. The website serves as a country selector landing page, directing users to localized stores. The business model is e-commerce retail with a focus on affordable fashion. The site demonstrates consistent branding and a professional presentation, indicating a mature market presence. Technically, the website employs modern JavaScript frameworks and third-party services such as Cookiebot for consent management, New Relic for monitoring, and Google Tag Manager for analytics. Hosting is provided via Akamai, suggesting a robust content delivery infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. From a security perspective, HTTPS is enforced, and a comprehensive cookie consent mechanism is in place, supporting GDPR compliance. However, no explicit security headers were detected in the HTML content, and no direct contact information for security or incident response was found. The WHOIS data for the domain is unavailable, which slightly reduces trustworthiness but does not negate the professional appearance and functionality of the site. Overall, the website presents a low-risk profile with good privacy compliance and a solid technical foundation. Strategic improvements in security headers, transparency of contact information, and WHOIS data availability would enhance trust and security posture.

Deutsche Tierpark-Gesellschaft e.V. is a German non-profit organization dedicated to supporting and promoting zoological parks and animal parks. The website serves as an informational and engagement platform for zoo visitors, members, and supporters. It offers event information, organizational details, and resources related to zoological parks. The organization operates within a niche non-profit sector with a clear focus on animal parks in Germany. Technically, the website is built on WordPress, utilizing modern web technologies including JavaScript, PHP, and integrations with Google services such as Google Fonts, Google Maps, and YouTube embeds. The site employs a professional cookie consent mechanism compliant with GDPR, and uses plugins like Real Cookie Banner Pro and Formidable Forms to manage privacy and user interactions. Hosting is provided by rzone.de, with appropriate SSL and security headers in place, indicating a good level of technical maturity. From a security perspective, the website enforces HTTPS, implements security headers, and maintains privacy compliance with a clear cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy or incident response information, which could enhance trust and preparedness. Overall, the security posture is solid but could benefit from formalized policies and incident response contacts. The overall risk assessment is low, with the website presenting a trustworthy and professional front for the non-profit organization. Strategic recommendations include adding explicit security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party integrations to mitigate potential risks. These steps will strengthen compliance, security posture, and user trust over time.