Security Directory

G

GoDaddy Operating Company, LLC

mededge.com

74

The website forsale.godaddy.com/forsale/mededge.com is a professionally maintained domain sales landing page operated by GoDaddy Operating Company, LLC, a leading domain registrar and aftermarket service provider. It offers the domain mededge.com for sale with options to buy immediately or make an offer, supported by secure payment methods and a domain broker contact. The site leverages modern web technologies including Next.js and JavaScript, hosted on GoDaddy's infrastructure, ensuring fast performance and good mobile optimization. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data. Privacy and cookie policies are implemented with consent mechanisms, reflecting good compliance practices. Overall, the site demonstrates high trustworthiness and professionalism suitable for its business model.

B

Budapest Music Center

bmc.hu

59

Budapest Music Center (BMC) is a well-established Hungarian cultural institution focused on contemporary Hungarian music, operating since 1996. The website serves as a portal for music information, concert venue details, and music library services, targeting Hungarian music enthusiasts and the cultural community. The business model centers on cultural promotion and event hosting, with a strong local market presence. Technically, the website employs modern web technologies including JavaScript, CSS, and Cookiebot for cookie consent management. It is hosted behind Cloudflare infrastructure, ensuring good performance and security. The site is mobile optimized and includes basic accessibility features, with good SEO practices evident from meta tags and Open Graph data. Security posture is strong with HTTPS enforcement, appropriate security headers, and anti-bot cookies. The site uses a comprehensive cookie consent mechanism compliant with GDPR, though lacks explicit security policy or incident response contact pages. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital presence with moderate to good scores in content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include adding terms of service, security policy, and incident response information to enhance transparency and trust.

S

Südwest Presse

swp.de

9

Südwest Presse operates a professional regional news website (swp.de) serving the German market, primarily Baden-Württemberg. The platform offers news and current affairs content with a focus on regional relevance. The website demonstrates a good level of digital maturity, employing modern JavaScript libraries, asynchronous script loading, and responsive design principles. However, explicit privacy and cookie policies are not detected in the provided content, which may impact compliance with GDPR requirements. Security posture is adequate with HTTPS enforced but lacks visible security headers and formal security policies. Overall, the site is trustworthy and professionally maintained but could improve privacy transparency and security hardening.

S

Slobodna domena Zadruga za otvoreni kod i dizajn

slobodnadomena.hr

10

Slobodna domena Zadruga za otvoreni kod i dizajn is a Croatian cooperative founded in 2017, specializing in open source software and design services. The cooperative brings together designers, programmers, creatives, and engineers to provide comprehensive expert services, targeting non-profit organizations, socially responsible entities, institutions, and commercial companies. Their business model emphasizes collaboration and social responsibility, positioning them as a niche player in the Croatian technology sector. Technically, the website employs modern web technologies including Matomo analytics with cookies disabled, Google Fonts, SVG graphics, and Turbolinks for navigation. The site is mobile-optimized and includes accessibility features such as dyslexia-friendly typography and contrast adjustments. Performance is moderate with good SEO and accessibility practices, although some improvements in security headers and privacy policies are needed. From a security perspective, the site uses HTTPS with a good SSL configuration and disables cookies in analytics to enhance privacy. However, it lacks explicit privacy and cookie policies, security headers, and vulnerability disclosure mechanisms, which are important for compliance and trust. No forms or sensitive data exposure were detected, and no suspicious or malicious content was found. Overall, the website is professional, trustworthy, and well-aligned with the cooperative's mission. The main risks relate to compliance gaps in privacy and cookie policies and the absence of security headers. Addressing these would improve the security posture and regulatory compliance, enhancing user trust and legal standing.

D

Domain-Bestellsystem

domain-bestellsystem.de

58

The website domain-bestellsystem.de serves as a login portal for a domain order system targeted primarily at resellers and partners. The site provides a basic interface for reseller users to enter their credentials and access the ordering system. The business model appears to be a B2B reseller platform within the technology sector, focusing on domain management services. The site content is minimal and functional, lacking detailed business or contact information, privacy policies, or terms of service. The target audience is clearly resellers or partners rather than general consumers. From a technical perspective, the website uses legacy JavaScript libraries such as jQuery 1.4.4 and related plugins, which are outdated and pose potential security risks. The HTML and CSS are basic but functional, with moderate performance and basic mobile optimization. There is no evidence of a modern CMS or advanced frameworks. The site lacks visible security headers and there is no explicit confirmation of HTTPS usage in the provided data, which raises concerns about secure data transmission. The login form uses POST and masks passwords, but overall security posture is moderate due to outdated libraries and missing headers. Security evaluation reveals several areas for improvement. The use of outdated JavaScript libraries is a significant vulnerability. The absence of security headers and unclear SSL/TLS configuration further reduce security confidence. No privacy or cookie policies are present, indicating poor privacy compliance. No contact or incident response information is provided, limiting transparency and trust. No WAF or blocking mechanisms were detected, and the site content is fully accessible. WHOIS data is limited but shows professional DNS hosting with no privacy protection, suggesting moderate legitimacy. Overall, the website scores in the average range with notable deficiencies in privacy compliance, security best practices, and business transparency. Strategic recommendations include upgrading all JavaScript libraries, implementing HTTPS with strong SSL/TLS, adding security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to enhance trust and compliance.

H

Hostsharing eG

geno.social

57

geno.social is a niche Mastodon instance dedicated to cooperatives, cooperative organizations, and cooperative activists. Operated by the cooperative Hostsharing eG, it provides a decentralized social media platform that integrates with the broader fediverse, promoting small, secure, and independent instances. The website clearly communicates its mission and target audience, offering account registration via a contact form and providing transparent contact information. The business model centers on community-driven social media hosting with a focus on cooperative values. Technically, the site runs Mastodon version 4.4.8 with a React-based frontend, leveraging modern JavaScript modules and polyfills for compatibility. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content.

C

CKEditor.com

ckeditor.com

73

CKEditor.com is a well-established technology company specializing in WYSIWYG HTML editors with collaborative rich text editing capabilities. Founded in 2007, it serves a broad audience including developers and enterprises, offering a robust software solution trusted by over 20,000 companies worldwide. The company operates primarily on a SaaS and open-source business model, providing extensive documentation and support to its users. The website reflects a mature market position with professional branding and consistent messaging.

I

Informationsdienst Wissenschaft (idw)

wisskomm.social

66

Wissenschaft trötet is a Mastodon-based social networking platform hosted on wisskomm.social, primarily serving the scientific community associated with the Informationsdienst Wissenschaft (idw). The platform facilitates content sharing and social interaction among members of scientific institutions. It positions itself as an independent Mastodon server within the fediverse, focusing on community-driven content without advertising or algorithmic interference. The website demonstrates a consistent and professional branding aligned with its scientific audience. Technically, the site leverages Mastodon version 4.4.7 with React and modern JavaScript modules, providing a responsive and moderately performant user experience. Security posture is adequate with HTTPS implied and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is basic, with a privacy policy present but no cookie consent or terms of service pages. Overall, the site is safe, trustworthy, and suitable for general audiences, but could improve in transparency and security documentation.

H

Hochschule für Technik und Wirtschaft des Saarlandes

htwsaar.de

67

The Hochschule für Technik und Wirtschaft des Saarlandes (htw saar) is a public university in Germany specializing in technology and economics education. It offers a broad range of bachelor and master degree programs, including dual and international studies, supported by strong research activities and partnerships. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support, targeting students, researchers, and academic partners. Technically, the site is built on TYPO3 CMS with Matomo analytics, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled, but lacks explicit security headers and formal privacy/cookie policies, indicating room for compliance improvement. WHOIS data confirms domain legitimacy and alignment with the institution's identity. Overall, the site is trustworthy and professional but should enhance privacy and security disclosures to meet modern compliance standards.

I

in2code GmbH

in2code.de

62

in2code GmbH is a specialized TYPO3 Platinum Member company based in Germany, offering comprehensive web solutions including TYPO3 CMS development, hosting, marketing automation, and support services primarily targeting universities, higher education institutions, and enterprise businesses. The company holds a strong market position with multiple TYPO3 certifications and awards, reflecting its expertise and community engagement. Technically, the website is built on TYPO3 CMS with modern web technologies, optimized for performance, mobile, and accessibility. The security posture is solid with HTTPS usage and cookie consent mechanisms, though explicit security policies and incident response details are not publicly available. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with GDPR regulations.

U

Universität Paderborn

uni-paderborn.de

58

Universität Paderborn is a well-established German university serving approximately 20,000 students, positioned as a strong medium-sized academic institution. The website is built on TYPO3 CMS, reflecting a modern and maintainable technical infrastructure. The site is well-structured, mobile-optimized, and provides content primarily in German with English alternatives, targeting students, researchers, and the academic community. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy and cookie policies. No incident response or vulnerability disclosure information is publicly available, which could be improved to enhance trust and compliance. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

S

Stud.IP e. V.

studip.de

41

Stud.IP e. V. operates a modern open-source learning management system primarily targeting educational institutions such as universities, authorities, associations, and companies. The platform serves as a central component of digital education concepts, offering services in teaching, learning, administration, and integration via interfaces. The website is professionally designed, content-rich, and clearly structured, supporting a German-speaking audience with a focus on education and technology sectors. The business model revolves around providing an open-source LMS solution with community and event engagement to foster adoption and development. Technically, the website is built on WordPress with modern front-end technologies including JavaScript and CSS, enhanced by SEO tools like Yoast and analytics via Koko Analytics. Hosting is provided by Cloudpit, a reputable provider, ensuring reliable infrastructure. The site demonstrates good mobile optimization and accessibility features, although SEO optimization is basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS with excellent SSL configuration but lacks explicit security headers and published security policies. Forms are secured with required fields, and no sensitive data exposure or vulnerable libraries were found. Privacy compliance is partial; while a privacy policy is present and GDPR compliance is implied, no cookie consent mechanism or detailed data retention policies are visible. Contact information is limited to a postal address without direct emails or phone numbers, and no incident response or vulnerability disclosure information is provided. Overall, the website presents a trustworthy and professional front for an established educational technology entity. Strategic improvements in privacy compliance, security policy transparency, and user data consent mechanisms would enhance trust and regulatory adherence.

O

O Tempo

otempo.pt

65

O Tempo is a Portuguese weather forecast website providing meteorological information for Portugal and worldwide, covering over 200,000 cities. The site targets a general audience interested in weather updates and forecasts. It operates primarily as an advertising-supported media platform, integrating multiple ad networks and tracking services to monetize its content. The website demonstrates a moderate level of digital maturity with a modern tech stack including JavaScript frameworks, consent management via Didomi, and analytics through Google services. Performance and mobile optimization are adequate, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses consent management tools, but lacks visible security headers and published security policies such as privacy or cookie policies. No contact information or incident response channels are provided, which limits transparency and user trust. The domain registration is privacy-protected, which is common for media sites but reduces registrant transparency. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, clearer contact and security policies, and improved security header implementation to strengthen its security posture and user trust.

G

Global Impact Producers Alliance

globalimpactproducers.org

48

Global Impact Producers Alliance (GIPA) is a non-profit community-led network dedicated to nurturing and amplifying the work of impact producers. The organization provides resources, a directory, and a platform for community engagement, supported by reputable partners such as Doc Society and Perspective Fund. The website is professionally designed using WordPress and hosted on Linode, reflecting a moderate level of technical maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is weak due to the absence of privacy and cookie policies, and no contact information is provided on the homepage, which may affect user trust and regulatory compliance. Overall, the site is safe, trustworthy, and serves a niche non-profit audience effectively.

H

hemmer.ch sa

hemmer.ch

56

hemmer.ch sa is a Swiss-based digital agency specializing in web development and digital marketing services, with a strong focus on TYPO3 CMS. Established in 2001, the company serves a diverse clientele including enterprises, public organizations, communes, and industries across Switzerland. Their key offerings include marketing analysis, consulting, project management, SEO, web development, and coaching. The website reflects a professional and consistent brand image, supported by structured data and multiple physical office locations. Technically, the site leverages TYPO3 CMS, modern JavaScript and CSS, and integrates Google Analytics with a privacy-conscious consent mechanism. Security posture is strong with HTTPS and a strict Content-Security-Policy header, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site is well-optimized for SEO, mobile-friendly, and provides clear contact information and user engagement features such as a chatbot. The domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

NABU Landesverband Bremen e.V. is a well-established non-profit environmental organization active since 1995, focusing on nature conservation, environmental education, and community engagement in Bremen, Germany. The website serves as a comprehensive platform for information dissemination, volunteer coordination, event promotion, and fundraising. It targets nature enthusiasts, families, children, and volunteers, positioning itself as a leading regional environmental advocate with nearly 10,000 members. Technically, the site is built on the IMPERIA CMS platform, utilizing modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent management implemented, though some security headers could be enhanced. Privacy compliance is strong, with clear policies and GDPR adherence. Overall, the website reflects a professional, trustworthy, and user-friendly digital presence supporting the organization's mission.

V

Volksversand Versandapotheke

volksversand.de

63

Volksversand Versandapotheke operates as a large-scale online pharmacy based in Germany, offering a wide range of health, wellness, beauty, baby, and pet products. The website targets general consumers seeking affordable and convenient pharmaceutical products with benefits such as discounts, free shipping, and a bonus points program. The business is well-positioned in the e-commerce healthcare sector with a strong customer base and trust indicators like Trusted Shops certification. Technically, the website is built on the Shopware CMS platform, utilizing modern web technologies including JavaScript, CSS, and integration with Google Tag Manager and Trusted Shops widgets. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in loading speed and technical modernization. From a security perspective, the site employs HTTPS with excellent SSL configuration and secure form handling. However, it lacks visible security headers and explicit security or incident response policies. Privacy compliance is partial, with a comprehensive privacy policy but no visible cookie consent mechanism. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, Volksversand.de presents a trustworthy and professional online pharmacy platform with solid business credibility and technical implementation. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance its security posture and regulatory adherence.

A

Aponeo Versandapotheke

aponeo.de

60

Aponeo.de is a well-established German online pharmacy offering a wide range of pharmaceutical and health-related products. The website targets German-speaking consumers seeking convenient and cost-effective access to medications and wellness products, featuring services such as electronic prescription redemption and a customer loyalty program (APO Cash). The site demonstrates a mature e-commerce business model with strong market positioning in the German healthcare retail sector. Technically, the website employs modern web technologies including responsive design, lazy loading, and Google Tag Manager for analytics and marketing. The infrastructure is hosted via domaincontrol.com nameservers, indicating professional hosting arrangements. Security posture is solid with HTTPS enforced and secure login mechanisms, though some security headers could be enhanced for better protection. Privacy compliance is robust, with clear GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and user-friendly, with no indications of malicious content or security risks.

U

UniSalute

unisalute.it

60

UniSalute is a well-established Italian health insurance provider specializing in integrative health insurance policies for individuals, families, and pets. The website presents a professional and consistent brand image, offering clear information about their insurance products and promotional offers. The technical infrastructure leverages modern frameworks such as Astro and Angular, with integration of Tealium for tag management, indicating a mature digital presence. Security posture is generally good with HTTPS enabled and deferred script loading, but lacks explicit security headers and published security policies. Privacy compliance is limited due to absence of visible privacy and cookie policies. Overall, the website is trustworthy and professionally maintained, though improvements in privacy transparency and security disclosures are recommended.

Z

zt:archiv

zt-archiv.at

63

The zt:archiv website serves as the official digital archive platform for civil engineers (Ziviltechniker:innen) in Austria, enabling secure storage, qualified electronic signing, and public access to official documents. The platform is government-authorized and targets professionals in the civil engineering sector, as well as authorities and project partners. The business model revolves around providing a legally compliant, secure, and efficient digital archiving service, supporting the professional responsibilities and legal obligations of its users. Technically, the website employs a modern React-based frontend with PDF.js integration for document handling. The site is mobile-optimized and demonstrates good performance and usability, although some accessibility features could be enhanced. The content is well-structured and professionally presented, with consistent branding and clear navigation. From a security perspective, the site enforces HTTPS and uses qualified digital signatures to ensure document authenticity. However, explicit security headers are not evident, and no incident response or security policy information is publicly available. Privacy compliance is strong, with a clear privacy policy and cookie consent mechanism. No analytics or advertising scripts were detected, indicating a privacy-conscious approach. Overall, the website is trustworthy and professionally managed, with a strong alignment between WHOIS data and business claims. Recommendations include enhancing security headers, publishing incident response contacts, and improving accessibility to further strengthen the security posture and user trust.

G

Gewerkschaft Bau-Holz

gbh-news.at

10

The website www.gbh-news.at serves as an information platform for members of the Gewerkschaft Bau-Holz (GBH), a trade union representing workers in the construction and wood industries in Austria. It provides news, member services, legal support, education, and campaign information, positioning itself as a key resource for approximately 250,000 employees across multiple sectors. The site is well-branded, professionally designed, and targets union members and stakeholders in the Austrian construction and wood sectors. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and jQuery, with integrations such as Matomo for analytics and Usercentrics for consent management, reflecting a moderate level of digital maturity. The site is mobile-optimized and includes CAPTCHA protections on forms to mitigate spam. However, no CMS or hosting provider details are evident, and some security headers appear to be missing. From a security perspective, the site enforces HTTPS and uses consent management to comply with GDPR. While no critical vulnerabilities or exposed sensitive data were detected, the absence of explicit security policies, incident response contacts, and a security.txt file suggests room for improvement in transparency and readiness. The lack of WHOIS data reduces trust in domain registration legitimacy, though the website content and branding appear consistent and professional. Overall, the site presents a low-risk profile with good privacy compliance and user experience but would benefit from enhanced security disclosures and WHOIS transparency to strengthen trust and compliance posture.

F

First Music Contact

breakingtunes.com

53

Breaking Tunes is a niche media platform dedicated to the discovery and promotion of music artists on the Island of Ireland. It serves as a community portal for artists and industry professionals, supported by First Music Contact, a national music organization. The website offers artist registration, browsing by genre, and curated artist charts, positioning itself as a key resource in the Irish independent music sector. Technically, the site uses modern web technologies including Turbolinks and Google Tag Manager for analytics, with good mobile optimization and a professional design. However, the absence of visible security headers and privacy policies indicates room for improvement in security and compliance. The WHOIS data is missing, which raises questions about domain registration legitimacy, though the content and organizational association suggest a legitimate business presence. Overall, the site is safe for general audiences and provides valuable services to its target community.

F

FH Münster

fh.ms

10

FH Münster is a well-established university of applied sciences in Germany, providing a range of degree programs and educational services primarily targeting students and the academic community. The website reflects a professional educational institution with a clear focus on higher education. The site offers key services such as course listings and a student portal (myFH-Portal), positioning itself as a regional higher education provider. The content is primarily in German with an option for English, catering to a broad academic audience. Technically, the website uses modern web technologies including JavaScript ES modules and CSS, with SVG graphics for branding. The site is moderately performant and optimized for mobile devices, though accessibility features are basic. Security is addressed with HTTPS and a Content-Security-Policy header, but additional security headers and policies are lacking. There is no evidence of analytics or advertising scripts, indicating a focus on privacy and minimal tracking. From a security perspective, the site demonstrates a good baseline with HTTPS and CSP but lacks comprehensive privacy policies, cookie consent mechanisms, and incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the academic nature of the institution, showing consistent domain registration with German academic network name servers, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, additional security headers, and published policies to improve user trust and regulatory adherence.

M

Marathon-Photos.com Limited

marathon-photos.com

37

Marathon Photos Live is a globally operating sports photography company specializing in mass participation event photography, with a presence in 70 countries and a large volume of images and athletes served. The company positions itself as a world leader in this niche, offering event photography services and image sales primarily targeting athletes and event organizers. The website is professionally designed using modern web technologies such as Vue.js, with good mobile optimization and SEO practices. Privacy and cookie policies are implemented with user consent mechanisms, supporting GDPR compliance. However, direct contact information such as emails or phone numbers is not publicly listed, relying on contact forms instead. The WHOIS data is privacy protected, limiting verification of domain age and registrant details, but the website's content and social media presence support its legitimacy. Security posture is adequate with HTTPS enforced, but lacks visible security headers and explicit security policies. Overall, the site demonstrates a good balance of business credibility, technical implementation, and privacy compliance, with room for improvement in security transparency and accessibility.

M

Magyarország Kormánya

kormany.hu

67

The website kormany.hu is the official government portal of Hungary, providing authoritative information and services related to the Hungarian government. It serves Hungarian citizens and other stakeholders interested in government affairs. The site is enterprise-level, reflecting its role as a national government resource, and was established in 2001, consistent with the domain registration date. The website uses modern web technologies, notably the Angular framework, and is designed with good mobile optimization and user experience in mind. However, explicit privacy, cookie, and terms of service policies are not found in the provided content, which is a gap in compliance and user transparency. Security posture is solid with HTTPS enabled, but lacks visible security headers and incident response contact information. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate government entity.

Acconsento.click is a website providing a login portal for a service named Acconsento, likely related to privacy or consent management given the name. The website is relatively new, with domain registration dating back to 2020, and uses modern web technologies including Laravel backend and Vue.js frontend with Element UI components. The site is hosted behind Cloudflare DNS but lacks DNSSEC and visible security headers, indicating room for improvement in security hardening. No public privacy, cookie, or terms of service policies are present on the login page, and no contact or incident response information is provided, which limits user trust and compliance transparency. The content is minimal and focused solely on authentication, with no marketing or descriptive business information available.

D

Databay AG

seminarcatalog.de

64

Databay AG operates the SeminarCatalog platform, a comprehensive seminar and e-learning management software tailored for educational providers in Germany. The platform integrates booking management, participant administration, CRM and payment interfaces, and offers a professional online shop experience. The company positions itself as a specialized provider in the education sector, focusing on seamless integration with ILIAS LMS and blended learning scenarios. The website is professionally designed, content-rich, and targets educational institutions and training providers seeking unified seminar management solutions. Technically, the site is built on TYPO3 CMS with Bootstrap, delivering a responsive and accessible user experience with moderate performance. Security posture is solid with HTTPS, captcha protection on forms, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the domain registration aligns well with the company identity, indicating legitimacy and trustworthiness.

DIE VIELEN is a German non-profit organization dedicated to promoting an open, solidaric, diverse, and democratic society. The website serves as a platform to present their advocacy campaigns, cultural projects, event calendar, and press resources. The organization targets a general audience interested in social justice and anti-right-wing extremism initiatives. The website is built on WordPress with modern frontend technologies such as Vue.js, indicating a moderate level of digital maturity. Hosting is managed via domaincontrol.com name servers, commonly associated with GoDaddy. From a security perspective, the website enforces HTTPS and uses secure form submission endpoints, but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is provided. The site does not appear to use analytics or tracking services, suggesting minimal user tracking. Overall, the security posture is adequate but could be improved with additional headers and compliance documentation. The website content is safe for general audiences with no adult or questionable content detected. Navigation and design quality are good, providing a professional user experience. Contact options are limited to forms without direct email or phone contacts. The WHOIS data is minimal but consistent with a legitimate domain registration. No WAF or blocking mechanisms were detected, allowing full content access for analysis.

U

Unoenergy S.p.a.

unoenergy.it

73

Unoenergy S.p.a. is a well-established Italian energy provider with over 20 years of experience, offering electricity, gas, photovoltaic systems, and electric mobility solutions primarily targeting residential customers, condominiums, and businesses in Italy. The company positions itself as a leading private operator in the Italian energy market, emphasizing professionalism, customer proximity, and environmental commitment. The website reflects a mature digital presence with comprehensive product offerings and clear branding. Technically, the site uses modern web technologies including JavaScript frameworks, Google Tag Manager, and Cookiebot for consent management, and is optimized for mobile and SEO. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security policies and incident response information is noted. Overall, the site is professional, trustworthy, and compliant with basic privacy requirements, though improvements in transparency and security documentation are recommended.

A

Aktionsbündnis gegen Bildungs- und Studiengebühren

abs-bund.de

50

Aktionsbündnis gegen Bildungs- und Studiengebühren is a German non-profit advocacy organization focused on abolishing tuition fees for international and second-time students in Baden-Württemberg. The website serves as a platform for publishing position papers, press releases, and petitions to influence education policy. The organization targets students, policymakers, and activists interested in education equity. Technically, the site is built on WordPress using the Courage theme, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and content-rich, supporting its advocacy mission effectively.

I

Ideo Force Sp. z o.o.

ideoforce.pl

60

Ideo Force Sp. z o.o. is a Polish digital marketing and e-commerce agency focused on helping brands succeed online through services such as SEO, content marketing, social media, and analytics. The company targets businesses seeking to enhance their online presence and sales performance. The website demonstrates a professional digital presence with modern marketing tools and a cookie consent mechanism compliant with GDPR requirements. Technically, the site uses Google Tag Manager, Cookiebot, and Google Analytics, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and consent-based tracking, though security headers and explicit security policies are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for small businesses. Overall, the website is well-structured, trustworthy, and compliant with privacy norms, though improvements in transparency and security documentation are recommended.

D

Degrowth.info | degrowth.info

degrowth.info

50

Degrowth.info is a niche advocacy and informational platform focused on critiquing global capitalism and promoting social and ecological well-being through the degrowth movement. It serves activists, researchers, and the general public interested in environmental justice and systemic change. The website offers a rich library of articles, blog posts, event information, and community engagement tools. Technically, the site uses modern JavaScript frameworks and Matomo analytics, with good mobile optimization and clear navigation, though some accessibility features could be improved. Security posture is moderate with HTTPS and CSRF protections but lacks visible security headers and published privacy or cookie policies, which impacts compliance. Overall, the site is professional and trustworthy with a moderate risk profile due to limited transparency in WHOIS data and privacy policy absence.

Ulmer Weihnachtscircus is a small regional event organizer specializing in an annual Christmas circus show in Ulm, Germany. The website provides detailed information about the event schedule, ticket sales, and partners, targeting families and local visitors. The business has a solid regional presence with longstanding tradition and partnerships with local media and sponsors. Technically, the website uses outdated technologies such as jQuery 1.2.3 and Flash, lacks HTTPS enforcement, and does not implement modern privacy or security standards. Security posture is weak due to missing HTTPS, lack of security headers, and use of deprecated libraries. Privacy compliance is minimal with no cookie consent or GDPR indicators. Overall, the site is functional but requires modernization and security improvements to meet current standards.

The website kulturnacht-ulm.de serves as the official portal for the Kulturnacht Ulm/Neu-Ulm 2025 cultural event, providing visitors with information about the event's schedule, partners, and participation opportunities. The site targets a broad audience including families and culture enthusiasts in the Ulm and Neu-Ulm region. The business model centers on event organization and cultural promotion, positioning itself as a regional cultural event organizer. Technically, the site uses traditional web technologies including JavaScript and CSS with custom scripts for image galleries and UI elements. The site lacks modern CMS or frameworks and shows basic mobile and accessibility support. Security posture is limited with no detected security headers or cookie consent mechanisms, and no explicit contact or incident response information is available on the main page. The domain's WHOIS data and name servers indicate local institutional hosting, supporting legitimacy. Overall, the site is functional and content-rich but would benefit from enhanced security and privacy compliance measures.

D

Deutsches Musikinformationszentrum (miz)

miz.org

70

The Deutsches Musikinformationszentrum (miz) is a well-established non-profit organization serving as the central information hub for music life in Germany. Founded in 1998, it offers comprehensive resources including news, studies, thematic portals, and event calendars targeted at music professionals, institutions, and enthusiasts. The website is professionally designed with excellent content quality and clear navigation, supporting a broad audience interested in the German music scene. Technically, the site is built on Drupal 10, hosted via Cloudpit, and employs modern web technologies including Matomo for analytics and a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Privacy compliance is strong, with clear cookie policies and user consent management. Contact information is primarily via contact forms and social media channels, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates a mature digital presence with a trustworthy reputation in its sector.

I

ITV.SH

itvsh.de

65

ITV.SH is a regional government partner focused on the digital transformation of municipal administrations in Schleswig-Holstein, Germany. The website presents a comprehensive portfolio of digital services including citizen portals, digital archiving, and cloud solutions tailored for public sector needs. The organization positions itself as a key enabler of end-to-end digitalization in local government processes. Technically, the site is built on TYPO3 CMS, leveraging privacy-conscious Matomo analytics with cookies disabled, indicating a mature approach to user privacy. The site is well-structured, mobile-optimized, and uses modern web technologies, although some security best practices such as explicit security headers and cookie consent mechanisms are missing. The WHOIS data aligns with the hosting provider and regional focus, supporting legitimacy. Overall, ITV.SH demonstrates a solid digital presence with room for improvement in security and privacy compliance to enhance trust and regulatory adherence.

D

Deutschland – Land der Ideen

land-der-ideen.de

45

Deutschland – Land der Ideen is a German non-profit initiative focused on promoting innovation and good ideas across the country. The organization supports innovators, educators, and business leaders by organizing competitions, networking events, and conferences to foster a culture of innovation. Their market position is well established as a national platform for innovation promotion with a medium-sized operational scale. Technically, the website uses modern web technologies including JavaScript, CSS, and HTML5, with privacy-respecting Matomo analytics. The site is well optimized for mobile and accessibility, with good SEO practices and a professional design. The platform appears to be custom-built or uses a proprietary CMS. From a security perspective, the site enforces HTTPS and uses secure login forms. While some security headers are not explicitly confirmed, the site follows best practices such as cookie consent and no exposed sensitive data. However, there is no public security policy or incident response contact, and no vulnerability disclosure mechanism is present. Overall, the website is trustworthy, professional, and compliant with GDPR. The lack of detailed WHOIS registrant data slightly reduces domain trust but does not raise significant concerns. Strategic improvements in security transparency and header implementation are recommended to enhance security posture further.

E

El Tiempo

eltiempo.es

69

El Tiempo is a prominent weather forecasting website primarily serving Spain and international users with detailed meteorological data and forecasts for over 200,000 cities. The site operates on an advertising-supported model, leveraging multiple ad networks and tracking technologies while implementing consent management via the Didomi SDK. The technical infrastructure includes modern JavaScript frameworks, CDN hosting, and integration with analytics and marketing tools, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding security headers and publishing explicit privacy and security policies. Overall, the website is professional, trustworthy, and well-positioned in the media sector for weather information.

F

FH Münster

fh-muenster.de

64

FH Münster is a prominent university of applied sciences in Germany, offering a wide range of bachelor, master, dual study, and continuing education programs. It is recognized for its strong emphasis on applied research, innovation, and quality culture. The institution targets students, researchers, and professional learners, positioning itself as a leading educational provider in the region. The website reflects a professional and comprehensive digital presence, supporting its educational mission effectively. Technically, the site uses modern JavaScript modules, CSS, and enforces security policies such as Content-Security-Policy and HTTPS, hosted on DFN infrastructure. The site is mobile-optimized and accessible, with clear navigation and rich content. Security posture is strong with no visible vulnerabilities, though it lacks some compliance features like a cookie consent mechanism and published incident response policies. Overall, FH Münster demonstrates a mature digital and security posture appropriate for a large educational institution.

D

Domain Protection Services, Inc.

kultiq.ai

62

KultIQ.ai is a Hungarian language AI-driven platform specializing in intelligent search and analysis of cultural databases, including documents, spreadsheets, and archives. The business targets cultural institutions and researchers requiring advanced AI tools for data integration and contextual text analysis. The company appears to be a small technology startup founded in 2025, leveraging modern web technologies such as JavaScript ES modules and WebP images for a responsive and visually appealing user experience. The website is well-structured and optimized for SEO, though it lacks explicit privacy and cookie policies, as well as contact information, which limits user trust and compliance visibility. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers, indicating room for improvement in domain and web security configurations. Overall, the site is safe with no adult or questionable content detected.

The domain agonyshark.com currently serves a 404 Not Found error page with embedded information describing services provided by Admiral, a company specializing in copyright access control and privacy consent management for digital publishers. The site lacks any actual business content, contact information, or interactive features, indicating it is either inactive or used solely as a service endpoint. The technical infrastructure is minimal, hosted on Google Cloud Platform with AWS DNS servers, and uses HTTPS with frequent certificate rotation. Security practices are described as industry standard, with no executable files hosted and continuous scanning in place. However, the absence of DNSSEC and security headers reduces the overall security posture. The domain registration is recent but consistent with a service domain, registered via NameCheap, Inc. Overall, the site is safe but lacks substantive content and business credibility, resulting in a low AI score and limited insights.

M

Meta

oculus.com

62

The website www.meta.com/quest is a part of Meta Platforms, Inc., focusing on their Meta Quest virtual reality products. However, the content is fully gated behind a login wall requiring a Meta account, preventing access to substantive content without authentication. The site uses advanced React-based frameworks and Facebook's internal technologies, indicating a modern technical infrastructure. Security posture and privacy compliance cannot be fully assessed due to lack of accessible content and missing WHOIS data. The domain is legitimate but WHOIS transparency is limited, likely due to corporate privacy policies. Overall, the site is a secure, enterprise-grade platform but inaccessible for public analysis.

The Petrucci Music Library - Canada (PML-CA) is a specialized portal providing access to music scores stored on Canadian servers, targeting users in Canada and countries with similar copyright laws. It operates as a non-commercial digital library, distinct from but aligned in objectives with IMSLP. The website content is static and informational, with basic design and limited interactivity, focusing on delivering free access to music scores within legal boundaries. The portal links to related IMSLP resources and forums, enhancing its utility for music enthusiasts. Technically, the website uses simple HTML and CSS without modern frameworks or CMS detected. Hosting is provided by Project Leonardo Limited. The site lacks mobile optimization and advanced SEO or accessibility features, indicating a basic digital maturity level. No analytics, tracking, or advertising scripts are present, reflecting a privacy-conscious approach but also limiting insights into user engagement. From a security perspective, the site does not display security headers or evidence of HTTPS from the provided data, and DNSSEC is not enabled, which are areas for improvement. No forms or user input fields reduce attack surface, but the absence of published security policies or incident response contacts suggests limited formal security governance. WHOIS data shows a domain created in 2013 with privacy protection, consistent with the non-commercial nature and no suspicious patterns detected. Overall, the site is safe and trustworthy for its niche audience but would benefit from enhanced security practices, privacy compliance improvements, and technical modernization to improve user experience and resilience.

V

VRT

vrtmax.be

77

VRT MAX is the official online streaming platform of the Flemish public broadcaster VRT, offering free access to a wide range of TV programs, podcasts, and live radio streams. It serves a broad general audience in Belgium, providing high-quality media content with a strong brand presence and consistent user experience. The platform leverages modern web technologies such as React and optimized media delivery to ensure fast and accessible content consumption across devices. Security posture is solid with HTTPS enforced and a responsible disclosure policy in place, though some security headers could be enhanced. Privacy compliance is robust, with clear policies and consent mechanisms aligned with GDPR requirements. Overall, VRT MAX represents a mature, trustworthy media service with strong business credibility and technical implementation.

E

ELDAT EaS GmbH

eldat.de

45

ELDAT EaS GmbH is a German technology company specializing in the development and manufacturing of radio control systems, data radio, and microcontroller-based products. The company targets a professional audience interested in wireless communication and control technologies, maintaining a niche market position with a focus on product development and production. The website content is primarily in German with an English option, reflecting a global outreach. The company maintains an active presence with regular product updates and social media engagement on platforms such as Facebook, Instagram, and LinkedIn. Technically, the website is built with standard HTML and CSS, hosted on German-based servers (rzone.de). The site demonstrates moderate performance and basic mobile optimization but lacks advanced frameworks or CMS indications. SEO is basic but sufficient, with well-structured meta tags. No analytics or tracking scripts were detected, indicating minimal user tracking. From a security perspective, the site lacks visible HTTPS confirmation and security headers, which lowers its security posture. There is no published security policy or incident response contact, and no cookie consent mechanism is present, indicating gaps in GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns with the company's German location and business claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced security measures, GDPR compliance improvements, and transparency in security policies to strengthen its risk posture and user trust.

D

Dropp*d

droppd.com

73

Dropp*d operates as a niche e-commerce marketplace specializing in creator merchandise, offering product lines from influencers worldwide. The platform leverages Shopify's robust infrastructure to provide a seamless shopping experience targeting creators, influencers, and their audiences. The website demonstrates a consistent brand identity and professional design, supporting its market position as a premier creator merch marketplace. Technically, the site is built on Shopify, utilizing modern web technologies and optimized for performance and mobile responsiveness. Security is adequate with HTTPS enforced and standard Shopify protections, though explicit security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the business presents a trustworthy and functional online presence with room for enhanced security transparency and direct contact information.

C

Consisto GmbH

ratschings-jaufen.it

53

The website www.ratschings-jaufen.it serves as a professional digital portal for the Ratschings-Jaufen ski area in Italy, offering comprehensive information about winter sports, mountain cableways, and related tourism services. The site targets winter tourists, families, and nature enthusiasts, positioning itself as a regional leader with modern infrastructure and a variety of winter activities. The business model revolves around tourism and transportation services in the mountain region, supported by partnerships with ski schools and local tourism entities. Technically, the site is built on the Consisto CMS platform, utilizing modern JavaScript libraries and Google Analytics for tracking. The design is responsive and user-friendly, with good SEO and accessibility practices, although some improvements are possible. Security-wise, the site enforces HTTPS, includes standard security headers, and implements cookie consent mechanisms, but lacks explicit published security policies or incident response contacts. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

G

GSMA Training

gsmatraining.com

72

GSMA Training is an online educational platform specializing in telecommunications regulatory training, offering accredited courses certified by the United Kingdom Telecoms Academy (UKTA) and recognized for Continuing Professional Development (CPD). The website targets professionals and regulatory authorities in the mobile industry, providing free and paid online courses to address key industry challenges. The platform supports multilingual content, primarily English and French, enhancing accessibility for a broader audience. Technically, the site is built on WordPress with WPML for multilingual support and integrates modern marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site employs HTTPS and cookie consent mechanisms, reflecting a baseline commitment to security and privacy compliance.

E

EQS Group AG

bkms-system.ch

57

The BKMS System website, operated by EQS Group AG, provides a compliance and whistleblowing platform targeted at businesses requiring secure reporting solutions. The current website content is minimal due to ongoing maintenance, limiting the availability of detailed information. The business is positioned as a specialized technology provider in compliance software, with a medium-sized presence in Switzerland. Technically, the website uses basic HTML and CSS without advanced frameworks or CMS detected. The site lacks visible security headers, privacy policies, and contact information, which reduces its compliance and security posture. No analytics or tracking technologies are present, indicating minimal user tracking. From a security perspective, the site is accessible without WAF or blocking mechanisms, but it lacks important security best practices such as HTTPS enforcement visibility and security headers. The WHOIS data aligns well with the business identity, supporting legitimacy. Overall, the site scores moderately due to limited content and missing compliance documentation. Strategic recommendations include adding comprehensive privacy and cookie policies, improving security headers and HTTPS enforcement, providing clear contact and incident response information, and enhancing technical SEO and accessibility to improve user experience and trust.

J

JAKALA

jakala.com

51

JAKALA is a global data, AI, and experiences company focused on delivering impactful business solutions across multiple industries including consumer goods, financial services, automotive, public sector, and more. The company leverages strategy, technology, and activations to provide tailored, transformative solutions with data and AI at the core. The website demonstrates a professional digital presence built on HubSpot CMS, integrating modern technologies such as Swiper.js and Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall business credibility and content quality remain high. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving transparency around incident response and vulnerability disclosures.