Other security reports

S

SV Werder Bremen

werder.de

70

SV Werder Bremen operates a professional football club website providing fans and stakeholders with news, match schedules, ticketing, and media content. The site is built on a modern Nuxt.js framework with Tailwind CSS styling and integrates third-party services such as Cookiebot for consent management and Google Tag Manager for analytics. The website demonstrates good technical maturity with responsive design and accessibility considerations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. The domain registration aligns well with the business's German origin, supporting legitimacy. Overall, the site is professional, trustworthy, and well-positioned to serve its audience effectively.

P

Pixel-Puls Grafikdesign Werbemittel aus Herrenberg

pixel-puls.de

72

Pixel-Puls is a small German graphic design business based in Herrenberg, specializing in creative and professional graphic design services including logo creation, print media, wedding marketing, and web design. The website is built on WordPress using Elementor and Yoast SEO, indicating a modern and SEO-optimized infrastructure. The site is well-designed, mobile-optimized, and provides a clear navigation structure, although it lacks explicit privacy and terms of service pages. Security posture is adequate with HTTPS and GDPR cookie compliance, but could be improved by adding security headers and incident response information. Overall, the site is trustworthy and professional, serving local clients with a focus on quality and transparency.

M

Marketing Agentur Herrenberg im Kreis Böblingen

marketingwelt-lipp.de

61

Marketingwelt Lipp is a small, professional marketing agency based in Herrenberg, Germany, specializing in online marketing, web design, SEO, social media, graphic design, and consulting services. The company targets local businesses and startups, offering a full-service marketing approach with over 26 years of experience and a solid customer base. The website is built on WordPress using the Divi theme, integrating marketing tools like Matomo Analytics and Rank Math SEO plugin, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published privacy policies and security headers, indicating room for improvement in compliance and security best practices. Overall, the site is professional and trustworthy, but could enhance transparency and security to better align with GDPR and industry standards.

P

Pompes funèbres ANGELIS

pfa.fr

59

Pompes funèbres ANGELIS is a small, family-owned funeral services company based in Orléans, France, providing a range of services including funeral organization, cemetery marble works, pre-arranged funeral contracts, and repatriation abroad. The company emphasizes personalized service with a single point of contact and operates 24/7 to support families during difficult times. The website is built on the e-monsite CMS platform using Bootstrap 4 and includes modern web technologies such as jQuery and Google Analytics for tracking. The site is well-structured, mobile-optimized, and provides clear contact information and service descriptions. From a security perspective, the website uses HTTPS and implements a cookie consent mechanism compliant with GDPR. However, no advanced security headers or explicit security policies are detected, and WHOIS data for the domain is unavailable, which slightly reduces trustworthiness. There is no evidence of a vulnerability disclosure policy or security incident response contacts. Overall, the site presents a professional and trustworthy front for its business sector. The risk assessment indicates moderate security maturity with room for improvement in security headers, transparency, and WHOIS data availability. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility features. The website's content is safe for general audiences, with no adult or explicit material detected.

S

Schweizer Bäuerinnen & Bauern

schweizerbauern.ch

53

Schweizer Bäuerinnen & Bauern is a well-established Swiss agricultural organization focused on providing comprehensive information about Swiss farming, promoting local farm products, and engaging the community through stories, videos, and an online shop. The website targets Swiss consumers interested in agriculture and fresh farm products, offering tools such as a farm shop locator and seasonal calendar. Technically, the site is built on WordPress with modern plugins for SEO, multilingual support, and GDPR compliance, demonstrating a mature digital infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience.

The website www.bg-salenstein.ch is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. Due to this, no substantive business content, contact information, or policies are visible. The site appears to be protected by Cloudflare's WAF, which limits the ability to analyze its technical infrastructure or security posture in detail. The lack of visible content and metadata prevents assessment of the company's market position, services, or compliance status. The domain uses privacy protection in WHOIS, which is common for small or private entities but reduces transparency. Overall, the site is currently not analyzable beyond the WAF challenge, resulting in a low AI score and limited insights.

S

Digitale Themen- und Erlebniswege – smarTrails

smartrails.ch

64

The website smartrails.ch presents itself as a digital platform focused on thematic and experience trails, likely serving a niche market in Switzerland. The site uses modern web technologies such as Nuxt.js, Vue.js, and Tailwind CSS, indicating a contemporary technical infrastructure with good mobile optimization and user experience. However, the content is basic and lacks comprehensive business and contact information, which limits the depth of user engagement and trust signals. Security posture is weak due to the absence of security headers and explicit policies, and privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional and professionally designed but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

I

Robot Challenge Screen

iatfglobaloversight.org

39

The website iatfglobaloversight.org currently serves a robot challenge screen that blocks direct access to its content. This challenge uses a JavaScript-based proof-of-work CAPTCHA mechanism, likely implemented as a Web Application Firewall (WAF) or security measure to prevent automated access. Due to this, no substantive business or contact information is accessible on the page. The domain is registered since 2007 with a reputable registrar and shows no privacy protection, indicating legitimacy. However, the lack of accessible content limits the ability to assess the company's business model, services, or compliance policies. Technically, the site uses advanced JavaScript for the CAPTCHA and is hosted on SiteGround with Cloudfront CDN for assets. Security posture is moderate given the presence of a WAF challenge but lacks standard security headers and DNSSEC. Privacy compliance and business credibility cannot be confirmed due to lack of visible policies or contact data.

The website 'DIETÜR - Digitales Türentool' appears to be a digital door tool or configurator platform based on its title. However, the current accessible content is minimal, showing only a loading spinner and a JavaScript module, indicating the site may be under development or experiencing loading issues. There is no visible business description, contact information, or user-facing content to assess the business model or market position. Technically, the site uses modern JavaScript ES modules but lacks visible SEO, accessibility, or performance optimizations. Security posture is weak due to the absence of HTTPS confirmation, security headers, and privacy policies. Overall, the site presents a low trust profile with limited business credibility and compliance indicators.

E

Servicedomain - rapidmail

emailsys1b.net

54

The website at www.rapidmail.de/servicedomain/emailsys1b.net appears to be a service domain page related to rapidmail, a company likely operating in Germany. The page content is accessible without any WAF or security challenge blocking access. The site uses standard web technologies such as HTML5, CSS3, and JavaScript, with moderate mobile optimization and basic SEO features. However, the content is minimal and lacks critical compliance elements such as privacy policies, cookie consent mechanisms, and terms of service. No explicit contact information or security policies are present, which limits the ability to fully assess the business credibility and security posture. WHOIS data indicates professional DNS management with dnsmadeeasy.com name servers, consistent with legitimate business operations. Overall, the site demonstrates a basic level of technical implementation but requires significant improvements in privacy, security, and business transparency to enhance trust and compliance.

S

SPOT Werbung AG

spotbase.ch

61

SPOT Werbung AG operates SPOT.BASE, a design-driven coworking and meeting space hub located in St. Moritz, Switzerland. The business targets individuals and small teams seeking flexible workspace solutions without long-term commitments. Their services include various desk types, meeting rooms, workshop spaces, and executive offices, all bookable online with digital door access via Salto KS technology. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Next.js and DatoCMS, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no exposed sensitive data, though improvements are recommended in privacy compliance, such as implementing cookie consent and publishing security policies. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.

The Laboratory of Manuel Bürger is a small creative design studio specializing in visual identities, art direction, and design services based in Berlin and Paris. The website serves primarily as a portfolio showcasing the studio's work and design philosophy. The business appears niche and focused on cultural and social discourse through design. Technically, the website uses an older jQuery library and is hosted by IONOS SE with domain registration dating back to 2008, indicating a mature online presence. However, the site lacks modern security practices such as DNSSEC, security headers, and privacy or cookie policies, which limits its compliance and security posture. No contact information or forms are present, reducing direct engagement opportunities and trust signals. Overall, the site is functional and professionally designed but would benefit from enhanced security and compliance features.

The website viceversaartbooks.com is currently a parked domain with no active business content or services. It displays a simple landing page indicating the domain may be for sale, with no privacy policies, contact information, or business descriptions. The technical infrastructure is minimal, relying on basic JavaScript and external advertising scripts. There is no evidence of a CMS or modern web frameworks. Security posture is weak, with no HTTPS enforcement or security headers detected, and the WHOIS data contains a suspicious future creation date, reducing trustworthiness. Overall, the site lacks professionalism and business credibility, representing a low-risk but low-value digital asset.

M

Maison européenne de l’architecture - Rhin Supérieur - Europäische Architekturhaus Oberrhein

m-ea.eu

10

The Maison européenne de l’architecture (MEA) is a regional non-profit cultural institution dedicated to promoting architecture in the Upper Rhine region. It organizes events such as the 'Journées de l’architecture' festival and offers educational programs targeting architects, students, and the general public interested in architecture. The website is bilingual (French and German) and serves as an information hub for the association's activities and partnerships. Technically, the site is built on WordPress with a modern plugin stack including Yoast SEO, Contact Form 7, and Google reCAPTCHA, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and anti-bot measures on forms, but lacks advanced security headers and explicit incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-branded, serving its cultural mission effectively.

Sportschule Tennis Academy GmbH operates a specialized tennis training and facility business in Switzerland, targeting a broad audience from toddlers to seniors and from beginners to top athletes. The website presents core services including a tennis academy and indoor tennis halls with multiple courts and an indoor golf facility. The business is positioned as a local sports education and facility provider with a small company size and a focused service offering. Technically, the website is built on the Flectra CMS platform, utilizing modern web technologies such as Google Analytics and Google Tag Manager for user tracking. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Performance is moderate with no critical technical issues detected. However, the site lacks advanced security headers and explicit privacy or cookie policies. From a security perspective, HTTPS is enabled and CSRF tokens are present in scripts, indicating some security awareness. Nonetheless, the absence of security headers, privacy policies, and incident response contacts represents gaps in compliance and security maturity. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is functional and moderately professional but requires improvements in privacy compliance, security best practices, and contact transparency to enhance trust and regulatory adherence.

B

Blickwinkel AG

blickwinkel.lu

71

Blickwinkel AG is a marketing, design, and communication agency based in Luxembourg, offering pragmatic and creative solutions in branding, content creation, print, and online media. The website is professionally designed, targeting businesses seeking marketing services, and is presented primarily in German. The technical infrastructure includes modern JavaScript libraries such as three.js, jQuery, and Swiper, and the site is managed via CONTENS CMS. The website enforces HTTPS and includes a cookie consent mechanism compliant with GDPR, reflecting a good level of privacy compliance. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and registration details. No explicit contact emails or phone numbers were found in the provided content, which slightly impacts business credibility. Security posture is moderate with HTTPS enforced but lacks visible security headers in the provided data. Overall, the site is professional and trustworthy but would benefit from improved transparency in domain registration and contact information.

The website fordaq.com is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, including business descriptions, contact information, or policies. The domain is long-established, registered since 2000 with Gandi SAS, and uses IBM Cloud DNS servers, indicating a professional hosting environment. However, the lack of accessible content and security/privacy policies limits the ability to assess the company's market position or services. The technical infrastructure includes Cloudflare's WAF and captcha service, which enhances security but also blocks automated analysis. Overall, the security posture is partially observable but lacks visible security headers or policies on the accessible page. The website's privacy compliance and business credibility cannot be confirmed due to blocked content.

E

EUWID: Aktuelle Branchennachrichten • Märkte • Preistrends

euwid.de

60

EUWID is a German-based provider of current industry news, market information, and price trends, targeting professionals and market participants in various sectors. The website uses WordPress with the Divi theme and integrates Piwik analytics for user tracking. The content is well-structured, professionally designed, and optimized for mobile devices, providing a good user experience. However, the site lacks visible privacy and cookie policies, security headers, and explicit security or incident response policies, which are important for compliance and trust. WHOIS data is minimal but does not raise immediate concerns. Overall, the website is functional and credible but could improve its security posture and privacy compliance.

B

boden wand decke

boden-wand-decke.de

58

The website www.boden-wand-decke.de appears to be a German-language site focused on topics related to flooring, walls, and ceilings, likely in the home improvement or construction sector. The site uses WordPress CMS with common plugins such as Gravity Forms for form handling and Yoast SEO for search engine optimization. Usercentrics CMP is integrated for cookie consent management, indicating some attention to privacy compliance. The technical infrastructure includes Google reCAPTCHA for bot protection and multiple external analytics and advertising services, suggesting a moderate level of digital maturity. However, the site lacks visible privacy policy and terms of service pages, and no explicit contact information was found in the provided content, which may impact user trust and compliance. Security headers are not detected, and SSL configuration details are not available, indicating room for improvement in security posture. Overall, the site is accessible without WAF or security challenges, with basic content quality and moderate technical implementation.

The website gdholz-events.de is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. Due to this restriction, no business information, contact details, or policy documents are available for review. The domain is registered with two name servers, but WHOIS data is minimal and does not provide registrant details or domain age. The lack of accessible content and metadata prevents a thorough technical and security assessment. Consequently, the website's security posture cannot be confidently evaluated, and no evidence of compliance with privacy regulations such as GDPR is found. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a poor user experience and low trustworthiness.

L

La Sphères des Possibles

laspheredp.com

46

La Sphères des Possibles is a French event communication agency established in 1992, serving primarily the Auvergne Rhône-Alpes region. The company offers specialized event communication services and positions itself as a local, experienced player in the event management sector. Their website reflects a professional and consistent brand image with a focus on clear communication and client engagement through social media channels. Technically, the website is built on WordPress with Elementor and uses modern web technologies, ensuring good performance and mobile optimization. The presence of GDPR-compliant cookie consent mechanisms indicates attention to privacy regulations. Security posture is adequate with HTTPS enforced, but could be improved by enabling DNSSEC and adding security headers. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the company's history, supporting legitimacy. Overall, the website is professional, secure, and compliant with privacy standards, suitable for its business purpose.

The website novamatrix.de is a small, German-language blog focused on philosophy, branded as 'Mindblown: a blog about philosophy.' It operates on the WordPress platform using the default 'twentytwentythree' theme with minimal content and no evident business or commercial activity. The site lacks essential business contact information, privacy policies, and terms of service, indicating a personal or hobbyist nature rather than a commercial enterprise. Technically, the site uses modern web standards and is mobile-optimized with good accessibility features, but it lacks advanced SEO and security headers. HTTPS is enabled, providing a secure connection. Security posture is basic with no detected vulnerabilities but missing security best practices such as security headers and incident response information. Overall, the site is safe with no adult or questionable content detected.

B

Bayerische Mykologische Gesellschaft

pilze-bayern.de

63

The Bayerische Mykologische Gesellschaft (BMG e.V.) is a regional non-profit organization dedicated to the research and education of native mushrooms in Bavaria, Germany. Their website serves as an informational platform targeting mushroom enthusiasts, mycologists, and the general public interested in mycology. The organization focuses on mushroom consulting, research, and training mushroom consultants, positioning itself as a specialized entity within the regional scientific and educational community. Technically, the website is built on WordPress 6.8.3 using the Astra theme and several plugins including Yoast SEO and Smart Slider 3, indicating a modern and maintainable infrastructure. The site is mobile-optimized and employs SEO best practices, although some accessibility features are basic. Performance is moderate, with no major issues detected. From a security perspective, the site uses HTTPS and implements a GDPR-compliant cookie consent banner, but lacks explicit security headers and detailed privacy or security policies. No incident response or vulnerability disclosure information is present, which could be improved to enhance trust and compliance. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website is a well-structured, professional platform for a small non-profit organization with moderate security and privacy compliance. Strategic improvements in security headers, explicit privacy policies, and contact information would enhance its trustworthiness and compliance posture.

The website www.seetickets.com is currently inaccessible, presenting an Access Denied error page with no visible content or metadata. This prevents any meaningful analysis of the business, technical infrastructure, or security posture. The WHOIS lookup for the domain returned no registration data, indicating the domain may be unregistered, expired, or protected by privacy mechanisms that block WHOIS queries. Due to these factors, the website's legitimacy and operational status cannot be verified. The lack of accessible content and WHOIS data results in a very low trust and credibility score. From a technical perspective, the absence of accessible HTML content means no technologies, frameworks, or hosting details can be identified. The site appears to be blocked by a generic access control mechanism, possibly a firewall or server configuration, which severely limits any security or compliance evaluation. No security headers, SSL information, or privacy policies are available for review. Security posture assessment is not feasible given the lack of data. The domain's unregistered or inaccessible status is a critical risk indicator. Without contact information, privacy policies, or incident response details, the site does not meet basic compliance or trust standards. Overall, the site is currently non-operational or heavily restricted, and further investigation or direct contact with the domain owner or hosting provider is recommended. Strategic recommendations include resolving access issues to restore website availability, registering or updating domain WHOIS information, implementing standard security and privacy policies, and establishing clear contact and incident response channels to improve trust and compliance.

24 Stops is a cultural and artistic project focused on guided walks, events, and installations, supported by regional partners such as Fondation Beyeler and others. The website provides information about the project, event registration, and partner links, targeting a general audience interested in culture and art. The technical infrastructure includes common web technologies such as jQuery, Cookiebot for consent management, Google Tag Manager, and Vimeo for video content. The site is hosted behind AWS Cloudfront CDN, ensuring reasonable performance and availability. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is good with a visible privacy policy and cookie consent mechanism. Overall, the website is professionally presented with consistent branding and trustworthy partner associations, but could improve in technical security and contact transparency.

The website bestview.ch currently serves as a placeholder page indicating that the site is no longer available. It provides minimal content limited to a logo and a message in German stating the unavailability of the page along with a contact email address. There is no business description, no services listed, and no additional contact information such as phone numbers or physical addresses. The website uses basic HTML and CSS with Google Fonts for typography but lacks any advanced technical infrastructure or CMS. No analytics, tracking, or advertising technologies are detected. Security posture is weak due to absence of visible security headers and no confirmation of HTTPS usage. Privacy and cookie policies are missing, and no GDPR compliance indicators are present. The domain WHOIS data is privacy protected, limiting transparency about the registrant and domain age. Overall, the site appears inactive or abandoned with very limited business or security information available.

The website hibs-germany.com is currently inaccessible beyond a browser checking security challenge page, indicating the presence of a Web Application Firewall or similar security mechanism blocking direct content access. Due to this, no substantive business content, contact information, or policies are available for review. The domain is registered with BigRock Solutions Ltd in 2022 and is set to expire in 2026, suggesting a relatively new but legitimate registration. Technical infrastructure appears minimal with basic JavaScript challenge scripts and no advanced frameworks or CMS detected. Security posture is limited with no DNSSEC and no visible security headers, though HTTPS is presumably enabled given the domain status. Overall, the site lacks transparency and content, limiting trust and business credibility assessments.

M

Motionmill webdesign Antwerpen

motionmill.com

53

Motionmill is a well-established web and communication agency based in Antwerp, Belgium, specializing in WordPress web design, branding, marketing, storytelling, and business solutions. The company positions itself as a full-circle 360° marketing agency targeting businesses seeking growth through digital and offline channels. The website reflects a professional and consistent brand image with clear service offerings and a focus on client results. Technically, the site is built on WordPress with modern frameworks and performance optimizations, hosted by WPorters. Security posture is solid with HTTPS enforced and domain registration showing legitimacy and longevity. Privacy compliance is well implemented with cookie consent and GDPR-aligned policies. However, explicit security policies and incident response contacts are not publicly available, which could be improved. Overall, the site is trustworthy, user-friendly, and well-optimized for SEO and mobile devices.

P

Paycover

paycover.be

55

Paycover is a specialized social secretariat operating in various sectors including transport, logistics, hospitality, construction, food, cleaning, moving, garage, and metal industries. The company offers tailored services adapted to the complex regulations specific to these sectors, targeting businesses active in these professional fields primarily in Belgium. The website is professionally designed using the Squarespace platform, featuring good mobile optimization and SEO practices. However, it lacks explicit contact information and comprehensive privacy or terms of service policies. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. WHOIS data is restricted, which reduces transparency but is common for privacy protection. Overall, the website presents a legitimate small business with room for improvement in security and compliance documentation.

The website ad-delivery.net appears to be a minimalistic domain primarily serving static JavaScript files and tracking pixels related to advertising delivery, specifically using prebid.js technology. The domain is registered since 2017 with Cloudflare as the registrar and DNS provider, indicating a stable but anonymous setup with no public business identity or contact information. The site lacks any visible content such as privacy policies, cookie consent mechanisms, terms of service, or contact details, which limits its transparency and trustworthiness. Technically, the site hosts small JavaScript files and a tracking pixel, suggesting its role as an ad delivery or header bidding service. The hosting and DNS are managed by Cloudflare, but no security headers or HTTPS status were provided, raising concerns about security posture. The site does not implement any user-facing forms or data collection interfaces, and no analytics or marketing tools beyond basic ad scripts are detected. From a security perspective, the absence of HTTPS, security headers, and privacy compliance documents are significant weaknesses. The domain registration is consistent and not privacy protected, but the lack of business information and policies reduces credibility. No adult or questionable content is present, and the site is safe for general audiences. Overall, the site scores low on content quality, security, and privacy compliance, reflecting a basic technical setup focused solely on ad delivery functionality. Strategic recommendations include implementing HTTPS with valid SSL certificates, publishing privacy and cookie policies to comply with GDPR, adding contact and incident response information, and improving website content and structure to enhance trust and SEO. These steps would significantly improve the site's security posture, compliance, and business credibility.

D

dns-bait.com (2×2)

dns-bait.com

48

The website dns-bait.com presents minimal content, consisting solely of a single image on a dark background with no textual information, metadata, or interactive elements. The domain WHOIS data shows inconsistencies, including a future creation date and the registrant being a registrar entity rather than an end-user or business, which raises questions about the domain's legitimacy. No privacy, cookie, or terms of service policies are published, and no contact or security-related information is available on the site. Technically, the site lacks security headers, DNSSEC, and advanced configurations, and no analytics or advertising technologies are detected. Overall, the site appears to be either under development, placeholder, or potentially suspicious due to WHOIS anomalies.

The website at emr.ch is currently inaccessible, returning a 503 Service Temporarily Unavailable error with minimal HTML content. Due to this, no meaningful content, metadata, or business information can be extracted or analyzed. The lack of accessible content prevents assessment of the company's market position, services, or technical infrastructure. Security posture cannot be evaluated beyond noting the absence of visible HTTPS or security headers. The domain uses WHOIS privacy protection, limiting transparency about the registrant. Overall, the site appears inactive or under maintenance, resulting in a low trust and credibility rating.

R

Trouvez ou Publiez une randonnée Rapidement et Gratuitement ! | randopedestre.com

randopedestre.com

61

randopedestre.com is a niche French website dedicated to the dissemination and discovery of hiking events both in France and internationally. It provides a free platform for hiking event organizers to publish their events and for hikers to find upcoming hikes via a calendar, search tools, and an interactive map. The website is relatively new, launched in late 2023, and targets hiking enthusiasts and event organizers. Technically, it is built on WordPress using Bootstrap 5 and jQuery, with integrations including Google Maps API, Matomo analytics, and Google AdSense for monetization. SEO is well implemented with Yoast SEO plugin and structured data. Security posture is adequate with HTTPS and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism despite tracking and advertising. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is functional, professional, and trustworthy for its niche but could improve in security and privacy transparency.

C

calendrierdestrails.com

calendrierdestrails.com

63

calendrierdestrails.com is a specialized website launched in late 2023 that provides a comprehensive calendar and publication platform for trail running events primarily in France and abroad. It targets both trail runners looking for upcoming events and organizers wishing to publish their events quickly and for free. The site offers advanced search, regional and departmental categorization, and an interactive map to enhance user experience. Technically, the website is built on WordPress with modern technologies including Bootstrap 5, jQuery, Google Maps API, and uses Matomo for analytics and Google AdSense for monetization. The site is mobile-optimized and SEO-friendly with structured data implemented via JSON-LD. Security-wise, the site uses HTTPS with a clientTransferProhibited domain status but lacks DNSSEC and explicit security headers, which are recommended for improvement. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the website is functional, professional, and trustworthy but could enhance security and privacy features to improve compliance and user trust.

S

Sport equipements | Never too late to be in shape !

sport-equipements.fr

41

The website sport-equipements.fr is a French-language platform focused on sports equipment and fitness training content. It targets fitness enthusiasts and individuals interested in improving their physical health through exercise and proper equipment. The site leverages WordPress with Elementor and Yoast SEO plugins, indicating a modern and SEO-conscious technical infrastructure. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS enforced but lacking advanced security headers and explicit privacy or cookie policies. The absence of WHOIS data limits domain trust assessment, but the website content and design suggest a legitimate small business presence in the sports and fitness niche. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance.

Dieter Gölsdorf's website serves as a comprehensive personal and professional history archive focusing on guitar design and related music industry stories spanning from 1964 to the present. The site targets guitar enthusiasts and music professionals interested in the legacy and contributions of Dieter Gölsdorf, featuring detailed narratives, publications, and multimedia content. The business model appears to be centered on personal branding and historical documentation rather than direct commercial sales. Technically, the website employs a straightforward tech stack with jQuery and custom CSS, hosted on kasserver.com. The site is moderately optimized for performance and mobile use but lacks advanced CMS or modern frameworks. SEO and accessibility are basic but functional. No advanced analytics or tracking technologies are detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS but lacks visible security headers and cookie consent mechanisms, which lowers its security posture and privacy compliance. No contact information or incident response channels are provided, limiting user trust and support capabilities. The site content is safe and suitable for general audiences, with no adult or explicit material. Overall, the website is a well-maintained personal archive with good content quality and moderate technical implementation. Security and privacy compliance improvements are recommended to enhance trust and user protection.

The website schema.press currently presents a robot challenge screen that acts as a security gate, likely a WAF or anti-bot mechanism, preventing direct access to the actual site content. This challenge page uses a JavaScript-based proof-of-work CAPTCHA and instructs users to enable cookies, indicating a focus on mitigating automated access or abuse. Due to this blocking, no business-specific content, policies, or contact information are accessible for analysis. The site is hosted behind Amazon CloudFront CDN, leveraging cloud infrastructure for content delivery and security. From a technical perspective, the page employs modern JavaScript features such as Web Workers and cryptographic hashing to implement the CAPTCHA challenge. However, no SEO, accessibility, or privacy compliance features are present on this page, and no security headers or SSL configuration details are visible in the provided data. The lack of visible business or security policies and contact information limits the ability to assess compliance or trustworthiness. Security posture is moderate in terms of challenge implementation but lacks transparency and visible best practices such as security headers or incident response contacts. The blocking mechanism itself reduces risk from automated threats but also prevents legitimate users and analysts from accessing the site content. Overall, the site cannot be fully evaluated due to this access restriction. Strategically, the site owners should consider providing accessible policy pages and contact information post-challenge to improve trust and compliance. Enhancing security headers and SSL reporting would also strengthen the security posture. Until the challenge is bypassed or removed, the site remains partially inaccessible, limiting business and security assessments.

O

Orgelspiel zum Feierabend

orgelspielzumfeierabend.ch

50

Orgelspiel zum Feierabend is a small non-profit cultural organization based in Basel, Switzerland, dedicated to hosting weekly organ concerts since 1973. The website serves as an information portal for concert schedules, historical background, and donation opportunities. It targets classical music enthusiasts and local cultural audiences. The organization has a strong market position as a long-established cultural event with a loyal audience and partnerships with local institutions such as Swiss Radio SRF and organ builders. Technically, the website is built on Joomla CMS with a moderate modern tech stack including UIkit and jQuery. It is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS and CSRF tokens but lacks advanced security headers and cookie consent mechanisms, which are recommended for compliance and protection. Overall, the site is trustworthy and professional but could improve privacy compliance and security best practices.

A

Antikenmuseum Basel

antikenmuseumbasel.ch

43

Antikenmuseum Basel is a cultural institution focused on ancient civilizations, offering exhibitions, workshops, guided tours, and hospitality services such as a bistro and museum shop. The museum targets a broad audience including families, schools, and cultural visitors, positioning itself as a key museum in Basel with interactive and educational offerings. Technically, the website is built on the Neos CMS platform using PHP and the Flow framework, with modern front-end technologies and good mobile optimization. The site uses HTTPS and includes cookie consent mechanisms, but lacks explicit privacy and security policies. Security posture is solid with no visible vulnerabilities, though security headers are missing. Overall, the website is professional, trustworthy, and provides clear contact information and event details, supporting a positive user experience.

B

Badhuesli Kultur

badhues.li

61

Badhuesli Kultur is a small cultural venue and community space based in Basel, Switzerland, focusing on local and international music acts, dance, theater, and workshops. The website serves as a hub for the local music scene, offering rehearsal rooms and event hosting. The business model centers on cultural event facilitation and community engagement. Technically, the website is built on the Wix platform, utilizing standard Wix scripts and polyfills, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and some script-based security hardening, but lacks explicit security headers and formal privacy or cookie policies. Overall, the site is professional and trustworthy but could improve privacy compliance and contact transparency.

F

Fondation Beyeler

fondationbeyeler.ch

51

Fondation Beyeler is a well-established Swiss museum specializing in modern and contemporary art, located in Riehen/Basel. The institution offers a rich program of exhibitions, educational workshops, events, and a museum shop, targeting art enthusiasts, families, and educators. The website reflects a mature digital presence with multilingual support and comprehensive visitor information. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates various third-party services for analytics and marketing. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Museum Tinguely Basel

tinguely.ch

74

Museum Tinguely Basel is a cultural institution dedicated to the largest collection of kinetic works by Jean Tinguely. The museum offers a variety of services including exhibitions, events, guided tours, workshops, and digital multimedia content. It targets a broad audience including families, schools, and art enthusiasts, positioning itself as a leading museum in Basel, Switzerland. The website reflects a professional and well-structured digital presence with comprehensive event listings and visitor information. Technically, the site uses modern web technologies including JavaScript, CSS, Google Tag Manager, and Cookiebot for consent management, likely built on Adobe Experience Manager CMS. The site is mobile optimized, accessible, and SEO friendly. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and a formal security policy is absent. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professional, and well-maintained, supporting the museum's mission and visitor engagement.

F

FundCom AG

fundcom.ch

57

FundCom AG is a small, owner-managed marketing and fundraising agency based in Zurich, Switzerland, founded in 2018. The company specializes in marketing communication and fundraising consultancy, targeting non-profit organizations and institutions seeking effective communication and fundraising strategies. The website is professionally designed using WordPress with Elementor and optimized for performance with NitroPack, reflecting a modern digital infrastructure. The presence of structured data and social media links enhances their online credibility. Security posture is strong with HTTPS, security headers, and cookie consent via Cookiebot, although explicit privacy and terms of service policies are missing. Overall, the website and WHOIS data align well, indicating a legitimate and trustworthy business.

Ausstellungsraum Klingental operates as a cultural exhibition space in Switzerland, focusing on hosting art exhibitions and providing free consultations for cultural workers. The website presents a clear schedule of upcoming events and exhibitions, targeting artists, cultural professionals, and the general public interested in contemporary art. The business model appears to be non-profit or cultural institution-oriented, with a local/regional market position. Technically, the website is built using Vue.js with deferred JavaScript loading, indicating a modern frontend framework usage. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Hosting details and CMS are not explicitly identified. From a security perspective, the website lacks visible security headers, privacy policies, cookie consent mechanisms, and contact information for security or data protection concerns. No analytics or tracking scripts were detected, which reduces privacy risks but also indicates limited data-driven insights. The absence of HTTPS enforcement details and security best practices lowers the security posture. Overall, the website is functional and professionally designed for its cultural purpose but requires improvements in privacy compliance, security hardening, and contact transparency to enhance trust and regulatory adherence.

P

PARAT.cc GbR

parat.cc

51

PARAT.cc is a Munich-based design studio specializing in corporate design, branding, UI/UX, and campaign design primarily for cultural, political, and business sectors. The website showcases a professional portfolio with diverse projects including exhibitions, campaigns, and publications, indicating a niche market position focused on creative and cultural branding services. The business targets organizations seeking high-quality design and branding solutions with a strong emphasis on cultural relevance. Technically, the website employs a modern but lightweight tech stack including jQuery, Video.js, Masonry, and Matomo analytics, reflecting a custom-built platform rather than a common CMS. The site is mobile-optimized with good performance and basic accessibility features. SEO is basic but sufficient for the niche. Security posture is solid with HTTPS enforced and consent-based analytics tracking via Matomo. However, the site lacks advanced security headers and formal security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a trustworthy and professional image with low risk. Strategic recommendations include enhancing security headers, publishing a security policy and incident response contacts, and adding vulnerability disclosure information to improve transparency and trust.

The website media-kit.io currently presents no accessible content, with an empty HTML body and no metadata, scripts, or forms. The domain is registered through IONOS SE under 1&1 Internet Limited in Great Britain, but the domain creation date is set in the future (June 2025), which is inconsistent and likely erroneous. The site uses Cloudflare nameservers but lacks DNSSEC and security headers, indicating a basic security posture. There are no privacy, cookie, or terms of service policies, nor any contact information or social media links, which limits user trust and compliance with data protection regulations. Overall, the website appears to be either under development or abandoned, with minimal technical or business maturity.

E

Eurexpo Lyon | Lyon events

eurexpo.com

63

The website www.gl-lyonevents.com/fr/eurexpo-lyon serves as an informational platform focused on events at Eurexpo Lyon, a major event venue in Lyon, France. The site appears to target event organizers and attendees interested in Lyon-based events, providing venue details and event-related content. The business model centers on event promotion and support services, although explicit business details and company information are not disclosed on the site. Technically, the site is built on Drupal 10 CMS and integrates modern web technologies including YouTube APIs, lazy loading for images, Matomo analytics, and Google Tag Manager for tracking and marketing purposes. The site is mobile-optimized and includes accessibility features, contributing to a moderate user experience and performance level. Security-wise, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and published privacy or terms policies, which are important for compliance and trust. The WHOIS data for the domain is unavailable, raising concerns about domain legitimacy and transparency. Overall, the site is functional but would benefit from enhanced security practices, clearer business disclosures, and compliance documentation to improve trust and credibility.

P

proHolzBW GmbH

proholzbw.de

62

proHolzBW GmbH is a regional organization dedicated to promoting the use of wood in Baden-Württemberg, Germany. It serves a broad audience including forestry operators, construction clients, architects, and planners by providing information, consulting, and support services. The organization is well-positioned in its niche with strong backing from EU and regional funding bodies, as evidenced by displayed logos and certifications. The website reflects a professional and consistent brand image with clear navigation and relevant content focused on sustainability and wood industry promotion. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Analytics and Tag Manager for tracking. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with comprehensive policies and GDPR adherence. No direct contact emails or phone numbers are publicly listed, relying instead on contact forms and social media channels. Overall, the site is trustworthy, well-maintained, and serves its business purpose effectively.

S

Schweizer Milchproduzenten SMP Genossenschaft

swissmilk.ch

66

Swissmilk is the official online platform of the Schweizer Milchproduzenten SMP Genossenschaft, a Swiss dairy cooperative focused on promoting Swiss milk and milk products. The website serves as an online cookbook featuring seasonal recipes, kitchen tips, healthy nutrition information, and competitions, targeting a general audience interested in Swiss dairy products. The cooperative holds a strong market position within Switzerland as a trusted promoter of local dairy. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Cloudinary for media and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy, well-maintained, and serves its business purpose effectively.

F

firma.de

firma.de

65

firma.de is a German-based digital platform specializing in company formation and business services, targeting entrepreneurs and startups. The website offers a comprehensive suite of services including various legal forms of company formation, bookkeeping, payroll, tax consulting, and legal advice. With over 25,000 firm foundations supported, firma.de holds a strong market position as a trusted partner for business founders in Germany. The platform emphasizes ease of use, transparency, and expert support throughout the business lifecycle. Technically, the website leverages modern web technologies such as Google Tag Manager, Stripe for payments, and AWS Cloudfront for content delivery, ensuring fast and responsive user experience across devices. Security posture is good with HTTPS enforced and secure third-party integrations, though there is room for improvement in security headers and incident response transparency. Privacy compliance is partially addressed with a comprehensive GDPR privacy policy but lacks a cookie consent mechanism. Overall, firma.de presents a professional, trustworthy, and user-friendly platform with a solid business model and digital maturity.