Security Directory

O

OstWestfalenLippe GmbH

ostwestfalen-lippe.de

59

OstWestfalenLippe GmbH is a regional development agency focused on promoting the OstWestfalenLippe region in North Rhine-Westphalia, Germany. The organization supports sustainable transformation, economic growth, education, and cultural initiatives, positioning itself as a key regional stakeholder. The website reflects a mature digital presence built on TYPO3 CMS, with modern design and good mobile optimization. Security posture is solid with HTTPS and spam-protected emails, though some advanced security headers and cookie consent mechanisms are missing. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission.

The website wp-content.com is currently a parked domain primarily used for domain resale purposes. It displays a prominent domain sale banner linking to Afternic, a known domain marketplace. There is no active business content, no privacy or cookie policies, and no contact information provided. The technical infrastructure relies on basic HTML, CSS, JavaScript, and third-party ad/tracking scripts served via Cloudfront CDN. The site embeds an iframe from an unrelated domain, which may pose security risks. Security posture is weak with no visible HTTPS enforcement or security headers. Overall, the site lacks professionalism, trust indicators, and compliance with privacy regulations. The domain is privacy protected in WHOIS, consistent with domain resale practices but limiting transparency.

Indiegogo is a well-established crowdfunding platform that enables creators to launch and manage fundraising campaigns globally. The platform offers comprehensive services including campaign hosting, pledge management, and performance marketing. It targets creators and backers interested in innovative projects and has a strong market position as one of the leading crowdfunding platforms worldwide. The website is professionally designed with excellent content quality and clear navigation, optimized for mobile and desktop users alike. Technically, Indiegogo employs a modern technology stack including secure payment gateways (Adyen, Stripe, Apple Pay, Google Pay), advanced analytics (Google Analytics 4, Facebook Pixel, Microsoft Clarity), and robust error tracking (Rollbar). Security best practices are observed with HTTPS enforcement, security headers, and bot protection via reCaptcha. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant. Contact information is clearly provided, enhancing business credibility. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, Indiegogo demonstrates a mature digital infrastructure and a strong security posture, suitable for its large enterprise scale and global audience.

Indiegogo is a prominent global crowdfunding platform that enables creators to launch projects and manage pledges effectively. The platform targets both creators seeking funding and backers interested in supporting innovative projects. Indiegogo offers key services including crowdfunding campaign hosting, pledge management, and marketing services to help creators reach their audience. The website is professionally designed with consistent branding and clear navigation, reflecting its large enterprise status in the technology sector. From a technical perspective, Indiegogo employs a modern technology stack including JavaScript frameworks, payment integrations with Adyen, Stripe, Google Pay, and Apple Pay, and uses analytics tools such as Google Analytics 4, Facebook Pixel, and Microsoft Clarity. The site is optimized for performance and mobile responsiveness, ensuring a smooth user experience across devices. Security-wise, the platform enforces HTTPS, implements multiple security headers, and uses bot prevention mechanisms like reCAPTCHA. Payment processing is secured through trusted providers, and error tracking is managed via Rollbar. While explicit security policies and vulnerability disclosure pages are not found, the overall security posture is strong with no evident vulnerabilities. Overall, Indiegogo presents a trustworthy and professional online presence with comprehensive privacy and cookie policies, multiple contact channels, and a high level of technical and security maturity. The lack of WHOIS data is attributed to privacy protection, which is justified for this type of business. Strategic recommendations include publishing detailed security policies and vulnerability disclosure information to enhance transparency and trust.

K

Kloster Einsiedeln

wallfahrt-einsiedeln.ch

31

Kloster Einsiedeln operates as a prominent Benedictine abbey and the largest pilgrimage site in Switzerland, combining religious, cultural, and community services. The website effectively communicates its spiritual mission, pilgrimage offerings, and cultural events, targeting pilgrims, religious visitors, and cultural tourists. The institution holds a strong market position as a unique religious and cultural landmark in Switzerland. Technically, the website is built on TYPO3 CMS, a robust and mature content management system, with a modern tech stack including HTML5, CSS, and JavaScript. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some advanced security headers and a visible cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No critical vulnerabilities or security incidents were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and content quality, with minor improvements recommended in privacy compliance and security best practices to further strengthen its posture.

K

Kloster Einsiedeln

kloster-einsiedeln.ch

54

Kloster Einsiedeln is a historic Benedictine abbey and the most significant pilgrimage site in Switzerland, hosting around fifty monks. The website serves as a comprehensive portal for religious services, cultural events, educational activities, and visitor information. It targets pilgrims, religious followers, and cultural visitors, offering live-streamed services, an online shop, and detailed information about the abbey's history and community. Technically, the site is built on TYPO3 CMS with modern web technologies, providing good mobile optimization and accessibility. Security posture is solid with HTTPS enforced, but lacks some security headers and cookie consent mechanisms. The domain registration aligns well with the abbey's identity, indicating high legitimacy. Overall, the website is professional, trustworthy, and well-suited for its audience.

The website fcc.report is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge that blocks direct content access. This challenge page prevents extraction of meaningful business, contact, or policy information. The site appears to be protected by Cloudflare's security infrastructure, indicating a focus on mitigating automated threats. However, due to the lack of accessible content, no detailed business description, services, or market positioning can be determined. The technical infrastructure is limited to Cloudflare's security scripts and basic HTML/CSS, with no visible CMS or advanced frameworks. Security posture cannot be fully assessed beyond the presence of Cloudflare protection. Overall, the site is safe with no adult or explicit content detected, but the inability to access real content severely limits analysis and trust evaluation.

A

Allgemeine Unfallversicherungsanstalt (AUVA)

auva.at

67

The Allgemeine Unfallversicherungsanstalt (AUVA) is a key Austrian government institution providing accident insurance, prevention, treatment, rehabilitation, and financial compensation services. The website serves as the official portal for AUVA, targeting Austrian residents and workers who require accident-related social insurance services. The site is professionally designed, primarily in German, and uses modern web technologies including Vue.js and the Umbraco CMS platform. It demonstrates good digital maturity with mobile optimization, accessibility features, and SEO best practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit security policies and incident response contacts are not found in the provided content. WHOIS data confirms the domain's legitimacy and consistency with the institution's government affiliation. Overall, the website is trustworthy and serves its public service function effectively.

The website 'Sicher in meiner Region - Regio Protect UVT' is operated by the Deutscher Verkehrssicherheitsrat and focuses on providing regional traffic safety information and educational content about accident hotspots in Germany. It targets young drivers and the general public interested in traffic safety, offering interactive maps and videos for self-learning. The platform is positioned as a niche educational resource supported by reputable German traffic safety organizations. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, SVG for interactive maps, and Matomo for privacy-conscious analytics. The site is mobile optimized and provides a clear navigation structure, although accessibility features are basic. Performance is moderate with no major technical issues detected. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR. However, it lacks explicit security headers and formal security or incident response policies. No vulnerabilities or exposed sensitive data were found. The absence of a terms of service and vulnerability disclosure policy are areas for improvement. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its educational mission effectively. Strategic recommendations include enhancing security headers, publishing security policies, improving accessibility, and adding terms of service to strengthen compliance and user trust.

T

The Quality Assurance Agency for Higher Education

enhancementthemes.ac.uk

68

Enhancement Themes is a well-established educational program managed by The Quality Assurance Agency for Higher Education in Scotland, focusing on collaborative quality enhancement in higher education from 2003 to 2023. The website serves as an information hub for staff, students, and stakeholders, providing news, events, and resources related to educational improvement. The organization holds recognized certifications such as ISO 27001 and Cyber Essentials, reinforcing its commitment to security and quality standards. Technically, the site is built on the Sitefinity CMS platform, leveraging modern JavaScript libraries and Google Analytics for user insights. The design is professional, accessible, and mobile-optimized, ensuring a positive user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is robust with clear policies and cookie consent mechanisms. Overall, the website reflects a credible, trustworthy educational entity with a strong market position in the Scottish higher education sector.

The website daycpm.com currently serves as a minimal placeholder or expired domain landing page managed by Dynadot Inc. The site lacks substantive business content, contact information, or privacy and security policies. The domain was registered in 2022 and is managed without privacy protection, but the website content suggests it may be expired or parked, as indicated by the banner referencing an auction. Technically, the site uses basic JavaScript and loads scripts from third-party ad/tracking domains, but lacks HTTPS enforcement and security headers, which are critical for secure web presence. Overall, the security posture is weak, with no visible compliance or incident response information, and the site does not provide any business credibility signals.

W

Wallfahrtsbüro Kloster Einsiedeln

heiligesjahr.ch

35

The website heiligesjahr.ch serves as an informational portal for the Holy Year 2025 event at Einsiedeln, Switzerland, a significant Catholic pilgrimage site. It provides detailed religious content, event agendas, and invitations aimed at pilgrims and visitors interested in Catholic traditions. The site is operated by the Wallfahrtsbüro Kloster Einsiedeln, a small non-profit religious entity. Technically, the website uses legacy JavaScript libraries such as jQuery 1.3.2 and plugins like prettyPhoto and pngFix, indicating an older technology stack with moderate performance and basic mobile optimization. Security posture is moderate to low, with no visible HTTPS enforcement or modern security headers, and the use of outdated JavaScript libraries introduces potential vulnerabilities. Privacy compliance is minimal, lacking privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional and trustworthy for its niche audience but requires modernization and improved security and privacy practices.

D

Dedrone

dedrone.com

67

Dedrone is a leading provider of AI-driven counter-drone defense solutions, offering a comprehensive suite of products and services designed to protect airspace from unauthorized UAVs. As a part of Axon, Dedrone leverages advanced machine learning and multi-sensor integration to deliver highly accurate drone detection and mitigation capabilities. The company serves a broad range of sectors including government, military, airports, critical infrastructure, and enterprises, positioning itself as a global leader in airspace security technology. The website reflects a mature digital presence with professional design, clear navigation, and extensive content showcasing their technology and customer success stories. Technically, the site employs modern web frameworks, analytics, and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS, privacy policies, and secure forms, although explicit security headers and incident response information could be improved. Overall, Dedrone demonstrates a high level of business credibility and digital maturity, though the lack of WHOIS transparency slightly impacts domain trustworthiness.

Musterring International Josef Höner GmbH & Co. KG is a well-established German furniture brand with a history dating back to 1938. The company specializes in high-quality, innovative furniture designs that combine aesthetics and functionality, targeting discerning furniture buyers and home design enthusiasts. Their business model includes licensed retail partners and a strong emphasis on sustainability and customer service. The website reflects a mature digital presence with multi-language support and interactive tools such as a sofa configurator and dealer locator. Technically, the site is built on TYPO3 CMS and integrates modern JavaScript libraries and consent management tools, ensuring good performance, accessibility, and SEO optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response information are not publicly available. The absence of WHOIS data is a concern but does not detract significantly from the overall legitimacy given the professional website and business transparency. Strategic recommendations include publishing security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

O

OstWestfalenLippe GmbH

startklar-owl.de

60

OstWestfalenLippe GmbH operates a professional and well-structured website promoting the startklar Businessplan-Wettbewerb, a biennial business plan competition aimed at supporting startups and entrepreneurs in the Ostwestfalen-Lippe region of Germany. The competition offers workshops, mentoring, and prizes to foster innovation and regional economic development. The website is built on TYPO3 CMS, uses Matomo for analytics, and demonstrates good SEO and mobile optimization. Contact information is clearly provided with anti-spam measures. Security posture is adequate with HTTPS and obfuscated emails, though improvements in security headers and cookie consent mechanisms are recommended. The domain WHOIS data aligns with the website's regional and organizational claims, indicating legitimacy and consistency. Overall, the site reflects a credible, government-affiliated entity focused on regional startup support.

A

ARTe Kunstmessen GmbH

arte-kunstmesse.de

59

ARTe Kunstmessen GmbH is a small German company specializing in organizing contemporary and classical modern art fairs across multiple cities in Germany. Their website presents a professional and well-structured platform showcasing upcoming events, galleries, and artists, targeting art collectors and enthusiasts. The business model revolves around event organization and ticket sales, positioning them as a regional leader in art fair hosting. Technically, the website is built on WordPress using the Bricks builder theme, hosted by Raidboxes, and employs modern web technologies with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in GDPR compliance and security best practices. Overall, the domain registration and hosting details align well with the business claims, supporting legitimacy and trustworthiness.

T

Turn10

turn10.at

49

Turn10 is a specialized platform dedicated to apparatus gymnastics (Gerätturnen) primarily serving clubs and schools in Austria and Germany. The website provides news, training programs, event schedules, results, and contact information, positioning itself as a key resource within the regional gymnastics community. It maintains partnerships with several recognized sports organizations, enhancing its credibility and reach. The business model appears to be non-profit or association-based, focusing on education and community support rather than commercial sales, although a shop is available for gymnastics-related products. Technically, the website employs standard web technologies including HTML5, CSS, and JavaScript, with some use of external libraries such as iframe-resizer. The site is mobile-optimized and offers a clear navigation structure. Performance is moderate with no major technical issues detected. The absence of heavy analytics or tracking scripts suggests a privacy-conscious approach. However, no CMS or hosting provider details are evident from the content. From a security perspective, the site uses HTTPS and implements a cookie consent banner, indicating GDPR awareness. No advanced security headers or explicit security policies were found, and no incident response contacts are provided. The lack of visible vulnerabilities or exposed sensitive data is positive, but security posture could be improved by adding security headers and formal policies. Overall, the website is trustworthy and professional, with a high degree of content relevance and user experience quality. The lack of WHOIS data due to EURid privacy restrictions limits domain age and registrant verification, but the alignment of domain and content with known gymnastics organizations supports legitimacy. Strategic recommendations include enhancing security headers, publishing incident response information, and adding terms of service for legal completeness.

Teleboy.ch is a Swiss telecommunications service provider specializing in TV streaming and media content delivery. The website is currently inaccessible due to Cloudflare Web Application Firewall blocking access, displaying a 'You are Blocked' message. This prevents a full content and security analysis. The visible content is minimal, with only a contact email provided for support. The technical infrastructure includes Cloudflare services and JavaScript-based analytics. No privacy, cookie, or terms of service policies are present on the landing page, indicating potential compliance gaps. Security headers and SSL configuration details are not available from the provided data, limiting security posture assessment. Overall, the site shows consistent branding but lacks accessible content and transparency for users.

T

TVEpg.eu

tvepg.eu

64

TVEpg.eu is a specialized online media service providing comprehensive TV program guides primarily for Finland, with additional coverage of European and other countries' channels. The website offers multi-language support and detailed channel listings, targeting TV viewers seeking up-to-date program schedules. The business model appears to be advertising-supported, leveraging Google Adsense and social media presence to engage users. The site is hosted via GoDaddy.com, LLC and uses modern web technologies including Bootstrap, Google Fonts, and JavaScript libraries for enhanced user experience. The technical infrastructure supports mobile optimization and reasonable performance, although accessibility features are basic. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response information. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

S

SFS Group

sfs.com

71

SFS Group is a globally recognized supplier specializing in application-critical precision components, mechanical fastening systems, quality tools, and procurement solutions. The company targets industrial and manufacturing sectors, providing mission-critical products embedded in customer processes. Their market position is strong, with a worldwide footprint and a large operational scale. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored for B2B audiences. Technically, the site employs modern JavaScript libraries, Google Tag Manager for analytics, and Cookiebot for privacy compliance, indicating a commitment to data protection and user consent. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers could be improved. The absence of WHOIS data limits domain registration trust verification, but the overall site professionalism and active social media presence support legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

O

Ombud-PostCom

ombud-postcom.ch

64

Ombud-PostCom is a neutral arbitration service operating under the Swiss Federal Post Commission (PostCom) to resolve civil disputes related to postal services in Switzerland. The website serves as an official platform providing information, dispute submission forms, and annual reports in multiple languages (German, French, Italian, English), targeting both private and business customers within Switzerland. The business model is non-profit and government-affiliated, focusing on avoiding costly and lengthy court proceedings through mediation.

W

webEdition e.V.

webedition.org

47

webEdition e.V. operates the website www.webedition.org, offering an open source web application framework and content management system established since 2001. The platform targets developers, agencies, and content editors seeking scalable and flexible CMS solutions with full control over code. The business model is community-driven, supported by a partner network and licensing variants. The website is professionally designed, content-rich, and well-structured, primarily in German, reflecting a mature and active technology project. Technically, the site uses the webEdition CMS platform with PHP, MySQL, JavaScript, Bootstrap, and jQuery, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS and Content-Security-Policy headers, though some CSP directives allow 'unsafe-inline' scripts, which could be improved. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent modal, and GDPR adherence. However, WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the site demonstrates high professionalism and trustworthiness with minor areas for security enhancement.

DIABASS PRO 6 is a mature, GDPR-compliant diabetes data management software solution targeting medical practices and clinics primarily in Europe. The product emphasizes local data storage to ensure patient privacy and avoid cloud-related risks. The company mediaspects GmbH operates the website and provides comprehensive support and integration options, including telemedicine and AI-assisted data analysis. The website is professionally designed with detailed product information and device compatibility lists, supporting multiple languages and offering a free trial license. Technically, the site uses standard web technologies with moderate performance and good mobile optimization. Security practices focus on data privacy and encrypted telemedicine data transfer, though some modern security headers and cookie consent mechanisms are missing. The domain registration is consistent with the business claims, showing a long-standing presence in the healthcare software market. Overall, the website and business present a trustworthy and professional image with strong compliance to GDPR and data protection standards.

Contenthub is a specialized platform serving the Jubla scout community by providing content elements, blogs, and detailed instructions to assist in website management and migration. The platform targets scout group administrators and offers a niche service focused on content reuse and website support. Technically, the website is built on Neos CMS with modern web technologies, hosted likely behind Cloudflare, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. Overall, the site is professional, trustworthy, and safe for general audiences.

S

Sven Röhler

roehler.ch

26

The website roehler.ch serves as a personal and professional wiki and documentation platform managed by Sven Röhler, focusing on IT solutions and services primarily for small and medium enterprises (KMU) and private users in Switzerland. The site provides extensive technical content, guides, and links related to Linux, Windows, programming, and IT infrastructure. The market position is niche and local, with a focus on knowledge sharing and IT consultancy. Technically, the site is built on CMSimple 5.12 with standard web technologies including HTML5, CSS3, JavaScript, and jQuery. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic, with no HTTPS enforcement or security headers detected, and no published privacy or cookie policies, which are critical gaps. No contact information or incident response channels are provided, limiting user trust and compliance. Overall, the site is functional and content-rich but requires significant improvements in security, privacy compliance, and professional contact transparency to enhance trust and compliance.

C

CMSimple

cmsimple.org

44

CMSimple.org is the official website for CMSimple, an open source PHP-based content management system that uniquely operates without requiring a database. Founded in 2004 and based in Germany, CMSimple targets users seeking a lightweight, provider-independent CMS solution. The website offers extensive documentation, plugins, templates, and community support, positioning itself as a niche player in the CMS market. The business model revolves around open source distribution supplemented by partner services and sponsorships. Technically, the site uses PHP, JavaScript, and CSS with a focus on simplicity and responsiveness. The site is well-structured, mobile-optimized, and SEO-friendly, though it lacks some advanced accessibility features.

L

La Chiesa

lachiesa.it

54

LaChiesa.it is a niche Italian-language religious website focused on providing daily liturgical readings, a liturgical calendar, biblical search tools, and links to related Catholic resources. The site targets Catholic faithful and those interested in liturgy, offering informational content supported by donations. Technically, the site employs a variety of JavaScript libraries and ad networks, including Google Tag Manager, TheMoneytizer, and Criteo, with moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS enforced and consent management via Iubenda, but lacks explicit security headers and published security policies. Privacy compliance is basic, with no dedicated privacy or terms of service pages found. Overall, the site is legitimate and consistent with its religious informational purpose, though improvements in security and privacy transparency are recommended.

The website familiennamenbuch.ch is an academic and historical resource operated by the Stiftung Historisches Lexikon der Schweiz (HLS). It provides a searchable online database of Swiss family names and citizenship data from 1962, serving genealogists, historians, and researchers interested in Swiss heritage. The site is positioned as a trusted, authoritative reference with a non-commercial, educational mission. Technically, the site uses standard HTML, CSS, and JavaScript with Matomo analytics for visitor tracking. The design is basic but functional, with multilingual support and clear navigation. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy or cookie policies. No incident response or vulnerability disclosure information is published. Overall, the site is safe, trustworthy, and well-aligned with its academic purpose, though improvements in privacy compliance and security best practices are recommended.

The website e-lir.ch serves as an online historical lexicon focused on the Romansh-speaking region and the history of Graubünden, Switzerland. It provides access to approximately 3200 articles including biographies, geographic, thematic, and family history entries. The project is editorially completed as of 2012 and is linked to the official Swiss historical lexicon project (HLS/DHS). The target audience includes researchers, historians, and cultural enthusiasts interested in regional history and languages. The business model is non-commercial, likely supported by cultural or governmental institutions. Technically, the website is built with basic HTML, CSS, and JavaScript without modern CMS or frameworks. The site shows moderate performance but lacks mobile optimization and advanced accessibility features. SEO is basic with meta tags present but no structured data or Open Graph tags detected. No analytics or tracking technologies are used, indicating a privacy-respecting approach. From a security perspective, the site lacks visible security headers and explicit HTTPS confirmation in the content. Forms have basic JavaScript validation but no advanced security measures like CSRF tokens. No privacy or cookie policies are present, which is a compliance gap. Contact information is clearly provided, enhancing trust. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website is a trustworthy, niche cultural resource with good business credibility but basic technical and security implementations. Strategic improvements in security headers, HTTPS verification, and privacy compliance would enhance its posture and user trust.

S

Schwabe

schwabe.ch

61

Schwabe is an established Swiss academic publisher specializing in humanities and social sciences, offering a broad range of scholarly books, e-books, journals, and databases. The website targets academics, researchers, libraries, and authors, providing a professional platform for content discovery and purchase. The business model centers on publishing and distributing academic content with a focus on quality and scholarly relevance. The company maintains a consistent brand presence and good content quality, positioning itself as a reputable player in its niche market. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, and Algolia Search integrated within a Shopware CMS platform. The site is mobile-optimized with good SEO and basic accessibility features. Performance is moderate, with room for improvement in accessibility and loading speed. Privacy considerations are evident through cookie consent mechanisms and IP anonymization in analytics. From a security perspective, the site enforces HTTPS and includes standard security headers, reflecting a good security posture. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced trust and compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, Schwabe's website is professional, secure, and compliant with GDPR principles, though it could benefit from publishing more comprehensive security and legal policies. The risk level is low, with strategic recommendations focusing on improving transparency and accessibility to further strengthen user trust and regulatory compliance.

X

XWiki SAS

xwiki.com

73

XWiki SAS is a well-established technology company specializing in open source knowledge management and collaboration software. With over 20 years of experience, it offers a range of standard and custom solutions including cloud hosting, support, and consulting services. The company serves a broad business audience, including large enterprises such as Amazon and Lenovo, positioning itself as a trusted provider in the enterprise wiki and collaboration market. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site is built on the XWiki platform with modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, domain protection, and use of CAPTCHA, though explicit security policies and vulnerability disclosures are absent. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high business credibility and technical maturity with moderate user tracking for analytics and marketing purposes.

K

Knepper Gruppe

knepper-recycling.de

51

Knepper Gruppe is a well-established German family-run company with over 70 years of experience, specializing in demolition, earthworks, recycling, scrap metal processing, logistics, and food recycling. The company operates nationally and across Europe, emphasizing sustainable and innovative solutions. Their website reflects a professional and comprehensive digital presence, built on TYPO3 CMS, with modern technologies and good mobile optimization. Security practices include HTTPS enforcement, cookie consent management, and use of Google Tag Manager with consent mechanisms. No critical vulnerabilities or privacy issues were detected. However, the site lacks explicit incident response contacts and a security.txt file. Overall, Knepper Gruppe presents a trustworthy and credible business with a strong focus on sustainability and customer service.

Weidmüller is a well-established German company specializing in connection technology, automation, and digitalization solutions for industrial customers. The website reflects a mature digital presence with comprehensive product and solution offerings targeting B2B industrial sectors. The company maintains a strong market position with a focus on innovation and customer support. Technically, the website uses modern technologies including Google Tag Manager and OneTrust for consent management, hosted likely on infrastructure provided by Deutsche Telekom. Security posture is strong with HTTPS enforced and security headers present, although explicit security policies and incident response contacts are not published. Privacy compliance is robust with GDPR-aligned cookie consent mechanisms and a detailed privacy policy. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

S

Sievert

sievert.de

64

Sievert is a well-established company specializing in construction materials and logistics solutions, operating internationally with around 60 locations and over 1,600 employees. The website reflects a mature business with a strong focus on sustainability, customer support, and professional services. Technically, the site is built on the Neos CMS platform using the Flow PHP framework, indicating a modern and maintainable infrastructure. The website is well-optimized for SEO and mobile devices, with good content quality and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit security policies are missing. Overall, the site presents a trustworthy and professional digital presence aligned with the company's market position.

P

Phoenix Contact

phoenixcontact.com

70

Phoenix Contact is a leading enterprise specializing in industrial connection technology, automation, interface systems, and surge protection. The company targets industrial customers, manufacturers, and distributors primarily in Finland but also globally through its parent company Phoenix Contact GmbH & Co. KG. The website reflects a mature B2B business model with a strong market position as an innovator and market leader in its sector. Key services include product configurators, sample services, and customer-specific solutions, supporting a comprehensive industrial product portfolio. Technically, the website employs modern web technologies including JavaScript frameworks like Vue.js, Google Tag Manager for analytics, Dynatrace for performance monitoring, and Usercentrics for consent management. The site is hosted on a robust platform with Akamai CDN inferred, ensuring fast performance and excellent mobile optimization. The site is well-structured with good SEO and accessibility features, supporting a professional user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements multiple security headers. Consent management is properly integrated, supporting GDPR compliance. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data is not publicly accessible, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and trust signals. Overall, the website demonstrates a high level of professionalism, security, and compliance suitable for an enterprise in the industrial manufacturing sector. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance further.

O

OstWestfalenLippe GmbH

ostwestfalenlippe.de

58

OstWestfalenLippe GmbH is a regional development agency focused on promoting the OstWestfalenLippe region in North Rhine-Westphalia, Germany. The company supports sustainable transformation, workforce development, regional marketing, and innovation through various projects and events. The website is professionally designed, content-rich, and targets stakeholders including businesses, academia, government, and citizens of the region. Technically, the site uses TYPO3 CMS and Matomo analytics, indicating a modern and privacy-aware infrastructure. Security posture is good with HTTPS and spam-protected emails, though additional security headers and explicit policies could improve it. Overall, the website is trustworthy, well-maintained, and compliant with GDPR, though it lacks a cookie consent mechanism. Strategic recommendations include enhancing security headers, publishing security policies, and implementing cookie consent to improve compliance and trust.

Musterring International, operated by Josef Höner GmbH & Co. KG, is a well-established German furniture brand with a history dating back to 1938. The company focuses on high-quality, sustainable furniture products with a strong emphasis on design, functionality, and customer service. Their digital presence reflects a mature retail business with comprehensive product offerings, dealer support, and configurator tools to enhance customer experience. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and third-party tools for analytics, consent management, and accessibility. Security posture is strong with HTTPS enforcement and security headers, though there is room for improvement in publishing explicit security policies and incident response contacts. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional website content and business information. Strategic recommendations include enhancing transparency on security and privacy policies and ensuring WHOIS data availability for trust enhancement.

D

DFT – Dürkopp Fördertechnik

duerkopp.com

70

DFT – Dürkopp Fördertechnik is a German-based company specializing in intralogistics and conveyor technology solutions, targeting industries such as fashion, pharmaceutical wholesale, parcel logistics, and eCommerce fulfillment. The company offers a range of products including material handling systems, sorter systems, and software solutions for warehouse control and analytics. Their market position is that of an established medium-sized B2B provider with a global footprint and a focus on innovative, durable logistics solutions. The website content is professionally presented, with comprehensive product information and active news updates, reflecting a mature digital presence. Technically, the website is built on WordPress with modern SEO tools like Rank Math and uses Google Tag Manager for analytics and tracking, configured with privacy-conscious defaults. The site is mobile-optimized, accessible, and performs moderately well. Security best practices such as HTTPS and cookie consent mechanisms are implemented, though some security headers and explicit security policies are missing. From a security perspective, the site shows good baseline protections but lacks published incident response or vulnerability disclosure information. The absence of WHOIS registration data is a notable anomaly that reduces trustworthiness, although the website content and branding are consistent with a legitimate business. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy front for a specialized industrial technology provider, but the domain registration opacity warrants further verification. Strategic improvements in security transparency and WHOIS data clarity would enhance trust and compliance posture.

B

bonprix

bonprix.de

68

bonprix is a large European online retailer specializing in fashion, shoes, and home goods, targeting approximately 10 million customers in 2024. The company offers a broad product range including women's, men's, and children's clothing, accessories, and home textiles. The website is professionally designed with consistent branding and supports multiple European markets via hreflang tags. Technically, the site uses modern JavaScript, CSS, and integrates social media marketing tools such as Flowbox. Hosting is provided by Akamai, indicating a robust infrastructure. Security posture is moderate with HTTPS implied and CSRF tokens present, but lacks visible security headers and published security policies. Privacy compliance is limited as no explicit privacy or cookie policies were detected in the provided content. Overall, the site is accessible without WAF blocking and shows strong business credibility and technical maturity.

T

TMC Live GmbH

tmc-live.de

40

TMC Live GmbH is a German full-service event agency specializing in the conception, planning, and execution of B2B events including hybrid and digital formats. The company positions itself as a creative and reliable partner focused on sustainable and emotionally engaging event experiences. Their market presence is supported by a professional website showcasing extensive services, client testimonials, and references, indicating a solid reputation in the event management sector. Technically, the website uses modern frameworks such as Alpine.js and Swiper.js, is built on October CMS, and is hosted on agenturserver infrastructure. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not found. Overall, the website reflects a mature digital presence with strong business credibility and compliance with privacy regulations.

T

TMC GmbH

tmc-gmbh.de

38

TMC GmbH is a medium-sized marketing agency based in Germany, specializing in creating emotional brand experiences across digital and analog environments. The company operates multiple specialized agencies under its group, including Amplio®, TMC Brandwork, and TMC Live, offering services such as marketing consulting, brand development, event management, and video production. The website reflects a strong market position as the largest marketing agency in the Ostwestfalen-Lippe region, targeting businesses seeking comprehensive marketing solutions. Technically, the website is built on a modern stack including OctoberCMS, JavaScript libraries like jQuery and Vime.js for video playback, and integrates Google Tag Manager and CookieFirst for analytics and consent management. The site is mobile-optimized with good SEO practices and a professional design, providing a positive user experience. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and documented security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is consistent with a legitimate business domain, with no privacy protection or suspicious patterns. Overall, the website demonstrates a high level of professionalism, good security posture, and compliance with privacy regulations, making it a trustworthy digital presence for the company.

D

Direct-Volley : Nummer 1 Website für Online-Volleyball

direct-volley.de

60

Direct-Volley.de is a German e-commerce website specializing in volleyball equipment, including shoes, balls, clothing, protective gear, and club supplies. The site positions itself as the leading online volleyball shop in Germany, targeting volleyball players and enthusiasts. The business model is retail-focused, offering a wide range of branded products with a clear and structured navigation system. The website demonstrates a good level of digital maturity with a Magento-based platform and integration of modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and AWIN affiliate tracking. The site is mobile-optimized and provides a generally good user experience with clear product categorization and search functionality. Security posture is adequate with HTTPS enforced and consent management implemented, but lacks some security headers and explicit security policies. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service found in the provided content. Overall, the website is professional and trustworthy but could improve transparency and security practices to enhance user trust and compliance.

D

Direct-Volley

direct-volley.pt

58

Direct-Volley is a specialized e-commerce retailer focused on volleyball equipment and accessories, primarily serving the Portuguese market with multilingual support for other European countries. The website offers a wide range of products including shoes, clothing, balls, protections, and club equipment, positioning itself as the number one online volleyball store in its niche. The business model is retail e-commerce with emphasis on fast delivery and competitive pricing. Technically, the website is built on the OpenMage platform (a Magento fork), utilizing modern web technologies and integrating Google Analytics, Google Ads, and marketing automation tools. The site is mobile-optimized and provides a good user experience with clear navigation and product categorization. Security posture is solid with HTTPS enforcement and reCAPTCHA integration, but lacks some advanced security headers and publicly disclosed security policies. Privacy compliance is partially addressed with a cookie consent mechanism, but lacks explicit privacy and terms of service documentation. Overall, the website is professional and trustworthy, though improvements in transparency and security documentation are recommended.

T

TCR Store

tcrstore.com

60

TCR Store is a newly launched e-commerce website specializing in official racing merchandise, apparel, and collectibles related to TCR racing. The site targets racing enthusiasts and fans looking to purchase premium branded merchandise. The business operates on the Squarespace platform, leveraging its hosting and content management capabilities. The website demonstrates good design quality, mobile optimization, and clear navigation, providing a professional shopping experience. However, it lacks critical compliance documents such as privacy and cookie policies, and does not provide explicit contact information, which may impact user trust and regulatory compliance. Security posture is adequate with HTTPS and HSTS enabled, but DNSSEC is not configured, and additional security headers are missing. Overall, the site is functional and trustworthy for e-commerce but requires improvements in privacy compliance and security best practices.

G

Gesellschaft für Energie- und Gebäudemanagement Bonn mbH (EGM)

egm-bonn.de

61

Gesellschaft für Energie- und Gebäudemanagement Bonn mbH (EGM) is a regional energy service provider and subsidiary of Stadtwerke Bonn, specializing in sustainable energy solutions and contracting services for buildings in the Bonn/Rhein-Sieg area. Their offerings include planning, financing, construction, and operation of energy systems for residential, commercial, and public sector clients such as hospitals and schools. The website is built on TYPO3 CMS, featuring modern web technologies and good SEO and accessibility practices. Security posture is solid with HTTPS and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site reflects a professional and trustworthy business with clear contact channels and integration within a larger energy group.

B

Bonn-Netz GmbH

bonn-netz.de

64

Bonn-Netz GmbH operates as a regional energy network operator responsible for electricity and natural gas distribution within the Bonn city area. The company provides essential infrastructure services including network connections, metering, energy feed-in management, and supports electromobility infrastructure. Their website targets private households, businesses, installers, and market partners, offering comprehensive information and online portals to facilitate customer interactions. Technically, the website is built on TYPO3 CMS with Yoast SEO integration, hosted on a local provider indicated by the nameservers. The site is mobile-optimized, accessible, and employs modern web technologies. Cookie consent is implemented with user choice, and Google Analytics is used for moderate user tracking. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content, supporting legitimacy. Overall, the website presents a professional and trustworthy digital presence for a medium-sized utility company. Strategic improvements in security headers, incident response transparency, and legal completeness (terms of service) would enhance their security posture and compliance.

S

SWB Regional

swb-regional.de

63

SWB Regional is a regional public utility company specializing in modern and environmentally friendly drinking water supply services within the Eifel-Ahr region of Germany. It operates as part of the Stadtwerke Bonn group, serving approximately 30,000 customers and supporting local municipalities. The website provides comprehensive online customer services including contract management and information dissemination, targeting residential and commercial customers in the region. The company maintains a solid market position as a trusted regional utility provider with strong group affiliation.

S

Stadtwerke Bonn

swb-karriere.de

65

Stadtwerke Bonn operates as a regional public utility company in Germany, providing energy and transportation services. Their website, swb-karriere.de, serves as a comprehensive career portal targeting students, apprentices, professionals, and job seekers interested in joining the company. The portal offers detailed information on job openings, training programs, and employee testimonials, positioning the company as an attractive employer in the regional market. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and a cookie consent framework to ensure GDPR compliance. The site is mobile-optimized, accessible, and professionally designed, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though it lacks explicit security headers and a public security policy or incident response contact. Overall, the website demonstrates a strong security posture with room for improvement in transparency and security best practices. The domain registration data aligns well with the company's business claims, supporting legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and providing clear incident response contacts to further strengthen trust and compliance.

Z

Z-AG Engineering

z-ag.ch

71

Z-AG Engineering, represented by Oeschgen AG, specializes in thermal process engineering with a focus on steam systems including planning, construction, and service of steam plants and boilers. The company targets industrial clients requiring expert solutions in energy and steam generation. The website is professionally designed, multilingual, and employs modern web technologies such as service workers and cookie consent mechanisms, reflecting a moderate to advanced digital maturity. Security posture is strong with HTTPS, security headers, and privacy compliance via Cookiebot. However, the absence of explicit security policies, incident response contacts, and terms of service pages suggests areas for improvement. Overall, the website presents a trustworthy and professional image with a low risk profile.

S

SEPP'Manufaktur Südtirol

speckshoponline.com

70

SEPP'Manufaktur Südtirol operates an e-commerce platform specializing in traditional South Tyrolean Speck and related regional food products. The website is built on the Shopify platform, leveraging modern e-commerce technologies and marketing tools to reach German-speaking consumers interested in specialty cured meats. The business appears to be a small-sized niche retailer founded in 2020, with a consistent brand presence and a focused product offering. Technically, the site uses Shopify's Modular theme and integrates multiple analytics and marketing scripts, including Google Tag Manager, Microsoft Clarity, and Recharge for subscription management. While the site is performant and mobile-optimized, it lacks visible privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate with HTTPS enforced but missing key security headers and DNSSEC. No WAF or blocking mechanisms are detected, indicating full accessibility. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening.