High-risk security reports

I

Interaction

interaction-suisse.ch

46

Interaction is a Swiss non-profit umbrella association for Christian development organizations. It coordinates programs, supports projects, and fosters learning and advocacy among its members. The website is professionally designed using WordPress and Elementor, with good mobile optimization and clear navigation. Social media presence on Facebook and LinkedIn supports community engagement. Technically, the site uses modern plugins and enforces HTTPS, but lacks some security headers and privacy compliance features such as a privacy policy and cookie consent. No direct company contact emails or phone numbers are publicly visible, but contact forms and social media channels are available. Overall, the site reflects a credible and established organization with room for improvement in privacy and security practices.

Z

Zimmer MedizinSysteme GmbH

zimmer.de

48

Zimmer MedizinSysteme GmbH is a well-established German medical technology company with over 50 years of experience, specializing in physical therapy, diagnostics, and aesthetic medical devices. The company serves healthcare professionals worldwide, offering innovative products such as therapy devices, diagnostic systems, and cryotherapy solutions. Their market position is strong, supported by a professional website, active participation in industry events, and partnerships with educational institutions. Technically, the website is built on WordPress with modern JavaScript libraries and includes consent management for GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

P

Praxis am Landhaus Flottbek

praxisamlandhaus.de

48

Praxis am Landhaus Flottbek is a specialized physiotherapy practice located in Hamburg, Germany, with a history dating back to 2001. The business focuses on musculoskeletal treatment, rehabilitation, and training services, targeting patients in the Hamburg Elbvororte region. The website reflects a professional healthcare service provider with a clear market position as a local trusted physiotherapy provider. Technically, the site is built on WordPress using Elementor, integrating modern tools such as hCaptcha for form security and Borlabs Cookie for GDPR-compliant cookie management. The presence of Google Analytics and external media embeds is managed with user consent, indicating a mature digital infrastructure. Security posture is good with HTTPS enabled and some best practices observed, though additional security headers could enhance protection. Overall, the website is well-designed, accessible, and trustworthy, with comprehensive privacy and cookie policies. No critical vulnerabilities or suspicious elements were detected, and the domain registration data aligns well with the business claims, supporting legitimacy.

F

FitGutSchein.de CTM Gesundheitsservice GmbH

fitgutschein.de

45

FitGutSchein.de CTM Gesundheitsservice GmbH operates a specialized health promotion voucher platform aimed at improving employer branding and employee health in Germany. The company connects employers, employees, and health service providers through a cooperative network offering flexible, tax-advantaged health services. The website is professionally designed using WordPress with modern SEO and caching technologies, providing a good user experience and clear navigation. Contact information and social media presence are transparent and accessible. Security posture is solid with HTTPS and privacy compliance, though explicit security policies and incident response details are absent. Overall, the site is legitimate, well-maintained, and focused on its niche market.

R

Rent.Group

rent.group

48

Rent.Group is a large European company specializing in the rental and facilitation of temporary ownership and circular use of furniture and equipment for events, trade fairs, and offices. They position themselves as a leader in the circular and sharing economy with a strong network of 30 locations and over 6 million items. Their website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries and frameworks such as Bootstrap, jQuery, and GSAP, and integrates analytics and tracking tools like Microsoft Clarity and Metricool. Security-wise, the site enforces HTTPS, uses Google reCAPTCHA on forms, and implements cookie consent mechanisms, though it lacks explicit security policies and some security headers. Overall, the site is trustworthy and well-maintained with no signs of blocking or WAF interference.

Y

Yonex Snowboard

yonex-snowboard.com

49

Yonex Snowboard operates an e-commerce website focused on selling premium Yonex snowboards and related accessories primarily targeting customers in the European Union. The site positions itself as the official distributor for the EU, offering a multilingual shopping experience with categories including snowboards, shoes, and bindings. The technical infrastructure leverages modern web technologies such as service workers for PWA capabilities and integrates Snipcart for e-commerce functionality. Google Tag Manager is used for analytics and tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and privacy policies are missing. The absence of WHOIS data reduces domain trustworthiness, but the website content and functionality appear legitimate and professional. Overall, the site provides a good user experience with clear navigation and responsive design.

The website onxmedia.de currently serves only a 404 error page, indicating that the site content is inaccessible or not deployed. There is no metadata, structured data, or business information available to analyze. The domain is active and uses name servers from Hetzner, a reputable hosting provider, but no registrant details are provided to verify ownership or legitimacy. Due to the lack of content, no insights into the company's business model, services, or market position can be derived. Technically, the site lacks HTTPS information, security headers, and any modern web technologies, indicating a minimal or non-existent digital presence. Security posture is weak due to the absence of standard protections and policies. Overall, the site presents a high risk of being incomplete or abandoned, and no trust or compliance indicators are present.

The website tennisworlditalia.com is currently inaccessible due to a Cloudflare robot challenge security page that blocks direct access to its content. This challenge page is designed to mitigate automated bot traffic and protect the site from abuse. As a result, no meaningful business, contact, or policy information is available for analysis. The domain is registered since 2010 with a reputable registrar and uses Cloudflare DNS services, indicating a legitimate and established domain. However, the lack of accessible content and absence of privacy or cookie policies limits the ability to assess compliance and business credibility. The technical infrastructure includes advanced JavaScript-based bot mitigation techniques, but no further details on CMS, frameworks, or hosting beyond Cloudflare are available. Security posture cannot be fully evaluated due to the blocked content, but the presence of a WAF challenge indicates some level of security awareness.

S

Stadt Pforzheim

pforzheimer-winterwelt.de

32

The website www.pforzheimer-winterwelt.de represents the Pforzheimer Winterwelt, a seasonal winter event organized by the city of Pforzheim, Germany. It offers winter sports activities such as ice skating and stockschießen, alongside culinary and entertainment experiences. The site targets local residents and visitors of all ages interested in winter leisure activities. The business model is event-driven, focusing on community engagement and tourism promotion. The website is well-branded with consistent messaging and partner endorsements, reflecting a strong local government affiliation. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including jQuery and Matomo for privacy-conscious analytics. Hosting is provided by BelWü, a regional German hosting provider, ensuring local infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a clear navigation structure and good content quality. Cookie consent is managed via Klaro, supporting GDPR compliance. From a security perspective, the site enforces HTTPS and disables cookies in Matomo tracking by default, demonstrating good privacy practices. However, explicit security headers and incident response policies are not published, representing areas for improvement. No vulnerabilities or suspicious patterns were detected. The WHOIS data aligns with the website's local government nature and event timeline, supporting legitimacy. Overall, the website presents a trustworthy, professional, and user-friendly platform for promoting the Pforzheimer Winterwelt event. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding contact information to improve transparency and user trust.

T

Tennisplaza

tennisplaza.be

49

Tennisplaza is a well-established Belgian media website focused on delivering tennis news, live streaming information, and expert analysis to tennis enthusiasts primarily in Belgium. Founded in 2011, it serves as a comprehensive source for tennis fans with regularly updated content and active social media engagement. The website leverages WordPress CMS with Elementor and Jet plugins, supported by Google Analytics, Microsoft Clarity, and other marketing tools to optimize user experience and track engagement. While the site is technically sound with HTTPS and modern web technologies, it lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is adequate with SSL but could be improved by adding security headers and incident response information. Overall, Tennisplaza presents a professional and trustworthy platform for tennis news but should enhance its privacy and security disclosures to align with best practices.

The website gdpr.es currently serves only a 404 error page indicating that the requested page was not found. There is no accessible business content, privacy policies, or contact information available on the site. The site uses Bulma CSS framework for styling but lacks substantive content or navigation. Due to the absence of meaningful content, the website's market position, business model, and services cannot be determined. Technically, the site loads minimal resources from external CDNs but lacks visible security headers or SSL configuration details. The security posture is weak given the lack of policies and security best practices. Overall, the site is not suitable for analysis as a business or compliance resource in its current state.

The website fintechbreakthrough.com is currently inaccessible due to a Cloudflare robot challenge page, which acts as a security and bot mitigation mechanism. This prevents access to the actual website content, resulting in a lack of visible business information, policies, or contact details. The domain is registered through GoDaddy and uses Cloudflare DNS services, indicating a legitimate and stable registration. However, the absence of accessible content limits the ability to fully assess the business model, services, or compliance posture. The technical infrastructure includes modern JavaScript features and Web Workers for captcha processing, but no CMS or frameworks are identifiable from the blocked content. Security posture cannot be fully evaluated due to lack of data, but the presence of a WAF challenge suggests some level of protection. Overall, the site is currently not usable for end users without passing the challenge, and no privacy or cookie policies are detectable.

C

Conferenza dei vescovi svizzeri

ivescovi.ch

43

The website www.ivescovi.ch serves as the official online presence of the Swiss Bishops' Conference, a key religious and governmental entity representing the Catholic Church in Switzerland. It provides comprehensive information about the bishops, church history, committees, official documents, and news updates relevant to the Catholic community and the general public interested in religious affairs. The site targets primarily Italian-speaking users but offers links to German and French versions, reflecting Switzerland's multilingual context. The business model is non-profit, focusing on communication and information dissemination within the religious sector. Technically, the website is built on WordPress 6.6.2 with a Bootstrap-based theme, leveraging modern JavaScript libraries such as jQuery and Slick Carousel. It integrates Google Analytics via Google Site Kit for visitor tracking. The site demonstrates good mobile optimization and a professional design, though some accessibility features are basic. Performance is moderate, with no critical errors or broken elements detected. From a security perspective, the site enforces HTTPS with an excellent SSL configuration but lacks explicit HTTP security headers such as CSP or HSTS. No vulnerability disclosure or incident response policies are published, and cookie consent mechanisms are absent, which may affect GDPR compliance. Contact information is clearly provided, enhancing trust and credibility. Overall, the security posture is adequate but could be improved with additional headers and privacy compliance measures. The overall risk assessment indicates a well-maintained and trustworthy website with minor gaps in privacy compliance and security best practices. Strategic recommendations include implementing cookie consent, enhancing security headers, publishing security policies, and improving accessibility to strengthen the site's security and compliance posture.

The Consiglio Conferenze Episcopali Europee (CCEE) website serves as the official online presence for the Council of European Episcopal Conferences, a non-profit religious organization coordinating Catholic episcopal conferences across Europe. The site provides comprehensive information about the organization's structure, activities, media resources, and upcoming events, targeting church officials and interested public audiences. The website is professionally designed with clear navigation and multilingual support, reflecting a moderate to high level of digital maturity. Technically, the website is built on WordPress CMS, utilizing popular plugins such as Events Manager and WPML for event scheduling and multilingual content respectively. The site employs modern web technologies including jQuery and the Foundation CSS framework, ensuring good mobile responsiveness and user experience. Performance is moderate, with external dependencies on Google Fonts and CDN resources. From a security perspective, the site enforces HTTPS and uses nonce tokens in AJAX calls, but lacks visible advanced security headers and explicit privacy or cookie policies. The WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. No critical vulnerabilities or suspicious indicators were detected, but improvements in security headers and privacy compliance are recommended. Overall, the website presents a trustworthy and professional image consistent with its organizational role. Strategic recommendations include enhancing privacy and cookie policy visibility, implementing comprehensive security headers, and conducting regular security audits to maintain compliance and trust.

Z

Zalando SE

zalando.at

47

Zalando SE operates a leading European online fashion retail platform, targeting consumers primarily in Austria and German-speaking countries. The website offers a broad assortment of shoes, clothing, accessories, and beauty products with a strong focus on user experience, free shipping, and returns. The brand is well-established with a significant market presence and a comprehensive e-commerce business model. Technically, the site leverages modern web technologies including React and RequireJS, with a strong emphasis on performance, mobile optimization, and accessibility. Security posture is robust with HTTPS enforcement, security headers, and consent management via Usercentrics. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital infrastructure and trustworthy business operations.

D

Dr. Neidlinger Holding GmbH

neidlinger-holding.com

47

Dr. Neidlinger Holding GmbH operates as a holding company specializing in manufacturing and chemical sectors, offering consulting and management services to its subsidiaries such as Wevo-Chemie and Zelu-Chemie. The company emphasizes tradition and innovation, targeting business clients and partners primarily in Germany and internationally through trade shows. The website reflects a medium-sized enterprise with a professional digital presence built on WordPress and Elementor, optimized for desktop and mobile users with good SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. The absence of WHOIS data raises some concerns about domain registration legitimacy, warranting further verification. Overall, the website is trustworthy and professional, supporting the company's business credibility.

S

Schwäbischer Turnerbund (STB) e.V.

turngala.de

47

TurnGala is a well-established annual gymnastics and acrobatics show organized by the Schwäbischer Turnerbund (STB) and Badischer Turnerbund in Germany. The event features international and regional artists performing a mix of gymnastics, acrobatics, dance, comedy, and entertainment, targeting families and sports enthusiasts across Baden-Württemberg. The website serves as a comprehensive platform for event information, ticket sales, news updates, and partner engagement. Technically, the site is built on TYPO3 CMS with modern frontend libraries such as Bootstrap and jQuery, and integrates Usercentrics for GDPR-compliant consent management and Matomo for analytics. The site is hosted on kundenserver.de and demonstrates moderate performance with good mobile optimization and SEO practices. Security-wise, HTTPS is enforced, and consent mechanisms are in place, though some security headers could be improved and no explicit security policy or incident response information is published. Overall, the domain registration and hosting details align well with the business, indicating legitimacy and trustworthiness.

T

Time Service B.V.

getraceresults.com

49

RaceResults, operated by Time Service B.V., is a specialized online platform providing comprehensive motorsport race results, live timing, and race tracking services. The website hosts an extensive database of event results timed with RSTime software dating back to 2004, serving motorsport enthusiasts, event organizers, and racers globally. The platform leverages DotNetNuke CMS and integrates Google Analytics for user tracking. The business operates primarily in the transportation sector with a niche focus on motorsport timing services. The domain is well-established since 2016, aligning with the business's operational history.

Q&F - Comércio de Automóveis e Acessórios Lda is a Portuguese company founded in 1992 specializing in the commercialization and technical assistance of automotive competition, karting, and performance products. The company represents prestigious brands such as Sparco, Alpinestars, BBS, K&N, and Eibach, serving both individual customers and professional competitors. Their market position is strong within Portugal as a dynamic and innovative player in the automotive racing sector. The website is built on a modern WordPress and WooCommerce infrastructure, utilizing popular plugins like Elementor and Yoast SEO to provide a professional e-commerce experience. The technical infrastructure is solid with good mobile optimization and SEO practices, although performance is moderate. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks published security policies and incident response information. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security transparency.

The website www.msk-team.de is currently inaccessible beyond a Cloudflare security challenge page, which prevents access to any substantive business content or metadata. As such, no information about the company's operations, services, or market positioning can be determined. The technical infrastructure includes Cloudflare's Turnstile captcha for bot mitigation, indicating a focus on security at the perimeter level. However, the lack of accessible content limits the ability to assess digital maturity or technical sophistication beyond basic hosting and security measures. The security posture cannot be fully evaluated due to the absence of visible security headers or SSL details, but the presence of Cloudflare's WAF suggests some level of protection. Overall, the site is effectively blocked for analysis, resulting in a low trust and credibility score. Strategic recommendations include ensuring the site is accessible for legitimate users and providing clear business and compliance information to improve trust and transparency.

N

Nissan

nissan-jobboerse.de

49

The website nissan-jobboerse.de serves as an official job board platform dedicated to Nissan dealerships across Germany, facilitating job postings and applications within the automotive sector. It leverages a combination of WordPress CMS with WPBakery page builder and an Angular-based job board widget powered by the carsonal recruiting platform. The site is professionally designed with consistent Nissan branding and provides comprehensive job listings, employer registration, and applicant management features. The content is primarily in German and targets job seekers and Nissan dealer partners in Germany. Technically, the site uses modern web technologies and is mobile-optimized, though performance is moderate. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and explicit incident response policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. WHOIS data is minimal, reducing trust slightly, but the overall business credibility is high due to official branding and partner integrations.

M

mégaphone-internet sàrl

megaphone-internet.ch

46

mégaphone-internet sàrl is a Swiss-based small technology company specializing in web creation and hosting services since 1995. The company targets associations and businesses in Switzerland seeking tailored digital solutions including website creation, e-commerce, content management, hosting, and email marketing. Their market position is that of a local artisan web service provider with a long-standing presence and a professional online presence. Technically, the website uses a modern but minimal tech stack including jQuery, Slick Carousel, and lazy loading with Lozad.js, delivering a good user experience with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks explicit security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Business credibility is strong given the clear company information, physical address, and professional content. Overall, the website is safe, professional, and trustworthy but could improve in privacy compliance and security best practices.

The website ars-mia.de hosts a login portal titled 'MIA | Anmeldung' primarily serving users associated with 'autohausen'. The site appears to be a business application login interface with minimal public-facing content. The target audience is likely internal or authorized users of the MIA system. The business sector is not explicitly stated but is related to automotive or dealership services given the author metadata and company name. The website is hosted in Germany and uses HTTPS with basic security measures.

H

HWW GmbH & Co. Holzwerke KG

hww.cc

47

HWW GmbH & Co. Holzwerke KG operates as a wood manufacturing company based in Germany, providing wood products primarily for business clients in manufacturing and construction sectors. The website serves as a corporate presence, built on WordPress with a moderate level of technical sophistication including the use of Usercentrics for cookie consent management. The site demonstrates good design quality and user experience, with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published security policies and security headers. Privacy compliance is partial due to the absence of a visible privacy policy and terms of service. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and consistency. The website is safe for general audiences with no adult or questionable content detected.

Sägewerk Karl Alt GmbH & Co. KG is a medium-sized German hardwood sawmill specializing in the production and distribution of high-quality hardwood lumber primarily for European, North American, Arab, and Asian markets. The company emphasizes sustainable sourcing and offers additional services such as drying, steaming, and custom cutting. The website is built on an older TYPO3 CMS platform with legacy JavaScript libraries, indicating a need for modernization. While the site includes essential business information and a cookie consent mechanism compliant with GDPR, it lacks advanced security headers and incident response details. No social media presence or terms of service are evident, which may limit user engagement and trust. Overall, the digital infrastructure is functional but dated, with moderate performance and basic mobile optimization.

P

Cookie-Information

pfeifergroup.com

46

The website analyzed is primarily a cookie information and consent page for www.pfeifergroup.com, providing detailed information about cookie usage including third-party cookies from major providers such as Google, Hotjar, LinkedIn, Matomo, Meta, and Microsoft. The site implements a cookie consent mechanism compliant with GDPR, allowing users to accept all cookies, only essential cookies, or customize their preferences. However, the website content is minimal and focused solely on cookie information without broader business or contact details. WHOIS data for the domain is unavailable, indicating either a recent registration, privacy protection, or a domain registration issue, which impacts trust and legitimacy assessments. Technically, the site uses standard web technologies including JavaScript and CSS, with integrations for analytics and marketing tools, but lacks visible security headers and detailed business information.

P

Pieper Holz GmbH

pieperholz.de

41

Pieper Holz GmbH is a medium-sized German manufacturing company specializing in woodworking products including sawmill operations, raw wood trade, playground equipment, and bridge construction. Their website emphasizes sustainability and future-oriented wood solutions, targeting businesses and organizations in need of quality wood products and landscape construction materials. The company maintains a professional online presence with clear contact information and basic compliance with privacy regulations. Technically, the website uses common JavaScript libraries and Google Analytics with privacy-conscious configurations such as IP anonymization and opt-in cookie consent. However, no explicit security policies or incident response information are published, and security headers are not evident, indicating room for improvement in security posture. WHOIS data is limited but consistent with a legitimate hosting provider, supporting the website's credibility. Overall, the site is well-structured, user-friendly, and trustworthy with a moderate security maturity level.

Schloss - Herbersteins Brasserie is a small hospitality business based in Linz, Austria, offering restaurant dining, catering, exclusive event hosting, and special events such as Candle Light Dinners. The website positions the business as a local venue with a focus on quality dining experiences and private celebrations. The technical infrastructure is based on an older TYPO3 CMS version 4.5, with JavaScript libraries such as jQuery 1.4.4, and uses Google Analytics and Google Tag Manager for tracking. While the site is functional and provides clear contact information and event details, it lacks modern security headers and cookie consent mechanisms, which are important for GDPR compliance. The security posture is moderate but could be improved by updating outdated libraries and implementing security best practices. Overall, the website is professional and trustworthy but would benefit from technical modernization and enhanced privacy compliance.

Weymayer is a small Austrian internet agency specializing in web design, TYPO3, Magento, and freelance web development services. With nearly 20 years of experience, the company positions itself as a reliable and affordable full-service provider targeting businesses and individuals seeking professional web solutions in Austria. The website reflects a consistent and professional brand image with clear contact information and a focus on quality service delivery. Technically, the website employs modern JavaScript libraries such as Three.js for visual effects but lacks advanced CMS detection or extensive platform integrations. The site is moderately optimized for performance and mobile devices but could improve accessibility and SEO features. The absence of cookie consent mechanisms and limited analytics usage indicates a low level of user tracking and data collection. From a security perspective, the website uses HTTPS (assumed from domain), but no security headers were detected in the provided data. There is no published security policy or incident response information, which limits transparency. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is moderate but could benefit from enhancements in headers, policies, and compliance mechanisms. The overall risk assessment is low to moderate, with no critical issues detected. Strategic recommendations include implementing cookie consent, adding security headers, publishing security and incident response policies, and improving mobile and accessibility features to enhance trust and compliance.

The website tablexpro.at currently presents an extremely minimalistic presence with only the domain name text visible and no additional content or metadata. There is no indication of the company's business activities, services, or market positioning. The lack of contact information, privacy policies, or terms of service suggests the site is either inactive, under development, or a placeholder. Technically, the site lacks modern web technologies, security headers, and performance optimizations. No HTTPS or SSL data was provided, indicating a potential security risk or incomplete data. The security posture is weak due to the absence of security best practices and policies. Overall, the site has a low trustworthiness and business credibility score, with significant improvements needed to meet basic web standards and compliance requirements.

G

403 - Forbidden

gcap.global

37

The website at gcap.global is currently inaccessible, presenting a 403 Forbidden error page that blocks access to any business or service-related content. The lack of accessible content prevents any meaningful analysis of the company's offerings, target audience, or market position. The domain WHOIS data is unavailable due to unsupported TLD WHOIS queries, further limiting trust and legitimacy verification. Technically, the site loads minimal resources such as Google Fonts but lacks any modern frameworks, analytics, or security headers. The absence of privacy, cookie, or terms of service policies indicates poor compliance posture. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a very low digital maturity and security posture.

A

AMS Technologies AG

amstechnologies.com

45

AMS Technologies AG is a well-established European technology company specializing in optical technologies, thermal management, and electronics solutions. With over 40 years of industry expertise and a broad customer base across high-tech sectors, the company positions itself as a trusted advisor and one-stop-shop for advanced technology solutions. Their website reflects a professional and modern digital presence, leveraging WordPress CMS and contemporary web technologies such as Swiper.js and Google Analytics for user engagement and performance tracking. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as enabling DNSSEC and implementing security headers are recommended. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a visible cookie consent mechanism. Overall, the website is accessible, content-rich, and trustworthy, supporting AMS Technologies' market position and business credibility.

A

Alda Europe

alda-europe.eu

40

Alda Europe is a well-established non-profit organization focused on fostering local democracy and civil society development across Europe and beyond. With 25 years of experience, it operates as a global alliance of local and regional authorities and civil society actors, delivering projects, advocacy, and capacity building services. The website reflects a professional and consistent brand image, targeting stakeholders in governance, civil society, and regional development. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and compliant with privacy regulations, though WHOIS data is unavailable due to privacy protection, which is typical for such organizations.

M

MTÜ Arengukoostöö Ümarlaud (AKÜ)

terveilm.ee

42

MTÜ Arengukoostöö Ümarlaud (AKÜ) is a small Estonian non-profit coalition representing NGOs engaged in development cooperation, global citizenship education, and sustainable development. The organization acts as a strategic partner and consultant to the Estonian Ministry of Foreign Affairs and provides workshops and consultancy services to private sector companies and the public. The website reflects a professional and consistent brand presence with good content quality and clear navigation, targeting Estonian NGOs and interested stakeholders. Technically, the site is built on WordPress with modern plugins and integrations, including multilingual support and social media connectivity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security or privacy policies. Overall, the site is trustworthy and well-positioned within its sector but would benefit from enhanced privacy compliance and security best practices.

The Internationale Gutenberg-Gesellschaft in Mainz e.V. is a well-established non-profit organization dedicated to the research and promotion of printing history and media development. Founded in 1901, it holds a significant position in the cultural and scientific community, particularly in Mainz, Germany. The society offers memberships with benefits such as access to the Gutenberg Museum, exclusive events, and the annual Gutenberg-Jahrbuch publication, targeting researchers, members, and enthusiasts of printing history. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and privacy-conscious Matomo analytics. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Hosting appears stable with agency-managed nameservers. However, there is room for improvement in cookie consent mechanisms and security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. The absence of explicit cookie consent and security policies are notable gaps. No vulnerabilities or suspicious activities were detected. WHOIS data aligns well with the organization's identity and history, supporting legitimacy. Overall, the website presents a trustworthy, professional, and content-rich platform with moderate technical sophistication. Strategic improvements in privacy compliance and security posture would enhance user trust and regulatory adherence.

G

Gutenberg-Shop

gutenberg-shop.de

49

The Gutenberg-Shop is an e-commerce platform associated with the Gutenberg Museum in Mainz, Germany, specializing in exclusive gifts related to the art of printing and book painting. The website targets a general audience interested in cultural and artistic merchandise, offering products crafted using traditional techniques. The business operates in the retail sector with a niche focus on cultural and museum-related products. Technically, the site is built on a modern e-commerce platform (likely Shopware), uses HTTPS, and integrates Matomo analytics for privacy-conscious tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security practices include CSRF protection and cookie consent mechanisms, though explicit privacy and terms of service pages are missing. Overall, the site demonstrates a moderate to good security posture with room for improvement in policy transparency and security headers. The domain registration data is minimal but consistent with the business profile, and no suspicious patterns were detected. The site is safe for general audiences with no adult or questionable content.

D

Das Bauhaus-Archiv / Museum für Gestaltung

bauhaus.de

49

Das Bauhaus-Archiv / Museum für Gestaltung is a prominent cultural institution in Germany dedicated to preserving and showcasing the Bauhaus legacy, the most influential school of architecture, design, and art of the 20th century. The website serves as a comprehensive portal for visitors, researchers, and enthusiasts, offering information on exhibitions, research projects, educational outreach, and a dedicated shop for Bauhaus-related products. The institution holds a leading market position in the cultural and educational sector related to Bauhaus history. Technically, the website is built on WordPress CMS with modern frontend technologies such as Vue.js, providing a smooth and responsive user experience. The site employs performance optimization tools like WP Rocket and integrates a consent management platform to comply with privacy regulations. Hosting is managed professionally via dns-hotel.net, ensuring reliable uptime and security. From a security perspective, the website enforces HTTPS and uses privacy-conscious cookie consent mechanisms. While no explicit security policy or incident response contacts are published, the site shows no signs of vulnerabilities or exposed sensitive data. The absence of common security headers is noted as an area for improvement. Overall, the security posture is solid for a cultural institution website. The risk assessment is low, with no detected malicious or suspicious activity. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a security.txt file to improve transparency and vulnerability management. The website demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

The domain bg.de currently hosts a minimal content website that appears to be a parked domain landing page primarily serving advertisements. There is no meaningful business content, no contact information, and no privacy or cookie policies present. The site uses third-party ad scripts and cloudfront CDN for content delivery but lacks any structured data or branding elements. The WHOIS data indicates the domain is in a 'connect' status with parkingcrew.net name servers, consistent with domain parking rather than an active business presence. Technically, the site lacks HTTPS enforcement and security headers, which further reduces trustworthiness and security posture. Overall, the site does not represent an operational business or service and is likely used for ad monetization or domain holding purposes.

A

AMS Technologies AG

ams.de

45

AMS Technologies AG is a well-established European technology company specializing in optical technologies, thermal management, and electronics solutions. With over 40 years of industry expertise and a broad customer base across high-tech sectors, the company positions itself as a trusted advisor and one-stop-shop for custom solutions and expert consulting. Their website reflects a professional and consistent brand image targeting high-tech companies and research institutions. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics for user tracking. The site is mobile-optimized and offers a multi-step contact form for detailed customer inquiries. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers. Privacy compliance is partially addressed with a privacy policy and terms of service available on the shop subdomain, though no cookie consent mechanism is evident. Overall, the website demonstrates a solid business credibility and technical foundation with room for security and privacy improvements.

C

CCC Druck und Medien GmbH

muensterdruckt.de

47

CCC Druck und Medien GmbH operates an online and local print and media service shop based in Münster, Germany. The website offers a broad range of printing products and services targeting both business and private customers, including flyers, posters, thesis printing, and various print media. The company positions itself as a local trusted provider with personal consultation available on-site. Technically, the website uses a Bootstrap-based responsive design with jQuery and other JavaScript libraries, hosted on servers indicated by creolineserver.com nameservers. The site is moderately optimized for performance and mobile devices but lacks some advanced accessibility features. Security posture is moderate with HTTPS implied but no visible security headers and no published security or incident response policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Business credibility is supported by clear contact information and consistent WHOIS data. Overall, the website is functional and professional but could improve in security and privacy compliance.

W

Westfälischer Turnerbund e.V.

nrw-landesturnfest.de

45

The website www.nrw-landesturnfest.de serves as the official online presence for the 5th NRW Landesturnfest 2026, a major gymnastics and sports event organized by the Westfälischer Turnerbund e.V. The site provides comprehensive event information, registration details, volunteer opportunities, and program highlights targeting sports enthusiasts and participants in the NRW region of Germany. The business model focuses on event organization and community engagement within the sports sector, positioning itself as a key regional event organizer. Technically, the website is built on the TYPO3 CMS platform, leveraging modern frontend technologies such as Alpine.js and Swiper.js for interactive elements. The site is mobile-optimized, well-structured, and employs a reputable cookie consent manager (CCM19) to ensure compliance with privacy regulations. Hosting appears to be managed via German-based nameservers, supporting regional data sovereignty. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong with a clear privacy policy and cookie consent, though terms of service and vulnerability disclosure mechanisms are absent. Overall, the website demonstrates a good level of professionalism, technical maturity, and compliance suitable for its purpose. Recommendations include enhancing security headers, publishing security and incident response policies, and adding terms of service to improve trust and compliance further.

A

Autohaus Heydasch GmbH

nissan-heydasch-worms.de

49

Autohaus Heydasch GmbH is an established automobile dealership located in Worms, Germany, serving as an official Nissan partner. The company offers a wide range of services including new and used car sales, vehicle trade-ins, service bookings, and maintenance. Their market position is that of a trusted local Nissan dealership catering to private and commercial customers. The website reflects a professional business model focused on automotive sales and services with clear contact channels and customer engagement features. Technically, the site is built on modern frameworks such as React and Next.js, ensuring a responsive and user-friendly experience. Privacy compliance is well addressed with GDPR-aligned policies and a visible data protection officer contact. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the website is trustworthy, well-structured, and suitable for its target audience.

P

Pedalo®

pedalo.de

49

Pedalo® is a well-established German company specializing in innovative products and concepts for movement, play, sport, and therapy. Founded in 1963, it targets a broad demographic from children to seniors, emphasizing quality, sustainability, and health promotion. The company operates an e-commerce platform powered by Shopware, integrating modern payment methods such as PayPal and Amazon Pay, and employs Google Tag Manager and analytics for marketing and user behavior tracking. The website is professionally designed, mobile-optimized, and provides clear navigation and customer support channels including phone and email contact. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly available. Overall, the site reflects a credible and trustworthy business with a solid digital presence.

V

Page Not Found

vemission.org

32

The website vemission.org currently serves a 404 error page indicating that the site is not configured or content is missing. The domain is registered with Mesh Digital Limited since 1998, suggesting a long-standing registration, but the absence of any accessible content or business information severely limits the ability to assess the company or its operations. The site uses TYPO3 CMS but lacks proper configuration and content deployment. There are no privacy, cookie, or terms of service policies found, nor any contact information or security policies. Technically, the site shows minimal implementation with no detected security headers or HTTPS information, which raises concerns about security posture. Overall, the site is non-functional from a user and security perspective, resulting in a low trust and credibility score.

M

Mission EineWelt

mission-einewelt.de

46

Mission EineWelt is a non-profit international partnership center affiliated with the Evangelical Lutheran Church in Bavaria. It focuses on fostering dialogue and cooperation with partner churches worldwide, promoting peace, justice, tolerance, and sustainability. The organization offers volunteer programs, educational campaigns, publishing, and fundraising activities, positioning itself as an important regional entity with international reach. The website reflects a mature digital presence built on WordPress with Elementor, integrating privacy-conscious analytics and consent management tools. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though incident response contact details could be improved. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission.

The website centrostudicts.it is currently inaccessible due to a security challenge page implementing a JavaScript-based proof-of-work captcha. This challenge blocks normal access and prevents extraction of meaningful business or contact information. The domain is registered since 2019 with no privacy protection and is set to expire in 2025, indicating a legitimate registration. However, the lack of DNSSEC, security headers, and absence of privacy or cookie policies suggests a weak security posture. The site uses Cloudfront CDN for hosting assets and employs advanced client-side cryptographic challenges to mitigate automated access. Overall, the site is not currently usable for end users without passing the challenge, limiting content and business insight extraction.

The website www.bodensee-stiftung.org/wp-admin/ is currently inaccessible without authentication, presenting a WordPress error message indicating permission denial. The site appears to be a WordPress-based platform with restricted admin access, likely protected by security plugins or access controls. Due to the lack of accessible content, no business description, contact information, or policies are available for analysis. The WHOIS data query failed, returning no registrar or registrant information, which limits trust and transparency. Technically, the site uses WordPress CMS but lacks visible security headers or SSL configuration details. Overall, the site’s security posture cannot be fully assessed, but the access restriction is a positive security control. However, the absence of public business and privacy information is a concern for compliance and trust.

Service de Missions et d'Entraide (SME) is a Swiss non-profit organization dedicated to providing education and professional training to underprivileged populations. Established in 2007, SME operates primarily in the education sector, focusing on basic education, professional training, and professional development. The organization relies on donations and volunteer support to fund its projects and has a strong presence in Switzerland with multilingual website support in French and German. SME maintains a reputable position in its niche with certifications such as ZEWO and active social media engagement.

M

Ministock.ch

ministock.ch

48

Ministock.ch is a small non-profit website providing evangelical Christian educational resources primarily for children, families, and church ministries in the French-speaking region of Switzerland. The site offers a variety of content including illustrated Bible verses, videos, lesson programs, and links to partner organizations. It is affiliated with La FREE - Fédération romande d'Eglises évangéliques, reinforcing its niche position within the evangelical community. The website was founded around 2016 and maintains consistent branding and content quality suitable for its target audience. Technically, the site is built on Joomla CMS with the K2 extension and uses common web technologies such as jQuery, Magnific Popup, and Google reCAPTCHA for form security. It integrates social media sharing and newsletter subscription via AcyMailing. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. From a security perspective, the site uses HTTPS and employs reCAPTCHA to protect forms, but lacks explicit security headers which could improve its security posture. No privacy or cookie policies were found, indicating compliance gaps with GDPR and other privacy regulations. Contact information is limited to a newsletter subscription form without direct emails or phone numbers. Overall, Ministock.ch presents a trustworthy and professional resource platform for its community but should enhance privacy compliance and security headers to improve user trust and regulatory adherence.

C

CCEJ

cckj.ch

48

The website cckj.ch represents a small non-profit organization focused on promoting a charter for Christian children and youth work in Switzerland. The site provides information about the charter, encourages signatories, and targets Christian youth organizations and stakeholders. The business model is centered on advocacy and community engagement within a niche religious and youth sector. Technically, the website is built on WordPress using common plugins such as WPML for multilingual support and Contact Form 7 for user interaction. The site employs Google Analytics and Tag Manager for user tracking, indicating moderate digital maturity. Security posture is basic with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy PDF available but no cookie consent mechanism or GDPR explicit indicators. Overall, the site is functional and professional but could improve in security and privacy compliance to enhance trust and regulatory adherence.