High-risk security reports

S

Scoutisme Neuchâtelois

scoutne.ch

45

Scoutisme Neuchâtelois is a regional non-profit youth organization based in the canton of Neuchâtel, Switzerland, focused on providing scouting activities, outdoor adventures, and community engagement for young people starting from age 5. The website serves as an informational and engagement platform for local scouting groups, offering details about activities, groups, and contact options. The organization positions itself as a trusted community resource promoting friendship, nature, and adventure.

A

Association du Scoutisme Vaudois

asvd.ch

49

Association du Scoutisme Vaudois (ASVd) is a well-established non-profit organization dedicated to promoting scouting activities for youth aged 5 to 16 in the Vaud region of Switzerland. It is part of the largest youth movement in Switzerland, serving thousands of scouts locally. The website provides comprehensive information about scouting, the association's structure, history, and facilities, targeting families and youth interested in scouting. Technically, the site is built on WordPress with common plugins such as Contact Form 7 and Jetpack, and uses modern JavaScript libraries like Leaflet for maps. The site is mobile-optimized and has good SEO practices but lacks visible privacy and cookie policies, which is a compliance gap. Security posture is generally good with HTTPS enforced, but security headers are missing and no vulnerability disclosure or incident response information is provided. Overall, the domain registration data aligns well with the organization's identity, supporting legitimacy and trustworthiness.

W

Wien Holding

wienholding.tv

48

Wien Holding TV serves as a dedicated video portal for Wien Holding, a large Austrian corporate group with diverse subsidiaries in media, real estate, culture, logistics, and transportation sectors. The website provides video content showcasing developments, events, and news related to Wien Holding's companies, targeting a general audience interested in the group's activities. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Video.js, hosted on a media server with HTTPS enabled, ensuring a good user experience and mobile responsiveness. Security posture is adequate with HTTPS but lacks explicit security headers and detailed privacy policy documentation. The absence of WHOIS data suggests privacy protection, which is reasonable for a corporate domain. Overall, the site is professional, trustworthy, and serves its communication purpose effectively.

B

Burgenland Tourismus GmbH

burgenland.info

47

Burgenland.info is the official tourism website for the Burgenland region in Austria, providing comprehensive travel information, cultural highlights, and leisure activities. The site targets tourists and visitors seeking detailed guidance on visiting Burgenland, positioning itself as a trusted regional tourism authority. The business model focuses on tourism promotion and visitor engagement through digital content and event information. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript, CSS, and HTML5. It integrates multiple marketing and analytics tools such as Cookiebot for consent management, Facebook Pixel for advertising, Google Tag Manager, and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response information are not evident, suggesting room for improvement in security posture transparency. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a professional, trustworthy, and privacy-compliant digital presence for Burgenland tourism. The lack of WHOIS data limits domain registration insights, but the official nature and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure channel to strengthen trust and security readiness.

G

GEDLICH Racing

gt3-all-stars.com

44

Winter Series by GEDLICH Racing is a specialized motorsport event organizer focusing on winter racing series across Europe, primarily in Portugal and Spain. The company offers multiple racing series including GT Winter Series, GT4 Winter Series, Prototype Winter Series, PTWS Sports Prototypes, Formula Winter Series, and the 6h of Portimão endurance race. Their target audience includes professional and amateur racing drivers, motorsport teams, and fans. The business is relatively new, founded in 2023, and positions itself as a niche leader in European winter motorsport racing. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js for UI components. SEO is enhanced using the Yoast SEO plugin, and the site is hosted by IONOS SE. Performance is moderate with good mobile optimization and basic accessibility features. The website is well-structured with comprehensive content and clear navigation. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protection enabled. However, it lacks DNSSEC and explicit security headers, which are recommended for enhanced security. No cookie consent mechanism was detected, which may affect GDPR compliance. No incident response or security policy information is published. Overall, the website is professional, trustworthy, and well-aligned with the business goals. Strategic improvements include implementing DNSSEC, adding security headers, and introducing a cookie consent mechanism to improve privacy compliance and security posture.

G

GEDLICH Racing

formula-winter-series.com

45

GEDLICH Racing operates the Formula Winter Series, a winter motorsport racing series focused on junior single seater drivers competing in Tatuus F4 cars. The series is positioned as a premier winter racing event in Southern Europe, targeting aspiring young drivers and motorsport enthusiasts. The website provides comprehensive event calendars, registration information, media coverage, and partner details, reflecting a professional and growing motorsport brand. Technically, the website is built on WordPress using a modern theme and includes popular libraries such as jQuery and Swiper.js. Hosting is provided by IONOS SE, a reputable provider. The site is mobile optimized and SEO friendly, with structured data and Open Graph tags enhancing search engine visibility and social media sharing. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and some security headers, and does not provide explicit security policies or incident response contacts. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is trustworthy and professional with a solid business foundation. Strategic improvements in security hardening and privacy compliance would enhance its posture and user trust.

G

GEDLICH Racing

prototype-winter-series.com

44

GEDLICH Racing operates the Prototype Winter Series, a specialized motorsport championship focused on LMP3 prototype race cars competing on premier Southern European tracks during the winter months. The series is officially approved by the ACO, positioning it as a reputable and recognized event in the motorsport community. The website reflects a professional and well-branded presence, targeting racing teams, drivers, and enthusiasts with detailed event calendars, registration options, and media coverage. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, delivering a good user experience across devices. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms. Overall, the site demonstrates a strong business credibility and digital maturity suitable for its niche audience.

G

GEDLICH Racing

gt4-winter-series.com

44

GEDLICH Racing operates the GT4 Winter Series, a specialized motorsport racing series held in Southern Europe during winter months. The website presents a professional and well-structured platform for event information, registration, media, and partner engagement. The business targets motorsport teams, drivers, and enthusiasts, positioning itself as a premier winter racing series with SRO licensing and strong industry partnerships. Technically, the site is built on WordPress with modern libraries like jQuery and Swiper.js, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not implement cookie consent mechanisms, indicating room for compliance improvements. Overall, the domain registration is transparent and consistent with the business timeline, supporting legitimacy. Strategic recommendations include enhancing security headers, enabling DNSSEC, and implementing privacy compliance features to strengthen trust and regulatory adherence.

G

GEDLICH Racing

gt-winter-series.com

45

GEDLICH Racing operates the GT Winter Series, a premier motorsport racing series held in Southern Europe, focusing on GT cars competing across multiple events annually. The website presents a professional and comprehensive platform for event information, registration, media, and partner engagement. The business targets motorsport teams, drivers, and enthusiasts, positioning itself as a key player in European winter racing events with strong partnerships and a clear class structure. Technically, the site is built on WordPress with modern libraries like jQuery and Swiper.js, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and advanced security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, supporting a medium-sized business in the transportation sector.

G

GEDLICH Racing

summer-series.org

44

GEDLICH Racing operates the Summer Series 2026, a new GT racing series in Europe targeting professional and amateur racers with GT3, GT4, TCR, and single-make cars. The website is well-structured, content-rich, and professionally designed, reflecting a focused business model on motorsport event organization. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted by IONOS SE. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers, and no visible cookie consent or privacy compliance mechanisms. The domain registration is recent but consistent with the business launch timeline, indicating legitimacy. Overall, the site presents a credible and professional front for the racing series with room for improvement in security and privacy compliance.

G

GEDLICH Racing

winter-series.com

45

Winter Series by GEDLICH Racing is a specialized motorsport event organizer focusing on winter racing series across Europe, primarily in Portugal and Spain. The company offers multiple racing series including GT Winter Series, GT4 Winter Series, Prototype Winter Series, and Formula Winter Series, targeting professional and amateur racing drivers as well as motorsport enthusiasts. The business is relatively new, founded in 2023, and positions itself as a niche leader in winter motorsport racing events. The website is professionally designed, content-rich, and provides comprehensive information about events, registration, media, and logistics.

E

entwickeln+gestalten

entwickelnundgestalten.de

47

entwickeln+gestalten is a small, specialized digital agency focused on supporting civil society organizations in Germany with digital transformation, political communication, and process optimization. Their key services include website development, consulting, Nextcloud integration, and CiviCRM solutions. The company positions itself as a trusted partner for progressive actors aiming for social development and justice. Technically, the website is built on Drupal 7 with common JavaScript libraries for UI enhancements, hosted on agenturserver infrastructure. The site is mobile-optimized and provides good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are missing and the CMS version is outdated, which poses some risk. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professional, serving a niche non-profit sector audience effectively.

L

Leasing Unterland GmbH

leasing-unterland.at

46

Leasing Unterland GmbH is a medium-sized Austrian real estate company specializing in the purchase, rental, leasing, and strategic development of real estate projects primarily in Austria. Established in the early 1980s, the company has evolved from leasing vehicles and properties to focusing on real estate investment and management, including ownership of several commercial properties such as retail centers. Their website reflects a professional and consistent brand presence, targeting investors, businesses, and private clients interested in Austrian real estate. The business model centers on long-term property management and development, positioning them as a reputable regional player in the real estate sector. Technically, the website is built on WordPress using modern plugins such as Slider Revolution and WPBakery Page Builder, with a moderate performance profile and good mobile optimization. The site uses HTTPS with a valid SSL certificate, but lacks some advanced security headers and explicit privacy or cookie consent mechanisms. Forms are minimal, primarily a search form, with no evident tracking or analytics services detected. The site is accessible without WAF or security challenges, indicating good availability. From a security perspective, the site demonstrates basic best practices such as HTTPS and use of a honeypot plugin for form protection. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were found. WHOIS data aligns well with the website's business claims, showing a consistent and legitimate registration in Austria, supporting the company's credibility. Overall, Leasing Unterland GmbH's website is a solid representation of a professional real estate business with good technical implementation and moderate security posture. Enhancements in privacy compliance, security headers, and transparency around data protection would further strengthen their digital trustworthiness.

The website la-porte-ouverte.ch is currently suspended, displaying a message in both French and English instructing visitors to contact support via the email [email protected]. There is no active business content, no privacy or cookie policies, and no interactive elements such as forms or social media links. The technical infrastructure appears minimal, with only a CSS stylesheet loaded from an external domain (apanel.swisscenter.com). No security headers or SSL configuration details are evident from the provided data. The site lacks basic compliance documentation and trust indicators, which significantly impacts its credibility and security posture. From a technical perspective, the site uses basic CSS styling but lacks modern frameworks, CMS, or analytics tools. Performance and accessibility cannot be fully assessed but are likely poor given the minimal content and basic mobile optimization. No evidence of tracking or advertising technologies was found. Security-wise, the absence of HTTPS information, security headers, and incident response contacts indicates a low security maturity level. The suspension notice suggests operational or compliance issues that may affect business continuity and trustworthiness. No vulnerabilities or malicious content were detected, but the lack of security best practices is a concern. Overall, the site scores low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include restoring active content, implementing HTTPS and security headers, publishing privacy and cookie policies, and improving contact and incident response information to enhance trust and compliance.

H

Heilsarmee Schweiz

armeedusalut.ch

48

The website armeedusalut.ch represents Heilsarmee Schweiz, a Swiss non-profit humanitarian organization focused on social aid, housing assistance, and community support. The site targets the general public, especially vulnerable populations and donors, providing information, resources, and calls to action for donations and volunteering. The organization holds recognized certifications such as ZEWO, enhancing its trustworthiness. Technically, the site is built on WordPress with modern plugins for multilingual support, consent management, and analytics integration. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though additional HTTP security headers and published security policies would improve it further. WHOIS data confirms the domain's legitimacy and consistency with the organization's identity. Overall, the site is professional, trustworthy, and well-maintained, serving its humanitarian mission effectively.

A

A&G KG

ox-parndorf.at

40

OX Steaks & Grill Parndorf is a small hospitality business located in Austria, specializing in premium steak and grill dining experiences. The company offers a variety of high-quality food options including steaks, burgers, fish dishes, and Mediterranean appetizers. They maintain a strong market position as a top dining location in Parndorf, supported by a loyalty app and online gift voucher sales. The website is built on TYPO3 CMS and integrates modern front-end libraries and tracking tools such as Google Analytics and Facebook Pixel, with privacy-conscious configurations like IP anonymization and cookie consent mechanisms. Security posture is solid with HTTPS enforced, though there is room for improvement in security headers and incident response disclosures. Overall, the website is professional, user-friendly, and compliant with GDPR requirements, reflecting a trustworthy and credible business presence.

L

lafree.ch - Site évangélique d'information

lafree.info

48

lafree.info is a French-language evangelical Christian news and information website affiliated with the Fédération romande d'Églises évangéliques (FREE). It serves a niche audience of French-speaking evangelical Christians primarily in Switzerland, offering news, opinions, event information, and resources related to evangelical faith and community life. The site is well-branded and consistent with its religious mission, providing quality content authored by recognized contributors within the community. Technically, the site is built on Joomla CMS with modern frameworks like Bootstrap and uses Google Analytics for traffic monitoring. While HTTPS is enabled, the site lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. No direct contact emails or phone numbers are found on the analyzed page, which may affect user trust and compliance. The WHOIS data is privacy protected, which is common and justified for this type of non-profit religious media entity. Overall, the site is professional, trustworthy, and safe for general audiences.

S

STTA Consulting – Africa Sustainable Tourism Space

sttakenya.org

48

The website represents an organization likely operating in a community or non-profit sector, as indicated by the domain and content structure. The site is built on WordPress using Elementor and several plugins to enhance functionality, including Instagram feeds and quiz/survey makers. The technical infrastructure is moderate, with basic mobile optimization and standard CMS usage. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, which could be improved. The absence of privacy, cookie, and terms of service policies indicates a gap in compliance and user trust mechanisms. Overall, the site appears legitimate but underdeveloped in terms of content richness and security maturity.

R

Roundtable Human Rights in Tourism

humanrights-in-tourism.net

48

The Roundtable Human Rights in Tourism is a well-established non-profit association based in Germany, focused on promoting human rights within the tourism industry. It serves as a multi-stakeholder platform offering networking, training, impact assessments, and knowledge sharing to tourism companies and related stakeholders. The organization is recognized for its credibility and international reach, supporting companies in implementing human rights due diligence aligned with UN guidelines. Technically, the website is built on Drupal 10, uses Matomo for analytics, and incorporates modern front-end libraries, providing a good user experience with mobile optimization and accessibility. Security posture is solid with HTTPS enforced, though some security headers are missing and privacy compliance could be improved by adding explicit policies and consent mechanisms. The domain WHOIS data is missing or inaccessible, which is unusual and slightly reduces trust, but the professional content and clear contact information support legitimacy. Overall, the website is professional, content-rich, and trustworthy, serving an important role in the human rights and tourism sector.

R

Rheinhessischer Turnerbund e.V.

rhtb.de

45

Rheinhessischer Turnerbund e.V. is a regional non-profit sports association based in Germany, specializing in gymnastics, fitness, health, and educational services for sports clubs and communities in the Rheinhessen region. The website serves as a comprehensive portal for event information, educational programs, and club services, targeting sports enthusiasts, families, and regional sports organizations. The organization maintains a consistent brand presence and partners with several regional sponsors and service providers. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and third-party services such as SiteSearch360 for search functionality and CookieConsent2 for privacy compliance. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie banner, aligning with GDPR requirements. Overall, the website presents a professional and trustworthy digital presence for the Rheinhessischer Turnerbund e.V., with recommendations to enhance security headers and incident response transparency to further strengthen its security posture.

A

auto-rennsport.de

auto-rennsport.de

45

auto-rennsport.de is a specialized German online media publication focused on national motorsport news, event coverage, and related content. The website targets motorsport enthusiasts primarily in Germany and German-speaking regions, offering news articles, photo galleries, and an online shop. The business operates as a small media outlet with a niche focus, founded around 2020. Technically, the site is built on WordPress with popular plugins such as Yoast SEO and WPBakery Page Builder, hosted on German servers (kasserver.com). The site demonstrates good SEO practices, mobile optimization, and basic accessibility. Security posture is moderate, with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and a formal security policy or vulnerability disclosure. No WAF or blocking mechanisms were detected, and the site content is safe for general audiences with no adult or questionable material. WHOIS data is minimal but consistent with the business profile, showing no suspicious patterns. Overall, the website is professional, trustworthy, and compliant with GDPR, though improvements in security headers and transparency could enhance its posture.

F

FRICKE Transporte GmbH

fricke-transporte.de

47

FRICKE Transporte GmbH is a family-owned logistics and transport company based in Germany, operating in its fourth generation. The company offers a range of services including freight forwarding, vehicle washing, vehicle workshop services, and vehicle inspections. Their market position is that of a trusted local and international logistics provider with a focus on reliable and tailored transport solutions. The website is built on WordPress with Elementor and integrates a modern cookie consent mechanism via Usercentrics, reflecting a moderate level of digital maturity. The technical infrastructure is solid with HTTPS enforced and a clean, professional design that supports good user experience and mobile optimization. Security posture is generally strong with no visible vulnerabilities or exposed sensitive data, although the absence of security headers and a security policy page suggests room for improvement. Overall, the website is trustworthy and compliant with GDPR, with clear contact information and social media presence enhancing credibility.

C

Crew Knüttel Motorsport GmbH & Co.KG

reifen-knuettel.de

47

Crew Knüttel Motorsport GmbH & Co.KG is a specialized motorsport company based in Germany, established in 1984, providing racing tire services and support for various motorsport disciplines. The company maintains a professional online presence with a well-structured website offering detailed information about their services, team, and contact points. Their market position is that of a traditional, niche service provider in the motorsport sector, targeting racing teams and motorsport enthusiasts. Technically, the website employs modern web technologies including JavaScript libraries like Splide.js and jQuery, and is optimized for mobile devices with responsive design elements. However, there is room for improvement in accessibility and performance optimization. Security-wise, the site uses HTTPS but lacks visible security headers and formal security policies, which could be enhanced to improve trust and compliance. Privacy compliance is partially addressed with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could benefit from stronger security and privacy features.

I

ISA-RACING

isa-racing.de

49

ISA-Racing is a German-based e-commerce retailer specializing in motorsport accessories and equipment, boasting over 45 years of experience in the motorsport industry. The website offers a broad catalog of more than 25,000 products from top brands, targeting motorsport enthusiasts, racing teams, and automotive professionals. The business model focuses on direct online sales complemented by personal consultation and a service hotline, positioning ISA-Racing as a trusted niche player in the motorsport retail sector. Technically, the website is built on a modern e-commerce platform, likely Shopware 6, utilizing contemporary JavaScript libraries such as jQuery and Bootstrap for responsive design. It integrates Usercentrics for cookie consent management and Trusted Shops for customer trust signals. The site is mobile-optimized and provides a good user experience with clear navigation and professional design, although SEO and accessibility features are basic. From a security perspective, the site enforces HTTPS and employs consent management, but lacks visible security headers like Content-Security-Policy and HSTS, which are recommended for enhanced protection. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy or terms of service pages found. Overall, the website presents a professional and trustworthy front for its business, but the absence of WHOIS registrant data and privacy policy pages slightly reduces its credibility. Strategic improvements in security headers, privacy documentation, and WHOIS transparency would strengthen its risk posture and trustworthiness.

V

VENRO – Verband Entwicklungspolitik und Humanitäre Hilfe deutscher Nichtregierungsorganisationen e.V.

venro.org

48

VENRO is a well-established German non-profit umbrella organization representing approximately 150 development and humanitarian NGOs. The website reflects a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. It provides extensive information on its advocacy, member services, publications, and events, targeting NGOs, policymakers, and the interested public. The organization maintains a strong market position within the German development sector, supported by long domain tenure and clear branding. Technically, the site is well-structured, mobile-optimized, and integrates privacy-compliant analytics and consent management tools. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly observed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

W

WEVO-CHEMIE GmbH

wevo-chemie.de

44

WEVO-CHEMIE GmbH is a German-based manufacturer specializing in high-quality casting compounds, adhesives, and sealants serving multiple industrial sectors such as automotive, energy, and infrastructure. With over 80 years of experience and a presence in more than 50 export countries, the company operates as a medium-sized enterprise under the parent company Dr. Neidlinger Holding GmbH. Their product portfolio includes polyurethane, epoxy, and silicone systems tailored for diverse applications. The website reflects a professional and consistent brand image with clear navigation and multilingual support for global markets. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries like jQuery and Slick Slider, providing a responsive and user-friendly experience. Analytics are implemented via etracker, though no explicit cookie consent mechanism was detected. The site uses HTTPS with good SSL configuration but lacks some security headers and published incident response policies. From a security perspective, the site demonstrates good practices such as secure forms and no visible vulnerabilities or exposed sensitive data. However, improvements are recommended in cookie consent compliance, security header implementation, and transparency around incident response. The WHOIS data aligns well with the website's claims, showing consistent domain registration and legitimacy. Overall, WEVO-CHEMIE GmbH's website is a solid representation of a reputable industrial manufacturer with room for enhancement in privacy compliance and security transparency to further strengthen trust and regulatory adherence.

K

KOVOS

kovos.ch

49

KOVOS is a Swiss non-profit organization representing Catholic religious communities, providing information and support for vocations, retreats, and monastic hospitality. The website serves as an informational platform targeting religious individuals and communities in Switzerland. Technically, the site is built on TYPO3 CMS with modern web technologies and includes tracking via Google Analytics and Tag Manager. The site is mobile-optimized and well-structured, though some accessibility features could be improved. Security posture is adequate with HTTPS and nonce usage but lacks visible security headers and published security or privacy policies. No forms or social media links were detected, limiting direct user engagement channels. Overall, the domain registration aligns well with the organization's identity, indicating legitimacy and trustworthiness.

The website rkz.ch currently serves a 404 error page indicating that the site configuration is missing or the site is not accessible. The page is generated by TYPO3 CMS, but no actual business content, contact information, or policies are present. This severely limits the ability to assess the business operations, market position, or services offered. Technically, the site lacks visible security headers, privacy policies, or any tracking or analytics technologies. The absence of content and policies suggests the site is either under construction, misconfigured, or abandoned. From a security perspective, no WAF or security challenge mechanisms are detected, but the lack of HTTPS information and security headers is a concern. No vulnerabilities or incident response information is available. The site does not provide any privacy or cookie consent mechanisms, which would be required for GDPR compliance if it were operational. Overall, the site is currently non-functional and does not provide any meaningful business or security information. This represents a high risk for trust and credibility, and the site should be remediated to provide proper content, security, and compliance information. Strategic recommendations include restoring the website content, implementing HTTPS and security headers, publishing privacy and cookie policies, and providing clear contact and business information to improve trust and compliance.

S

Schweizer Bischofskonferenz

bischoefe.ch

48

The Schweizer Bischofskonferenz website serves as the official digital presence of the Swiss Bishops' Conference, providing comprehensive information about the Catholic Church's activities, leadership, and ethical services in Switzerland. The site targets church members, religious communities, and the general public interested in ecclesiastical matters. It offers news, documents, and partner links, positioning itself as a trusted non-profit religious institution with a medium organizational size. Technically, the website is built on WordPress 6.6.2, leveraging common plugins such as Contact Form 7 and Bootstrap for responsive design. The infrastructure supports moderate performance and good mobile optimization, with Google Tag Manager integrated for analytics. However, some accessibility features are basic, and SEO practices are adequately implemented. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. Nonetheless, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. No vulnerability disclosures or incident response contacts are provided, indicating room for improvement in transparency and security readiness. Overall, the website is professional, trustworthy, and content-rich, but it would benefit from enhanced privacy compliance measures and security best practices to strengthen user trust and regulatory adherence.

R

Randi A/S

randi.dk

46

Randi A/S is a Danish manufacturer specializing in high-quality architectural hardware products such as door handles, building fittings, and sanitary equipment. With a history dating back to 1878 and as a member of the ECO Schulte Group, the company positions itself as a reputable player in the Nordic manufacturing sector, collaborating with renowned architects and designers. The website reflects this professional image with a modern WordPress-based infrastructure, including WooCommerce for e-commerce capabilities and Elementor for design. The site is well-structured, mobile-optimized, and includes multimedia content to engage visitors. Security-wise, the site uses HTTPS and a cookie consent mechanism compliant with GDPR principles, but lacks visible security headers and a published privacy policy, which are areas for improvement. The absence of WHOIS data limits domain trust verification, but the overall digital presence suggests a legitimate and established business. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and improving contact transparency to strengthen trust and compliance.

M

MHZ Hachtel S.à r.l.

mhz.lu

49

MHZ Hachtel S.à r.l. operates a professional website focused on custom-made sun protection products including Plissees, Wabenplissees, Rollos, Jalousien, Markisen, and insect protection solutions. The company targets architects, dealers, and end customers primarily in Luxembourg and the Benelux region, offering a digital configurator and dealer portal to enhance customer engagement. The website is built on TYPO3 CMS with modern styling and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response information are absent. WHOIS data is unavailable, limiting domain trust assessment, but the website's professional design and content suggest legitimacy. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations, supporting MHZ's market position as a reputable regional manufacturer and retailer of sun protection products.

The website hymans-digital.co.uk is currently inaccessible due to a Cloudflare 523 error indicating that the origin web server is unreachable. This prevents access to any substantive content or business information. The domain is registered with Easyspace Ltd since 2021, which aligns with a relatively new digital business, but no further company details or contact information are available on the landing page. The technical infrastructure relies on Cloudflare as a CDN and security provider, but the origin server connectivity issue severely impacts availability and user experience. Security posture is weak due to lack of visible security headers and absence of HTTPS confirmation. Privacy and compliance policies are not present, and no forms or data collection mechanisms are detected. Overall, the site is currently non-functional and lacks trust and credibility indicators.

N

Nationale Dienststelle Missbrauch im kirchlichen Kontext

missbrauch-kath-info.ch

49

The website www.missbrauch-kath-info.ch serves as a dedicated platform for the scientific research and transparent processing of sexual abuse cases within the Catholic Church in Switzerland. It is a non-profit initiative backed by major Swiss Catholic organizations such as the Schweizer Bischofskonferenz (SBK), Römisch-Katholische Zentralkonferenz (RKZ), and Katholische Ordensgemeinschaften der Schweiz (KOVOS). The site provides information on ongoing research projects, church measures, support for victims, and updates on the state of processing abuse cases. The target audience includes victims, church authorities, researchers, and the general public interested in this sensitive topic. The business model is non-commercial, focusing on social responsibility and transparency.

A

APOMEDICA Pharmazeutische Produkte

magnesium-sport.at

45

The website magnesium-sport.at represents APOMEDICA Pharmazeutische Produkte's brand Dr. Böhm® Magnesium Sport®, specializing in mineral supplements tailored for sports and active lifestyles. The site targets athletes and fitness enthusiasts in Austria, emphasizing product quality, doping-free certification, and exclusive pharmacy distribution. The business holds a solid niche position in the healthcare supplement market with a focus on magnesium and potassium products that support muscle function and recovery. Technically, the website is built on WordPress with the Avada theme and uses common plugins such as Revolution Slider and Google Tag Manager. The site is mobile-optimized, SEO-friendly, and delivers moderate performance. Security posture is adequate with HTTPS enforced but lacks some advanced security headers and uses an older jQuery version, which could be improved. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. The site integrates social media channels and maintains trust through doping-free certifications and transparent product information. Overall, the website is professional, trustworthy, and well-suited for its target audience, though security enhancements and explicit incident response policies could further strengthen its posture.

O

Home | OeGHO

oegho.at

47

The website www.oegho.at represents a professional organization likely related to the medical or scientific community in Austria, as indicated by the site title 'OeGHO' and the use of TYPO3 CMS. The site uses modern frontend technologies such as Bootstrap 4.3.1 and is structured with responsive design principles, providing a good user experience and navigation clarity. However, the lack of visible privacy, cookie, and terms of service policies indicates incomplete compliance with modern privacy standards. The absence of contact information and security headers suggests room for improvement in transparency and security posture. WHOIS data could not be retrieved due to quota limits on the NIC.AT WHOIS server, limiting the ability to fully verify domain legitimacy. Overall, the site appears legitimate and safe but would benefit from enhanced privacy and security measures.

E

Elektro Lichtin AG

elektrolichtin.ch

48

Elektro Lichtin AG is a small regional electrical services company based in Möhlin, Switzerland, specializing in electrical installations, lighting, safety systems, network infrastructure, and household appliances. The website is primarily in German and targets local customers seeking professional electrical services. The business model focuses on service provision with a clear physical presence and contact information. The company maintains a moderate market position as a trusted local provider. Technically, the website uses standard HTML5 and CSS with JavaScript enhancements, including Google Analytics with IP anonymization and a cookie consent banner, indicating basic digital maturity and privacy awareness. The site is moderately optimized for mobile and accessibility but lacks advanced frameworks or CMS indications. Performance is moderate with no critical errors detected. From a security perspective, the site uses HTTPS (assumed from external Google Analytics scripts loaded over HTTPS), but no explicit security headers were detected in the provided data. The presence of cookie consent and anonymized analytics is positive, but the absence of published security policies or incident response information suggests room for improvement. No vulnerabilities or suspicious content were found. Overall, the website is professional, trustworthy, and safe for general audiences. The risk level is low, but strategic improvements in security headers, incident response transparency, and privacy policy detail would enhance compliance and trust.

The Ehemaligenverein Jungwacht Therwil is a small Swiss non-profit organization dedicated to connecting former leaders and members of the Jungwacht Therwil youth group. The website serves as an informational portal to promote membership, share memories, and provide access to a summer camp archive. The organization is community-focused with a clear founding date and transparent contact information via email. Technically, the website is simple, built with basic HTML and CSS, and integrates Facebook social plugins for community engagement. However, it lacks advanced CMS, security headers, and privacy or cookie policies, indicating room for improvement in compliance and security. The security posture is basic with no visible vulnerabilities but missing standard security best practices. Overall, the site is safe, trustworthy, and serves its niche audience well but would benefit from enhanced privacy compliance and security hardening.

F

Freizeit- und Kulturzentrum Neue Schmiede

neue-schmiede.de

40

Neue Schmiede is a well-established non-profit leisure and cultural center located in Bethel, Bielefeld, Germany. It offers a broad range of inclusive services including gastronomy, cultural events, event spaces, leisure and travel programs, and employment opportunities for people with disabilities. The organization is affiliated with the v. Bodelschwinghsche Stiftungen Bethel, enhancing its credibility and community integration. The website reflects a strong commitment to accessibility and inclusion, supported by dedicated accessibility widgets and partnerships with recognized social organizations.

B

Bielefeld barrierefrei erleben!

bielefeld-barrierefrei.de

37

Bielefeld barrierefrei erleben! is a specialized non-profit website dedicated to providing comprehensive information about barrier-free and accessible locations in Bielefeld, Germany. The site targets individuals with mobility, visual, or hearing impairments, as well as the general public interested in accessibility. It offers detailed listings of buildings, rooms, and venues with accessibility features, supporting inclusive participation in cultural, educational, and recreational activities. The website is built on WordPress, leveraging common plugins and modern frontend libraries like Swiper.js, and is hosted on kasserver.com. It demonstrates good technical maturity with mobile optimization, accessibility features, and SEO best practices. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, though security headers are not explicitly detected. However, the site lacks published privacy and cookie policies, which impacts GDPR compliance and privacy posture. Contact information is not explicitly found, limiting direct communication channels. Overall, the site is trustworthy and professional but would benefit from enhanced privacy compliance and clearer contact details.

F

Familie Krug

krug.de

40

The website www.krug.de represents a personal or family homepage for the Krug family, primarily featuring a simple welcome message and contact information. The site lacks commercial or business-oriented content, focusing instead on providing basic information about the family. The technical infrastructure is modest, utilizing Bootstrap 4 and jQuery for frontend presentation, hosted on a domain managed via GoDaddy's nameservers. There is no evidence of advanced CMS or backend technologies, and the site does not employ analytics, advertising, or tracking tools, indicating a low level of digital maturity. From a security perspective, the website does not demonstrate strong security posture. There is no visible enforcement of HTTPS or presence of security headers, and no privacy or cookie policies are provided, which may raise compliance concerns under GDPR for European users. The contact information is clearly presented, but no incident response or vulnerability disclosure mechanisms are in place. The WHOIS data aligns with the website content, showing a registrant named Thomas Krug, consistent with the family theme, and no privacy protection is used. Overall, the website is safe and family-friendly, with no adult or questionable content detected. However, the lack of security best practices and privacy compliance measures suggests room for improvement. The site is suitable for its apparent purpose as a personal family page but would require significant enhancements to meet business or regulatory standards. Strategic recommendations include implementing HTTPS with proper security headers, adding privacy and cookie policies to comply with GDPR, and establishing basic security and incident response protocols to enhance trust and compliance.

JJ-CCR aps is a specialized Danish company manufacturing the JJ-CCR rebreather, a rugged and versatile diving apparatus designed for demanding environments such as wreck and cave diving. The company serves a niche market including military units, exploration teams, and professional divers worldwide. Their website reflects a professional and focused business with clear offerings in manufacturing, training, and service support. The company maintains a global network of instructors and service centers, emphasizing safety and reliability. Technically, the website is built on WordPress with WooCommerce, employing modern plugins and tools such as Google Analytics and reCAPTCHA to enhance user experience and security. The site is hosted by One.com and uses HTTPS, though DNSSEC is not enabled. Security posture is solid but could be improved with additional headers and published policies. Privacy and cookie policies are present with consent mechanisms, indicating compliance with GDPR. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

K

Kommunales Integrationszentrum Bielefeld

ki-bielefeld.de

40

Kommunales Integrationszentrum Bielefeld is a government-affiliated integration center serving the city of Bielefeld, Germany. It provides a broad range of services including integration support, educational counseling, anti-discrimination initiatives, and community event organization. The website reflects a strong local government presence with official branding and funding from regional ministries. The target audience includes migrants, refugees, local families, and educational institutions. The business model is public service oriented, funded by government bodies, and focused on social inclusion and integration. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, enhanced by accessibility features and mobile optimization. It uses custom analytics and complies with GDPR through cookie consent mechanisms. Hosting is provided by a German hosting provider consistent with the domain's nameservers. Performance is moderate with good SEO and structured data implementation. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, some security headers are not explicitly detected and there is no public security policy or incident response information. Privacy compliance is strong with clear privacy and cookie policies. Business credibility is high due to official contact information, government logos, and consistent branding. Overall, the website is trustworthy, professional, and well-maintained, serving its public service mission effectively. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further improve trust and security posture.

W

Wirtschaftsentwicklungsgesellschaft Bielefeld mbH

das-kommt-aus-bielefeld.de

45

Das kommt aus Bielefeld is a regional business network platform operated under the Wirtschaftsentwicklungsgesellschaft Bielefeld mbH, focused on connecting local companies, fostering knowledge exchange, and promoting the strengths of the Bielefeld economy. The website offers rich multimedia content, including videos, testimonials, and a magazine, targeting local businesses, professionals, students, and startups. The business model centers on networking, visibility, and collaborative growth within the regional economy. Technically, the website is built on WordPress with modern plugins and libraries such as jQuery, Bootstrap, and Borlabs Cookie for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Performance is moderate, with room for optimization. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact is noted as an area for improvement. Overall, the domain registration and DNS setup appear legitimate and consistent with the business's regional focus. The overall risk assessment is low, with recommendations to enhance security headers, publish incident response information, and consider a vulnerability disclosure policy to further strengthen trust and compliance.

I

InnovateNow Bielefeld

innovatenow-bielefeld.de

43

InnovateNow Bielefeld is a local government-backed innovation program focused on developing and implementing digital solutions to enhance the inner city and old town of Bielefeld. The program engages a broad audience including citizens, students, tech enthusiasts, and companies to collaboratively improve urban life quality through digital transformation. The website is built on WordPress using Elementor and integrates modern tracking and marketing tools such as Google Analytics and Meta Pixel, although it lacks a cookie consent mechanism. Security posture is adequate with HTTPS enforced but could be improved by adding security headers and incident response policies. Contact information is limited to an email address for the project manager, with no phone or physical address explicitly provided. Overall, the website is professional, content-rich, and trustworthy, serving as an effective platform for the InnovateNow initiative.

The website standortportal-bielefeld.de serves as a specialized commercial real estate portal for the Bielefeld region in Germany, operated by WEGE Wirtschaftsförderung für Bielefeld GmbH. It provides comprehensive listings and information on commercial properties and land for businesses seeking office, retail, industrial, or other commercial spaces. The platform also supports property owners, brokers, and project developers with listing and networking services. The site is professionally designed with a clear focus on its target audience of businesses and real estate stakeholders in Bielefeld. Technically, the website employs modern JavaScript frameworks including Chakra UI and OpenLayers for mapping functionalities, with custom fonts enhancing branding. Hosting is managed via rzone.de, and the site demonstrates moderate performance and good mobile optimization. SEO practices are adequately implemented, though accessibility is basic. No major technical red flags were detected in the provided HTML content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML. However, it lacks visible security headers and explicit security or incident response policies. No cookie consent mechanism was found, which is a GDPR compliance gap. The absence of direct contact emails or phone numbers reduces transparency somewhat. No vulnerabilities or malicious content were detected. Overall, the website is a trustworthy and professional portal for commercial real estate in Bielefeld, with room for improvement in security best practices and privacy compliance. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

A

ALSO Schweiz AG

product-finishing.ch

48

ALSO Schweiz AG operates the Product Finishing website offering value-added IT hardware services such as staging, labeling, bundling, unpacking, and inventorying. The company targets business customers who require efficient hardware preparation services to focus on their core operations. The website is professionally designed with clear service descriptions, video content, and multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins including Yoast SEO and Complianz for GDPR compliance, and integrates Google Analytics and reCAPTCHA for analytics and security. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. The domain registration aligns well with the business identity, enhancing trustworthiness. Overall, the website demonstrates a solid business and technical foundation with good privacy and security practices.

B

Berufskolleg für Gymnastik Bielefeld

berufskolleg-gymnastik.de

43

Berufskolleg für Gymnastik Bielefeld is a private vocational school in North Rhine-Westphalia, Germany, specializing in gymnastics education with state recognition as an Ersatzschule. The website serves prospective and current students by providing information about training programs, school details, and news updates. The institution occupies a niche market in vocational education with a clear focus on gymnastics. Technically, the website is built on WordPress 6.8.3, employing standard web technologies and plugins for spam protection and cryptography. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. Security posture is solid with HTTPS enforced and spam protection in place, though it lacks some security headers and formal security policies. No cookie consent mechanism was detected, which may affect GDPR compliance. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

The website verkehr.amstools.de is a login portal primarily serving registered users or employees, likely related to transportation services or tools. The site is powered by TYPO3 CMS version 4.5, indicating an older technology stack. The content is minimal, focused solely on user authentication without any public-facing business information or marketing content. The lack of privacy, cookie, or terms of service policies suggests limited compliance with modern data protection standards. Technically, the site uses basic CSS and JavaScript with no detected advanced frameworks or analytics tools. Security posture is limited due to absence of security headers and unknown SSL status, though the login form uses password fields appropriately. The domain uses proxy name servers, which may reduce transparency but no overt suspicious patterns were found. Overall, the site appears to be an internal or restricted access platform with basic technical implementation and limited public information.

R

Rathscheck Schiefer

rathscheck.de

48

Rathscheck Schiefer is a well-established German manufacturer specializing in premium quality slate products for roofing, facades, and decorative purposes. Founded in 1793 and now part of Wilh. Werhahn KG, the company holds a leading market position in the slate manufacturing sector. Their website offers comprehensive product information, digital tools such as configurators and project finders, and extensive company background, targeting architects, construction professionals, and discerning homeowners. The site is professionally designed, multilingual, and optimized for SEO and mobile devices. Technically, the website is built on WordPress with Elementor and Yoast SEO, incorporating modern JavaScript libraries like Vue.js and Swiper.js. It employs hCaptcha for form security and CookieFirst for consent management, alongside eTracker analytics. The site demonstrates good performance, accessibility, and security practices, including HTTPS and form protection, though some security headers could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. However, no explicit security policy or incident response contacts are published. WHOIS data is minimal but consistent with the business claims, supporting legitimacy. Overall, the website reflects a mature digital presence with strong business credibility and security awareness, suitable for its industry and audience.

M

MHZ Hachtel GmbH & Co. KG

mhz.de

49

MHZ Hachtel GmbH & Co. KG is a well-established German manufacturer specializing in custom-made sun, privacy, and insect protection products such as pleated blinds, honeycomb blinds, roller blinds, and awnings. The company targets consumers, architects, and dealers, offering a comprehensive product configurator and dealer portal to enhance customer engagement and sales. Their market position is strong within Europe, supported by subsidiaries in Luxembourg and Switzerland. The website reflects a mature digital presence built on TYPO3 CMS, with good mobile optimization and accessibility. Security posture is robust with HTTPS, security headers, and consent management implemented, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.