Security Directory

Stiftung Behindertensport Lenzerheide is a small Swiss non-profit foundation dedicated to supporting and promoting disabled sports in the Lenzerheide holiday region. The foundation organizes sporting and social events for people with disabilities and maintains a partnership with PluSport Behindertensport Schweiz, a national umbrella organization for disabled sports. The website is built on the Jimdo Creator CMS platform, hosted by Jimdo, and presents content primarily in German. It features a clean design with clear navigation and mobile responsiveness, though it lacks some compliance documents such as a privacy policy and terms of service. Security posture is moderate with HTTPS enforced and cookie consent implemented, but missing security headers and explicit contact information reduce the overall security and compliance score. The website content is safe and appropriate for a general audience, with no adult or questionable material detected.

S

Stiftung Denk an mich

denkanmich.ch

62

Stiftung Denk an mich is a Swiss non-profit organization dedicated to supporting people with disabilities by providing financial assistance for holidays and leisure activities. The foundation fills a social gap by enabling those who cannot afford recreational time to enjoy improved quality of life. The website reflects a focused mission with clear messaging, targeting individuals with disabilities and their supporters within Switzerland. The organization maintains a credible market position as a niche non-profit with recognized certifications such as ZEWO. Technically, the website is built on modern frameworks including Vue.js and Nuxt.js, with integrations for analytics and media content. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility features could be enhanced. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, but lacks a public security policy or vulnerability disclosure. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable digital presence for the foundation.

B

Beisheim Stiftung

beisheim-stiftung.com

62

Beisheim Stiftung is a non-profit foundation operating primarily in Germany and Switzerland, providing funding and support for various projects. The website serves as an informational portal offering downloadable resources such as funding criteria and application guidelines. The foundation targets applicants and partners interested in its funding programs. Technically, the website is built using the Nuxt.js framework and integrates Cookiebot for cookie consent management, ensuring compliance with privacy regulations. The site employs HTTPS and uses Piwik Analytics for visitor statistics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks visible security headers and explicit security policies. The absence of WHOIS data and contact information slightly reduces trustworthiness. Overall, the website is professional and functional but could improve transparency and security documentation.

P

PING PLD

pingpld.com

56

PING PLD operates as a niche golf equipment brand specializing in PLD putters, which are currently restricted in availability by region as indicated on the analyzed page. The website serves primarily as an informational and redirect page to the parent brand PING's main site. The technical infrastructure is modern, leveraging React and Next.js frameworks with Material-UI for styling, indicating a contemporary digital maturity level. However, the content on this particular page is minimal, focused on access restriction messaging without additional business or contact information. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal with cookie consent implemented but no visible privacy or terms policies. Overall, the site is legitimate and consistent with the business domain registration and branding but would benefit from enhanced security and compliance documentation.

LAFRENTZ Baugesellschaft mbH is a specialized construction company based in Hannover, Germany, focusing on park deck renovation, building waterproofing, flood protection, and road marking services. The company targets commercial, public, and private clients with comprehensive services from planning to maintenance. Their market position is that of a niche specialist in construction waterproofing and related services within Germany. The website is professionally designed, mobile-optimized, and provides clear navigation and detailed service descriptions, supporting their business credibility. Technically, the site is built on the 1&1 IONOS Website Editor platform, using modern JavaScript libraries and CDN services, with moderate performance and basic accessibility features. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is weak due to the absence of a privacy policy and terms of service pages, though a cookie consent mechanism is present. Contact information is limited to a phone number with no email or social media links. WHOIS data lacks detailed registrant information, slightly reducing trust but not contradicting the business claims. Overall, the website is a good representation of a small specialized construction business with room for improvement in privacy and security transparency.

Ü

ÜSTRA

uestra.de

62

ÜSTRA operates as a regional public transportation provider in Hannover, Germany, offering bus and tram services along with timetable and ticketing information. The website is built on TYPO3 CMS and integrates specialized public transport widgets, reflecting a mature digital infrastructure. The site is well-designed, mobile-optimized, and provides a good user experience for its target audience of local commuters and visitors. Security posture is adequate with HTTPS and nonce usage, but lacks explicit security headers and published security policies. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the domain registration and WHOIS data align with the business claims, indicating legitimacy and trustworthiness.

D

DB SCHENKER

dbschenker.de

67

DB SCHENKER is a global leader in logistics, transport, and supply chain management, offering a broad range of services including digital services, land, air, and sea transport, contract logistics, packaging systems, and customs services. The company recently merged with DSV, enhancing its market position as a worldwide leading logistics provider. The website reflects a mature, enterprise-level business with a strong focus on professional service delivery and sustainability. Technically, the website employs modern JavaScript frameworks and integrates with Adobe Experience Platform and other marketing and analytics tools, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement and Content-Security-Policy headers, though additional headers and a security.txt file could improve security transparency. Overall, the site is well-designed, mobile-optimized, and provides comprehensive business and career information, supporting a high trustworthiness rating.

D

Dextro Energy

dextro-energy.com

47

Dextro Energy is a well-established German company specializing in sports nutrition products, particularly dextrose-based energy supplements for endurance and fitness athletes. The company operates a professional e-commerce platform built on Shopify, offering a range of products alongside content such as a magazine and a sports team sponsorship. Their market position is solid with a history dating back to 2005, targeting primarily German-speaking customers interested in sports and fitness nutrition. The website demonstrates good branding consistency and trust signals including customer ratings and GDPR compliance. Technically, the site leverages modern Shopify infrastructure, integrates multiple marketing and analytics tools, and employs Cloudflare for security and performance. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and GDPR-compliant cookie consent mechanisms, although explicit security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site presents a trustworthy and professional digital presence aligned with its business goals.

The website www.rossmann.de is currently inaccessible beyond a security challenge page that verifies the browser before granting access. Rossmann is a well-known retail company operating primarily in Germany, specializing in consumer goods and drugstore products. The site content is blocked by a Web Application Firewall or similar security mechanism, preventing full content and policy analysis. The technical infrastructure shows use of JavaScript and strict Content-Security-Policy headers, with hosting likely managed via netnames.net nameservers. Security posture is moderate due to the presence of CSP but limited by lack of accessible content and policies. Overall, the site is protected but lacks publicly accessible privacy, cookie, or contact information in the analyzed content.

B

BWT

bwt.com

58

BWT is a large, established European company specializing in water treatment technologies and sustainable water solutions for various sectors including residential, hospitality, industry, pharma, and pools. Their website reflects a mature digital presence with comprehensive content, multimedia integration, and multi-language support. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and performance optimizations like Baqend SpeedKit, indicating a high level of digital maturity. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit incident response and vulnerability disclosure information are not publicly available. Overall, the site is professional, trustworthy, and well-optimized, but the lack of WHOIS data and direct contact details slightly reduce business credibility scores.

E

enercity AG

enercity.de

71

enercity AG is a large, established German energy provider with a history dating back to 1825. The company offers a broad portfolio of energy-related services including electricity, gas, solar solutions, heating, water supply, telecommunications, and electromobility. It serves a wide audience including private customers, businesses, and municipalities primarily in Germany, with a strong regional focus on Hannover. The website reflects a mature digital presence with modern technologies such as React and Next.js, and implements GDPR-compliant consent management. Multiple industry awards and high customer ratings reinforce its market position and trustworthiness. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, user-friendly, and compliant with privacy regulations, supporting enercity's reputation as a reliable energy partner.

The website sportscheck.com is a retail and event promotion platform focused on running events, specifically the SportScheck RUN Hannover 2025. It targets a general audience interested in sports and running, offering event participation options and related sports equipment. The site uses modern web technologies including React and various JavaScript tracking libraries, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies, as well as missing WHOIS registration data, suggests gaps in compliance and transparency. Security posture appears average with no explicit security headers detected in the provided data, and no evidence of vulnerabilities or exposed sensitive data. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

The Deutsche Stiftung für Engagement und Ehrenamt operates the DSEE Lernportal, a dedicated educational platform aimed at supporting volunteers and engaged individuals in non-profit organizations. The portal offers a variety of learning resources including courses, webinars, and video content focused on topics such as digitalization, financing, member recruitment, and organizational management. The platform is positioned as a trusted resource within the German volunteer sector, providing free access to educational materials and fostering community growth. Technically, the website is built on the Totara LMS platform, which is based on Moodle, utilizing modern JavaScript libraries such as YUI and jQuery, and includes accessibility and mobile optimization features. The infrastructure supports a good user experience with moderate performance and solid SEO practices. The site enforces HTTPS and employs secure session management, though it lacks some advanced security headers and a formal security policy page. From a security perspective, the site demonstrates a good posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. However, there is no explicit incident response or vulnerability disclosure information available. The domain registration aligns well with the organization's identity, enhancing trustworthiness. Overall, the DSEE Lernportal is a professionally maintained, secure, and privacy-conscious platform serving the non-profit volunteer community in Germany. Strategic improvements in security policy transparency and incident response readiness could further strengthen its security posture and user trust.

K

Kanzlei Dr. Peter Unmüßig

kanzlei-unmuessig.de

55

Kanzlei Dr. Peter Unmüßig is a small, regionally established German law firm specializing in traffic law, labor law, inheritance law, tenancy law, administrative offenses, insurance law, and civil law. The firm operates from a main office in Gundelfingen with multiple branch offices, and is a member of the Apraxa cooperative network of law firms. The website provides comprehensive legal service information, attorney biographies, and detailed privacy and legal disclaimers, targeting private clients and businesses seeking legal representation. Technically, the website uses legacy jQuery and standard HTML/CSS with moderate performance and basic mobile optimization. Security posture is moderate with no HTTPS or security headers explicitly confirmed, and an outdated jQuery version poses a potential risk. Privacy compliance is strong with a detailed GDPR-compliant privacy policy, though no cookie consent mechanism is present. Overall, the site is professional and trustworthy but would benefit from technical and security updates.

F

Funkhaus Freiburg

baden.fm

63

baden.fm is a regional media broadcaster serving Freiburg and the Südbaden region in Germany, offering radio streaming, news, event tips, and ticket sales. The website is professionally designed with consistent branding and targets local residents and listeners. Technically, the site uses a modern tech stack including WordPress CMS, JavaScript libraries such as Swiper.js and Video.js, and analytics tools like Matomo and Google Tag Manager. Security posture is adequate with HTTPS enforced and bot protection via hCaptcha, but lacks explicit security headers and documented security policies. Privacy compliance is weak due to missing privacy and cookie policies and absence of consent mechanisms. Overall, the site is trustworthy and legitimate, with domain registration data consistent with the business identity.

R

Robinson Club GmbH

robinson.com

63

Robinson Club GmbH operates a hospitality business focused on resort holidays catering to families, couples, and singles. Their offerings include sports, childcare, wellness, and entertainment events, positioning them as a well-established player in the holiday resort market primarily in Germany. The website is built on TYPO3 CMS with modern web technologies including PWA support and uses third-party marketing tools such as Optimizely for optimization and Gigya for user engagement. Social media presence is strong and verified, enhancing brand trust. From a technical perspective, the website demonstrates moderate to good performance with mobile optimization and SEO best practices. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms, which is a notable gap given GDPR requirements. WHOIS data is missing or unavailable, which reduces domain trustworthiness and raises questions about domain registration transparency. However, the website content and official social media links support legitimacy. Overall, the site is professionally designed and functional but requires improvements in privacy compliance and security transparency to enhance trust and regulatory adherence.

A

ats Elektronik GmbH

atsonline.de

48

ats Elektronik GmbH is a German technology company specializing in secure communication and safety technology solutions. Their website presents a professional image with detailed service offerings in areas such as 5G, TETRA, MOTOTRBO/DMR radio technology, security systems, system solutions for energy, transport, public safety, and military sectors, as well as research projects and training. The company targets security professionals and enterprises requiring advanced communication and safety solutions. The website is well-structured, multilingual (German and English), and includes comprehensive contact information and policies, reflecting a mature digital presence. Technically, the website uses a proprietary CMS (sethora.de Synapsis CMS), integrates modern JavaScript libraries including jQuery and MediaElement.js, and leverages Google Maps API for location services. Hosting is provided by Hetzner Online GmbH, a reputable German hosting provider. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequate with proper meta tags and structured navigation. Security posture is decent with HTTPS enforced and cookie consent implemented. However, no explicit security policy or incident response information is published, and security headers are absent. The WHOIS data shows an anomalous future domain creation date, which is likely an error but reduces trustworthiness. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is professional and trustworthy with minor security and compliance gaps. Strategic improvements in security transparency and WHOIS data accuracy are recommended to enhance credibility and risk posture.

Vereinshelden is a well-established non-profit organization focused on supporting volunteer engagement in sports within Niedersachsen, Germany. The website serves as a comprehensive platform offering funding, consulting, training, and recognition services to sports clubs and volunteers. It holds a strong regional market position supported by partnerships with key sports organizations and government entities. The digital infrastructure is based on WordPress with modern plugins and themes, ensuring good SEO, accessibility, and mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements in security headers and incident response policies are recommended. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

S

Stiftung Nationale Anti Doping Agentur Deutschland

gemeinsam-gegen-doping.de

39

GEMEINSAM GEGEN DOPING is a German government-supported non-profit network focused on anti-doping education and prevention in sports. It operates under the Stiftung Nationale Anti Doping Agentur Deutschland and collaborates with national and international partners such as NADA, WADA, and the German Olympic Sports Confederation. The website serves as an information hub offering workshops, e-learning, quizzes, and community engagement to promote clean sports. Technically, the site is built on TYPO3 CMS with modern JavaScript integrations, uses hCaptcha for form security, and employs Matomo for analytics with a strong emphasis on privacy compliance via Cookiebot. Security posture is solid with HTTPS and spam protection, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for accessibility and SEO.

The Meldestelle Sportmanipulation website serves as an official German government-related platform dedicated to combating manipulation in sports competitions and betting fraud. It provides a secure and anonymous whistleblower system, supported by a reputable law firm, to encourage fair play and integrity in sports. The site targets sports enthusiasts, athletes, and the general public interested in maintaining fairness in sports. The business model is a state-mandated reporting and advisory service, positioning itself as a trusted authority in the niche of sports integrity. Technically, the website is built using the Government Site Builder CMS, employs modern web standards including HTML5, CSS3, and JavaScript, and integrates Matomo for web analytics with a clear cookie consent mechanism. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good digital maturity. Hosting details are not explicit, but HTTPS is enforced, ensuring secure communications. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent with opt-out options. However, no explicit security headers were detected in the provided data, and there is no published security or incident response policy. No vulnerabilities or exposed sensitive data were found. The absence of a vulnerability disclosure policy or security.txt file suggests room for improvement in transparency and incident handling readiness. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear contact information and official branding. The WHOIS data is minimal but does not raise significant concerns given the governmental nature of the site. Recommendations include publishing formal security policies, adding security headers, and establishing a vulnerability disclosure mechanism to enhance security posture and user trust.

TuS Glarum is a local German sports club offering a wide range of sports and fitness activities for all age groups, including gymnastics, ball sports, dance, and rehabilitation programs. The website serves as an information portal for members and the local community, providing schedules, news, and contact details. The club maintains an active presence on social media platforms such as Facebook and Instagram, enhancing community engagement. Technically, the website is built on the Clansphere CMS platform, utilizing standard web technologies including HTML, CSS, and JavaScript. It employs legacy components such as FCKeditor and Ajax scripts. The site is hosted via INWX nameservers, indicating a German hosting provider. Performance and mobile optimization are moderate, with basic accessibility and SEO features implemented. From a security perspective, the website lacks visible security headers and modern security policies. The use of an outdated editor and absence of cookie consent mechanisms highlight areas for improvement. The email address is obfuscated to reduce spam, but no explicit incident response or security policy pages are present. The domain WHOIS data is consistent and transparent, supporting the legitimacy of the site. Overall, the website is functional and trustworthy for its community sports purpose but would benefit from enhanced security measures, privacy compliance improvements, and modernization of technical components to reduce risk and improve user trust.

J

Jazzcampus / Hochschule für Musik Basel

jazzcampus.com

64

Jazzcampus is an educational institution specializing in jazz music education located in Basel, Switzerland. It operates as part of the Hochschule für Musik Basel under the Fachhochschule Nordwestschweiz FHNW umbrella. The website presents a professional and comprehensive digital presence, offering detailed information about study programs, music courses, events, and affiliated organizations. The site is well-structured, mobile-optimized, and integrates multimedia content such as Vimeo videos to enhance user engagement. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though improvements in cookie consent and security headers are recommended. The absence of WHOIS data for the domain raises concerns about domain registration transparency, but the strong institutional affiliation and content quality support legitimacy. Overall, the site serves its educational mission effectively with a trustworthy and professional online presence.

M

Musikschule Basel

musikschule-basel.ch

65

Musikschule Basel is a well-established music education institution based in Basel, Switzerland, offering a wide range of musical education services including individual and group instrumental and vocal lessons, ensembles, choirs, and music projects for children, youth, and adults. The website reflects a strong market position as a competence center for musical education with a comprehensive offering and clear target audience. Technically, the website employs modern JavaScript and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policy and incident response information are not present. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its business purpose.

F

Filmexplorer

filmexplorer.ch

61

Filmexplorer is a Swiss non-profit association dedicated to providing a rich cultural media platform focused on film as an experiential art form rather than a commodity. The website offers curated film critiques, interviews, podcasts, and festival coverage, targeting film enthusiasts and cultural audiences primarily in Switzerland. The platform maintains a consistent and professional brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including Swiper.js for interactive sliders, a consent manager for GDPR-compliant cookie handling, and Google Analytics for visitor insights. The site is mobile-optimized and SEO-friendly, though no specific CMS or hosting provider details are evident. Performance is moderate with good accessibility features. From a security perspective, the site uses HTTPS with an effective cookie consent mechanism and email obfuscation to reduce spam. However, it lacks explicit security policies, incident response contacts, and terms of service pages. No critical vulnerabilities or suspicious content were detected, and WHOIS data confirms the legitimacy and consistency of the domain registration. Overall, Filmexplorer presents a trustworthy, well-maintained cultural media website with strong privacy compliance and a clear focus on its niche audience. Strategic improvements could include publishing security policies and incident response information to enhance transparency and trust.

M

Musik-Akademie Basel

musik-akademie.ch

11

Musik-Akademie Basel is a well-established educational institution specializing in musical education across all levels, including higher education, talent development, and cultural events. It holds a strong market position in Basel, Switzerland, with a history spanning over 150 years. The website reflects a professional and comprehensive digital presence, offering detailed information about courses, institutes, and events, targeting music students, educators, and cultural audiences. Technically, the site employs modern web technologies with good mobile optimization and accessibility, and integrates Google Tag Manager for analytics with user consent mechanisms. Security posture is solid with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates high trustworthiness and compliance with privacy regulations, making it a credible and reliable resource for its audience.

The website www.alinaguenter.ch is a professional portfolio site for an individual artist and illustrator based in Switzerland. It showcases various projects including illustrations, graphic design, book design, and exhibition design. The site targets art enthusiasts and potential clients in creative sectors. The business model is primarily service-based, focusing on creative commissions and client work. The website is built on WordPress using the Lay theme, indicating a moderate level of digital maturity with a focus on visual presentation and portfolio management. Mobile optimization is good, and the site loads with moderate performance. Security posture is basic with HTTPS enabled but lacks security headers and formal privacy or cookie policies, which are important for compliance and trust. No analytics or tracking scripts were detected, indicating minimal user tracking. Overall, the site is safe for general audiences and professionally presented but would benefit from enhanced privacy compliance and security best practices.

G

Gebäudeversicherung Bern

gvb.ch

65

Gebäudeversicherung Bern (GVB) is a well-established regional insurance provider specializing in obligatory building insurance for the Canton of Bern, Switzerland. With over 200 years of history, GVB offers comprehensive insurance products including obligatory building and construction period insurance, as well as voluntary insurance products through its subsidiaries. The website targets property owners and residents in Bern, providing detailed information on insurance services, claims, fire prevention, and natural hazard protection. The company maintains a strong market position as a trusted insurer in the region.

W

wemakeit Ltd

wemakeit.com

69

wemakeit Ltd operates a well-established crowdfunding platform specializing in creative projects such as art, music, literature, and innovative ideas. Founded in 2014 and based in Switzerland, the platform has facilitated over 7,900 successful projects with a strong community of over 720,000 members. The business model centers on enabling project creators to raise funds through community engagement and offers additional services such as crowdfunding consultancy and webinars. The platform maintains a consistent brand presence and leverages partnerships with various specialized channels to expand its reach. Technically, wemakeit employs a modern web stack including Ruby on Rails with Turbo (Hotwire) for dynamic content delivery, Cloudinary for image hosting, and Matomo Tag Manager for analytics. The website is well-optimized for mobile devices, accessible, and SEO-friendly, though performance is moderate. Hosting details are partially known, with domain registration through EuroDNS S.A. The platform uses HTTPS with valid SSL but lacks DNSSEC and some security headers, which are recommended for enhanced security. From a security perspective, the platform demonstrates good practices such as HTTPS enforcement and CSRF protection in forms. However, the absence of DNSSEC, security headers, and explicit incident response contacts indicates areas for improvement. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but the lack of a cookie consent mechanism is a notable gap given GDPR requirements. No critical vulnerabilities or adult content were detected, and the website is fully accessible without WAF blocking. Overall, wemakeit presents a trustworthy and professional crowdfunding platform with strong business credibility and a solid technical foundation. Strategic enhancements in security headers, DNSSEC, and privacy consent mechanisms would further strengthen its security posture and compliance standing.

The website garancianakupu.sk operates as a Slovak e-commerce purchase guarantee platform affiliated with Heureka Group a.s. It provides customers with assurances on purchases made through the Heureka Košík system, including money-back guarantees and support for order issues. The site targets Slovak online shoppers and certified e-shops, positioning itself as a trusted intermediary in the Slovak e-commerce market. The business model revolves around enhancing consumer confidence and supporting e-shops with certification and guarantee services. Technically, the website uses AngularJS for frontend rendering, includes Google Analytics for tracking, and employs modern HTML5 and CSS3 standards. The site is mobile-optimized and presents a professional design with clear navigation. However, it lacks advanced accessibility features and modern frameworks. No CMS or hosting provider details are evident from the content. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks visible security headers and published security or incident response policies. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. The domain WHOIS data is consistent and indicates a legitimate, established business presence since 2009. Overall, the website is functional, trustworthy, and professionally presented but would benefit from enhanced privacy compliance, security hardening, and transparency regarding data protection and incident response.

N

Nationale Naturlandschaften in Mecklenburg-Vorpommern

natur-mv.de

50

The website www.natur-mv.de serves as an official informational portal for the National Natural Landscapes in Mecklenburg-Vorpommern, Germany. It provides detailed information about various national parks, biosphere reserves, and nature parks in the region, targeting nature enthusiasts, tourists, and visitors interested in environmental conservation and outdoor activities. The site features event announcements, interactive maps, and educational content, positioning itself as a key regional resource for nature-related tourism and conservation awareness. Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs modern web technologies such as Leaflet.js for interactive maps and Swiper.js for image sliders. It integrates Matomo analytics with user consent mechanisms, ensuring compliance with privacy regulations. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site uses HTTPS and implements cookie consent banners, reflecting adherence to GDPR requirements. However, explicit security headers and a dedicated security policy or incident response contact are not evident. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the website's regional and governmental nature, supporting its legitimacy. Overall, the site maintains a solid security posture but could benefit from enhanced security header implementation and formal vulnerability disclosure policies. The overall risk assessment is low, with the website presenting a trustworthy, professional, and privacy-conscious platform. Strategic recommendations include adding security headers, publishing a security policy or incident response contact, and considering a vulnerability disclosure framework to further strengthen security and trust.

M

MGS Loib GmbH

mgs.de

10

MGS Loib GmbH is a medium-sized German retail company specializing in wholesale distribution of sheet music and related music products. The company operates multiple physical branches and serves music retailers and business partners. As of July 1, 2024, the wholesale operations are being transferred to music distribution services (mds) in Mainz, indicating a strategic business transition. The website is professionally designed using WordPress and the Kadence theme, providing a good user experience with clear navigation and relevant content primarily in German. Technical infrastructure includes modern web technologies and privacy-conscious analytics via Matomo. Security posture is adequate with HTTPS enforced, though improvements in security headers and explicit incident response policies are recommended. Privacy compliance is partially met with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is trustworthy and professional, reflecting a credible business presence in the music wholesale retail sector.

V

Vestre

vestrehabitats.no

59

Vestre Habitats is a professional website representing Vestre, a company focused on enhancing biodiversity in urban green spaces through innovative furniture design and vegetation interventions. The site targets urban planners and environmental designers, positioning itself as a niche leader in sustainable urban furniture. Technically, the website employs modern technologies including Craft CMS, Cookiebot for consent management, and Google Tag Manager for analytics, delivering a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and cookie consent mechanisms, though some security headers are missing and no explicit security policy or incident response contacts are published. The domain WHOIS data is unavailable, which slightly reduces trustworthiness, but the website content and branding are consistent and professional. Overall, the site demonstrates a mature digital presence with good privacy compliance and moderate user tracking.

V

Vestre

vestrehabitats.com

59

Vestre Habitats is a specialized initiative focused on enhancing biodiversity in urban environments through innovative furniture design and vegetation interventions. The website presents a professional and well-structured digital presence, targeting urban planners, environmentalists, and city authorities. The technical infrastructure leverages modern web technologies including Craft CMS, Cookiebot for privacy compliance, and Google Tag Manager for analytics, indicating a mature digital setup. Security posture is strong with HTTPS enforcement, appropriate security headers, and CSRF protections, though the absence of explicit security policies and incident response contacts suggests room for improvement. The lack of WHOIS data transparency is a concern for domain legitimacy, but the website content and compliance mechanisms support a generally trustworthy profile. Strategic recommendations include publishing comprehensive security and incident response policies, improving domain registration transparency, and enhancing contact availability to bolster business credibility and user trust.

V

Værsågod AS

vaersaagod.no

60

Værsågod AS is a small Norwegian digital agency specializing in modern, accessible website development. Founded in 2012, the company offers front-end and back-end development, creative coding, CMS solutions, and ongoing support and maintenance. Their client portfolio includes reputable Norwegian organizations, positioning them as a trusted boutique agency in the technology sector. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern web technologies and CDNs, ensuring fast performance and good accessibility. Security posture is solid with HTTPS enforced, though explicit security headers and privacy policies are absent, representing areas for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is reasonable for this business type. Overall, the website demonstrates high professionalism and trustworthiness with minor gaps in privacy compliance and security disclosures.

S

Sørby Utleie AS

sorbyutleie.no

57

Sørby Utleie AS is a well-established Norwegian company specializing in the rental of machinery and equipment primarily for construction, industrial, and private sectors. Founded in 2009, the company emphasizes quality, service, and sustainability, offering nationwide delivery and green solutions. Their digital presence is professional, featuring a modern, responsive website with integrated search and self-service rental options. The company maintains active social media profiles and demonstrates trustworthiness through certifications like Miljøfyrtårn and customer references. Technically, the website employs modern web technologies, including lazy loading, custom fonts, and a proprietary platform, ensuring good performance and accessibility. Security posture is solid with HTTPS and nonce-based script/style protection, though there is room for improvement in explicit security headers and incident response disclosures. Privacy compliance is adequate with clear privacy and cookie policies, but lacks a consent mechanism. Overall, the site reflects a mature business with a strong market position in equipment rental in Norway.

T

Talormade

talormade.no

56

Talormade is a specialty coffee roastery and bakery based in Oslo, Norway, established around 2018. The company offers freshly made bakery products and specialty coffee, including a subscription membership for regular coffee bean deliveries. Their market position is that of a local specialty retailer with a strong community presence and multiple physical locations. Technically, the website is built on Craft CMS, uses modern JavaScript, and integrates Google Analytics and reCAPTCHA for security and analytics. The site is well-designed, mobile-optimized, and uses HTTPS with appropriate security headers, indicating a good security posture. However, it lacks explicit privacy and cookie policies, as well as incident response and vulnerability disclosure information, which are important for compliance and trust. Overall, the website is professional and trustworthy but could improve privacy compliance and security transparency.

A

AS Vinmonopolet

vinmonopolet-aret-oppsummert.no

57

Vinmonopolet is a Norwegian government-owned retail monopoly responsible for the sale of alcoholic beverages. This website serves as a 2024 summary of their activities, focusing on responsible alcohol sales, sustainability, and corporate transparency. The site targets Norwegian consumers and stakeholders interested in Vinmonopolet's operations. Technically, the site uses modern web standards, custom fonts, and optimized images, delivering a fast and mobile-optimized experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is professional, trustworthy, and aligned with the official Vinmonopolet brand.

B

Bigadan A/S

bigadan.com

60

Bigadan A/S is a Denmark-based company specializing in the development, construction, operation, and ownership of modular biogas systems and circular energy ecosystems. With over 40 years of experience, the company serves industrial, agricultural, municipal, and energy consumer clients by providing end-to-end solutions including biomass sourcing, biogas plant construction, biomethane production, biogenic CO2 capture, and nutrient-rich fertilizer production. The website reflects a mature and professional business with a strong market position in the renewable energy sector. Technically, the website is well-implemented with modern technologies, fast performance, and excellent mobile optimization. Security posture is good with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear privacy and cookie policies, though no explicit consent mechanism is present. Contact is primarily via web forms, with no direct emails or phone numbers published. Overall, the site is trustworthy, professional, and aligned with industry standards.

S

Staysville

staysville.no

52

Staysville is a small hospitality business specializing in serviced hotel apartments located in central Stavanger, Norway. Founded in 2023, it offers modern, fully furnished apartments with hotel-like services for short and long-term stays. The website presents a professional and consistent brand image targeting tourists and business travelers seeking flexible accommodation options. The business model focuses on providing personalized services such as easy self check-in, laundry facilities, and fully equipped kitchens, positioning itself as a niche apartment hotel provider in the Stavanger market. Technically, the website uses modern web technologies including JavaScript, CSS, SVG graphics, Google Tag Manager for analytics, and Cookiebot for GDPR-compliant cookie consent management. The site is mobile-optimized with good SEO and accessibility basics, though some accessibility enhancements could be made. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident through a privacy policy and cookie consent mechanism, though terms of service and security policies are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. No WAF or content blocking was detected, allowing full content analysis.

Z

Zinc

zinc.no

57

Zinc is a Norwegian interior architecture firm specializing in creating functional, aesthetic, and identity-driven spaces primarily for commercial and institutional clients. They are part of the Dark Design Group, which includes sister companies Dark Arkitekter and Lark Landskap, indicating a multidisciplinary approach to design and architecture. Their portfolio includes projects for prominent clients such as Aker BP, KPMG, and Accenture, positioning them as a reputable player in the Norwegian interior architecture market. Technically, the website is built on modern web standards, likely using Craft CMS, with optimized images, lazy loading, and custom fonts. The site is mobile-optimized and accessible, with good SEO practices. Security-wise, the site uses HTTPS and includes CSRF tokens, but lacks some security headers and visible privacy or cookie policies, which are areas for improvement. The absence of WHOIS data is a notable concern, reducing the trustworthiness of the domain registration. However, the professional presentation, clear contact information, and social media presence mitigate some of these concerns. Overall, the website reflects a mature digital presence but would benefit from enhanced transparency regarding privacy and security policies.

P

Promenaden

promenaden.no

64

Promenaden is a website dedicated to promoting a vibrant and inspiring area in the heart of historic Oslo, Norway. The site targets a general audience interested in cultural and historical experiences. The business model appears to focus on area promotion and cultural engagement, positioning itself as a local attraction. The website demonstrates a good level of digital maturity with modern technologies such as Google Tag Manager and Cookiebot for analytics and consent management. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers and explicit security policies could enhance protection. Privacy compliance is well addressed through detailed cookie consent mechanisms and GDPR-aligned practices. However, the absence of WHOIS registrant data and explicit contact information slightly reduces business credibility. Overall, the site is trustworthy and professionally maintained, suitable for its promotional purpose.

F

FCC Products AS

fccproducts.no

53

FCC Products AS is a Norwegian company specializing in outdoor cooking and lifestyle products, including grills, pizza ovens, fire pits, furniture, and accessories. The website presents a professional and well-structured digital presence with rich content such as recipes, articles, and product information targeting consumers interested in enhancing their outdoor cooking experience. The company is positioned as a reputable brand in Norway with a clear focus on quality and customer engagement through social media and newsletters. Technically, the website uses modern JavaScript frameworks, Google Tag Manager for analytics, and Cookiebot for privacy compliance, hosted on a CDN for performance optimization. The site is mobile-optimized and accessible, providing a smooth user experience. Security posture is good with HTTPS enforced and cookie consent implemented, though there is room for improvement by adding security headers and explicit incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website's content and contact information support legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional online presence.

N

Norske Tog AS

norsketog.no

59

Norske Tog AS is a Norwegian state-owned enterprise responsible for procuring, owning, and managing passenger train vehicles in Norway. The company holds a key position in the national transportation sector, focusing on ensuring modern and efficient rolling stock for passenger rail services. Their website provides comprehensive information about their projects, train types, sustainability efforts, and investor relations, targeting both the general public and industry stakeholders. Technically, the website is well-implemented with modern JavaScript, SVG graphics, and privacy-focused analytics (Plausible). It is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and incident response information are absent. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site projects professionalism and trustworthiness, though the lack of WHOIS data from the Norid registry is a notable gap requiring verification. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

R

Røroshotellene

roroshotellene.no

53

Røroshotellene is a hospitality business operating in Røros, Norway, offering hotel accommodations, local dining experiences, event hosting, and family-friendly activities. The website positions the company as a regional hospitality provider with a focus on authentic local experiences and tailored events. The digital infrastructure is modern, leveraging JavaScript, CSS, and privacy-respecting analytics (Plausible). The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is good with HTTPS enforced and secure form handling, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and consistent business information support legitimacy. Overall, the site is well-suited for its target audience of tourists, business clients, and families seeking hospitality services in Røros.

A

Aspelin Eiendom

aspelineiendom.no

59

Aspelin Eiendom is a well-established Norwegian real estate company founded in 1977, specializing in complex urban development projects aimed at creating attractive city environments and spaces. The company holds a strong market position supported by numerous industry awards and a professional digital presence. Their website reflects a mature digital infrastructure with modern technologies, responsive design, and privacy-conscious analytics. Security posture is solid with HTTPS and no evident vulnerabilities, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which aligns with corporate best practices. Overall, the company demonstrates professionalism, trustworthiness, and compliance with privacy regulations.

W

Wellnesshotel Golfpanorama

golfpanorama.ch

67

Wellnesshotel Golfpanorama is a premium hospitality business located in Lipperswil, Switzerland, specializing in wellness, golf, and luxury accommodation services. The website presents a comprehensive range of offerings including hotel rooms, spa and wellness treatments, golf packages, restaurant services, and business seminar facilities. The business targets leisure travelers, wellness enthusiasts, and corporate clients, positioning itself as a 4-star superior hotel in the Bodensee region. The site is professionally designed with multilingual support and strong branding consistency. Technically, the website employs modern JavaScript libraries, Google Tag Manager, Cookiebot for consent management, and integrates third-party booking and chat services. The CMS appears to be Kirby, supporting a well-structured and responsive design optimized for mobile devices. SEO and accessibility features are well implemented, contributing to a positive user experience. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with clear privacy and cookie policies and GDPR consent mechanisms. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with a solid security posture and effective business presentation. Strategic improvements in security headers and incident response disclosures could further enhance the security maturity and trustworthiness of the site.

D

dialoop GmbH

dialoop.de

56

dialoop GmbH is a specialized technology service provider based in Germany, offering a broad range of digital communication solutions including web development, email marketing, mobile applications, customer loyalty management, and user experience design. The company positions itself as an experienced partner with over two decades of market presence, serving both enterprises and agencies with tailored digital services. Their website reflects a professional and consistent brand image, supported by detailed client references and comprehensive service descriptions. Technically, the website employs a modern technology stack including PHP frameworks (Symfony, Laravel), JavaScript frameworks, and CMS platforms like TYPO3 and WordPress. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. Security measures include HTTPS enforcement, CSRF tokens, and captcha on forms, but lack some HTTP security headers and cookie consent mechanisms. From a security perspective, the site demonstrates good practices with secure form handling and no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure reduces transparency. WHOIS data is limited due to DENIC privacy policies but shows consistent DNS management aligned with the brand. Overall, dialoop GmbH presents a trustworthy and professional digital presence with solid technical and security foundations. Strategic improvements in privacy compliance and security transparency would further enhance their risk posture and client trust.

S

Swiss Quality Hotels

swissqualityhotels.com

52

Swiss Quality Hotels is a hospitality-focused business specializing in curated hotel listings and bookings within Switzerland. Established in 2003, the company targets travelers seeking high-quality accommodations including city, mountain, and lake hotels. The website is multilingual, professionally designed, and optimized for mobile users, reflecting a mature digital presence. Technically, it is built on WordPress with modern JavaScript and integrates Google Analytics via Google Tag Manager for visitor insights. Security posture is strong with HTTPS enforced, standard security headers present, and a comprehensive cookie consent mechanism ensuring GDPR compliance. However, there is room for improvement in DNS security and publishing formal security policies. Overall, the site is trustworthy and well-positioned in its niche market.

S

Stadt Wallisellen

wallisellen.ch

61

Stadt Wallisellen operates an official municipal website providing comprehensive information and digital services to its residents and stakeholders. The site covers a broad range of topics including local politics, administration, education, culture, and public services, positioning itself as the primary digital interface for the community. The website demonstrates a solid technical infrastructure using modern web standards, responsive design, and privacy-conscious analytics (Matomo) with user consent mechanisms. Security posture is good with HTTPS enforced and secure form implementations, though some security headers could be improved. Overall, the site is trustworthy, professional, and well-aligned with its government entity status.

S

Stadt Dübendorf

duebendorf.ch

58

Stadt Dübendorf operates an official municipal website serving the residents and visitors of Dübendorf, Switzerland. The site provides comprehensive information about city services, news, events, and digital administrative functions such as the Online-Schalter. The website targets local citizens and stakeholders, positioning itself as a reliable government portal with a focus on accessibility and user engagement. The business model is that of a public service provider, offering transparent and accessible municipal services online. Technically, the website employs a modern CMS platform (i-web CMS) with JavaScript frameworks and libraries such as Owl Carousel and Matomo for analytics. It integrates Google Tag Manager for marketing and tracking purposes while maintaining user privacy through consent mechanisms. The site is mobile-optimized and accessible, with clear navigation and structured content. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses secure login forms. However, it lacks explicit HTTP security headers which could enhance protection against common web threats. No vulnerabilities or exposed sensitive data were detected. The site holds an ISO 27001 certification, indicating a mature security framework. Privacy policies and cookie consent are well implemented, supporting GDPR compliance. Overall, the website is trustworthy, professional, and well-maintained with a strong focus on user privacy and security. Strategic improvements could include adding security headers, publishing incident response contacts, and implementing a vulnerability disclosure policy to further enhance security posture and transparency.