Security Directory

Z

Zotter Schokolade GmbH

zotter.at

62

Zotter Schokolade GmbH operates a professional and well-structured e-commerce website focused on premium organic and fair trade chocolates. The company offers a broad product range including custom editions, gift sets, and experiential tours at their Zotter Erlebniswelt location. The website is built on TYPO3 CMS with modern web technologies and integrates marketing and consent management tools such as Google Tag Manager, Intercom, and Usercentrics. The site demonstrates good SEO practices and mobile optimization, providing a positive user experience. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is partially addressed via cookie consent but lacks a visible privacy policy page. Overall, the website reflects a credible and established chocolate brand with a strong market position in Austria.

G

Gigasport

gigasport.at

66

Gigasport is a prominent Austrian sports retail company operating both online and through 11 physical stores. The website serves as a comprehensive e-commerce platform offering over 450 top sports brands, targeting sports enthusiasts and general consumers primarily in Austria and German-speaking regions. The business model integrates retail sales with loyalty programs such as the PlusCard and a dedicated mobile app to enhance customer engagement. The site is professionally designed with consistent branding and clear navigation, reflecting a strong market position supported by its parent company Kastner & Öhler. Technically, the website is built on WordPress CMS and employs modern web technologies including Google Tag Manager, Usercentrics for consent management, and Dynamic Yield for personalization. The site is mobile-optimized and incorporates SEO best practices with structured data and meta tags. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses consent management tools, but lacks explicit security headers in the visible HTML. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a cookie consent mechanism, though a clear privacy policy page was not found in the provided content. WHOIS data is unavailable due to quota restrictions, but the domain appears legitimate based on branding and business context. Overall, Gigasport's website presents a trustworthy and professional online presence with good technical and security foundations. Strategic improvements in privacy policy visibility and security header implementation would enhance compliance and security posture further.

O

Opodo

opodo.com

66

Opodo is a large, well-established online travel agency headquartered in the United Kingdom with a parent company eDreams ODIGEO. The company offers a comprehensive suite of travel services including flights, hotels, car rentals, holiday packages, and transfers. It targets a broad audience of travelers seeking competitive prices and convenience through an easy-to-use online platform. The website is professionally designed with consistent branding and multilingual support, reflecting its international market presence. Technically, the website employs modern web technologies such as React, RequireJS, and integrates with Google Analytics and Tag Manager for data collection and marketing. It supports service workers for progressive web app capabilities and provides mobile app downloads for iOS and Android. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses Content-Security-Policy headers, anonymizes IPs in analytics, and avoids exposing sensitive data. However, additional security headers and a public security policy or vulnerability disclosure page are absent. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms in place. Contact information and legal disclosures are transparent, enhancing trust. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The lack of WHOIS data is a minor concern but likely due to privacy protection. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility to further strengthen the security posture and user trust.

E

eDreams

edreams.com

66

eDreams is a well-established online travel agency offering a broad range of travel services including flights, hotels, car rentals, and package holidays. The company operates internationally with multiple country-specific domains and is part of the larger eDreams ODIGEO group. Their market position is strong, supported by industry awards and accreditations such as IATA. The website is professionally designed with good content quality and consistent branding, targeting general consumers seeking travel bookings. Technically, the website uses modern web technologies including React, RequireJS, and integrates Google Analytics and Tag Manager for tracking. It is hosted behind Cloudflare, ensuring good performance and security. The site is mobile optimized and includes accessibility features, although some areas could be improved. Security posture is solid with HTTPS enforced and Content-Security-Policy headers present, but additional headers and explicit security policies could enhance protection. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms in place, reflecting GDPR adherence. However, the absence of WHOIS data for the domain is unusual and reduces trust slightly, though the overall legitimacy is supported by the business presence and branding. No adult or questionable content is present, making the site safe for general audiences. Overall, eDreams presents a mature, professional online travel platform with good security and privacy practices. Strategic improvements in transparency around security policies and WHOIS data would further strengthen trust and compliance.

Z

Zalando SE

zalando-lounge.at

52

Lounge by Zalando is a well-established online outlet platform operated by Zalando SE, targeting Austrian and European consumers with discounted fashion, home, and sports products. The website demonstrates a mature e-commerce business model with a strong market position as part of the Zalando group. Technically, the site uses modern web technologies including React, RequireJS, and integrates advanced analytics and consent management tools, ensuring a high-quality user experience with fast performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and active vulnerability reporting mechanisms, although a dedicated security policy page and security.txt file could enhance transparency. Privacy compliance is robust, featuring comprehensive privacy and cookie policies with user consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with the parent company's branding and business practices.

K

KOVOS

kovos.ch

49

KOVOS is a Swiss non-profit organization representing Catholic religious communities, providing information and support for vocations, retreats, and monastic hospitality. The website serves as an informational platform targeting religious individuals and communities in Switzerland. Technically, the site is built on TYPO3 CMS with modern web technologies and includes tracking via Google Analytics and Tag Manager. The site is mobile-optimized and well-structured, though some accessibility features could be improved. Security posture is adequate with HTTPS and nonce usage but lacks visible security headers and published security or privacy policies. No forms or social media links were detected, limiting direct user engagement channels. Overall, the domain registration aligns well with the organization's identity, indicating legitimacy and trustworthiness.

S

Schweizer Bischofskonferenz

bischoefe.ch

48

The Schweizer Bischofskonferenz website serves as the official digital presence of the Swiss Bishops' Conference, providing comprehensive information about the Catholic Church's activities, leadership, and ethical services in Switzerland. The site targets church members, religious communities, and the general public interested in ecclesiastical matters. It offers news, documents, and partner links, positioning itself as a trusted non-profit religious institution with a medium organizational size. Technically, the website is built on WordPress 6.6.2, leveraging common plugins such as Contact Form 7 and Bootstrap for responsive design. The infrastructure supports moderate performance and good mobile optimization, with Google Tag Manager integrated for analytics. However, some accessibility features are basic, and SEO practices are adequately implemented. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. Nonetheless, it lacks explicit security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. No vulnerability disclosures or incident response contacts are provided, indicating room for improvement in transparency and security readiness. Overall, the website is professional, trustworthy, and content-rich, but it would benefit from enhanced privacy compliance measures and security best practices to strengthen user trust and regulatory adherence.

M

Mapp

mapp.com

51

Mapp is a well-established marketing cloud technology company founded in 2003, offering AI-powered digital analytics, marketing automation, and multi-channel campaign management solutions. The company targets businesses seeking to leverage customer data for personalized marketing across email, SMS, apps, and websites. With over 3500 brands trusting their platform and a recent acquisition of Dressipi, Mapp positions itself strongly in the retail and e-commerce sectors with a focus on AI-driven personalization. Technically, the website is built on WordPress hosted on AWS infrastructure, utilizing modern JavaScript libraries such as Swiper.js and Slick Carousel for UI components, and integrates multiple analytics and tracking tools including Google Tag Manager, Hotjar, and proprietary Mapp Intelligence. The site is well optimized for SEO, mobile responsiveness, and accessibility, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, employs domain registration protections, and uses a consent management platform (Usercentrics) to comply with privacy regulations. However, DNSSEC is not enabled, and explicit security headers are not detected, indicating room for improvement. No critical vulnerabilities or exposed sensitive data were found. Overall, Mapp demonstrates a strong business credibility and technical maturity with good privacy compliance. The website content is professional and safe for general audiences. Strategic recommendations include enabling DNSSEC, publishing a dedicated security policy, and enhancing security headers to further strengthen the security posture.

S

SÄLZER Security

saelzer-security.com

67

SÄLZER Security is a German-based manufacturer and installer specializing in high-security building products such as windows, doors, facades, and barriers designed to protect against burglary, shooting, fire, and explosions. With over 50 years of experience and more than 1,000 test certificates, the company holds a strong market position serving military, police, embassies, critical infrastructure, and private clients worldwide. The website is professionally designed using TYPO3 CMS and integrates modern tools like Google Tag Manager and Cookiebot for analytics and privacy compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response contacts are not publicly visible. The absence of WHOIS registration data for the domain is a notable anomaly that slightly reduces trustworthiness. Overall, the website reflects a mature, professional business with good digital maturity and compliance practices.

N

Nayoki Performance GmbH

nayoki.de

52

Nayoki Performance GmbH is a small, Munich-based digital marketing agency specializing in performance marketing services. The company emphasizes know-how, creativity, and long-standing experience to drive client success. Their website reflects a professional and consistent brand image, targeting businesses seeking marketing expertise in the German market. Technically, the site is built on WordPress using the Astra theme, enhanced with Yoast SEO and Cookiebot for SEO and privacy compliance respectively. The infrastructure includes Google Tag Manager for analytics and tracking, with hosting and domain registration managed by reputable German providers. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is partial, with cookie consent but no visible privacy policy or terms of service pages. Overall, the website is well-structured, mobile-optimized, and trustworthy, though it lacks some compliance documentation and explicit contact information. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and improving transparency in contact details to strengthen trust and compliance.

M

MHZ Hachtel & Co AG

mhz.ch

53

MHZ Hachtel & Co AG operates a professional website focused on custom window coverings including plissee, rollos, jalousies, curtains, and outdoor sun protection products. The company targets consumers and professionals in Switzerland and neighboring regions, offering a product configurator and multi-language support to enhance user experience. The website is built on TYPO3 CMS with modern frontend technologies and integrates Google Tag Manager and Usercentrics for analytics and privacy compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit privacy policy and terms of service pages are not detected in the provided content. Overall, the website reflects a mature digital presence with good business credibility and technical implementation.

M

MHZ Hachtel S.à r.l.

mhz.lu

49

MHZ Hachtel S.à r.l. operates a professional website focused on custom-made sun protection products including Plissees, Wabenplissees, Rollos, Jalousien, Markisen, and insect protection solutions. The company targets architects, dealers, and end customers primarily in Luxembourg and the Benelux region, offering a digital configurator and dealer portal to enhance customer engagement. The website is built on TYPO3 CMS with modern styling and includes GDPR-compliant cookie consent mechanisms, reflecting a mature digital presence. Security posture is strong with HTTPS and security headers implemented, though explicit security policies and incident response information are absent. WHOIS data is unavailable, limiting domain trust assessment, but the website's professional design and content suggest legitimacy. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations, supporting MHZ's market position as a reputable regional manufacturer and retailer of sun protection products.

A

ACO Pfuhler GmbH & Co. KG

aco-pfuhler.de

66

ACO Pfuhler GmbH & Co. KG is a specialized manufacturer of high-stability monolithic precast concrete slot drains and drainage components, serving construction and infrastructure sectors primarily in Germany. The company holds a leading market position in its niche, offering robust drainage solutions designed for large sealed surfaces and extreme conditions. Their website reflects a professional and consistent brand image with comprehensive product information and references. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes essential SEO and accessibility features. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements.

Z

Zwet GmbH

zwetdesign.com

62

Zwet GmbH operates as a specialized 3D agency based in Germany, offering advanced 3D animations, CGI visualizations, motion graphics, and interactive applications including VR, AR, and XR solutions. The company targets industrial and B2B clients seeking innovative digital content to enhance marketing, sales, and product presentations. Their website demonstrates a professional portfolio with rich multimedia content and clear navigation, reflecting a mature digital presence. Technically, the website is built on WordPress with modern technologies such as jQuery and Google Tag Manager for analytics. Embedded Vimeo videos and interactive WebGL applications showcase their technical capabilities. The site is mobile-optimized and SEO-friendly, though performance is moderate. Security posture is good with HTTPS enforced, but lacks some advanced security headers and explicit incident response policies. Security-wise, the site shows no critical vulnerabilities or exposed sensitive data. Privacy compliance is supported by a cookie consent mechanism and a privacy policy page in German, indicating GDPR awareness. However, no terms of service or security policy documents were found. WHOIS data is missing, which raises some questions about domain registration transparency but does not detract significantly from the site's legitimacy given the professional content and contact information. Overall, Zwet GmbH presents a credible and professional business with a strong digital footprint in the 3D visualization technology sector. Strategic improvements in security headers, incident response documentation, and WHOIS transparency would enhance trust and compliance.

A

ACO Passavant Detego GmbH

aco-detego.de

67

ACO Passavant Detego GmbH is a specialized manufacturer within the ACO Group focusing on manhole covers, street and bridge drains, and technical covers. The company offers both standard and customized solutions, emphasizing safety and aesthetic integration for industrial and infrastructure clients. Their services extend beyond product development to include installation, maintenance, and repair, positioning them as a full-service provider in their niche market. The website reflects a professional and consistent brand image, targeting industrial and infrastructure sectors primarily in Germany. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including Bootstrap and Google Tag Manager. It features a responsive design with good SEO and accessibility practices. Cookie consent is managed through Klaro, indicating a mature approach to privacy compliance. Performance is moderate, with room for optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers could be enhanced and a formal security policy is absent. From a security perspective, the site shows good practices such as consent management and secure data handling in forms. However, the absence of explicit incident response contacts and security.txt files suggests areas for improvement. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy and professionally maintained, suitable for its business purpose. Strategically, the company should consider enhancing security headers, publishing a security policy, and providing clear incident response contacts to strengthen trust and compliance. Continuous monitoring and technical optimizations will support sustained digital maturity and business credibility.

V

Virgin Group

virgin.com

77

Virgin.com is the official website of the Virgin Group, a globally recognized conglomerate founded by Richard Branson. The site serves as a central hub for information about the Virgin Group and its diverse subsidiaries spanning travel, telecommunications, finance, hospitality, and space exploration. The website features comprehensive content about Virgin companies, news, and initiatives, targeting a broad audience including customers, investors, and partners. The business model is that of a diversified holding company with a strong brand presence and multiple revenue streams from its subsidiaries.

V

Virgin Money Australia

virginmoney.com.au

71

Virgin Money Australia is a prominent financial services provider offering a wide range of products including everyday banking accounts, credit cards, home loans, superannuation, and various insurance products. The website reflects a mature digital presence with a focus on customer rewards and comprehensive financial solutions tailored for the Australian market. The brand is well established with consistent navigation and professional design, targeting retail consumers and businesses in Australia. Technically, the site leverages Adobe Experience Manager as its CMS, integrates multiple analytics and marketing tools such as Google Tag Manager, Amplitude, Adobe Analytics, Hotjar, Facebook Pixel, and LinkedIn Insight Tag, indicating a sophisticated approach to user tracking and marketing optimization. Hosting is supported by Akamai CDN infrastructure, enhancing performance and availability. Security posture is solid with HTTPS enforced and no visible sensitive data exposure; however, the absence of DNSSEC and some security headers suggests room for improvement. Privacy compliance is moderate due to missing explicit privacy and cookie policies in the provided content. Overall, the website is professional, trustworthy, and well-positioned in the Australian financial services sector.

T

Turn2us

turn2us.org.uk

77

Turn2us is a UK-based national charity dedicated to providing information and support to individuals facing financial insecurity. The organization helps people access benefits and charitable grants, positioning itself as a trusted resource in the non-profit sector. The website reflects a professional and user-friendly design, with clear navigation and comprehensive content tailored to its target audience. Technically, the site employs modern JavaScript frameworks, integrates third-party services such as Stripe for payments, Google Analytics for tracking, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms with granular controls, but lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced trust and compliance. Overall, the website is safe, trustworthy, and compliant with GDPR, though improvements in security transparency and WHOIS data clarity are advised.

W

Woosmap

woosmap.com

64

Woosmap is a technology company specializing in location intelligence solutions, offering a suite of APIs and services that transform location data into actionable insights. Their platform supports a wide range of industries including retail, e-commerce, logistics, hospitality, finance, and government sectors. The company positions itself as a privacy-conscious provider with GDPR-compliant solutions, catering primarily to developers and enterprises seeking scalable geolocation services. The website showcases strong branding, client testimonials, and detailed product offerings, reflecting a mature market presence.

S

SEFE Energy UK

sefe-energy.co.uk

60

SEFE Energy UK is a reputable business energy supplier operating primarily in the UK market, offering a broad range of gas, electricity, and renewable energy products tailored to business customers. The company is part of the larger SEFE Group, which has a strong European presence and a focus on decarbonisation and sustainable energy solutions. Their website reflects a professional and modern digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site leverages modern web technologies including Umbraco CMS, Vue.js components, and integrates multiple analytics and marketing tools with user consent mechanisms. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is unavailable due to a registry error indicating the domain name is invalid, which is a concern for domain legitimacy but the website content and business information are credible and consistent with a legitimate energy supplier. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with minor penalties for WHOIS inconsistencies and missing security policy disclosures.

A

APOMEDICA Pharmazeutische Produkte

magnesium-sport.at

45

The website magnesium-sport.at represents APOMEDICA Pharmazeutische Produkte's brand Dr. Böhm® Magnesium Sport®, specializing in mineral supplements tailored for sports and active lifestyles. The site targets athletes and fitness enthusiasts in Austria, emphasizing product quality, doping-free certification, and exclusive pharmacy distribution. The business holds a solid niche position in the healthcare supplement market with a focus on magnesium and potassium products that support muscle function and recovery. Technically, the website is built on WordPress with the Avada theme and uses common plugins such as Revolution Slider and Google Tag Manager. The site is mobile-optimized, SEO-friendly, and delivers moderate performance. Security posture is adequate with HTTPS enforced but lacks some advanced security headers and uses an older jQuery version, which could be improved. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. The site integrates social media channels and maintains trust through doping-free certifications and transparent product information. Overall, the website is professional, trustworthy, and well-suited for its target audience, though security enhancements and explicit incident response policies could further strengthen its posture.

H

hajk

hajk.ch

73

hajk.ch is a Swiss e-commerce retailer specializing in outdoor equipment, clothing, and camping gear, officially affiliated with the Pfadibewegung Schweiz (Swiss scouting movement). The website targets outdoor enthusiasts and scouts in Switzerland, offering high-quality and sustainable products. The business model is retail-focused, leveraging a Magento-based platform with a modern Hyvä frontend theme. The site demonstrates a good level of digital maturity with integrated analytics, cookie consent, and user tracking mechanisms. Security posture is solid with HTTPS, CSRF protections, and deferred script loading, though explicit privacy and terms policies are not found in the provided content. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

A

Axiom Building Services Ltd.

axiombs.co.uk

51

Axiom Building Services Ltd is a well-established UK-based company specializing in mechanical and electrical design, installation, and maintenance services primarily targeting the commercial and industrial sectors across the South West and Midlands regions. Founded in 2006, the company has a strong market presence supported by multiple industry certifications and a professional digital footprint. Their website reflects a mature business with clear branding, comprehensive service descriptions, and active social media engagement. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and WPBakery Page Builder, ensuring good SEO and content management capabilities. The site is mobile-optimized and includes performance-enhancing features like lazy loading images and asynchronous script loading. Google Tag Manager is used for analytics, indicating a moderate level of digital maturity. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, some security headers are not explicitly detected, and there is no public incident response or vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were found, suggesting a solid but improvable security posture. Overall, the website and business demonstrate a high level of professionalism and trustworthiness with minor recommendations for enhancing security headers and publishing formal security policies to further strengthen compliance and risk management.

S

SEFE

sefe.eu

68

SEFE is a European energy company focused on securing reliable energy supply through trading, sales, infrastructure, and services across gas, power, and hydrogen sectors. The company positions itself as a key player in enhancing energy security and accelerating the transition to a low-carbon future in Europe. Their website reflects a professional and comprehensive digital presence with detailed sections on company strategy, sustainability, portfolio, and career opportunities. Technically, the website employs modern web technologies including ES6 JavaScript modules, jQuery, and integrates a GDPR-compliant cookie management platform (Usercentrics). Google Tag Manager is used for analytics and tracking, indicating a mature digital marketing approach. Security-wise, the site uses HTTPS and shows evidence of good security practices, although explicit security headers are not fully visible in the HTML content. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common for corporate domains, and no suspicious patterns were found. Overall, the website is trustworthy, well-designed, and compliant with privacy regulations.

S

SEFE Energy

sefe-energy.fr

51

SEFE Energy is a professional natural gas supplier targeting businesses and professionals in France. It offers tailored energy contracts, energy transition services including carbon compensation and audits, and emphasizes customer service quality. The company is part of the larger SEFE Group, an international energy enterprise owned by the German federal government, with sister sites in the UK, Netherlands, and Germany. The website is well-structured, professionally designed, and provides comprehensive information about its offerings and corporate values. Technically, the site is built on Drupal 10 and integrates modern analytics and marketing tools such as Matomo, Google Tag Manager, and Hotjar, alongside a cookie consent mechanism via Axeptio. The site is mobile-optimized, accessible, and SEO-friendly, with no detected blocking or WAF interference. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. The WHOIS data is not publicly available due to AFNIC privacy policies, but the domain is active and updated recently, consistent with a legitimate business. Contact information is clear, including a company email and physical address. Privacy and cookie policies are present and GDPR compliant. No adult or questionable content is found, making the site safe for general audiences. Overall, SEFE Energy demonstrates a mature digital presence with strong business credibility and a solid security baseline, though it could enhance transparency around security policies and incident response.

S

SEFE Energy NL

sefe-energy.nl

66

SEFE Energy NL is a specialized energy supplier focused on providing business customers in the Netherlands with gas and electricity solutions, including green energy options. The company positions itself as a customer-centric and sustainability-conscious partner with over 12 years of experience. Their digital presence is modern and professional, leveraging Umbraco CMS, Vue.js, and multiple analytics and marketing tools to deliver a responsive and user-friendly website. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although some security headers could be improved. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, SEFE Energy NL demonstrates a mature digital infrastructure and a trustworthy market position in the energy sector.

W

Wolters Kluwer Kft.

complex.hu

70

Wolters Kluwer Kft. operates a professional e-commerce platform (shop.wolterskluwer.hu) focused on legal, tax, accounting, and administrative products and services in Hungary. The company is a leading LegalTech and publishing provider offering databases, software, books, journals, and professional training primarily targeting legal and tax professionals as well as government bodies. The website demonstrates a mature digital presence with clear navigation, professional branding, and a comprehensive product catalog. Technically, the site uses modern web technologies including Bootstrap, Google Tag Manager, and Eloqua forms, with asynchronous script loading and HTTPS enforced, indicating a solid infrastructure. However, there is room for improvement in privacy compliance disclosures and security headers implementation. Security posture is good with no visible vulnerabilities or exposed sensitive data, but the absence of explicit privacy and cookie policies and incident response information reduces compliance confidence. Overall, the website is trustworthy and professionally managed, reflecting the reputation of its parent company, Wolters Kluwer.

T

Tucher Privatbrauerei

tucher-privatbrauerei.de

67

Tucher Privatbrauerei is a historic German brewery established in 1672, specializing in the production and distribution of premium beer products primarily targeted at mature audiences. The company maintains a strong market position as a national premium beer manufacturer with a focus on craftsmanship, reliability, and tradition. Their website reflects this heritage with professional design, clear navigation, and content emphasizing their brand values and product range. The site includes age verification to comply with alcohol advertising regulations and links to responsible drinking campaigns, underscoring their commitment to social responsibility. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Usercentrics for consent management, ensuring GDPR compliance. The site is mobile-optimized with good SEO practices and moderate performance. However, no CMS or hosting provider details were detected, and accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and a vulnerability disclosure page suggests room for improvement. From a security perspective, the site shows good compliance with privacy regulations and responsible data handling, but lacks explicit incident response contacts and security.txt files. No vulnerabilities or suspicious domains were detected. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, supporting a high trustworthiness rating. Overall, the website presents a professional and trustworthy digital presence for Tucher Privatbrauerei, with strong compliance and security foundations. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility to further strengthen their security posture and user trust.

T

Tucher

tucher.de

64

Tucher is a historic German brewery established in 1855, specializing in the production and promotion of traditional beers such as Weizenbier and Rotbier. The website reflects a mature, professional brand targeting adult consumers with a focus on cultural heritage and responsible alcohol consumption. The company maintains a moderate digital presence with social media integration and offers brewery tours and engagement initiatives. Technically, the website employs modern JavaScript libraries and consent management tools, ensuring GDPR compliance and user privacy. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. Overall, the site is well-structured, mobile-optimized, and trustworthy, with no signs of blocking or WAF interference.

S

Sportson International Oy

babolat.fi

59

Babolat.fi is an established Finnish e-commerce retailer specializing in tennis, padel, and badminton equipment and apparel. Operated by Sportson International Oy, founded in 1982, the website serves Finnish sports enthusiasts with a direct import business model focusing on Babolat and Fila brands. The site offers a comprehensive product range with fast delivery and free shipping over a threshold, targeting both amateur and professional players. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, and Google reCAPTCHA for spam protection. It is well-optimized for mobile and accessibility, with good SEO practices and structured data enhancing search visibility. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers could be improved. Privacy compliance is adequate with a comprehensive privacy policy, but lacks an explicit cookie consent mechanism. Overall, the site is professional, trustworthy, and well-positioned in the Finnish sports retail market.

I

InnovateNow Bielefeld

innovatenow-bielefeld.de

43

InnovateNow Bielefeld is a local government-backed innovation program focused on developing and implementing digital solutions to enhance the inner city and old town of Bielefeld. The program engages a broad audience including citizens, students, tech enthusiasts, and companies to collaboratively improve urban life quality through digital transformation. The website is built on WordPress using Elementor and integrates modern tracking and marketing tools such as Google Analytics and Meta Pixel, although it lacks a cookie consent mechanism. Security posture is adequate with HTTPS enforced but could be improved by adding security headers and incident response policies. Contact information is limited to an email address for the project manager, with no phone or physical address explicitly provided. Overall, the website is professional, content-rich, and trustworthy, serving as an effective platform for the InnovateNow initiative.

I

indigitall

indigitall.com

76

indigitall is a mature, well-established AI-powered customer engagement platform founded in 2006, offering a comprehensive suite of omnichannel marketing and communication tools including AI agents, chatbots, push notifications, and more. The company targets businesses across multiple sectors such as retail, finance, healthcare, and telecommunications, positioning itself as a leader in unified customer engagement solutions with a strong market presence and notable clients. The website is built on WordPress with modern SEO and performance optimizations, providing a good user experience and mobile responsiveness. Security posture is solid with HTTPS and reCAPTCHA, though improvements like DNSSEC and security headers are recommended. Privacy compliance is limited due to missing explicit policies and consent mechanisms. Overall, the site is professional, trustworthy, and business-focused, with no signs of malicious or adult content.

etermin GmbH operates an online appointment scheduling platform primarily targeting German-speaking businesses and service providers. Their solution integrates appointment booking functionality into existing websites and Google search results, positioning them as an innovative player in the SaaS scheduling market. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technical infrastructure includes modern JavaScript libraries such as jQuery and tracking tools like Google Analytics and Bing Ads, indicating a mature digital presence. Privacy and cookie policies are implemented with GDPR compliance, reflecting attention to regulatory requirements. However, the absence of WHOIS data raises concerns about domain registration legitimacy, which should be addressed to enhance trust. Security posture is moderate with HTTPS enforced but lacks visible security headers and explicit security policies. Overall, the website demonstrates a solid business and technical foundation but would benefit from improved transparency and security hardening.

C

Clearer.io

clearer.io

70

Clearer.io is a technology company specializing in providing advanced, easy-to-integrate applications aimed at enhancing product discovery and optimizing the customer journey for eCommerce businesses. Positioned as an innovative player in the eCommerce technology sector, Clearer.io offers solutions that increase conversions and reduce customer confusion, targeting B2B clients and partners. The website reflects a professional and consistent brand image with clear messaging and partner endorsements. Technically, the site is built on the Webflow platform, leveraging modern JavaScript libraries and animation frameworks, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response information are absent. Overall, the domain appears legitimate despite privacy-protected WHOIS data, with a strong compliance stance on privacy and user consent.

TISCreport, operated by Semantrica Ltd, is a UK-based social enterprise specializing in supply chain transparency and compliance tools. The platform leverages AI-augmented data and official sources to provide companies with dashboards, compliance tracking, and transparency scoring to meet regulatory and sustainability goals. With a mature domain and multiple industry certifications, TISCreport holds a trusted position in its niche market. Technically, the website is built on Drupal 11, integrating modern analytics and marketing tools such as HubSpot and Google Tag Manager. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. However, DNSSEC is not enabled, and some security headers are not explicitly detected, indicating room for security enhancements. From a security perspective, the site enforces HTTPS and uses clientTransferProhibited domain status, but lacks a published security policy or incident response contacts. Privacy and cookie policies are comprehensive and GDPR compliant, with a consent mechanism in place. No critical vulnerabilities or exposed sensitive data were found. Overall, TISCreport presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in DNS security and explicit security disclosures would further enhance trust and security posture.

P

PKI Solutions

pkisolutions.com

79

PKI Solutions is a specialized cybersecurity company focused on providing Public Key Infrastructure (PKI) solutions including real-time monitoring software (PKI Spotlight), consulting, and training services. The company targets enterprises in sectors such as energy, finance, and healthcare, offering tools to improve PKI security posture, operational resilience, and threat detection. Their market position is supported by notable client logos and testimonials, indicating a trusted niche provider in PKI security. Technically, the website is built on WordPress with modern plugins and integrations such as Google Analytics, Calendly, and Olark Live Chat, reflecting a mature digital presence. The site is well-optimized for SEO and mobile devices, with good content quality and navigation. Security posture is strong with HTTPS enforced, though security headers could be improved. The absence of WHOIS data is a concern but does not outweigh the professional presentation and trust signals. Overall, the website demonstrates a solid security and compliance posture with room for enhancement in technical security controls.

A

ACO GmbH

aco.de

68

ACO GmbH is a German-based company specializing in durable product systems for garden and landscape construction, civil engineering, and basement applications focused on rainwater management. Their solutions encompass rainwater collection, purification, storage, and reuse, supporting sustainable water cycles. The company positions itself as an expert in intelligent and future-oriented drainage systems, serving professional sectors such as construction, landscaping, and infrastructure. The website reflects a mature digital presence with comprehensive content, multi-level navigation, and integration of planning tools and product finders.

M

METALLART Treppen GmbH

metallart.com

55

METALLART Treppen GmbH is a specialized manufacturer of exclusive, high-quality sculptural staircases with a heritage of over 100 years. The company serves a global clientele including architects, builders, and private clients, offering custom design, manufacturing, and consulting services. Their market position is strong within the manufacturing sector for architectural staircases, supported by a professional website showcasing extensive project portfolios and client testimonials. Technically, the website is built on modern frameworks such as Astro and Alpine.js, hosted likely on Netlify, and incorporates privacy and analytics tools like Cookiebot and Google Tag Manager. Security posture is good with HTTPS enforced and secure forms, though some security headers are not evident and no explicit security policy is published. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract significantly from the overall legitimacy given the comprehensive business information and social media presence. Overall, the website is professional, secure, and compliant with privacy regulations, making it a trustworthy digital presence for the company.

G

Graphisoft

graphisoft.com

68

Graphisoft is a leading technology company specializing in BIM software solutions for architecture, engineering, and construction professionals. Their website showcases a comprehensive portfolio of products such as Archicad, BIMcloud, BIMx, and AI Assistant, targeting AEC experts globally. The company emphasizes collaboration, innovation, and education through training and certification programs. The site is well-branded, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, the website is built on WordPress with modern JavaScript libraries including jQuery and Swiper.js, integrated with Google Tag Manager and Cookiebot for analytics and privacy compliance. The site employs HTTPS with strong security headers and uses reCAPTCHA to protect forms, indicating a solid security posture. However, explicit security policies and incident response information are not published, which could be improved. The WHOIS data is unavailable or privacy protected, which reduces transparency but the website content and branding strongly support legitimacy. No blocking or WAF challenges were detected, allowing full content access and analysis. Overall, the site demonstrates a high level of professionalism, security, and compliance with privacy regulations. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and providing direct security contact information to enhance trust and compliance.

B

Buderus

buderus.de

72

Buderus, a brand under the Bosch group, specializes in providing efficient and future-proof heating, solar, and ventilation technologies. The website presents a professional and consistent brand image targeting homeowners, installers, and businesses interested in environmentally friendly heating solutions. The technical infrastructure leverages CoreMedia CMS, Google Tag Manager, and Genesys CX widgets, indicating a mature digital presence with integrated customer support and analytics. Security posture is solid with HTTPS and secure chat implementations, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with comprehensive GDPR-aligned privacy and cookie policies. Overall, the site reflects a reputable enterprise with strong business credibility and moderate technical sophistication.

M

MHZ Hachtel GmbH & Co. KG

mhz.de

49

MHZ Hachtel GmbH & Co. KG is a well-established German manufacturer specializing in custom-made sun, privacy, and insect protection products such as pleated blinds, honeycomb blinds, roller blinds, and awnings. The company targets consumers, architects, and dealers, offering a comprehensive product configurator and dealer portal to enhance customer engagement and sales. Their market position is strong within Europe, supported by subsidiaries in Luxembourg and Switzerland. The website reflects a mature digital presence built on TYPO3 CMS, with good mobile optimization and accessibility. Security posture is robust with HTTPS, security headers, and consent management implemented, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

P

PROJEKT PRO GmbH

projektpro.com

55

PROJEKT PRO GmbH operates a professional German-language website offering specialized software solutions for architects and engineers, focusing on project planning, controlling, time tracking, and cost calculation. The company positions itself as an experienced provider with over 30 years in the market and more than 24,000 users, emphasizing efficiency and project profitability. The website features comprehensive content including product features, customer testimonials, webinars, and case studies, reflecting a mature digital presence. Technically, the site is built on Drupal 10 with modern JavaScript libraries such as Alpine.js and Lottie Player, ensuring a responsive and accessible user experience. Integration with Google Tag Manager, Google Analytics, and Demodesk indicates a well-instrumented marketing and analytics setup. Cookie consent mechanisms comply with GDPR requirements, enhancing privacy compliance. Security posture is solid with HTTPS enforced and cookie consent implemented, though some standard security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and should be added for enhanced protection. No vulnerabilities or exposed sensitive data were found in the content. However, the WHOIS data is missing or indicates the domain is not registered, which is a significant anomaly that reduces trustworthiness. This discrepancy between an active professional website and absent domain registration data requires further investigation to confirm legitimacy. Overall, the website is professional, secure, and privacy-conscious, but the domain registration inconsistency is a critical risk factor that impacts business credibility and trust.

C

Création Baumann

creationbaumann.com

66

Création Baumann is a Swiss family-owned business specializing in high-quality textiles and curtain systems, serving both private and contract markets. The company offers a wide range of products including curtain fabrics, upholstery, outdoor and functional textiles, as well as acoustic solutions and curtain systems. The website reflects a mature and professional digital presence with a focus on product showcasing and customer engagement through an online textile finder and detailed product categories. The domain age of over 25 years supports the company's established market position. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, enhanced by Yoast SEO Premium for search optimization and CookiePro for privacy compliance. The site is mobile-optimized, accessible, and performs moderately well. Security is adequate with HTTPS enforced and domain transfer protections in place, though improvements such as DNSSEC and enhanced security headers could be implemented. From a security and compliance perspective, the site includes a cookie consent mechanism but lacks explicit privacy policies, terms of service, and security incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. Strategic recommendations include publishing comprehensive privacy and security policies, enabling DNSSEC, and enhancing security headers to further strengthen the security posture.

Webtrekk GmbH is a digital analytics company that has been integrated into the Mapp group, offering advanced customer engagement and marketing intelligence solutions under the Mapp Intelligence brand. The website reflects this transition, providing information and redirecting users to Mapp's main site for further details. The company targets businesses seeking data-driven marketing and analytics solutions, positioning itself as a mature player in the technology sector with a history dating back to 2004. Technically, the website employs modern frontend technologies such as Bootstrap and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a professional user experience, though some SEO and accessibility features could be improved. The absence of CMS identification and hosting details limits deeper infrastructure insights. From a security perspective, the site uses HTTPS and custom tracking scripts but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. The missing WHOIS data for the domain introduces some trust concerns, although the professional presentation and association with Mapp mitigate these risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional front for Webtrekk's services within Mapp, but improvements in privacy compliance, security headers, and WHOIS transparency are recommended to enhance trust and regulatory adherence.

S

ServiceOcean AG

serviceocean.de

54

ServiceOcean AG is a German-based technology company specializing in AI-powered call center software designed to optimize customer service reachability and reduce operational costs. Their flagship product focuses on digital waiting queue management and intelligent call distribution, targeting sectors such as banking, insurance, energy, and e-commerce. The company positions itself as a niche leader with proven customer success stories and a strong emphasis on service excellence. Technically, the website is built on WordPress with modern integrations including React components, Google Tag Manager, and Cookiebot for privacy compliance. The site demonstrates excellent performance, mobile optimization, and SEO practices. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS registration data is a notable gap, reducing domain trustworthiness and suggesting the need for further verification. Overall, the website presents a professional and trustworthy front with comprehensive privacy compliance and clear contact information, supporting its business credibility. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure mechanisms, and verifying domain registration transparency to enhance trust and compliance.

V

Visit Luxembourg

visitluxembourg.com

64

Visit Luxembourg is an official tourism promotion website showcasing Luxembourg as a travel destination blending medieval charm with modern sophistication. The site targets tourists and visitors seeking cultural, event, and travel information about Luxembourg. The business model focuses on tourism promotion and visitor engagement, positioning itself as a key resource for travel planning in Luxembourg. Technically, the site is built on TYPO3 CMS, employs Cookiebot for cookie consent management, and integrates Google Tag Manager and CrowdRiff for analytics and visual content. The site is well-optimized for mobile and accessibility, with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms, though explicit security headers could be improved. The absence of WHOIS data and explicit contact information slightly reduces business credibility but does not detract from the overall professionalism. Strategic recommendations include enhancing security header implementation, publishing security policies, and improving transparency around contact details.

W

Winston's Wish

winstonswish.org

51

Winston's Wish is a UK-based non-profit charity dedicated to providing bereavement support for children and young people. Established in 2016, it holds a reputable position in the childhood bereavement support sector within the UK. The website serves as an informational and service platform, targeting families and professionals seeking support for grieving children. The organization leverages a WordPress-based digital infrastructure with multiple plugins to deliver content, forms, and e-commerce capabilities. The site integrates modern technologies such as hCaptcha for form security, Google Tag Manager, and Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS enforced and form protection, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is partially addressed with cookie consent mechanisms, but lacks explicit privacy and terms of service documentation in the provided content. Overall, the website is professional, trustworthy, and well-aligned with its charitable mission.

I

Interfit

interfit-group.com

65

Interfit is a world-leading specialty tire and wheel service provider focusing on Material Handling, Agriculture, and Construction sectors. The company offers a wide range of products and services designed to help machine specialists maximize revenue by maintaining control over their tire business. The website is professionally designed, multi-lingual, and optimized for SEO and mobile devices, reflecting a mature digital presence. The technical infrastructure is based on WordPress with Elementor and includes modern tools such as Google Tag Manager and reCAPTCHA to enhance security and analytics. Security posture is good with HTTPS enforced and a comprehensive cookie consent mechanism, although the absence of security headers and incident response information suggests room for improvement. The WHOIS data is missing, indicating either a very recent domain registration or privacy protection, which slightly impacts trustworthiness. Overall, the website is professional, secure, and compliant with privacy regulations, suitable for its business audience.

E

Ermin Plant Hire Services Ltd

erminplant.co.uk

69

Ermin Plant Hire Services Ltd is a well-established UK-based company specializing in plant, tool, and access hire, alongside equipment sales and training services. With over 60 years of operational history, the company serves professional contractors, tradespeople, and DIY enthusiasts primarily across Gloucestershire and surrounding counties. Their market position is that of a trusted regional specialist with multiple depots and a comprehensive product offering. The website reflects a professional and consistent brand image, supported by testimonials and active social media channels. Technically, the website is built on WordPress with WooCommerce for e-commerce capabilities, leveraging modern plugins such as Yoast SEO, Instagram Feed, and Contact Form 7. The site is mobile-optimized, SEO-friendly, and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with good accessibility features, although some security headers are not explicitly detected. From a security perspective, the site enforces HTTPS and employs cookie consent, but lacks visible advanced security headers and explicit incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were identified. The absence of WHOIS data due to a domain query error limits full domain trust verification, but the website content and contact details support a moderate to high trust level. Overall, Ermin Plant presents a solid digital presence with good business credibility and privacy compliance. Strategic improvements in security headers and incident response transparency would enhance their security posture and trustworthiness further.