Security Directory

A

Automechanika Tashkent

automechanika.uz

59

Automechanika Tashkent is a professional event organizer specializing in automotive aftermarket exhibitions in Uzbekistan and Central Asia. The website presents the upcoming event scheduled for October 2025 at the Central Asian Expo center in Tashkent, targeting automotive industry professionals, exhibitors, and visitors. The platform offers services such as stand booking, advertising partnerships, visitor registration, and a business program. The website is built on the Tilda CMS platform, leveraging modern web technologies and content delivery networks for performance and mobile optimization. However, it lacks explicit privacy and cookie policies, which are critical for compliance with data protection regulations. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but security headers are missing. Tracking technologies like Google Tag Manager and Facebook Pixel are used, indicating moderate user tracking. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

H

Holidu Hosts GmbH

bookiply.com

76

Bookiply is a vacation rental management platform focused on helping hosts maximize bookings and reduce administrative workload. It operates primarily in Europe and is part of the Holidu Group, a recognized entity in the hospitality sector. The website offers a comprehensive suite of services including property listing, channel management, and personal support for hosts. The company targets vacation rental owners and agencies, providing an all-in-one solution to increase visibility and revenue. Technically, the website is built using modern web technologies such as React and Next.js, hosted on AWS in Ireland, and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Facebook Pixel. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not publicly disclosed, which could be improved. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is mitigated by the professional presentation and detailed imprint. Overall, Bookiply presents a trustworthy and professional online presence with strong compliance and technical maturity. Strategic improvements in transparency around security policies and incident response would enhance its security posture and trustworthiness further.

R

RedaktionsNetzwerk Deutschland

rnd.de

56

RedaktionsNetzwerk Deutschland (RND) operates a major German news media website providing current news, videos, podcasts, and subscription-based content under the RND+ brand. The site targets a broad general audience interested in politics, economy, culture, and other topical areas. The business model is primarily media publishing with monetization through subscriptions and advertising. Technically, the website uses modern web technologies including React, Google Tag Manager, and a consent management platform to comply with GDPR. The presence of a paywall system (Piano/Tinypass) indicates a mature digital subscription infrastructure. Security posture is good with HTTPS enforced and consent mechanisms in place, though explicit security policies and vulnerability disclosures are not found. Overall, the site is professional, well-branded, and trustworthy with no signs of malicious or adult content.

W

we22

we22.com

50

we22 is a German-based technology company specializing in software development, platform operations, and consulting services aimed at empowering small businesses through digital transformation. Their offerings include scalable website software, hosting, domain management, CRM integration, and white-label services, positioning them as a market leader in website creation and online marketing solutions for small enterprises. The company leverages a strong partner ecosystem including major industry and telecommunications firms to enhance its market reach and service quality. Technically, the website is built on TYPO3 CMS with modern frontend frameworks and integrates Google Tag Manager for analytics. The site is well-designed, mobile-optimized, and GDPR compliant with clear cookie consent mechanisms and multiple contact forms integrated with Salesforce. Security posture is moderate with room for improvement in HTTP security headers and published security policies. WHOIS data is missing, which reduces domain trustworthiness and should be verified. Overall, the website and business present a professional and credible digital presence with a solid foundation for growth and customer engagement.

L

Leyendecker HolzLand GmbH & Co. KG

leyendecker.de

51

Leyendecker HolzLand GmbH & Co. KG is a well-established wood specialist retailer and wholesaler based in Trier, Germany, with a history dating back to 1860. The company offers a broad range of wood products including flooring, doors, garden furniture, and wood-based materials, serving craftsmen, businesses, and end consumers primarily in the Rheinland-Pfalz, Saarland, and Luxembourg regions. Their market position is strong regionally, supported by a large physical exhibition and an online shop. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and consent management tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, CSP headers, and privacy compliance mechanisms in place, though lacking a dedicated security policy or incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence.

H

Holz-Tusche GmbH & Co. KG

holztusche.de

58

Holz-Tusche GmbH & Co. KG is a medium-sized, established family business in Germany specializing in high-quality wood-based materials and innovative services for the construction and manufacturing sectors. The company operates a professional e-commerce platform built on Shopware 6, offering a wide range of wood products including panels, doors, and construction timber. Their market position is supported by partnerships with reputable suppliers such as Egger, Finsa, and Resopal. Technically, the website employs modern JavaScript libraries, integrates advanced search via Fact Finder, and uses analytics tools like Google Tag Manager and PostHog, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and error monitoring via Sentry, though additional security headers and explicit policies could enhance compliance and trust. Overall, the site is well-structured, mobile-optimized, and trustworthy, targeting B2B customers in the wood materials industry.

C

Carl Götz

carlgoetz.de

63

Carl Götz is a medium-sized German company specializing in the retail and distribution of wood products and related construction materials. The website presents a comprehensive catalog of products including panels, wood construction materials, flooring, doors, and garden-related items, targeting both business and private customers. The company maintains multiple physical locations and offers digital services such as customer login, configurators, and sample services. Technically, the website is built on the Shopware CMS platform, uses modern web technologies including Google reCAPTCHA and Google Tag Manager, and is hosted on a reliable DNS provider. Security posture is good with HTTPS enforced and CSRF protection on forms, though additional security headers and policies could enhance protection. Privacy compliance is basic with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in privacy and security transparency.

A

A&J HOLZZENTRUM – Andresen & Jochimsen GmbH & Co. KG

holzzentrum.de

55

A&J HOLZZENTRUM – Andresen & Jochimsen GmbH & Co. KG operates a specialized retail and online shop business focused on wood products, building materials, doors, and garden supplies primarily serving the Hamburg region in Germany. The company positions itself as Hamburg's largest selection provider in this sector, targeting both B2C and B2B customers. Their business model combines physical retail with an integrated e-commerce platform, leveraging Shopware technology to deliver a comprehensive shopping experience. Technically, the website is built on the Shopware CMS platform, enhanced with modern JavaScript libraries such as jQuery and integrated with marketing and customer service tools like Google Tag Manager, Superchat, and Trusted Shops widgets. The hosting is managed via 1&1 IONOS, with consistent domain registration and DNS configurations. The site demonstrates good mobile optimization, SEO practices, and basic accessibility features, supporting a positive user experience. From a security perspective, the website enforces HTTPS, employs standard security headers, and integrates CAPTCHA on forms to mitigate automated abuse. While no critical vulnerabilities or exposed sensitive data were detected, the absence of a dedicated security policy or incident response contact suggests room for improvement in transparency and preparedness. Privacy and cookie policies are present and include consent mechanisms, aligning with GDPR requirements. Overall, the website presents a trustworthy and professional front with solid business credibility and technical implementation. The risk profile is low, with recommendations focusing on enhancing security documentation, incident response readiness, and accessibility compliance to further strengthen the security posture and user trust.

D

DigiShop GmbH

weltholz.de

59

Weltholz is a German-based wood import company specializing in high-quality timber and exclusive wood products for wholesale and retail customers. The website presents a professional and well-structured platform targeting B2B clients such as large and wood dealers. It offers a comprehensive product catalog, marketing support, and online tools like a terrace planner. Technically, the site uses a custom ColdFusion backend with modern frontend libraries including jQuery, Bootstrap, and Slick Slider, integrated with HubSpot and Google Analytics for marketing and analytics. The security posture is solid with HTTPS and cookie consent mechanisms, though security headers are not explicitly detected and could be improved. Privacy compliance is strong with clear policies and consent management. Overall, the site is trustworthy, well-branded, and professionally maintained.

D

Deutscher Gründerpreis für Schüler:innen

dgp-schueler.de

56

The Deutscher Gründerpreis für Schüler:innen is a German educational initiative focused on promoting entrepreneurship education among students, primarily targeting those in the 9th grade and above, as well as teachers and Sparkasseninstitutes. The initiative organizes competitions, provides educational materials, and fosters practical learning experiences to sensitize young people to economic topics and entrepreneurial self-employment. The website is professionally designed, well-structured, and consistent with the brand's mission, supported by recognized partners such as Sparkasse, ZDF, Porsche, and others. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with embedded YouTube videos and Google Tag Manager for analytics. The site appears to be built on TYPO3 CMS, indicated by URL patterns and asset naming conventions. Performance and mobile optimization are good, with accessibility features implemented. Privacy compliance is strong, featuring a cookie consent banner and a comprehensive privacy policy aligned with GDPR requirements. From a security perspective, the site uses HTTPS with good SSL configuration and anonymizes IP addresses in analytics. However, no explicit security headers were detected in the HTML content, and there is no visible incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were found. The domain WHOIS data is consistent with the website's purpose, supporting legitimacy. Overall, the website presents a low-risk profile with a solid security posture and good privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a security.txt file to improve vulnerability disclosure transparency.

D

Deutscher Sparkassen- und Giroverband

planspiel-boerse.de

62

Planspiel Börse is an educational platform operated under the auspices of the Deutscher Sparkassen- und Giroverband, offering Europe's largest stock market simulation game targeted at students and pupils. The website presents a professional and consistent brand image with a focus on financial education and engagement through interactive competitions. Technically, the site leverages modern frameworks such as Next.js and React, ensuring good mobile optimization and accessibility. However, the absence of explicit privacy and cookie policies, as well as missing security headers, indicates room for improvement in compliance and security posture. Overall, the domain registration data aligns well with the website's German educational focus, supporting its legitimacy.

M

MIDI Europe S.r.l.

isuzutrucks.ro

62

The website is the official Romanian portal for Isuzu Trucks operated by MIDI Europe S.r.l., established in 2022. It provides comprehensive information about Isuzu truck models, sales, after-sales services, and dealer networks targeting businesses and individuals interested in commercial vehicles in Romania. The site is professionally designed with consistent branding and good content quality, supporting a medium-sized transportation sector business. Technically, the site is built on Drupal CMS with modern JavaScript libraries and frameworks, offering good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. Privacy compliance is strong with clear GDPR-aligned policies and user consent. Overall, the site is trustworthy and well-positioned in its market niche.

M

MIDI Europe S.r.l.

isuzutrucks.sk

61

The website is the official Slovak regional site for Isuzu trucks, operated by MIDI Europe S.r.l. It provides detailed product information, dealer locator services, customer support links, and media updates tailored for the Slovak market. The site targets commercial vehicle buyers and users, positioning itself as a key regional distributor within the broader Isuzu European network. The business model focuses on sales, after-sales service, and brand promotion in the transportation sector. Technically, the site is built on Drupal CMS with a modern front-end stack including jQuery, Bootstrap, and Google Tag Manager for analytics. The site is mobile optimized and provides a good user experience with clear navigation and localized content. Performance is moderate, with room for improvement in SEO and accessibility. From a security perspective, the site uses HTTPS and enforces domain transfer restrictions. It includes GDPR-compliant privacy and cookie policies with user consent mechanisms. However, no explicit security headers or incident response contacts are found, indicating areas for enhancement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the site presents a professional and trustworthy digital presence with a solid business foundation. Strategic improvements in security headers, contact transparency, and SEO could further strengthen its posture and user trust.

M

MIDI Europe S.r.l.

isuzutrucks.pl

65

The website is the official Polish portal for ISUZU trucks, operated by MIDI Europe S.r.l. It provides detailed information about various ISUZU truck models, after-sales services, dealer networks, and customer advisory services. The site targets commercial vehicle buyers and fleet operators in Poland, positioning itself as a regional distributor and service provider for ISUZU commercial vehicles. The business is well-established, with the domain registered since 2008, reflecting a mature presence in the transportation sector. Technically, the website is built on the Drupal CMS platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Tag Manager for analytics. The site is mobile-optimized with a responsive design and includes accessibility features, though these could be enhanced. Performance is moderate, with no critical errors or broken elements detected. SEO and metadata are basic but sufficient for the site's scope. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected, and there is no public security or incident response policy. No vulnerabilities or exposed sensitive data were found in the HTML content. The overall security posture is good but could be improved by adding security headers and publicly available security policies. Overall, the website is professional, trustworthy, and compliant with privacy regulations. It effectively serves its business purpose with clear navigation and relevant content. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility compliance to further strengthen the site's security and user experience.

M

MIDI Europe S.r.l.

isuzutrucks.hu

62

The website is the official Hungarian portal for Isuzu Trucks, operated by MIDI Europe S.r.l. It serves as a regional distributor platform providing detailed information about Isuzu truck models, dealer locations, sales, after-sales services, and downloadable catalogs. The site targets commercial vehicle buyers and service customers in Hungary, positioning itself as a trusted regional representative of the Isuzu brand. The business model focuses on direct sales and support through a dealer network, emphasizing brand consistency and customer engagement. Technically, the website is built on the Drupal CMS platform, utilizing common front-end libraries such as jQuery, Bootstrap, and Font Awesome. Google Tag Manager is employed for analytics and marketing tracking, with a cookie consent mechanism in place to comply with GDPR requirements. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are present but could be enhanced. From a security perspective, the site uses HTTPS, but no explicit security headers were detected in the HTML content. The cookie consent banner indicates awareness of privacy regulations, and no sensitive data exposure or vulnerabilities were found in the analyzed content. However, there is room for improvement in implementing security headers and publishing explicit security policies or incident response contacts. Overall, the website presents a professional and trustworthy front for Isuzu Trucks in Hungary, with solid business credibility and compliance with privacy regulations. The technical and security posture is adequate but could benefit from enhancements to security best practices and accessibility. No critical issues or blocking mechanisms were detected, allowing full content analysis.

M

MIDI Europe S.r.l.

isuzutrucks.cz

63

The website is the official Czech Republic portal for Isuzu Trucks, operated by MIDI Europe S.r.l. It provides comprehensive information about Isuzu's commercial truck offerings, sales and service networks, and customer support. The site targets commercial vehicle buyers and operators within the Czech market, positioning itself as a regional distributor and service provider for Isuzu trucks. The business model focuses on vehicle sales, after-sales service, and customer engagement through digital content and brochures. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies such as jQuery, Bootstrap, and Google Tag Manager for analytics. The site is mobile-optimized with good navigation and a professional design. Performance is moderate, with room for improvement in SEO and accessibility. The hosting and domain registration are stable and consistent with the business's operational history. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism. However, explicit security headers are not detected, and no public security or incident response policies are published. No vulnerabilities or exposed sensitive data were found in the HTML content. The privacy and cookie policies are comprehensive and clearly presented. Overall, the website presents a low-risk profile with a good level of professionalism and compliance. Strategic improvements in security headers, incident response transparency, and SEO could enhance the site's security posture and digital maturity.

M

MIDI Europe Srl

isuzu.si

61

MIDI Europe Srl operates the official Isuzu regional website for Slovenia and Italy, focusing on the promotion and sales of Isuzu pickup trucks and commercial vehicles. The website serves as a portal for vehicle information, dealer networks, after-sales services, and marketing materials. It targets both individual consumers and business clients interested in Isuzu's transportation solutions within the region. The company has maintained the domain since 2015, indicating a stable market presence. Technically, the website is built on Drupal 7 with a combination of jQuery, Bootstrap, and various UI libraries. It employs modern web practices such as HTTPS, responsive design, and cookie consent mechanisms. However, some technologies like jQuery 1.10 are outdated, and explicit security headers are not evident in the HTML content, suggesting room for security enhancements. From a security perspective, the site enforces HTTPS and uses cookie consent banners aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a published security policy or incident response contact limits transparency in security governance. Analytics tools like Google Tag Manager and Hotjar are used with user consent, reflecting moderate user tracking. Overall, the website demonstrates a good balance of business credibility, technical implementation, and privacy compliance. Strategic improvements in security headers, updated libraries, and clearer security policies would enhance the security posture and trustworthiness further.

ISUZU France operates as a commercial vehicle manufacturer and distributor, focusing on trucks and pickups such as the D-MAX and Truck series. The website serves French-speaking customers with detailed product information, dealer locators, and customer service resources. The company is positioned as a significant player in the transportation sector in France, supported by a large-scale business infrastructure. Technically, the website employs modern frameworks including Laravel and Vue.js, with integration of Google Tag Manager and Iubenda for privacy compliance. The site is mobile-optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and CSRF protections, though some security headers and explicit incident response information are absent. Privacy policies are comprehensive and GDPR compliant, including a named Data Protection Officer. Overall, the site is professional, trustworthy, and safe for general audiences.

MIDI Europe Srl operates the official Italian website for Isuzu commercial vehicles, focusing on the sales and support of models such as the D-MAX pickup and various truck ranges. The company targets commercial vehicle buyers and fleet operators within Italy and Europe, providing comprehensive product information, after-sales services, and dealer network access. The website demonstrates a solid market position as a reputable manufacturer and distributor in the transportation sector. Technically, the site leverages modern frameworks like Vue.js and Laravel, integrates Google Tag Manager for analytics, and employs Iubenda for cookie compliance, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, implements standard security headers, and provides a whistleblowing channel and data protection officer contact, indicating a strong security posture. No critical vulnerabilities or suspicious elements were detected, and privacy policies are comprehensive and GDPR compliant. Overall, the website is professional, trustworthy, and well-aligned with the business's operational and compliance needs.

M

Mondelez International

fcmilka.de

63

The website fcmilka.de serves as a promotional platform for the Milka brand's campaign in partnership with the Bundesliga football league. It offers consumers opportunities to participate in contests and win prizes by entering codes from Milka products. The site targets football fans and Milka consumers primarily in Germany, leveraging strong brand partnerships and official licensing to enhance engagement. The business model focuses on marketing and brand promotion through interactive fan experiences and contests. Technically, the website is built using modern web technologies including React and Next.js, hosted behind Cloudflare's CDN and security services. It employs Google Tag Manager and cookie consent tools to manage analytics and privacy compliance. The site is well-optimized for mobile devices, performs well, and follows good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses security headers, and avoids exposing sensitive data. However, it lacks explicit security policy documentation and incident response contacts, which could be improved. Privacy compliance is strong with clear links to comprehensive privacy and cookie policies managed by Mondelez International. Overall, the website presents a low-risk profile with high legitimacy due to its association with a major global brand. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and enhancing incident response visibility to further strengthen trust and compliance.

E

Electronic Arts

easports.com

74

Electronic Arts (EA) operates the EA SPORTS website as a leading publisher of sports video games including FIFA, Madden NFL, NHL, UFC, PGA TOUR, and F1 titles. The website targets gamers and sports enthusiasts globally, offering rich content and branding consistent with a major enterprise in the technology and gaming sector. The technical infrastructure leverages modern web technologies such as New Relic for performance monitoring, Google Tag Manager and Optimize for analytics and marketing, and TrustArc for privacy consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are not present in the analyzed content. Privacy compliance is partially addressed with cookie consent mechanisms but lacks visible privacy policy or terms of service links in the provided content. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.

D

Deutsche Fußball Liga GmbH

bundesliga.com

74

The website represents the official digital presence of the Bundesliga, Germany's premier professional football league. It offers comprehensive sports content including live scores, news, match highlights, and club information, targeting football fans and sports media worldwide. The site is professionally designed with consistent branding and high-quality content, reflecting its position as a leading sports media entity. Technically, the site leverages modern web technologies such as Angular framework, Google Tag Manager for analytics, and Dynatrace for performance monitoring. It is hosted likely on AWS infrastructure, optimized for fast loading and excellent mobile responsiveness. The site employs robust security measures including HTTPS, security headers, and cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, no explicit contact information or incident response channels are publicly visible, which could be improved for transparency. Overall, the website is trustworthy, secure, and professionally maintained, though the lack of WHOIS data introduces some uncertainty about domain registration details. Strategic recommendations include enhancing visible contact and security incident response information and maintaining regular security audits to uphold the high security standards.

M

Muffin Group

muffingroup.com

59

Muffin Group is a well-established company specializing in premium WordPress themes and website building tools, notably Betheme and BeBuilder. The company targets WordPress users, developers, and agencies seeking versatile and feature-rich themes with extensive pre-built website demos and premium plugin integrations. Their market position is strong, supported by a large user base exceeding 300,000 satisfied customers and consistent product updates. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is hosted behind Cloudflare DNS, ensuring good performance and security. Security posture is solid with HTTPS enabled and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is partially addressed with a cookie consent mechanism, but lacks explicit privacy policy and terms of service pages. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, though improvements in privacy transparency and security hardening are recommended.

T

Tred Union

tredunion.fr

45

Tred Union is a French transport group established in 2009, focusing on regional transport and logistics services across diverse sectors including industrial, construction, agro-food, and e-commerce. The group aims to foster synergies among transport companies to offer competitive and specialized transport solutions such as refrigerated transport and large volume shipments. The website demonstrates a moderate level of digital maturity, leveraging modern web technologies like React, Google Maps API, and Google Analytics. However, it lacks explicit privacy and cookie policies, and no visible contact information was found in the analyzed content. Security measures include HTTPS and reCAPTCHA, but there is room for improvement in publishing security policies and headers. Overall, the site is professional and trustworthy with a strong market position in France's transport sector.

A

Atlas Estate Agents

atlasestateagents.co.uk

45

Atlas Estate Agents is a well-established real estate agency specializing in residential and commercial property sales, lettings, and management in Liverpool, UK. The company emphasizes competitive pricing, family business values, and customer service, positioning itself as a trusted local market player since 1965. Their website provides property search functionality, valuation requests, and detailed service information targeting buyers, sellers, landlords, and tenants in the Liverpool area. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Maps API, Google reCAPTCHA, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features are basic. Security measures include HTTPS enforcement and spam protection via reCAPTCHA, but lack certain HTTP security headers and cookie consent mechanisms. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. However, the absence of security headers and formal privacy/cookie consent banners indicates room for improvement in compliance and defense-in-depth. The WHOIS lookup failed due to querying a subdomain rather than the registered domain, limiting domain trust verification. Overall, the site is professional and trustworthy but could enhance its security posture and privacy compliance. Strategically, the company should prioritize implementing security headers, cookie consent mechanisms, and publishing security policies to strengthen user trust and regulatory compliance. Additionally, clarifying domain registration details and improving accessibility would further enhance their digital maturity and risk management.

S

smartsteuer GmbH

smartsteuer.de

63

smartsteuer GmbH operates a well-established online tax declaration platform targeting German taxpayers including employees, self-employed individuals, students, and pensioners. The service offers an intuitive, step-by-step tax filing experience with TÜV certifications and integration options such as Lexware Office. The company positions itself as a user-friendly alternative to traditional tax filing methods, emphasizing ease of use and maximizing tax refunds. Technically, the website is built on WordPress with modern plugins and libraries, hosted on sysEleven infrastructure, and optimized for performance and mobile use. Security posture is strong with HTTPS, cookie consent management, and TÜV certifications, though some security headers could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, smartsteuer demonstrates a mature digital presence with high trustworthiness and professional business operations.

L

Lexware (implied from URLs and branding)

quicksteuer.de

62

QuickSteuer.de is a German website offering tax declaration software targeted at private individuals seeking a fast and easy way to file taxes. The site is professionally designed, leveraging modern web technologies such as Webflow CMS, jQuery, and integrates Google Tag Manager and Usercentrics for analytics and privacy compliance. The business is positioned as an established player with over 25 years of experience and strong trust signals including TÜV Saarland and Chip magazine certifications. The website is fully accessible with no blocking or WAF challenges detected, and it demonstrates good privacy and cookie consent mechanisms. However, direct contact information and explicit security policies are not published, which could be improved to enhance trust and compliance.

H

Haufe X360

lexbizz.de

62

Haufe X360 is a cloud-based ERP platform tailored for small and medium-sized enterprises (KMU) primarily in German-speaking countries. It offers a comprehensive suite of integrated business functions including finance, inventory, CRM, production, and e-commerce, supported by a strong partner ecosystem and over 60 integration interfaces. The platform leverages modern technology partnerships with Acumatica and Microsoft Azure to deliver scalable, secure, and user-friendly ERP solutions. The website reflects a mature digital presence with professional design, clear navigation, and a focus on data security and compliance. Security posture is strong, with ISO 27001 certification and data hosting in German data centers, though explicit privacy and terms policies are not directly found in the provided content. Overall, Haufe X360 positions itself as a trusted, innovative ERP provider for the mid-market segment.

C

Cotec

cotec.es

10

Cotec is a Spanish non-profit foundation dedicated to promoting innovation through research, projects, and public engagement. The website reflects a well-established organization with a clear focus on innovation and youth, providing reports, observatories, and events. Technically, the site is built on WordPress with modern plugins and integrations such as HubSpot and Google Tag Manager, ensuring good SEO and user experience. Security posture is solid with HTTPS, cookie consent, and reCAPTCHA, though formal security policies and incident response contacts are absent. Overall, the site is professional, compliant with GDPR, and trustworthy, serving a broad audience interested in innovation in Spain.

M

musicdirectory.ch

musicdirectory.ch

47

musicdirectory.ch is a specialized online platform operated by Helvetiarockt, targeting women, inter-, trans-, non-binary, and agender individuals in the Swiss music industry. It serves as a directory and community hub offering listings of people, projects, and events to foster networking and visibility within this niche market. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages to cater to a diverse Swiss audience. Technically, it is built on WordPress with common plugins for forms, multilingual support, and performance optimization, and it integrates Google Analytics and Tag Manager for user tracking. Security-wise, the site uses HTTPS and some best practices like password strength meters and honeypots in forms but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy and security measures.

M

MIDI Europe Srl per Isuzu Svizzera

isuzu.ch

63

The website is the official Swiss portal for Isuzu vehicles, operated by MIDI Europe Srl for Isuzu Switzerland. It provides detailed information on Isuzu's D-Max models and trucks, dealer locations, customer support, and product catalogs. The site targets consumers and businesses interested in Isuzu vehicles within Switzerland and neighboring regions. The business model focuses on automotive sales and after-sales services, positioning itself as a regional distributor with a medium-sized market presence. Technically, the website is built on Drupal 7 CMS, utilizing common JavaScript libraries such as jQuery, Bootstrap, and Google Tag Manager for analytics. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO is basic but functional, and the site uses HTTPS with a valid SSL certificate, ensuring secure communications. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected, and no published security or incident response policies are available. There are no visible vulnerabilities or exposed sensitive data in the provided content. The WHOIS data aligns well with the business entity, indicating legitimacy and consistency. Overall, the website presents a professional and trustworthy digital presence with good privacy compliance. Recommendations include enhancing security headers, publishing security policies, and improving accessibility and SEO for a more robust security posture and user experience.

D

Deutscher Sparkassen- und Giroverband e.V.

sparkassen-schulservice.de

48

The Sparkassen-Schulservice website is a well-established educational platform operated by the Deutscher Sparkassen- und Giroverband e.V., providing free, neutral, and comprehensive financial literacy materials for school students in Germany. The platform targets both students and teachers, offering a wide range of resources including PDFs, videos, interactive exercises, and printed materials. The site is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins such as Yoast SEO and H5P for interactive content, and uses Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not published. Overall, the site is trustworthy, safe, and compliant with GDPR, serving as a valuable resource in the financial education sector.

W

Wiki Software International - Consulenza finanziaria

wikisoftware.it

43

Wiki Software International is a specialized Italian company founded in 2011, offering financial consultancy and software solutions focused on synchronizing financial flows and reducing errors in payment processes. Their market position is that of a niche provider with strong banking and financial know-how, targeting CFOs and financial departments of enterprises. The website reflects a professional B2B business model with key services including assessment, consultancy, international finance, IBAN checking, and a competence center. Technically, the site is built on WordPress with modern plugins and SEO tools, showing good mobile optimization and moderate performance. Security posture is adequate with HTTPS, DNSSEC, and reCAPTCHA, but the expired domain status is a critical risk. Privacy compliance is limited due to missing privacy and terms policies. Overall, the site is trustworthy and professional but requires urgent domain renewal and enhanced compliance documentation.

K

KaktusApps

kaktusapp.com

10

KaktusApps is a specialized eCommerce development company focused on providing a suite of innovative apps designed to enhance online store performance, increase sales, and improve customer engagement. Their offerings primarily target Shopify merchants but also extend to other eCommerce platforms. The company has established a solid market position with multiple apps available on the Shopify app store, supported by positive customer ratings and testimonials. Technically, the website is built using modern web technologies including Webflow CMS, Cloudflare DNS, and integrates marketing and analytics tools such as Google Tag Manager and Crisp Chat. The site is mobile optimized and demonstrates good performance and SEO practices. Security-wise, the domain is well protected with registrar locks and HTTPS is enforced, though DNSSEC is not enabled. However, the site lacks explicit privacy and cookie policies, and no direct contact information is provided, which are areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

B

BPER Banca

bper.it

70

BPER Banca is a large Italian banking group offering a wide range of financial services including retail banking, corporate banking, wealth management, loans, mortgages, and digital banking services. The website targets private individuals, businesses, and wealth management clients, providing comprehensive product offerings and digital access points. The site is built on a modern technical infrastructure using Liferay CMS, React, and various JavaScript libraries, ensuring a good user experience and mobile optimization. Security posture is strong with HTTPS enforced and bot protection via reCAPTCHA, though explicit security headers and published security policies are lacking. Privacy compliance is partially addressed with a cookie consent mechanism but no visible privacy policy or terms of service links in the main content. Overall, the website is professional, trustworthy, and well-positioned in the Italian banking sector.

I

ift Rosenheim GmbH

ift-montageplaner.de

57

ift Rosenheim GmbH is a reputable German institute specializing in building technology, particularly in the testing, certification, and planning of windows and building components. Their ift-Montageplaner tool facilitates professional and compliant planning of window wall connections, targeting installers, planners, and processors. The company holds multiple ISO certifications and is recognized internationally. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes consent management for privacy compliance. Security posture is strong with HTTPS and consent mechanisms, though additional HTTP security headers could enhance protection. Overall, the site is professional, well-structured, and trustworthy, with clear contact information and partner integrations.

D

Dr.Dünner AG

pourelle.ch

54

Dr.Dünner AG operates the website pourelle.ch, offering natural and sustainable Swiss supplements targeted at women's cycle health. The company positions itself as a niche player in the healthcare sector, focusing on female empowerment and natural wellness. The website provides educational content alongside product offerings, emphasizing Swiss origin and quality. Technically, the site is built on WordPress with the Avada theme, leveraging modern SEO tools like Yoast and tracking via Google Tag Manager. The site is well-optimized for mobile and presents a professional user experience. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, though security headers and incident response information are lacking. Privacy compliance is partially addressed with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration aligns with the business claims, indicating legitimacy and trustworthiness.

B

blogduwebdesign

blogduwebdesign.com

61

Blog Du Webdesign is a French-language online resource hub focused on web design, UX, and UI for web professionals and enthusiasts. It offers high-quality articles, tutorials, toolboxes, and trend analyses tailored for experts in the web industry. The website is built on the e-monsite CMS platform and leverages modern web technologies including Bootstrap 4, jQuery, Google Fonts, and integrates advertising and tracking tools such as Google Adsense, Google Analytics, and Facebook Pixel. While the site demonstrates strong content quality, professional design, and good SEO practices, it lacks some security headers and a cookie consent mechanism, which are important for GDPR compliance. The WHOIS data for the domain is unavailable, which raises some concerns about domain legitimacy, though the website's professional appearance and active social media presence mitigate this risk. Overall, the site is a valuable resource for its target audience but would benefit from enhanced security and privacy compliance measures.

M

Mesresa

mesresa.fr

54

Mesresa is a French company providing a comprehensive software solution for managing seasonal and short-term rental properties. Their platform targets property owners and managers seeking to optimize bookings, automate reservation processes, and increase rental revenue. The website is professionally designed, mobile-optimized, and integrates with major rental platforms and payment gateways, reflecting a mature digital infrastructure. However, the absence of WHOIS registration data and lack of explicit privacy and security policies slightly reduce trustworthiness. The site uses modern web technologies including Bootstrap 4 and jQuery, with Google Tag Manager for analytics. Security posture is adequate with HTTPS and secure payment integration but lacks some recommended HTTP security headers. Overall, Mesresa presents a credible business with room for improvement in transparency and security best practices.

U

Up spot

upspot.app

61

UP Spot operates a French-language website promoting a mobile application for guided tourist visits, focusing on cultural, historical, and architectural heritage. The business targets tourists and residents seeking flexible, self-paced tours via curated circuits with multimedia content. The website is professionally designed, mobile-optimized, and integrates modern web technologies including Bootstrap 4, jQuery, and Google Analytics. Privacy and cookie policies are implemented with GDPR compliance, and social media presence is established on Facebook and Instagram. However, direct contact emails and phone numbers are not explicitly provided, relying instead on contact forms. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks explicit security policies or vulnerability disclosure channels.

L

Luminjo

luminjo.com

64

Luminjo is a French SaaS company providing an intuitive online customer support software designed to centralize client inquiries and improve team collaboration. The platform targets small to medium enterprises, startups, and associations, offering features such as ticket centralization, tracking, and API integration. The website is professionally designed, mobile-optimized, and includes multi-language support, reflecting a mature digital presence. Technically, the site uses modern web technologies including jQuery, Google Analytics, and a proprietary CMS framework, ensuring a functional and responsive user experience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though lacks explicit security headers and incident response information. WHOIS data for the subdomain is unavailable, which is typical for subdomains, but the main domain's WHOIS data was not provided for analysis. Overall, Luminjo presents a credible and professional online presence with room for enhanced security transparency.

C

Carers UK

carersuk.org

65

Carers UK is a well-established UK-based non-profit charity dedicated to supporting unpaid carers through expert information, advice, support services, and advocacy campaigns. The organization has a strong market position with over 60 years of history and a clear focus on improving carers' lives across the UK. Their website reflects a professional and user-friendly platform that effectively serves their target audience of unpaid carers. Technically, the site uses a modern technology stack including Umbraco CMS, jQuery, Bootstrap, and integrates Google Analytics and Tag Manager for analytics. Hosting and DNS are managed via Cloudflare, providing good performance and security. Security posture is solid with HTTPS enforced and standard security headers likely in place, though DNSSEC is not enabled and no explicit security policy or vulnerability disclosure is published. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, well-branded, and provides comprehensive content relevant to its audience.

R

Reisswolf

reisswolf.ch

64

Reisswolf Schweiz is a specialized service provider offering secure, certified, and sustainable destruction of sensitive documents and data carriers across Switzerland. The company targets businesses, public authorities, healthcare providers, and legal firms, providing services compliant with Swiss data protection laws and international standards such as DIN 66399 and ISO/IEC 21964. With multiple regional offices, Reisswolf ensures localized service delivery and strong customer support. The website reflects a mature digital presence built on WordPress with modern SEO and privacy compliance features. Security posture is strong, leveraging HTTPS, certified processes, and secure logistics containers, although incident response contact details are not publicly disclosed. Overall, the company demonstrates high trustworthiness and professionalism in its market niche.

P

Paprec Group

paprec.com

65

Paprec Group is a leading French company specializing in waste management and recycling services. Established in 1994, it has grown into a major player in the environmental sector, serving both industrial clients and local authorities with a comprehensive range of services including waste collection, sorting, recycling, and energy valorization. The company emphasizes sustainability and circular economy principles, positioning itself as a key contributor to environmental preservation in France. The website reflects a mature digital presence with multilingual support and rich content aimed at educating and engaging its audience. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Matomo analytics. It demonstrates good performance, mobile optimization, and accessibility features. Security best practices are observed with HTTPS enforcement and security headers, although public security policies and incident response information are not explicitly published. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is missing or not publicly available, which raises minor concerns about domain registration transparency but does not detract significantly from the overall legitimacy given the professional website and business presence. Overall, Paprec Group's website is professional, secure, and compliant, supporting its position as a trusted leader in the recycling industry. Strategic recommendations include publishing explicit security and incident response policies and improving domain registration transparency.

A

ARAG SE

arag-karriere.de

64

ARAG SE is a well-established German insurance company specializing in legal protection insurance and related services, with a strong market position as the largest family-owned insurer in Germany and a global leader in its niche. The website serves as a professional career portal targeting job seekers interested in joining ARAG, featuring comprehensive content about company values, culture, and job opportunities. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, Matomo analytics, and a proprietary recruitment platform by talentsconnect, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforcement, cookie consent mechanisms, and privacy compliance, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, with no signs of blocking or suspicious activity.

R

Radio Munot

radiomunot.ch

62

Radio Munot is a regional Swiss radio station providing local news, music, and media content to its audience. The website serves as a digital platform for live streaming, media library access, and event information, targeting local listeners. The business operates primarily in the media sector with a small-scale regional focus. Technically, the website is built on a modern Angular framework with integration of Google Tag Manager and Consent Manager for analytics and cookie compliance. The site is mobile optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enforced and basic security headers inferred, but lacks explicit published security policies or incident response contacts. Privacy compliance is partially addressed through cookie consent but lacks a visible privacy policy or terms of service. Overall, the website is trustworthy and functional but would benefit from enhanced transparency and compliance documentation.

B

BigRock

bigrock.in

73

BigRock is a leading Indian domain registration and web hosting provider offering a wide range of services including shared, VPS, dedicated, and cloud hosting, along with email hosting, website building, and online marketing solutions. The company has a strong market position in India, reinforced by its partnership with HostGator India, and targets small to medium businesses and entrepreneurs seeking affordable and reliable web presence solutions. Technically, the website is built on modern frameworks like Next.js and React, with extensive use of analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook Pixel. The site is fast, mobile-optimized, and well-structured, providing an excellent user experience. Security-wise, the site enforces HTTPS and uses SSL certificates, along with security products like SiteLock and CodeGuard, but lacks explicit published security policies and vulnerability disclosure information. Overall, the website is professional and trustworthy, though it would benefit from enhanced privacy and security transparency.

P

Penzilla

penzilla.de

67

Penzilla is a German-based company specializing in digital solutions for company pension schemes (betriebliche Altersvorsorge). Their platform offers comprehensive services including contract digitalization, automated administration, and consulting tailored for insurance brokers, HR departments, and large enterprises. The website reflects a mature business with strong branding, client trust signals, and integration capabilities with major HR and payroll systems such as DATEV and SAP. Technically, the site is built on WordPress with Elementor and leverages modern marketing and consent management tools like HubSpot and Usercentrics. Security posture is good with HTTPS and GDPR-compliant cookie consent, though explicit security policies and headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

T

Tokenize.it GmbH

tokenize.it

58

Tokenize.it GmbH operates a sophisticated digital platform focused on startup fundraising and investment using tokenized virtual shares on the Ethereum blockchain. The company targets startups, founders, investors including business angels, venture capitalists, and retail investors primarily in Germany and Austria. Their platform enables continuous fundraising without notary involvement, leveraging legal templates optimized for GmbH companies. The business is positioned as a leader in digital fundraising with over €10 million in tokenized assets and more than 65 companies onboarded. Technically, the website is built on Webflow with modern libraries such as GSAP and Swiper.js, integrating blockchain technology and advanced analytics tools like Google Analytics, Hotjar, and LinkedIn Insight. Security posture is strong with HTTPS, DNSSEC, and non-custodial wallet control, though the absence of a published security policy and incident response details is noted. Privacy compliance is robust with GDPR-aligned cookie consent mechanisms and clear privacy and terms pages. The domain is well-aged but currently expired, posing a risk that should be addressed promptly. Overall, Tokenize.it presents a professional, trustworthy, and technically mature digital presence with room for improvement in security transparency and operational domain management.