Security Directory

Z

Zeppelin Konzern

zeppelin.com

71

Zeppelin Konzern is a large German enterprise specializing in providing innovative solutions across construction, industry, plant engineering, and energy sectors. The company operates globally with over 200 locations, emphasizing sustainability and corporate social responsibility. Their business model focuses on B2B services including machinery, rental, power systems, and engineering solutions. The website reflects a mature digital presence with professional design and comprehensive content tailored to industrial clients and partners. Technically, the website leverages modern frameworks such as Next.js and React, supported by CDN hosting and enhanced with Google Tag Manager and OneTrust for privacy compliance. The site is mobile-optimized, fast-loading, and accessible, indicating a high level of digital maturity. Security best practices are observed with HTTPS enforcement and security headers, although no public vulnerability disclosure or incident response information is provided. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well implemented with clear cookie consent mechanisms and GDPR-aligned privacy policies. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, though the website content and branding strongly support the authenticity of the business. Overall, Zeppelin Konzern presents a professional, trustworthy, and secure online presence suitable for its enterprise audience. Strategic recommendations include publishing a vulnerability disclosure policy, incident response contacts, and continuing regular security audits to maintain and enhance trust.

W

WMS WebMediaSolutions GmbH

it-wms.com

53

WMS WebMediaSolutions GmbH operates a professional website offering specialized panoramic and livestream camera solutions for sectors including tourism, construction, industry, and meteorology. The company emphasizes robust outdoor systems with in-house software development, enabling customized and flexible solutions. Their market position is that of a niche technology provider with a focus on B2B clients requiring advanced camera and livestreaming technologies. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, Matomo, and Google Tag Manager. The site is mobile-optimized, SEO-friendly, and includes a comprehensive cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses bot management and reCAPTCHA services. However, it lacks explicit security headers and documented incident response policies. No critical vulnerabilities were detected in the visible content or scripts. Privacy compliance is strong with clear policies and consent management. A notable risk is the absence of WHOIS registration data for the domain, which is inconsistent with the active and professional nature of the website. This discrepancy lowers the overall trust score and suggests further verification is needed. Overall, the website is well-constructed, secure, and compliant, but domain registration transparency should be addressed.

G

Graz Tourismus

graztourismus.at

72

Graz Tourismus operates as the official tourism board for the city of Graz, Austria, providing comprehensive information and booking services for accommodation, sightseeing, and events. The website targets tourists and visitors interested in exploring Graz, positioning itself as a trusted source for travel planning in the region. The business model focuses on tourism promotion and visitor engagement, leveraging digital channels to enhance the city's attractiveness. Technically, the website employs modern web technologies including Bootstrap 5 for responsive design, Google Tag Manager for analytics, and Cookiebot for GDPR-compliant cookie management. The presence of Pimcore personalization scripts suggests a mature digital infrastructure aimed at delivering tailored user experiences. The site demonstrates good performance, mobile optimization, and accessibility standards. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers. Cookie consent mechanisms are in place, and privacy policies are comprehensive and GDPR compliant. However, there is no explicit security policy or incident response contact published, which could be improved to enhance transparency and readiness. Overall, the website is professional, trustworthy, and well-aligned with its business purpose. The risk profile is low, with no detected vulnerabilities or suspicious activities. Strategic recommendations include publishing a dedicated security policy, adding incident response contacts, and considering a security.txt file to facilitate vulnerability disclosures.

O

OBI Hungary Kft.

obi.hu

66

OBI Hungary Kft. operates a comprehensive retail and e-commerce platform focused on home improvement, gardening, and construction products in Hungary. The website www.obi.hu serves as a digital storefront offering over 80,000 products, supported by in-store services such as tool rental and design studios. The company is part of the larger OBI Group, a well-established European retail chain. The site targets homeowners, DIY enthusiasts, and professionals seeking quality products and services for home and garden projects. Technically, the website employs modern frameworks such as Vue.js and integrates advanced analytics and marketing tools including Google Tag Manager, Hotjar, and Instana, ensuring a fast, mobile-optimized, and accessible user experience. Privacy compliance is robust, with clear cookie consent mechanisms and comprehensive privacy policies in Hungarian language, reflecting GDPR adherence. Security posture is strong, with HTTPS enforced, appropriate security headers, and no visible vulnerabilities or exposed sensitive data. WHOIS data confirms the domain's legitimacy and consistency with the business identity. Overall, the site demonstrates a mature digital presence with professional design, clear navigation, and trustworthy business information.

O

OBI Česká republika

obi.cz

67

OBI Česká republika operates as a leading home improvement retailer in the Czech market, offering a wide range of products and services including online shopping, in-store purchases, wood cutting, and tool rental. The company targets consumers and DIY enthusiasts, leveraging a strong brand presence and a comprehensive e-commerce platform. The website demonstrates a mature digital infrastructure with modern technologies such as Vue.js, Google Tag Manager, and Hotjar, ensuring a fast, mobile-optimized, and accessible user experience. Security measures are robust, with HTTPS enforced and multiple security headers implemented, although no public incident response or vulnerability disclosure policies were found. Overall, the website reflects a professional and trustworthy retail operation with good privacy compliance and user engagement.

O

OBI

obi.sk

66

OBI Slovensko operates as a major retail brand specializing in home improvement, garden, construction, kitchen, and bathroom products and services. The website targets general consumers in Slovakia, offering both online shopping and in-store services such as wood cutting and tool rental. The company maintains a strong market position as a leading home improvement retailer in the region. Technically, the website leverages modern frameworks like Vue.js, integrates multiple analytics and marketing tools, and uses performance optimizations such as Baqend SpeedKit and Imgix CDN for images. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit privacy and cookie policies are not found in the provided content. Overall, the site is professional, well-branded, and trustworthy, but could improve transparency on privacy and incident response.

Д

Държавна агенция за закрила на детето

116111.bg

46

The website www.116111.bg is the official online presence of the National Telephone Line for Children 116 111, operated by the State Agency for Child Protection in Bulgaria. It provides free, anonymous, and 24/7 telephone and online chat support services aimed at children, parents, and professionals working with children. The site serves as a government non-profit service focused on child welfare and protection, with a clear mission and target audience. The content is primarily in Bulgarian with multilingual support, and the site includes news, stories, and resources relevant to child protection.

W

WeNet Group S.A.

wenet.pl

11

WeNet Group S.A. operates a professional digital marketing and technology services website targeting small and medium enterprises in Poland. The company offers a broad range of services including website creation, SEO, e-commerce solutions, Google Ads, social media management, hosting, and email marketing. The website is well-branded, consistent, and supported by strong trust indicators such as Microsoft and Google partnerships. Technically, the site is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and consent mechanisms, though some security headers could be improved. No blocking or WAF interference was detected, allowing full content access. WHOIS data confirms domain legitimacy and consistency with the business identity. Overall, the site reflects a mature digital presence with strong business credibility and compliance.

O

OBI Italia

obi-italia.it

68

OBI Italia is a prominent retail and e-commerce company specializing in DIY, home improvement, and gardening products targeted at the Italian market. The website offers a comprehensive product catalog, promotions, and services such as home delivery and equipment rental, positioning itself as a market leader in Italy. The digital infrastructure is modern, leveraging Vue.js and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for consumers.

M

MAXIMILIAN.it

maximilian.it

10

MAXIMILIAN.it is a medium-sized Italian fashion retailer operating both online and through physical stores. The website hosts over 200 fashion brands and targets fashion consumers primarily in Italy, with multilingual support for German and English. The business model is focused on e-commerce retail leveraging the Shopify platform, providing a seamless shopping experience with integrated marketing and analytics tools. The site is professionally designed with consistent branding and good content quality, supporting a positive user experience.

B

bauexpert S.p.A

domusbauexpert.it

11

DOMUS bauexpert is a medium-sized Italian company specializing in high-quality interior and exterior finishing products, including flooring, coverings, bathroom furnishings, and doors. It operates primarily in the Trentino Alto Adige region, offering a comprehensive customer experience through multiple showrooms and expert consultancy services. The website reflects a strong regional market position with a focus on professional design and customer support. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Google reCAPTCHA, and Iubenda for cookie compliance, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, although some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

K

Kostner GmbH

kostner.net

9

Kostner GmbH operates a diversified business primarily in the energy sector, offering fuel products, retail services through gas stations and bistros, waste cleaning and disposal, and energy systems including e-mobility solutions. The company targets both general consumers and business clients within Italy, maintaining a medium-sized regional presence with multiple related subsidiaries. The website is built on TYPO3 CMS and integrates modern technologies such as Google Tag Manager and Usercentrics for analytics and consent management, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and incident response information. The absence of WHOIS data for the domain raises concerns about registration legitimacy, though the professional website and consistent business information mitigate some trust issues. Overall, the site is well-designed, mobile-optimized, and compliant with GDPR privacy requirements, supporting a positive user experience and business credibility.

P

Pattis & Pastorelli GmbH | Srl

pattis-pastorelli.com

52

Pattis & Pastorelli GmbH is a small, independent insurance agency based in Brixen, Italy, with over 70 years of experience. The company offers personalized insurance solutions, financial planning, and asset protection services, collaborating with multiple reputable insurance partners such as Allianz and Italiana. The website reflects a professional and trustworthy business with clear contact information and comprehensive privacy and cookie policies. Technically, the site uses modern CMS technology (Consisto CMS), integrates Google Tag Manager and Analytics, and implements a consent management platform for GDPR compliance. Security posture is adequate with HTTPS and consent mechanisms, though security headers are not detected and WHOIS data is missing, which slightly reduces trust. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations, serving its target audience effectively.

Vertical-Life operates a specialized digital platform focused on delivering real-time competition results for climbing events. Their service supports multiple climbing disciplines and competition formats, offering features such as seamless registration, judging interfaces, participant messaging, and series rankings. The platform targets climbing event organizers, judges, and athletes, positioning itself as a niche leader in climbing competition technology. Technically, the website is built with modern JavaScript frameworks (likely Vue.js), integrates Google services for analytics and advertising, and employs cookie consent mechanisms indicating GDPR awareness. Security posture is strong with HTTPS, security headers, and bot protection via reCAPTCHA, though explicit security policies and incident response contacts are absent. Overall, the site is professional, well-designed, and trustworthy, with minor gaps in privacy documentation and incident response readiness.

S

Südtirol Alto Adige

suedtirol.info

70

The website www.suedtirol.info is the official tourism portal for the South Tyrol (Südtirol Alto Adige) region in Italy. It provides comprehensive information about accommodations, events, regional products, and travel guidance for visitors. The site is well-branded with consistent regional identity and targets tourists seeking detailed and multilingual content about South Tyrol. The business model focuses on tourism promotion and facilitating bookings and event discovery. Technically, the site uses modern web technologies including Adobe Experience Manager CMS, Algolia search, Usercentrics consent management, and Google Tag Manager for analytics and marketing. The site is mobile-optimized, fast, and accessible with good SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit privacy policy and terms of service pages were not found in the provided content, which is a compliance gap. WHOIS data is privacy protected, common for official tourism sites, and no suspicious patterns were detected. Overall, the site is professional, trustworthy, and well-positioned in its market niche.

T

Tourismusgenossenschaft Sterzing Pfitsch Freienfeld

knoedelfest-sterzing.com

51

The website www.knoedelfest-sterzing.com represents a regional cultural event focused on the traditional Knödelfest in Sterzing, South Tyrol, Italy. It serves as an informational and promotional platform for the annual dumpling festival, highlighting the event's history, culinary offerings, and local tourism attractions. The site is well-structured with multilingual support and integrates modern web technologies including Google Analytics and a consent management platform to comply with privacy regulations. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the content and branding strongly suggest a legitimate tourism event. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies or incident response information. Overall, the site provides a good user experience with clear navigation and relevant content for its target audience of tourists and food enthusiasts.

W

Weihnachtsmarkt Sterzing in Südtirol - Glockenweihnacht

weihnachtsmarkt-sterzing.com

52

The website www.weihnachtsmarkt-sterzing.com serves as an official tourism and event promotion platform for the Sterzing Christmas Market in South Tyrol, Italy. It provides detailed information about the event, related programs, accommodation options, and regional tourism highlights. The site targets general audiences interested in cultural and holiday events, leveraging multilingual support (German, Italian, English) to reach a broad visitor base. The business model focuses on regional tourism promotion and event marketing, positioning itself as a key local resource for visitors. Technically, the site is built on ASP.NET Web Forms using the Consisto CMS platform, integrating modern JavaScript libraries and Google services such as Google Tag Manager and Google Analytics. The site implements a comprehensive cookie consent mechanism compliant with GDPR, indicating a mature approach to privacy. Performance and mobile optimization are good, though accessibility features are basic. From a security perspective, the site uses HTTPS and enforces cookie consent but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. However, the WHOIS data for the domain is missing or inaccessible, which reduces trust in domain registration transparency. No direct contact information or security contacts are published on the analyzed page. Overall, the website is professional, content-rich, and privacy-conscious, suitable for its tourism promotion purpose. The main risk lies in the lack of domain registration transparency and limited visible security policies. Strategic improvements in security headers, contact disclosures, and domain WHOIS transparency would enhance trust and compliance.

C

Consisto GmbH

sterzing-ratschings.com

52

The website www.sterzing-ratschings.com serves as a regional tourism portal promoting the Sterzing-Ratschings-Gossensass area in South Tyrol, Italy. It provides comprehensive information about local attractions, activities, and accommodations, targeting tourists interested in alpine vacations, skiing, hiking, and cultural experiences. The site is professionally designed with good navigation and mobile optimization, leveraging modern web technologies and a consent management platform compliant with GDPR standards. Technically, it is built on ASP.NET Web Forms and uses Consisto CMS, integrating Google Analytics and Tag Manager for analytics and marketing purposes. Security posture is generally good with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected in the HTML. The absence of WHOIS data for the domain is a notable anomaly, raising questions about domain registration legitimacy, but the active and professional website presence mitigates some concerns. Overall, the site is a credible and well-maintained regional tourism platform with moderate technical maturity and privacy compliance.

G

Guestnet

guestnet.info

10

Guestnet is a hospitality-focused guest experience platform supporting over 2,500 hotels across multiple countries. The company offers a suite of products including a web app, TV info screens, print templates, and website widgets to digitize and enhance guest communication and services. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Google Tag Manager and Usercentrics for consent management. Security posture is strong with HTTPS and reCAPTCHA protections, though explicit security policies and incident response contacts are not published. The absence of WHOIS registration data is a notable anomaly that warrants further verification. Overall, Guestnet presents a credible and mature digital presence in the hospitality technology sector.

C

Consisto GmbH

vipiteno.com

54

The website www.vipiteno.com serves as a comprehensive tourism portal for the alpine town of Vipiteno in Alto Adige, Italy. It offers rich content including cultural events, outdoor activities, shopping, and local gastronomy, targeting tourists and visitors interested in mountain vacations. The site is professionally designed with multilingual support and clear navigation, reflecting a mature digital presence. Technically, it is built on ASP.NET Web Forms and uses modern tracking and consent management tools such as Google Analytics, Google Tag Manager, and AVACY for GDPR compliance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness but does not detract from the website's professional appearance and functionality. Overall, the site is a reliable and well-maintained regional tourism resource.

K

Kiflo

kiflo.com

76

Kiflo is a specialized SaaS company offering Partner Relationship Management software designed for transparency and scalability. Their platform enables B2B companies to onboard, support, pay, and track partner revenue efficiently, integrating seamlessly with popular CRMs like HubSpot and Salesforce. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeted at businesses looking to scale their partner programs. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, and various analytics and marketing tools, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit incident response and vulnerability disclosure policies are not found. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy, which should be further investigated. Overall, Kiflo presents as a credible and professional business with a strong market position in the PRM space.

S

Städtereinigung Gerke GmbH

staedtereinigung-gerke.de

62

Städtereinigung Gerke GmbH is a well-established regional service provider specializing in municipal and industrial waste management and sanitation services in Tönisvorst, Willich, and surrounding areas in Germany. With over 60 years of history, the company offers a broad range of services including hazardous waste disposal, sanitary rentals, and container rentals through an online shop. The website reflects a professional and consistent brand image targeting local businesses, municipalities, and citizens. Technically, the site is built on modern frameworks such as Next.js and React, hosted on Vodafone infrastructure, and incorporates consent management and analytics tools like Usercentrics and Google Tag Manager. Security posture is solid with HTTPS and basic security best practices, though explicit security headers and incident response policies are not published. Overall, the site is accessible, well-structured, and compliant with GDPR, but could improve transparency on security and incident response. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms.

CURANTO is a German container rental service specializing in providing containers for construction debris, bulky waste, and garden waste. The company targets both private and business customers, positioning itself as a reliable and cost-effective service provider with TÜV certification enhancing its trustworthiness. The website is professionally designed using modern web technologies such as Nuxt.js and Vue.js, hosted on maxcluster infrastructure, and optimized for mobile devices. Tracking and analytics tools like eTracker and Google Tag Manager are implemented with a cookie consent mechanism via Cookiebot, indicating basic privacy compliance. Security posture is adequate with HTTPS enabled, but lacks explicit security policies and some security headers. Overall, the domain registration and website content are consistent and legitimate, reflecting a medium-sized transportation sector business.

Swish is a specialized SaaS provider offering wishlist solutions tailored for Shopify and other e-commerce brands. The company positions itself as a trusted partner for ambitious online retailers, providing seamless wishlist integration, customer behavior analytics, and personalized notifications to enhance customer engagement and drive sales growth. The website reflects a mature and professional business with a strong market presence evidenced by thousands of stores using their service and hundreds of positive reviews. Technically, the site employs modern frameworks such as React and integrates with various analytics and chat tools, demonstrating a solid digital infrastructure and good performance. Security posture is strong with HTTPS enforcement and appropriate security headers, though the absence of a visible cookie consent mechanism and dedicated security policies indicates room for improvement in privacy compliance and transparency. Overall, the site is trustworthy and well-constructed, with minor gaps in privacy and incident response disclosures.

D

Domain Protection Services, Inc.

fibr.shop

65

Fibr AI is a newly established technology company founded in 2023, offering an AI-driven Conversion Rate Optimization (CRO) workforce platform targeted at marketers. Their key services include AI agents for personalization, optimization, and 24/7 monitoring to help businesses increase visitor conversions effortlessly. The website is built on modern infrastructure using Framer CMS and hosted behind Cloudflare, integrating multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Mixpanel, and LinkedIn Insight Tag. The technical implementation is solid with HTTPS enabled and a moderate performance profile, though some security best practices like DNSSEC and security headers are missing. The security posture is decent but could be improved by adding explicit security policies and vulnerability disclosures. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Business credibility is moderate with consistent branding but lacks direct contact information and trust signals like certifications or testimonials. Overall, the website is professional and safe for general audiences, with no adult or questionable content detected.

K

Kleine Zeitung GmbH

kleinezeitung.at

78

Kleine Zeitung GmbH operates a prominent regional news website serving Styria, Austria, providing current news, sports, culture, and regional events. The company has a long history dating back to 1904 and maintains a strong market position as a leading regional media outlet. Their business model combines advertising revenue with subscription services, notably the Kleine Pur subscription that offers an ad-light experience. Technically, the website employs modern JavaScript frameworks such as Vue.js and integrates multiple third-party analytics and advertising platforms, including Chartbeat, Cxense, and Tinypass, alongside a GDPR-compliant consent management system by Didomi. The site is well-optimized for mobile and SEO, with good accessibility features. Security-wise, the site enforces HTTPS, uses security headers, and manages cookie consent effectively, though it lacks a publicly available security policy or incident response contact. Overall, the site demonstrates a mature digital presence with strong trust signals and compliance with privacy regulations.

R

Region Graz - Steiermark Tourismus

regiongraz.at

67

The website www.steiermark.com serves as the official tourism portal for the Graz region and the broader Styrian area in Austria. It provides comprehensive information about local attractions, events, and travel opportunities, targeting tourists and visitors interested in exploring the region. The site is professionally designed with a clear focus on user experience, multilingual support (German and English), and regional branding consistent with the official tourism authority. The business model centers on destination marketing and promoting regional tourism services, positioning itself as a key player in Austria's hospitality sector. Technically, the website employs a modern technology stack including Matomo for analytics, Google Tag Manager, and Cookiebot for consent management, indicating a mature digital infrastructure. The use of Pimcore CMS suggests a robust content management system tailored for complex content needs. The site is mobile-optimized, accessible, and SEO-friendly, ensuring broad reach and usability. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms aligned with GDPR requirements. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a published security policy or incident response contacts is noted as an area for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for tourism entities. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and maintaining transparency in domain registration details to further boost trust and security assurance.

T

topi

topi.eu

68

topi is a technology company specializing in providing a B2B subscription platform for hardware-as-a-service. Their platform enables retailers and manufacturers to offer hardware products on a monthly subscription basis, targeting business customers and retail partners. The website demonstrates a strong market position with partnerships with leading IT retailers and a clear focus on simplifying hardware acquisition through subscription models. Technically, the website is built on modern web technologies including Webflow CMS, Google Analytics, Microsoft Clarity, and Segment Analytics, indicating a mature digital infrastructure with good performance and mobile optimization. Security posture is solid with HTTPS enforced and secure forms, though explicit security headers and incident response information are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, supporting the company's business credibility and market presence.

The Oskar-Patzelt-Stiftung operates the website mittelstandspreis.com, which promotes and manages the "Großer Preis des Mittelstandes," Germany's premier economic award for medium-sized enterprises. The foundation focuses on recognizing outstanding achievements of the Mittelstand, fostering regional marketing, and building a strong network of nominated and awarded companies. The website is well-structured, content-rich, and targets medium-sized businesses and economic stakeholders in Germany. The business model is non-profit, emphasizing economic development and recognition rather than commercial sales. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including jQuery, Bootstrap, and Google Analytics with privacy-conscious configurations such as IP anonymization. The site is mobile-optimized and includes GDPR-compliant cookie consent mechanisms. However, some security best practices like security headers and published incident response policies are missing, which could be improved. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent, but lacks visible security headers and formal security policies. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional and consistent website content. Overall, the site presents a moderate security posture with room for improvement. Strategically, the foundation should address the WHOIS inconsistency, enhance security headers, and publish clear security and incident response policies to improve trust and compliance. The website is a credible and professional platform for its purpose but would benefit from technical and security enhancements to align with best practices.

Z

Zeppelin Rental

zeppelin-rental.de

65

Zeppelin Rental is a large German company specializing in the rental of machinery, equipment, and temporary infrastructure solutions primarily for business customers in the construction and transportation sectors. The website presents a professional and well-structured digital presence, offering detailed product categories and rental assistance tools. The technical infrastructure is based on Drupal CMS with modern JavaScript libraries and includes compliance with GDPR through cookie consent mechanisms. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not published. Overall, the website is trustworthy and well-positioned in its market segment.

BRUGG Pipes is a globally recognized specialist in flexible and rigid pipe systems, serving sectors such as energy, industrial manufacturing, and transportation. The company offers a comprehensive portfolio of pipe solutions for applications including district heating, cooling, industrial plants, tank stations, and cryogenic uses. As part of the BRUGG Group, it holds a strong market position with a focus on safety, quality, and environmental protection. The website reflects a mature digital presence with multilingual support and detailed product and service information. Technically, the website is built on TYPO3 CMS, integrating modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, LinkedIn Insight Tag, and eTracker. It employs a cookie consent mechanism compliant with GDPR, ensuring user privacy and transparency. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some security headers could be enhanced. Security posture is solid with HTTPS enforced and no evident vulnerabilities or exposed sensitive data. However, the absence of a security.txt file and incident response contacts suggests room for improvement in transparency and readiness. The WHOIS data is unavailable, possibly due to privacy protection or recent domain registration, which slightly reduces trust but is mitigated by the professional website content and branding. Overall, BRUGG Pipes presents a professional and trustworthy online presence aligned with its industry leadership. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving incident response visibility to further strengthen trust and compliance.

E

ETAPART AG

etapart.com

63

ETAPART AG is a specialized company focused on providing innovative and energy-efficient hall heating solutions primarily for industrial, sports, and workshop halls. With over 30 years of experience, the company offers services including planning, installation, renovation, and maintenance of decentralized heating systems. The website is professionally designed, content-rich, and targets B2B customers in the energy sector within Germany. Technically, the site is built on TYPO3 CMS and integrates modern tools such as Google Tag Manager and reCAPTCHA for analytics and bot protection. Security posture is good with HTTPS enabled, but lacks some security headers and explicit privacy and cookie policies. WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy despite the professional online presence. Overall, the site is trustworthy and well-positioned in its niche but should address privacy compliance and domain registration transparency to enhance trust.

K

komptech.com

komptech.com

53

Komptech.com is a professional website representing a company specializing in environmental technology, particularly in waste management and biomass processing machinery. The company targets business clients in the transportation and energy sectors, offering industrial equipment and technology solutions. The website demonstrates a good level of digital maturity with a modern WordPress CMS, optimized performance, and SEO best practices. However, the absence of explicit privacy and cookie policies and lack of visible contact information limit its privacy compliance and user trust. Security posture is generally good with HTTPS and some security headers, but could be enhanced by adding more explicit security policies and incident response contacts. The WHOIS data is missing or protected, which reduces domain trustworthiness and suggests a need for further verification of domain registration details. Overall, the website is professional and safe, but improvements in privacy compliance and transparency are recommended.

P

PRÄZI GROUP

praeziflachstahl.de

54

PRÄZI GROUP is a well-established manufacturing company specializing in precision flat steel products since 1904. The website reflects a professional B2B industrial focus with multilingual support and modern digital infrastructure. The company maintains a consistent brand presence and targets industrial clients primarily in Germany and possibly broader European markets. Technically, the site is built on WordPress with contemporary plugins such as Cookiebot for consent management and Weglot for translations, indicating a mature digital presence. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit security headers and published security policies. Privacy compliance is partially met with cookie consent but no visible privacy policy or terms of service on the homepage. Overall, the website is trustworthy and professional but could improve transparency and security documentation.

V

Viessmann

viessmann.de

51

Viessmann is a well-established German company specializing in energy-efficient heating, cooling, and ventilation systems with a strong emphasis on renewable energy and sustainability. The website demonstrates a mature digital presence with comprehensive product and service information targeting both private customers and professional clients. Technically, the site uses modern web technologies including Adobe Experience Manager CMS, Google Tag Manager, and Usercentrics for consent management, indicating a high level of digital maturity. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security policies and vulnerability disclosures are absent. Overall, the site is professional, trustworthy, and aligned with industry best practices, supporting Viessmann's market position as a leader in climate and energy solutions.

V

VMZINC

vmzinc.com

67

VMZINC is a leading manufacturer and supplier of zinc building materials, specializing in roofing, facades, rainwater systems, and architectural ornaments. The company targets architects, roofers, and construction professionals globally, offering innovative and sustainable zinc solutions. Their website reflects a strong market position with comprehensive product information, technical support, and an international network. Technically, the website is built on the Kentico CMS platform and employs modern web technologies including Google Tag Manager, Microsoft Clarity, Facebook Pixel, and ReCaptcha V3 for security and analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site enforces HTTPS and uses ReCaptcha for form protection, but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data is a notable anomaly, suggesting possible privacy protection or registration inconsistencies. Overall, the website is professional, secure, and compliant with privacy regulations, though improvements in security headers and transparency around domain registration would enhance trust. The risk level is moderate with no critical issues detected.

A

Ambros Schmelzer & Sohn GmbH

a-schmelzer.com

51

Ambros Schmelzer & Sohn GmbH is a medium-sized German manufacturing company specializing in metal processing and the production of modular pipe systems, agricultural technology, plant construction, assembly, and related services. The company targets industrial clients and operates a professional e-commerce platform to support its business-to-business model. The website reflects a well-established business with consistent branding and comprehensive service offerings. Technically, the website is built on WordPress with WooCommerce, enhanced by modern performance and privacy tools such as WP Rocket and Usercentrics CMP. Analytics are implemented via Google Analytics and Matomo, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although there is room for improvement in public security policy disclosures and incident response information. The WHOIS data is missing or inaccessible, which slightly reduces trust but does not negate the professional presentation and business legitimacy. Overall, the website is secure, compliant with GDPR, and professionally maintained.

L

L'OREAL

armanibeauty.com

73

ArmaniBeauty.com is an e-commerce platform representing the luxury beauty brand Armani Beauty, under the parent company L'OREAL. The website offers a wide range of beauty products including makeup, fragrances, skincare, and beauty services, targeting consumers interested in premium luxury cosmetics. The site is well-structured with clear navigation and rich content, supporting multiple regions and languages. Technically, it leverages Salesforce Commerce Cloud, modern JavaScript libraries, and includes cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is generally good with HTTPS and service worker support, but lacks explicit security headers and a visible privacy policy, which are areas for improvement. The absence of WHOIS registration data for the domain is a concern, though the branding and structured data strongly suggest legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security practices.

Mercedes-Benz Schweiz AG operates the official Mercedes-Benz website for Switzerland, offering a comprehensive range of luxury vehicles including sedans, SUVs, coupes, and electric models. The company provides extensive services such as new and used car sales, leasing, financial services, vehicle configurators, and after-sales support. The website reflects a strong market position as a premium automotive brand with a clear focus on customer experience and digital engagement. Technically, the site leverages modern frameworks like Vue.js and is built on Adobe Experience Manager, ensuring a performant, mobile-optimized, and accessible platform. Security posture is robust with HTTPS, consent management, and data protection officer contacts clearly provided, although explicit security policy and vulnerability disclosure pages are absent. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and Swiss data protection laws.

E

Ellisphere

ellisphere.com

67

Ellisphere is a leading French company specializing in business information services, focusing on data marketing, risk management, and compliance solutions. The company targets business professionals and enterprises seeking to optimize their data-driven marketing strategies and manage financial and regulatory risks effectively. Their market position is strong within the French finance sector, supported by a professional and content-rich website that reflects their expertise and leadership. Technically, the website is built on WordPress with a modern technology stack including jQuery, Google Tag Manager, Matomo, Hotjar, and Cookiebot for analytics and privacy compliance. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards, although some accessibility features could be enhanced. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit published security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, which slightly impacts overall trust. Overall, Ellisphere presents a professional and trustworthy online presence with strong business credibility and technical maturity. The main risk lies in the opaque domain registration details, which should be addressed to improve trust and compliance posture.

J

Johner Institut

johner-institut.de

67

Johner Institut is a specialized consulting and software provider focused on medical technology manufacturers, helping them navigate complex regulatory environments to bring products to market efficiently. Their offerings include consulting, training, product testing, outsourcing services, and RegTech software solutions. The website is professionally designed, well-structured, and optimized for both desktop and mobile users, reflecting a mature digital presence. Technically, the site uses TYPO3 CMS with modern libraries like Bootstrap and jQuery, and is hosted behind Cloudflare for performance and security. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain and website content are consistent and trustworthy, with no blocking or suspicious elements detected.

C

Communicraft Ltd.

communicraft.com

57

Communicraft Ltd. is a well-established digital agency based in Dublin, Ireland, founded in 2001. The company specializes in web design, development, management, and strategic consultancy, with a strong focus on human-centered digital experiences. Their ISO 27001 certification underscores a commitment to information security, positioning them as a trusted partner for clients requiring secure and reliable digital solutions. The website reflects a professional and modern digital presence, showcasing client testimonials and case studies that reinforce their market position. Technically, the website employs modern frameworks such as Bootstrap and integrates multiple analytics platforms including Matomo, Hotjar, Google Tag Manager, and Simple Analytics, all managed with a cookie consent mechanism to ensure privacy compliance. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices evident in metadata and structured data. However, explicit security headers are not detected, suggesting room for improvement in HTTP security configurations. From a security perspective, the company demonstrates strong practices through ISO 27001 certification and secure web application maintenance. The presence of cookie consent and privacy policies indicates GDPR awareness and compliance. The absence of a published vulnerability disclosure policy or incident response contact is a minor gap. The WHOIS data is missing or unavailable, which raises questions about domain registration transparency but does not directly impact the website's operational security. Overall, Communicraft presents a low-risk profile with a mature digital infrastructure and strong business credibility. Strategic recommendations include enhancing HTTP security headers, publishing a vulnerability disclosure policy, and clarifying domain registration details to improve trustworthiness further.

F

Furet du Nord

furet.com

64

Furet du Nord operates a professional and comprehensive French online bookstore offering a wide range of books, ebooks, and cultural products. The website is well-structured, targeting French-speaking consumers interested in literature and related cultural goods. The business model combines e-commerce with physical stores, supported by a professional digital infrastructure based on Magento. The site integrates modern analytics and consent management tools, reflecting a mature digital presence. However, the absence of WHOIS registration data raises concerns about domain legitimacy that should be further investigated. Security posture is generally good with HTTPS and privacy compliance, but could be improved by implementing additional security headers and publishing explicit security policies. Overall, the website presents a trustworthy and professional front for a large retail business in France.

The Office de tourisme du Cambrésis operates a comprehensive regional tourism website aimed at promoting the Cambrésis area in France. The site targets tourists, local visitors, and professionals interested in the region, offering services such as event promotion, accommodation and restaurant listings, group catalogues, brochures, and ticketing. The business model is focused on tourism promotion and visitor information, positioning itself as a key regional authority in hospitality and cultural tourism. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, Owl Carousel, Matomo analytics, and Google Tag Manager, combined with a cookie consent manager (tarteaucitron) to ensure privacy compliance. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in security headers could be made. From a security perspective, the site enforces HTTPS and uses privacy-conscious analytics configurations. However, no explicit security headers were detected, and no incident response or security policy information is publicly available. The WHOIS data is missing, which limits domain trust analysis, but the professional content and official contact information support legitimacy. Overall, the website presents a solid digital presence with good content quality and privacy compliance, though it would benefit from enhanced security headers and transparency around security policies. The lack of WHOIS data is a concern but does not outweigh the positive trust signals from the site content and contact details.

T

Terre de Provence Tourisme

myterredeprovence.fr

54

Terre de Provence Tourisme operates as the official regional tourism office for the Provence area in France, providing comprehensive information on local villages, accommodations, cultural sites, events, gastronomy, and leisure activities. The website serves as a central hub for tourists seeking to explore the region, offering downloadable guides and interactive content. Technically, the site is built on the SPIP CMS platform, leveraging Bootstrap for responsive design and jQuery for interactivity. It integrates Google Tag Manager and Google Analytics for visitor tracking and uses Tarteaucitron for cookie consent management. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but could improve by adding more security headers and enhancing incident response visibility. The WHOIS data is privacy protected, which is typical for such public-facing tourism sites. Overall, the website is professional, accessible, and trustworthy, with no signs of blocking or adult content.

W

WIKA Alexander Wiegand SE & Co. KG

wika.com

79

WIKA Alexander Wiegand SE & Co. KG is a well-established German company specializing in industrial measurement technology, offering a wide range of products including pressure gauges, temperature sensors, level and flow measurement devices, and calibration services. The company targets industrial sectors such as energy and manufacturing, providing both products and comprehensive services including IIoT solutions. The website reflects a mature digital presence with professional design, clear navigation, and extensive product and service information. Technically, the site uses modern frameworks like Bulma CSS, FontAwesome icons, and integrates Google Tag Manager and Consentmanager for analytics and privacy compliance. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security policy or incident response page is found. WHOIS data is unavailable, which slightly reduces transparency but the overall trustworthiness remains high based on website content and branding. Strategic recommendations include enhancing security headers, publishing a security policy, and verifying domain registration details for full trust assurance.

M

Ministère de l'agriculture et de l'alimentation

laventureduvivant.fr

64

L'aventure du Vivant is an official French government educational website managed by the Ministry of Agriculture and Food. It provides comprehensive information about agricultural careers, training programs, and environmental awareness targeted primarily at students and young people interested in agriculture and nature-related professions in France. The site is well-branded with government logos and maintains a consistent professional image. Technically, the website is built on Drupal CMS with Bootstrap and jQuery, and uses modern analytics tools including Matomo, Google Tag Manager, and TikTok Pixel. It is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or suspicious content were detected. The domain registration is consistent with the official nature of the site, registered through a reputable registrar without privacy protection, appropriate for a government entity.

P

Peter Kaiser

peter-kaiser.com

63

Peter Kaiser is a historic and established European women's shoe brand with a strong online presence through its e-commerce platform. The website offers a wide range of women's shoes and bags, emphasizing quality, style, and fast delivery. The brand leverages modern digital tools including Shopware CMS, Google Tag Manager, and Usercentrics for consent management, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The lack of WHOIS data reduces domain trustworthiness but the website content and branding strongly indicate a legitimate business. Overall, the site is professional, user-friendly, and trustworthy for its target audience.

P

Pro Helvetia - Swiss Arts Council

prohelvetia.ch

73

Pro Helvetia - Swiss Arts Council is a government-funded cultural institution dedicated to supporting and promoting the arts in Switzerland and internationally. The organization provides funding, cultural exchange, and connection services to artists and cultural institutions. The website reflects a mature digital presence with multilingual support and comprehensive content tailored to its target audience of artists and cultural stakeholders. Technically, the site is built on WordPress with modern plugins for cookie consent, multilingual content, and analytics, hosted behind Cloudflare for security and performance. Security posture is strong with HTTPS, security headers, and bot protection, though it lacks a dedicated security policy or incident response page. Privacy compliance is robust, with clear GDPR-aligned policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned as a national cultural institution.