Security Directory

L

Start – Landesgartenschau Bad Nenndorf 2026

landesgartenschau-badnenndorf.de

48

The website for Landesgartenschau Bad Nenndorf 2026 serves as an informational portal for a regional garden exhibition event in Germany. It provides visitors with event dates, planning updates, and engagement opportunities. The site is built on Joomla CMS and uses modern frontend libraries such as Swiper and Fancybox, indicating a moderate level of technical maturity. However, the absence of privacy and cookie policies, as well as explicit contact information, suggests gaps in compliance and user trust facilitation. Security posture is basic, with no visible security headers or incident response contacts. Overall, the site is functional and informative but would benefit from enhanced privacy, security, and contact transparency to improve trust and compliance.

H

Holz Adrian

holz-adrian.de

67

Holz Adrian operates as a wood wholesaler and retailer primarily serving the construction, craft, and industrial sectors in Germany. The company offers a broad range of wood products including construction timber, parquet, doors, stairs, and garden wood products. Their market position is that of a regional supplier with a focus on B2B customers. The website is built on WordPress with WooCommerce, indicating a mature e-commerce infrastructure. Plugins for search, anti-spam, and cookie consent are implemented, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and anti-spam measures in place, but lacks advanced security headers and explicit privacy or terms policies, which are areas for improvement. Overall, the website is professional and trustworthy, but could enhance compliance and security transparency.

B

Bundesliga International GmbH

bundesliga-international.com

70

Bundesliga International GmbH operates as the global marketing and media rights arm of the Bundesliga, Germany's premier football league. The company focuses on international sales of media rights, commercial partnerships, and marketing initiatives to engage football fans worldwide. The website reflects a professional and consistent brand presence aligned with the parent company DFL Deutsche Fußball Liga. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses Google Tag Manager for analytics. Security posture is good with HTTPS and cookie consent implemented, though security headers are not evident and could be improved. The absence of WHOIS data for the domain is a notable anomaly, raising questions about domain registration transparency despite the site's legitimacy and official branding. Overall, the site is well-structured, GDPR compliant, and serves its business purpose effectively.

D

Deutscher Sparkassen- und Giroverband e.V.

sparkassen-schulservice.de

48

The Sparkassen-Schulservice website is a well-established educational platform operated by the Deutscher Sparkassen- und Giroverband e.V., providing free, neutral, and comprehensive financial literacy materials for school students in Germany. The platform targets both students and teachers, offering a wide range of resources including PDFs, videos, interactive exercises, and printed materials. The site is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins such as Yoast SEO and H5P for interactive content, and uses Google Tag Manager for analytics. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not published. Overall, the site is trustworthy, safe, and compliant with GDPR, serving as a valuable resource in the financial education sector.

S

Stiftung Leben mit Krebs

beweg-dich-gegen-krebs.de

10

Beweg Dich gegen Krebs is a German non-profit initiative operated by Stiftung Leben mit Krebs, focused on promoting physical activity and sports for cancer patients. The initiative leverages a mobile app to engage users in tracking their activities and encourages donations to support cancer patients locally. The website is professionally designed using WordPress and integrates modern technologies such as Swiper.js and Borlabs Cookie for consent management. It maintains a moderate security posture with HTTPS and cookie consent but lacks published privacy and terms of service policies. The site is well-positioned in the healthcare non-profit sector in Germany, targeting patients, supporters, and the general public interested in health and charity. The digital infrastructure is adequate, with room for improvement in security policies and compliance documentation.

K

KaktusApps

kaktusapp.com

10

KaktusApps is a specialized eCommerce development company focused on providing a suite of innovative apps designed to enhance online store performance, increase sales, and improve customer engagement. Their offerings primarily target Shopify merchants but also extend to other eCommerce platforms. The company has established a solid market position with multiple apps available on the Shopify app store, supported by positive customer ratings and testimonials. Technically, the website is built using modern web technologies including Webflow CMS, Cloudflare DNS, and integrates marketing and analytics tools such as Google Tag Manager and Crisp Chat. The site is mobile optimized and demonstrates good performance and SEO practices. Security-wise, the domain is well protected with registrar locks and HTTPS is enforced, though DNSSEC is not enabled. However, the site lacks explicit privacy and cookie policies, and no direct contact information is provided, which are areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

E

EasyRecyclage

easyrecyclage.com

60

EasyRecyclage is a leading French company specializing in tertiary waste management services, including recycling, secure destruction of confidential documents, and customized waste solutions. The company operates under the Paprec Group umbrella, leveraging a strong market position and extensive service offerings tailored to businesses and organizations across France. Their website reflects a professional and consistent brand image, emphasizing their expertise and client base of over 20,000 companies. Technically, the website is built on WordPress with Elementor, incorporating modern web technologies and providing a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is trustworthy and professionally maintained, supporting the company's credibility in the waste management sector.

W

WPorters

wporters.com

52

WPorters is a specialized managed WordPress hosting provider based in Belgium, established in 2014. The company offers managed hosting, custom WordPress development, and support services targeted at entrepreneurs using WordPress websites. Their market position is that of a niche provider focusing on performance, security, and expert assistance. The website demonstrates a mature technical infrastructure built on WordPress with modern plugins and frameworks, optimized for SEO and mobile responsiveness. Security posture is strong with HTTPS, clientTransferProhibited domain status, captcha-protected contact forms, and GDPR-compliant privacy and cookie policies. However, explicit security policies and incident response information are not publicly disclosed. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or content safety concerns.

L

lankeleisi-bikes

lankeleisi-bikes.com

69

Lankeleisi-bikes.com is the official e-commerce website for Lankeleisi, a company specializing in dual motor electric bikes, including all-terrain, fat tire, and city commuter models. The site emphasizes a three-year warranty, positioning itself as a reliable brand in the electric bike market. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Judge.me for customer reviews and ShipGuard for shipping protection services. Multilingual support is provided through TranslationLab, targeting a broad international audience. Technically, the site is well-structured with good SEO and mobile optimization, though some accessibility features could be improved. Security posture is solid with HTTPS and domain status protections, but lacks DNSSEC and explicit security policies. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, the site presents a professional and trustworthy front for its business, though it would benefit from enhanced transparency in privacy and security policies.

O

OneStore

one.store

65

OneStore is a technology company specializing in AI-powered customer engagement and marketing solutions tailored for e-commerce businesses. Their platform offers a comprehensive suite of tools including abandoned cart recovery, social proof notifications, gamified popups, email and SMS marketing, and integrations with major e-commerce platforms such as Shopify, WooCommerce, and BigCommerce. The company has established a strong market presence with over 150,000 businesses using their services and more than 2,450 five-star reviews on the Shopify App Store, indicating high customer satisfaction and trust. Technically, the website employs a modern technology stack with JavaScript frameworks, analytics tools like Google Analytics and ProfitWell, and customer support integrations such as Crisp chat. The site is hosted behind Cloudflare, ensuring performance and security benefits. The website is well-optimized for mobile devices, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses domain status protections to prevent unauthorized transfers or updates. Cookie consent mechanisms are implemented in compliance with GDPR and CCPA regulations. However, there is no explicit security policy or incident response contact information published, and DNSSEC is not enabled, which could be improved to enhance security posture. Overall, OneStore presents a professional, trustworthy, and technically sound online presence with strong privacy compliance and business credibility. Strategic improvements in security transparency and DNS security would further strengthen their risk profile.

V

Verein gegen Grenzen

laufgegengrenzen.ch

51

Lauf gegen Grenzen is a Swiss non-profit organization that organizes an annual charity run to support the rights of refugees, migrants, and undocumented persons. The event is community-focused, aiming to raise awareness and funds for migration-related causes in Basel. The website is built on WordPress using common libraries such as jQuery and Swiper.js, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and professionally presented, but improvements in privacy and security disclosures are recommended.

M

Macardo-Club 1904

macardo-club.ch

55

Macardo-Club 1904 is a niche hospitality club based in Switzerland, focused on providing an exclusive social and enjoyment experience centered around the Macardo Swiss Distillery brand. The club offers personalized membership cards granting access to a unique honesty bar and cigar lounge, along with events and corporate benefits. The website reflects a professional and consistent brand image with clear contact information and active event promotion. Technically, the site is built on WordPress with WooCommerce and uses modern web technologies and SEO best practices, though performance is moderate. Security posture is good with HTTPS and no obvious vulnerabilities, but lacks explicit security policies and headers. Privacy compliance is partial, with a cookie policy and consent mechanism present but no privacy policy page found. Overall, the domain registration and WHOIS data support legitimacy and consistency with the business claims.

W

West Fraser Timber Company

westfraser.com

53

West Fraser Timber Company operates a professional corporate website focused on manufacturing renewable wood building products. The company targets construction professionals and sustainability-conscious customers, positioning itself as a large player in the manufacturing sector. The website is built on Drupal 10, leveraging modern technologies such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The site is well optimized for mobile and accessibility, with good SEO practices and a clear cookie consent mechanism. Security posture is solid with HTTPS enforced, though explicit security headers are not detected and no vulnerability disclosure policy is published. WHOIS data for the domain is unavailable, which raises transparency concerns but does not negate the professional appearance and trust signals on the site. Overall, the website demonstrates a mature digital presence suitable for a large manufacturing business.

T

Team Deutschland Paralympics

teamdeutschland-paralympics.de

45

Team Deutschland Paralympics is the official German Paralympic team website, providing comprehensive information about athletes, events, news, and partners related to Paralympic sports in Germany. The site serves as an authoritative platform for fans, athletes, and stakeholders interested in Paralympic activities. It is supported by official government and sports federation entities, enhancing its credibility and trustworthiness. Technically, the website is built on TYPO3 CMS and employs modern front-end libraries and privacy-conscious analytics (Matomo) with GDPR compliance. The site is well-structured, mobile-optimized, and accessible, offering a professional user experience. Security posture is good with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website demonstrates a mature digital presence suitable for its non-profit, government-affiliated sports mission.

M

MOVE-ON(KO)

move-onko.de

47

MOVE-ONKO is a German healthcare project dedicated to integrating movement therapy into oncological care to improve patient outcomes by reducing side effects of cancer treatment. The project is funded by Deutsche Krebshilfe with a substantial budget and involves a consortium of clinical, scientific, and patient organizations. The website presents comprehensive information about the project, its vision, partners, and news updates, targeting cancer patients, healthcare professionals, and researchers. Technically, the site is built on WordPress with modern plugins and libraries, optimized for SEO and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and formal policies could be improved. WHOIS data is minimal but consistent with the project timeline and hosting infrastructure. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

A

Atelier Spolia GmbH

spolia.ch

50

Atelier Spolia GmbH is a small architectural and design atelier based in Bern, Switzerland. The company focuses on exploring architecture and design through a process of learning and rethinking, offering bespoke projects that encourage freedom of use and appropriation. Their market position is niche, targeting clients interested in innovative and open architectural solutions. The website is built on WordPress using the Lay Theme, incorporating modern JavaScript libraries such as jQuery and Swiper.js, indicating a moderate level of technical maturity. Mobile optimization is good, and the site uses HTTPS with valid SSL certificates, ensuring secure communication. However, the absence of privacy and cookie policies, security headers, and analytics tools suggests room for improvement in compliance and marketing sophistication. Security posture is adequate but could be enhanced by implementing standard security headers and formal incident response mechanisms. Overall, the website presents a professional image with clear contact information but lacks comprehensive privacy and security disclosures.

O

Office du Tourisme et des Congrès de la métropole de Lyon

visiterlyon.com

69

The website www.visiterlyon.com serves as the official tourism portal for Lyon and its metropolitan area, operated by the Office du Tourisme et des Congrès de la métropole de Lyon. It provides comprehensive tourism information, online booking services for hotels, restaurants, leisure activities, and city passes such as the Lyon City Card. The site targets tourists, families, business travelers, and groups, positioning itself as an authoritative and trusted source for visiting Lyon. The content is rich, professionally presented, and available in multiple languages, enhancing accessibility and user experience. Technically, the website employs modern web technologies including Alpine.js for interactivity, Swiper.js for sliders, and MapLibre GL for mapping. It integrates Google Tag Manager and Google reCAPTCHA for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security best practices are observed with HTTPS enforcement, security headers, and secure forms, although explicit security policy and incident response information are not published. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. However, WHOIS data for the domain is missing or unavailable, which is unusual for an official entity and slightly impacts trustworthiness. Despite this, the website's certifications, social media presence, and comprehensive content support its legitimacy. Overall, the website is a high-quality, secure, and user-friendly platform for promoting tourism in Lyon. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and a vulnerability disclosure policy to further enhance trust and transparency.

S

Schinkels

schinkels-brauhaus.de

56

Schinkels is a regional German brewery and hospitality business offering craft beers, a restaurant experience, and event hosting services. The company emphasizes quality, sustainability, and creating memorable moments for its customers. Their website is professionally designed using WordPress with SEO and event management plugins, providing a rich user experience and structured event data. Security posture is good with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are missing. Overall, the site reflects a mature digital presence suitable for their business model and target audience.

V

Valaisdigital

valais-economy.ch

52

Economic Promotion Valais is a regional government-affiliated entity focused on supporting entrepreneurs, startups, investors, and companies in the Canton of Valais, Switzerland. The website serves as a strategic platform offering services such as assistance to enterprises, innovation support, financial aid, and land or facility search to foster regional economic development. The site is professionally designed with consistent branding and clear navigation, targeting a broad audience of business stakeholders interested in the Valais economy. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, leveraging modern web technologies like jQuery and Swiper.js for interactive elements. The site is mobile-optimized and implements SEO best practices, including structured data for enhanced search visibility. Performance is moderate with good mobile responsiveness. From a security perspective, the website enforces HTTPS with strong SSL configuration and includes essential security headers. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit privacy policy and terms of service pages, which are important for compliance and user trust. Cookie consent is implemented via the Complianz GDPR plugin, indicating some level of privacy compliance. Overall, the website presents a low-risk profile with a strong business credibility and technical foundation. Strategic improvements include publishing comprehensive privacy and security policies, adding direct contact information, and implementing a vulnerability disclosure mechanism to enhance transparency and trust.

V

Valaisdigital

valais-economie.ch

69

Promotion économique Valais is a regional government economic promotion entity serving entrepreneurs and businesses in the Valais region of Switzerland. The website provides information and services to support innovation, business development, and investment in the local economy. It targets SMEs, startups, investors, and external companies interested in establishing themselves in Valais. The site is professionally designed using WordPress and Elementor, with good SEO practices implemented via Yoast SEO. Multilingual support is provided for French, German, and English audiences. Technically, the site uses modern web technologies and enforces HTTPS, ensuring secure communications. However, it lacks explicit privacy and terms of service pages, which are important for compliance and user trust. Security headers are not detected, indicating room for improvement in security hardening. The site uses Google Analytics with a cookie consent mechanism, reflecting basic GDPR compliance. Overall, the website is credible and trustworthy, aligned with its governmental role, but could enhance privacy and security policies to strengthen compliance and user confidence.

P

Pilgerzentrum St. Jakob Zürich

jakobspilger.ch

49

Pilgerzentrum St. Jakob Zürich is a small non-profit organization affiliated with the reformierte Kirche Zürich, focused on offering spiritual pilgrimage experiences, thematic pilgrimages, community events, and educational programs. Their website provides detailed event listings, newsletter signups, and community engagement features targeting pilgrims and spiritually interested individuals primarily in Switzerland. Technically, the site uses modern JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics and Tag Manager for tracking, and is built on the Redaxo CMS platform. The site is mobile optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and email obfuscation implemented, though it lacks advanced security headers and explicit security policies. Privacy and cookie policies are present and GDPR compliant. WHOIS data confirms the domain is registered consistently with the organization's identity, enhancing trust. Overall, the site is professional, trustworthy, and well-suited for its community-focused mission.

Z

Zytlos

zyt-los.com

46

Zytlos is a small non-profit community organization affiliated with the reformed church of Zurich, providing a welcoming space near Bahnhof Enge that includes a café and diverse event offerings such as concerts, coworking, meditation, and yoga. The website is professionally designed using WordPress and Elementor, featuring modern web technologies and responsive design. Security posture is adequate with HTTPS and reCAPTCHA integration, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is trustworthy and serves its community-focused mission effectively.

F

Fondation Etoile filante

etoilefilante.ch

51

Fondation Etoile filante is a Swiss non-profit organization dedicated to improving the lives of children living with illness or disabilities by fulfilling their dreams and providing leisure and support projects. Established in 1993, it holds a strong market position as a recognized public utility foundation with tax-exempt status and annual audits by Swiss authorities. The website reflects a professional and trustworthy presence with clear donation mechanisms and active social media engagement. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS and reCAPTCHA implemented, though lacking some advanced security headers and explicit privacy documentation. Overall, the site is safe, well-branded, and credible, serving its target audience effectively.

Christine Moser's website serves as an online portfolio showcasing her art exhibitions and objects, primarily targeting art enthusiasts and museum visitors. The site highlights projects such as 'Double Face' at the Museum für Gestaltung Zürich, positioning her as a niche artist in the contemporary art and design space. The business model is centered on artistic presentation rather than commercial sales or services. Technically, the website employs modern frontend technologies including Svelte and Swiper.js for interactive galleries, indicating a moderate level of digital maturity. The site appears mobile-optimized with good design quality and navigation clarity, although accessibility features are basic. No CMS or hosting provider details are evident. From a security perspective, the site lacks key security headers and explicit privacy or cookie policies, which lowers its compliance posture. The absence of contact information and incident response details further limits trust and security transparency. However, no vulnerabilities or suspicious elements were detected, and the content is safe for general audiences. Overall, the website is functional and professionally presented but would benefit from enhanced security practices, privacy compliance, and clearer contact information to improve trustworthiness and regulatory adherence.

The website vittoriosantoro.info serves as an online portfolio for the artist Vittorio Santoro, showcasing current and past exhibitions, recent works, and publications. It targets art enthusiasts, galleries, and cultural institutions interested in the artist's work. The business model is primarily promotional, focusing on visibility and information dissemination rather than direct sales. The site is niche and small scale, consistent with an individual artist's portfolio. Technically, the site is built using modern JavaScript technologies, specifically the SvelteKit framework, and includes interactive elements such as a swiper for featured content. The site is mobile optimized and has a good design quality, though accessibility and SEO optimizations are basic. No CMS or hosting provider details are evident from the content. From a security perspective, the site lacks visible security headers and privacy-related policies, which lowers its security posture. No HTTPS or SSL configuration details were available from the data, and no contact or incident response information is provided. The WHOIS data is incomplete due to unsupported TLD WHOIS queries, limiting domain trust assessment. Overall, the site appears legitimate but would benefit from improved security and compliance measures. The overall risk is moderate with recommendations to implement security headers, add privacy and cookie policies, provide contact information, and verify SSL/TLS configurations to enhance trust and compliance.

S

Sparkassen-Finanzgruppe Hessen-Thüringen

sfg-ht.de

66

The Sparkassen-Finanzgruppe Hessen-Thüringen website represents a large regional financial services group operating in Germany's Hessen and Thüringen regions. The group offers a broad range of financial products and services including banking, insurance, building finance, and asset accumulation, supported by a workforce of over 19,900 employees. The website is professionally designed, consistent in branding, and targets a general audience including customers and potential employees. Technically, the site is built on Concrete CMS and leverages modern JavaScript libraries such as jQuery and Swiper.js, with media assets hosted on Cloudinary. It integrates Matomo for analytics and cookiefirst.com for GDPR-compliant cookie consent management, along with accessibility enhancements via eyeAble.js. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers and incident response information are absent. No privacy policy or terms of service pages were detected in the provided content, which is a compliance gap. Overall, the site is trustworthy, safe, and well-positioned in its market segment.

V

Verband der Metall- und Elektro-Unternehmen Hessen (HESSENMETALL)

hessenmetall.de

51

HESSENMETALL is a prominent industry association representing employers in the metal, electrical, and IT sectors in Hessen, Germany. The organization provides comprehensive services including labor relations, legal advice, workforce development, digital transformation support, and innovation facilitation. It holds a strong market position as a leading regional network for over 200,000 employment relationships in the region's M+E industry. The website reflects a professional and well-structured digital presence with member portals and extensive content tailored to its audience of employers and industry stakeholders. Technically, the site is built on the Contao CMS platform, utilizing modern JavaScript libraries such as jQuery and Swiper.js, and integrates analytics tools like Matomo and Google Tag Manager. Accessibility features are enhanced by the inclusion of eyeAble tools. The site is mobile-optimized and demonstrates good SEO practices with proper metadata and structured navigation. From a security perspective, the website enforces HTTPS and employs secure login forms with CSRF tokens. While explicit security headers are not fully visible in the HTML, the overall SSL configuration is good. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, the website presents a low-risk profile with a high degree of professionalism and trustworthiness. Strategic recommendations include enhancing security headers, increasing transparency around incident response contacts, and maintaining up-to-date CMS and third-party components to mitigate potential vulnerabilities.

B

Benner Holding

benner-holding.com

61

Benner Holding is a well-established German family-owned holding company founded in 1882, with diversified business interests spanning real estate, trade, agriculture, energy, and hospitality sectors. The company emphasizes long-term investments and diversification to maintain stability even during economic downturns. The website reflects a professional corporate presence with clear business sector segmentation and leadership visibility, notably CEO Dr. Dominik Benner. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is mobile-optimized and SEO-friendly but lacks some advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and no explicit security or incident response policies are published. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could improve in security and privacy transparency.

F

Fibbl

fibbl.com

56

Fibbl is a technology platform specializing in delivering 3D product experiences and content aimed at enhancing B2B sales, go-to-market strategies, and eCommerce efficiency. The company offers services including 3D viewers, virtual try-on solutions, and augmented reality experiences, positioning itself as a key player in the digital product experience market. Founded in 2015, Fibbl has established a medium-sized business presence with a focus on innovative technology solutions for brands. The website infrastructure is built on WordPress, leveraging modern JavaScript libraries such as Swiper.js and integrating multiple marketing and analytics tools including HubSpot, Google Tag Manager, TikTok Pixel, Facebook Pixel, LinkedIn Insight Tag, Dreamdata Analytics, and Hotjar. Cookie consent is managed via Cookiebot, ensuring compliance with cookie regulations and providing users with granular control over cookie preferences. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism, but lacks explicit security policy documentation and incident response contact information. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The domain registration is consistent with the business age and shows no suspicious patterns, enhancing trustworthiness. Overall, Fibbl demonstrates a solid technical and business foundation with good privacy compliance and marketing transparency. Strategic improvements include publishing comprehensive privacy and security policies, incident response details, and enhancing security headers to further strengthen the security posture.

The website www.swisswine.com serves as an informational and promotional platform dedicated to Swiss wines, highlighting the diversity and cultural richness of Swiss wine production. It targets wine enthusiasts, tourists, and consumers interested in Swiss wines. The business model appears to be focused on education and promotion rather than direct sales. The website design is modern and visually appealing, utilizing Tailwind CSS and JavaScript libraries such as Swiper.js and Mapbox GL JS for interactive elements. However, the technical infrastructure lacks visible CMS or hosting details, and performance is moderate with good mobile optimization but basic accessibility and SEO features. Security posture is weak due to the absence of HTTPS verification in the provided data, missing security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, raising concerns about domain legitimacy and trustworthiness. Overall, the site provides relevant content but lacks critical security and compliance features, which could impact user trust and regulatory adherence.

Majestic Management & Consulting operates as a specialized procurement company serving the luxury hospitality and restaurant sectors in Switzerland. Their website presents a professional image with clear branding and a focus on supply chain management tailored to high-end hospitality clients. The company leverages WordPress with Elementor and Yoast SEO for content management and optimization, supplemented by Google Analytics for visitor tracking and CookieYes for cookie consent compliance. While the technical infrastructure is modern and the site is mobile-optimized, there is room for improvement in security practices, such as implementing security headers and publishing a formal privacy policy and terms of service. The absence of explicit contact information and incident response details limits transparency and trust. Overall, the website is functional and credible but would benefit from enhanced privacy and security disclosures to align with best practices and regulatory expectations.

N

Netzwerk OnkoAktiv

netzwerk-onkoaktiv.de

35

Netzwerk OnkoAktiv is a German non-profit organization focused on providing consultation, certification, and networking services for oncological sports and movement therapy. The website serves multiple target groups including patients, referrers, professionals, and training institutions, offering localized sports offers, educational events, and professional networking. The organization collaborates with medical and therapeutic professionals to ensure quality and accessibility of oncological movement programs nationwide. Technically, the website is built on WordPress with modern plugins for SEO and cookie consent, hosted likely by HD-IT. It features good mobile optimization and clear navigation. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional, trustworthy, and well-positioned within its niche healthcare sector.

L

Landessportbund Berlin

lsb-berlin.de

44

Landessportbund Berlin is a well-established non-profit organization dedicated to promoting sports and community engagement within Berlin. The website serves as a comprehensive portal offering information on sports programs, funding, training, and child protection initiatives. It targets sports clubs, athletes, and the general Berlin population, positioning itself as a key regional sports authority. The site is professionally designed with clear navigation and strong branding consistency, reflecting its authoritative market position. Technically, the website is built on TYPO3 CMS with modern frameworks like Bootstrap and integrates accessibility tools such as eyeAble. Hosting is provided by Claranet, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices. Analytics are handled via Matomo with privacy-conscious configurations, including cookie consent and cookie disabling options. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks explicit incident response contacts and a security.txt file, which are recommended for enhanced security posture. No vulnerabilities or suspicious patterns were detected. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent mechanisms in place. Overall, the website presents a low-risk profile with a solid security foundation and good compliance practices. Strategic improvements include publishing incident response information and security.txt, enhancing transparency on data retention, and continuous monitoring of third-party scripts.

S

Sozialverband Deutschland Landesverband Niedersachsen e.V.

fuer-mehr-miteinander.de

41

The Sozialverband Deutschland Landesverband Niedersachsen e.V. (SoVD) operates as a large non-profit social welfare organization in Germany, focusing on social justice, inclusion, equality, and support for vulnerable populations in Niedersachsen. The website serves as a campaign platform promoting social cohesion and political engagement, offering services such as political advocacy, counseling, and community involvement. With over 285,000 members, SoVD holds a strong market position as a leading social association in the region. Technically, the website is built on WordPress using Elementor and incorporates modern web technologies such as jQuery and Swiper.js. The site is hosted likely by Your-Server.de, with good mobile optimization and SEO practices. Privacy compliance is robust, featuring a comprehensive privacy policy and a cookie consent mechanism powered by Borlabs Cookie. The site uses HTTPS and shows good security hygiene, though some security headers could be improved. Security posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, or vulnerability disclosure mechanisms suggests room for maturity improvement. The WHOIS data is minimal but does not raise immediate concerns, though more transparency on registrant details would enhance trust. Overall, the website is professional, trustworthy, and well-aligned with its non-profit mission. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to strengthen security culture and compliance.

T

Team Deutschland

teamdeutschland.de

43

Team Deutschland operates an official website dedicated to supporting and promoting German Olympic athletes and events. The platform provides news, event information, athlete profiles, multimedia content including podcasts and videos, and an online merchandise shop. It is supported by the German Federal Ministry of the Interior and the German Olympic Sports Confederation, indicating strong governmental and institutional backing. The website targets sports fans, supporters, and the general public interested in Olympic sports and Team Deutschland activities. Technically, the site is built on TYPO3 CMS and uses modern web technologies such as Bootstrap Icons, Swiper.js, and Matomo Analytics, ensuring a responsive and engaging user experience. Privacy and cookie policies are comprehensive and GDPR compliant, with explicit consent mechanisms implemented. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and explicit incident response contacts are missing. Overall, the site is professional, trustworthy, and well-branded, serving as a reliable information and engagement hub for Olympic sports in Germany.

K

KERN CHERKEH Rechtsanwälte Partnerschaft mbB

sportrechtskanzlei.de

58

KERN CHERKEH Rechtsanwälte Partnerschaft mbB is a specialized German law firm focusing on sports law and related legal services. The firm serves a broad clientele including sports federations, professional clubs, athletes, sponsors, and agencies, positioning itself as a leading expert in the sports legal domain in Germany. Their website reflects a professional and consistent brand image with comprehensive service offerings in sports sponsorship, contracts, labor law, doping, compliance, and more. Technically, the website uses modern web technologies such as HTML5, CSS3, and JavaScript with Swiper.js for UI elements, delivering a good user experience with mobile optimization and clear navigation. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks advanced security headers and formal security policies. Privacy compliance is partially addressed with a privacy policy but lacks cookie consent mechanisms. Overall, the site is trustworthy and professional, with room for improvement in security and privacy transparency.

M

mylokalesuche AG

mylokalesuche.ch

67

mylokalesuche AG operates a professional digital marketing and software development platform targeting Swiss SMEs. Their website, myls.ch, offers services including profile synchronization across 40+ directories, website creation, and Google Ads management. The company positions itself as a Google Partner with a strong local presence and a focus on increasing customer visibility and engagement for small to medium enterprises in Switzerland. The site is well-structured, multilingual, and integrates customer reviews and social media links to build trust. Technically, the site leverages WordPress with modern plugins and performance optimizations, ensuring a fast and mobile-optimized user experience. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Privacy compliance is basic with a cookie consent banner but no dedicated privacy or terms pages found. Overall, the website reflects a credible, professional business with room for improvement in transparency and security documentation.

Die Werke Versorgung Wallisellen AG is a regional Swiss energy utility company providing sustainable and secure energy services including electricity, gas, water, thermal networks, and digital networks. The company targets residential and commercial customers in Wallisellen and surrounding areas, emphasizing fair pricing and environmental responsibility. Their digital presence includes a customer portal and active social media engagement, supporting customer service and communication. Technically, the website employs modern JavaScript libraries such as jQuery, Swiper.js, and tracking tools like Google Analytics and Facebook Pixel. The site is mobile optimized, accessible, and SEO-friendly, with a custom CMS backend inferred from URL structures. Performance is moderate with good navigation and content quality. From a security perspective, the site uses HTTPS with good SSL configuration and secure form validation. However, it lacks explicit published security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and GDPR compliant, supporting user consent and data protection. Overall, the website is professional, trustworthy, and well-aligned with the company's business sector. Recommendations include publishing a formal security policy, incident response information, and enhancing security headers to further strengthen the security posture.

N

NorSIS

norsis.no

72

NorSIS is a Norwegian non-profit organization dedicated to information security awareness and support, aiming to ensure a safe digital everyday life for all. The website positions NorSIS as a national center for information security, providing threat information, preventive advice, and assistance to victims of online crime. Technically, the site is built on WordPress with modern tools such as Yoast SEO, Matomo analytics for privacy-conscious tracking, and Cookiebot for GDPR-compliant cookie consent. The security posture is solid with HTTPS enforced and privacy-friendly analytics, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for its audience, with no blocking or WAF interference detected.

D

Dinas Lingkungan Hidup Kota Jakarta

dlhdkijakarta.org

54

Dinas Lingkungan Hidup Kota Jakarta operates as the official government environmental agency for Jakarta city, focusing on environmental preservation, waste management, public complaint handling, and community education. The website serves as an authoritative portal for residents and stakeholders to access environmental information and services. Technically, the site uses modern web technologies including Laravel Livewire, Swiper.js, and Cloudflare DNS, providing a responsive and user-friendly experience. Security posture is moderate with HTTPS enforced but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in security and compliance aspects.

N

Nettvett.no

nettvett.no

54

Nettvett.no is a Norwegian internet safety information portal providing guidance, advice, and educational courses on safer internet usage. It is positioned as a trusted resource in Norway, supported by partnerships with recognized governmental and security organizations such as NorSIS, NSM, and NKOM. The website targets a general audience seeking to improve their digital security awareness. Technically, the site is built on WordPress with a modern tech stack including jQuery, Bootstrap, and SEO tools like Yoast. It integrates Google Analytics and Facebook SDK for analytics and tracking, and employs Google reCAPTCHA for form security. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and published incident response policies. Privacy compliance is basic with a privacy policy and cookie consent mechanism present. WHOIS data shows an anomalous future creation date, which slightly impacts trust but does not detract from the site's legitimacy given its content and partnerships.

I

idormo AG und GM-Möbel AG

traum-werk.ch

39

Traumwerk is a Swiss-based premium retail brand specializing in sleep products, garden furniture, and stylish living furniture. Operated by idormo AG and GM-Möbel AG, the company maintains a strong market position with multiple physical locations and an integrated e-commerce platform. Their offerings include certified sleep consultations and exclusive designer furniture, targeting discerning customers seeking quality and exclusivity. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive product information. Technically, the site leverages WordPress with WooCommerce and Elementor, supported by modern tracking and marketing tools such as Google Tag Manager and Borlabs Cookie for GDPR compliance. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, Traumwerk demonstrates a trustworthy and professional online presence aligned with its business objectives.

R

RIEDER BACH ARCHITEKTUR GSTAAD

riederbach.ch

48

Rieder Bach Architektur Gstaad AG is a well-established architecture firm specializing in high-end residential architecture in Switzerland, particularly in the Gstaad region. The company positions itself as a market leader with a history dating back to 1990. Their website reflects a professional and consistent brand image, targeting affluent clients seeking bespoke architectural services. The business model focuses on delivering architectural design and real estate project expertise, supported by a clear digital presence including social media channels and a contact form with GDPR compliance features. Technically, the website is built on WordPress using Elementor and Yoast SEO, incorporating modern web technologies such as Google reCAPTCHA for form security and Google Analytics for visitor tracking. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect contact forms, but lacks several recommended security headers and does not publish a security policy or incident response contacts. Privacy compliance is partially addressed with a privacy policy and GDPR acceptance on forms, but no cookie consent mechanism is present. Overall, the security posture is solid but could be improved with additional headers and transparency. The domain registration data aligns well with the business claims, showing consistency and legitimacy. No suspicious patterns or privacy protection masking registrant data were found, supporting trustworthiness. The website content is safe for general audiences, with no adult or questionable material detected. Strategic recommendations include enhancing security headers, implementing a cookie consent banner, publishing a security policy, and improving accessibility features to further strengthen the website's security and compliance posture.

H

Hotel Zofingen

hotel-zofingen.ch

61

Hotel Zofingen is a small hospitality business located in Switzerland, offering hotel accommodation, restaurant services, and event hosting. The website reflects a well-established regional hotel with a strong focus on guest experience and local partnerships. Technically, the site is built on WordPress with modern plugins and analytics tools, providing a responsive and user-friendly interface. Security measures include HTTPS, reCAPTCHA on forms, and a comprehensive cookie consent mechanism, though some security headers could be improved. Overall, the site demonstrates good digital maturity and compliance with privacy regulations. The business is credible with clear contact information and trust indicators such as Swiss Quality Hotel certification.

D

Dinas Lingkungan Hidup Provinsi Jambi

dlhprovinsijambi.id

54

Dinas Lingkungan Hidup Provinsi Jambi operates as the official environmental management agency for Jambi Province, Indonesia. The website serves as a comprehensive portal for public information, environmental news, services such as permits and complaints, and educational resources. The agency positions itself as a government entity focused on environmental preservation, law enforcement, and community engagement. Technically, the website uses modern web technologies including Laravel Livewire, Swiper.js for sliders, and Cloudflare for DNS and CDN services, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from improved privacy and security practices.

D

Dinas Lingkungan Hidup Provinsi Daerah Istimewa Yogyakarta

dlhdiy.id

54

Dinas Lingkungan Hidup Provinsi Daerah Istimewa Yogyakarta operates as the official government environmental agency for the Yogyakarta Special Region in Indonesia. The agency focuses on environmental management including waste disposal, pollution control, and public environmental education. The website serves as a portal for public information, service requests, and news updates related to environmental activities in the region. The site targets local residents, government stakeholders, and environmental partners. Technically, the website employs modern web technologies such as Laravel Livewire, Swiper.js, and Cloudflare DNS services, providing a responsive and user-friendly experience. However, the domain WHOIS data shows an anomalous future creation date, which raises questions about data accuracy but does not necessarily undermine the site's legitimacy given the government affiliation and consistent content. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is functional and trustworthy for its intended audience but would benefit from enhanced security and privacy compliance measures.

D

Dinas Lingkungan Hidup Provinsi Aceh

dlhbali.id

53

Dinas Lingkungan Hidup Provinsi Aceh operates as a government environmental agency responsible for managing environmental preservation, waste management, pollution control, and public services related to environmental issues in Aceh Province, Indonesia. The website serves as an official portal providing information, news, and services to residents and stakeholders. The site is well-structured with clear navigation and contact information, targeting the general public and government stakeholders. Technically, the website employs modern web technologies including Laravel Livewire, Alpine.js, and Swiper.js, hosted behind Cloudflare DNS services. The site is mobile optimized and offers a good user experience with moderate performance. However, some SEO and accessibility features could be improved. From a security perspective, the site uses HTTPS and has domain transfer protection enabled, but lacks DNSSEC and important security headers. There is no published privacy, cookie, or incident response policy, which limits compliance with privacy regulations. The WHOIS data raises concerns due to a future domain creation date and registrant mismatch, which may indicate registration anomalies. Overall, the website is functional and professional but requires improvements in privacy compliance, security headers, and domain registration transparency to enhance trust and security posture.

D

Dinas Lingkungan Hidup Indonesia

dinaslingkunganhidup.id

54

Dinas Lingkungan Hidup Indonesia operates as an official government environmental agency focused on managing environmental quality, waste, pollution control, and public services related to environmental permits and complaints. The website serves as a comprehensive portal for public information, services, and news related to environmental management in Indonesia. Technically, the site uses modern web technologies including Laravel Livewire, Swiper.js, and Cloudflare DNS services, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in security and compliance documentation.

B

Bad Egelsee

bad-egelsee.ch

60

Bad Egelsee is a public family and sports swimming facility located in Kreuzlingen, Switzerland. It offers a variety of aquatic and wellness services including a 25-meter sport pool, family pools, sauna, and steam baths, targeting families, sports enthusiasts, and health-conscious visitors. The website is professionally designed with clear navigation and content relevant to its audience. Technically, the site uses modern JavaScript frameworks such as Alpine.js and integrates Matomo for privacy-focused analytics. The site is mobile optimized and includes a cookie consent mechanism, reflecting good privacy practices. Security posture is solid with HTTPS enforced, though it lacks some advanced security headers and formal security policies. Overall, the domain registration uses privacy protection, which is justified for this type of public leisure business. The site is trustworthy and well-maintained, with no indications of malicious activity or content blocking.

I

Agence de communication créative & digitale à Troyes

ikadia.fr

59

The website represents a creative and digital communication agency based in Troyes, France, offering services in creative and digital communication. The business model is service-oriented, targeting companies seeking communication expertise. The website is built on WordPress, utilizing modern web fonts and JavaScript libraries, with a moderate level of technical maturity and good mobile optimization. Security posture is limited due to lack of visible security headers and missing HTTPS verification in the provided data. Privacy compliance is weak, with no detected privacy or cookie policies. Overall, the site is professional but would benefit from enhanced security and compliance measures to improve trustworthiness and user confidence.