Security Directory

H

Hauptverband der Deutschen Bauindustrie e.V.

leise-gehts-nicht.de

49

The website represents the Hauptverband der Deutschen Bauindustrie e.V., a key German industry association advocating for the construction sector. It focuses on infrastructure, digitalization, climate protection, and housing development, positioning itself as a vital stakeholder in societal and economic development. The site is built on TYPO3 CMS and uses Matomo for privacy-conscious analytics, reflecting a modern and responsible technical infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Contact information and social media presence are comprehensive, enhancing trust and accessibility. Overall, the site is professional, content-rich, and aligned with its business mission.

H

Hauptverband der Deutschen Bauindustrie e.V.

bauindustrie.de

53

The Hauptverband der Deutschen Bauindustrie e.V. is the leading industry association representing the German construction sector. It advocates for the interests of construction companies at all levels of government and society, providing data, best practices, and policy dialogue to strengthen the industry's competitiveness. The website is professionally designed, content-rich, and targets construction professionals, policymakers, and stakeholders. Technically, the site is built on TYPO3 CMS with Bootstrap and uses Matomo for privacy-conscious analytics. It is mobile-optimized and well-structured for SEO and accessibility. Security posture is good with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and safe for general audiences.

C

Christof Brand Transporte

christof-brand-transporte.de

51

Christof Brand Transporte is a small, family-owned German transportation company specializing in specialized and heavy transport of construction machinery and equipment. Founded in 1994 with a transport division established in 2012, the company serves regional and European markets with a focus on flexibility and reliability. The website reflects a professional business presence with clear service offerings and contact information. Technically, the site is built on Joomla CMS using standard libraries such as jQuery, Bootstrap, and Leaflet.js for mapping, with hCaptcha integrated for form security. Security posture is solid with HTTPS and spam protection, though security headers and incident response policies are absent. Privacy compliance is addressed with a cookie consent banner and a privacy policy page, but no terms of service or vulnerability disclosure policies are found. Overall, the website is trustworthy, well-structured, and suitable for its business purpose.

R

REIKEM IT Systemhaus

reikem.de

59

REIKEM IT Systemhaus GmbH is a German-based IT service provider specializing in IT security, telephony solutions, and web development. The company positions itself as a reliable partner offering comprehensive IT infrastructure management, consulting, and maintenance services tailored to business clients. Their website reflects a professional and modern digital presence with clear navigation, detailed service descriptions, and strong trust signals such as customer testimonials and partner affiliations. Technically, the site is built on Joomla CMS with modern frontend frameworks and includes analytics and marketing tools like Matomo and Google Tag Manager. Security measures include HTTPS enforcement and reCAPTCHA integration, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates a mature digital infrastructure and a solid security posture appropriate for a small IT service company.

S

Spruegel.de

spruegel.de

49

Spruegel.de is a German-based e-commerce retailer specializing in workwear, business clothing, and related accessories. The company targets professional and business customers seeking customizable clothing solutions, including logo embroidery and product individualization. The website is built on the Shopware 6 platform, indicating a modern e-commerce infrastructure with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit privacy and terms of service pages are missing, which impacts compliance confidence. Tracking is performed via etracker and Google Analytics, with moderate user tracking levels. Overall, the website presents a professional and trustworthy front for its niche market segment.

MC-Bauchemie Müller GmbH & Co. KG is a well-established German manufacturer specializing in construction chemicals and concrete additives. The company offers high-quality products, technical consulting, and tailored solutions for the construction industry. With a strong international footprint evidenced by numerous country-specific domains, MC-Bauchemie positions itself as a leading player in the manufacturing and technical consulting sector for building materials. The website is professionally designed, multilingual, and targets construction professionals including engineers, architects, and contractors. Technically, the site employs modern JavaScript frameworks such as Alpine.js and Swiper.js, with security features including HTTPS, reCAPTCHA, and input validation. The security posture is strong with appropriate headers and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a mature digital presence aligned with the company's market position and business model.

J

Jochum Betonpumpen GmbH

jochum-betonpumpen.de

59

Jochum Betonpumpen GmbH is a German-based company specializing in concrete pumping services, offering a range of solutions including mobile stationary pumps, truck mixers, and scalable conveyor belts. The company targets construction firms and contractors, emphasizing punctuality, reliability, and flexible service delivery. The website reflects a mature digital presence built on WordPress with modern plugins and a clear focus on user experience and GDPR compliance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response policies are absent. Overall, the site is professional and trustworthy, supporting the company's established market position.

J

Jochum Betonlogistik

jochum-egelsbach.de

41

Jochum Betonlogistik is a German-based company specializing in concrete logistics, particularly transport using silo vehicles for dust and bulk goods. The company also offers pump services and mobile conveyor belts, serving construction companies, architects, and private builders. Their website reflects a well-established regional business with partnerships with major construction firms such as Hochtief and Strabag. The business model focuses on providing reliable and punctual logistics services for concrete and related materials. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Revolution Slider, indicating a moderate to good digital maturity. The site is mobile-optimized and SEO-friendly, though some performance and accessibility improvements could be made. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and a formal security or incident response policy. Overall, the security posture is solid but could be enhanced by adding security headers and formal policies. The domain registration data aligns well with the business claims, supporting legitimacy. No suspicious or malicious content was detected, and privacy compliance is basic but present. Strategic recommendations include improving security headers, configuring analytics properly, and publishing security and incident response policies to enhance trust and compliance.

K

Krieger

kies-krieger.de

57

Krieger is a well-established German company operating since 1891, specializing in raw materials extraction, processing, and logistics services including sand, gravel, concrete, natural stones, and transport solutions by road and inland waterways. The company positions itself as a sustainable and reliable partner along the entire value chain from resource extraction to delivery at construction sites. The website reflects a mature digital presence built on WordPress with modern SEO and cookie consent mechanisms, indicating a good level of digital maturity. Security posture is solid with HTTPS and cookie consent but lacks explicit security policies and incident response information. Overall, the site is professional and trustworthy but could improve compliance transparency and contact accessibility.

B

BauMineral GmbH

baumineral.de

51

BauMineral GmbH is a medium-sized German company specializing in the marketing and supply of by-products from coal-fired power plants to the construction and building materials industry. As a 100% subsidiary of Uniper SE, it leverages about 50 years of experience and offers a range of products including coal fly ash fillers, fine fly ash, boiler sand, REA gypsum, and hydraulic binders. The company operates its own laboratory, logistics fleet, and mixing/preparation facilities, positioning itself as an integrated service provider in its sector. The website is professionally designed, well-structured, and provides clear contact information and product details, targeting industry professionals in energy and construction sectors.

P

Powerment GmbH & Co. KG

powerment.de

45

Powerment GmbH & Co. KG is a German-based specialist company focused on the acquisition and marketing of by-products from coal-fired power plants, such as fly ash, REA gypsum, and boiler sand, primarily serving the construction and building materials industry. The company benefits from strong partnerships with its parent companies EP Power Minerals and EnBW Energie Baden-Württemberg, positioning it as a reliable intermediary ensuring quality products and logistics. The website is professionally designed using TYPO3 CMS and Bootstrap, offering good content quality and clear navigation in German. Privacy compliance is well addressed with a cookie consent banner and detailed privacy policy. However, explicit security policies and incident response information are not present, and security headers are not detected, indicating room for improvement in security posture. Overall, the website is trustworthy, accessible, and well-aligned with its business objectives.

H

Heidelberg Materials

heidelbergmaterials.de

71

Heidelberg Materials is a leading global construction materials company with a strong market presence in Germany, particularly as the market leader in cement and ready-mixed concrete. The company offers a broad portfolio including cement, concrete, aggregates (sand, gravel), and precast concrete elements, with a strong focus on sustainability and innovation such as their evoZero® Carbon Captured Net-Zero Cement. The website reflects a mature enterprise with comprehensive product information, customer engagement through events and newsletters, and a consistent brand identity. Technically, the site is built on Drupal 11, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

M

Make AS

make.as

74

Make AS is a Norwegian technology company specializing in providing user-friendly newsletter and communication services, including email marketing, SMS, and automation tools. The company emphasizes local expertise, personal service, and secure data storage on Norwegian servers, positioning itself as a trusted partner for Norwegian businesses and organizations. Their market position is strengthened by certifications such as 'Made in Norway' and memberships in reputable Norwegian industry associations. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for performance, SEO, and accessibility. Security posture is strong with HTTPS, cookie consent management, and integration of third-party services like Cloudflare and Intercom with privacy considerations. Overall, the website reflects a professional, secure, and privacy-conscious business with clear contact information and trust indicators.

T

TC-Innovations GmbH

themeware.design

50

TC-Innovations GmbH operates the website themeware.design, offering ThemeWare®, a leading Shopware theme designed to boost sales and provide extensive customization options. The company positions itself as a market leader with over 20,000 downloads and 500+ five-star reviews, targeting Shopware e-commerce merchants seeking advanced theming solutions. The website demonstrates a mature technical infrastructure with modern frontend technologies, mobile optimization, and SEO best practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some improvements like DNSSEC and security headers could enhance protection. Overall, the domain registration aligns well with the business, supporting legitimacy and trust. No critical security or compliance issues were detected, and the site maintains a professional and trustworthy online presence.

The website aramuz.net currently serves only a 404 Not Found error page, indicating that the content is inaccessible or missing. The domain is protected by Cloudflare's WAF, which is detected through embedded scripts and iframe elements. No business information, contact details, or policies are present on the site, making it impossible to assess the company's operations or services. The domain was registered in 2020 and is set to expire in 2029, suggesting a legitimate registration but no active content or business presence. Technically, the site uses Cloudflare for hosting and security, but lacks SEO optimization, accessibility features, and any analytics or marketing tools. Security posture is basic with HTTPS enabled but no advanced security headers or DNSSEC. Overall, the site is non-functional from a user perspective and lacks any meaningful business or compliance information.

S

Schweisstec Internationale Fachmesse für Fügetechnologie

schweisstec-messe.de

55

Schweisstec Internationale Fachmesse für Fügetechnologie is a specialized trade fair focused on the entire process chain of cold forming sheet metal processing and associated thermal or mechanical cutting, joining, and connection technologies. The event is held in Stuttgart, Germany, and targets professionals and companies in the manufacturing and metalworking sectors. It is positioned as an important international platform for industry networking, showcasing innovations, and disseminating knowledge. The website reflects a medium-sized business model centered on event organization and industry engagement. Technically, the website is built on WordPress with a modern tech stack including jQuery, Slider Revolution, WP Rocket for performance optimization, and Borlabs Cookie for privacy compliance. Hosting is provided by Anexia, as indicated by the nameservers. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Structured data and Open Graph metadata are well implemented, enhancing search engine visibility and social media integration. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms. However, it lacks explicit security headers such as Content-Security-Policy and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie policies present but no visible privacy or terms of service pages. Overall, the security posture is good but could be improved with additional policies and headers. The risk assessment indicates a trustworthy and professional website with no signs of malicious activity or suspicious domain registration patterns. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and improving accessibility. The website is safe for general audiences and serves its business purpose effectively.

S

Schall Messen

schall-messen.de

60

Schall Messen is a well-established German trade fair organizer specializing in industrial and manufacturing sectors. With a history dating back to 1962, the company hosts internationally recognized specialized trade fairs covering quality assurance, optical technologies, stamping, automation, adhesive technology, plastics, sheet metal, and joining technologies. Their business model focuses on creating unique B2B platforms that connect manufacturers, suppliers, and end users to foster innovation and market growth. The website reflects a professional digital presence built on WordPress with modern plugins for event management, SEO, and cookie compliance. Hosting is provided by Anexia, and the site uses HTTPS with a good SSL configuration. Security practices include cookie consent management but lack explicit security headers and published security policies. Contact information is available via structured data and includes a company email and phone number. No privacy policy or terms of service were found, which is a compliance gap. The site shows no signs of adult or questionable content and maintains a high trustworthiness level. Overall, the website is well-positioned for its market but could improve privacy and security transparency.

7

711 Online Casino

711.nl

61

711 Online Casino operates as a Dutch online gambling platform offering casino games and sports betting services. The website targets adult users in the Netherlands, promoting player bonuses and emphasizing fairness and high RTP (Return to Player) rates. The business positions itself as a popular and trustworthy online casino within the Dutch market. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), Google Tag Manager for analytics, and third-party marketing and support tools such as Zendesk and XtremePush. The site is mobile-optimized with good SEO practices but lacks explicit privacy and terms of service pages in the provided content. Security posture is moderate with HTTPS enforced and some security best practices observed, though some security headers are missing or not explicitly detected. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the domain registration data aligns well with the website's business claims, supporting legitimacy. The site is rated NSFW due to its gambling content and adult audience targeting.

3

32Red

32red.com

73

32Red is a well-established UK online casino brand offering a wide range of casino games, sports betting, and live casino experiences. The website targets adult UK players and promotes responsible gambling with clear terms and safer gambling policies. The business model focuses on online gambling services with a strong emphasis on promotions and user engagement. Technically, the site uses modern JavaScript frameworks, analytics tools like Hotjar and Snowplow, and cookie consent management via OneTrust, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and a published security policy would enhance trust. The absence of WHOIS data is a minor concern but common in the gambling industry due to privacy considerations. Overall, the site presents a professional and trustworthy online gambling platform.

U

Unibet

unibet.co.uk

78

Unibet UK operates as a licensed online gambling platform under the UK Gambling Commission, offering a wide range of services including sports betting, casino games, poker, live casino, and bingo. The company targets adult users interested in regulated and responsible gambling experiences. The website reflects a mature digital presence with professional branding and comprehensive service offerings. Technically, the site uses modern web technologies such as React and integrates privacy and analytics tools like OneTrust and Snowplow Analytics, ensuring a robust and user-friendly experience. Security posture is strong with HTTPS enforcement and appropriate security headers, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the site is trustworthy and well-positioned in the UK gambling market, though WHOIS data is unavailable due to domain naming conventions, which does not detract from its legitimacy.

The website www.draftkings.co.uk is currently inaccessible, presenting an 'Access Denied' error page likely caused by a Web Application Firewall or security mechanism, possibly Akamai EdgeSuite. The domain WHOIS lookup failed due to the domain name violating Nominet UK naming rules, indicating the domain is invalid or misconfigured. Consequently, no business, contact, or compliance information is available from the site or WHOIS data. The lack of accessible content and metadata prevents a thorough analysis of the company's business model, services, or technical infrastructure. Security posture is weak due to the inability to verify HTTPS, security headers, or other best practices. Overall, the site appears non-functional or improperly configured, resulting in a very low trust and legitimacy score.

Grosvenor Casinos operates a professional online casino platform targeting UK players, offering a variety of gambling services including slots, jackpots, live casino games, and poker. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, analytics, and user engagement tools. However, the absence of WHOIS registration data raises concerns about domain transparency and regulatory compliance, which is critical in the gambling industry. Security measures such as HTTPS and bot protection via Cloudflare Turnstile are in place, but explicit security policies and headers are not evident in the provided content. Privacy compliance is partially addressed through OneTrust cookie consent, though a clear privacy policy was not detected in the HTML snippet. Overall, the site presents a trustworthy and professional front but would benefit from enhanced transparency and security documentation.

8

888slots | 800+ Slots Spiele | Online Spiele Deutschland

888casino.com

68

The website www.888slots.de operates as an online gambling platform focused on slot games, targeting the German market. It positions itself as a leading provider of online slot entertainment with over 800 games, catering exclusively to adult users due to the nature of gambling services. The platform employs modern web technologies and integrates standard marketing and analytics tools such as Google Tag Manager and Adobe Helix RUM. Cookie consent is managed through OneTrust, indicating a baseline level of privacy compliance. However, explicit privacy policies and terms of service documents are not found in the provided content, which is a compliance gap. Security posture is solid with HTTPS enforcement and security headers, but incident response and security policy disclosures are absent. Overall, the domain registration and hosting align with the website's claims, supporting legitimacy. The site is professionally designed with good user experience and mobile optimization, though accessibility could be improved.

BetVictor operates as an online gambling and betting platform, providing services primarily focused on sports betting and casino games. The domain has a long history dating back to 2002, indicating an established presence in the online gambling industry. However, the analyzed page is a geographic restriction block page, preventing access to the main site content for users in prohibited locations. This limits the ability to fully assess the website's content and features. Technically, the site uses Google Analytics and Google Tag Manager for tracking and analytics, but lacks visible security headers or advanced security policies on the blocked page. The page is minimally designed, serving only to inform users of access restrictions, with no privacy or cookie policies presented. The domain registration data is consistent with a legitimate UK-based gambling operator, with a long registration period and transfer protection. From a security perspective, the absence of security headers and privacy policies on this page is a concern, although it may be due to the nature of the block page. The use of HTTPS is assumed but not verifiable from the provided data. The site employs geographic blocking as a compliance measure to restrict access from prohibited jurisdictions. Overall, the security posture on this page is weak, and privacy compliance indicators are missing. Given the content is blocked and minimal, the overall risk assessment is limited. Strategic recommendations include improving transparency by providing accessible privacy and cookie policies, implementing security headers, and ensuring incident response contacts are available. Enhancing the user experience with a more informative block page and ensuring compliance with data protection regulations would also benefit the site.

A

ATG

swedishhorseracing.com

54

The website www.swedishhorseracing.com serves as an information and betting platform focused on Swedish horse racing, primarily associated with ATG. It offers race replays, race schedules, news, tips, and betting options targeting horse racing enthusiasts and partners. The site is well-branded with consistent ATG identity and provides a good user experience with clear navigation and relevant content. Technically, it employs modern web technologies including AngularJS, JWPlayer for media, Google Tag Manager for analytics, and AdRoll for advertising and retargeting. Security is robust with HTTPS enforced and multiple security headers present, alongside the use of Google reCAPTCHA to protect forms. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and branding suggest a legitimate business presence. Privacy compliance is addressed primarily through cookie policies with GDPR considerations, but lacks explicit terms of service and detailed security policies. Contact information is limited to a web form and social media presence on Facebook. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in domain registration and expanded compliance documentation.

W

William Hill

williamhill.com

52

William Hill is a well-known gambling and betting company. The analyzed page is a localized closure notice for German users, informing them that the service is not available in their location and advising users with account balances to contact customer service for withdrawals. The website content is minimal and focused solely on this message, with no additional business or compliance information provided. The technical infrastructure appears basic, with only HTML and CSS detected and no advanced frameworks or analytics present. Security posture is weak due to lack of visible security headers and absence of privacy or cookie policies. The WHOIS data is unavailable or missing, which raises concerns about domain registration legitimacy despite the brand's known market presence. Overall, the site is safe but limited in content and transparency.

The website softgamings.com is currently inaccessible due to a CloudFront 403 error page indicating that the request was blocked by a Web Application Firewall or security configuration. As a result, no direct content, metadata, or business information could be extracted from the site. The domain WHOIS data shows a legitimate registration dating back to 2014 with no privacy protection, suggesting a transparent and established domain ownership. However, the lack of accessible content prevents a full assessment of the company's business model, services, or compliance posture. The technical infrastructure appears to be hosted behind AWS CloudFront, which provides CDN and security features but currently restricts access. Security posture and privacy compliance cannot be evaluated due to the blocked content. Overall, the site’s risk assessment is limited by the lack of accessible data, and the AI scoring reflects this with a low overall score.

P

PokerStars

pokerstars.uk

68

PokerStars is a leading online poker platform offering a wide range of poker games and tournaments, including Spin & Go and Power Path. The platform targets adult users interested in online poker and provides a secure, licensed environment with player protection and responsible gaming tools. The website is professionally designed, mobile-optimized, and features comprehensive privacy and cookie consent mechanisms. Technically, the site uses modern web technologies such as React, Google Tag Manager, and Optimizely, hosted on AWS infrastructure. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. The WHOIS data confirms domain legitimacy and consistency with the business history. Overall, PokerStars presents a trustworthy and mature online gaming service.

P

Paf

paf.com

67

Paf is an established online gambling operator offering a wide range of services including casino games, betting, live casino, bingo, poker, and fantasy sports. The website targets adult users interested in online gambling and provides a professional and well-structured platform with a large portfolio of games and jackpots. Technically, the site is built using modern web technologies such as React and Next.js, hosted likely behind Cloudflare, and demonstrates good performance, mobile optimization, and accessibility. Security measures include HTTPS enforcement and standard security headers, contributing to a strong security posture. However, the absence of visible privacy and cookie policies, as well as contact information, indicates areas for compliance improvement. Overall, the site appears legitimate and trustworthy, with privacy-protected WHOIS data typical for this industry.

Paddy Power operates as a major online gambling and sports betting platform with a long-established domain dating back to 1998. The website is protected by Cloudflare's Web Application Firewall (WAF), which restricts access based on geographic location or network anomalies, resulting in limited content availability for analysis. The business targets adult users interested in betting services, with a business model centered on online gambling. Technical infrastructure includes Cloudflare for security and performance, but no advanced CMS or frameworks are detectable from the limited content. Security posture is difficult to fully assess due to access restrictions; however, no privacy or cookie policies are present on the accessible page, and DNSSEC is not enabled for the domain. The WHOIS data indicates a legitimate and mature domain with registrar protections in place. Overall, the site demonstrates a moderate level of business credibility but lacks visible compliance and security documentation on the landing page.

N

Napoleon Games NV

napoleongames.be

61

Napoleon Games NV operates a leading online gambling platform in Belgium, offering a wide range of casino games, live casino, dice games, and sports betting services. The company targets adult users (21+) and positions itself as Belgium's best online casino and bookie, supported by strong branding and sponsorships in Belgian sports. The website is professionally designed with consistent branding and clear navigation, providing comprehensive legal and responsible gaming information to comply with local regulations. Technically, the site uses modern web technologies including Vue.js, Google Tag Manager, and OneTrust for cookie consent, hosted via Fastly CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of explicit security policies and vulnerability disclosure mechanisms suggests room for improvement. Overall, the domain registration and WHOIS data confirm legitimacy and consistency with the business claims. The site is fully accessible without WAF blocking, and privacy compliance is well addressed. Recommendations include enhancing security headers, publishing security policies, and providing direct contact information for security incidents to further strengthen trust and compliance.

The website interwetten.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to the actual site content. The domain is well-established, created in 1997, and registered with a reputable registrar, EuroDNS S.A. However, the lack of DNSSEC and absence of visible security headers or privacy policies on the accessible page limits the ability to fully assess the site's security and compliance posture. The visible page is a minimal security block message with no business or contact information, indicating that the site is protected by Cloudflare's security mechanisms but currently not accessible to the analyzed client IP. From a technical perspective, the site uses Cloudflare for DNS and likely for DDoS protection and CDN services. The minimal HTML content is mobile responsive but lacks SEO optimization and accessibility features. No analytics, tracking, or advertising scripts were detected on the blocked page. Security posture is weakly observable due to the block, but the domain registration data is consistent with a legitimate business. No privacy, cookie, or terms of service policies are visible, and no contact or incident response information is provided on the blocked page. The overall risk assessment is limited by the WAF block, but the domain's age and registrar support legitimacy. Strategic recommendations include enabling DNSSEC, publishing privacy and cookie policies, adding security headers, and providing clear contact and incident response information to improve trust and compliance.

H

Hard Rock Hotels

hardrockhotels.com

72

Hard Rock Hotels operates a global hospitality and entertainment brand specializing in hotels, resorts, and casinos. The website presents a professional and consistent brand image targeting travelers and casino visitors. The business model focuses on providing hotel accommodations combined with casino and resort experiences, positioning itself as a major player in the hospitality industry. Technically, the site uses modern JavaScript libraries, multiple tag management systems, and analytics tools, indicating a mature digital infrastructure. However, mobile optimization and accessibility are basic and could be improved. Security posture is generally strong with HTTPS enforced and use of reputable third-party analytics, but lacks visible security headers and formal privacy or cookie policies. The absence of WHOIS data for the subdomain is expected and does not detract from legitimacy, as the subdomain is part of the larger hardrock.com domain. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced privacy compliance and security best practices.

G

GiG Software PLC

gig.com

74

GiG Software PLC is a leading technology company specializing in providing advanced iGaming platform and sportsbook solutions to operators in multiple regulated markets worldwide. Their award-winning platform integrates AI technologies and offers a comprehensive suite of services including omnichannel solutions, managed services, and real-time data analytics. The company holds licenses from the Malta Gaming Authority and the UK Gambling Commission, underscoring its regulatory compliance and market credibility. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization, targeting B2B clients in the gaming industry. Technically, the website is built on WordPress with modern SEO and analytics tools such as Google Analytics, FullStory, and LinkedIn Insight Tag. Security best practices are observed with HTTPS enforcement, reCAPTCHA integration, and cookie consent mechanisms, although some security headers could be explicitly confirmed. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is a minor concern but is mitigated by the strong trust signals on the site. Overall, GiG demonstrates a strong security posture and compliance awareness, with room for improvement in publishing explicit security policies and incident response contacts. The company’s digital infrastructure supports its business model effectively, providing a scalable and adaptable platform for regulated iGaming operators. Strategic recommendations include enhancing security header implementation, establishing a vulnerability disclosure program, and improving transparency around incident response.

G

Gamesys

gamesysgroup.com

58

Gamesys is a large international online gaming operator positioned as a subsidiary of Bally’s Corporation. The website presents a professional corporate image with clear branding and links to investor relations, corporate governance, and responsible gambling resources. Technically, the site uses common web technologies including jQuery and Google Analytics, and is built on the Umbraco CMS platform. While the site includes cookie consent and privacy policies indicating GDPR compliance, there is a lack of explicit security headers and no visible contact information on the homepage, which could be improved. The WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the overall site content and external references support legitimacy. The site is accessible with no WAF or blocking detected and contains no adult or explicit content, targeting a general audience interested in online gaming.

F

Fair Play Online Casino

fairplaycasino.nl

52

Fair Play Online Casino is a well-established Dutch online gambling platform founded in 2000, offering a wide range of casino games including slots, live casino, and tournaments. The website targets adult users interested in online casino gaming and provides various bonuses and promotions to attract new players. The platform demonstrates a solid market position within the Dutch online gambling sector, supported by a broad game portfolio and active user engagement features such as live updates of recent winners. Technically, the website is built using modern web technologies including Next.js and React, with content managed via Builder.io. It employs Cookiebot for cookie consent management and integrates analytics tools such as Google Analytics and Ahrefs Analytics for performance and user behavior tracking. The site is mobile-optimized and features good SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS with a good SSL configuration and DNSSEC is enabled, enhancing domain security. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. Privacy compliance is well-managed with clear privacy and cookie policies and GDPR compliance indicators. Overall, the website presents a professional and trustworthy online casino platform with a good balance of business credibility, technical implementation, and privacy compliance. Strategic improvements in security headers and incident response disclosures could further enhance its security posture.

D

Danske Spil

danskespil.dk

63

Danske Spil is Denmark's leading licensed gambling operator, offering a wide range of games including lottery, sports betting, casino, poker, and bingo. Established in 2000, it serves the Danish market with a strong emphasis on responsible gaming and compliance with national regulations. The website reflects a mature business with clear branding and a comprehensive portfolio of gambling products. Technically, the site uses modern web technologies including Sitecore CMS, JavaScript frameworks, and integrates monitoring tools such as AppDynamics and Sentry for performance and error tracking. Security posture is strong with enforced HTTPS, reCAPTCHA for bot protection, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident through the presence of privacy and cookie policies with consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

O

OneDoc SA

onedoc.ch

73

OneDoc SA operates a leading online medical appointment booking platform in Switzerland, enabling patients to find and book appointments with doctors, dentists, and therapists both for in-person visits and teleconsultations. Founded in 2017 and headquartered in Geneva, OneDoc has established a strong market position with subsidiaries covering different Swiss regions. The platform offers a user-friendly experience with mobile app support, SMS reminders, and a comprehensive help center. Technically, the website employs modern web technologies including Google Tag Manager, Google Maps API, and a consent management platform, ensuring good performance and mobile optimization. Security posture is strong, supported by ISO 27001 and DPCO certifications, encrypted data storage in Switzerland, and GDPR-compliant privacy and cookie policies. No critical vulnerabilities or suspicious activities were detected. Overall, OneDoc demonstrates a mature digital infrastructure and trustworthy business operations in the healthcare technology sector.

B

Brunner Medien AG

brunner-verlag.ch

65

Brunner Medien AG operates as a Swiss-based publishing company specializing in educational, religious, and pedagogical books and music. Their website serves as an e-commerce platform targeting German-speaking audiences interested in cultural and educational content. The company maintains a clear market niche with a professional online presence and a consistent brand image. Technically, the website employs modern JavaScript libraries and custom fonts, with a responsive design that supports good user experience across devices. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. Privacy compliance is well addressed with accessible privacy and cookie policies. Overall, the website reflects a trustworthy and credible business with room for technical and security enhancements.

E

Evangelische Medienarbeit

evangelische-medienarbeit.de

59

Evangelische Medienarbeit (EMA) is a non-profit organization affiliated with the Landeskirche Hannovers, providing communication solutions, training, and media support primarily for church-related entities and professionals. The website serves as an information hub for their services including newsletters, events, and contact points. Technically, the site uses modern web technologies with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS and CSRF protections, though some improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is trustworthy, professionally presented, and aligned with its organizational mission.

D

Das Ephoralbüro

das-ephoralbuero.de

56

Das Ephoralbüro website serves as an online handbook and resource platform primarily aimed at supporting office management within church administrative offices in Germany. It provides structured, transparent information to assist both new and experienced staff in their daily tasks. The platform is positioned as a niche internal resource within the government/non-profit sector, specifically church administration. Technically, the site is built on a modern web stack likely involving Ruby on Rails, with standard HTML5, CSS3, and JavaScript components. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. Security posture is moderate, with HTTPS implied and CSRF protections in place, but lacking explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Business credibility is supported by consistent branding and official contact emails, though no phone or physical address is provided. Overall, the site is professional, trustworthy, and safe for general audiences.

R

Rechnungsprüfungsamt der evangelisch-lutherischen Landeskirche Hannovers

rpa-kirche.de

57

The Rechnungsprüfungsamt der evangelisch-lutherischen Landeskirche Hannovers is a specialized public institution responsible for financial auditing and control within the Evangelical Lutheran Church of Hanover. The website serves as an informational portal for church districts, congregations, and affiliated institutions, providing insights into their auditing activities, news, and career opportunities. The organization holds a stable market position within the government and non-profit sectors, focusing on transparency and accountability in church finances. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and Matomo analytics, hosted on a CDN for performance. Security posture is solid with HTTPS and CSRF protections, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is professional, trustworthy, and well-structured, supporting the organization's mission effectively.

E

Evangelische Agentur der Evangelisch-lutherischen Landeskirche Hannovers

kirchliche-dienste.de

59

The Evangelische Agentur der Evangelisch-lutherischen Landeskirche Hannovers is a regional non-profit service agency supporting church communities and organizations in Niedersachsen, Germany. The website provides comprehensive information about their services including community support, fundraising, spiritual guidance, and public responsibility initiatives. The agency operates under the umbrella of the Evangelisch-lutherische Landeskirche Hannovers, indicating a strong institutional backing and trustworthiness. Technically, the website employs modern web technologies such as Font Awesome 7, Turbo (Hotwire), and Matomo analytics, reflecting a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS with CSRF protection, but lacks some advanced security headers and cookie consent mechanisms, which are recommended for enhanced security and GDPR compliance. From a security perspective, the site shows good practices with encrypted connections and privacy-conscious analytics but could improve by publishing explicit security policies, incident response contacts, and vulnerability disclosure information. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and serves its target audience effectively. Strategic improvements in privacy compliance and security transparency would further strengthen its posture.

E

Evangelisch-lutherische Landeskirche Hannovers

zukunftsprozess.de

59

The website Zukunftsprozess.de represents the Evangelisch-lutherische Landeskirche Hannovers' initiative to communicate and manage future-oriented processes within the church. It targets church members, employees, and interested parties with information about structural reforms, planning, and thematic focuses such as faith beginnings and social engagement. The site is well-branded, consistent, and professionally maintained, reflecting a medium-sized non-profit religious organization in Germany. Technically, the site employs modern web technologies including Font Awesome 7 for icons, Matomo for analytics, and Turbo for enhanced navigation. The presence of CSRF tokens and HTTPS indicates a secure baseline, though explicit security policies and cookie consent mechanisms are lacking. The site is mobile-optimized and SEO-friendly, with good navigation clarity. Security posture is solid with HTTPS and security headers, but could be improved by publishing incident response and vulnerability disclosure policies. Privacy compliance is partial, with a privacy policy present but no cookie consent banner despite tracking usage. Contact information is limited to a contact form, with no direct emails or phone numbers visible. Overall, the site is trustworthy and safe, with no adult or questionable content. The WHOIS data is minimal but does not raise concerns. Strategic improvements in privacy and security transparency would enhance trust and compliance.

L

Landeskirche Hannovers

kimusearch.de

59

KiMuSearch is a specialized online platform operated under the Evangelische Landeskirche Hannovers, designed to connect church musicians with congregations seeking musical services for worship and events. The platform facilitates registrations for both musicians and congregations, enabling posting and responding to service requests within a regional context. The website is professionally designed with a clear focus on its niche audience, providing essential features such as secure login and event listings. Technically, the site is built on Ruby on Rails with Bootstrap and Font Awesome for UI, and uses Matomo for analytics, indicating a moderate level of digital maturity. Security measures include HTTPS enforcement and CSRF protection, though some security headers and cookie consent mechanisms are missing. Overall, the site demonstrates a solid security posture appropriate for its scope, with room for improvement in privacy compliance and incident response transparency.

E

Evangelische Medienarbeit (EMA)

systeme-e.de

58

Systeme-e.de is a German-language website operated by the Evangelische Medienarbeit (EMA), providing free digital communication and collaboration systems tailored for the Evangelical Church and its associated organizations. Established since 2011, the platform offers a suite of services including internal communication tools, website builders, newsletter systems, image databases, videoconferencing, event management, and resource booking. The website targets church staff and affiliated groups, positioning itself as a trusted non-commercial provider within the religious sector in Germany. Technically, the website is built on modern web standards with a Ruby on Rails backend implied by CSRF tokens, uses Matomo analytics configured for privacy, and is hosted on servers associated with kasserver.com. The site demonstrates good mobile optimization and a consistent branding approach. However, some security best practices such as explicit security headers and cookie consent mechanisms are not evident. From a security perspective, the site enforces HTTPS, uses CSRF tokens, and avoids exposing sensitive data. The absence of a published security policy or incident response contacts is a gap. The WHOIS data aligns well with the website's claims, showing consistent domain registration and no privacy protection, which supports legitimacy. Overall, systeme-e.de presents a professional, trustworthy, and well-maintained digital presence for its niche audience. Strategic improvements in security transparency and privacy compliance could further enhance its posture and user trust.

K

Klaus Ludwig Verlag

gruppenhaus.de

55

Gruppenhaus.de is a well-established German online platform specializing in group accommodations such as seminar houses, youth hostels, and meeting venues. With over 30 years of market presence and a large inventory of more than 3,700 properties, it serves groups planning seminars, school trips, music rehearsals, and family gatherings. The platform emphasizes direct booking inquiries without commission, positioning itself as a trusted intermediary in the hospitality sector focused on group travel within Germany and Europe. The business is operated by Klaus Ludwig Verlag, with a clear German address and phone contact, reinforcing its legitimacy and local market focus. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Leaflet for interactive maps. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks some advanced security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. The site enforces HTTPS with HSTS, indicating a good baseline for secure communications. From a security perspective, the site shows a moderate maturity level with no visible vulnerabilities or exposed sensitive data. The absence of certain security headers and cookie consent reduces the overall security and privacy compliance score. No incident response or vulnerability disclosure information is present, which could be improved to enhance trust and readiness. The WHOIS data aligns well with the business claims, showing consistent registration details and domain age appropriate for the company's history. Overall, gruppenhaus.de presents a professional and trustworthy online presence with solid business credibility and technical implementation. Strategic improvements in security headers, privacy compliance, and incident response transparency would further strengthen its security posture and regulatory adherence.

E

Evangelisch- Lutherische Kirche in Bayern

kirche-tourismus.bayern

47

The website kirche-tourismus.bayern is operated by the Evangelisch-Lutherische Kirche in Bayern and serves as a comprehensive informational platform promoting church-related tourism and spiritual activities in Bavaria. It targets tourists, church communities, and groups interested in religious and spiritual experiences, offering detailed information on events such as mountain services, open churches, pilgrimages, and group accommodations. The site is well-positioned within a niche market of religious tourism and collaborates with multiple partner organizations to provide rich content and resources. Technically, the website is built on Drupal 10, leveraging modern libraries such as jQuery, Superfish menus, and Slick sliders, with Bootstrap 5 for styling. The site is hosted on a provider associated with the domain's nameservers and demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, and the site is fully accessible without any WAF or security challenges. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are recommended to enhance protection. No sensitive data exposure or vulnerable libraries were detected. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact information is limited to a contact form, with no direct emails or phone numbers publicly listed. Overall, the website is legitimate, consistent with its WHOIS registration data, and trustworthy. Strategic improvements in security headers, privacy compliance, and cookie consent would enhance its posture. The site effectively serves its target audience with relevant content and a professional presentation.

H

Himmlische Herbergen e.V.

himmlische-herbergen.de

50

Himmlische Herbergen e.V. operates a well-established online platform dedicated to Christian group accommodations across Germany and parts of Europe. The website offers a comprehensive search and filter system for various types of guesthouses, hotels, and self-catering accommodations, targeting Christian groups, families, youth groups, and seminar attendees. The organization positions itself as a niche leader in the hospitality sector with a strong non-profit orientation and a focus on community and spiritual hospitality. Technically, the website is built on WordPress 6.8.3 with modern plugins such as Borlabs Cookie for privacy compliance and Instagram Feed integration for social engagement. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the site maintains comprehensive privacy and cookie policies aligned with GDPR requirements. The absence of direct contact emails or phone numbers suggests reliance on contact forms and social media channels for communication. Overall, the site reflects a mature digital presence with strong trust indicators and professional content. Strategically, the organization should focus on enhancing security headers, expanding direct contact options, and continuing to maintain compliance and transparency to strengthen user trust and operational resilience.