Security Directory

A

Aiuto alla Chiesa che Soffre (ACN)

aiuto-chiesa-che-soffre.ch

61

Aiuto alla Chiesa che Soffre (ACN) is a Swiss-based non-profit organization dedicated to providing aid to persecuted and impoverished Christians worldwide. The website serves as an informational and donation platform targeting supporters and donors interested in humanitarian and religious aid. The organization appears established with a consistent brand and a clear mission focused on Christian humanitarian support. Technically, the website is built using modern frameworks such as Next.js and React, hosted on a reputable Swiss hosting provider. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

Investopedia is a well-established financial education and media company founded in 1999, providing investment information and market analysis to a broad audience including investors and finance professionals. The website is a major resource in the finance sector, owned by IAC, and operates at a large scale. The current analysis is limited due to the presence of a Cloudflare security challenge page that blocks access to the actual content. This challenge page prevents a full assessment of the website's content, policies, and technical implementation. The domain registration data is consistent with a legitimate, long-standing business entity, registered through a reputable registrar specializing in brand protection. The website employs Cloudflare services for security and performance, indicating a mature technical infrastructure. However, the inability to access the full site content restricts evaluation of privacy, cookie, and security policies, as well as contact information and business details. The security posture appears strong in terms of domain protection and use of WAF, but a full security assessment cannot be completed. Overall, the site is considered safe with no adult or explicit content detected, but the current access restrictions significantly limit the depth of analysis.

T

The Motley Fool

fool.com

11

The Motley Fool is a well-established financial services company founded in 1993, specializing in providing investing insights, stock market research, and personal finance education to a broad audience of individual investors. The company operates a content-rich website featuring articles, premium subscription services, podcasts, and financial planning tools. It holds a strong market position as a trusted source for retail investment advice and financial literacy. Technically, the website is built on modern frameworks such as Next.js and React, delivering fast performance, excellent mobile optimization, and good accessibility. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data is noted but likely due to registry privacy or query limitations rather than suspicious activity. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

T

Tischtennis in Wien neu erleben | Wiener Tischtennis Plattform

tischtennishobbywien.at

63

The website 'Tischtennis Hobby Wien' serves as a local community platform dedicated to table tennis enthusiasts in Vienna, Austria. It provides information and engagement opportunities for hobbyists, positioning itself as a niche sports community. The business model focuses on community building and information dissemination rather than commercial transactions. Technically, the site is built on WordPress using the Elementor page builder and enhanced with the Rank Math PRO SEO plugin, indicating a moderate level of digital maturity. The site is mobile-optimized and performs moderately well, though some technical improvements could enhance user experience further. Security-wise, the site uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or security contact information is available, which could be a concern for handling security issues. Overall, the site is safe for general audiences and maintains a moderate trust level. Strategic improvements in privacy compliance and security practices are recommended to enhance credibility and user trust.

X

XXXLutz

xxxlutz.ro

10

XXXLutz.ro is a large Romanian e-commerce and retail website specializing in furniture and home decoration products. It is part of the XXXLutz Group, a well-known furniture retailer with a strong market presence in multiple countries. The website offers a wide range of products including furniture for living rooms, bedrooms, kitchens, garden furniture, and accessories. It targets consumers in Romania seeking quality furniture and home decor with options for online and in-store shopping. The site is professionally designed with good navigation and mobile optimization, supporting multiple languages and regional domains.

R

Red Bull Media House GmbH

carpediem.life

65

carpediem.life is a German-language health and wellness media website operated under the Red Bull Media House GmbH umbrella. It provides rich content focused on longevity, mental health, nutrition, and lifestyle, targeting health-conscious adults primarily in Austria and German-speaking regions. The website features articles, podcasts, events, and newsletters, positioning itself as a niche media brand with a professional and consistent brand image. Technically, the site is built using the Hugo static site generator, employs Google Tag Manager and Google Publisher Tags for advertising and analytics, and integrates OneTrust for cookie consent, reflecting a modern and privacy-aware infrastructure. Security posture is good with HTTPS enforced and privacy policies in place, though some security headers could be improved. The domain WHOIS data is privacy protected, which is common and justified for media businesses. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

P

Cookie-Information

pfeifergroup.com

46

The website analyzed is primarily a cookie information and consent page for www.pfeifergroup.com, providing detailed information about cookie usage including third-party cookies from major providers such as Google, Hotjar, LinkedIn, Matomo, Meta, and Microsoft. The site implements a cookie consent mechanism compliant with GDPR, allowing users to accept all cookies, only essential cookies, or customize their preferences. However, the website content is minimal and focused solely on cookie information without broader business or contact details. WHOIS data for the domain is unavailable, indicating either a recent registration, privacy protection, or a domain registration issue, which impacts trust and legitimacy assessments. Technically, the site uses standard web technologies including JavaScript and CSS, with integrations for analytics and marketing tools, but lacks visible security headers and detailed business information.

The Internationale Gutenberg-Gesellschaft in Mainz e.V. is a well-established non-profit organization dedicated to the research and promotion of printing history and media development. Founded in 1901, it holds a significant position in the cultural and scientific community, particularly in Mainz, Germany. The society offers memberships with benefits such as access to the Gutenberg Museum, exclusive events, and the annual Gutenberg-Jahrbuch publication, targeting researchers, members, and enthusiasts of printing history. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and privacy-conscious Matomo analytics. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Hosting appears stable with agency-managed nameservers. However, there is room for improvement in cookie consent mechanisms and security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. The absence of explicit cookie consent and security policies are notable gaps. No vulnerabilities or suspicious activities were detected. WHOIS data aligns well with the organization's identity and history, supporting legitimacy. Overall, the website presents a trustworthy, professional, and content-rich platform with moderate technical sophistication. Strategic improvements in privacy compliance and security posture would enhance user trust and regulatory adherence.

V

Volksbank Alzey-Worms eG

vb-alzey-worms.de

62

Volksbank Alzey-Worms eG is a regional cooperative bank in Germany serving local customers primarily in the Alzey-Worms area. The website presents banking services and financial products with a focus on local presence and customer support. The business model is cooperative banking with a medium-sized regional footprint. The website uses modern web technologies including Angular Material and Dynatrace monitoring, indicating a moderate level of digital maturity. The site is mobile optimized and provides a professional user experience with clear navigation and relevant content. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness. Strategic improvements in privacy compliance and security transparency are recommended to enhance user trust and regulatory adherence.

LOTTO Rheinland-Pfalz operates as the official state lottery provider for the Rheinland-Pfalz region in Germany, offering a variety of lottery games including LOTTO 6aus49, Eurojackpot, Rubbellose, GlücksSpirale, BINGO!, KENO, and TOTO. The website facilitates online ticket purchases, account registration, and subscription services such as Dauerschein and Jackpot-Jäger. The business is positioned as a trusted regional government entity with a focus on secure and regulated gambling services for adults. The website content is professionally presented, consistent with the brand, and targets adult users interested in lottery gaming. Technically, the website employs modern web technologies including jQuery, SVG icons, and a custom JavaScript framework by MULTA MEDIO AG. It supports progressive web app features and is mobile optimized with responsive design. Analytics are implemented via etracker, and a chat widget from moin.ai is integrated for user support. While the site uses HTTPS and secure login forms, it lacks some security headers and explicit cookie consent mechanisms, which are areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and responsible disclosure availability, but could enhance its posture by adding security headers and publishing incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is limited but does not raise concerns, and the overall legitimacy is supported by consistent branding and government affiliation. Overall, the website is a reliable and professional platform for online lottery services with moderate technical maturity and a solid security baseline. Enhancements in privacy compliance and security headers would further strengthen trust and regulatory adherence.

Ö

Ökumenewerk der Nordkirche

nordkirche-weltweit.de

54

The Ökumenewerk der Nordkirche is a non-profit organization affiliated with the Evangelisch-Lutherische Kirche in Norddeutschland, focusing on fostering ecumenical relationships and social justice initiatives globally. Their website serves as an informational and engagement platform for church members, partners, and volunteers, highlighting international partnerships and advocacy work. The organization maintains a moderate digital maturity with a WordPress-based infrastructure, leveraging caching and security plugins such as Google reCAPTCHA and Borlabs Cookie for consent management. While the site is well-structured and professionally designed with good navigation and mobile optimization, it lacks explicit privacy and terms of service documentation, which are critical for compliance and user trust. Security posture is adequate with HTTPS and some security best practices, but could be improved by adding security headers and incident response information. Overall, the website is safe, trustworthy, and serves its target audience effectively, though it would benefit from enhanced privacy compliance and transparency.

S

ServusTV On

servustv.com

67

ServusTV On is a professional Austrian media platform providing livestreams, on-demand content, TV programming, and news primarily in German. The website targets German-speaking audiences interested in sports, news, and entertainment. The platform leverages modern web technologies including Next.js and uses CDNs such as Red Bull's for content delivery. The site is well-designed, mobile-optimized, and includes structured data for SEO. Security posture is good with HTTPS enforced, but lacks explicit security headers and visible privacy or cookie policies. WHOIS data is unavailable, which raises some concerns about domain registration transparency. Overall, the site appears legitimate and professionally maintained but would benefit from improved privacy compliance and clearer contact information.

K

Kelly Ges.m.b.H.

kellys.at

50

Kelly Ges.m.b.H. is a well-established Austrian snack manufacturer and retailer specializing in chips, popcorn, nuts, and other snack products. The company has a strong market position in Austria as a market leader and is part of the larger Intersnack Group. Their website reflects a mature digital presence with a comprehensive product catalog, engaging content such as recipes and party planning tools, and active social media integration. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a preference for open-source and privacy-conscious tools. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and cookie consent mechanisms could be improved. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives.

B

Burgenland Tourismus GmbH

burgenland.info

47

Burgenland.info is the official tourism website for the Burgenland region in Austria, providing comprehensive travel information, cultural highlights, and leisure activities. The site targets tourists and visitors seeking detailed guidance on visiting Burgenland, positioning itself as a trusted regional tourism authority. The business model focuses on tourism promotion and visitor engagement through digital content and event information. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript, CSS, and HTML5. It integrates multiple marketing and analytics tools such as Cookiebot for consent management, Facebook Pixel for advertising, Google Tag Manager, and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response information are not evident, suggesting room for improvement in security posture transparency. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a professional, trustworthy, and privacy-compliant digital presence for Burgenland tourism. The lack of WHOIS data limits domain registration insights, but the official nature and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure channel to strengthen trust and security readiness.

The website la-porte-ouverte.ch is currently suspended, displaying a message in both French and English instructing visitors to contact support via the email [email protected]. There is no active business content, no privacy or cookie policies, and no interactive elements such as forms or social media links. The technical infrastructure appears minimal, with only a CSS stylesheet loaded from an external domain (apanel.swisscenter.com). No security headers or SSL configuration details are evident from the provided data. The site lacks basic compliance documentation and trust indicators, which significantly impacts its credibility and security posture. From a technical perspective, the site uses basic CSS styling but lacks modern frameworks, CMS, or analytics tools. Performance and accessibility cannot be fully assessed but are likely poor given the minimal content and basic mobile optimization. No evidence of tracking or advertising technologies was found. Security-wise, the absence of HTTPS information, security headers, and incident response contacts indicates a low security maturity level. The suspension notice suggests operational or compliance issues that may affect business continuity and trustworthiness. No vulnerabilities or malicious content were detected, but the lack of security best practices is a concern. Overall, the site scores low on content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic recommendations include restoring active content, implementing HTTPS and security headers, publishing privacy and cookie policies, and improving contact and incident response information to enhance trust and compliance.

Y

Y - Culte Louange

ycultelouange.com

56

The website 'Y - Culte Louange' is a French-language religious community platform hosted on the Wix platform. It provides services such as event agendas, sermons, forums, and contact options for its community members. The site is designed with a consistent branding approach and offers a good user experience with clear navigation and mobile optimization. Technically, it leverages Wix's Thunderbolt framework and standard web technologies, ensuring moderate performance and basic accessibility. Security-wise, the site benefits from HTTPS but lacks advanced security headers and formal privacy or incident response policies, which are areas for improvement. The absence of WHOIS data raises concerns about domain registration legitimacy, impacting overall trust. Strategic recommendations include enhancing security headers, adding privacy and cookie policies, and verifying domain registration to improve credibility and compliance.

S

Smith Optics

smithoptics.com

9

Smith Optics operates a professional e-commerce website specializing in eyewear products including sunglasses, prescription glasses, goggles, helmets, apparel, and accessories. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party marketing and analytics tools such as Klaviyo, Yotpo, and Cookiebot. The site demonstrates good design quality, mobile optimization, and accessibility, providing a positive user experience for its target audience of outdoor enthusiasts and consumers seeking performance and lifestyle eyewear. However, the absence of publicly accessible WHOIS data and missing explicit privacy and terms of service pages reduce transparency and privacy compliance confidence. Security posture is strong with HTTPS enforced and cookie consent implemented, but there is room for improvement in publishing security policies and contact information. Overall, the website is credible and functional but would benefit from enhanced compliance and transparency measures.

R

Rheinischer Turnerbund e.V.

rtb.de

58

Rheinischer Turnerbund e.V. (RTB) is a regional non-profit sports federation based in Germany, focusing on supporting sports clubs and promoting gymnastics and physical education in the Rhineland region. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and hosting services, with moderate performance and good mobile optimization. The site includes basic structured data for business identification but lacks comprehensive privacy, cookie, and terms of service policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

D

Deutscher Motor Sport Bund e.V.

dmsb.de

54

The Deutscher Motor Sport Bund e.V. (DMSB) is the national governing body for motorsport in Germany, serving as a non-profit federation overseeing various motorsport disciplines. The website reflects a professional and well-structured digital presence, built on the TYPO3 CMS platform, with a focus on accessibility as evidenced by the integrated accessibility tool. The site targets German motorsport participants and enthusiasts, providing regulatory information, licensing, and event support services. Technically, the site employs modern web standards and includes Google Analytics for user tracking, though it lacks explicit cookie consent mechanisms and privacy policy disclosures. Security posture is adequate with HTTPS enforced, but could be improved by adding security headers and formal security policies. Overall, the domain and website appear legitimate and consistent with the organization's mission, though WHOIS data is minimal.

G

Graewe

graewe.de

60

Graewe is a manufacturing company specializing in screws, bolts, and turned parts, positioning itself as a reliable European partner in the industrial sector. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix hosting and scripts. While the site presents professional and relevant content for its target industrial audience, it lacks critical privacy and security disclosures such as privacy policies, cookie consent mechanisms, and incident response contacts. The security posture is basic with HTTPS enabled but missing advanced security headers. Overall, the site is functional and professional but would benefit from enhanced compliance and security measures to improve trust and regulatory adherence.

W

Woosmap

woosmap.com

64

Woosmap is a technology company specializing in location intelligence solutions, offering a suite of APIs and services that transform location data into actionable insights. Their platform supports a wide range of industries including retail, e-commerce, logistics, hospitality, finance, and government sectors. The company positions itself as a privacy-conscious provider with GDPR-compliant solutions, catering primarily to developers and enterprises seeking scalable geolocation services. The website showcases strong branding, client testimonials, and detailed product offerings, reflecting a mature market presence.

The website smith-nephewonline.com currently serves a 404 error page indicating that the content is missing or the page never existed. There is no visible business information, contact details, or policies on the site. The domain is registered since 2013 with a reputable registrar, suggesting the domain is legitimate but the website is either under maintenance or abandoned. The technical infrastructure is minimal, with basic HTML, CSS, and JavaScript, and no advanced frameworks or CMS detected. Security posture is weak due to lack of HTTPS enforcement and absence of security headers. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Overall, the site is non-functional and lacks trust and professionalism.

T

Tucher Privatbrauerei

tucher-privatbrauerei.de

67

Tucher Privatbrauerei is a historic German brewery established in 1672, specializing in the production and distribution of premium beer products primarily targeted at mature audiences. The company maintains a strong market position as a national premium beer manufacturer with a focus on craftsmanship, reliability, and tradition. Their website reflects this heritage with professional design, clear navigation, and content emphasizing their brand values and product range. The site includes age verification to comply with alcohol advertising regulations and links to responsible drinking campaigns, underscoring their commitment to social responsibility. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Usercentrics for consent management, ensuring GDPR compliance. The site is mobile-optimized with good SEO practices and moderate performance. However, no CMS or hosting provider details were detected, and accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and a vulnerability disclosure page suggests room for improvement. From a security perspective, the site shows good compliance with privacy regulations and responsible data handling, but lacks explicit incident response contacts and security.txt files. No vulnerabilities or suspicious domains were detected. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, supporting a high trustworthiness rating. Overall, the website presents a professional and trustworthy digital presence for Tucher Privatbrauerei, with strong compliance and security foundations. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility to further strengthen their security posture and user trust.

T

Tucher

tucher.de

64

Tucher is a historic German brewery established in 1855, specializing in the production and promotion of traditional beers such as Weizenbier and Rotbier. The website reflects a mature, professional brand targeting adult consumers with a focus on cultural heritage and responsible alcohol consumption. The company maintains a moderate digital presence with social media integration and offers brewery tours and engagement initiatives. Technically, the website employs modern JavaScript libraries and consent management tools, ensuring GDPR compliance and user privacy. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. Overall, the site is well-structured, mobile-optimized, and trustworthy, with no signs of blocking or WAF interference.

A

Allianz Lebensversicherungs-Aktiengesellschaft

chemie-verbandsrahmenvertrag.de

60

The website www.chemie-verbandsrahmenvertrag.de serves as an informational and service platform for the Chemie-Verbandsrahmenvertrag, a tariff-based pension scheme for employers and employees in the chemical industry in Germany. Operated under the Allianz Lebensversicherungs-Aktiengesellschaft brand, it provides detailed information about membership, offers, administration, and support services. The site targets chemical industry companies and their workforce, offering tools such as an offer calculator and online login services. The business model focuses on facilitating pension scheme participation and management within the chemical sector, supported by industry partners BAVC and IG BCE. Technically, the website is built on the ecomas CMS platform, utilizing standard web technologies including JavaScript and CSS. It demonstrates good mobile optimization, accessibility features, and SEO practices. The site employs HTTPS with strong SSL configuration and includes a cookie consent mechanism compliant with GDPR. No major security vulnerabilities or exposed sensitive data were detected, though formal security policies and incident response contacts are not published. From a security perspective, the site maintains a solid posture with encrypted connections and privacy compliance. However, it lacks explicit security policy documentation and vulnerability disclosure mechanisms, which could be improved. The WHOIS data is minimal but consistent with the business purpose, and no WAF or blocking mechanisms interfere with content access. Overall, the website is professional, trustworthy, and well-suited for its target audience. Strategic recommendations include enhancing published security policies, adding incident response contacts, and implementing security.txt for vulnerability reporting to further strengthen trust and compliance.

B

Berufskolleg für Gymnastik Bielefeld

berufskolleg-gymnastik.de

43

Berufskolleg für Gymnastik Bielefeld is a private vocational school in North Rhine-Westphalia, Germany, specializing in gymnastics education with state recognition as an Ersatzschule. The website serves prospective and current students by providing information about training programs, school details, and news updates. The institution occupies a niche market in vocational education with a clear focus on gymnastics. Technically, the website is built on WordPress 6.8.3, employing standard web technologies and plugins for spam protection and cryptography. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. Security posture is solid with HTTPS enforced and spam protection in place, though it lacks some security headers and formal security policies. No cookie consent mechanism was detected, which may affect GDPR compliance. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

O

Open Text

edgepilot.com

67

The website analyzed is a login portal for EdgePilot, a product or service under the enterprise software company Open Text. The portal is designed for enterprise users to authenticate and access services related to EdgePilot. The site is minimalistic, focusing on secure login functionality with a form protected by anti-forgery tokens and integration with OpenID Connect protocols. Branding and privacy policy links confirm affiliation with Open Text, a well-established technology company specializing in enterprise information management solutions. From a technical perspective, the site uses ASP.NET Identity framework and OpenID Connect for authentication, indicating a mature and secure identity management infrastructure. The technology stack includes .NET Framework 4.6.1, JavaScript, and CSS. However, no advanced security headers were detected in the provided data, and no cookie consent mechanism is present, which are areas for improvement. The site appears to be moderately optimized for performance and mobile use but lacks comprehensive accessibility and SEO features. Security posture is moderate; the login form uses POST and anti-forgery tokens, but the absence of security headers and cookie policies reduces the overall security score. No vulnerabilities or exposed sensitive data were found in the analysis. The WHOIS data for the subdomain is unavailable, which is typical for subdomains, but the domain is consistent with Open Text's ecosystem. No signs of WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is a functional enterprise login portal with basic security and privacy compliance. Strategic improvements in security headers, cookie consent, and contact information visibility would enhance trust and compliance. The site is safe for general audiences and does not contain any adult or unsafe content.

S

Sparkasse Bielefeld

sparkasse-bielefeld.de

67

Sparkasse Bielefeld is a well-established regional bank in Germany, offering a wide range of financial services including online banking, loans, savings, insurance, and real estate services. The website reflects a mature digital presence with comprehensive content tailored for both private and corporate customers. The bank emphasizes secure online banking and customer support through multiple channels including phone, chat, and contact forms. Technically, the site uses modern web technologies and is built on a robust CMS platform, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and session management, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Y

YONEX

yonex.de

10

YONEX is a well-established sports equipment company specializing in badminton, tennis, golf, running, and snowboarding products. The website serves as a regional German portal providing product catalogs, promotional offers, and social media integration, targeting sports enthusiasts and clubs. The site demonstrates a mature digital presence with modern web technologies such as Next.js and React, ensuring good performance and mobile responsiveness. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Security posture is solid with HTTPS and some security best practices, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and aligned with the brand's market position.

A

Arbeitgeberverband Gesamtmetall

gesamtmetall.de

51

Gesamtmetall is the leading employer association representing the metal and electrical industry in Germany, encompassing over 26,000 companies and nearly 3.9 million employees. The website serves as a comprehensive platform for industry news, policy updates, educational initiatives, and event information, targeting employers, policymakers, and industry stakeholders. Technically, the site is built on WordPress with modern plugins such as Gravity Forms and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and implements cookie consent but lacks visible security headers and explicit security or privacy policy documents, which are recommended for compliance and trust. Overall, the website is professional, trustworthy, and content-rich, with room for improvement in privacy documentation and security hardening.

The website petits-trains.com appears to be related to a business or service involving small trains, likely in a French context given the language and domain. However, the site content is minimal and lacks detailed business descriptions, contact information, or trust indicators. The technical infrastructure is based on WordPress with the Divi theme, indicating a standard CMS setup but with basic optimization and limited advanced features. Security posture is weak due to the absence of visible HTTPS/SSL details, security headers, and privacy policies. The WHOIS data is unavailable or indicates the domain may not be registered, which raises significant legitimacy concerns. Overall, the site presents a low trust profile and requires substantial improvements in security, compliance, and business transparency to be considered reliable.

The CISPA Helmholtz Center for Information Security is a prominent German national research institution specializing in cybersecurity, privacy, and trustworthy artificial intelligence. It operates as a Big Science institution within the Helmholtz Association and is recognized as a world-leading center in its field. The website showcases extensive research achievements, faculty expertise, and collaborations, particularly with the Technical University of Munich. The institution focuses on foundational and applied research, technology transfer, and knowledge dissemination to benefit society and industry.

D

dm drogerie markt ČR

dm-drogeriemarkt.cz

67

dm drogerie markt ČR operates a comprehensive online shop offering a wide range of products including cosmetics, health care, nutrition, household items, and pet supplies. The website targets general consumers in the Czech Republic and provides multiple delivery options including home delivery and store pickup. The business is positioned as a leading retail drugstore with a strong brand presence and customer loyalty programs. Technically, the website uses modern JavaScript frameworks and a proprietary design system, ensuring good mobile optimization and accessibility. Security posture is strong with HTTPS enforced and OAuth2 login integration, though some security headers and explicit security policies are not publicly documented. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable likely due to registry policies. Strategic recommendations include enhancing security header implementation and publishing incident response information.

TECHBOOK is a well-established German digital lifestyle and technology magazine offering a wide range of content including guides, tips, and product reviews focused on mobile lifestyle, home entertainment, streaming, and smart finance. The website targets tech-savvy and lifestyle-interested audiences primarily in Germany. The business model is based on online media publishing with revenue generated through advertising and partnerships. TECHBOOK maintains a consistent brand presence with active social media channels and structured data for SEO enhancement. Technically, the website is built on WordPress CMS and employs modern web technologies such as JavaScript, JSON-LD for structured data, and CSS. Hosting and content delivery are managed via Akamai CDN, ensuring good performance and availability. The site is mobile-optimized and implements basic accessibility features. SEO practices are well implemented with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers like CSP, HSTS, and X-Frame-Options. GDPR compliance is evident through comprehensive privacy and cookie policies and a consent management platform. However, explicit security policies and incident response contacts are not published, which could be improved to enhance trust and readiness. Overall, TECHBOOK presents a low-risk profile with a professional online presence, good privacy compliance, and a solid technical foundation. Strategic recommendations include publishing a dedicated security policy, adding vulnerability disclosure information, and enhancing accessibility and incident response transparency to further strengthen security posture and user trust.

D

DABCOM SA

dabcom.ch

58

DABCOM SA is a Swiss company operating a DAB+ digital radio network serving the French-speaking region of Switzerland. The company holds a concession to operate this network, targeting radio broadcasters and listeners transitioning from FM to digital radio. The website presents a professional and consistent brand image with clear contact details and social media presence. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage implied, but lacks advanced security headers and updated libraries. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and functional but could improve compliance and security practices.

Hutchison Drei Austria GmbH operates the website drei.at, a leading Austrian telecommunications provider offering mobile telephony, internet, TV streaming, and green energy services. The company targets private customers in Austria with a broad portfolio of products including 5G mobile plans, device financing, and energy supply. The website is professionally designed, mobile-optimized, and provides comprehensive information about services and offers, reflecting a mature digital presence. Technically, the site is built on modern frameworks such as Next.js and uses Storyblok CMS, ensuring a responsive and performant user experience. Security best practices are observed, including HTTPS enforcement and security headers, though explicit security policy and incident response information are not publicly detailed. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. The security posture is robust with no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms the legitimacy of the domain and company, matching the business claims and geographic focus. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity, suitable for a large telecommunications enterprise. Strategic recommendations include publishing a dedicated security policy and incident response contacts, enhancing transparency and trust, and considering a vulnerability disclosure program to further strengthen security culture.

AKSD Kft. is a Hungarian waste management company based in Debrecen, providing services such as waste collection, bulk waste removal, cemetery maintenance, public area upkeep, hazardous waste transportation, and container rental. The website targets local residents and businesses, positioning itself as a regional essential service provider in transportation and energy sectors. The business model focuses on municipal and commercial waste management and related public services. The website content is professionally presented with consistent branding and relevant service descriptions, although it lacks comprehensive privacy and security disclosures.

U

UPC

upc.ch

73

UPC, now part of Sunrise, is a major telecommunications provider in Switzerland offering mobile, internet, and TV subscription services with 5G capabilities and bundled offers. The website is professionally designed and targets Swiss consumers seeking telecommunications services. The technical infrastructure is modern, leveraging Adobe Experience Manager CMS and Adobe Marketing Cloud tools including Adobe Analytics and Target, alongside Google Analytics and Facebook Pixel for tracking and marketing. The security posture is strong with HTTPS enforced and no exposed sensitive data, though explicit security headers and published security policies are absent. Privacy compliance is basic with no visible privacy or cookie policies in the provided content. Overall, the website is credible and trustworthy with consistent WHOIS data supporting legitimacy.

P

PENNY Magyarország

penny.hu

58

PENNY Magyarország operates as a retail grocery business in Hungary, providing consumer goods through its website. The site is built using modern web technologies such as Vue.js and Google Fonts, indicating a moderate level of digital maturity. However, the website lacks visible privacy and cookie policies, which are critical for GDPR compliance, and does not expose security headers or advanced security configurations. The absence of explicit contact information and security policies suggests areas for improvement in transparency and user trust. Overall, the website is functional and accessible but requires enhancements in privacy compliance and security posture to meet industry best practices.

D

DKV

menetrend-debrecen.hu

52

The website menetrend-debrecen.hu serves as a comprehensive public transportation schedule portal for Debrecen, Hungary, primarily focusing on DKV-operated tram, bus, and trolleybus lines. It provides users with up-to-date departure times, routes, and stops, targeting local commuters and visitors relying on public transit. The site is well integrated with the official DKV domain, reinforcing its legitimacy and business alignment. Technically, the site leverages modern frameworks such as Next.js and React, ensuring a responsive and user-friendly experience across devices. While performance is moderate, the site benefits from good SEO and mobile optimization. Security-wise, HTTPS is enforced and cookie consent mechanisms are implemented, though additional security headers could enhance the posture. No critical vulnerabilities or suspicious content were detected, and privacy compliance appears robust with a clear GDPR-aligned privacy policy. Overall, the site is a trustworthy and professional resource for public transport information in Debrecen.

G

Getdesigned GmbH

getdesigned.at

55

Getdesigned GmbH is a Vienna-based digital agency specializing in TYPO3 and Craft CMS web design and implementation services. The company targets businesses and organizations seeking professional web-based communication solutions, offering services including web design, CMS implementation, consulting, and ongoing support. Their market position is that of an established regional agency with a strong portfolio of notable clients and projects. Technically, the website is built primarily on TYPO3 CMS with Craft CMS also mentioned, utilizing modern web technologies and providing a good user experience with mobile optimization and accessibility considerations. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some improvements in security headers and incident response disclosures are recommended. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a mature digital presence.

D

dm drogerie markt

dm.cz

64

dm drogerie markt operates a comprehensive online retail platform focused on personal care, beauty, health, and household products in the Czech Republic. The website demonstrates a mature digital presence with a strong brand identity, extensive product offerings, and customer loyalty programs. Technically, the site employs modern web technologies, including a custom design system, responsive design, and consent management, ensuring a good user experience across devices. Security posture is robust with HTTPS enforcement and security headers, although no explicit incident response or vulnerability disclosure information is publicly available. Privacy compliance is well addressed with cookie consent mechanisms and privacy policies in place. Overall, the site reflects a professional and trustworthy e-commerce operation with minor gaps in publicly available WHOIS data.

alixon gmbh is a Swiss-based small IT solutions company specializing in software and internet services such as address management, reservation systems, cloud solutions, and web hosting. Established in 2000, it serves primarily local businesses and organizations with a focus on personalized consulting and tailored software solutions. The website reflects a professional and consistent brand image with clear contact information and product offerings. Technically, the site uses Ext JS framework and a custom CMS, with moderate performance and basic mobile optimization. Security posture is moderate but lacks advanced security headers and published privacy or cookie policies, which are compliance gaps. Remote support is offered via AnyDesk, enhancing customer service capabilities. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Bocoup

bocoup.com

63

Bocoup is a worker-owned technology consultancy specializing in the development of web standards, software tools, and digital projects with a strong emphasis on accessibility, privacy, and inclusivity. They serve a diverse clientele including tech companies, nonprofits, and institutions, positioning themselves as a niche player with a values-driven approach. Their market presence is supported by reputable clients such as Google, Mozilla, and Meta Accessibility, and they maintain a strong commitment to creating technologies that resist capture and safeguard user privacy. Technically, the website is built using modern frameworks such as Next.js and React, with a focus on performance, mobile optimization, and accessibility. The site integrates a headless WordPress CMS for blog content and uses minimal tracking via plausible.io, reflecting a privacy-conscious digital maturity. The technical infrastructure supports a fast, responsive, and user-friendly experience. From a security perspective, the site enforces HTTPS and employs secure forms but lacks explicit security headers and formal privacy or cookie policies. No vulnerability disclosure or incident response information is provided, which could be improved to enhance trust and compliance. The absence of WHOIS data for the domain is a notable anomaly, potentially indicating privacy protection or a data retrieval issue, but it introduces some uncertainty regarding domain legitimacy. Overall, Bocoup presents a professional and trustworthy online presence with strong technical and business foundations. Strategic improvements in transparency around privacy, security policies, and domain registration details would further strengthen their security posture and business credibility.

Z

Zuger Kantonaler Imkerverein

zugerimker.ch

49

The Zuger Kantonaler Imkerverein website serves as an informational and community platform for beekeepers in the Zug canton of Switzerland. It provides educational courses, event announcements, and resources related to beekeeping and bee health. The site targets local beekeepers and individuals interested in apiculture, operating as a small non-profit regional association. Technically, the website is built on the CMSimple platform, featuring a clean and consistent design with good navigation and mobile optimization. However, it lacks advanced technical features such as structured data and visible analytics. Security posture is moderate with no visible security headers or confirmed HTTPS status, and no cookie consent mechanism is implemented despite a privacy policy being present. Business credibility is supported by sponsor links and event information, though contact details are not clearly visible on the homepage. Overall, the site is safe and trustworthy but would benefit from enhanced security and privacy compliance measures.

B

Business Media Central Asia

bmca.uz

57

Business Media Central Asia (BMCA) operates as a representative office of Messe Frankfurt in Central Asia, focusing on organizing large-scale B2B exhibition projects and events that promote market development in the region. The company is relatively new, founded in 2022, and positions itself as a key player in the exhibition and media sector within Uzbekistan and neighboring markets. The website reflects a professional business presence with clear branding and navigation, targeting B2B clients and partners interested in exhibition participation and collaboration. Technically, the website is built on the Tilda CMS platform, leveraging Tilda's CDN and JavaScript libraries for content delivery and user experience. The site is mobile-optimized and performs moderately well, though accessibility and SEO optimizations are basic. The absence of advanced frameworks or complex backend technologies suggests a straightforward digital infrastructure suitable for the company's current scale. From a security perspective, the website uses HTTPS, ensuring encrypted communication. However, it lacks important security headers and does not provide privacy or cookie policies, which are critical for compliance with data protection regulations such as GDPR. No incident response contacts or vulnerability disclosure mechanisms are present, indicating room for improvement in security posture and transparency. Overall, BMCA's website demonstrates a solid business foundation and digital presence but requires enhancements in privacy compliance, security best practices, and contact transparency to strengthen trust and regulatory adherence.

B

Bundeswaldinventur

bwi.info

60

The website bwi.info serves as the official results database for the German Federal Forest Inventory (Bundeswaldinventur). It provides comprehensive statistical data and reports on forest conditions, ownership, wood stock, growth, and other forestry-related metrics in Germany. The site targets researchers, policymakers, forestry professionals, and the general public interested in forest data. Technically, the site is built on ASP.NET WebForms with extensive JavaScript and CSS, offering a moderate performance and basic mobile optimization. Security posture is adequate with HTTPS usage but lacks visible security headers and cookie consent mechanisms. The domain registration is privacy-protected via Identity Digital, which is common for governmental portals. Overall, the site is trustworthy and professionally branded but could improve in privacy compliance and security best practices.

B

Basket-Center: Basketballudstyr og tilbehør

basket-center.dk

57

Basket-Center.dk is a Danish e-commerce retailer specializing in basketball equipment, apparel, and accessories. The website serves as an official distributor for well-known brands such as Mitchell & Ness, Spalding, Hummel, Adidas, and Wilson, targeting basketball enthusiasts and sportswear consumers primarily in Denmark. The business model focuses on online retail with an emphasis on fast shipping and secure payment options. The domain is newly registered in July 2024, consistent with a recently launched business. Technically, the website is built on the Magento (OpenMage) platform, utilizing modern web technologies including Google Analytics, Google Ads, and reCAPTCHA for security and marketing. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in security headers and explicit privacy documentation. From a security perspective, HTTPS is properly implemented, and a consent management platform is active, reflecting awareness of GDPR requirements. However, the absence of explicit privacy and cookie policies, lack of security headers, and missing contact information for security or incident response reduce the overall security posture. No critical vulnerabilities or suspicious patterns were detected. Overall, Basket-Center.dk presents a professional and trustworthy e-commerce presence with a solid foundation but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

H

HANDWERK BW

handwerk-bw.de

52

HANDWERK BW is the leading umbrella association representing craft and trade organizations in the Baden-Württemberg region of Germany. The organization provides advocacy, consulting, publications, and event services to support the local craft industry. The website is professionally designed using TYPO3 CMS and incorporates modern web technologies and privacy-conscious analytics via Matomo. It offers clear navigation, mobile optimization, and a comprehensive content structure targeting handcraft businesses and stakeholders in the region. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not published. Overall, the site reflects a mature digital presence aligned with the organization's mission and regional focus.

P

P2 Betriebs GmbH

parndorf-entertainment.at

48

Parndorf Entertainment Center is a small hospitality and entertainment business located in Parndorf, Austria, operated by P2 Betriebs GmbH. The center hosts multiple tenant businesses including restaurants, a trampoline park, a tattoo studio, a toy store, and bowling facilities, targeting families and local visitors seeking leisure and dining experiences. The website presents a professional and consistent brand image with clear contact information and business details. Technically, the site uses modern web standards with responsive design and optimized images, though it lacks advanced frameworks or CMS indicators. Security posture is adequate with HTTPS enforced and cookie consent implemented, but could benefit from additional security headers and explicit security policies. Privacy compliance is supported by a visible privacy policy and cookie banner, aligning with GDPR requirements. Overall, the website is functional, trustworthy, and suitable for its business purpose, with room for technical and security enhancements.