Security Directory

R

Recisio

karafun.fr

63

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a broad catalog of karaoke songs and music quizzes accessible via multiple apps across devices. The business targets a broad audience including casual users and professional karaoke venues, with subscription-based revenue models and additional commercial offerings. The website is professionally designed, multilingual, and provides clear subscription plans and business solutions. Technically, the site uses modern web technologies, including SVG icons, Google Fonts, and privacy-focused Umami analytics, hosted likely on Recisio's infrastructure with CDN support. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response contacts could be improved. Privacy compliance is good with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Overall, the domain is privacy-protected but consistent with a legitimate, professional business presence.

C

Care for Innovation e. V.

careforinnovation.com

58

Care for Innovation e. V. is a German-based association focused on shaping the future of the healthcare and nursing sector through digital innovation. The organization acts as a network alliance connecting startups, scale-ups, and established partners across Europe to foster collaboration, pilot projects, and knowledge exchange. Their key services include organizing events such as CFI-Talks and the CESB Rütteltest, providing visibility for innovations, and representing members' interests politically. The website is professionally designed, primarily in German, and targets healthcare innovators and stakeholders in the European market. Technically, the site is built on Webflow CMS, uses modern web fonts, and is hosted on AWS Cloudfront CDN, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS enforced, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy. Overall, the site is trustworthy and professional but would benefit from improved transparency in domain registration and enhanced privacy compliance features.

R

Recisio

karaoke-version.com

68

Karaoke-Version.com is an established e-commerce platform specializing in downloadable instrumental and karaoke tracks, offering over 84,000 songs with customization features. The site targets karaoke enthusiasts and musicians globally, providing various product types including custom backing tracks, vocal backing tracks, video karaoke, and instrument-specific versions. The business is operated by Recisio, a company with a history dating back to 2004, positioning itself as a leading source in the karaoke music niche. Technically, the website employs modern web technologies such as jQuery, Google Analytics, and Google Tag Manager, hosted on a dedicated CDN infrastructure for optimal performance. The site is mobile-optimized with excellent design quality and user experience, supporting multiple languages and regional versions. SEO and accessibility practices are well implemented, contributing to strong digital maturity. From a security perspective, the site enforces HTTPS and displays secure payment logos indicating PCI compliance. However, it lacks visible security headers and a cookie consent mechanism, which are important for enhanced security and privacy compliance. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the website content and branding suggest legitimacy. Overall, Karaoke-Version.com presents a professional and trustworthy platform with a solid business model and technical foundation. Strategic improvements in security headers, privacy consent, and domain registration transparency would further strengthen its security posture and compliance standing.

S

Servus am Marktplatz, Ihr Shop für handgefertigte Produkte aus dem Alpenraum

servusmarktplatz.com

68

Servus am Marktplatz is an e-commerce platform specializing in handcrafted products from the Alpine region, targeting customers interested in artisanal goods. The website presents a professional and consistent brand image with a clear focus on retail and online shopping. The technical infrastructure leverages AngularJS, SAP Commerce (Hybris), and integrates monitoring tools such as New Relic and Google Tag Manager, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, supporting a good user experience. Security posture is solid with HTTPS enforced and monitoring in place, though some security headers could be improved. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. The domain WHOIS data is missing, which raises concerns about registration legitimacy and requires further investigation. Overall, the site is functional and trustworthy but would benefit from enhanced privacy disclosures and security headers.

Z

Zalando SE

zalando.ch

52

Zalando.ch is a leading Swiss e-commerce platform specializing in fashion, shoes, and accessories for women, men, and children. It operates as part of the larger Zalando SE group, a major European online fashion retailer. The website offers a broad assortment of products with a focus on user experience, fast and free shipping, and easy returns. The platform targets general consumers in the German-speaking market, providing a comprehensive and professional shopping experience.

D

Diffuse

diffuse.tools

64

Diffuse Tools is a technology-focused SaaS provider offering easy-to-implement customizable widgets and code snippets to enhance websites. Their product suite includes Cookie Notice, Store Locator, Donations, and Contact Button widgets, targeting web developers and businesses seeking to improve their web presence without coding. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive policy documentation, reflecting a mature digital presence. Technically, the site is built on modern frameworks such as Next.js and React, leveraging Google Tag Manager for analytics and tracking. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though the absence of security headers and explicit incident response policies suggests room for improvement. WHOIS data is unavailable due to TLD restrictions and privacy, but the website's branding and content support legitimacy. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a trustworthy and professional offering in its niche.

Z

Zalando SE

zalando.at

47

Zalando SE operates a leading European online fashion retail platform, targeting consumers primarily in Austria and German-speaking countries. The website offers a broad assortment of shoes, clothing, accessories, and beauty products with a strong focus on user experience, free shipping, and returns. The brand is well-established with a significant market presence and a comprehensive e-commerce business model. Technically, the site leverages modern web technologies including React and RequireJS, with a strong emphasis on performance, mobile optimization, and accessibility. Security posture is robust with HTTPS enforcement, security headers, and consent management via Usercentrics. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates a mature digital infrastructure and trustworthy business operations.

B

Body Attack Sports Nutrition

body-attack.at

59

Body Attack Sports Nutrition operates a professional e-commerce platform specializing in fitness nutrition products such as protein powders, creatine, amino acids, and workout boosters. The company targets fitness enthusiasts and athletes primarily in German-speaking countries, emphasizing quality with a 'Made in Germany' label and 30 years of experience. The website is well-branded, consistent, and provides a good user experience with clear navigation and mobile optimization. Technically, the site leverages Shopware CMS, Google Tag Manager, and other modern web technologies with lazy loading to enhance performance. Security posture is solid with HTTPS and consent management, though some security headers and explicit policies are missing. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the site is trustworthy and professionally maintained but would benefit from publishing comprehensive privacy, terms, and security policies to improve compliance and user trust.

G

Gutenberg-Shop

gutenberg-shop.de

49

The Gutenberg-Shop is an e-commerce platform associated with the Gutenberg Museum in Mainz, Germany, specializing in exclusive gifts related to the art of printing and book painting. The website targets a general audience interested in cultural and artistic merchandise, offering products crafted using traditional techniques. The business operates in the retail sector with a niche focus on cultural and museum-related products. Technically, the site is built on a modern e-commerce platform (likely Shopware), uses HTTPS, and integrates Matomo analytics for privacy-conscious tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security practices include CSRF protection and cookie consent mechanisms, though explicit privacy and terms of service pages are missing. Overall, the site demonstrates a moderate to good security posture with room for improvement in policy transparency and security headers. The domain registration data is minimal but consistent with the business profile, and no suspicious patterns were detected. The site is safe for general audiences with no adult or questionable content.

B

Body Attack Sports Nutrition

body-attack.de

66

Body Attack Sports Nutrition operates a professional e-commerce platform specializing in fitness and sports nutrition products, targeting German-speaking fitness enthusiasts and athletes. The company leverages a mature digital infrastructure based on the Shopware platform, enhanced with modern performance optimizations such as lazy loading and integration with Google Tag Manager and Mollie payment services. The website demonstrates consistent branding and a clear market position as a trusted German fitness nutrition provider with over 30 years of experience. Security posture is solid with HTTPS and Cloudflare DNS/CDN usage, though explicit security headers and policies are not fully visible. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is well-designed, user-friendly, and trustworthy for its target audience.

LOTTO Rheinland-Pfalz operates as the official state lottery provider for the Rheinland-Pfalz region in Germany, offering a variety of lottery games including LOTTO 6aus49, Eurojackpot, Rubbellose, GlücksSpirale, BINGO!, KENO, and TOTO. The website facilitates online ticket purchases, account registration, and subscription services such as Dauerschein and Jackpot-Jäger. The business is positioned as a trusted regional government entity with a focus on secure and regulated gambling services for adults. The website content is professionally presented, consistent with the brand, and targets adult users interested in lottery gaming. Technically, the website employs modern web technologies including jQuery, SVG icons, and a custom JavaScript framework by MULTA MEDIO AG. It supports progressive web app features and is mobile optimized with responsive design. Analytics are implemented via etracker, and a chat widget from moin.ai is integrated for user support. While the site uses HTTPS and secure login forms, it lacks some security headers and explicit cookie consent mechanisms, which are areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and responsible disclosure availability, but could enhance its posture by adding security headers and publishing incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is limited but does not raise concerns, and the overall legitimacy is supported by consistent branding and government affiliation. Overall, the website is a reliable and professional platform for online lottery services with moderate technical maturity and a solid security baseline. Enhancements in privacy compliance and security headers would further strengthen trust and regulatory adherence.

I

IHK Hessen innovativ GbR

ihk-hessen-innovativ.de

52

IHK Hessen innovativ GbR is a regional service organization affiliated with the Industrie- und Handelskammern (IHK) in Hessen, Germany. The company provides free and paid consulting services, webinars, seminars, and networking opportunities to support innovation and business development for founders, professionals, and executives in Hessen. Their market position is that of a trusted regional innovation partner with a strong focus on digital transformation and business growth. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Matomo analytics for privacy-conscious tracking, and a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the website is trustworthy, professional, and well-aligned with its business purpose.

AKSD Kft. is a Hungarian waste management company based in Debrecen, providing services such as waste collection, bulk waste removal, cemetery maintenance, public area upkeep, hazardous waste transportation, and container rental. The website targets local residents and businesses, positioning itself as a regional essential service provider in transportation and energy sectors. The business model focuses on municipal and commercial waste management and related public services. The website content is professionally presented with consistent branding and relevant service descriptions, although it lacks comprehensive privacy and security disclosures.

D

dm drogerie markt

dm.cz

64

dm drogerie markt operates a comprehensive online retail platform focused on personal care, beauty, health, and household products in the Czech Republic. The website demonstrates a mature digital presence with a strong brand identity, extensive product offerings, and customer loyalty programs. Technically, the site employs modern web technologies, including a custom design system, responsive design, and consent management, ensuring a good user experience across devices. Security posture is robust with HTTPS enforcement and security headers, although no explicit incident response or vulnerability disclosure information is publicly available. Privacy compliance is well addressed with cookie consent mechanisms and privacy policies in place. Overall, the site reflects a professional and trustworthy e-commerce operation with minor gaps in publicly available WHOIS data.

The website represents the Sportamt Stadt Graz, a municipal government entity providing an online platform for booking district sports fields in Graz, Austria. It offers a structured multi-step booking process including service selection, appointment scheduling, user data input, and payment options. The platform is designed primarily for local residents and sports teams, facilitating fair and organized access to public sports facilities. The business model is a public service, leveraging a third-party SaaS platform (eTermin) for appointment management. Technically, the website employs standard web technologies such as jQuery and SVG for UI elements, with a responsive design suitable for mobile devices. The site includes privacy and cookie policies linked to official city resources, indicating compliance with GDPR. However, no advanced security headers or explicit SSL configuration details were found in the provided data, suggesting room for security enhancements. From a security perspective, the platform shows good practices like encrypted data transmission and user authentication mechanisms. The absence of WHOIS data for the domain www.etermin.net raises questions about domain registration legitimacy, though the website content and contact details align with a legitimate municipal service. No critical vulnerabilities or adult content were detected. Overall, the website is a functional, government-backed service with moderate technical maturity and good privacy compliance. Strategic improvements in security headers, domain registration transparency, and enhanced security audits are recommended to strengthen trust and resilience.

S

Schleswig-Holstein Netz

sh-netz-shop.com

67

Schleswig-Holstein Netz operates an e-commerce platform focused on energy-related products such as building introductions, smart home devices, and electric vehicle charging stations. The website targets consumers, businesses, and installers primarily in Germany. The platform is built on modern web technologies, likely using Shopware CMS, and features responsive design with clear navigation and user account management. Analytics are implemented via Google Tag Manager, and cookie consent mechanisms are in place. However, the absence of publicly available WHOIS data for the domain raises concerns about domain legitimacy and transparency. Additionally, the website lacks explicit privacy policy and terms of service pages, which are critical for compliance and user trust. Security posture is generally good with HTTPS and secure login forms, but could be improved by adding security headers and incident response contact information.

H

Hochschule für nachhaltige Entwicklung Eberswalde

hnee.de

54

The website www.hnee.de represents the Hochschule für nachhaltige Entwicklung Eberswalde, a German higher education institution specializing in sustainable development. It offers over 20 degree programs and hosts numerous research projects, targeting students, researchers, and sustainability professionals. The site is well-structured, professionally designed, and provides comprehensive academic and event information, reflecting a strong market position in sustainability education. Technically, the site is built on TYPO3 CMS, employs modern web technologies including responsive design, WebP images, and Matomo analytics for user tracking. Hosting is managed via telta.de nameservers, indicating a stable infrastructure. Performance and accessibility are good, with SEO best practices observed. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected, and WHOIS data confirms legitimate domain registration consistent with the institution's identity. Overall, the website demonstrates a solid digital presence with good security posture and business credibility, though improvements in privacy policy visibility and security disclosures are recommended.

R

Recisio

karaoke-version.de

63

Karaoke-Version.de is a German-based e-commerce platform specializing in downloadable karaoke and instrumental music tracks, including custom backing tracks and karaoke videos. The site is operated by Recisio, an established company since 2004, offering a large catalog of over 84,000 instrumental playbacks. The platform targets karaoke enthusiasts and musicians seeking personalized music tracks. Technically, the website employs modern web technologies such as jQuery, Google Analytics, and Google Tag Manager, hosted on Recisio's CDN infrastructure, delivering fast and mobile-optimized user experiences. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements could be made by adding explicit security headers and cookie consent mechanisms. Privacy and terms policies are comprehensive and GDPR compliant, but direct contact emails and phone numbers are not publicly listed, relying on contact forms instead. Overall, the site demonstrates a mature digital presence with good business credibility and trustworthy domain registration.

B

betaITS GmbH

beta-its.de

62

betaITS GmbH is a small German managed IT services provider specializing in modern, simple, and customer-friendly IT solutions. Their offerings include managed endpoint services, infrastructure management, Microsoft 365 management, security, backup, and hardware procurement. The company targets businesses seeking comprehensive IT management with a focus on proactive service and operational continuity. The website is professionally designed using modern technologies like Astro, with excellent mobile optimization and clear navigation. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies could be improved. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Contact is primarily via Calendly and social media, with no direct emails or phone numbers visible. Overall, the site is trustworthy, well-branded, and content-rich, supporting betaITS GmbH's market position as a reliable managed IT service provider.

Weidmüller is a well-established German company specializing in connection technology, automation, and digitalization solutions for industrial customers. The website reflects a mature digital presence with comprehensive product and solution offerings targeting B2B industrial sectors. The company maintains a strong market position with a focus on innovation and customer support. Technically, the website uses modern technologies including Google Tag Manager and OneTrust for consent management, hosted likely on infrastructure provided by Deutsche Telekom. Security posture is strong with HTTPS enforced and security headers present, although explicit security policies and incident response contacts are not published. Privacy compliance is robust with GDPR-aligned cookie consent mechanisms and a detailed privacy policy. Overall, the website is professional, trustworthy, and well-optimized for user experience and SEO.

K

KabelScheune

kabelscheune.de

63

KabelScheune operates a professional e-commerce platform specializing in network technology, electrical materials, multimedia, and cable management products primarily targeting both private and business customers in Germany. The website demonstrates a solid market position as a specialized retailer with a comprehensive product catalog and clear navigation structure. Technically, the site is built on the OXID eShop CMS platform, employs modern web technologies including responsive design and SVG icons, and integrates analytics and consent management tools to comply with GDPR requirements. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and professionally maintained, with no signs of malicious activity or adult content.

LinkedIn is a leading professional networking platform owned by Microsoft, serving millions of users worldwide. The website analyzed is the sign-up and sign-in page, designed to facilitate user registration and authentication with modern technologies such as Google One Tap. The platform targets professionals, job seekers, and recruiters, offering services around professional identity management, networking, and job opportunities. The site demonstrates a high level of digital maturity with excellent content quality, responsive design, and comprehensive privacy and cookie policies. Security measures include HTTPS enforcement, CSRF protection, and a security verification modal, indicating a strong security posture. Overall, the website is trustworthy, professional, and compliant with major privacy regulations.

M

MULTA MEDIO AG

lotto-sh.de

66

LOTTO Schleswig-Holstein operates as the official regional lottery provider for Schleswig-Holstein, Germany, offering a comprehensive portfolio of lottery games including LOTTO 6aus49, Eurojackpot, GlücksSpirale, BINGO!, KENO, Rubbellose, and TOTO. The website facilitates online ticket purchases, subscription services, and jackpot tracking, targeting adult lottery players within the region. The platform is professionally designed with consistent branding and clear navigation, supporting a positive user experience. Technically, the site employs modern JavaScript frameworks, consent management via Usercentrics, and analytics through Etracker, hosted likely on Telekom infrastructure, ensuring reliable performance and compliance with data protection regulations. Security posture is solid with HTTPS enforcement, CAPTCHA integration, and ISO 27001 certification, though some security headers could be enhanced. Overall, the site demonstrates a mature digital presence aligned with legal and regulatory requirements for gambling services in Germany.

DFL Digital Sports GmbH is a subsidiary of Deutsche Fußball Liga GmbH, focused on digital content creation and media production for the Bundesliga, Germany's premier football league. The company operates from Cologne with a medium-sized team and freelancers, delivering innovative digital experiences to football fans and partners. The LinkedIn profile reflects a professional and active organization with strong branding and consistent content updates. Technically, the company leverages the LinkedIn platform for its online presence, utilizing modern web technologies and video streaming capabilities. The website is well-optimized for performance, mobile, and accessibility, with good SEO practices. Security posture is strong, with HTTPS enforced and standard security headers implied. No vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are managed by LinkedIn, ensuring GDPR compliance and user consent mechanisms. Overall, the risk profile is low given the use of a reputable platform and professional content. Recommendations include maintaining security best practices and monitoring third-party scripts. The domain linkedin.com is a trusted platform, though WHOIS data for linkedin.com is not publicly available here, the legitimacy of the company page is unquestioned.

T

Team PAPREC ARKÉA

teampaprecarkea.com

39

Team PAPREC ARKÉA is a French offshore sailing team prominently preparing for the Vendée Globe 2024-2025 race, sponsored by Paprec and Arkéa. The website serves as an official platform to share news, media, and team information, targeting sailing enthusiasts and sports fans. The business model revolves around sponsorship and promotion within competitive sailing circuits. Technically, the site employs modern web standards, including responsive design, accessibility features, and structured data, ensuring a good user experience across devices. Security posture is solid with HTTPS and consent management, though improvements in security headers and explicit incident response information are recommended. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the professional presentation and active social media presence support the site's credibility. Overall, the site is well-maintained, compliant with privacy regulations, and effectively supports the team's branding and communication objectives.

M

modmore development

modmore.com

68

modmore is a specialized technology company focused on developing premium and open source extras for the MODX Revolution CMS platform. Established in 2012 and based in the Netherlands, modmore serves a professional audience of web developers and agencies with high-quality software products, support services, and a remote site management platform called SiteDash. The company maintains a strong market position within the MODX ecosystem, supported by a loyal user base and active community engagement. Technically, the website is built on modern web standards with a robust tech stack including jQuery, Google Analytics, Disqus, and Cloudflare DNS, ensuring fast performance and mobile optimization. Security posture is solid with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, modmore demonstrates a mature digital presence with professional branding, comprehensive content, and trustworthy business information.

L

Landesprogramm SPORTLAND HESSEN bewegt

sportlandhessenbewegt.de

65

The website sportlandhessenbewegt.de represents the Landesprogramm SPORTLAND HESSEN bewegt, a government-backed initiative promoting sport, health, and physical activity across all life phases in the German state of Hessen. It serves as an informational and coordination platform for citizens, municipalities, and sports organizations, offering resources such as funding opportunities, projects, events, and networks. The site is well-branded with official Hessen government symbols and provides a professional user experience with clear navigation and accessibility features. Technically, the site is built on Drupal 10, leveraging modern web technologies including lazy loading images and accessible multimedia players. It is hosted within the Hessen state infrastructure, as indicated by the domain's nameservers. The website demonstrates good mobile optimization, SEO practices, and accessibility compliance, though performance is moderate. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a vulnerability disclosure policy. Privacy compliance is strong with a comprehensive privacy policy in German, but no explicit cookie consent mechanism was detected. Contact information is primarily via a contact form, with no direct emails or phone numbers found. Overall, the website is a credible, secure, and professional government platform with minor areas for improvement in security headers and cookie consent. It poses low risk and effectively serves its public health promotion mission.

M

mediacampus-frankfurt

mediacampus-frankfurt.de

66

Mediacampus Frankfurt is an established educational institution specializing in seminars, training, and educational programs for the book trade and media industry in Germany. The website presents a professional and well-structured platform offering a variety of courses, webinars, and training sessions targeting professionals, newcomers, and specialists in publishing and media sectors. The institution maintains a strong social media presence and provides detailed event information, enhancing its market position as a key player in media education. Technically, the website employs modern web technologies including JavaScript, Algolia Search for site search functionality, and Google Tag Manager for analytics, which is loaded conditionally upon cookie consent. The site is hosted on Anexia servers, uses HTTPS with good SSL configuration, and is optimized for mobile devices with good accessibility and SEO practices. However, some security headers are not explicitly detected, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy-aware analytics loading. No vulnerabilities or exposed sensitive data were found in the provided content. The WHOIS data aligns with the business claims, showing consistent domain registration and hosting. Privacy and cookie policies are not explicitly found in the provided content, which is a compliance gap. Overall, the site is safe, professional, and trustworthy with room for improvement in privacy disclosures and security policy transparency.

B

Bundesstadt Bonn

bonn.de

58

The website www.bonn.de serves as the official digital portal for the Bundesstadt Bonn, providing extensive information and services related to the city administration. It targets residents, visitors, and businesses, offering multilingual content and access to municipal services such as event calendars, service portals, and contact forms. The site is well-branded with consistent city imagery and logos, reflecting its authoritative position as a government entity. Technically, the site employs a modern CMS platform (Information Enterprise Server by Sitepark GmbH) and uses standard web technologies including JavaScript, CSS, and SVG icons. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are observed with HTTPS enforcement, security headers, and cookie consent mechanisms. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not published, which could be improved to enhance transparency and trust. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent aligned with GDPR requirements. Overall, www.bonn.de is a professional, trustworthy, and well-maintained government website. It effectively balances user experience, privacy, and security, serving as a reliable resource for its audience. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and providing data protection officer contact details to further strengthen compliance and user trust.

H

Hessische Arbeitsgemeinschaft für Gesundheitsförderung e.V.

hage.de

43

HAGE e.V. (Hessische Arbeitsgemeinschaft für Gesundheitsförderung e.V.) is a non-profit organization dedicated to health promotion and prevention in the Hessen region of Germany. The website serves as an information hub for stakeholders including scientific, political, municipal, and association actors, offering news, events, newsletters, and resources related to health promotion. The organization positions itself as a regional leader in health promotion initiatives, supporting a network of around 60 members from diverse sectors. Technically, the website employs modern front-end technologies such as UIkit and Plyr for UI components and video playback, respectively. It features a cookie consent manager compliant with GDPR, uses HTTPS, and includes accessibility and SEO best practices. The site is mobile-optimized and provides a professional user experience with clear navigation and structured content. From a security perspective, the site shows good practices including cookie consent and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and a published security policy or incident response contact. No terms of service or vulnerability disclosure mechanisms are present. The WHOIS data is consistent with the organization's claims, indicating legitimacy. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic improvements include adding security headers, publishing a security policy, and providing more direct contact information to enhance trust and security posture.

U

User.com

user.com

71

User.com is a comprehensive marketing automation platform designed to help businesses streamline their marketing, sales, and customer support processes. Positioned as an all-in-one SaaS solution, it offers a wide range of tools including customer data platforms, personalization engines, no-code automation builders, analytics, loyalty programs, and multi-channel communication channels such as email, SMS, WhatsApp, and live chat. The platform targets marketing, sales, support, and product teams across various industries including SaaS, e-commerce, education, finance, healthcare, and real estate. User.com is part of the Positive Group and operates primarily from France. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and uses AWS Cloudfront CDN for hosting and performance optimization. The site is well-optimized for mobile devices, features good accessibility and SEO practices, and integrates cookie consent mechanisms compliant with GDPR. The presence of multiple language versions and extensive product documentation indicates a mature digital infrastructure. From a security perspective, User.com enforces HTTPS, provides a dedicated security overview page, and claims regular penetration testing and audits. While explicit security headers are not fully visible in the HTML, the overall posture is strong with GDPR compliance and cookie consent mechanisms in place. No critical vulnerabilities or exposed sensitive data were detected. However, the WHOIS data for the domain is unavailable, which slightly reduces trust but is common for privacy reasons. Overall, User.com presents a professional, trustworthy, and technically sound platform with strong business credibility and compliance focus. Strategic recommendations include enhancing transparency on incident response, publishing security.txt, and reinforcing security headers to further improve trust and security posture.

T

Transactional Email API Service For Developers | Mailgun

mailgun.com

75

Mailgun is a leading transactional email API service provider targeting developers and businesses that require reliable, scalable email delivery solutions. The company offers a comprehensive suite of email services including sending, validation, optimization, and testing, positioning itself strongly in the technology sector with a large enterprise customer base including major tech companies. The website demonstrates a mature technical infrastructure built on WordPress with modern performance and SEO optimizations, ensuring excellent user experience and accessibility. Security posture is robust with HTTPS enforcement, ISO 27001 certification, and a dedicated security portal, although WHOIS data is unavailable which slightly impacts trust but is mitigated by the company's known parent entity, Sinch. Overall, Mailgun presents a professional, trustworthy, and technically sound platform for transactional email services.

D

Dinas Lingkungan Hidup Provinsi Kalimantan Tengah

dlhkalimantantengah.id

54

Dinas Lingkungan Hidup Provinsi Kalimantan Tengah is the official environmental agency for Central Kalimantan Province, Indonesia, dedicated to environmental preservation, pollution control, waste management, and public education. The website serves as a public information portal offering access to official documents, programs, and complaint mechanisms. The site targets local residents, government officials, and environmental stakeholders. Technically, the website uses modern frontend technologies such as Alpine.js and Laravel Livewire, hosted behind Cloudflare DNS services, ensuring moderate performance and mobile responsiveness. Security posture is generally good with HTTPS enabled and clientTransferProhibited domain status, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but would benefit from enhanced compliance and security policies.

A

Arbonia AG

smart-doors.de

58

Arbonia AG is a Swiss-based company specializing in smart door solutions for residential buildings, offering keyless access systems branded as SmartDOOR. The company collaborates with KIWI.KI GmbH for sensor technology integration and distributes products through established system partners in Germany and Switzerland. Their business model combines manufacturing, distribution, and digital access management services via the KIWI Portal, targeting residents, landlords, and service providers. The website is professionally designed, multilingual, and provides comprehensive product information and contact options. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and cookie consent management tools. It demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and published security policies are absent. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for corporate domains. Overall, the website reflects a mature digital presence with strong business credibility and moderate security maturity. There are opportunities to enhance security transparency and incident response readiness. The site is safe for general audiences and free from adult or questionable content.

G

Gemeinde Salenstein

salenstein.ch

58

Gemeinde Salenstein operates as the official municipal government website for the Salenstein area in Switzerland, providing residents and visitors with comprehensive information about local governance, services, infrastructure, social programs, and community events. The site serves as a digital portal for accessing municipal services including online applications, contact information, and public announcements. The target audience primarily consists of local residents, businesses, and visitors seeking official information and services. Technically, the website is built on a modern CMS platform (i-web.ch) with a responsive design optimized for mobile devices. It employs standard web technologies such as HTML5, CSS3, JavaScript, and Bootstrap framework components. The site includes accessibility features and SEO optimizations, with a moderate performance profile. Security is enforced through HTTPS, secure login forms, and an opt-in consent mechanism for anonymized web analytics. From a security perspective, the website demonstrates good practices such as encrypted connections and no visible sensitive data exposure. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No security headers were detected in the provided data, suggesting room for improvement in hardening the site against common web threats. Overall, the website is trustworthy and professionally maintained, with a strong alignment between WHOIS registration data and website content, indicating legitimacy. The site is free from suspicious content or security red flags, making it a reliable source of municipal information. Strategic recommendations include enhancing security headers, publishing security policies, and implementing vulnerability disclosure to further strengthen the security posture.

B

Basics09

basics09.de

38

Basics09 is a Berlin-based design agency specializing in transmedia concepts primarily serving the art, culture, design, science, and education sectors. The company offers services including visual identity, campaigns, strategy, publication, exhibition graphics, and website design. Their market position is that of a niche, small-sized agency with a professional and consistent brand presence. The website reflects a high level of digital maturity with modern technologies such as Alpine.js, lazy loading, and embedded Vimeo videos, delivering excellent user experience and mobile optimization. Security posture is adequate with HTTPS usage and no visible vulnerabilities, though lacking explicit security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

O

ONLYLYON

onlylyon.com

64

ONLYLYON is the official territorial marketing program for the Lyon metropolitan area, focusing on promoting tourism, business investment, education, and cultural activities. The website serves as a comprehensive portal for visitors, investors, students, and event organizers, supported by a network of ambassadors and partners. The site demonstrates a strong market position as a key promoter of Lyon's international ambitions, backed by public and private stakeholders. Technically, the website is built on the Roadiz CMS platform, uses modern web technologies, and integrates Google Analytics and a cookie consent mechanism, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not published. The absence of WHOIS registration data for the domain is a notable anomaly that slightly reduces trustworthiness but does not detract from the professional presentation and content quality. Overall, the website is well-designed, user-friendly, and compliant with privacy regulations, making it a credible and authoritative source for information about Lyon's metropolitan offerings.

Z

Zammad

zammad.com

75

Zammad is a medium-sized technology company founded in 2012, specializing in open source helpdesk and ticketing software designed to streamline customer service operations. The company positions itself as a provider of powerful yet user-friendly solutions that integrate multiple communication channels and offer extensive features such as multilingual support, automation, and various integrations. Their market presence is supported by strong branding, customer testimonials, and a focus on digital sovereignty. Technically, the website demonstrates a modern and responsive design with fast performance and good SEO practices. The use of Matomo analytics indicates a privacy-conscious approach to user tracking. Security-wise, the site enforces HTTPS and employs domain transfer protections, but lacks visible security headers and explicit incident response information. Overall, the website is professional, trustworthy, and compliant with GDPR, though improvements in cookie consent and security transparency are recommended.

G

Gebäudeversicherung Bern

gvb.ch

65

Gebäudeversicherung Bern (GVB) is a well-established regional insurance provider specializing in obligatory building insurance for the Canton of Bern, Switzerland. With over 200 years of history, GVB offers comprehensive insurance products including obligatory building and construction period insurance, as well as voluntary insurance products through its subsidiaries. The website targets property owners and residents in Bern, providing detailed information on insurance services, claims, fire prevention, and natural hazard protection. The company maintains a strong market position as a trusted insurer in the region.

S

Slovenská technická univerzita v Bratislave (STU)

stuba.sk

61

Slovenská technická univerzita v Bratislave (STU) is a leading technical university in Slovakia, providing comprehensive higher education, research, and innovation services. The website serves a broad audience including prospective and current students, staff, alumni, and partners, offering detailed information on faculties, study programs, research activities, and cooperation opportunities. The university maintains a strong market position as a key educational institution in the region. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics with consent mechanisms, Bootstrap framework, and optimized fonts, ensuring a good user experience across devices. Security posture is solid with HTTPS enforced and privacy-conscious analytics implementation, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-structured, reflecting the university's credibility and commitment to compliance.

O

Onlineshop Musik Haag AG

blaswerkhaag.ch

10

Onlineshop Musik Haag AG operates the Blaswerkshop website, a specialized e-commerce platform focused on brass and woodwind musical instruments, accessories, and related services such as instrument rental, mouthpiece analysis, and repairs. The company targets musicians and music enthusiasts primarily in Switzerland, offering a niche product range supported by workshops and events. The website is built on the Shopware CMS platform, leveraging modern JavaScript libraries and Google Tag Manager for analytics and marketing. The site is well designed, mobile optimized, and provides a good user experience with clear navigation and professional branding. However, it lacks explicit privacy and terms of service policies, which are important for compliance and user trust. Security posture is good with HTTPS and standard security headers, but no published security or incident response policies were found.

H

Hessen.de

hessen.de

64

Hessen.de is the official government portal for the state of Hessen, Germany, providing news, press releases, and public service information. The website serves as a central hub for citizens and stakeholders to access government projects, events, and announcements. It maintains a strong market position as the authoritative source for Hessen state government information. Technically, the site is built on Drupal 10 with modern web technologies ensuring good mobile optimization, accessibility, and user experience. Security posture is solid with HTTPS enforced, but lacks explicit security headers and incident response disclosures. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and professional, but could improve transparency and security practices.

Grand Resort Bad Ragaz AG operates a luxury five-star resort in Switzerland, combining hospitality with leading medical expertise and wellness services. The company holds a strong market position in the premium hospitality and healthcare sectors, offering accommodations, medical health centers, wellness packages, golf clubs, and casino entertainment. The website reflects a mature digital presence with integrated booking systems and comprehensive corporate information. Technically, the site employs modern web technologies, lazy loading, and secure HTTPS connections, ensuring good performance and user experience. Security posture is strong with appropriate headers and consent mechanisms, though a dedicated security policy and incident response information are absent. Overall, the website is professional, trustworthy, and compliant with privacy regulations, supporting the company's credibility and market standing.

H

Hotel Krone Unterstrass

hotel-krone.ch

67

Hotel Krone Unterstrass is a small-sized, 4-star hospitality business located in the center of Zurich, Switzerland. The company offers hotel accommodation services with a focus on combining tradition and modernity, targeting travelers and business visitors. The website serves as the official online presence, featuring booking capabilities integrated with the iHotelier and TravelClick platforms. The site is professionally designed with good content quality, clear navigation, and multi-language support, enhancing user experience and accessibility. Technically, the website leverages modern web technologies and a specialized CMS from TravelClick, ensuring a stable and performant platform. Security posture is strong with HTTPS enforcement and content security policies, though additional headers and incident response information could improve the security maturity. Privacy compliance is addressed with visible cookie consent and a privacy policy, supporting GDPR adherence. Overall, the website demonstrates high business credibility and trustworthiness, with legitimate WHOIS registration data consistent with the business claims.

B

Balmer Bücherdienst AG

balmer-bd.ch

55

Balmer Bücherdienst AG is a Swiss-based classical publishing distribution company serving the book trade and resellers with products from domestic and international partner publishers. The company operates a B2B webshop and reporting portals to facilitate order placement and business analytics. Their market position is that of an established regional distributor with a focus on the Swiss book market. Technically, the website is built on Shopware CMS, uses modern web technologies, and integrates third-party search services. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response information are not published. Privacy and cookie policies exist and indicate GDPR compliance. Overall, the website and domain registration data align well, indicating a legitimate and trustworthy business presence online.

H

HANSAINVEST Hanseatische Investment-GmbH

hansainvest.com

59

HANSAINVEST Hanseatische Investment-GmbH is a leading German service capital management company specializing in fund administration across all relevant asset classes. The company emphasizes personalized service and comprehensive fund partner support, positioning itself as a key player in the German financial services market. Their website offers extensive fund listings, financial calculators, and compliance information, targeting institutional investors and financial professionals. Technically, the website is built on a custom CMS with Bootstrap and jQuery, providing a responsive and well-structured user experience. Security posture is strong with HTTPS enforcement, security headers, and ISO 27001 certification, though DNSSEC is not enabled, representing an area for improvement. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. Overall, the website reflects a mature, professional, and trustworthy financial services provider with a solid digital presence.

M

Max Delbrück Center for Molecular Medicine in the Helmholtz Association

mdc-berlin.de

64

The Max Delbrück Center for Molecular Medicine is a leading biomedical research institute in Germany, focusing on understanding molecular mechanisms of health and disease and translating these findings into clinical applications. It operates under the Helmholtz Association umbrella and offers extensive research, education, and innovation services. The website reflects a mature digital presence with comprehensive content targeting researchers, students, and the scientific community. Technically, the site is built on Drupal 10 with modern web technologies, responsive design, and accessibility features. Security posture is strong with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR-aligned consent management. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

N

National Cyber Security Centre

ncsc.gov.uk

82

The National Cyber Security Centre (NCSC) is a UK government organization dedicated to enhancing the cybersecurity posture of the UK by providing authoritative advice, guidance, and incident response support. Positioned as the leading UK government cybersecurity authority, the NCSC serves a broad audience including individuals, businesses of all sizes, public sector organizations, and cybersecurity professionals. Their key services encompass cybersecurity advice, incident reporting, assurance schemes, educational initiatives, and practical toolkits to improve cyber resilience. Technically, the NCSC website employs modern web technologies including React for a single-page application experience, uses web fonts for consistent branding, and implements JSON-LD structured data to enhance search engine understanding. The site is well-optimized for mobile devices, accessible, and demonstrates good SEO practices. Hosting and infrastructure details are not explicitly disclosed but the site benefits from the robust security and reliability standards typical of UK government domains. From a security perspective, the site enforces HTTPS, includes cookie consent mechanisms, and avoids exposing sensitive data. While explicit security headers are not visible in the provided data, the site likely adheres to UK government security standards. No vulnerabilities or security issues were detected. The absence of WHOIS data is consistent with UK government domain privacy policies and does not detract from the site's legitimacy. Overall, the NCSC website is a highly professional, trustworthy, and authoritative resource for cybersecurity information and services in the UK. It demonstrates strong content quality, technical maturity, and privacy compliance, making it a reliable platform for its diverse user base.

N

NETZSIEGER - Vertrauen ist gut, Vergleichen ist besser!

netzsieger.de

56

Netzsieger.de is a German-language online platform specializing in product comparisons and expert reviews across various categories including software, electronics, household goods, and business services. The website positions itself as a trusted source for consumers seeking detailed and practical advice to aid purchasing decisions. The platform features a well-structured navigation system and a cookie consent mechanism compliant with GDPR requirements, indicating a moderate level of digital maturity. Technically, the site employs modern web technologies such as Google Analytics and Google Tag Manager for analytics and tracking, custom fonts, and responsive design elements to ensure usability across devices. While the site is accessible and performs moderately well, there is room for improvement in accessibility and security headers implementation. From a security perspective, the website uses HTTPS and has implemented cookie consent, but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is limited and partially consistent, which slightly reduces trustworthiness but does not indicate malicious intent. Overall, Netzsieger.de presents a professional and trustworthy platform for product comparison, with recommendations to enhance privacy transparency, security posture, and contact availability to further strengthen user trust and compliance.