Security Directory

I

intersoft consulting services AG

ai-act-law.eu

45

The website ai-act-law.eu is operated by intersoft consulting services AG, a German consulting firm specializing in data protection, IT security, and IT forensics. The site serves as a comprehensive and neatly arranged resource presenting the final text of the EU Artificial Intelligence Act in English and German, targeting legal professionals, AI developers, and compliance officers. The business model focuses on providing authoritative legal information and consulting services related to AI regulation and data protection. Technically, the site is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Matomo, configured to disable cookies for privacy. The site is well-structured, mobile-optimized, and uses HTTPS, reflecting a moderate to good digital maturity level. Security posture is solid with HTTPS and privacy-conscious analytics, but lacks advanced security headers and explicit incident response policies. Overall, the site is trustworthy, professional, and serves as a valuable resource for its target audience.

I

intersoft consulting services AG

dr-datenschutz.de

58

Dr. Datenschutz is a German-language expert platform operated by intersoft consulting services AG, focusing on data protection, IT security, and IT forensics. The website offers a rich mix of news, expert articles, legal judgments, podcasts, and webinars aimed at professionals and organizations interested in GDPR compliance and IT security best practices. The business model combines content dissemination with consulting services, including external data protection officer offerings and educational webinars. The site enjoys a strong market position in the German-speaking data protection community, supported by a consistent brand and high user ratings. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and uses privacy-conscious analytics via Matomo with cookies disabled. The site is mobile-optimized, accessible, and SEO-friendly, leveraging Yoast SEO and structured data for enhanced search visibility. The technical infrastructure is mature, though hosting provider details are not explicitly disclosed. From a security perspective, the site enforces HTTPS and employs best practices like disabling cookies in analytics. However, it lacks explicit security headers, a vulnerability disclosure policy, and a cookie consent mechanism, which are recommended for full compliance and enhanced security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, Dr. Datenschutz presents a professional, trustworthy, and content-rich platform with a solid security baseline. Strategic improvements in security headers, incident response transparency, and cookie consent would further strengthen its compliance and trustworthiness.

I

intersoft consulting services AG

gdpr-info.eu

53

The website gdpr-info.eu serves as a comprehensive and authoritative resource for the General Data Protection Regulation (GDPR), providing the official legal text, recitals, and key issues in a well-organized and accessible format. It is operated by intersoft consulting services AG, a German consulting company specializing in data protection, IT security, and IT forensics. The site targets data protection professionals, legal experts, and businesses seeking GDPR compliance information. The business model focuses on consulting and informational services, positioning itself as a niche specialist in the GDPR domain. Technically, the site is built on WordPress with a modern tech stack including jQuery, Matomo analytics (configured for privacy by disabling cookies), Yoast SEO for optimization, and performance enhancements via WP Rocket. The website demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Hosting details are limited but the domain is registered through a reputable registrar, united-domains AG. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and employs privacy-conscious analytics. However, it lacks explicit security headers such as CSP or HSTS and does not publish a security policy or incident response information. No cookie consent mechanism is present, which is a minor compliance gap. No vulnerabilities or exposed sensitive data were detected in the content. Overall, gdpr-info.eu is a trustworthy, professional, and well-maintained resource for GDPR information. Strategic recommendations include implementing a cookie consent mechanism, adding security headers, and publishing security and incident response policies to enhance compliance and trust further.

The website preventionbtp.fr is operated by the Organisme Professionnel de Prévention du Bâtiment et des Travaux Publics (OPPBTP), a recognized professional organization in France dedicated to construction safety and risk prevention. The site serves as a comprehensive portal offering prevention resources, online tools, training programs, and up-to-date news for professionals in the building and public works sector. It targets companies and workers in the construction industry, providing practical solutions to improve workplace safety and health conditions. Technically, the website employs modern web technologies including React, Tailwind CSS, and various analytics and consent management tools such as Matomo, Hotjar, Google Tag Manager, and Didomi. The site is well-optimized for mobile devices, accessible, and structured with good SEO practices. Performance is moderate, with a professional and consistent design that enhances user experience. From a security perspective, the site uses HTTPS with strong SSL configuration and integrates a consent management platform to comply with privacy regulations. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness slightly, but the website's professional content, certifications, and partner affiliations strongly support its legitimacy. Overall, preventionbtp.fr is a high-quality, trustworthy resource for construction safety professionals, with strong compliance and security posture. Recommendations include enhancing transparency around security policies and incident response, and confirming security headers to further improve security maturity.

S

Spielwarenmesse eG

spielwarenmesse.de

65

Spielwarenmesse eG operates the world's largest toy fair in Nuremberg, Germany, serving as a central platform for the toy industry. The website provides comprehensive information for visitors, exhibitors, and journalists, showcasing new trends, product groups, and event details. The company holds a strong market position as a leading trade fair organizer in the retail sector, with a large-scale, professional digital presence. Technically, the site is built on TYPO3 CMS, integrates modern analytics and marketing tools, and employs a robust consent management platform ensuring GDPR compliance. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though formal security policies and incident response contacts are not publicly detailed. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

D

der Freitag

freitag.de

57

Der Freitag is a German weekly newspaper focusing on politics, economy, and culture, serving a German-speaking audience interested in these topics. The website acts as a digital platform for the newspaper, offering news articles and subscription services. The business model centers on media publishing with a strong digital presence, positioning itself as an established player in the German media landscape. The company targets readers seeking in-depth political and cultural content. Technically, the website uses a modern stack including Plone CMS, Google Tag Manager, Matomo analytics, and advanced header bidding technologies for advertising. Consent management is implemented via Sourcepoint, indicating GDPR compliance efforts. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are not explicitly detected. Privacy compliance is supported by consent mechanisms but lacks explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and well-optimized for mobile users. Recommendations include publishing clear privacy and security policies, enhancing security headers, and providing contact information for improved transparency and compliance.

I

intersoft consulting services AG

dsgvo-gesetz.de

51

The website dsgvo-gesetz.de serves as a comprehensive and authoritative resource for the EU General Data Protection Regulation (DSGVO) in German. It provides the official legal texts, related regulations, and practical information for companies and individuals interested in data protection compliance. The site is professionally designed, well-structured, and targets primarily German-speaking businesses and privacy professionals. It also offers related services such as external data protection officer support and seminars. Technically, the site is built on WordPress with modern SEO and performance optimizations, including the use of Matomo analytics configured to disable cookies, reflecting a privacy-conscious approach. Security posture is solid with HTTPS and no obvious vulnerabilities, though some security headers and explicit policies could be improved. Overall, the site is trustworthy and authoritative in its niche, though it lacks some compliance features like cookie consent banners and direct contact details. Strategic recommendations include enhancing privacy compliance mechanisms, publishing security and incident response policies, and improving contact transparency.

V

Venueless

venueless.org

69

Venueless is a technology company founded in 2020 that provides a SaaS platform for hosting digital, hybrid, and on-site events. Their platform supports live streaming, workshop rooms with chat, integrated scheduling, and a kiosk mode for hybrid events. The company targets event organizers and conference planners seeking versatile and scalable event solutions. The website demonstrates a strong market position with ISO 27001 certification and GDPR compliance, supported by client testimonials and open source transparency. Technically, the website uses modern web technologies including Bootstrap, FontAwesome, and Matomo analytics for privacy-conscious user tracking. The site is mobile optimized, well-structured, and performs moderately well. Hosting and domain registration are consistent and reputable, with no blocking or WAF interference detected. From a security perspective, Venueless shows maturity with ISO 27001 certification and GDPR compliance. HTTPS is enforced, forms are protected with CSRF tokens, and no obvious vulnerabilities or exposed sensitive data were found. However, DNSSEC is not enabled and security headers are not explicitly detected, representing areas for improvement. Incident response contact details and vulnerability disclosure mechanisms are not publicly available. Overall, Venueless presents a trustworthy, professional, and secure digital event platform with good privacy practices. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing incident response contacts to further enhance security and compliance posture.

P

pretix

pretix.cloud

72

pretix is a technology company specializing in event ticketing software, offering a comprehensive platform that includes online ticket shops, box office solutions, and various event management tools. The company targets event organizers across multiple sectors such as conferences, festivals, concerts, and exhibitions. With over 1000 customers and ISO 27001 certification, pretix holds a strong market position as a secure and privacy-focused ticketing solution provider. The website reflects a professional and consistent brand image with clear navigation and extensive product offerings. Technically, pretix employs modern web technologies including Matomo analytics for privacy-conscious tracking, SVG graphics for UI, and a REST API for extensibility. The site is well-optimized for performance and mobile devices, providing a good user experience. Security-wise, pretix demonstrates strong practices with HTTPS enforcement and ISO certification, though it lacks some security headers and a public vulnerability disclosure policy. Contact information is clearly presented, supporting business credibility. Overall, pretix presents a trustworthy and mature digital presence with minor areas for compliance and security enhancement.

J

Johannes Kiehl KG

kiehl-group.com

64

Johannes Kiehl KG is a well-established company with over 120 years of experience specializing in innovative and environmentally friendly cleaning products. Their product portfolio includes high-quality detergents for professional building cleaning and car wash sectors. The company emphasizes sustainability and environmental protection while delivering effective hygiene solutions. The website targets professional cleaning businesses, hospitals, nursing homes, and car wash operators, positioning itself as a trusted and environmentally conscious market player. Technically, the website is built on a modern CMS platform (likely eZ Platform) with JavaScript frameworks and libraries such as Flickity for carousels and Matomo for analytics. The site is mobile optimized, has good SEO practices, and integrates privacy-compliant cookie consent mechanisms. The presence of CAPTCHA and CSRF tokens on login forms indicates attention to security in user interactions. From a security perspective, the site enforces HTTPS and uses cookie consent with opt-in/out options. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain is a concern, slightly reducing trustworthiness, though the website content and business information appear professional and consistent. Overall, the website presents a professional and trustworthy front for the company, with good technical and privacy compliance. Strategic improvements include publishing security policies, enhancing security headers, and clarifying domain registration details to improve trust and compliance.

B

BUZIL-WERK Wagner GmbH & Co KG

buzil.com

51

BUZIL-WERK Wagner GmbH & Co KG is a German manufacturer specializing in sustainable cleaning products, including the Planta brand which holds Cradle to Cradle certification. The company targets professional cleaning services and industrial clients, emphasizing environmental responsibility and quality. Their website reflects a medium-sized enterprise with a consistent brand presence and a focus on sustainability and training services. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes GDPR-compliant consent management via Usercentrics. Analytics are handled through Matomo, ensuring privacy-conscious tracking. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data reduces domain trust slightly but is mitigated by transparent contact information and certifications. Overall, the website is professional, trustworthy, and well-structured, supporting the company's market position as a reputable cleaning product manufacturer.

D

Deutscher Museumsbund e.V.

museumstag.de

63

Deutscher Museumsbund e.V. is a well-established non-profit association representing German museums and their staff since 1917. The organization focuses on advocacy, networking, and promoting the societal role of museums, including organizing the International Museum Day. The website reflects a mature digital presence built on WordPress, employing modern plugins and privacy-conscious analytics (Matomo). It offers comprehensive content, clear navigation, and strong branding consistency. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. Contact information is transparent and professional, supporting trustworthiness.

C

Contiago GmbH

contiago.de

51

Contiago GmbH is a German technology company specializing in digital multichannel content distribution and network management through its Newsload platform. The company targets organizations such as companies, associations, publishers, and municipalities, providing tools for content creation, licensing, and monetization. Their platform is designed to simplify communication processes and expand digital reach with integrated payment and rights management features. Technically, the website is built on WordPress with Elementor, uses modern libraries like Swiper.js and FontAwesome, and integrates Matomo for analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the website is professional, well-structured, and compliant with GDPR requirements, reflecting a trustworthy and credible business presence.

W

Weser-Ems Halle Oldenburg GmbH & Co. KG

motorradshow-oldenburg.de

62

MOTORRAD SHOW Oldenburg is a well-established regional motorcycle trade fair organized by Weser-Ems Halle Oldenburg GmbH & Co. KG, targeting motorcycle enthusiasts and industry stakeholders in the Oldenburg region of Germany. The event showcases new motorcycle models, accessories, and offers an engaging program including contests and social spaces. The website is professionally designed with good content quality and consistent branding, supporting a positive market position as a leading regional event. Technically, the site uses modern web technologies and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit privacy and terms policies. Overall, the site is trustworthy and functional but could improve compliance and security transparency.

ZECH Smart Construction operates as a partnering model for complex construction projects, emphasizing cooperation, constructiveness, and transparency. The company is positioned within the German construction and real estate sector, targeting industry professionals and project partners. Their business model focuses on providing smart construction modules and project implementation support under the ZECH brand umbrella. Technically, the website is built on TYPO3 CMS with Bootstrap 4 and jQuery, featuring a moderate performance and good mobile optimization. The site employs Matomo analytics with a compliant cookie consent mechanism, reflecting a mature approach to privacy. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are not explicitly detected and no formal security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, supporting the company's credibility in its market niche.

A

Auer Weber

auer-weber.de

49

Auer Weber is an established international architecture firm based in Germany with offices in Stuttgart and Munich. The company employs approximately 150 staff and has a strong portfolio of projects and awards, positioning itself as a reputable player in the architecture and real estate sector. Their website reflects a professional image with multilingual support and showcases their key projects and news updates. Technically, the website is built on TYPO3 CMS, leveraging JavaScript libraries such as jQuery and Flowplayer, and uses Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS and does not expose sensitive data, but lacks advanced security headers and explicit incident response or vulnerability disclosure information. Privacy compliance is partially addressed with a privacy and cookie policy present, though no active cookie consent mechanism is detected. Overall, the website is trustworthy and professional but could improve in security and compliance transparency.

D

Daikin

daikin.de

65

Daikin Germany's website presents a professional and comprehensive digital presence focused on residential heating, cooling, and air purification solutions. The company is positioned as a leading HVAC manufacturer in Europe, offering a wide range of products including heat pumps, air conditioners, and air purifiers. The site is built on Adobe Experience Manager, leveraging modern analytics and marketing tools such as Matomo, Google Analytics, and Visual Website Optimizer, indicating a mature digital infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit policies could be improved. Privacy compliance is basic, lacking visible privacy and cookie policies or consent mechanisms on the analyzed page. Overall, the site is trustworthy and well-maintained but could enhance transparency and compliance aspects.

ZECH Bau SE is a German-based company specializing in real estate development, planning, construction, and operation services. The company positions itself as a digital, smart, and partnership-oriented service provider in the real estate sector, targeting clients and partners involved in property projects. The website reflects a professional and consistent brand image with clear service offerings and a strong presence on multiple social media platforms. Technically, the site is built on TYPO3 CMS with modern libraries such as jQuery and Bootstrap 4, and it uses Matomo for privacy-conscious analytics. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers and explicit security policies are missing. Overall, the site is well-structured, GDPR compliant, and trustworthy, with no signs of blocking or WAF interference.

T

tuningblog.eu

tuningblog.eu

65

tuningblog.eu is a German-based automotive tuning news and tips portal founded in 2013. It targets car enthusiasts and individuals interested in vehicle modifications, providing news, product reviews, event coverage, and detailed how-to guides. The website maintains a professional and consistent brand presence with active social media engagement across multiple platforms. Technically, the site is built on WordPress using the Newspaper theme and Yoast SEO Premium plugin, with integration of Google Adsense for monetization and Matomo for analytics. The site is mobile optimized and uses HTTPS with a valid SSL certificate, ensuring secure user connections. Security posture is good but could be improved by adding security headers and formal security policies. Privacy compliance is basic, lacking explicit privacy and cookie policies or consent mechanisms. Overall, the site is legitimate, well-maintained, and serves a niche automotive audience effectively.

P

pretix

pretix.eu

59

pretix is a technology company specializing in online ticket sales and event management software. Their platform offers a comprehensive suite of services including customizable ticket shops, box office solutions, marketing tools, direct payment integrations, and hardware rental. With over 1000 customers, pretix is positioned as a reliable and flexible solution for a wide range of events such as conferences, festivals, and exhibitions. The company emphasizes privacy and security, holding ISO 27001 certification, which enhances trust among its users. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, supporting a positive user experience. Technically, pretix employs modern web technologies including JavaScript and SVG graphics, and uses Matomo for privacy-conscious analytics. The site is hosted with a reputable registrar and uses HTTPS with strong SSL configuration. While security headers are not explicitly visible in the HTML, the overall security posture is strong, supported by ISO certification and a focus on privacy. However, the absence of a cookie consent mechanism and public vulnerability disclosure pages are areas for improvement. From a security perspective, pretix demonstrates maturity with encrypted communications, no exposed sensitive data, and adherence to recognized security frameworks. The lack of incident response contact details and vulnerability disclosure reduces transparency but does not indicate immediate risk. Overall, pretix presents a low-risk profile with a solid security foundation. Strategically, pretix should enhance compliance by implementing cookie consent mechanisms and publishing vulnerability disclosure information. Adding incident response contacts would improve trust and readiness. These steps will strengthen their security culture and regulatory compliance, supporting continued growth and customer confidence.

Ö

Österreichischer Alpenverein

alpenverein.at

72

The Österreichischer Alpenverein is a well-established non-profit organization dedicated to alpine sports, nature conservation, and community engagement in Austria. The website serves as a comprehensive portal for members and the public, offering information on membership benefits, mountain huts, environmental initiatives, and educational programs. It maintains a strong market position as Austria's leading alpine association with a large member base and extensive regional presence. Technically, the website employs standard web technologies including JavaScript, jQuery, and Matomo analytics, with a focus on accessibility and mobile optimization. The site is well-structured, professionally designed, and provides clear navigation and relevant content. Privacy compliance is robust, featuring a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site uses HTTPS and implements cookie consent but lacks some advanced security headers and explicit vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious content were detected. The WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the website demonstrates a strong security posture, high content quality, and good privacy compliance, making it a trustworthy and professional digital presence for the Österreichischer Alpenverein.

Pascualet - Marc Diez-Prida is a small, specialized PR agency based in Radolfzell am Bodensee, Germany, with a focus on public relations, strategic marketing, photography, and design services. The company targets businesses and organizations seeking comprehensive communication and creative solutions, operating with a niche regional and international presence including Germany, Spain, and Mexico. The website reflects a professional and consistent brand image with clear contact points and partner affiliations. Technically, the website employs a modest but effective technology stack including Matomo for privacy-conscious analytics and Userlike for chat support. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured content. However, no CMS or advanced frameworks are detected, indicating a likely custom or lightweight implementation. From a security perspective, the domain is well-registered with a reputable registrar and shows no signs of privacy protection or suspicious patterns, supporting legitimacy. The site uses HTTPS and disables cookies in analytics, enhancing privacy. However, the absence of security headers and cookie consent mechanisms are notable gaps. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the website presents a trustworthy and professional front for a small PR agency with good business credibility and privacy-conscious analytics. Strategic improvements in security headers, cookie consent, and published policies would strengthen the security posture and compliance standing, supporting long-term business growth and client trust.

V

VELOBerlin. Das Fahrradfestival.

veloberlin.com

45

VELOBerlin is a specialized event organizer hosting a bicycle festival in Berlin, targeting cycling enthusiasts and industry professionals. The website promotes the event scheduled for May 2025, offering ticket sales and brand showcases. The business operates in the transportation sector with a focus on event management and community engagement. Technically, the website is built on WordPress using Elementor and Rank Math SEO, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and privacy compliance features such as cookie consent and privacy policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security measures.

V

VAUDE Sport GmbH & Co. KG

vaude.com

75

VAUDE Sport GmbH & Co. KG is a well-established German outdoor equipment and apparel company specializing in sustainable products such as clothing, backpacks, and cycling bags. The company targets environmentally conscious outdoor enthusiasts and offers a comprehensive e-commerce platform with a strong emphasis on sustainability and quality. The website demonstrates a mature digital presence with modern e-commerce features and a clear focus on user experience and privacy compliance. Technically, the site is built on Magento Commerce with integrations for analytics (Matomo) and consent management (Usercentrics), reflecting a commitment to data privacy and performance monitoring. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although there is room for improvement in publishing explicit security policies and incident response information. The absence of WHOIS data is unusual but does not detract significantly from the overall legitimacy given the brand's strong market presence and trust indicators. Strategic recommendations include enhancing security transparency and accessibility compliance to further strengthen trust and compliance.

D

Deutscher Alpenverein (DAV) Shop

dav-shop.de

65

The DAV Shop website serves as the official e-commerce platform for the Deutscher Alpenverein, offering specialized alpine maps, books, and outdoor equipment. It targets alpine enthusiasts and members of the DAV, positioning itself as a niche leader in the German outdoor retail market. The site provides a professional and consistent user experience with clear navigation and relevant content tailored to its audience. Technically, the website is built on ASP.NET Web Forms with modern JavaScript libraries like jQuery and integrates privacy-focused tools such as Cookiebot and Matomo analytics. The infrastructure suggests a moderately performing platform with good mobile optimization and accessibility features. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR, but lacks explicit security headers and a published security policy or incident response plan. Overall, the website is trustworthy and compliant with privacy regulations, though it could improve its security posture by implementing additional headers and vulnerability disclosure mechanisms.

T

The easyBrand Company Ltd.

cronly.app

55

Cronly.app is a specialized SaaS platform offering comprehensive cron job management including monitoring, scheduling, backup, and integration services. The company positions itself as a reliable tool for developers and teams to ensure their scheduled tasks run smoothly, with additional features like SSL certificate monitoring and extensive integrations via Zapier, Slack, and email. The website is professionally designed with clear navigation and interactive features such as a pricing calculator, targeting a developer audience. The business appears to be a small technology company founded in 2018, operating under The easyBrand Company Ltd. brand. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates multiple analytics platforms such as Matomo, Google Tag Manager, and Clicky. It uses Google reCAPTCHA for form security and enforces HTTPS with strong security headers, indicating a mature digital infrastructure. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, Cronly demonstrates good practices including HTTPS enforcement, use of security headers, and form protection via reCAPTCHA. However, it lacks visible cookie consent mechanisms and published security or incident response policies, which are important for compliance and transparency. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data aligns well with the website's claims, showing consistent registration details and domain age appropriate for the business history. Overall, Cronly.app presents a trustworthy and professional online presence with a strong technical foundation and good security posture. To further enhance compliance and user trust, implementing a cookie consent banner and publishing security policies are recommended. The site is safe for general audiences and free from any adult or questionable content.

I

Sign in - Matomo

imc-statistik.de

47

The website imc-statistik.de serves as a login portal for a Matomo Analytics platform, indicating its primary function is to provide access to web analytics data. The site is minimalistic, focusing on authentication rather than public-facing business content. The platform leverages Matomo, an open-source analytics solution, suggesting a preference for privacy-respecting analytics. The lack of public business information, contact details, or policy documents limits the ability to fully assess the business context or compliance posture. Technically, the site uses HTTPS and standard Matomo tracking scripts, but lacks visible security headers and comprehensive privacy or cookie policies. This indicates a moderate technical maturity but gaps in privacy compliance and user transparency. Security posture is basic with no critical vulnerabilities detected, but improvements are needed in policy disclosures and contact availability. Overall, the site is functional for its intended purpose but lacks broader business and compliance transparency, which could impact trust and regulatory adherence.

D

Devoteam

singularityde.com

75

Devoteam is an enterprise-level technology consulting firm specializing in AI-driven digital transformation and cloud services. The company positions itself as a leader in AI and sustainable technology consulting, serving a broad business audience across multiple countries. Their service portfolio includes AI, cloud managed services, cybersecurity, data analytics, and business transformation, supported by partnerships with major cloud providers such as AWS, Google Cloud, Microsoft, and ServiceNow. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site runs on WordPress with modern SEO and analytics tools, including Yoast SEO, Google Tag Manager, and Matomo, indicating a well-maintained infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though explicit security policies and incident response contacts are not published. WHOIS data is unavailable or privacy protected, which slightly reduces trust but is common for enterprise sites. Overall, the site demonstrates high professionalism, good security hygiene, and strong business credibility.

D

Devoteam

procori.com

75

Devoteam is a technology consulting and managed services company specializing in AI-driven digital transformation, cloud services, and ServiceNow solutions. Positioned as a leading ServiceNow Elite partner in the EMEA region, Devoteam offers a broad portfolio of services including AI, cybersecurity, cloud native architecture, and business transformation. The company targets enterprise clients seeking to streamline workflows and enhance IT operations through innovative technology solutions. Technically, the website is built on WordPress with modern SEO and analytics tools, demonstrating good digital maturity and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though explicit security policies and incident response information are not prominently published. Overall, the site reflects a professional and trustworthy business presence, though the absence of WHOIS registration data introduces some legitimacy concerns that warrant further verification.

D

Devoteam

ubertasconsulting.com

74

Devoteam is a leading AI-driven technology consulting firm specializing in digital transformation, cloud services, cybersecurity, and sustainable IT solutions. The company operates across more than 25 countries in the EMEA region and partners with major cloud providers such as AWS, Google Cloud, Microsoft, and ServiceNow. Their business model focuses on delivering AI-powered consulting and managed services to enterprise clients seeking to innovate and transform their operations sustainably. The website reflects a mature and professional organization with comprehensive service offerings and a strong partnership ecosystem. Technically, the website is built on WordPress with modern SEO and analytics tools including Yoast SEO, Google Tag Manager, and Matomo Analytics. The site demonstrates good performance, mobile optimization, and accessibility features. Security best practices are observed with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not prominently published. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident through the presence of privacy and cookie policies with GDPR considerations. However, the absence of WHOIS registration data raises some concerns about domain registration transparency, although the professional nature of the site and business presence mitigate this risk. Overall, Devoteam presents a trustworthy and professional digital presence aligned with its market position as a technology consulting leader. Strategic recommendations include enhancing transparency around security policies, incident response, and domain registration details to further strengthen trust and compliance.

F

FISAT e.V.

fisat.de

56

FISAT e.V. is a specialized professional association based in Germany focused on rope access and positioning techniques for work and rescue at heights. The organization provides certification, training, safety guidelines, and acts as a representative body in national and international committees to improve safety and health protection for workers at elevated workplaces. The website reflects a professional and consistent brand image with clear navigation and relevant content targeted at professionals and companies in the rope access industry. Technically, the site is built on TYPO3 CMS with Bootstrap and uses privacy-conscious Matomo analytics. Security posture is good with HTTPS enforced, but could be improved by adding security headers and cookie consent mechanisms. No direct contact emails or phone numbers are visible, but contact forms and social media presence exist. Overall, the site is trustworthy and well-positioned within its niche.

N

Niemöller

niemoeller.de

47

Niemöller operates a specialized e-commerce platform focused on providing spare parts for Mercedes Benz classic cars manufactured between 1946 and 1975. The website offers a comprehensive catalog of parts organized by model series, targeting classic car enthusiasts and restorers. The business positions itself as a niche market leader in classic Mercedes Benz spare parts retail, primarily serving customers in Europe with multilingual support and country-specific VAT pricing. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, and integrates multiple analytics tools such as Google Analytics, Matomo, and Hotjar. The site is hosted on a domain managed by DomainControl and uses HTTPS to secure communications. Security posture is adequate with secure forms and no exposed sensitive data, but lacks visible security headers and formal privacy or cookie policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and compliance. Overall, the website is professional, user-friendly, and trustworthy, but could benefit from enhanced privacy compliance and security best practices.

T

Technik Museen Sinsheim Speyer

technik-museum.de

48

The Technik Museum website serves as a portal for two prominent technology museums located in Sinsheim and Speyer, Germany. It provides visitors with access to museum information and ticket purchasing options through dedicated subdomains and a ticket shop. The site targets general museum visitors and technology enthusiasts, positioning itself as a regional cultural attraction. The business model revolves around museum operations and ticket sales, with a medium-sized organizational footprint. From a technical perspective, the website employs a modest technology stack including Matomo for analytics, Font Awesome for icons, and JavaScript libraries such as Moment.js and Countdown.js. Hosting is provided by kasserver.com, and the site uses HTTPS with a good SSL configuration. However, the site lacks advanced SEO metadata, accessibility features, and visible cookie consent mechanisms, indicating room for digital maturity improvements. Security-wise, the site benefits from HTTPS and privacy-conscious analytics but lacks visible security headers and published security policies. No forms or user input fields are present on the splash page, reducing attack surface. The absence of cookie consent and detailed privacy policies may pose compliance risks under GDPR. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is functional and moderately secure but would benefit from enhanced privacy compliance, improved metadata, and clearer contact information to strengthen trust and regulatory adherence.

W

webways AG

employerboard.ch

63

sozjobs.ch is a leading Swiss job portal specializing in social and healthcare professions, operated by webways AG. The platform offers job listings, employer portraits, and recruitment tools tailored to the niche market of social and healthcare employment in Switzerland. The website demonstrates a professional design with consistent branding and clear navigation, targeting both job seekers and employers in the sector. Technically, the site employs modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager, with a custom CMS and good mobile optimization. Security posture is solid with HTTPS enforced and error monitoring via Sentry, though explicit security headers and incident response policies are absent. Privacy compliance is well addressed through comprehensive privacy and cookie policies with user consent mechanisms. Overall, the site is trustworthy, safe, and professionally maintained, with a strong market position in its niche.

E

easyDNS Technologies Inc.

axisofeasy.com

54

AxisOfEasy.com is a niche media website operated by easyDNS Technologies Inc., focusing on cybersecurity, privacy, AI, and technology news and commentary. The site offers podcasts, weekly digests, and articles targeting IT professionals and technology enthusiasts. The business model centers on content publishing supported by the parent company easyDNS. The website demonstrates consistent branding and professional content quality, positioning it as a trusted source within its niche. Technically, the site is built on WordPress with a modern tech stack including Google reCAPTCHA, Matomo, and MonsterInsights for analytics. Hosting is provided by easyDNS, ensuring domain and hosting consistency. Security posture is good with HTTPS enforced and use of CAPTCHA, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional, professional, and trustworthy but could improve transparency and security practices.

A

Addviso

addviso.com

51

Addviso is a French digital agency based in Rennes, specializing in a broad range of digital services including digital strategy, web design, website creation, SEO, social media management, web analytics, web marketing, and digital event solutions. The company targets businesses and organizations seeking to develop and succeed in their digital projects. The website content is professionally presented in French, reflecting a small-sized agency founded around 2018. Technically, the site is built on WordPress, utilizing common plugins such as Contact Form 7 and Tarteaucitron for cookie consent management, and employs Matomo and Google Analytics for visitor tracking. The site is mobile-optimized with good SEO practices and moderate performance.

Z

Zentralverband Deutsches Kraftfahrzeuggewerbe

kfzgewerbe.de

58

The Zentralverband Deutsches Kraftfahrzeuggewerbe (ZDK) is a prominent German trade association representing over 39,000 car dealerships, body shops, and master automotive workshops with nearly 470,000 employees. The website serves as a comprehensive platform for industry news, initiatives, and member services, positioning ZDK as a central voice in the automotive trade sector in Germany. The site targets industry professionals, policymakers, and the general public interested in automotive trade developments. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including SVG graphics and Vite for asset bundling. It employs Matomo analytics with privacy-conscious configurations and implements consent-based loading for third-party content such as YouTube videos. The site is hosted on networkteam.com infrastructure, with fast performance and excellent mobile optimization. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics. However, it lacks explicit published security policies and incident response contacts, and could benefit from additional security headers and a vulnerability disclosure policy. Privacy compliance is strong, with a clear privacy policy and cookie consent mechanism in place. Overall, the website is professional, trustworthy, and well-maintained, reflecting the organization's authoritative position in the automotive trade industry. Strategic improvements in security transparency and incident response readiness would further enhance trust and resilience.

S

SERMA GmbH

serma.eu

60

SERMA GmbH operates a professional website focused on providing SERMI certification services and access to security-relevant repair and maintenance information for the automotive sector. The company targets automotive service providers requiring secure access to vehicle data, offering a digital portal for registration and management. The website is well-structured, professionally designed, and consistent with the company's business focus in Germany. Technically, the site is built on TYPO3 CMS, employs Matomo analytics with privacy-conscious configurations, and uses modern JavaScript modules. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and cookie consent implemented, though additional security headers and a published security policy would enhance trust. The WHOIS data is privacy protected by EURid, which is common for EU domains, and no registrant details are publicly available. Despite this, the website content and contact information indicate a legitimate and trustworthy business. No blocking or WAF mechanisms were detected, allowing full content access and analysis. Overall, SERMA GmbH presents a credible, secure, and professional online presence supporting its niche certification services in the automotive industry.

R

Resultify i Sverige AB

resultify.se

59

Resultify i Sverige AB is a Swedish digital marketing and communications agency specializing in optimizing the digital customer journey through creative communication, data-driven marketing, and HubSpot platform expertise. Positioned as a certified HubSpot Diamond Partner, Resultify offers a comprehensive suite of services including strategy consulting, CRM and sales enablement, marketing, advertising, analytics, web development, and integrations. Their market focus is on businesses seeking to grow and enhance their digital presence with measurable results. The website demonstrates a professional and consistent brand image with good content quality and clear navigation. Technically, the website is built on the HubSpot CMS platform, leveraging modern web technologies and multiple marketing and analytics tools such as Google Tag Manager, Matomo, and various social media pixels. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and use of reCAPTCHA on forms, though explicit security headers could be better documented. Privacy compliance is strong, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR. The security analysis reveals no critical vulnerabilities or exposed sensitive data. However, the WHOIS data for the domain could not be retrieved, limiting the ability to fully verify domain registration legitimacy. Despite this, the professional presentation, clear contact information, and social media presence support a high trustworthiness rating. Overall, Resultify presents as a credible and competent digital marketing partner with a mature digital infrastructure. Strategic recommendations include enhancing security header implementation, publishing a formal security policy and incident response contacts, and considering a vulnerability disclosure policy to further strengthen trust and compliance.

D

Devoteam

devoteam.com

75

Devoteam is an enterprise-level AI-driven technology consulting firm specializing in digital transformation, cloud services, cybersecurity, and sustainable IT solutions. The company operates across more than 25 countries in the EMEA region and offers a broad portfolio of services including AI, business transformation, cloud managed services, and training. Their market position is strong, supported by partnerships with major technology providers such as AWS, Google Cloud, Microsoft, and ServiceNow. The website reflects a professional and consistent brand image with comprehensive content targeting businesses seeking advanced technology consulting. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Matomo, and Google Tag Manager. The site is mobile-optimized and demonstrates good performance and accessibility standards. However, some security best practices like explicit security headers and published incident response policies are not evident in the provided data. Security posture is generally good with HTTPS enforced and no visible vulnerabilities in the HTML content. The absence of WHOIS registration data is a concern and warrants further verification to confirm domain legitimacy. Privacy compliance is supported by the presence of privacy and cookie policies with consent mechanisms, indicating GDPR awareness. Overall, the website presents a low risk with a high degree of professionalism and business credibility. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving transparency around domain registration details.

E

easyDNS Technologies Inc.

easydns.com

70

easyDNS Technologies Inc. is a well-established Canadian company specializing in domain registration, DNS hosting, email hosting, and web hosting services since 1998. The company positions itself as a reliable and professional DNS provider with a broad portfolio of services including Anycast DNS, premium email solutions, and managed WordPress hosting. Their market presence is supported by a consistent brand and a comprehensive service offering targeting businesses and individuals requiring robust domain and hosting solutions. The website reflects a mature digital presence with strong SEO and structured data implementation. Technically, the website is built on WordPress using the Genesis Framework, enhanced with modern plugins such as Gravity Forms and Smart Slider 3. It employs multiple analytics platforms including Google Analytics and Matomo, and integrates security features like reCAPTCHA. The site is mobile optimized, fast loading, and accessible, demonstrating a high level of digital maturity. From a security perspective, the site enforces HTTPS and uses domain status locks to protect domain integrity. However, DNSSEC is not enabled, and there is no explicit security policy or incident response information published. The use of reCAPTCHA and secure forms indicates attention to security best practices, but there is room for improvement in publishing vulnerability disclosure and security policies. Overall, the risk profile is low with no detected vulnerabilities or suspicious indicators. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enabling DNSSEC, publishing a security policy and incident response contacts, and enhancing HTTP security headers to further strengthen security posture.

W

webways AG

spitexjobs.ch

69

spitexjobs.ch is a specialized online job portal dedicated to the Spitex healthcare sector in Switzerland, connecting job seekers with Spitex organizations. The platform offers comprehensive job listings, employer profiles, and advanced search and filtering capabilities tailored to healthcare roles such as ambulatory care and specialized nursing. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and relevant content for its target audience. Technically, the site employs modern JavaScript frameworks, integrates analytics via Matomo and Google Tag Manager, and uses Sentry for error monitoring, reflecting a mature digital infrastructure. Security is robust with HTTPS enforced, appropriate security headers, and privacy compliance including GDPR-aligned privacy and cookie policies with user consent mechanisms. No critical vulnerabilities or suspicious content were detected, and WHOIS data confirms the domain's legitimacy and consistency with the business profile. Overall, the site demonstrates a strong security posture, good privacy practices, and a credible business presence in the Swiss healthcare job market.

F

Fresenius SE & Co. KGaA

fresenius.com

79

Fresenius SE & Co. KGaA is a leading global healthcare group specializing in products and services for chronically and critically ill patients. The company operates through key subsidiaries such as Fresenius Kabi and Fresenius Helios, offering pharmaceuticals, medical devices, and healthcare services. The website reflects a mature digital presence with comprehensive content targeting healthcare professionals, investors, and patients. Technically, the site is built on Drupal 10, employs Matomo for analytics, and integrates OneTrust for cookie consent, indicating a modern and privacy-conscious infrastructure. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although the absence of a public vulnerability disclosure policy and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting Fresenius's reputation as a major healthcare enterprise.

D

Dohna & Dombert GmbH

classicindex.eu

36

classicindex.eu is a German-language online portal dedicated to classic vehicle enthusiasts, operated by Dohna & Dombert GmbH. The website provides news, articles, and resources related to classic cars, targeting hobbyists, collectors, and automotive fans. It maintains a niche position in the classic automotive media sector, offering advertising opportunities and event information. The site is built on WordPress with specialized plugins for directory listings and advertising management. The technical infrastructure includes modern web technologies such as Bootstrap 5 and FontAwesome, with Matomo analytics for user tracking. Security posture is moderate with HTTPS enforced but lacks comprehensive security headers and cookie consent mechanisms. Business credibility is supported by legal disclosures and consistent branding, though direct contact details are limited on the main site. Overall, the site is functional, content-rich, and serves its target audience effectively.

V

Vendée Globe

vendeeglobe.org

63

The Vendée Globe official website serves as a comprehensive digital platform for the globally recognized solo round-the-world sailing race. It offers detailed race information, skipper profiles, rankings, news updates, and promotes ocean preservation initiatives. The site targets sailing enthusiasts, media, and the general public with a professional and engaging user experience. Technically, the website is built on a modern stack including Drupal CMS, Alpine.js, and Swiper.js, with strong mobile optimization and accessibility features. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit privacy and terms of service pages are missing. WHOIS data is unavailable, which slightly impacts domain trust but the overall branding and external references strongly support legitimacy.

S

Startup 4 Climate

startup4climate.com

58

Startup 4 Climate is an innovation challenge initiative founded in 2020, aimed at catalyzing ideas that accelerate the energy transition and limit global warming to 1.5 degrees. The initiative is supported by prominent Swedish energy companies such as Ellevio and GodEl, and partners like THINGS and We Don't Have Time. The website serves as a platform for startups to participate, pitch ideas, and gain exposure and funding. The business model revolves around fostering innovation through competitions and networking opportunities, positioning itself as a key player in Sweden's sustainable energy ecosystem. Technically, the website is built on WordPress, leveraging common technologies such as jQuery, Matomo for analytics, and Cookiebot for cookie consent management. The site demonstrates good SEO practices with Yoast SEO integration and is mobile optimized with a responsive design. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements a robust cookie consent mechanism, reflecting good privacy compliance. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the business claims, showing consistent registration details and domain age appropriate for the initiative's founding date. Overall, Startup 4 Climate presents a professional, trustworthy, and privacy-conscious web presence supporting an important environmental cause. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its security posture and user trust.

C

CookieTractor

cookietractor.eu

71

CookieTractor is a specialized European technology company offering a user-friendly, legally compliant cookie consent solution designed to meet GDPR and ePrivacy Directive requirements. The company emphasizes accessibility, supporting WCAG 2.2 AAA standards and the European Accessibility Act, targeting website owners who require robust cookie management with clear user consent mechanisms. Their business model is subscription-based with tiered pricing according to website size, serving a niche market with notable clients such as Volvo and UNICEF, enhancing their market credibility. Technically, the website employs modern web technologies including ASP.NET Core, jQuery, and integrates analytics tools like Google Analytics and Matomo. Hosting and CDN services are provided via Cloudflare, ensuring fast performance and global reach. The site is mobile-optimized and highly accessible, with a strong focus on user experience and compliance. However, explicit security headers are not detected, which could be improved to enhance security posture. From a security perspective, the site enforces HTTPS, uses anti-forgery tokens in forms, and implements cookie consent mechanisms that prevent non-essential cookies before user approval. Despite these strengths, the absence of a published security policy or vulnerability disclosure reduces transparency. The WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy, though the website content and references suggest a legitimate business. Overall, CookieTractor presents a professional, trustworthy, and technically sound service with strong compliance and accessibility features. The main risk lies in the lack of visible domain registration data and some security header omissions. Strategic recommendations include publishing security policies, adding security headers, and verifying domain registration details to strengthen trust and compliance.

A

Association of Arctic Expedition Cruise Operators

aeco.no

66

The Association of Arctic Expedition Cruise Operators (AECO) is a specialized membership organization dedicated to promoting responsible and sustainable Arctic expedition cruise tourism. The organization focuses on environmental stewardship, cultural preservation, community engagement, and safety in Arctic regions. AECO provides its members with operational guidelines, tools, resources, and organizes events to foster collaboration and knowledge sharing. The website reflects a professional and well-maintained digital presence, leveraging WordPress CMS and modern web technologies to deliver content effectively. Privacy considerations are addressed with a comprehensive privacy policy and the use of Matomo analytics with cookies disabled, although cookie consent mechanisms are absent. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities, but could be improved by implementing additional security headers and publishing formal security policies. Overall, AECO presents a credible and trustworthy online presence consistent with its mission and organizational history.

C

City of Bremen

bremen.eu

64

The website www.bremen.eu serves as the official digital portal for the city of Bremen, Germany, providing comprehensive information about the city, including current events, tourist attractions, and public services. It targets residents, tourists, and the general public interested in Bremen, positioning itself as a trusted government resource. The site employs modern web technologies such as Vue.js and Matomo analytics, ensuring a responsive and user-friendly experience across devices. Privacy compliance is robust, featuring a detailed cookie consent mechanism and adherence to GDPR standards. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the domain and website exhibit high legitimacy and professionalism, consistent with a government entity.