Security Directory

T

tripadvisor.co.uk

tripadvisor.co.uk

52

The website tripadvisor.co.uk is currently inaccessible due to an active CAPTCHA security mechanism, likely implemented as a Web Application Firewall (WAF) or anti-bot protection. This prevents access to the actual website content, including metadata, business information, and user interface elements. The domain is well-established, registered since 2002, and managed by a reputable registrar, indicating a legitimate business presence. However, due to the blocked content, a full analysis of the website's privacy policies, security posture, and technical infrastructure is not possible. The visible technical elements are limited to JavaScript-based CAPTCHA scripts from captcha-delivery.com, which serve to protect the site from automated access.

T

Tischtennis in Wien neu erleben | Wiener Tischtennis Plattform

tischtennishobbywien.at

63

The website 'Tischtennis Hobby Wien' serves as a local community platform dedicated to table tennis enthusiasts in Vienna, Austria. It provides information and engagement opportunities for hobbyists, positioning itself as a niche sports community. The business model focuses on community building and information dissemination rather than commercial transactions. Technically, the site is built on WordPress using the Elementor page builder and enhanced with the Rank Math PRO SEO plugin, indicating a moderate level of digital maturity. The site is mobile-optimized and performs moderately well, though some technical improvements could enhance user experience further. Security-wise, the site uses HTTPS but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or security contact information is available, which could be a concern for handling security issues. Overall, the site is safe for general audiences and maintains a moderate trust level. Strategic improvements in privacy compliance and security practices are recommended to enhance credibility and user trust.

X

XXXLutz

xxxlutz.ro

10

XXXLutz.ro is a large Romanian e-commerce and retail website specializing in furniture and home decoration products. It is part of the XXXLutz Group, a well-known furniture retailer with a strong market presence in multiple countries. The website offers a wide range of products including furniture for living rooms, bedrooms, kitchens, garden furniture, and accessories. It targets consumers in Romania seeking quality furniture and home decor with options for online and in-store shopping. The site is professionally designed with good navigation and mobile optimization, supporting multiple languages and regional domains.

A

ABOUT YOU GmbH

aboutyou.at

69

ABOUT YOU GmbH operates a leading online fashion retail platform offering products from over 2,000 top brands, primarily targeting fashion consumers in Austria and Europe. The website demonstrates a strong market position with a comprehensive e-commerce business model focused on personalized shopping experiences. Technically, the site employs modern JavaScript frameworks, consent management via Usercentrics, and robust monitoring through Datadog, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting a high level of business credibility and user trust.

J

joinsports.de

joinsports.de

51

JoinSports.de is a German-based online platform focused on enabling users to book sports activities easily within their region. The website leverages modern web technologies including Vue.js, Tailwind CSS, and integrates third-party services such as Stripe for payment processing and Intercom for customer engagement. The technical infrastructure is hosted on Amazon AWS, indicating a professional hosting environment. However, the website content is primarily client-side rendered, with minimal static HTML content available, which may impact SEO and accessibility. Security-wise, HTTPS is used as inferred from included scripts, but explicit security headers are missing, and no privacy or cookie policies are present, indicating gaps in compliance and security best practices. Overall, the site presents a moderate security posture with room for improvement in privacy compliance and transparency.

T

Time Service B.V.

getraceresults.com

49

RaceResults, operated by Time Service B.V., is a specialized online platform providing comprehensive motorsport race results, live timing, and race tracking services. The website hosts an extensive database of event results timed with RSTime software dating back to 2004, serving motorsport enthusiasts, event organizers, and racers globally. The platform leverages DotNetNuke CMS and integrates Google Analytics for user tracking. The business operates primarily in the transportation sector with a niche focus on motorsport timing services. The domain is well-established since 2016, aligning with the business's operational history.

S

SRO Motorsports Group

sro-motorsports.com

65

SRO Motorsports Group is a globally recognized leader in GT racing, organizing and managing a wide range of GT racing series including GT3, GT4, GT2, and touring car championships. The company operates a broad network of related motorsports events and subsidiaries, positioning itself as a key player in the international motorsports industry. Their website reflects a professional and modern digital presence with a focus on event promotion, news, and sustainability initiatives. Technically, the site uses modern web standards, including HTML5, CSS3, and JavaScript, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although some security headers and explicit incident response contacts are missing. The absence of WHOIS data limits transparency but does not detract significantly from the site's legitimacy given the professional content and active event calendar. Overall, the site is well-maintained, trustworthy, and serves its target audience effectively.

The website www.msk-team.de is currently inaccessible beyond a Cloudflare security challenge page, which prevents access to any substantive business content or metadata. As such, no information about the company's operations, services, or market positioning can be determined. The technical infrastructure includes Cloudflare's Turnstile captcha for bot mitigation, indicating a focus on security at the perimeter level. However, the lack of accessible content limits the ability to assess digital maturity or technical sophistication beyond basic hosting and security measures. The security posture cannot be fully evaluated due to the absence of visible security headers or SSL details, but the presence of Cloudflare's WAF suggests some level of protection. Overall, the site is effectively blocked for analysis, resulting in a low trust and credibility score. Strategic recommendations include ensuring the site is accessible for legitimate users and providing clear business and compliance information to improve trust and transparency.

R

Race Ready

raceready.pt

59

Race Ready is a small Portuguese company specializing in the organization and management of historic racing events in the Iberian Peninsula, including Historic Endurance, CSS GROUP1, Troféu Mini, and Fórmula Ford Portugal. The company positions itself as a leader in this niche market, targeting classic car racing enthusiasts and participants. The website is professionally designed using the Wix platform, featuring multilingual support and structured data to enhance SEO and social media presence. However, it lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Technically, the site uses modern web technologies and is hosted on Wix, with moderate performance and good mobile optimization. Security measures include HTTPS enforcement and some script hardening, but security headers and incident response information are absent. Overall, the site is trustworthy but would benefit from enhanced privacy compliance and clearer contact information.

H

Hofer Fotos

hoferfotos.at

67

Hofer Fotos is a small local photography service based in Austria, specializing in portrait, event, and commercial photography. The website presents a professional image with good design quality and clear navigation, targeting individuals and businesses seeking photography services. The technical infrastructure includes modern JavaScript libraries such as jQuery and PrimeFaces, with integration of marketing and analytics tools like Google Analytics and Visual Website Optimizer. While the website uses HTTPS and secure cookies, it lacks several security headers and visible privacy or terms of service pages, indicating room for improvement in compliance and security posture. No direct contact information or incident response policies are visible, which may affect user trust and regulatory compliance.

H

HoT Telekom und Service GmbH

hot.at

76

HoT Telekom und Service GmbH operates as a prepaid mobile telecommunications provider in Austria, offering affordable and flexible mobile and internet services without contractual obligations. The company is positioned as a leading low-cost provider, affiliated with the reputable HOFER retail brand, and has received awards for customer satisfaction and price-performance. The website is professionally designed, mobile-optimized, and provides comprehensive information about services, legal policies, and customer support. Technically, the site uses modern frameworks such as Nuxt.js and Vue.js, with strong security practices including HTTPS and Content-Security-Policy headers. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. No critical security vulnerabilities or blocking mechanisms were detected, indicating a mature and trustworthy online presence.

H

HOFER REISEN

hofer-reisen.at

74

HOFER REISEN is an established Austrian travel agency offering a wide range of affordable travel packages including car trips, flights, cruises, and bus tours. The website targets German-speaking travelers seeking budget-friendly vacation options. The company maintains a consistent brand presence with a professional and user-friendly website optimized for mobile devices. Technically, the site employs modern web technologies, integrates third-party marketing and analytics tools, and enforces strong security practices including HTTPS and security headers. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. However, contact information and terms of service pages are not readily found, which could be improved for better user trust and compliance.

S

Servus in Stadt & Land

servus.com

73

Servus.com is a well-established Austrian media platform focused on lifestyle content including recipes, gardening, culture, and regional traditions. The site offers a rich content experience with over 3,500 recipes and multiple magazine editions, supported by subscription and marketplace services. The technical infrastructure leverages modern web technologies, including Google Tag Manager and OneTrust for privacy compliance, ensuring a good user experience across devices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data suggests privacy protection or data unavailability, but the site's affiliation with Red Bull Media House and professional presentation indicate legitimacy. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

F

Fielmann AG

fielmann.at

59

Fielmann AG is a leading optical retailer in Austria, providing eyeglasses, contact lenses, and eye care services through both online and physical store channels. The company has a strong market presence and brand recognition, targeting consumers seeking quality eyewear and optical solutions. The website reflects a mature digital infrastructure utilizing modern frontend technologies such as Vue.js and Tailwind CSS, supported by CDN providers to ensure fast and responsive user experience. Security posture is robust with HTTPS enforcement and comprehensive security headers, although explicit security policies and incident response contacts are not prominently published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a professional and trustworthy online presence consistent with the company's established reputation.

J

Julius Meinl

juliusmeinl.com

62

Julius Meinl is a well-established premium coffee and tea company with a rich heritage dating back to 1862. The company positions itself as a global ambassador for Viennese Coffee House Culture, offering a wide range of products and services tailored to both businesses and home consumers. Their offerings include premium coffee and tea, professional coffee machines, training, and bespoke business solutions. The website reflects a mature brand with consistent messaging and a strong market presence in the hospitality sector, particularly in Austria and internationally. Technically, the website is built on a modern stack including Kentico CMS, hosted on Azure, and utilizes advanced analytics and tracking tools such as Microsoft Application Insights and Google Tag Manager. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Privacy compliance is well addressed through Cookiebot consent mechanisms and a comprehensive privacy policy. From a security perspective, the site enforces HTTPS, implements a Content Security Policy, and avoids exposing sensitive data. However, there is room for improvement by enabling DNSSEC, adding more security headers, and publishing a formal security policy or incident response contacts. No critical vulnerabilities or suspicious patterns were detected. Overall, Julius Meinl's website demonstrates a high level of professionalism, trustworthiness, and digital maturity. The domain registration details corroborate the company's legitimacy and long-standing market presence. Strategic recommendations include enhancing DNS security, expanding security policies, and improving transparency around incident response to further strengthen trust and security posture.

B

Beiersdorf

beiersdorf.at

76

Beiersdorf is a globally recognized enterprise specializing in skin care products with a portfolio of strong brands such as NIVEA, Eucerin, and La Prairie. The website reflects a mature digital presence with comprehensive corporate information, a focus on consumer needs, and a commitment to sustainability. Technically, the site employs modern frameworks like UIkit, integrates Google Analytics and Tag Manager for data insights, and uses a robust consent management platform to ensure GDPR compliance. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for user experience and privacy.

S

SPEEDWEEK.COM

speedweek.com

65

SPEEDWEEK.com is a German-language motorsport news website providing comprehensive coverage of various motorsport disciplines including Formula 1, MotoGP, Superbike, IDM, and DTM. The site targets motorsport enthusiasts primarily in German-speaking regions and offers news, videos, photo galleries, and editorial content. The website appears professionally designed with consistent branding and regular content updates, positioning it as a reputable media outlet in its niche. The affiliation with Red Bull Media House is implied through authentication and embedded content domains, suggesting a strong backing and market presence. Technically, the site uses modern web technologies such as Bootstrap, lazy loading, and third-party authentication via Auth0, indicating a mature digital infrastructure. However, some areas such as explicit privacy policy pages and security headers could be improved. Security posture is moderate with HTTPS usage and secure authentication but lacks visible security headers and explicit incident response information. Overall, the site is functional, trustworthy, and well-positioned but would benefit from enhanced transparency and security practices.

R

Red Bull Media House GmbH

carpediem.life

65

carpediem.life is a German-language health and wellness media website operated under the Red Bull Media House GmbH umbrella. It provides rich content focused on longevity, mental health, nutrition, and lifestyle, targeting health-conscious adults primarily in Austria and German-speaking regions. The website features articles, podcasts, events, and newsletters, positioning itself as a niche media brand with a professional and consistent brand image. Technically, the site is built using the Hugo static site generator, employs Google Tag Manager and Google Publisher Tags for advertising and analytics, and integrates OneTrust for cookie consent, reflecting a modern and privacy-aware infrastructure. Security posture is good with HTTPS enforced and privacy policies in place, though some security headers could be improved. The domain WHOIS data is privacy protected, which is common and justified for media businesses. Overall, the site is trustworthy, well-maintained, and compliant with GDPR requirements.

M

Maison Béthel / Fondation Praz-Soleil

maison-bethel.ch

52

Maison Béthel is a Swiss non-profit healthcare establishment specializing in transitional psychiatric care for adults aged 18 to 65. It operates under the Fondation Praz-Soleil umbrella and is recognized as a public interest institution within the canton of Vaud's psychiatric network. The website presents clear information about its mission, services, and contact details, targeting patients, families, and healthcare professionals. Technically, the site uses standard web technologies including HTML5, CSS3, and jQuery, with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although formal security policies and incident response information are not published. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with room for improvement in security transparency and accessibility.

N

Nissan

nissan.de

71

Nissan Deutschland's website serves as the official German portal for Nissan's automotive offerings, including passenger cars, commercial vehicles, and electric vehicles. The site targets consumers in Germany interested in innovative automotive solutions. The business is positioned as a major automotive brand with a strong market presence. Technically, the website employs modern web technologies such as HTML5, CSS3, and JavaScript with a likely enterprise CMS backend, delivering a good user experience with mobile optimization and SEO best practices. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with no visible security headers or incident response information, indicating room for improvement in security best practices. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

The website ars-mia.de hosts a login portal titled 'MIA | Anmeldung' primarily serving users associated with 'autohausen'. The site appears to be a business application login interface with minimal public-facing content. The target audience is likely internal or authorized users of the MIA system. The business sector is not explicitly stated but is related to automotive or dealership services given the author metadata and company name. The website is hosted in Germany and uses HTTPS with basic security measures.

Sägewerk Karl Alt GmbH & Co. KG is a medium-sized German hardwood sawmill specializing in the production and distribution of high-quality hardwood lumber primarily for European, North American, Arab, and Asian markets. The company emphasizes sustainable sourcing and offers additional services such as drying, steaming, and custom cutting. The website is built on an older TYPO3 CMS platform with legacy JavaScript libraries, indicating a need for modernization. While the site includes essential business information and a cookie consent mechanism compliant with GDPR, it lacks advanced security headers and incident response details. No social media presence or terms of service are evident, which may limit user engagement and trust. Overall, the digital infrastructure is functional but dated, with moderate performance and basic mobile optimization.

P

Cookie-Information

pfeifergroup.com

46

The website analyzed is primarily a cookie information and consent page for www.pfeifergroup.com, providing detailed information about cookie usage including third-party cookies from major providers such as Google, Hotjar, LinkedIn, Matomo, Meta, and Microsoft. The site implements a cookie consent mechanism compliant with GDPR, allowing users to accept all cookies, only essential cookies, or customize their preferences. However, the website content is minimal and focused solely on cookie information without broader business or contact details. WHOIS data for the domain is unavailable, indicating either a recent registration, privacy protection, or a domain registration issue, which impacts trust and legitimacy assessments. Technically, the site uses standard web technologies including JavaScript and CSS, with integrations for analytics and marketing tools, but lacks visible security headers and detailed business information.

H

Hüster GmbH

huester-gmbh.de

53

Hüster GmbH is a small, family-owned manufacturing company based in Germany, specializing in the production of high-quality sawn timber from spruce logs since 1974. The company emphasizes sustainability, ecological responsibility, and precision in its production processes, targeting B2B customers in the wood and construction industries. The website reflects a consistent brand image and provides basic corporate information but lacks detailed contact data and advanced digital features. Technically, the site uses an older JavaScript stack with the Neko Framework and jQuery, offering moderate performance and good mobile responsiveness. Security posture is weak due to lack of HTTPS enforcement, missing security headers, and absence of published security policies. Privacy compliance is limited, with no cookie consent mechanism and only a basic privacy policy page. Overall, the website is functional and professional but requires improvements in security and privacy to enhance trust and compliance.

JamesGreenBlue.com is a personal blog operated by James Greenhalgh focusing on digital strategy, marine conservation, and personal adventures. The site features a collection of blog posts dating from 2020 through 2025, reflecting a niche content approach aimed at environmentally conscious and technology-interested audiences. The business model is primarily content-driven with no evident commercial transactions or services offered. The website is small in scale and founded in 2022, consistent with the domain registration data. Technically, the website is built using the Hugo static site generator, hosted behind Cloudflare DNS services, and leverages Google Fonts for typography. The site is performant, mobile-optimized, and accessible with good SEO practices. No CMS beyond Hugo is detected, and no analytics or tracking scripts are present, indicating a privacy-conscious approach. From a security perspective, the site enforces HTTPS and has domain-level protections such as clientDeleteProhibited and clientTransferProhibited statuses. However, DNSSEC is not enabled, and no security headers are detected in the provided data. There is no published privacy policy, cookie policy, or terms of service, which presents compliance gaps especially regarding GDPR. No contact information or incident response channels are provided, limiting transparency and user trust. Overall, the website is safe, professional, and trustworthy as a personal blog but would benefit from enhanced privacy compliance, security header implementation, and clearer contact information to improve user trust and regulatory adherence.

Weymayer is a small Austrian internet agency specializing in web design, TYPO3, Magento, and freelance web development services. With nearly 20 years of experience, the company positions itself as a reliable and affordable full-service provider targeting businesses and individuals seeking professional web solutions in Austria. The website reflects a consistent and professional brand image with clear contact information and a focus on quality service delivery. Technically, the website employs modern JavaScript libraries such as Three.js for visual effects but lacks advanced CMS detection or extensive platform integrations. The site is moderately optimized for performance and mobile devices but could improve accessibility and SEO features. The absence of cookie consent mechanisms and limited analytics usage indicates a low level of user tracking and data collection. From a security perspective, the website uses HTTPS (assumed from domain), but no security headers were detected in the provided data. There is no published security policy or incident response information, which limits transparency. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is moderate but could benefit from enhancements in headers, policies, and compliance mechanisms. The overall risk assessment is low to moderate, with no critical issues detected. Strategic recommendations include implementing cookie consent, adding security headers, publishing security and incident response policies, and improving mobile and accessibility features to enhance trust and compliance.

Fondation Praz-Soleil is a Swiss non-profit foundation established in 1984, providing medical psychosocial services including an EPSM, supervised apartments, and home care in the Vaud region. The organization collaborates with regional health authorities and is engaged in modernization projects to enhance its service offerings. The website is professionally designed with clear navigation and provides comprehensive contact information and compliance with GDPR through a cookie consent mechanism and a privacy policy document. Technically, the site uses basic but functional technologies including HTML5, CSS, and jQuery, with room for modernization and improved security headers. Security posture is moderate with no critical vulnerabilities detected, but lacks published security policies or incident response contacts. Overall, the website is trustworthy, safe, and well-aligned with the foundation's mission and audience.

C

Financial Discipleship | Compass Europe

compass1.eu

54

The website www.compass1.eu is hosted on the Wix platform and uses standard Wix scripts and polyfills. The site content is minimal and lacks substantive business information, contact details, or policies. The WHOIS data for the domain is unavailable or protected, which limits the ability to verify domain ownership and legitimacy. No privacy, cookie, or terms of service policies are present, and no contact information such as emails or phone numbers are found. The site does not exhibit any WAF or security challenge blocking, indicating it is accessible but lacks security best practices such as security headers or SSL configuration details. Overall, the website appears to be in an early or incomplete state, with low trust and credibility indicators.

E

Eglise MLK

eglisemlk.fr

54

Eglise MLK is a French non-profit religious organization focused on providing spiritual services, community engagement, and religious events. The website serves as a portal for church activities, donations, and community involvement, targeting French-speaking Christian audiences. The organization has an established domain since 2014, consistent with its operational history. Technically, the website is built on WordPress with common plugins and uses AWS for hosting static content. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

The Internationale Gutenberg-Gesellschaft in Mainz e.V. is a well-established non-profit organization dedicated to the research and promotion of printing history and media development. Founded in 1901, it holds a significant position in the cultural and scientific community, particularly in Mainz, Germany. The society offers memberships with benefits such as access to the Gutenberg Museum, exclusive events, and the annual Gutenberg-Jahrbuch publication, targeting researchers, members, and enthusiasts of printing history. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and privacy-conscious Matomo analytics. The site is well-structured, mobile-optimized, and provides clear navigation and content relevant to its audience. Hosting appears stable with agency-managed nameservers. However, there is room for improvement in cookie consent mechanisms and security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. The absence of explicit cookie consent and security policies are notable gaps. No vulnerabilities or suspicious activities were detected. WHOIS data aligns well with the organization's identity and history, supporting legitimacy. Overall, the website presents a trustworthy, professional, and content-rich platform with moderate technical sophistication. Strategic improvements in privacy compliance and security posture would enhance user trust and regulatory adherence.

G

Gutenberg-Shop

gutenberg-shop.de

49

The Gutenberg-Shop is an e-commerce platform associated with the Gutenberg Museum in Mainz, Germany, specializing in exclusive gifts related to the art of printing and book painting. The website targets a general audience interested in cultural and artistic merchandise, offering products crafted using traditional techniques. The business operates in the retail sector with a niche focus on cultural and museum-related products. Technically, the site is built on a modern e-commerce platform (likely Shopware), uses HTTPS, and integrates Matomo analytics for privacy-conscious tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security practices include CSRF protection and cookie consent mechanisms, though explicit privacy and terms of service pages are missing. Overall, the site demonstrates a moderate to good security posture with room for improvement in policy transparency and security headers. The domain registration data is minimal but consistent with the business profile, and no suspicious patterns were detected. The site is safe for general audiences with no adult or questionable content.

The domain bg.de currently hosts a minimal content website that appears to be a parked domain landing page primarily serving advertisements. There is no meaningful business content, no contact information, and no privacy or cookie policies present. The site uses third-party ad scripts and cloudfront CDN for content delivery but lacks any structured data or branding elements. The WHOIS data indicates the domain is in a 'connect' status with parkingcrew.net name servers, consistent with domain parking rather than an active business presence. Technically, the site lacks HTTPS enforcement and security headers, which further reduces trustworthiness and security posture. Overall, the site does not represent an operational business or service and is likely used for ad monetization or domain holding purposes.

N

Nubassa Gewürzwerk GmbH

nubassa.de

51

Nubassa Gewürzwerk GmbH is a well-established German B2B company specializing in the supply of spices, marinades, and food technology solutions with a history spanning over 90 years. The company targets food manufacturers and retailers, offering high-quality products and customer service to facilitate consistent production standards. Their website reflects a professional and consistent brand image, supporting their market position as a reliable partner in the food manufacturing sector. Technically, the website is built on TYPO3 CMS, leveraging modern frontend technologies such as Bootstrap and Font Awesome, and is hosted on German infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks some explicit security headers and published security policies. No critical vulnerabilities or suspicious content were detected, and the domain WHOIS data aligns with the company's German business identity, supporting legitimacy. Overall, the website demonstrates a solid digital presence with room for improvement in privacy and security transparency.

W

webQ GmbH

webq.de

52

webQ GmbH is a well-established full-service advertising agency based in Weinheim, Germany, with 25 years of experience. The company offers a broad range of creative and digital marketing services including web design, graphic design, video production, 3D animation, print, domain registration, hosting, SEO, and consulting. Their target audience includes both public and private sector clients across various industries. The website reflects a professional and consistent brand image with clear contact information and a portfolio of clients, indicating a strong local market presence. Technically, the website is built with modern web standards using HTML5, CSS3, and JavaScript, featuring a strict Content-Security-Policy header and HTTPS usage, which demonstrates a good security posture. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, there is a lack of explicit privacy and cookie policies, which is a compliance gap that should be addressed. Security-wise, the site benefits from HTTPS and CSP headers but lacks other common security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is limited due to DENIC privacy restrictions but shows no suspicious patterns, and the domain age aligns with the company's claimed history. Overall, webQ GmbH presents a trustworthy and professional online presence with room for improvement in privacy compliance and security transparency. Strategic recommendations include adding comprehensive privacy and cookie policies, implementing security.txt for vulnerability disclosure, and enhancing security headers to further strengthen the security posture.

V

Volksbank Alzey-Worms eG

vb-alzey-worms.de

62

Volksbank Alzey-Worms eG is a regional cooperative bank in Germany serving local customers primarily in the Alzey-Worms area. The website presents banking services and financial products with a focus on local presence and customer support. The business model is cooperative banking with a medium-sized regional footprint. The website uses modern web technologies including Angular Material and Dynatrace monitoring, indicating a moderate level of digital maturity. The site is mobile optimized and provides a professional user experience with clear navigation and relevant content. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness. Strategic improvements in privacy compliance and security transparency are recommended to enhance user trust and regulatory adherence.

A

Autohaus Heydasch GmbH

nissan-heydasch-worms.de

49

Autohaus Heydasch GmbH is an established automobile dealership located in Worms, Germany, serving as an official Nissan partner. The company offers a wide range of services including new and used car sales, vehicle trade-ins, service bookings, and maintenance. Their market position is that of a trusted local Nissan dealership catering to private and commercial customers. The website reflects a professional business model focused on automotive sales and services with clear contact channels and customer engagement features. Technically, the site is built on modern frameworks such as React and Next.js, ensuring a responsive and user-friendly experience. Privacy compliance is well addressed with GDPR-aligned policies and a visible data protection officer contact. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are absent. Overall, the website is trustworthy, well-structured, and suitable for its target audience.

LOTTO Rheinland-Pfalz operates as the official state lottery provider for the Rheinland-Pfalz region in Germany, offering a variety of lottery games including LOTTO 6aus49, Eurojackpot, Rubbellose, GlücksSpirale, BINGO!, KENO, and TOTO. The website facilitates online ticket purchases, account registration, and subscription services such as Dauerschein and Jackpot-Jäger. The business is positioned as a trusted regional government entity with a focus on secure and regulated gambling services for adults. The website content is professionally presented, consistent with the brand, and targets adult users interested in lottery gaming. Technically, the website employs modern web technologies including jQuery, SVG icons, and a custom JavaScript framework by MULTA MEDIO AG. It supports progressive web app features and is mobile optimized with responsive design. Analytics are implemented via etracker, and a chat widget from moin.ai is integrated for user support. While the site uses HTTPS and secure login forms, it lacks some security headers and explicit cookie consent mechanisms, which are areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and responsible disclosure availability, but could enhance its posture by adding security headers and publishing incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is limited but does not raise concerns, and the overall legitimacy is supported by consistent branding and government affiliation. Overall, the website is a reliable and professional platform for online lottery services with moderate technical maturity and a solid security baseline. Enhancements in privacy compliance and security headers would further strengthen trust and regulatory adherence.

Ö

Ökumenewerk der Nordkirche

nordkirche-weltweit.de

54

The Ökumenewerk der Nordkirche is a non-profit organization affiliated with the Evangelisch-Lutherische Kirche in Norddeutschland, focusing on fostering ecumenical relationships and social justice initiatives globally. Their website serves as an informational and engagement platform for church members, partners, and volunteers, highlighting international partnerships and advocacy work. The organization maintains a moderate digital maturity with a WordPress-based infrastructure, leveraging caching and security plugins such as Google reCAPTCHA and Borlabs Cookie for consent management. While the site is well-structured and professionally designed with good navigation and mobile optimization, it lacks explicit privacy and terms of service documentation, which are critical for compliance and user trust. Security posture is adequate with HTTPS and some security best practices, but could be improved by adding security headers and incident response information. Overall, the website is safe, trustworthy, and serves its target audience effectively, though it would benefit from enhanced privacy compliance and transparency.

The website centrostudicts.it is currently inaccessible due to a security challenge page implementing a JavaScript-based proof-of-work captcha. This challenge blocks normal access and prevents extraction of meaningful business or contact information. The domain is registered since 2019 with no privacy protection and is set to expire in 2025, indicating a legitimate registration. However, the lack of DNSSEC, security headers, and absence of privacy or cookie policies suggests a weak security posture. The site uses Cloudfront CDN for hosting assets and employs advanced client-side cryptographic challenges to mitigate automated access. Overall, the site is not currently usable for end users without passing the challenge, limiting content and business insight extraction.

C

CCEJ

cckj.ch

48

The website cckj.ch represents a small non-profit organization focused on promoting a charter for Christian children and youth work in Switzerland. The site provides information about the charter, encourages signatories, and targets Christian youth organizations and stakeholders. The business model is centered on advocacy and community engagement within a niche religious and youth sector. Technically, the website is built on WordPress using common plugins such as WPML for multilingual support and Contact Form 7 for user interaction. The site employs Google Analytics and Tag Manager for user tracking, indicating moderate digital maturity. Security posture is basic with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy PDF available but no cookie consent mechanism or GDPR explicit indicators. Overall, the site is functional and professional but could improve in security and privacy compliance to enhance trust and regulatory adherence.

Pfadiheime.ch is a specialized non-profit platform operated by Stiftung Pfadiheime Schweiz, serving as the primary directory and booking platform for scout homes across Switzerland. With over 25 years of history, it provides comprehensive search and booking functionalities tailored to scout groups and home administrators. The platform also promotes HeimV, a home management software, enhancing operational efficiency for home administrators. The website is well-structured, mobile-optimized, and offers clear navigation, targeting a niche audience effectively. Technically, the site leverages modern web technologies including HTML5, CSS3, JavaScript with jQuery, and likely a Ruby on Rails backend. The presence of CSRF tokens indicates attention to form security, though there is room for improvement in security headers and privacy compliance mechanisms. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site uses HTTPS and includes CSRF protection but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact information is limited to a general info email, with no phone or physical address provided. Overall, the platform presents a trustworthy and professional service with a strong business credibility score. Strategic improvements in privacy compliance, security headers, and incident response documentation would enhance its security posture and regulatory adherence.

P

Pfadibewegung Schweiz

pfadi.swiss

60

Pfadibewegung Schweiz operates the website pfadi.swiss, serving as the largest youth scouting organization in Switzerland with approximately 51,000 members. The website provides information about scouting activities, international events, and resources for children, teenagers, and their families. The organization is well-established with a domain registered since 2017, consistent with its public presence. The website is professionally designed, mobile-optimized, and uses privacy-friendly analytics, reflecting a moderate to high level of digital maturity. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is adequate with HTTPS enabled and domain transfer protections, but could be improved by enabling DNSSEC and implementing security headers. Overall, the site is trustworthy and serves its non-profit mission effectively.

S

ServusTV On

servustv.com

67

ServusTV On is a professional Austrian media platform providing livestreams, on-demand content, TV programming, and news primarily in German. The website targets German-speaking audiences interested in sports, news, and entertainment. The platform leverages modern web technologies including Next.js and uses CDNs such as Red Bull's for content delivery. The site is well-designed, mobile-optimized, and includes structured data for SEO. Security posture is good with HTTPS enforced, but lacks explicit security headers and visible privacy or cookie policies. WHOIS data is unavailable, which raises some concerns about domain registration transparency. Overall, the site appears legitimate and professionally maintained but would benefit from improved privacy compliance and clearer contact information.

K

Kelly Ges.m.b.H.

kellys.at

50

Kelly Ges.m.b.H. is a well-established Austrian snack manufacturer and retailer specializing in chips, popcorn, nuts, and other snack products. The company has a strong market position in Austria as a market leader and is part of the larger Intersnack Group. Their website reflects a mature digital presence with a comprehensive product catalog, engaging content such as recipes and party planning tools, and active social media integration. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, indicating a preference for open-source and privacy-conscious tools. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and cookie consent mechanisms could be improved. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives.

T

Transdanubia

transdanubia.com

55

Transdanubia is a transport and logistics service provider emphasizing faster, safer, and more reliable services in a dynamic environment. The website presents core business areas including transport, forwarding, and logistics but lacks detailed company information or contact data. The technical infrastructure includes usage of Google Maps API and custom JavaScript, with a basic design and moderate navigation clarity. However, the site lacks advanced CMS or analytics integrations and shows limited mobile optimization and accessibility features. Security posture is minimal with no evident security headers or privacy policies, and WHOIS data is missing, raising concerns about domain legitimacy. Overall, the site is functional but basic, with room for improvement in security, compliance, and business transparency.

V

VERBUND

verbund.com

75

VERBUND is Austria's leading energy company and a major producer of electricity from renewable sources in Europe. The company focuses on sustainable energy generation using water, wind, and solar power, positioning itself as a key player in the clean energy transition. The website reflects a mature digital presence with comprehensive corporate information, investor relations, and sustainability initiatives. The technical infrastructure includes a custom CMS, modern JavaScript frameworks, and integration with Google Tag Manager and a consent management platform, indicating a commitment to privacy and analytics best practices. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly available. Overall, the website is professional, trustworthy, and compliant with GDPR, serving a broad audience including customers, investors, and partners.

INTERSPORT Austria operates as the leading sports retail company in Austria, offering a broad range of sports products through its online platform and physical stores. The website is professionally designed with a clear focus on the Austrian market and sports enthusiasts. The technical infrastructure employs modern web technologies such as HTML5, CSS3, JavaScript, and popular libraries like Swiper.js for sliders and Google Maps API for store location services. Mobile optimization and user experience are excellent, supporting a broad customer base effectively. However, the website lacks visible privacy and cookie policies, which are critical for GDPR compliance and user trust. Security posture is moderate due to the absence of explicit security headers and incident response information, which should be addressed to enhance protection and compliance. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and trustworthy operation.

B

Burgenland Tourismus GmbH

burgenland.info

47

Burgenland.info is the official tourism website for the Burgenland region in Austria, providing comprehensive travel information, cultural highlights, and leisure activities. The site targets tourists and visitors seeking detailed guidance on visiting Burgenland, positioning itself as a trusted regional tourism authority. The business model focuses on tourism promotion and visitor engagement through digital content and event information. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies including JavaScript, CSS, and HTML5. It integrates multiple marketing and analytics tools such as Cookiebot for consent management, Facebook Pixel for advertising, Google Tag Manager, and Matomo for analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and incident response information are not evident, suggesting room for improvement in security posture transparency. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a professional, trustworthy, and privacy-compliant digital presence for Burgenland tourism. The lack of WHOIS data limits domain registration insights, but the official nature and content quality support legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure channel to strengthen trust and security readiness.

Q

Quiz Maker

quiz-maker.com

60

Quiz Maker is a technology-driven SaaS platform specializing in online quiz creation, offering users the ability to generate customized quizzes quickly, including AI-generated quizzes. The platform targets educators, marketers, and businesses aiming to engage audiences and capture leads. With over 15 million quizzes created over a decade, it holds a strong market position as an established quiz solution provider. The website features a user-friendly interface with clear navigation and mobile optimization, supporting a broad user base.

Y

Y - Culte Louange

ycultelouange.com

56

The website 'Y - Culte Louange' is a French-language religious community platform hosted on the Wix platform. It provides services such as event agendas, sermons, forums, and contact options for its community members. The site is designed with a consistent branding approach and offers a good user experience with clear navigation and mobile optimization. Technically, it leverages Wix's Thunderbolt framework and standard web technologies, ensuring moderate performance and basic accessibility. Security-wise, the site benefits from HTTPS but lacks advanced security headers and formal privacy or incident response policies, which are areas for improvement. The absence of WHOIS data raises concerns about domain registration legitimacy, impacting overall trust. Strategic recommendations include enhancing security headers, adding privacy and cookie policies, and verifying domain registration to improve credibility and compliance.