Security Directory

E

Eglise Evangélique Connexion

egliseconnexion.ch

62

Eglise Evangélique Connexion is a small non-profit evangelical church based in Montagny-près-Yverdon, Switzerland. The website serves as a community portal for families and individuals interested in contemporary biblical teachings. The organization focuses on religious services and community engagement without commercial activities. Technically, the website is built on the Wix platform using Wix Thunderbolt framework, with standard Wix scripts and styles. It is mobile optimized and uses HTTPS, but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing security headers and formal privacy or cookie policies. No forms or analytics tools are present, indicating minimal data collection and tracking. Overall, the website is legitimate and trustworthy but could improve in privacy compliance and security best practices.

É

Église évangélique Béthel

ebyv.ch

52

Église évangélique Béthel is a small, local evangelical church based in Yverdon-les-Bains, Switzerland. The organization focuses on religious services and community engagement centered on the authority of the Bible and the teachings of Jesus Christ. The website serves as a portal for information about the church, its programs, and media such as photos and videos. The pastor is identified as Serge Viret, reinforcing the community and leadership structure. Technically, the website uses standard web technologies including HTML5, CSS3, and JavaScript with a slider library for image display. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation. However, it lacks advanced technical frameworks or CMS indications.

R

Start Reiskorn | Reiskorn

reiskorn.at

56

The website www.reiskorn.at is a small business site hosted on the Wix platform, targeting an Austrian audience. The site appears to be in German language and uses standard Wix technologies including JavaScript, CSS, and Wix's proprietary scripts. The business description and detailed services are not clearly extractable from the provided HTML content, indicating minimal content presence or content loading dynamically beyond the provided snapshot. The technical infrastructure is typical for Wix-hosted sites, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled and some cookie handling scripts, but lacks explicit security headers and publicly disclosed security policies. Privacy compliance is weak due to absence of visible privacy or cookie policies and consent mechanisms. Business credibility is moderate but limited by lack of visible contact information and trust indicators. Overall, the site is functional but would benefit from enhanced content, privacy disclosures, and security best practices.

J

JUNE - Online Marketing Cloud

juneapp.com

68

JUNE - Online Marketing Cloud is a German-based SaaS company founded in 2016, providing comprehensive online marketing solutions including email marketing, landing pages, workflow automation, and WhatsApp communication. The company targets businesses and marketers seeking flexible, no-code marketing tools. With over 1000 users and ISO 27001 certification, JUNE holds a reputable market position supported by strong branding and client trust signals. The website is professionally designed, mobile-optimized, and integrates multiple marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, domain transfer protection, and certification, although DNSSEC is not enabled and explicit privacy and terms pages are missing. Overall, the site demonstrates a high level of business credibility and technical competence.

The website icefat.org is currently inaccessible beyond a security challenge page that performs browser verification before granting access. This indicates the presence of a Web Application Firewall (WAF) or anti-bot protection mechanism, which blocks direct content access. Due to this, no business-related content, contact information, or policies are available for analysis. The domain is long-standing, registered since 1999 with Network Solutions, LLC, and is not privacy protected, which suggests legitimacy. However, the lack of accessible content and absence of HTTPS or security headers reduces trust and usability. The technical infrastructure appears minimal, with DNS parking name servers and no visible CMS or frameworks. Security posture is weak due to missing HTTPS and security headers, and privacy compliance is absent. Overall, the site is not currently usable for end users or analysis beyond the WAF challenge.

A

ARTIM

artim.org

61

ARTIM is a consortium of premier fine art logistics companies established in 2001, serving leading museums, galleries, auction houses, dealers, and private collectors worldwide. The website presents a professional image consistent with its business focus on specialized transportation and handling of fine art. The technical infrastructure is based on the Wix platform, leveraging Wix Thunderbolt framework and standard JavaScript polyfills, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage and some JavaScript hardening, but lacks explicit security headers and formal privacy or cookie policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common for such consortium websites. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security disclosures.

S

Smith Optics

smithoptics.com

9

Smith Optics operates a professional e-commerce website specializing in eyewear products including sunglasses, prescription glasses, goggles, helmets, apparel, and accessories. The website is built on the Shopify platform, leveraging modern e-commerce technologies and third-party marketing and analytics tools such as Klaviyo, Yotpo, and Cookiebot. The site demonstrates good design quality, mobile optimization, and accessibility, providing a positive user experience for its target audience of outdoor enthusiasts and consumers seeking performance and lifestyle eyewear. However, the absence of publicly accessible WHOIS data and missing explicit privacy and terms of service pages reduce transparency and privacy compliance confidence. Security posture is strong with HTTPS enforced and cookie consent implemented, but there is room for improvement in publishing security policies and contact information. Overall, the website is credible and functional but would benefit from enhanced compliance and transparency measures.

B

blackcrows

black-crows.com

73

Black Crows operates a professional e-commerce website specializing in skis and outerwear, targeting winter sports enthusiasts. The company presents a strong market position as a niche premium brand with a comprehensive product range including skis, poles, apparel, and accessories. The website is built on the Shopify platform, leveraging modern technologies such as Alpine.js and Tailwind CSS, and integrates multiple marketing and analytics tools including Google Tag Manager, Microsoft Clarity, and Klaviyo. The site demonstrates excellent design quality, mobile optimization, and user experience, with clear navigation and consistent branding. Security posture is strong with HTTPS enforcement, security headers, and secure payment integrations, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. WHOIS data aligns with the business claims, indicating legitimacy and transparency. Overall, the website is a secure, professional, and trustworthy platform for Black Crows' e-commerce operations.

S

Sage

sage.com

72

Sage is a well-established enterprise software company specializing in AI-powered business management solutions including accounting, payroll, HR, and ERP software. The website demonstrates a strong market position with a comprehensive product portfolio targeting businesses of all sizes, from sole traders to large enterprises. The digital infrastructure is modern, leveraging Sitecore CMS, RequireJS, and advanced monitoring tools like New Relic and SpeedCurve, ensuring fast performance and excellent user experience. Security posture is robust with HTTPS enforcement, multiple security headers, and ISO 27001 certification, although explicit incident response contacts and vulnerability disclosure policies are not publicly evident. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations, supporting a high level of business credibility.

R

Rheinischer Turnerbund e.V.

rtb.de

58

Rheinischer Turnerbund e.V. (RTB) is a regional non-profit sports federation based in Germany, focusing on supporting sports clubs and promoting gymnastics and physical education in the Rhineland region. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and hosting services, with moderate performance and good mobile optimization. The site includes basic structured data for business identification but lacks comprehensive privacy, cookie, and terms of service policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

D

Deutscher Motor Sport Bund e.V.

dmsb.de

54

The Deutscher Motor Sport Bund e.V. (DMSB) is the national governing body for motorsport in Germany, serving as a non-profit federation overseeing various motorsport disciplines. The website reflects a professional and well-structured digital presence, built on the TYPO3 CMS platform, with a focus on accessibility as evidenced by the integrated accessibility tool. The site targets German motorsport participants and enthusiasts, providing regulatory information, licensing, and event support services. Technically, the site employs modern web standards and includes Google Analytics for user tracking, though it lacks explicit cookie consent mechanisms and privacy policy disclosures. Security posture is adequate with HTTPS enforced, but could be improved by adding security headers and formal security policies. Overall, the domain and website appear legitimate and consistent with the organization's mission, though WHOIS data is minimal.

G

Graewe

graewe.de

60

Graewe is a manufacturing company specializing in screws, bolts, and turned parts, positioning itself as a reliable European partner in the industrial sector. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard Wix hosting and scripts. While the site presents professional and relevant content for its target industrial audience, it lacks critical privacy and security disclosures such as privacy policies, cookie consent mechanisms, and incident response contacts. The security posture is basic with HTTPS enabled but missing advanced security headers. Overall, the site is functional and professional but would benefit from enhanced compliance and security measures to improve trust and regulatory adherence.

C

Crew Knüttel Motorsport GmbH & Co.KG

reifen-knuettel.de

47

Crew Knüttel Motorsport GmbH & Co.KG is a specialized motorsport company based in Germany, established in 1984, providing racing tire services and support for various motorsport disciplines. The company maintains a professional online presence with a well-structured website offering detailed information about their services, team, and contact points. Their market position is that of a traditional, niche service provider in the motorsport sector, targeting racing teams and motorsport enthusiasts. Technically, the website employs modern web technologies including JavaScript libraries like Splide.js and jQuery, and is optimized for mobile devices with responsive design elements. However, there is room for improvement in accessibility and performance optimization. Security-wise, the site uses HTTPS but lacks visible security headers and formal security policies, which could be enhanced to improve trust and compliance. Privacy compliance is partially addressed with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy but could benefit from stronger security and privacy features.

I

IHK Hessen innovativ GbR

ihk-hessen-innovativ.de

52

IHK Hessen innovativ GbR is a regional service organization affiliated with the Industrie- und Handelskammern (IHK) in Hessen, Germany. The company provides free and paid consulting services, webinars, seminars, and networking opportunities to support innovation and business development for founders, professionals, and executives in Hessen. Their market position is that of a trusted regional innovation partner with a strong focus on digital transformation and business growth. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Matomo analytics for privacy-conscious tracking, and a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not published. Overall, the website is trustworthy, professional, and well-aligned with its business purpose.

D

Direktoratet for forvaltning og økonomistyring (DFØ)

anskaffelser.no

63

Anskaffelser.no is a Norwegian government portal managed by the Direktoratet for forvaltning og økonomistyring (DFØ), providing authoritative information, tools, and guidance on public procurement. The site targets public sector procurement professionals in Norway, offering comprehensive resources on regulations, sustainable procurement, and innovative purchasing practices. The website is well-branded, professionally designed, and consistent with government standards, reflecting a high level of trust and credibility. Technically, the site is built on Drupal 10 with modern JavaScript libraries, ensuring good performance, accessibility, and mobile optimization. Security posture is solid with HTTPS enforced and anti-bot measures on forms, though some security headers could be improved. Privacy compliance is adequate with links to comprehensive privacy policies on the parent organization’s site, but explicit cookie consent mechanisms are not evident. Overall, the site is a reliable and professional resource with a strong business credibility and moderate to high technical maturity.

Fischer Power Solutions Germany operates as a specialized provider of power and energy storage solutions, targeting industrial and commercial clients primarily in Germany. The company offers battery systems and energy management technologies, positioning itself as a niche player in the energy sector. The website reflects a professional digital presence with a focus on clear communication of services and compliance with privacy regulations. Technically, the site uses modern web technologies including Cookiebot for consent management and web fonts for branding consistency. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response policies. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall professional presentation and compliance indicators suggest a legitimate business. Strategic recommendations include enhancing security headers, publishing security policies, and improving transparency around domain registration to strengthen trust.

Douglas GmbH operates a leading beauty and cosmetics retail website in Austria, offering a wide range of perfumes, skincare, and makeup products. The company holds a strong market position as a top beauty retailer with both online and physical store presence. The website is professionally designed, mobile optimized, and provides comprehensive customer support and privacy information. Technically, the site leverages modern JavaScript frameworks, performance monitoring tools like Instana, and integrates marketing and analytics services such as Adobe Experience Platform and Criteo. Security posture is strong with HTTPS enforcement and security headers, though public security policies and vulnerability disclosure mechanisms are absent. Overall, the domain and website present a trustworthy and mature e-commerce platform with good compliance to GDPR and privacy standards.

S

Service national Abus dans le contexte ecclésial

abus-cath-info.ch

50

The website 'abus-cath-info.ch' serves as a national initiative focused on scientific research and treatment of sexual abuse within the Catholic Church in Switzerland. It is supported by major Swiss Catholic organizations including the CES, RKZ, and KOVOS, positioning it as a credible and authoritative source on this sensitive topic. The site provides resources for victims, updates on research projects, and information on church measures to address abuse. The target audience includes victims, researchers, church authorities, and the general public concerned with this issue. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, and uses Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, though no explicit CMS or hosting provider is identified. Performance is moderate with good navigation and professional design. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible advanced security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is adequate with a privacy policy present, but no cookie consent mechanism is detected. No forms collecting personal data are found on the homepage. Overall, the website is trustworthy, professionally maintained, and fulfills its mission effectively. Strategic recommendations include implementing cookie consent, publishing security and incident response policies, and enhancing security headers to improve compliance and security posture.

I

ImmoScout24

immoscout24.de

10

ImmoScout24 is a leading German real estate marketplace platform offering extensive listings for renting, buying, and selling residential and commercial properties. The platform targets both private individuals and professional real estate agents, providing services such as property search, listing, valuation, and digital management tools. The website demonstrates a high level of digital maturity, utilizing modern web technologies like React and Next.js, hosted on AWS infrastructure, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though there is room for improvement in security headers and published security policies. Privacy compliance is moderate due to the absence of explicit privacy and cookie policies in the analyzed content. Overall, the platform is professional, trustworthy, and well-positioned in the German real estate market.

M

MHZ Hachtel & Co AG

mhz.ch

53

MHZ Hachtel & Co AG operates a professional website focused on custom window coverings including plissee, rollos, jalousies, curtains, and outdoor sun protection products. The company targets consumers and professionals in Switzerland and neighboring regions, offering a product configurator and multi-language support to enhance user experience. The website is built on TYPO3 CMS with modern frontend technologies and integrates Google Tag Manager and Usercentrics for analytics and privacy compliance. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit privacy policy and terms of service pages are not detected in the provided content. Overall, the website reflects a mature digital presence with good business credibility and technical implementation.

A

architects—Alliance

architectsalliance.com

59

architects—Alliance is a Toronto-based architectural design practice specializing in city building and a broad range of architectural services including schools, galleries, affordable housing, and urban parks. They serve clients in Canada, the United States, and Europe, positioning themselves as designers, researchers, and urbanists focused on meaningful urban spaces. The website presents a professional portfolio with detailed project imagery and client testimonials, reflecting a well-established presence in the architectural sector. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and lazy loading for images, along with Adobe Typekit fonts for typography. The site is mobile optimized and accessible, with an explicit accessibility statement demonstrating commitment to inclusivity. However, no CMS or hosting provider details are evident, and performance is moderate. Security posture is moderate with HTTPS implied but no explicit security headers detected. The absence of privacy and cookie policies, WHOIS registration data, and vulnerability disclosure mechanisms represent compliance and trust gaps. No forms on the homepage reduce exposure to input-based vulnerabilities. Social media presence is limited to Twitter and Instagram. Overall, the site is professional and trustworthy in content and design but requires improvements in domain registration transparency, privacy compliance, and security best practices to enhance trust and reduce risk.

A

ACO

draindesign.aco

58

ACO is a global leader in surface water management systems, specializing in manufacturing and supplying a wide range of drainage channels and grating styles. The website targets designers, engineers, and urban planners, providing product information and design support. The digital infrastructure is modern, leveraging Vue.js and progressive web app technologies, but lacks visible privacy and security policies. Analytics are implemented via Google Tag Manager without explicit cookie consent mechanisms. Security posture is moderate with no detected security headers and unknown SSL configuration. Overall, the website is professional and content-rich but requires improvements in privacy compliance and security transparency.

T

Turn2us

turn2us.org.uk

77

Turn2us is a UK-based national charity dedicated to providing information and support to individuals facing financial insecurity. The organization helps people access benefits and charitable grants, positioning itself as a trusted resource in the non-profit sector. The website reflects a professional and user-friendly design, with clear navigation and comprehensive content tailored to its target audience. Technically, the site employs modern JavaScript frameworks, integrates third-party services such as Stripe for payments, Google Analytics for tracking, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms with granular controls, but lacks explicit security headers and a published security policy or incident response contact, which are recommended for enhanced trust and compliance. Overall, the website is safe, trustworthy, and compliant with GDPR, though improvements in security transparency and WHOIS data clarity are advised.

W

Woosmap

woosmap.com

64

Woosmap is a technology company specializing in location intelligence solutions, offering a suite of APIs and services that transform location data into actionable insights. Their platform supports a wide range of industries including retail, e-commerce, logistics, hospitality, finance, and government sectors. The company positions itself as a privacy-conscious provider with GDPR-compliant solutions, catering primarily to developers and enterprises seeking scalable geolocation services. The website showcases strong branding, client testimonials, and detailed product offerings, reflecting a mature market presence.

S

SEFE Energy UK

sefe-energy.co.uk

60

SEFE Energy UK is a reputable business energy supplier operating primarily in the UK market, offering a broad range of gas, electricity, and renewable energy products tailored to business customers. The company is part of the larger SEFE Group, which has a strong European presence and a focus on decarbonisation and sustainable energy solutions. Their website reflects a professional and modern digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the site leverages modern web technologies including Umbraco CMS, Vue.js components, and integrates multiple analytics and marketing tools with user consent mechanisms. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is unavailable due to a registry error indicating the domain name is invalid, which is a concern for domain legitimacy but the website content and business information are credible and consistent with a legitimate energy supplier. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with minor penalties for WHOIS inconsistencies and missing security policy disclosures.

E

Elektro Lichtin AG

elektrolichtin.ch

48

Elektro Lichtin AG is a small regional electrical services company based in Möhlin, Switzerland, specializing in electrical installations, lighting, safety systems, network infrastructure, and household appliances. The website is primarily in German and targets local customers seeking professional electrical services. The business model focuses on service provision with a clear physical presence and contact information. The company maintains a moderate market position as a trusted local provider. Technically, the website uses standard HTML5 and CSS with JavaScript enhancements, including Google Analytics with IP anonymization and a cookie consent banner, indicating basic digital maturity and privacy awareness. The site is moderately optimized for mobile and accessibility but lacks advanced frameworks or CMS indications. Performance is moderate with no critical errors detected. From a security perspective, the site uses HTTPS (assumed from external Google Analytics scripts loaded over HTTPS), but no explicit security headers were detected in the provided data. The presence of cookie consent and anonymized analytics is positive, but the absence of published security policies or incident response information suggests room for improvement. No vulnerabilities or suspicious content were found. Overall, the website is professional, trustworthy, and safe for general audiences. The risk level is low, but strategic improvements in security headers, incident response transparency, and privacy policy detail would enhance compliance and trust.

G

Gemeinde Therwil

therwil.ch

67

Gemeinde Therwil operates as the official municipal government website for the community of Therwil in Switzerland. It provides residents and visitors with comprehensive information about local administration, education, social services, public safety, events, and waste management. The website serves as a digital portal for accessing municipal services, announcements, and contact information, positioning itself as a trusted local government resource. Technically, the site is built on the Weblication CMS platform, utilizing standard web technologies such as HTML5, CSS3, JavaScript, and jQuery, with video content delivered via Video.js. The site demonstrates good mobile optimization and clear navigation, though accessibility features could be enhanced. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response policies. Overall, the website is professional, trustworthy, and compliant with privacy regulations, serving its public sector role effectively.

The website smith-nephewonline.com currently serves a 404 error page indicating that the content is missing or the page never existed. There is no visible business information, contact details, or policies on the site. The domain is registered since 2013 with a reputable registrar, suggesting the domain is legitimate but the website is either under maintenance or abandoned. The technical infrastructure is minimal, with basic HTML, CSS, and JavaScript, and no advanced frameworks or CMS detected. Security posture is weak due to lack of HTTPS enforcement and absence of security headers. No privacy or cookie policies are present, indicating poor compliance with data protection regulations. Overall, the site is non-functional and lacks trust and professionalism.

S

SEFE Energy NL

sefe-energy.nl

66

SEFE Energy NL is a specialized energy supplier focused on providing business customers in the Netherlands with gas and electricity solutions, including green energy options. The company positions itself as a customer-centric and sustainability-conscious partner with over 12 years of experience. Their digital presence is modern and professional, leveraging Umbraco CMS, Vue.js, and multiple analytics and marketing tools to deliver a responsive and user-friendly website. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, although some security headers could be improved. The domain registration data aligns well with the business claims, supporting legitimacy. Overall, SEFE Energy NL demonstrates a mature digital infrastructure and a trustworthy market position in the energy sector.

H

Hydrogen Germany

hydrogen-germany.de

58

Hydrogen Germany is a leading German economic alliance focused on promoting clean energy through hydrogen technologies. The organization serves as a platform uniting companies and associations across the hydrogen value chain to accelerate Germany's transformation into a hydrogen economy. The website presents comprehensive information about hydrogen production, transport, and application, targeting industry stakeholders and policymakers. Technically, the site is built on WordPress, uses modern JavaScript libraries, and is hosted with Cloudflare DNS and CDN services, ensuring good performance and security. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, making it a credible source for hydrogen industry information in Germany.

T

Tucher Privatbrauerei

tucher-privatbrauerei.de

67

Tucher Privatbrauerei is a historic German brewery established in 1672, specializing in the production and distribution of premium beer products primarily targeted at mature audiences. The company maintains a strong market position as a national premium beer manufacturer with a focus on craftsmanship, reliability, and tradition. Their website reflects this heritage with professional design, clear navigation, and content emphasizing their brand values and product range. The site includes age verification to comply with alcohol advertising regulations and links to responsible drinking campaigns, underscoring their commitment to social responsibility. Technically, the website employs modern web technologies including Google Tag Manager for analytics and Usercentrics for consent management, ensuring GDPR compliance. The site is mobile-optimized with good SEO practices and moderate performance. However, no CMS or hosting provider details were detected, and accessibility features are basic. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and a vulnerability disclosure page suggests room for improvement. From a security perspective, the site shows good compliance with privacy regulations and responsible data handling, but lacks explicit incident response contacts and security.txt files. No vulnerabilities or suspicious domains were detected. The WHOIS data confirms the domain's legitimacy and consistency with the business claims, supporting a high trustworthiness rating. Overall, the website presents a professional and trustworthy digital presence for Tucher Privatbrauerei, with strong compliance and security foundations. Strategic recommendations include enhancing security headers, publishing incident response information, and improving accessibility to further strengthen their security posture and user trust.

T

Tucher

tucher.de

64

Tucher is a historic German brewery established in 1855, specializing in the production and promotion of traditional beers such as Weizenbier and Rotbier. The website reflects a mature, professional brand targeting adult consumers with a focus on cultural heritage and responsible alcohol consumption. The company maintains a moderate digital presence with social media integration and offers brewery tours and engagement initiatives. Technically, the website employs modern JavaScript libraries and consent management tools, ensuring GDPR compliance and user privacy. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. Overall, the site is well-structured, mobile-optimized, and trustworthy, with no signs of blocking or WAF interference.

M

Mad Mimi

madmimi.com

66

Mad Mimi was a SaaS email marketing platform founded in 2006, offering services such as HTML email newsletters, subscriber growth, and email list management. The service was retired as of August 30, 2024, with GoDaddy consolidating its email marketing offerings under GoDaddy Digital Marketing. The website content reflects this transition and directs users to GoDaddy's new platform. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for bot protection, and is hosted via GoDaddy and Cloudfront CDN. However, DNSSEC is not enabled, and no explicit security headers are present, indicating room for security improvements. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service on the homepage. Overall, the site is functional but minimal, reflecting the retirement status of the service.

A

Allianz Lebensversicherungs-Aktiengesellschaft

chemie-verbandsrahmenvertrag.de

60

The website www.chemie-verbandsrahmenvertrag.de serves as an informational and service platform for the Chemie-Verbandsrahmenvertrag, a tariff-based pension scheme for employers and employees in the chemical industry in Germany. Operated under the Allianz Lebensversicherungs-Aktiengesellschaft brand, it provides detailed information about membership, offers, administration, and support services. The site targets chemical industry companies and their workforce, offering tools such as an offer calculator and online login services. The business model focuses on facilitating pension scheme participation and management within the chemical sector, supported by industry partners BAVC and IG BCE. Technically, the website is built on the ecomas CMS platform, utilizing standard web technologies including JavaScript and CSS. It demonstrates good mobile optimization, accessibility features, and SEO practices. The site employs HTTPS with strong SSL configuration and includes a cookie consent mechanism compliant with GDPR. No major security vulnerabilities or exposed sensitive data were detected, though formal security policies and incident response contacts are not published. From a security perspective, the site maintains a solid posture with encrypted connections and privacy compliance. However, it lacks explicit security policy documentation and vulnerability disclosure mechanisms, which could be improved. The WHOIS data is minimal but consistent with the business purpose, and no WAF or blocking mechanisms interfere with content access. Overall, the website is professional, trustworthy, and well-suited for its target audience. Strategic recommendations include enhancing published security policies, adding incident response contacts, and implementing security.txt for vulnerability reporting to further strengthen trust and compliance.

I

IG BCE (Industriegewerkschaft Bergbau, Chemie, Energie)

igbce.de

60

The IGBCE website represents a major German trade union focused on the mining, chemical, and energy sectors. It provides comprehensive information for employees about collective bargaining, tariff policies, education, and member services. The site is professionally designed with consistent branding and rich content targeted at union members and stakeholders in Germany. Technically, the site uses CoreMedia CMS, modern JavaScript libraries, and includes bot protection via Friendly Captcha. Analytics are implemented with Etracker, respecting user privacy and cookie consent. Security posture is good with HTTPS and consent mechanisms, though some security headers and explicit policies are missing. Overall, the site is trustworthy and well-maintained, serving a large membership base effectively.

D

Dive Damai

dive-damai.com

57

Dive Damai operates a luxury liveaboard diving service in Indonesia, targeting scuba diving enthusiasts seeking premium travel experiences. The website provides detailed information about their trips, destinations, itineraries, and schedules, positioning itself as a niche player in the hospitality sector focused on diving tourism. The business appears small but professional, with clear contact information and a consistent brand presentation. Technically, the website is built on the Wix platform, leveraging modern web technologies and delivering a good user experience with mobile optimization. However, the site lacks advanced security headers and privacy compliance features, which are important for protecting user data and building trust. From a security perspective, HTTPS is enabled, but the absence of WHOIS registration data raises concerns about domain legitimacy. No privacy or cookie policies were found, and no incident response or security contact information is provided. These gaps suggest room for improvement in compliance and security posture. Overall, the site is functional and professional but would benefit from enhanced security practices, privacy compliance, and verification of domain registration to improve trustworthiness and reduce risk.

H

HoliThemes

holithemes.com

56

HoliThemes is a technology company specializing in WordPress plugins, notably a WhatsApp integration plugin with over 600,000 active installations. The company operates a professional website built on WordPress using modern themes and optimization plugins, targeting website owners and digital marketers seeking to enhance their web presence. Their market position is that of a niche but well-established plugin provider with a clear focus on digital product sales and web technologies. The website demonstrates a mature technical infrastructure with good performance, SEO, and mobile optimization, leveraging tools like WP Rocket and Rank Math SEO. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though it lacks advanced security headers and published security policies. Privacy compliance is addressed with a cookie consent mechanism and privacy policy, but incident response and vulnerability disclosure information are absent. Overall, the site is trustworthy, professional, and well-maintained, with room for improvement in security transparency and formal policies.

The website standortportal-bielefeld.de serves as a specialized commercial real estate portal for the Bielefeld region in Germany, operated by WEGE Wirtschaftsförderung für Bielefeld GmbH. It provides comprehensive listings and information on commercial properties and land for businesses seeking office, retail, industrial, or other commercial spaces. The platform also supports property owners, brokers, and project developers with listing and networking services. The site is professionally designed with a clear focus on its target audience of businesses and real estate stakeholders in Bielefeld. Technically, the website employs modern JavaScript frameworks including Chakra UI and OpenLayers for mapping functionalities, with custom fonts enhancing branding. Hosting is managed via rzone.de, and the site demonstrates moderate performance and good mobile optimization. SEO practices are adequately implemented, though accessibility is basic. No major technical red flags were detected in the provided HTML content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML. However, it lacks visible security headers and explicit security or incident response policies. No cookie consent mechanism was found, which is a GDPR compliance gap. The absence of direct contact emails or phone numbers reduces transparency somewhat. No vulnerabilities or malicious content were detected. Overall, the website is a trustworthy and professional portal for commercial real estate in Bielefeld, with room for improvement in security best practices and privacy compliance. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

DataCharts is a small German business specializing in the creation of tailored interactive dashboards and data visualizations to support decision-making for municipalities, regions, and businesses. Their key products include RegioBoard, KonjunkturBoard, and ResultBoard, which focus on economic, demographic, and survey data visualization. The company collaborates with partners such as pro Wirtschaft GT GmbH and has received an award for innovative economic development solutions. The website is professionally designed using an HTML5 UP template, with good mobile optimization and clear navigation. Technical infrastructure is basic but sufficient, relying on standard web technologies like HTML5, CSS3, and jQuery, hosted on a German hosting provider (1blu GmbH). Security posture is moderate, with cookie consent implemented but lacking advanced security headers or published security policies. No forms collecting sensitive data were detected, and no analytics or tracking scripts are present, indicating a privacy-conscious approach. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and suitable for its target audience, though improvements in security best practices and incident response transparency are recommended.

B

Berufskolleg für Gymnastik Bielefeld

berufskolleg-gymnastik.de

43

Berufskolleg für Gymnastik Bielefeld is a private vocational school in North Rhine-Westphalia, Germany, specializing in gymnastics education with state recognition as an Ersatzschule. The website serves prospective and current students by providing information about training programs, school details, and news updates. The institution occupies a niche market in vocational education with a clear focus on gymnastics. Technically, the website is built on WordPress 6.8.3, employing standard web technologies and plugins for spam protection and cryptography. The site is mobile-optimized and accessible, with good SEO practices and structured data enhancing search visibility. Security posture is solid with HTTPS enforced and spam protection in place, though it lacks some security headers and formal security policies. No cookie consent mechanism was detected, which may affect GDPR compliance. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

The website verkehr.amstools.de is a login portal primarily serving registered users or employees, likely related to transportation services or tools. The site is powered by TYPO3 CMS version 4.5, indicating an older technology stack. The content is minimal, focused solely on user authentication without any public-facing business information or marketing content. The lack of privacy, cookie, or terms of service policies suggests limited compliance with modern data protection standards. Technically, the site uses basic CSS and JavaScript with no detected advanced frameworks or analytics tools. Security posture is limited due to absence of security headers and unknown SSL status, though the login form uses password fields appropriately. The domain uses proxy name servers, which may reduce transparency but no overt suspicious patterns were found. Overall, the site appears to be an internal or restricted access platform with basic technical implementation and limited public information.

O

Open Text

edgepilot.com

67

The website analyzed is a login portal for EdgePilot, a product or service under the enterprise software company Open Text. The portal is designed for enterprise users to authenticate and access services related to EdgePilot. The site is minimalistic, focusing on secure login functionality with a form protected by anti-forgery tokens and integration with OpenID Connect protocols. Branding and privacy policy links confirm affiliation with Open Text, a well-established technology company specializing in enterprise information management solutions. From a technical perspective, the site uses ASP.NET Identity framework and OpenID Connect for authentication, indicating a mature and secure identity management infrastructure. The technology stack includes .NET Framework 4.6.1, JavaScript, and CSS. However, no advanced security headers were detected in the provided data, and no cookie consent mechanism is present, which are areas for improvement. The site appears to be moderately optimized for performance and mobile use but lacks comprehensive accessibility and SEO features. Security posture is moderate; the login form uses POST and anti-forgery tokens, but the absence of security headers and cookie policies reduces the overall security score. No vulnerabilities or exposed sensitive data were found in the analysis. The WHOIS data for the subdomain is unavailable, which is typical for subdomains, but the domain is consistent with Open Text's ecosystem. No signs of WAF or blocking mechanisms were detected, allowing full content access. Overall, the site is a functional enterprise login portal with basic security and privacy compliance. Strategic improvements in security headers, cookie consent, and contact information visibility would enhance trust and compliance. The site is safe for general audiences and does not contain any adult or unsafe content.

S

Sparkasse Bielefeld

sparkasse-bielefeld.de

67

Sparkasse Bielefeld is a well-established regional bank in Germany, offering a wide range of financial services including online banking, loans, savings, insurance, and real estate services. The website reflects a mature digital presence with comprehensive content tailored for both private and corporate customers. The bank emphasizes secure online banking and customer support through multiple channels including phone, chat, and contact forms. Technically, the site uses modern web technologies and is built on a robust CMS platform, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and session management, although explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

EVENTIM.Light is a German e-commerce platform enabling event organizers to create their own ticket shops and sell tickets, including through the EVENTIM network. The website is professionally designed, mobile-optimized, and uses modern technologies such as Vue.js and Vuetify. It integrates Google reCAPTCHA for security and uses Akamai CDN for hosting and performance optimization. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. No explicit security policy or incident response information is published, indicating room for improvement in transparency and security posture. Overall, the site is functional, secure, and targeted at professional event organizers in Germany.

S

Schüco Group

schueco.com

68

Schüco Group is a leading German company specializing in system solutions for building envelopes made from aluminium, steel, and PVC-U. Their extensive product portfolio includes windows, doors, façades, ventilation, security, and solar shading systems, complemented by digital and networked solutions for both residential and commercial buildings. The company emphasizes sustainability and climate neutrality, positioning itself as a pioneer in the construction industry. Technically, the website employs modern web technologies including JavaScript, lazy loading, and privacy management tools, offering a responsive and accessible user experience. Security-wise, the site uses HTTPS and privacy consent mechanisms but lacks some advanced security headers and publicly available incident response information. Overall, the website is professional, trustworthy, and well-structured, though the absence of WHOIS data and explicit contact details slightly reduces transparency.

Webtrekk GmbH is a digital analytics company that has been integrated into the Mapp group, offering advanced customer engagement and marketing intelligence solutions under the Mapp Intelligence brand. The website reflects this transition, providing information and redirecting users to Mapp's main site for further details. The company targets businesses seeking data-driven marketing and analytics solutions, positioning itself as a mature player in the technology sector with a history dating back to 2004. Technically, the website employs modern frontend technologies such as Bootstrap and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a professional user experience, though some SEO and accessibility features could be improved. The absence of CMS identification and hosting details limits deeper infrastructure insights. From a security perspective, the site uses HTTPS and custom tracking scripts but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance and overall security posture. The missing WHOIS data for the domain introduces some trust concerns, although the professional presentation and association with Mapp mitigate these risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional front for Webtrekk's services within Mapp, but improvements in privacy compliance, security headers, and WHOIS transparency are recommended to enhance trust and regulatory adherence.

The website shokoladimalvern.co.uk currently serves a JavaScript-based CAPTCHA challenge page designed to mitigate automated bot access. This challenge blocks access to the actual website content, preventing a full analysis of business, security, and compliance aspects. The domain is registered with Tucows Inc since 2020 and is valid until 2026, indicating a legitimate registration. However, no business or contact information, privacy or cookie policies, or security headers are present on the challenge page. The technical infrastructure includes use of Cloudfront CDN and modern JavaScript cryptographic functions to implement a proof-of-work CAPTCHA. Due to the blocking mechanism, the website's content quality, user experience, and trustworthiness cannot be fully assessed. The security posture shows basic bot mitigation but lacks visible HTTPS or security headers in the provided data. Overall, the site is currently inaccessible to normal users without passing the challenge, resulting in a low AI score and limited insights.

W

Wein Wolf Gruppe

weinwolf.de

10

Wein Wolf Gruppe operates as a premium distributor and wholesaler specializing in wines, champagnes, and spirits, targeting business customers primarily in Germany. The website serves as a B2B webshop facilitating product distribution with a professional and consistent brand presence. The technical infrastructure leverages modern web technologies including Shopware CMS, Matomo analytics, and Usercentrics for cookie consent management, hosted on AWS infrastructure. The site is mobile optimized and provides essential features such as user login and account management with security measures like CSRF tokens. From a security perspective, the website enforces HTTPS and uses consent management platforms, but lacks visible security headers and published security policies or incident response contacts. No critical vulnerabilities or WAF blocking were detected. Privacy compliance is partial, with cookie consent but no visible privacy or terms of service pages in the provided content. The business credibility is strong given the professional presentation and alignment between domain registration and website content. Overall, the website presents a mature digital presence suitable for its B2B wholesale market, with room for improvement in privacy policy publication, security header implementation, and incident response transparency to enhance trust and compliance.

P

PFLANZMICH

pflanzmich.de

10

PFLANZMICH operates a well-established e-commerce platform specializing in garden plants, including hedges, perennials, roses, and rare plants. The website targets a broad German-speaking audience interested in gardening products, offering over 15,000 plant varieties with guarantees and fast delivery. The company positions itself as a trusted online garden nursery with a medium-sized market presence in Germany. Technically, the website employs modern JavaScript libraries, asynchronous loading, and integrates Google Tag Manager and Consentmanager.net for analytics and GDPR-compliant cookie consent. Hosting is provided by Anexia, with multiple nameservers indicating stable infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No direct contact emails or phone numbers are published; contact is primarily via a web form. No vulnerability disclosure or security policy is published, representing an area for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations, suitable for its retail business model.

Y

YONEX

yonex.de

10

YONEX is a well-established sports equipment company specializing in badminton, tennis, golf, running, and snowboarding products. The website serves as a regional German portal providing product catalogs, promotional offers, and social media integration, targeting sports enthusiasts and clubs. The site demonstrates a mature digital presence with modern web technologies such as Next.js and React, ensuring good performance and mobile responsiveness. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism. Security posture is solid with HTTPS and some security best practices, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and aligned with the brand's market position.