Security Directory

R

RVK

rvk.ch

52

RVK is an independent and leading service provider in the Swiss healthcare market, offering specialized services including risk and performance management, insurance medicine consulting, and education through its RVK Academy. The company targets insurers, pension funds, and enterprises, providing tailored insurance and educational solutions. The website is professionally designed, consistent in branding, and provides clear contact information and trust signals such as client testimonials and SQS-Audit certification. Technically, the site uses modern web technologies like Swiper.js and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

G

Garanto

garanto.ch

50

Garanto is a Swiss trade union established in 2001 representing customs and border personnel. The organization provides legal protection, member services, and advocacy for its members within the customs administration sector. The website is professionally designed, multilingual (German, French, Italian), and provides clear navigation and relevant content for its target audience. Technically, the site uses modern JavaScript libraries such as jQuery, Swiper, and Fancybox, with a custom or unknown CMS. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers are missing. No critical vulnerabilities or blocking mechanisms were detected. Contact information is clearly presented, including phone and email, and a member login area is available. Overall, the site demonstrates a solid digital presence for a government-related non-profit entity.

ERV is a Swiss insurance company specializing in travel and leisure insurance products, offering comprehensive coverage including multi-trip, single-trip, group travel, mobility, health, accident, pet, and corporate insurance. The company maintains strong partnerships with reputable Swiss organizations such as Migros, LUKB, and Hotelplan, reinforcing its market position. The website is professionally designed, mobile-optimized, and uses Adobe Experience Manager as its CMS, with Adobe Analytics and OneTrust for tracking and consent management. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are not prominently published. No signs of blocking or WAF interference were detected, and the domain WHOIS data aligns well with the business claims, indicating legitimacy.

K

KENDRIS Capital Limited

kendriscapital.com

74

KENDRIS Capital Limited is an independent alternative investment fund manager specializing in multi-asset class fund solutions domiciled in Cyprus and Luxembourg. It operates as a wholly owned subsidiary of KENDRIS AG, targeting professional and well-informed investors with a comprehensive suite of fund management services including portfolio management, risk management, marketing, distribution, and fund administration. The company emphasizes a personal, independent, and digital approach to fund management, supported by a strong regulatory framework under CySEC. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management, ensuring a professional and user-friendly digital presence. Security measures include HTTPS enforcement and reCAPTCHA integration, though there is room for improvement in security headers and published security policies. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall website content and regulatory disclosures support a trustworthy business profile.

Hurricane Electric operates a well-established free IPv6 tunnel broker service that enables users to access the IPv6 Internet by tunneling over IPv4 connections. The service is targeted primarily at developers, network engineers, and experimenters who require stable IPv6 connectivity. Hurricane Electric is a large, reputable ISP with a global backbone and multiple tunnel server locations worldwide, positioning it strongly in the IPv6 and networking market. The website content is professional and technically focused, providing clear information about the service and related offerings such as colocation and dedicated servers. The presence of a terms of service page and clear contact information supports business credibility. From a technical perspective, the website uses standard web technologies including HTML, CSS, and JavaScript with jQuery libraries. The hosting appears to be managed by Hurricane Electric itself, reflecting good control over infrastructure. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. Security posture shows some gaps: no DNSSEC enabled, no visible security headers, and no explicit HTTPS enforcement in the provided HTML snapshot. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable compliance risk. Overall, the security posture is moderate with no critical vulnerabilities detected in the visible content, but improvements are recommended to enhance DNS security, implement security headers, and provide clear privacy and cookie policies. The domain WHOIS data is consistent and supports the legitimacy of the business, with a long domain age and matching registrant information. No WAF or blocking mechanisms were detected, allowing full content access and analysis. Strategic recommendations include enabling DNSSEC, improving HTTPS and security headers, publishing privacy and cookie policies, and adding vulnerability disclosure information to strengthen trust and compliance. These steps will improve the security posture and regulatory compliance, enhancing user trust and business resilience.

F

flyo.cloud - flyo.cloud

flyo.cloud

64

flyo.cloud is a technology-focused SaaS platform aimed at revolutionizing content workflows, targeting content creators and teams. The website presents a professional login page with modern design elements and uses technologies such as Vue.js, Font Awesome, and Google reCAPTCHA to enhance user experience and security. The domain is registered since 2021 and uses Cloudflare for DNS and hosting, indicating a reliable technical infrastructure. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with HTTPS and bot protection but lacks security headers and published security policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security transparency.

D

Društvo DOVES – FEE SLOVENIA

ekosola.si

57

Ekošola.si represents a well-established Slovenian non-profit organization focused on environmental education and sustainable development awareness among children, students, and educators. The website serves as a hub for program information, news, projects, and partner engagement, positioning itself as a leading educational network in Slovenia. The business model revolves around educational program delivery, community involvement, and international cooperation under the Foundation for Environmental Education (FEE) umbrella. Technically, the website is built on WordPress using popular plugins such as Slider Revolution and WPBakery Page Builder, with modern web technologies including jQuery and Google reCAPTCHA for form security. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design that supports user engagement and navigation. From a security perspective, the site enforces HTTPS, employs security headers, and integrates CAPTCHA to protect forms, reflecting a mature security posture. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and incident response contacts, which are recommended for enhanced transparency and preparedness. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences. Strategic recommendations include adding dedicated security and incident response pages, improving accessibility features, and maintaining up-to-date software to mitigate potential vulnerabilities.

S

Sorell Hotels

sorellhotels.com

59

Sorell Hotels is a Swiss boutique hospitality group operating 15 hotels, event locations, and restaurants across multiple Swiss cities. The website presents a professional and modern digital presence built on Drupal 11 with a focus on user experience, mobile optimization, and SEO. The company emphasizes unique guest experiences, local culture, and sustainability. The site integrates a booking system and consent management via Usercentrics, demonstrating awareness of privacy compliance. However, explicit privacy policy and terms of service pages are not clearly found, which is a compliance gap. The WHOIS data for the domain www.sorellhotels.com is unavailable, raising questions about domain registration transparency, though the website content and branding strongly indicate a legitimate business. Security posture is good with HTTPS and secure forms, but lacks visible security headers and incident response information.

F

Forum Schlossplatz

forumschlossplatz.ch

48

Forum Schlossplatz is a cultural institution based in Aarau, Switzerland, established in 1994. It serves as a vibrant venue for cultural and societal reflection through exhibitions, events, educational projects, and a podcast. The website reflects a well-structured and professionally presented digital presence targeting a general audience interested in arts and culture. The business model focuses on community engagement and cultural education rather than commercial sales. Technically, the website uses modern web technologies including lazy loading, JavaScript libraries for UI effects, and structured data for SEO. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is partial; a privacy policy is present but no cookie consent mechanism is detected. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained.

H

Hotel Aarauerhof

aarauerhof.net

64

Hotel Aarauerhof is a modern self check-in hotel located in the center of Aarau, Switzerland, offering 75 rooms with amenities such as highspeed WLAN and breakfast. The website is professionally designed using modern web technologies including Next.js and React, with integration of Usercentrics for consent management and Aleno for reservations. The security posture is good with HTTPS enforced and no exposed sensitive data, though some security headers and incident response information are missing. The domain WHOIS data is unavailable, which raises some legitimacy concerns, but the website content and business presentation are professional and trustworthy. Overall, the site is well-optimized for SEO, mobile, and accessibility, targeting business travelers and tourists seeking flexible accommodation.

R

ReviewsJet

reviewsjet.com

61

ReviewsJet is a SaaS platform specializing in aggregating and displaying customer reviews from multiple sources such as Google, Yelp, Etsy, and more. It targets small and medium businesses seeking to enhance their website credibility through authentic testimonials and social proof. The platform offers integrations with popular website builders and marketing tools, providing a streamlined user experience for review management and display. Technically, the website is built using modern frameworks like React and Next.js, hosted on DigitalOcean, and optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and domain protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is basic with policies present but lacking advanced consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche.

H

Hunkemöller

hunkemoller.dk

10

Hunkemöller is a leading Danish lingerie and swimwear retailer operating a professional e-commerce platform targeting primarily women in Denmark and Europe. The website offers a comprehensive product range including lingerie, swimwear, and nightwear, supported by a loyalty program and customer reviews. The technical infrastructure is built on Salesforce Commerce Cloud (Demandware) with integration of multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, Facebook Pixel, Hotjar, Bloomreach, and Yotpo, indicating a mature digital marketing and analytics strategy. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although no explicit security policy or vulnerability disclosure is publicly available. The domain WHOIS data is not available, likely due to privacy protection, which is common for large retail brands. Overall, the website demonstrates good professionalism, security, and compliance with privacy regulations, serving a mature audience with lingerie and swimwear products.

K

KENDRIS Ltd

kendris.com

74

KENDRIS Ltd is a Swiss-based international advisory and fiduciary services firm with a strong focus on wealthy individuals, family offices, corporations, and institutional clients. The company emphasizes its Swiss entrepreneurial roots, confidentiality, and independence from banks and financial institutions. With over 110 years of history and a presence in multiple countries, KENDRIS offers a broad range of services including trusts, corporate services, tax and legal advice, family office services, and alternative investment fund solutions through its subsidiary KENDRIS Capital Limited. The website is professionally designed, well-structured, and provides comprehensive information about its services and corporate group. Technically, the website employs modern technologies such as Google Tag Manager, CookieYes for consent management, and Mautic for marketing automation. It is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and secure forms, though it lacks explicit security policy and incident response information. Privacy compliance is well addressed with clear cookie and privacy policies and GDPR adherence. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which partially impacts the overall trustworthiness score. Despite this, the professional presentation and detailed business information mitigate some risks. Overall, the website represents a credible and mature financial services firm with room for improvement in transparency around security policies and domain registration verification.

A

Aarau Info

aarauinfo.ch

56

Aarau Info is a local tourism promotion entity focused on showcasing the city of Aarau, Switzerland, as an attractive destination for visitors. The website provides comprehensive information about cultural events, guided tours, accommodation, and local highlights, targeting tourists and residents interested in leisure activities. The business operates primarily as a regional tourism information provider with a small organizational size. Technically, the website employs modern web technologies including JavaScript modules, lazy loading, and plausible analytics, hosted on a cloud platform with good performance and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and formal policies are absent. Privacy compliance is partial, lacking cookie consent mechanisms and explicit GDPR indicators. Contact information is clearly presented, enhancing business credibility. Overall, the site is professional, trustworthy, and well-positioned for its market niche.

D

DB Bus Challenge

db-bus-challenge.de

41

The website 'DB Bus Challenge' is an interactive online game designed to engage users by simulating bus transportation challenges, likely related to Deutsche Bahn's bus services in Germany. The site targets a general audience interested in public transportation and casual gaming. The business model appears promotional, aiming to increase engagement and brand awareness rather than direct sales. The website is relatively small in scale with basic content and moderate branding consistency. Technically, the site uses a JavaScript-based frontend with RequireJS and jQuery, implementing device detection and responsive design for mobile optimization. Performance is moderate with basic SEO and accessibility features. No CMS or backend technologies are evident from the HTML content. Hosting details are limited but DNS servers indicate a standard hosting environment. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance given the European audience. No contact or incident response information is provided, limiting transparency and trust. No vulnerabilities or exposed sensitive data were detected in the static content. Overall security posture is average but could be improved with standard best practices. The overall risk is moderate with no critical issues detected. Strategic recommendations include adding privacy and cookie policies, improving security headers, providing clear contact and incident response information, and enhancing SEO and accessibility. These improvements would increase user trust, compliance, and security maturity.

D

DB Fernverkehr AG

der-kleine-ice.de

54

Der kleine ICE is a child-focused online platform operated by DB Fernverkehr AG, a subsidiary of Deutsche Bahn AG, providing educational and entertaining content such as games, stories, comics, and audio plays centered around train characters. The website serves as a brand engagement tool targeting children and families, enhancing Deutsche Bahn's market presence in the transportation sector through family-friendly digital content. Technically, the site is built on WordPress with modern web technologies including jQuery and CSS3, hosted via EuroDNS nameservers. The site demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks some security headers and explicit cookie consent mechanisms. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence, though cookie consent is missing. Overall, the site is professional, trustworthy, and safe for its target audience.

C

cyber-Wear Heidelberg GmbH

bahnshop.de

53

bahnshop.de is the official merchandise e-commerce platform for Deutsche Bahn, operated by cyber-Wear Heidelberg GmbH. The website offers a wide range of branded products including collectibles, travel accessories, family and kids items, and other merchandise targeted at Bahn fans, travelers, and families. It holds a strong market position as the official shop for Deutsche Bahn merchandise, leveraging the brand's reputation and customer base. The business model focuses on online retail with customer account management and a comprehensive product catalog. The site is well-branded, consistent, and professionally maintained with a medium-sized operational scale and a founding date around 2014. Technically, the website is built on the Shopware CMS platform, utilizing modern web technologies such as JavaScript, CSS3, and HTML5. It integrates Google Tag Manager and Google Analytics for marketing and analytics purposes, and PayPal Unified for payment processing. Hosting is managed via EuroDNS nameservers, indicating a stable and professional hosting environment. The site demonstrates good mobile optimization, accessibility, and SEO practices, with moderate performance. From a security perspective, the site enforces HTTPS, uses CSRF tokens on forms, and implements cookie consent mechanisms compliant with GDPR. Security headers are present but could be enhanced with additional policies like Content-Security-Policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the site lacks a published security.txt or explicit incident response contact information, which could improve transparency and security posture. Overall, bahnshop.de presents a low-risk profile with strong business credibility, good technical implementation, and solid privacy compliance. Strategic recommendations include publishing a security.txt file, enhancing security headers, and providing incident response contacts to further strengthen trust and security readiness.

V

VDE VERLAG GmbH

energie.de

58

energie.de is a professional German energy sector portal operated by VDE VERLAG GmbH, consolidating six energy magazines and providing news, e-magazines, job listings, market partner directories, and event information. The site targets energy industry professionals and stakeholders, offering specialized content and training resources. Technically, the website is built on TYPO3 CMS, employs modern SEO practices, and includes GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and respects privacy with cookie blocking for external media by default, but lacks explicit security policies or incident response contacts. Overall, the site is legitimate, well-maintained, and trustworthy for its target audience.

V

VDE VERLAG GmbH

smart-production.de

53

smart-production.de is a professional German-language media portal operated by VDE VERLAG GmbH, aggregating three specialized technical magazines focused on automation, production IT, Industry 4.0, IoT, and energy management. The site targets industry professionals and businesses seeking current news, expert articles, events, and job listings in these sectors. The business model centers on media publishing, advertising, and providing industry-specific information and services. Technically, the website is built on TYPO3 CMS with Yoast SEO optimization, hosted on agenturserver infrastructure, and implements modern web standards with good mobile responsiveness and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. No critical vulnerabilities or suspicious elements were detected. Overall, the site demonstrates a mature digital presence with good content quality and business credibility.

V

VDE VERLAG GmbH

building-and-automation.de

59

building-and-automation.de is a professional German-language web portal operated by VDE VERLAG GmbH, serving as a comprehensive media platform for electrical professionals focused on building automation, electrical installation, and energy management. The site integrates a magazine, online kiosk, newsletters, and educational content, targeting industry professionals and companies in the energy and building technology sectors. The business model centers on crossmedia publishing and professional education, positioning itself as a trusted source within its niche market. Technically, the website is built on the TYPO3 CMS platform, employing modern web technologies including JavaScript and CSS, with SEO optimizations and mobile responsiveness. Hosting is managed via agenturserver nameservers, and the site uses HTTPS with good SSL configuration. Analytics are conducted through etracker with GDPR-compliant cookie consent mechanisms. Advertising is managed via AdSpirit with integrated consent management. From a security perspective, the site enforces HTTPS and respects privacy preferences, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The site demonstrates good privacy compliance with clear cookie and privacy policies. However, improvements could be made by implementing security headers and publishing a security.txt file. Overall, the website is professional, trustworthy, and well-aligned with its business objectives. It maintains good privacy and security hygiene for its audience, though some enhancements in security transparency and incident response readiness are recommended.

Hottgenroth Software AG is a German software company specializing in energy and building technology solutions. The company targets professionals and businesses within the energy sector, offering software products and customer support services. Their website is professionally designed, consistent in branding, and primarily in German, reflecting their focus on the German market. The business model centers on providing specialized software tools for energy management and building technology, positioning them as an established player in this niche industry. Technically, the website is built on ASP.NET WebForms and utilizes common web technologies such as jQuery, Bootstrap, Google Tag Manager, and Google reCAPTCHA for security. Cookie consent is managed through Consentmanager.net, indicating a basic level of privacy compliance. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. SEO optimization is basic but present. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, which is positive. However, it lacks explicit security headers such as Content Security Policy and HSTS, and there is no publicly available privacy policy, terms of service, or vulnerability disclosure information. Incident response contacts and data protection officer details are also missing, which are important for compliance and trust. Overall, the website is safe and professional but could improve its privacy and security posture by publishing comprehensive policies, implementing security headers, and providing clear incident response channels. These improvements would enhance trustworthiness and compliance with GDPR and other regulations.

Milwaukee Tools Germany operates a professional-grade website offering a comprehensive range of power tools, hand tools, accessories, and personal protective equipment targeted at professional users in Germany. The site is well-branded and consistent with Milwaukee's global identity, providing a strong market presence in the manufacturing and retail sectors. The website infrastructure leverages modern JavaScript frameworks and integrates multiple analytics and marketing tools, reflecting a mature digital strategy. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response information are not prominently available. The domain WHOIS data is privacy protected, which is typical for commercial entities in the EU, and the website content and structure strongly indicate legitimacy. Overall, the site presents a professional and trustworthy digital front for Milwaukee Tools in the German market.

T

TRILUX GmbH & Co. KG

trilux.com

69

TRILUX GmbH & Co. KG is a well-established company specializing in innovative and energy-efficient lighting solutions tailored for industries, offices, retail, and outdoor environments. The company positions itself as a leader in sustainable and smart lighting technologies, targeting business clients seeking customized lighting solutions. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content that supports its business objectives. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The integration of OneTrust for cookie consent demonstrates a commitment to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the website enforces HTTPS and employs standard security headers, contributing to a strong security posture. However, the absence of a publicly accessible security policy or vulnerability disclosure page suggests areas for improvement in transparency and incident response readiness. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a low-risk profile with strong business credibility and compliance adherence. The missing WHOIS data is a notable anomaly but does not detract significantly from the trustworthiness given the professional nature of the site and its compliance features.

W

WALTHER-WERKE Ferdinand Walther GmbH

walther-werke.de

58

WALTHER-WERKE Ferdinand Walther GmbH is a well-established German manufacturer specializing in low-voltage distribution systems, CEE connectors, industrial connectors, and electromobility charging solutions. With a history dating back to 1897 and a medium-sized workforce, the company operates internationally with subsidiaries and a broad partner network. Their product portfolio includes modular power distribution, intelligent charging infrastructure, and robust industrial electrical components, positioning them as a key player in the energy and transportation sectors. The website reflects a professional and consistent brand image, targeting industrial, construction, and electromobility markets. Technically, the site is built on TYPO3 CMS with Bootstrap and includes modern JavaScript libraries, offering a responsive and user-friendly experience. Security posture is solid with HTTPS, anonymized analytics, and spam-protected emails, though explicit security policies and vulnerability disclosure mechanisms are absent. Overall, the site is trustworthy, compliant with GDPR, and provides comprehensive contact and product information.

G

Gewiss

gewiss.de

72

Gewiss is a well-established company operating in the energy sector, specializing in electrical components and energy management solutions. The website targets industrial and commercial customers, providing detailed product information and corporate content. The company maintains a professional online presence with consistent branding and comprehensive privacy and cookie policies, indicating a mature approach to regulatory compliance. Technically, the website leverages modern web technologies including Google Tag Manager, reCAPTCHA, and Cookiebot for consent management, and appears to be built on Adobe Experience Manager CMS. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, HTTPS is enforced and bot protection is implemented, though explicit security headers were not detected in the provided data, suggesting room for improvement. The WHOIS data is not publicly available, which is common for commercial entities but reduces transparency. Overall, the website demonstrates a solid security posture and compliance maturity with no critical vulnerabilities detected.

LEDVANCE is a globally recognized company specializing in the development and supply of advanced lighting products and solutions for both professional users and end consumers. The website presents a comprehensive portfolio of lighting products including professional lighting, consumer lighting, renewable energy solutions such as photovoltaics, and smart home lighting. The company positions itself as a leading provider in the general lighting market with a strong focus on innovation and efficiency. The website is well-structured, professionally designed, and targets a German-speaking audience primarily in Germany and neighboring countries. Technically, the site employs modern web technologies including Google Tag Manager and Usercentrics for consent management, indicating a moderate level of digital maturity. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy or recent changes in domain ownership. Security posture is moderate with cookie consent implemented but lacking visible security headers and explicit privacy policies. Overall, the website is professional and trustworthy but would benefit from enhanced transparency in domain registration and improved security and privacy disclosures.

A

Alphatec Schaltschranksysteme GmbH

alphatec-systeme.de

47

Alphatec Schaltschranksysteme GmbH is a German-based manufacturer and supplier specializing in energy distribution systems, including meter cabinets, automatic distributors, transformer cabinets, and switch cabinets for renewable energy. The company operates with a strong focus on in-house manufacturing capabilities such as metal processing, powder coating, electrical assembly, wiring, and electromobility solutions. Their market position is solidified by a comprehensive product portfolio, an online shop, and a configurator tool, targeting primarily business customers in the energy sector. The website is professionally designed, content-rich, and well-structured, supporting effective customer engagement and product information dissemination. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies with good mobile optimization and SEO practices. The site employs HTTPS with excellent SSL configuration and integrates Matomo analytics for user tracking with GDPR-compliant cookie consent mechanisms. However, some security best practices like security headers and a published security policy are absent. From a security perspective, the site shows a mature posture with no evident vulnerabilities or exposed sensitive data. The cookie consent and privacy policies are comprehensive and GDPR compliant. The WHOIS data, while limited, aligns with the website's operational details, indicating legitimacy. Social media presence across multiple platforms enhances brand visibility and trust. Overall, Alphatec's digital presence reflects a trustworthy, professional business with a good balance of technical maturity and compliance. Strategic improvements in security headers and incident response disclosures could further enhance their security posture and customer trust.

K

KEBA

keba.com

77

KEBA is a well-established company specializing in innovative automation solutions, with a history spanning 50 years. The website presents a professional and consistent corporate image focused on industrial and manufacturing automation services. The content is relevant and targeted towards industrial clients, reflecting a large enterprise with a strong market position in the manufacturing sector. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, and integrates Google Tag Manager for analytics and tracking purposes. Mobile optimization and SEO practices are good, though accessibility features are basic. Security posture is weak due to lack of visible security headers and absence of explicit security policies or incident response information. The WHOIS data is missing, which raises concerns about domain registration legitimacy and transparency. No privacy or cookie policies were detected, indicating potential compliance gaps. Overall, the website is functional and professional but would benefit from enhanced security and privacy compliance measures.

T

Thorn

thornlighting.de

54

Thorn Lighting is a well-established company specializing in integrated LED lighting solutions for both indoor and outdoor applications, primarily targeting business customers in Germany and Europe. Their website demonstrates a professional presence with comprehensive product offerings, case studies, and energy-saving tools. The technical infrastructure is built on the Plone CMS platform, enhanced with modern JavaScript libraries and third-party services such as Google Analytics and Usercentrics for consent management. Hosting and DNS services are provided via Cloudflare, ensuring reliable delivery and security. The security posture is solid with HTTPS enforced and cookie consent mechanisms blocking third-party content until user opt-in. However, explicit security headers and incident response policies are not publicly visible, representing an area for improvement. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience with clear navigation and relevant content.

R

Razvojni center Murska Sobota

rcms.si

39

Razvojni center Murska Sobota is a regional development institution focused on fostering economic, social, and cultural growth in the Pomurje region of Slovenia. The organization provides project management, entrepreneurship support, and regional development services primarily targeting local businesses, entrepreneurs, and government stakeholders. The website reflects a professional and consistent brand presence with clear contact information and active engagement in regional projects and tenders. Technically, the site employs modern web technologies including jQuery, Slick Carousel, and accessibility tools, hosted by a reputable Slovenian provider. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and well-structured for its audience.

V

Verein Rüeblimärt Aarau

rueblimaert-aarau.ch

43

Verein Rüeblimärt Aarau organizes one of Switzerland's largest annual markets focused on regional products, sustainability, and community engagement. The website effectively communicates the event's nature, schedule, and cultural significance, targeting a general audience interested in local produce and natural experiences. Technically, the site employs modern web standards including responsive images and privacy-conscious analytics via Matomo. However, it lacks explicit privacy and cookie policies, and security headers are not evident, which are areas for improvement. The domain registration data aligns well with the website's claims, enhancing trustworthiness. Overall, the site is professional and trustworthy but could benefit from enhanced privacy and security disclosures.

F

FC Aarau

fcaarau.ch

45

FC Aarau is a Swiss football club with a long history dating back to 1902, competing in the Swiss Challenge League. The website serves as the official digital presence for the club, providing information about matches, teams, ticketing, membership, and merchandising. It targets football fans and supporters primarily in Switzerland. The business model revolves around sports entertainment, fan engagement, sponsorships, and merchandise sales. The club maintains a solid market position within Swiss football and leverages digital channels effectively to engage its audience. Technically, the website is built on WordPress with modern web technologies including SVG graphics, responsive design, and Matomo analytics for privacy-conscious tracking. The site is hosted by a Swiss provider (h2g.ch) and demonstrates good performance and accessibility standards. SEO and content structure are well implemented, supporting discoverability and user experience. From a security perspective, the site uses HTTPS and disables cookies for analytics, showing a privacy-aware approach. However, it lacks some security headers like Content-Security-Policy and X-Frame-Options, and does not provide explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is good but could be improved with additional headers and transparency. The overall risk assessment is low, with the site being trustworthy and professionally maintained. Strategic recommendations include implementing a cookie consent mechanism, enhancing security headers, and publishing security and incident response policies to improve compliance and user trust.

V

Visus Service GmbH

wisym.ch

50

The Wirtschaftssymposium Aargau website represents a well-established Swiss event organizer, Visus Service GmbH, hosting the 21st annual economic symposium in Aarau. The event targets professionals from business, politics, and society, focusing on Switzerland's stability amidst global challenges. The site is professionally designed with clear navigation, high-quality content, and structured data enhancing search engine visibility. Technical infrastructure includes privacy-conscious Matomo analytics and modern web technologies, hosted on reliable Swiss infrastructure. Security posture is good with HTTPS and privacy-respecting analytics, though improvements are recommended in cookie consent and security headers. Overall, the site reflects a credible and trustworthy business presence with strong regional partnerships.

T

TESVOLT OCEAN GmbH

tesvolt-ocean.com

51

TESVOLT OCEAN GmbH is a specialized provider of high-performance battery storage solutions tailored for maritime applications, including sea and inland waterways. Their product portfolio includes the Kaptein Series and EOH battery systems, which emphasize innovation, reliability, and compliance with maritime standards such as DNV certification. The company targets maritime operators seeking efficient and flexible energy storage solutions. Technically, the website is built on the CIDEMOS CMS platform with modern JavaScript and CSS technologies, featuring responsive design and good SEO practices. Security posture is moderate with HTTPS usage but lacks explicit security headers and detailed security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and structured data strongly indicate a legitimate German-based business. Privacy and cookie policies are present and GDPR compliant, but no direct contact emails or phone numbers are visible on the site. Overall, the website is professional and trustworthy in appearance but requires verification of domain registration and enhancement of security best practices.

T

TESVOLT AG

tesvolt-projects.com

52

TESVOLT Projects is a specialized full-service provider focused on battery parks and energy storage solutions tailored for municipal utilities. The company offers comprehensive services from planning through operation, leveraging deep expertise in storage technology and municipal project experience. Their market position is supported by multiple references and partnerships with notable industry players. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience in the energy sector. Technically, the site uses the CIDEMOS CMS platform with modern web technologies and integrates Google Tag Manager for analytics and marketing. Security posture is generally good with HTTPS enforced and cookie consent implemented, though the absence of security headers and published security policies suggests room for improvement. The WHOIS data for the domain is missing, which slightly reduces trustworthiness, but the website content and business information align well with the TESVOLT AG brand. Overall, the site demonstrates a solid digital presence with good privacy compliance and business credibility.

T

TESVOLT Energy

tesvolt-energy.com

59

TESVOLT ENERGY is a medium-sized energy sector company specializing in aggregating small and medium battery storage systems into virtual power plants for participation in energy trading. Their innovative business model leverages multiple leading energy traders competing to maximize revenue for customers. The company offers integrated solutions including battery storage systems, installation, maintenance, and a transparent trading dashboard. The website is professionally designed, mobile-optimized, and provides comprehensive information about their services and partnerships. Technically, the site uses the CIDEMOS CMS platform with modern web technologies and enforces HTTPS with a good security posture. Privacy and cookie policies are present and GDPR compliant, though incident response and vulnerability disclosure information are not publicly available. Overall, TESVOLT ENERGY presents a trustworthy and professional digital presence aligned with their business objectives.

B

Banca Națională a României

bnro.ro

70

The website www.bnr.ro represents the official online presence of the National Bank of Romania (BNR), the country's central bank. It provides comprehensive information about the bank's functions, currency issuance, statistics, publications, and contact points, targeting a broad audience including the general public, financial institutions, and government entities. The site is professionally designed with consistent branding and clear navigation, reflecting its authoritative role in Romania's financial sector. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of Google Tag Manager and Cookiebot for analytics and cookie consent management. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO metadata completeness. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism. However, explicit security headers are not evident in the provided data, and no public security or incident response policies are published. The WHOIS data is not publicly available due to ROTLD privacy policies, which is typical for .ro domains and justified for a government entity. Overall, the website demonstrates a strong business credibility and privacy compliance posture, with moderate technical and security maturity. There are no indications of malicious activity or content safety concerns. Strategic recommendations include enhancing security headers, improving accessibility, and publishing explicit security policies to further strengthen trust and compliance.

G

GoDaddy Operating Company, LLC

filmodeer.com

51

The website filmodeer.com is a domain sales landing page operated by Afternic, a well-known domain marketplace owned by GoDaddy Operating Company, LLC. It offers the domain filmodeer.com for sale with options to buy now or request pricing information. The site targets individuals and businesses interested in acquiring premium domain names and positions itself as a trusted and secure platform for domain transactions. The presence of verified domain badges and a high Trustpilot rating reinforces its market credibility. Technically, the site is built using modern web technologies including React and Next.js, hosted on Akamai CDN infrastructure, and integrates Google reCAPTCHA v2 for form security. The website is well-optimized for performance, mobile responsiveness, and accessibility, providing a good user experience. Security posture is strong with HTTPS enforced, security headers present, and secure transaction messaging. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the domain marketplace platform demonstrates a mature digital infrastructure and trustworthy business model, with minor gaps in transparency around security governance.

R

Recenzije Filmova i Serija

recenzijefilmova.com

53

Recenzije Filmova i Serija is a small media website focused on providing film and series reviews, news, trailers, and recommendations primarily targeting movie and series enthusiasts. The site is built on WordPress and uses common web technologies such as PHP, JavaScript, and Google Fonts. The digital maturity is moderate with good SEO practices and mobile optimization, but lacks advanced security headers and privacy compliance features. Security posture is basic with HTTPS enabled but missing important security headers and policies. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the site is functional and content-rich but requires improvements in security and compliance to enhance trust and protect user data.

R

Rotten Tomatoes

rottentomatoes.com

69

Rotten Tomatoes is a leading entertainment media website specializing in movie and TV show reviews, trailers, showtimes, and ticketing information. Owned by Fandango Media, a subsidiary of NBCUniversal, it holds a prominent market position as a trusted source for quality measurement in the entertainment industry. The site targets a broad general audience interested in film and television content. Technically, the website employs a modern technology stack including JavaScript frameworks, JWPlayer for video content, Google Publisher Tags for advertising, and robust cookie consent management via OneTrust. Hosting and ad services are provided by NBCUniversal's infrastructure, ensuring reliable performance and scalability. Security-wise, the site enforces HTTPS, uses multiple security headers, and integrates ad verification and tracking services responsibly. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. However, no explicit security policy or incident response contact is publicly available. Overall, the site demonstrates a mature digital presence with excellent content quality, good technical implementation, and a solid security posture, making it a trustworthy platform for users and advertisers alike.

M

MIKS GmbH

miks.co

58

MIKS GmbH is a Hamburg-based company specializing in contemporary brand experience through spatial design, including commercial interiors, exhibition stands, retail environments, and roadshows. The company positions itself as an expert in creating immersive brand experiences that evoke emotions and tell stories through spatial communication. Their market focus is on businesses seeking innovative and impactful spatial branding solutions. Technically, the website is built with modern web standards using HTML5, CSS3, and JavaScript, and integrates Google Analytics for user tracking. The site is moderately optimized for performance and mobile devices, with a professional design and clear navigation. Security-wise, the site uses HTTPS and implements a cookie consent mechanism but lacks visible security headers and a published privacy policy, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and transparency.

C

Cineplexx

cineplexx.at

63

Cineplexx is a prominent cinema chain operating primarily in Austria, offering movie screenings and related entertainment services to a broad audience. The website reflects a professional and modern digital presence, leveraging React technology and integrating comprehensive cookie consent mechanisms to comply with GDPR requirements. The business targets general moviegoers and positions itself as a leading player in the Austrian cinema market. Technically, the site employs modern frontend frameworks and integrates third-party analytics and advertising platforms such as Google Analytics, Facebook, Pinterest, and TikTok, indicating a mature digital marketing strategy. Security-wise, the website enforces HTTPS, implements strong security headers, and provides a detailed privacy policy, although it lacks visible terms of service and explicit security policy pages. Overall, the site demonstrates good security hygiene and privacy compliance but could improve transparency by publishing additional security and incident response information.

H

heckersolar.com

heckert-solar.com

47

Heckert Solar Shop is a German-based specialized provider of photovoltaic (PV) modules, inverters, and storage solutions targeting both private consumers and business customers. The company offers a comprehensive product range including solar modules, balcony power plants, inverters from multiple brands, PV storage systems, commercial storage, mounting systems, e-mobility products, and accessories. The website is professionally designed, mobile-optimized, and built on the Shopware CMS platform, indicating a mature digital infrastructure. The presence of multiple advertising and tracking technologies such as Google Analytics 4, Facebook Pixel, and various ad networks reflects an active marketing strategy. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified. The website lacks explicit privacy policy and terms of service pages, though it implements a cookie consent mechanism. Security posture is generally good with HTTPS enforced but could be improved by adding security headers and publishing security policies. Overall, the site presents a trustworthy and professional front for a medium-sized energy sector business in Germany.

J

Jonatan Heyman

heynote.com

53

Heynote is a specialized software tool designed as a scratchpad for developers, enabling efficient note-taking with features such as block-based text buffers, syntax highlighting, and calculator functionality. The product is open source, with releases hosted on GitHub, targeting developers and power users seeking productivity enhancements. The website presents a professional and consistent brand image, with clear navigation and relevant content focused on its niche audience. Technically, the site uses modern web technologies including JavaScript and CSS, and is hosted with Cloudflare DNS and GitHub for releases, ensuring good performance and availability. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms, despite usage of Google Analytics. Business credibility is supported by open source transparency and domain longevity. Overall, the site is trustworthy and functional but would benefit from enhanced privacy and security disclosures.

W

Where to Stay

wheretostay.in

9

Wheretostay.in is a niche travel guide website offering detailed neighborhood and area guides for travelers worldwide. The site integrates high-quality maps and hotel listings to assist users in selecting accommodation based on neighborhood characteristics. The business targets travelers seeking comprehensive and up-to-date local insights to enhance their travel experience. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates Google Analytics and Google Ads for tracking and advertising. The site is mobile optimized and presents a professional design with clear navigation. Security-wise, the site uses HTTPS but lacks security headers and published security policies, which are areas for improvement. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms. Overall, the website is functional and trustworthy but would benefit from enhanced privacy and security practices to improve compliance and user trust.

PostNord International is a leading logistics and postal service provider focused on delivering borderless e-commerce solutions globally. The company offers customizable logistics services that enable clients to expand their markets worldwide, targeting e-commerce businesses and retailers. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support, indicating a global audience. The technical infrastructure leverages modern technologies including Episerver CMS, Azure hosting, and advanced analytics tools such as Google Analytics and Microsoft Application Insights, demonstrating a commitment to performance monitoring and user experience optimization. Security posture is strong with HTTPS enforcement, comprehensive security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website and business presence indicate a reputable and established enterprise with a focus on compliance and user privacy.

A

Advisible

advisible.com

63

Advisible operates as a modern online advertising platform providing cloud-based digital advertising and marketing technology tailored for publishers, advertisers, and agencies. Their key offerings include a Development Kit for ad integration, native advertising solutions, content display services, and source hosting for ad code. The business model is pay-as-you-go with monthly billing and no upfront fees, positioning them as a developer-friendly and scalable solution in the advertising technology sector. The website is professionally designed with good content quality and clear navigation, targeting a specialized audience in the digital advertising space. Technically, the website employs modern web technologies such as Javascript and Google Fonts, with SVG graphics for branding. The site is mobile optimized and SEO friendly, though no CMS or specific hosting provider information is evident. Performance is moderate with room for improvement in accessibility and security headers. The cookie consent mechanism is implemented, indicating attention to privacy compliance, and privacy and cookie policies are present and accessible. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data for the domain is a notable concern, as it reduces transparency and trustworthiness despite the professional appearance of the website. No direct company contact emails or phone numbers were found, with contact primarily via web form. Overall, the website presents a credible and professional front for a niche advertising technology business but would benefit from enhanced security practices, clearer business contact information, and resolution of WHOIS data transparency to improve trust and compliance posture.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) indicating that no actual website content is accessible or loaded. This page primarily contains scripts and styles related to the Chrome offline dinosaur game and does not represent a real external website. Consequently, there is no business information, contact details, privacy or cookie policies, or security policies available for analysis. The technical infrastructure is limited to browser internal resources with no hosting or CMS details. Security posture cannot be properly assessed due to lack of real content and headers. Overall, this is not a legitimate website but a browser error page, and no meaningful business or security insights can be derived.

The website www.ilo.org represents the International Labour Organization, a United Nations specialized agency focused on labour standards and employment issues globally. The organization operates at an enterprise scale with a long history dating back to 1919 and serves governments, employers, workers, and researchers worldwide. However, the current website content is inaccessible due to a Cloudflare Turnstile CAPTCHA challenge, preventing direct analysis of the site's content, metadata, and policies. The technical infrastructure includes Cloudflare protection but no further technology stack details are visible. Security posture is limited to the presence of Cloudflare WAF, with no additional security headers or SSL configuration details available. WHOIS data is unavailable due to a malformed response, but the domain is consistent with a legitimate UN agency. Overall, the site is safe with no adult or explicit content, but the WAF challenge limits comprehensive evaluation.

The website rosesdesigneroutlet.hr is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct access to content. This prevents extraction of business, contact, or policy information. The domain is registered in Croatia since 2015 with a reputable registrar, indicating a legitimate registration. However, the lack of accessible content limits the ability to assess the company's market position, services, or compliance posture. Technically, the site uses Cloudflare's security services, but no further technology or CMS details are available. Security posture cannot be fully evaluated due to blocked content, but the presence of Cloudflare WAF indicates some level of protection. Overall, the site scores low on AI evaluation due to inaccessibility, with recommendations to allow content access for full analysis.