Security Directory

D

digistats Analytics

digistats.de

49

digistats Analytics is a privacy-focused web analytics provider offering a GDPR-compliant alternative to Google Analytics. Their service emphasizes cookie-free, IP-free, and fingerprint-free tracking, targeting website owners and businesses concerned with data privacy. The platform provides real-time analytics, visitor behavior insights, geographic data, and event tracking with a lightweight tracking code. The company positions itself as a trustworthy and privacy-first analytics solution with a presence primarily in Germany and Switzerland. Technically, the website uses modern web technologies including JavaScript, SVG, and Bootstrap, hosted on Infomaniak servers. Security practices include CSRF protection and deferred script loading, but lack explicit security headers and published incident response policies. Overall, the site is well-designed, mobile-optimized, and professional, though contact information is limited to an encrypted email link without direct phone or email addresses. The domain registration appears legitimate and consistent with the business claims. No WAF or blocking mechanisms were detected, allowing full content access.

R

Renault Trucks UK

renault-trucks.co.uk

15

Renault Trucks UK operates as a key regional branch of the global Renault Trucks brand, providing a comprehensive range of trucks and light commercial vehicles tailored for various industries including long haulage and construction. The website reflects a mature digital presence with well-structured content, clear branding, and a focus on professional audiences in the transportation sector. The technical infrastructure leverages Drupal CMS, integrates modern analytics and marketing tools such as HubSpot and Google Tag Manager, and implements robust cookie consent mechanisms to comply with GDPR requirements. Security posture is strong with HTTPS enforced and standard security headers present, although explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data is due to domain naming conventions for UK subdomains and does not detract from the legitimacy of the site. Overall, the site demonstrates a professional and trustworthy online presence suitable for its business domain.

R

Renault Trucks Switzerland

renault-trucks.ch

10

Renault Trucks Switzerland operates as a regional subsidiary of the global Renault Trucks brand, providing a comprehensive portfolio of transport solutions including diesel and electric trucks tailored for the Swiss market. The website is professionally designed with consistent branding and targets business customers in the transportation and logistics sectors. The digital infrastructure leverages Drupal CMS, integrates modern analytics and marketing tools such as HubSpot and Google Tag Manager, and implements a cookie consent mechanism via OneTrust, reflecting a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is partial due to the lack of a clearly accessible privacy policy. Overall, the website is trustworthy and well-positioned but could improve transparency and contact accessibility.

R

Renault Trucks Srbija

renault-trucks.rs

68

Renault Trucks Srbija operates as a regional branch of the global Renault Trucks brand, providing a comprehensive range of commercial vehicles and transport solutions tailored to various industries such as distribution, construction, and long-distance transport. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support via hreflang tags. The technical infrastructure leverages Drupal CMS, integrates multiple analytics and marketing tools including Google Tag Manager, Matomo, and HubSpot, and employs a robust cookie consent mechanism via OneTrust, indicating awareness of privacy regulations. Security posture is solid with HTTPS enforced and no visible critical vulnerabilities, though improvements could be made by enabling DNSSEC and publishing explicit security policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

Renault Trucks

renault-trucks.lt

68

Renault Trucks Lithuania operates as a regional branch of the global Renault Trucks brand, offering a range of transport solutions including electric and diesel trucks. The website serves as a comprehensive portal for product information, sector-specific solutions, and customer engagement in Lithuania. The company positions itself as a key player in the transportation industry with a focus on innovation and sustainability through electric vehicle offerings. Technically, the website is built on Drupal CMS and integrates modern analytics and marketing tools such as Matomo, Google Tag Manager, and HubSpot, reflecting a mature digital infrastructure. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data limits domain trust verification, but the consistent branding and official social media presence support business credibility. Overall, the website is professional, user-friendly, and compliant with basic privacy standards, suitable for its target audience of transport industry professionals and customers in Lithuania.

IG Rottaler Ernte is a small regional non-profit organization focused on promoting high-quality regional food products and cultural heritage in the Rottal area of Switzerland. The organization primarily operates through the annual Rottaler Erntefest event and ongoing projects to support local producers and regional specialties. The website content is primarily informational, targeting local consumers and enthusiasts of regional foods. Technically, the website is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS, showing moderate performance and basic mobile optimization. Security posture is minimal with no detected security headers or privacy policies, indicating room for improvement in compliance and protection. Overall, the website is trustworthy but lacks advanced security and privacy features.

T

tchncs

tchncs.de

59

tchncs.de is a small, individual-operated platform based in Germany that provides a curated collection of open-source software services. The website hosts and links to various federated social media instances, collaboration tools, chat platforms, blogging, development, and gaming services. It operates on a donation-funded, ad-free model, targeting users interested in privacy-respecting and decentralized technology solutions. The platform emphasizes community and open-source values, positioning itself as a niche provider in the federated software ecosystem. Technically, the website uses standard web technologies including jQuery and SVG graphics, with hosting inferred to be through INWX based on nameservers. The site is moderately optimized for performance and mobile devices, with a clear and consistent branding approach. SEO and accessibility are basic but functional. Analytics are implemented via a privacy-friendly service (Plausible Analytics), indicating a focus on minimal user tracking. From a security perspective, the site uses HTTPS (assumed from URL scheme and modern practices), but lacks explicit security headers and published security policies. No incident response or vulnerability disclosure information is available, which could be improved to enhance trust and compliance. The WHOIS data is consistent with the website's claims, showing legitimate registration without privacy protection, appropriate for an individual operator. Overall, tchncs.de presents a trustworthy and well-maintained platform for open-source and federated services, with room for improvement in security policies and privacy compliance mechanisms. Strategic recommendations include implementing security headers, publishing incident response contacts, and adding cookie consent to align with GDPR best practices.

N

Norske arkitekters landsforbund

arkitektforbundet.no

71

Norske arkitekters landsforbund (NAL) is a well-established Norwegian non-profit professional association for architects, founded in 2001. The organization focuses on promoting good architecture and representing architects' common interests in Norway. Their services include membership benefits, professional courses, architecture competitions, publications, and political advocacy. The website reflects a mature digital presence with clear navigation, relevant content, and active engagement with its target audience of architecture professionals and students in Norway. Technically, the site uses modern JavaScript libraries, a consent management platform (Usercentrics), Google Analytics, and Google reCAPTCHA to secure forms and comply with privacy regulations. The CMS is Umbraco, indicating a professional content management approach. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security policies and headers could be improved. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

X

XLENT Norge

xlent.no

74

XLENT Norge is a Norwegian IT consulting company specializing in technology leadership, solution architecture, system development, CRM, and digital strategy. It operates as part of the XLENT Consulting Group with a combined workforce of 550 employees across Norway and Sweden. The company targets Norwegian IT sector clients and professionals seeking career opportunities in IT consulting. Their website reflects a professional and consistent brand image with clear service offerings and a focus on digital transformation and cybersecurity. Technically, the website employs modern JavaScript technologies, Matomo analytics, and cookie consent mechanisms, hosted likely behind Cloudflare infrastructure. Security posture is strong with HTTPS and cookie consent but lacks explicit security headers and published security policies. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the website is trustworthy, well-designed, and serves as a credible digital presence for the company.

S

Spoon

spoonagency.no

63

Spoon is a Norwegian creative and strategic communications agency established in 1998, offering a broad range of services including strategy, concept development, design, content marketing, video production, and employer branding. The company positions itself as an expert in authentic, creative, and insight-driven communication, targeting businesses and organizations seeking to enhance their brand presence and engagement. The website reflects a mature digital presence with professional design, structured data, and integration of marketing and analytics tools such as HubSpot and Google Tag Manager. Technically, the site is built on WordPress with modern JavaScript libraries and demonstrates good mobile optimization and SEO practices. Security posture is strong with HTTPS enabled and use of nonce attributes in scripts, though some security headers are not explicitly detected. Privacy compliance is partial, with a cookie policy and consent mechanism present but lacking a dedicated privacy policy or terms of service pages. Contact information is primarily via a contact form, with no explicit emails or phone numbers found. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

T

Tyréns Sverige AB

tyrens.se

10

Tyréns Sverige AB is a leading Swedish consultancy specializing in societal building, urban planning, infrastructure, and sustainability solutions. The company offers a broad range of engineering and architectural services targeting public and private sector clients focused on sustainable development. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content showcasing projects and expertise. Technically, the site uses modern technologies including Umbraco CMS, Google Tag Manager, and Cookiebot for consent management, indicating a good level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and explicit policies could be improved. The absence of WHOIS data for the exact domain suggests subdomain usage or registration under a parent domain, but the overall legitimacy is supported by consistent business information and linked subsidiary domains. Overall, the site is trustworthy, professional, and well-structured, supporting Tyréns' market position as a major player in Sweden's infrastructure and urban development sector.

A

ArchDaily

archdaily.com

71

ArchDaily is a globally recognized architecture media platform headquartered in Santiago, Chile, providing architecture news, project showcases, and competitions for professionals and enthusiasts worldwide. The website demonstrates a mature digital presence with modern web technologies, including JavaScript frameworks, Google Analytics, and consent management tools, ensuring a responsive and user-friendly experience across devices. Security posture is strong with HTTPS enforcement, security headers, and anti-bot measures like reCAPTCHA, although explicit security policies and incident response details are not publicly disclosed. Overall, ArchDaily presents a professional, trustworthy platform with comprehensive content and good privacy compliance, though improvements in transparency around security and data protection could enhance trust further.

L

Lund Humphries

lundhumphries.com

10

Lund Humphries is a specialized publisher and retailer of illustrated books focusing on art, architecture, and design, targeting professionals and specialists. The company has a long-standing history dating back to 1939 and maintains a professional online presence through a Shopify-based e-commerce platform. The website is well-designed, mobile-optimized, and includes comprehensive privacy and cookie policies compliant with GDPR standards. Technically, the site leverages modern web technologies and integrates analytics and marketing tools such as Google Tag Manager and Mailchimp. Security practices are robust, with HTTPS enforced, security headers present, and CAPTCHA protection on forms. However, the absence of WHOIS domain registration data raises some concerns about domain legitimacy, although the website content and branding strongly suggest a legitimate business. Contact information is primarily via web forms, with no explicit company emails or phone numbers found in the HTML.

T

The Twentieth Century Society

c20society.org.uk

55

The Twentieth Century Society is a UK-based non-profit organization dedicated to campaigning for the preservation and appreciation of outstanding 20th-century buildings. The website serves as a comprehensive platform offering news, resources, membership services, and event information, positioning the society as a reputable and established entity within the heritage conservation sector. The site demonstrates a consistent brand identity and strong partnerships with notable architectural firms and grant funders, reinforcing its credibility and influence. Technically, the website is built on WordPress and employs a modern technology stack including Google reCAPTCHA, Google Maps API, and social media integrations. The site is moderately performant with good mobile optimization and basic accessibility features. Analytics and tracking are implemented responsibly with Jetpack, Google Analytics, and Hotjar, balanced with privacy compliance measures. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, with no visible vulnerabilities or exposed sensitive data. However, some security headers could be improved to enhance protection. Privacy and cookie policies are present and GDPR compliant, supporting a strong privacy posture. Overall, the website is professional, trustworthy, and well-maintained, with a high legitimacy score based on domain age and registration data. There are no critical security or compliance issues detected, making it a low-risk digital presence for the organization.

P

Petr&Co

petrand.co

49

Petr&Co is a small creative or digital agency website primarily showcasing video content embedded from Vimeo. The site has a minimalistic design with limited textual content and navigation linking to 'work' and 'more' pages. The business description and detailed services are not explicitly provided, making it difficult to ascertain the full scope of their offerings or market position. The target audience appears to be clients or professionals interested in creative digital work. Technically, the site uses modern JavaScript frameworks such as Turbolinks and integrates Google Analytics for tracking. The embedded Vimeo player indicates a focus on multimedia content delivery. Security posture is weak due to the absence of security headers, privacy policies, and contact information. No explicit compliance or incident response policies are present. Overall, the site is functional and visually appealing but lacks critical security and compliance features, which could impact trust and regulatory adherence.

G

Gleeds

gleeds.com

76

Gleeds is a global property and construction consultancy with a long-standing history dating back to 1875. The company offers a broad range of consultancy services focused on the built environment, targeting clients in the real estate and construction sectors. The website reflects a professional brand image with consistent messaging and a clear focus on their industry expertise. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party tools such as Google Tag Manager and Cookiebot for analytics and privacy compliance. Accessibility features are supported via the UserWay widget, enhancing usability for users with disabilities. Security posture is generally good with HTTPS enforced and anti-forgery cookies in use; however, explicit security headers are not clearly detected and no public security or incident response policies are found. The domain WHOIS data is missing or protected, which reduces trustworthiness from a registration transparency perspective. Cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the website is professional and secure but would benefit from improved transparency in domain registration and explicit privacy and security policy disclosures.

The website planaconsultants.com is currently inaccessible due to a robot challenge screen that implements a client-side proof-of-work captcha mechanism. This indicates the presence of a Web Application Firewall (WAF) or similar security protection that blocks direct access to the site's content. As a result, no business descriptive content, contact information, or policy documents are available for analysis. The domain is registered with GoDaddy.com, LLC since 2015 with a long expiry date, suggesting a legitimate registration history. However, the lack of accessible content and absence of privacy or cookie policies limit the ability to assess the company's market position or services. Technically, the site uses modern JavaScript features and CDN hosting but lacks DNSSEC and visible security headers. The security posture shows some best practices in blocking automated access but lacks transparency in policies and contact channels.

A

Arbonia AG

smart-doors.de

58

Arbonia AG is a Swiss-based company specializing in smart door solutions for residential buildings, offering keyless access systems branded as SmartDOOR. The company collaborates with KIWI.KI GmbH for sensor technology integration and distributes products through established system partners in Germany and Switzerland. Their business model combines manufacturing, distribution, and digital access management services via the KIWI Portal, targeting residents, landlords, and service providers. The website is professionally designed, multilingual, and provides comprehensive product information and contact options. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and cookie consent management tools. It demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and published security policies are absent. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for corporate domains. Overall, the website reflects a mature digital presence with strong business credibility and moderate security maturity. There are opportunities to enhance security transparency and incident response readiness. The site is safe for general audiences and free from adult or questionable content.

D

Das Gebäudeprogramm

ilprogrammaedifici.ch

69

Das Gebäudeprogramm is an official Swiss government-backed initiative aimed at promoting energy efficiency and renewable energy investments in buildings. The website provides comprehensive information about funding opportunities, supported measures, and procedural guidance for applicants. It targets homeowners, builders, and renovators across Switzerland, offering multilingual support in German, French, and Italian. The program is a key pillar of Swiss energy and climate policy, supported by federal and cantonal authorities. Technically, the website employs modern web standards, uses Matomo for privacy-conscious analytics, and is well-optimized for mobile and accessibility. Security posture is strong with HTTPS and security headers, though it lacks explicit incident response or vulnerability disclosure pages. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and serves as a reliable resource for energy efficiency funding in Switzerland.

D

Das Gebäudeprogramm

leprogrammebatiments.ch

69

Das Gebäudeprogramm is an official Swiss government initiative supporting energy-efficient building and renovation projects. The website provides comprehensive information on funding opportunities, energy-saving measures, and application procedures targeted at homeowners and builders in Switzerland. It is well-positioned as a key pillar in Swiss energy and climate policy, backed by federal and cantonal authorities. The digital infrastructure is modern and secure, employing HTTPS and security headers, with Matomo analytics for user tracking. The site offers a professional user experience with clear navigation and multilingual support. Security posture is strong, though improvements could be made in cookie consent and incident response transparency. Overall, the website is trustworthy, compliant with GDPR, and serves its public service mission effectively.

DHL is a globally recognized leader in logistics and international shipping services, offering a wide range of courier, transport, and supply chain solutions. The Finnish localized website reflects this global positioning with professional content tailored to business and individual customers in Finland. The site leverages Adobe Experience Manager as its CMS and integrates Adobe Analytics for user tracking, complemented by a OneTrust cookie consent mechanism to address privacy compliance. While the website is well-structured, mobile-optimized, and professionally branded, explicit privacy and terms of service documents were not found in the provided content, which is a compliance gap. The WHOIS data for the domain www.dhl.com is unavailable or restricted, limiting the ability to verify domain registration details, but the website's content and branding strongly indicate legitimacy. Security posture is moderate with HTTPS implied but no explicit security headers detected. Overall, the site is professional and trustworthy but could improve transparency and security practices.

H

Holidu GmbH

holidu.com

69

Holidu GmbH operates a sophisticated online vacation rental search engine and booking platform, specializing in verified vacation homes, villas, cabins, and condos primarily across Europe. The website presents a professional, user-friendly interface with extensive listings and features tailored for families, pet owners, and travelers seeking specific amenities. Technically, the site leverages modern JavaScript frameworks, including React, and integrates multiple analytics and marketing tools such as Google Analytics and Tag Manager, ensuring robust data collection and user engagement tracking. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not publicly disclosed. The absence of WHOIS registration details slightly impacts trust but is mitigated by the website's professional presentation and comprehensive privacy and cookie policies. Overall, Holidu demonstrates a mature digital infrastructure and a secure, privacy-conscious approach suitable for its hospitality industry role.

H

Holidu GmbH

holidu.de

67

Holidu GmbH operates a leading online platform specializing in vacation rentals across Europe, offering a wide selection of verified holiday homes, apartments, and villas. The company targets vacationers seeking family-friendly, pet-friendly, and amenity-rich accommodations, positioning itself as a trusted marketplace with a strong brand presence and high customer satisfaction as evidenced by integrated Trustpilot reviews. Technically, the website employs modern web technologies including React, Tailwind CSS, and integrates multiple analytics and marketing tools, hosted on AWS infrastructure ensuring scalability and performance. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility, suitable for its market segment.

M

MPskin

mpskin.com

64

MPskin is a specialized technology company offering an overlay solution to enhance Matterport virtual tours with advanced features such as augmented reality, multilingual support, and virtual staging. The company targets real estate professionals and digital marketers seeking to create engaging digital twins and immersive virtual experiences. Their market position is niche but well-defined, supported by a professional website and ISO 27001 certified hosting infrastructure. Technically, the website leverages modern JavaScript frameworks like Vue.js and Nuxt.js, integrates multiple analytics and marketing tools, and demonstrates strong performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and certified hosting, though the absence of public WHOIS data and incident response contacts suggests areas for improvement. Overall, MPskin presents a trustworthy and professional digital presence with minor gaps in transparency and vulnerability disclosure.

S

Supermedium

supermedium.com

56

Supermedium is a small technology company specializing in 3D content creation tools leveraging generative AI workflows, primarily targeting creators and developers in the VR and immersive content space. The website demonstrates a modern technical infrastructure using A-Frame and Three.js for WebVR experiences, indicating a focus on cutting-edge web technologies. While the site is professionally designed with good user experience and mobile optimization, it lacks critical compliance elements such as privacy and cookie policies, and contact information, which impacts trust and regulatory adherence. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers, suggesting room for improvement in domain and web security configurations. Overall, the business appears legitimate with consistent domain registration data and a clear niche market focus.

C

Coopfond

coopfond.it

68

Coopfond is a well-established mutualistic fund associated with Legacoop, focused on promoting cooperation and supporting the creation and sustainable development of cooperatives in Italy. The website reflects a mature organization with a clear mission, targeting cooperative entities and stakeholders. The technical infrastructure is based on WordPress with modern plugins and privacy-respecting analytics tools, indicating a good level of digital maturity. Security posture is strong with HTTPS, security headers, and GDPR-compliant consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website presents a professional and trustworthy digital presence aligned with its business objectives.

I

incert

incert.at

52

incert is a medium-sized Austrian company specializing in eCommerce and marketing technology solutions tailored for the tourism industry. Their offerings include voucher systems, gift card systems, ticketing, online shops, marketing automation, and loyalty programs. The website is professionally designed using TYPO3 CMS, with good mobile optimization and clear navigation. The technical infrastructure integrates modern analytics and marketing tools such as Microsoft Clarity and Google Tag Manager. Security posture is solid with HTTPS and standard best practices, though some security headers could be improved. Privacy compliance is basic, lacking explicit privacy and cookie policies. Overall, the site reflects a credible and established business with strong customer trust signals but could enhance transparency and compliance documentation.

S

Studierendenwerk Gießen A.d.ö.R.

stwgi.de

50

Studierendenwerk Gießen is a regional non-profit organization providing comprehensive student services including affordable housing, food services, financial aid counseling, and social support for approximately 48,000 students across multiple universities in Germany. The website is professionally designed, well-structured, and offers rich content tailored to its target audience of students. It integrates modern web technologies and provides good mobile and accessibility support. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. Security posture is solid with HTTPS and no exposed sensitive data, though some improvements in security headers and incident response disclosures are recommended. Overall, the website reflects a trustworthy and credible educational service provider with strong digital maturity.

S

Sportbuzzer

sportbuzzer.de

63

Sportbuzzer is a German-language media portal focused on fitness, nutrition, health, and sport topics. It serves a broad audience including beginners and experienced athletes, providing articles, tips, and podcasts. The site is part of the RedaktionsNetzwerk Deutschland partnership, indicating a reputable media affiliation. Technically, the site uses modern web technologies including React, Google Tag Manager, and a consent management platform to comply with cookie regulations. The site is well-structured, mobile-optimized, and uses HTTPS with good security practices. However, explicit privacy and terms of service pages are not found in the provided content, and direct contact information such as emails or phone numbers is missing, which could impact user trust and compliance. Overall, the site presents a professional and trustworthy media presence in the German fitness and health niche.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

loveline.de

66

Loveline.de is a German government-backed youth portal providing comprehensive educational content on love, friendship, health, appearance, sex, and contraception. It targets teenagers and offers interactive videos, anonymous question submission, and consultation center search services. The website is professionally designed, mobile-optimized, and highly accessible, reflecting a mature digital presence. Technically, it is built on TYPO3 CMS with Matomo analytics hosted locally in Germany, ensuring privacy compliance and data protection. Security posture is solid with HTTPS and anonymized analytics, though explicit security headers and incident response policies are absent. WHOIS data is minimal but consistent with the website's government affiliation. Overall, the site is trustworthy, safe for general audiences, and compliant with GDPR requirements.

C

Cmsbox GmbH

cmsbox.ch

57

Cmsbox GmbH is a Swiss-based technology company specializing in a proprietary content management system designed to simplify website editing and enable rapid custom web design implementation. The company targets businesses and web professionals seeking efficient CMS solutions with a focus on ease of use and responsive design. Their market position is niche, emphasizing Swiss software quality and personalized service. Technically, the website employs modern web standards, integrates Google Analytics, Tag Manager, and reCAPTCHA for security and analytics, and uses their own Cmsbox CMS platform. The site is mobile-optimized and presents a professional user experience. Security posture is solid with HTTPS and anti-bot measures, though lacking explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is trustworthy and professional, with clear contact information and social media presence. Recommendations include enhancing privacy compliance and security transparency to improve trust and compliance.

H

Holidu GmbH

tomas-travel.com

67

Holidu GmbH operates Holidu Smart Destination, a comprehensive platform offering destination management solutions combining advanced technology and personalized services. The company targets tourism destinations and hosts, providing booking systems, guest management, and marketing tools. Their market position is strong in the German hospitality sector, supported by subsidiaries like Bookiply, T-Smart, and Lohospo. Technically, the website employs modern JavaScript frameworks, cloud hosting on AWS, and integrates analytics and marketing tools effectively. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though some enhancements like security.txt and explicit incident response policies could improve maturity. Overall, the site is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence suitable for its business domain.

C

Call-Up Communication & Design

call-up.ch

50

Call-Up Communication & Design is a Swiss-based web design agency specializing in affordable and professional web solutions for small and medium-sized enterprises (KMU) across Switzerland. With over 20 years of experience and more than 650 customer projects completed, the company offers a comprehensive range of services including web design, CMS implementation (notably Contao), e-commerce solutions, hosting, SEO, and online marketing. Their market position is that of a trusted local agency with a strong portfolio and client references. Technically, the website is built on modern web standards with a CMS backend, uses common JavaScript libraries, and is mobile optimized with good SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers and explicit policies are missing. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional, trustworthy, and well-aligned with the business claims. Recommendations include enhancing privacy compliance with cookie consent, publishing a security policy, and adding incident response contacts to improve trust and compliance.

The website www.bg-salenstein.ch is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. Due to this, no substantive business content, contact information, or policies are visible. The site appears to be protected by Cloudflare's WAF, which limits the ability to analyze its technical infrastructure or security posture in detail. The lack of visible content and metadata prevents assessment of the company's market position, services, or compliance status. The domain uses privacy protection in WHOIS, which is common for small or private entities but reduces transparency. Overall, the site is currently not analyzable beyond the WAF challenge, resulting in a low AI score and limited insights.

S

Schule Salenstein im Grund

schule-salenstein.ch

58

Schule Salenstein im Grund is a local primary education institution based in Salenstein, Switzerland. The website serves as an informational portal for students, parents, staff, and the local community, providing school news, event calendars, contact information, and administrative resources. The site is built on the i-web CMS platform and uses Matomo analytics with a user consent mechanism, reflecting a moderate level of digital maturity. The content is well-structured, primarily in German, and targets a general audience interested in local education services. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with responsive design for mobile devices. While the site uses HTTPS and secure login forms, it lacks visible advanced security headers and explicit security policies. The performance is moderate, and accessibility features are present, contributing to a good user experience. From a security perspective, the site demonstrates basic best practices such as HTTPS enforcement and no exposed sensitive data. However, it lacks publicly available incident response or vulnerability disclosure policies. Privacy compliance is addressed through a privacy and cookie policy with consent mechanisms, aligning with GDPR requirements. The domain registration data is consistent with the website's claims, indicating legitimacy and trustworthiness. Overall, Schule Salenstein im Grund's website is a professional, secure, and compliant educational portal with room for improvement in security policy transparency and technical security headers. The risk level is low, with recommendations focusing on enhancing security posture and policy disclosures.

S

Stolz WEB GmbH

stolzweb.ch

47

Stolz WEB GmbH is a Swiss-based small technology company specializing in custom web development, online shops, and web applications. Founded in 2012, the company offers tailored software solutions including their proprietary CMS 'Simpli', targeting designers, agencies, and businesses seeking bespoke digital solutions. The website reflects a professional and consistent brand image with clear service descriptions and customer testimonials, positioning Stolz WEB as a reliable niche player in the Swiss web development market. Technically, the site employs modern web technologies such as HTML5, CSS, JavaScript, PHP, and Bootstrap, with a moderate performance profile and good mobile optimization. Analytics are implemented using Google Analytics with IP anonymization and Matomo, indicating some privacy awareness. Security posture is adequate with HTTPS enabled but lacks standard security headers and explicit security policies. Contact information is comprehensive and clearly presented, though privacy and terms policies are missing. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

B

Basler Kantonalbank

baslerkantonalbank.ch

76

Basler Kantonalbank is a well-established regional Swiss bank providing a broad range of financial services to private customers. The website targets private clients with offerings including accounts, cards, investment advisory, mortgages, and pension planning. The bank maintains a professional online presence with consistent branding and a clear navigation structure. Technically, the website uses modern web technologies and implements cookie consent via OneTrust, ensuring compliance with basic privacy standards. Security posture is strong with HTTPS enforced and good SSL configuration, although explicit security headers and incident response information are not publicly available. Overall, the website reflects a mature digital infrastructure suitable for a large financial institution, with room for improvement in transparency around privacy policies and security disclosures.

P

PTV Logistics

ptvlogistics.com

73

PTV Logistics operates as a global leader in providing advanced software solutions for route planning, optimization, real-time transport visibility, and delivery management. Their SaaS offerings target logistics and transport managers aiming to improve efficiency, reduce costs, and support sustainable road logistics. The company emphasizes a self-learning SaaS suite backed by over 40 years of expertise, positioning itself strongly in the transportation software market. Technically, the website is built on Drupal 10 with modern frontend technologies including Tailwind CSS and JavaScript frameworks. It integrates Google Tag Manager and reCAPTCHA for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is robust with HTTPS enforced, cookie consent mechanisms, and bot protection via reCAPTCHA. However, the absence of explicit incident response contacts, vulnerability disclosure, and terms of service pages indicates areas for improvement. The lack of WHOIS data limits domain trust verification, though the professional website presence suggests legitimacy. Overall, the website presents a secure, professional, and privacy-compliant front for PTV Logistics, with recommendations to enhance transparency and domain trustworthiness.

A

AS 24

as24.com

63

AS 24 is a well-established European fuel and mobility services provider targeting professional transport companies, especially heavy goods vehicles. The company operates a large network of service stations and offers a range of services including fuel cards, toll payment solutions, fleet management, and electric vehicle charging. The website is professionally designed using Drupal 10, with good content quality and multilingual support. Privacy compliance is well addressed through a comprehensive cookie consent mechanism. However, the lack of publicly available WHOIS data and absence of explicit security policies or incident response contacts slightly reduce trustworthiness. Overall, the site demonstrates a mature digital presence aligned with its business sector.

I

Robot Challenge Screen

iatfglobaloversight.org

39

The website iatfglobaloversight.org currently serves a robot challenge screen that blocks direct access to its content. This challenge uses a JavaScript-based proof-of-work CAPTCHA mechanism, likely implemented as a Web Application Firewall (WAF) or security measure to prevent automated access. Due to this, no substantive business or contact information is accessible on the page. The domain is registered since 2007 with a reputable registrar and shows no privacy protection, indicating legitimacy. However, the lack of accessible content limits the ability to assess the company's business model, services, or compliance policies. Technically, the site uses advanced JavaScript for the CAPTCHA and is hosted on SiteGround with Cloudfront CDN for assets. Security posture is moderate given the presence of a WAF challenge but lacks standard security headers and DNSSEC. Privacy compliance and business credibility cannot be confirmed due to lack of visible policies or contact data.

C

CLEPA

clepa.eu

55

CLEPA is a prominent European association representing automotive suppliers, advocating for sustainability, innovation, and competitiveness within the European automotive supply chain. The organization targets industry stakeholders and policymakers, positioning itself as a key player in the transportation and manufacturing sectors. The website reflects a professional and consistent brand image, with clear business information and active social media presence. Technically, the website is built on WordPress and leverages modern web technologies including JavaScript libraries, Google Tag Manager, and Ajax Search Pro for enhanced user experience. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate, with a well-structured front-end and use of CDN resources. From a security perspective, the site enforces HTTPS, includes essential security headers, and shows no signs of exposed sensitive data or vulnerabilities. However, it lacks a public security policy or vulnerability disclosure mechanism, which could enhance transparency and trust. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, CLEPA's website presents a low-risk profile with strong business credibility and a solid security posture. Strategic improvements in security transparency and accessibility could further strengthen its digital maturity and stakeholder trust.

P

PRÜM-Türenwerk GmbH

pruem-digital.de

57

PRÜM-Türenwerk GmbH operates a comprehensive digital platform focused on door manufacturing and related digital services. The website offers a wide range of digital tools, brochures, videos, and live demos tailored for dealers, architects, craftsmen, and end customers, reflecting a strong commitment to digital transformation within the manufacturing sector. The company is positioned as an established medium-sized manufacturer in Germany with a clear focus on integrating digital marketing and product information management into its business model. Technically, the website employs modern web technologies including HTML5, JavaScript, and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and a consent management platform (Usercentrics). The site is mobile-optimized and provides a rich user experience with clear navigation and professional design. Security-wise, the site uses HTTPS with secure cookie flags and consent management but lacks explicit security headers and a public security policy or incident response information. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy and clear data protection officer contact details. Overall, the website demonstrates a mature digital presence with good security posture and privacy compliance, supporting the company's business credibility and trustworthiness.

P

PRÜM Premiumkante

premiumkante-pruem.de

55

PRÜM Premiumkante is a German manufacturer specializing in premium doors featuring innovative edge technology called Nullfugentechnik, designed for high durability and aesthetic appeal. The website showcases detailed product benefits, use cases across various sectors such as residential, healthcare, hospitality, and commercial buildings, and provides project references to demonstrate real-world applications. The company targets architects, builders, and facility managers seeking robust and stylish door solutions. The business positions itself as a premium brand with a focus on quality and innovation. Technically, the website is built on WordPress with modern plugins like Yoast SEO and Borlabs Cookie, ensuring good SEO and privacy compliance. The site is mobile-optimized, accessible, and performs moderately well. Hosting appears to be managed via your-server.de, with no WAF or blocking detected. Structured data and Open Graph tags are properly implemented, enhancing search engine visibility. From a security perspective, the site enforces HTTPS, uses standard security headers, and implements cookie consent mechanisms. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for enhanced trust and compliance. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-structured, with minor gaps in explicit security and compliance documentation. Strategic improvements in these areas would further strengthen the company's digital trustworthiness and customer confidence.

E

Servicedomain - rapidmail

emailsys1b.net

54

The website at www.rapidmail.de/servicedomain/emailsys1b.net appears to be a service domain page related to rapidmail, a company likely operating in Germany. The page content is accessible without any WAF or security challenge blocking access. The site uses standard web technologies such as HTML5, CSS3, and JavaScript, with moderate mobile optimization and basic SEO features. However, the content is minimal and lacks critical compliance elements such as privacy policies, cookie consent mechanisms, and terms of service. No explicit contact information or security policies are present, which limits the ability to fully assess the business credibility and security posture. WHOIS data indicates professional DNS management with dnsmadeeasy.com name servers, consistent with legitimate business operations. Overall, the site demonstrates a basic level of technical implementation but requires significant improvements in privacy, security, and business transparency to enhance trust and compliance.

FlectraHQ operates as an open-source ERP and CRM software provider, offering a comprehensive suite of business management tools including sales, marketing, accounting, inventory, and human resources modules. The company targets businesses seeking customizable and integrated ERP/CRM solutions, positioning itself as a niche player in the open-source software market since its domain registration in 2016. The website content is well-structured, detailing extensive features and industry applications, reflecting a mature product offering. Technically, the website is built on the Flectra CMS/framework, utilizing modern web technologies such as Bootstrap and FontAwesome, with Cloudflare DNS services and Tawk.to live chat integration. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with deferred loading of JavaScript assets. From a security perspective, the site uses HTTPS and includes CSRF tokens, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No privacy or cookie policies were found, indicating gaps in privacy compliance. No incident response or vulnerability disclosure information is published, which could impact trust and security readiness. Overall, the website is professional and content-rich, with moderate security posture and privacy compliance. Strategic improvements in security headers, privacy policies, and incident response transparency would enhance trust and compliance.

W

Worldpay LLC

worldpay.com

72

Worldpay LLC is a leading global payment processor providing comprehensive payment technology and services to businesses of all sizes, including SMBs, enterprises, software platforms, and marketplaces. The company operates in 174 countries and processes over $2.3 trillion annually, positioning itself as a major player in the finance and technology sectors. Their website reflects a mature digital presence with extensive product offerings, customer success stories, and insights that demonstrate market leadership and customer focus. Technically, the site leverages modern frameworks such as Next.js and React, hosted on Akamai infrastructure, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS enforcement, domain registration locks, and a vulnerability disclosure program, although enabling DNSSEC and publishing explicit security policies could further enhance security. Privacy compliance is well addressed with comprehensive privacy and cookie policies and GDPR indicators. Overall, the website is professional, trustworthy, and well-aligned with the company's business stature.

S

SPOTHEROZ

spotheroz.ch

56

SPOTHEROZ is a Swiss-based creative studio specializing in the intersection of planning, design, and technology. The company positions itself as a niche player offering art direction, design, and technology integration services primarily targeting creative professionals and businesses seeking innovative digital solutions. The website reflects a modern and visually appealing design, leveraging Webflow CMS and advanced 3D graphics via Spline, indicating a moderate level of digital maturity and technical sophistication. However, the site lacks comprehensive privacy and cookie policies, direct contact information such as emails or phone numbers, and explicit security policies, which are critical for compliance and trust. The security posture is minimal with no detected security headers or incident response contacts, representing an area for improvement. Overall, the website is professional and credible but would benefit from enhanced security and privacy compliance measures to reduce risk and improve user trust.

SPOT Agency is a well-established creative digital agency based in St. Moritz, Switzerland, with a history dating back to 1990. The company specializes in developing strong brands, digital products, and e-commerce solutions primarily targeting the tourism, sport, and lifestyle sectors. Their market position is solid within their niche, supported by a professional website that reflects their expertise and creative capabilities. The agency leverages modern web technologies such as Next.js and React, ensuring a performant and mobile-optimized user experience. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, reflecting adherence to GDPR standards. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website and business present a trustworthy and professional image suitable for their target audience.

S

Systemantics

systemantics.net

49

Systemantics is a specialized web development company focusing on CMS implementation and website creation primarily for clients in the arts, culture, architecture, education, museums, and theater sectors. Their extensive portfolio demonstrates a strong market position within these niche industries, collaborating with various designers and agencies to deliver tailored digital solutions. The company operates primarily in Germany and targets organizations seeking professional and accessible web presence. Technically, the website employs modern JavaScript frameworks and CMS platforms such as Hylex and Wordpress, with Matomo analytics for user tracking. The site is well-designed, mobile-optimized, and accessible, reflecting a mature digital infrastructure. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. WHOIS data is unavailable or protected, which slightly impacts trust but is mitigated by the professional site content and clear contact information. Overall, Systemantics presents a credible and professional business with room to enhance privacy compliance and security transparency.

The website viceversaartbooks.com is currently a parked domain with no active business content or services. It displays a simple landing page indicating the domain may be for sale, with no privacy policies, contact information, or business descriptions. The technical infrastructure is minimal, relying on basic JavaScript and external advertising scripts. There is no evidence of a CMS or modern web frameworks. Security posture is weak, with no HTTPS enforcement or security headers detected, and the WHOIS data contains a suspicious future creation date, reducing trustworthiness. Overall, the site lacks professionalism and business credibility, representing a low-risk but low-value digital asset.