Security Directory

Swissquote Bank Europe is a leading online investment and banking service provider based in Luxembourg, targeting private investors, professionals, and institutional clients. The company offers a comprehensive suite of financial services including online trading, wealth management, life insurance, and banking products such as debit and credit cards. The website reflects a strong market position as a European leader in online investing, supported by personalized services and global market access. Technically, the website is built on modern frameworks like Next.js and React, optimized for performance and mobile use, and employs robust security measures including HTTPS and security headers. The security posture is strong with ISO 27001 certification and clear incident response channels, although WHOIS data is incomplete, which slightly impacts trust metrics. Overall, the site demonstrates high professionalism, compliance with GDPR, and a user-friendly experience, making it a trustworthy platform for financial services.

B

B Lab Global

bcorporation.net

38

B Lab Global is a nonprofit organization dedicated to transforming the global economy by promoting sustainable business practices through B Corp Certification. The organization operates a global network with regional partners across multiple continents, providing standards, certification, and tools to businesses committed to social and environmental responsibility. Their website is professionally designed, mobile-optimized, and rich in content, targeting businesses and stakeholders interested in sustainability and corporate responsibility. Technically, the website leverages modern web technologies including React and Next.js, with Contentful as the CMS. It demonstrates good performance, SEO, and accessibility practices. Security posture is strong with HTTPS enforced and privacy mechanisms like cookie consent and privacy policies in place, though some security headers could be improved and a vulnerability disclosure policy is absent. Overall, the site presents a trustworthy and credible image consistent with a large nonprofit entity. The absence of WHOIS data is likely due to privacy protection and does not detract significantly from legitimacy given the extensive partner network and professional presentation. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and providing incident response contacts to further strengthen trust and compliance.

H

Hotjar Ltd.

hotjar.com

68

Hotjar Ltd. is a leading SaaS provider specializing in website heatmaps, behavior analytics, session recordings, surveys, and user feedback tools. Recently integrated into Contentsquare, Hotjar offers a powerful experience intelligence platform that serves over 1.3 million websites globally. The company targets businesses and digital teams aiming to optimize user experience and conversion rates through data-driven insights. Their business model is subscription-based with free and paid tiers, supported by strong branding and customer testimonials. Technically, Hotjar employs a modern web stack including React and Next.js, with Contentful as their CMS. They integrate analytics tools such as Heap Analytics and Google Tag Manager, ensuring fast performance and excellent mobile optimization. The website is well-structured, SEO-optimized, and accessible, reflecting a mature digital presence. From a security perspective, Hotjar enforces HTTPS, implements key security headers, and maintains secure data collection practices. While no critical vulnerabilities were detected, the absence of explicit incident response and vulnerability disclosure policies suggests room for improvement. Privacy compliance is robust, with comprehensive privacy and cookie policies aligned with GDPR and CCPA standards. Overall, Hotjar demonstrates a high level of professionalism, security, and compliance, making it a trustworthy platform for digital experience analytics. Strategic recommendations include publishing explicit security policies, enhancing transparency on data retention, and maintaining rigorous third-party script audits to sustain their strong security posture.

S

SECUTIX

secutix.com

79

SECUTIX is a well-established global leader in digital ticketing technology, offering a comprehensive SaaS platform that serves a wide range of event types including sports, festivals, and cultural institutions. The company emphasizes secure, mobile-first ticketing solutions, access control, and business intelligence to maximize revenue and enhance fan engagement. Their market position is reinforced by numerous partnerships with major sports federations and venues, as well as industry awards. Technically, the website is built on modern frameworks such as React and Next.js, with strong SEO, mobile optimization, and performance. Security posture is robust with HTTPS, security headers, bot protection partnerships, and consent management, although explicit security and incident response policies are not publicly detailed. WHOIS data is not publicly available, likely due to privacy protection, which slightly impacts trust but is common for businesses of this nature. Overall, SECUTIX presents a professional, secure, and compliant digital presence aligned with its business objectives.

Turkish Airlines operates a comprehensive and professionally designed website focused on airline passenger services including flight booking, check-in, flight status, and ancillary travel services such as hotel booking and car rental. The site targets a broad general audience and reflects the brand of a major international airline with a strong market position in the transportation sector. The technical infrastructure leverages modern web technologies including React and Next.js, supported by Akamai CDN for performance and global reach. The website is mobile optimized and provides a good user experience with clear navigation and interactive features. Security posture is strong with HTTPS enforced and modern TLS usage, though explicit security headers and privacy compliance documentation are lacking. The absence of WHOIS data limits domain registration trust analysis, but the website content and branding strongly indicate legitimacy. Overall, the site is well-built and professional but would benefit from enhanced privacy and security transparency.

B

Basketball Champions League Powered by Ameresco SUNEL

championsleague.basketball

68

The Basketball Champions League Powered by Ameresco SUNEL website serves as the official digital platform for the Basketball Champions League, affiliated with FIBA. It provides comprehensive sports-related content including live statistics, game schedules, standings, news, video highlights, team rosters, and player profiles, targeting basketball fans and sports media audiences. The site demonstrates a strong market position as an official source for basketball league information. Technically, the website is built on modern web technologies such as React and Next.js, leveraging cloud-based image hosting and advanced advertising and analytics tools. It is optimized for performance, mobile responsiveness, and accessibility, ensuring a high-quality user experience. The presence of consent management and reCAPTCHA indicates attention to privacy and security. From a security perspective, the site employs HTTPS with strong SSL configuration and multiple security headers, reflecting good security hygiene. However, there is a lack of publicly available security policies or incident response information, which could be improved to enhance trust and compliance. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong content quality and technical implementation. Strategic recommendations include publishing explicit security and incident response policies, enhancing contact information availability, and maintaining regular audits of third-party scripts to sustain security and compliance.

J

Jooce Digital Agency

jooce.ch

60

Jooce Digital Agency is a small, local digital agency based in Geneva, Switzerland, specializing in web development, IT assistance, and digital solutions tailored for local businesses. The company positions itself as a trusted local partner emphasizing Swiss quality and personalized service. Their website is professionally designed using modern technologies such as React and Next.js, hosted on Vercel, and optimized for performance and mobile devices. Structured data is well implemented to enhance SEO and local business visibility. However, the website lacks critical compliance and security documentation such as privacy policies, cookie consent mechanisms, and incident response information. No contact emails or phone numbers are explicitly provided, which may impact user trust and business credibility. Overall, the site is secure with HTTPS and no visible vulnerabilities, but improvements in privacy compliance and transparency are recommended.

E

ELCA Security

elcasecurity.ch

85

ELCA Security is a Swiss-based cybersecurity company specializing in securing IT infrastructure, identities, and business operations for both businesses and government entities. The company positions itself as a robust security solutions provider with a focus on anticipating, protecting, detecting, and defending against cyber threats. Their website reflects a professional and modern digital presence, leveraging advanced web technologies such as Next.js and React, and integrating reputable third-party services like Stripe for payments and Matomo for privacy-focused analytics. The site is well-optimized for mobile devices and includes comprehensive cookie consent management via Cookiebot, demonstrating a commitment to privacy compliance.

F

FIBA

fiba.basketball

71

FIBA is the global governing body for basketball, providing official news, event schedules, rankings, and media content through its website. The site serves basketball fans, athletes, and media professionals worldwide, positioning itself as the authoritative source for basketball-related information. Technically, the website employs modern frameworks such as Next.js and React, integrates Google Tag Manager and reCAPTCHA for analytics and security, and uses Cloudinary for media delivery. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS enforcement, security headers, and consent management, though explicit security policies and incident response contacts are not publicly visible. Overall, the website is professional, trustworthy, and safe for general audiences.

A

ALEKS & SHANTU GmbH

aleksundshantu.com

53

ALEKS & SHANTU GmbH is a Berlin-based full-stack digital agency specializing in web development, design, animation, film production, and digital marketing services. With over 30 employees and a portfolio of more than 1000 projects, the company serves clients across diverse sectors including art, culture, industry, medicine, TV, and technology. The agency emphasizes high aesthetic standards, scalability, and technical precision, positioning itself as a trusted partner for digital-first movers and brands seeking impactful online presence. Technically, the website leverages modern frameworks such as Next.js and React, incorporates advanced multimedia elements like Lottie animations and video content, and demonstrates strong SEO and accessibility practices. The site is mobile-optimized and performs well, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, includes key security headers, and maintains secure contact forms with clear privacy policies. However, the absence of a published security policy and incident response contacts suggests room for improvement in formal security governance. No vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and well-structured digital presence. The main risk factor is the lack of WHOIS domain registration data, which raises questions about domain legitimacy and registration transparency. This should be investigated further to ensure full trustworthiness.

Hexagon AB is a global leader in measurement technologies, providing advanced solutions that enhance productivity, quality, safety, and sustainability across vital industries such as construction, manufacturing, mining, and transportation. The company leverages cutting-edge technologies including robotics, AI, digital twins, and spatial intelligence to deliver innovative products and services tailored for enterprise clients. Hexagon's market position is strong, supported by numerous customer success stories and a consistent brand presence. Technically, the website is built on modern frameworks like Next.js and React, with content managed via Sitecore Content Hub. The site demonstrates excellent performance, mobile optimization, and SEO practices. Security is robust with HTTPS enforced and multiple security headers implemented, alongside a cookie consent mechanism indicating privacy awareness. However, explicit privacy policies, terms of service, and security incident response information are not visibly published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. WHOIS data confirms the legitimacy of the domain and company information, aligning with the website's claims. The absence of direct contact emails or phone numbers and lack of published security policies represent areas for improvement. Overall, Hexagon's website reflects a mature, enterprise-grade digital presence with strong business credibility and technical implementation. Strategic enhancements in privacy and security transparency would further strengthen trust and compliance.

E

ELCA Informatique SA

elca.ch

80

ELCA Informatique SA is a leading independent Swiss IT company specializing in business and technology solutions, including IT consulting, software development, and systems integration. With over 2300 employees and a turnover of CHF 339 million in 2024, ELCA holds a strong market position in Switzerland and Europe, serving diverse sectors such as energy, transportation, finance, and public administration. The company emphasizes tailored digital transformation solutions and maintains a broad portfolio of subsidiaries and partner companies. Technically, ELCA employs modern web technologies including Next.js and React, integrates advanced analytics tools like Matomo and Hotjar, and uses robust consent management via Cookiebot. The website is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security headers, and secure form handling, although a dedicated security policy and incident response contact channels are not explicitly published. Overall, ELCA demonstrates a professional, trustworthy online presence aligned with its business stature.

A

Adcubum AG

adcubum.com

68

Adcubum AG is a leading Swiss software company specializing in core insurance systems for the health and accident insurance sectors. Recently acquired by the Helsana Group, Adcubum continues to operate independently, providing modular, cloud-capable software solutions such as Syrius ad.Cloud. The company targets insurance providers in Switzerland, emphasizing digital transformation and operational efficiency. The website reflects a mature digital presence with modern technologies including React and Next.js, hosted on Vercel, and integrates comprehensive cookie consent and privacy compliance mechanisms. Security posture is strong with HTTPS, security headers, and CSRF protections in place. However, WHOIS data is unavailable, which slightly impacts transparency but does not detract from the overall legitimacy given the business context and parent company ownership. The site is well optimized for performance, mobile use, and SEO, with clear branding and professional content. No critical security vulnerabilities or compliance gaps were detected in the analyzed content.

M

Mimacom AG

mimacom.com

77

Mimacom AG is a Swiss-based software engineering and consulting company specializing in digital transformation services including cloud, data, automation, and AI. The company targets enterprise clients across multiple industries such as banking, insurance, manufacturing, retail, and life sciences. Mimacom positions itself as a trusted partner with a comprehensive portfolio of services and a strong customer base. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not prominently published. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for companies of this nature. Overall, Mimacom demonstrates a mature digital presence with professional branding and compliance practices.

T

TheFork

thefork.at

68

TheFork is a prominent online restaurant reservation platform operating primarily in Austria and across Europe, offering consumers the ability to book tables at top restaurants with discounts and a loyalty points program. As a subsidiary of TripAdvisor, it holds a strong market position in the hospitality sector. The website demonstrates a modern technical infrastructure leveraging React and Next.js frameworks, with integrations for bot protection (DataDome), payment processing (Stripe), and cookie consent management (Evidon). Security posture is robust with HTTPS enforcement and appropriate security headers, although explicit privacy and terms of service pages are not publicly linked, which is a compliance gap. Overall, the site is professionally designed, mobile-optimized, and trustworthy, with active social media presence and clear branding.

W

Wackenhut

wackenhut.de

57

Wackenhut is a German company established in 1948, specializing in innovative mobility and transportation services. The website titled 'World of WACKENHUT' presents a professional and consistent brand image, targeting a general audience interested in mobility solutions. The site features client logos such as Mercedes and AMG, indicating a reputable market position within the transportation sector. Technically, the website is built using modern technologies including React and Next.js, with good mobile optimization and moderate performance. However, some technical aspects such as security headers are missing, and no CMS or hosting provider details are evident from the content. Security-wise, the site uses HTTPS but lacks important security headers and published security policies, which could be improved to enhance trust and compliance. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which is a significant gap given GDPR requirements. Overall, the website is safe, professional, and functional but would benefit from enhanced privacy and security practices to improve its risk profile and user trust.

C

Camping Tamaro Resort

campingtamaro.ch

66

Camping Tamaro Resort is a well-established hospitality business located in Tenero, Switzerland, offering camping pitches, bungalows, and various services including a restaurant and wellness activities. The website is professionally designed using modern technologies such as Next.js and DatoCMS, providing a good user experience with mobile optimization and clear navigation. Security posture is strong with HTTPS and security headers properly configured, though privacy compliance could be improved by adding explicit privacy and terms of service pages. The business maintains an active social media presence and integrates booking services via a partner domain. Overall, the site is trustworthy and suitable for its target audience.

V

Victorinox

victorinox.com

72

Victorinox is a well-established Swiss brand known globally for its Original Swiss Army Knife and a broad range of quality products including cutlery, watches, travel gear, and fragrances. The website reflects a mature e-commerce platform with a strong brand presence and comprehensive product offerings targeting general consumers seeking premium Swiss quality. Technically, the site leverages modern web technologies such as React and Next.js, hosted on SAP cloud infrastructure, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS, security headers, and monitoring scripts in place, although the absence of public WHOIS data slightly impacts trust assessment. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and user-friendly, supporting Victorinox's market position as a premium retail brand.

B

blue Cinema

bluecinema.ch

64

blue Cinema is a regional cinema chain operating in Switzerland, offering movie screenings, events, and ticket booking services. The website targets general moviegoers and provides up-to-date movie listings and showtimes. The business model focuses on entertainment and leisure through cinema experiences, with additional offerings such as games and special events. The company maintains a consistent brand presence and a professional online interface.

S

Swiper

swiperjs.com

59

Swiper is a leading technology company specializing in a modern mobile touch slider library widely adopted by millions of developers and top global brands. The company offers a modular, high-performance slider solution compatible with popular frameworks such as React, Vue, and Svelte. Their business model includes an open-source core product complemented by premium offerings like Swiper Studio and UI Initiative, targeting developers and businesses seeking efficient UI components. Technically, the website demonstrates a mature infrastructure with modern JavaScript frameworks, fast performance, and mobile optimization. Hosting is managed via Cloudflare, ensuring reliable delivery. Security posture is solid with HTTPS and domain transfer protections, though lacks advanced security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and well-positioned in the technology market.

I

Issuu Inc.

issuu.com

76

Issuu Inc. operates a mature and well-established digital publishing platform that transforms PDFs and other document types into interactive flipbooks and various shareable content formats. The company targets individual creators, marketers, publishers, and enterprises, offering a comprehensive suite of tools for content creation, publishing, sharing, and analytics. Their market position is strong, supported by integrations with major platforms like Canva, HubSpot, and Adobe, and a clear business model that includes freemium and paid subscription plans with commission-free digital sales. Technically, Issuu leverages modern web technologies including React and Next.js, hosted on AWS infrastructure, with performance and mobile optimization rated as excellent. The website employs robust tracking and consent management tools such as Google Tag Manager and Cookiebot, ensuring compliance with privacy regulations. Security posture is solid with HTTPS enforcement, domain locking, and bot protection via reCAPTCHA, though DNSSEC is not enabled, representing a minor area for improvement. From a security perspective, the platform demonstrates good practices but lacks publicly available dedicated security policies or incident response contacts. No vulnerabilities or suspicious activities were detected. The domain registration data aligns well with the business claims, reinforcing legitimacy and trustworthiness. Overall, Issuu presents a professional, secure, and privacy-conscious digital publishing service with a high level of technical maturity and business credibility. Strategic recommendations include enabling DNSSEC, publishing explicit security and vulnerability disclosure policies, and enhancing incident response transparency to further strengthen trust and compliance.

E

EWM SA

ewm.swiss

52

EWM SA is a Swiss-based digital agency specializing in branding, web design, web development, and digital marketing services. Founded in 2020, the company serves a diverse clientele including world-leading brands, SMEs, and NGOs, with offices in Geneva, Zurich, Paris, London, and Nice. Their service offering is comprehensive, leveraging modern technologies such as Symfony, Laravel, Next.JS, and Concrete5, positioning them as a competitive player in the European digital agency market. The website reflects a professional and polished brand image with a strong portfolio and client references.

C

Copybara

copybara.com

59

Copybara is a technology company specializing in AI-powered continuous copy testing and optimization for marketers and growth teams. Their SaaS platform automates the process of A/B testing for ads and landing pages, enabling rapid experimentation and learning without requiring engineering resources. The company positions itself as a niche player focused on accelerating copy testing at scale to improve marketing performance. Technically, the website is built using modern frameworks such as Next.js and React, hosted on AWS infrastructure. The site demonstrates good performance, mobile optimization, and SEO practices. However, some security enhancements such as enabling DNSSEC and implementing security headers could improve the overall posture. The site uses third-party marketing and tracking scripts including Google Tag Manager and Leadsy.ai. From a security perspective, the site enforces HTTPS and has domain transfer protections in place, but lacks explicit security policies, incident response contacts, and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is basic, with a privacy policy present but no clear GDPR compliance statements or cookie consent. Overall, the website is professional and trustworthy with moderate risk. Strategic improvements in privacy compliance, DNS security, and security policy transparency are recommended to enhance trust and security maturity.

Berufsbildung.ch is the official Swiss portal dedicated to vocational education, providing comprehensive information and practical tools for various stakeholders including vocational trainers, apprentices, and educational institutions. Supported by the Swiss cantons and federal authorities, it holds a strong market position as a trusted resource in the education sector. The website offers key services such as downloadable documents, quality assessment tools, and guidance for vocational trainers, enhancing the vocational training ecosystem in Switzerland. Technically, the site leverages modern web technologies including React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and no visible vulnerabilities, though some security headers could be explicitly documented. Privacy compliance is good with a clear privacy policy, though cookie consent mechanisms could be improved. Overall, the site demonstrates high professionalism, trustworthiness, and alignment with its official educational mission.

S

Swiss Red Cross

redcross.ch

67

The Swiss Red Cross is a well-established non-profit humanitarian organization dedicated to improving the lives of disadvantaged and vulnerable people in Switzerland and globally. The website reflects its mission with clear messaging, multilingual support, and strong calls to action for donations and volunteering. The organization holds recognized certifications such as ZEWO, reinforcing its credibility and trustworthiness. Technically, the website is built on modern frameworks like Next.js and React, with integration of analytics and consent management tools such as Google Tag Manager and Usercentrics. The site demonstrates excellent performance, mobile optimization, and accessibility features, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and manages cookie consent effectively. However, it lacks a dedicated security policy or incident response page and does not provide a vulnerability disclosure program, which are areas for improvement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic enhancements in security transparency and incident response readiness would further strengthen its security posture.

Z

Zentrum Paul Klee

zpk.org

62

Zentrum Paul Klee is a prominent cultural institution located in Bern, Switzerland, dedicated to the works of Paul Klee and contemporary art. It offers a wide range of services including exhibitions, concerts, readings, guided tours, and educational programs, positioning itself as a leading art and cultural center. The website reflects a mature digital presence with a modern tech stack based on React and Next.js, integrated with Drupal as a headless CMS, and includes e-commerce capabilities for ticket sales. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for performance and accessibility.

K

Kunstmuseum Bern

kunstmuseumbern.ch

63

Kunstmuseum Bern is a prominent Swiss art museum with a strong international reputation, offering a diverse collection of classical modernism and contemporary art. The institution provides a variety of services including exhibitions, guided tours, workshops, and provenance research, targeting art lovers, families, and researchers. The website reflects a mature digital infrastructure built on modern technologies such as React, Next.js, and Drupal as a headless CMS, ensuring fast performance and excellent mobile optimization. Security posture is robust with HTTPS, security headers, and secure forms, although explicit security policy and incident response information are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and user-friendly, supporting the museum's mission and community engagement.

F

FOCUS

focusplus.de

60

FOCUS+ is a well-established German digital media platform offering subscription-based access to premium news and magazine content covering politics, finance, society, and science. The website demonstrates a mature digital infrastructure leveraging modern technologies such as React, Next.js, GraphQL, and Cloudflare services, ensuring fast performance and excellent mobile optimization. Privacy and cookie policies are comprehensive and GDPR compliant, supported by consent management mechanisms. Security posture is strong with HTTPS enforcement and security best practices, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Takeda Pharmaceutical Company Limited

takeda.com

69

Takeda Pharmaceutical Company Limited is a globally recognized biopharmaceutical enterprise focused on patient-centric research and development. The company operates at a large scale within the healthcare industry, providing pharmaceutical products, conducting clinical trials, and emphasizing corporate responsibility and sustainability. Their website reflects a professional and comprehensive digital presence, targeting healthcare professionals, patients, investors, and partners worldwide. The business model centers on innovation and global pharmaceutical manufacturing and supply. Technically, the website leverages modern frameworks such as Next.js and React, hosted on Vercel, ensuring fast performance and excellent mobile optimization. The use of analytics tools like Matomo and Google Tag Manager indicates a mature approach to user data collection and marketing insights. The site is well-structured with good SEO and accessibility features, supporting a positive user experience. From a security perspective, the site enforces HTTPS, employs multiple security headers, and integrates a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a dedicated security policy or vulnerability disclosure page suggests room for improvement in transparency and incident response readiness. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The main limitation is the lack of WHOIS data, which is unusual but does not detract significantly from the trustworthiness given the company's global reputation and professional web presence. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to enhance trust and compliance.

P

Poinz AG

poinz.ch

71

Poinz AG operates a leading cashback platform in Switzerland, providing consumers with effortless cashback rewards for online and in-store purchases. The company partners with over 400 trusted brands and boasts a large user base exceeding 200,000 active users. Their services include online cashback, digital vouchers, deals, digital stamp cards, and branded credit cards, positioning them as a market leader in the Swiss cashback ecosystem. Technically, the website is built on modern frameworks such as Next.js and React, with extensive use of analytics and marketing pixels to optimize user engagement and conversion. Security posture is strong with HTTPS, security headers, and anti-bot measures like Google reCAPTCHA Enterprise, although explicit security policies and incident response contacts are not published. Overall, the website is professional, well-optimized for mobile, and compliant with GDPR, reflecting a mature digital presence.

K

KV Basel AG

kvbasel.schule

58

KV Basel AG is an established vocational education institution based in Basel, Switzerland, with a history spanning over 150 years. The organization focuses on commercial professions, vocational baccalaureate programs, and additional courses aimed at strengthening the skills of kaufmännische Berufe (commercial professionals). The website reflects a professional educational service provider targeting students and professionals seeking vocational training in the Basel region. The business model centers on providing structured vocational education and related services, positioning KV Basel as a key player in the local education sector. Technically, the website is built using modern web technologies including React and Next.js, with integration of Google Tag Manager for analytics. The site demonstrates good mobile optimization, clear navigation, and a professional design. However, some accessibility features could be improved, and no CMS or hosting provider details are explicitly identified. Performance is moderate, with proper meta tags and SEO considerations in place. From a security perspective, the site uses HTTPS, ensuring encrypted communication. However, no explicit security headers were detected in the provided HTML content, and there is no visible privacy or cookie policy, which are important for compliance with data protection regulations such as GDPR. No forms or input fields were found on the homepage, reducing immediate risk of input-based vulnerabilities. The absence of a security.txt file or vulnerability disclosure policy suggests room for improvement in incident response readiness. Overall, KV Basel AG's website is trustworthy and professional, with a strong business credibility score. The lack of WHOIS data limits domain registration insights, but the website content and contact information support legitimacy. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and enhancing accessibility and compliance features to strengthen the security posture and user trust.

C

Cryptomus

cryptomus.com

68

Cryptomus is a cryptocurrency exchange and payment platform offering a variety of services including a payment gateway, wallet, staking for rewards, P2P exchange, and a cryptocurrency converter supporting multiple currencies. The platform targets cryptocurrency traders and users seeking low fees and a comprehensive crypto service ecosystem. Their market position is supported by trust signals such as Certik certification and positive Trustpilot reviews, indicating a reputable presence in the crypto finance sector. Technically, the website is built on modern frameworks such as Next.js and React, with mobile optimization and integration of Google Tag Manager and reCAPTCHA for analytics and security. However, some areas such as explicit privacy and cookie policies are missing, which impacts privacy compliance scores. Security posture is generally good with HTTPS and some best practices but lacks explicit security headers and incident response disclosures. Overall, the website is professional and trustworthy but could improve transparency and compliance documentation.

E

Exwm - Home

exwm.cc

43

Exwm.cc appears to be a small business or startup website launched in 2020, hosted behind Cloudflare and built using modern web technologies such as Next.js and Material-UI. The website content is minimal, primarily serving as a home page with limited descriptive text. The integration of the Binotel chat widget indicates a focus on customer interaction via live chat. However, the site lacks critical compliance and trust elements such as privacy policies, cookie consent mechanisms, and clear contact information. The domain registration is privacy protected, which is common for small businesses but reduces transparency. Security posture is basic with HTTPS enabled but missing important security headers and DNSSEC. Overall, the site demonstrates moderate technical maturity but requires improvements in compliance, transparency, and security best practices.

V

Volusion, LLC

volusion.com

62

Volusion, LLC is an established ecommerce platform founded in 2003, offering a comprehensive online store builder and selling platform targeting small to medium businesses. The company provides a range of services including site building, payment processing, marketing support, and integrations with major payment and shipping providers. Their market position is solid with a focus on customizable ecommerce solutions and business growth facilitation. Technically, the website leverages modern frameworks such as React and Next.js, hosted and protected via Cloudflare, ensuring fast performance and mobile optimization. The site includes extensive integrations and tracking tools to support marketing and analytics needs. Security posture is strong with HTTPS enforcement, domain transfer protections, and cookie consent mechanisms, though DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with privacy regulations including GDPR. Strategic recommendations include enabling DNSSEC, publishing security policies, and adding vulnerability disclosure mechanisms to enhance trust and security transparency.

SolarWinds is a leading enterprise software company specializing in hybrid IT observability, database performance monitoring, incident response, and IT service management solutions. Their platform is designed to provide simple, powerful, and secure IT management software that accelerates digital transformation for hybrid IT environments. The company targets IT professionals and enterprise IT teams, positioning itself as a trusted provider with a comprehensive portfolio of products and services. The website reflects a mature digital presence with excellent content quality, clear navigation, and multi-language support. Technically, SolarWinds employs modern web technologies including React and Next.js, supported by robust CDN services like Akamai, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and adherence to recognized frameworks such as NIST and ISO 27001. Privacy compliance is well addressed with comprehensive policies and cookie consent mechanisms. Despite the absence of WHOIS data, the website's professionalism and trust indicators support its legitimacy. Overall, SolarWinds demonstrates a high level of digital maturity and security readiness, suitable for its enterprise clientele.

S

Sizera - Increase conversions and reduce returns

sizera.com

55

Sizera is a technology-driven company offering AI-powered clothing size and fit solutions targeted at fashion retailers. Their platform aims to increase online conversions, reduce product returns, and optimize production processes by leveraging data and artificial intelligence. The website presents a professional and modern interface built with Next.js and React, indicating a contemporary technical infrastructure. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and registration status. Security posture is weak due to missing HTTPS verification, lack of security headers, and absence of privacy and cookie policies. Overall, while the business concept is clear and relevant to the retail sector, the technical and security maturity requires significant improvement to build trust and ensure compliance.

G

Grasshopper

grasshopper.com

71

Grasshopper is a well-established virtual phone system provider targeting entrepreneurs and small businesses, offering services such as toll-free, vanity, and local business numbers with features like call forwarding, mobile and desktop apps, and 24/7 support. The company is positioned as a trusted solution with over 150,000 small business customers and operates under the parent company GoTo. Technically, the website is built on modern frameworks including Next.js and React, hosted on AWS infrastructure, and managed via Sitecore CMS, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and domain registration locks, though DNSSEC is not enabled and no explicit security policy or incident response page is found. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity.

P

Placeit

placeit.net

69

Placeit is a well-established online platform founded in 2013 that offers a suite of design tools including mockup generators, logo makers, video creators, and design templates. Positioned as a medium-sized business within the e-commerce sector, it serves designers, marketers, entrepreneurs, and content creators with subscription and pay-per-use models. The platform is integrated with the Envato ecosystem, enhancing its market presence and credibility. Technically, Placeit employs modern web technologies such as Next.js and React, hosted on AWS with Cloudflare DNS, ensuring fast performance and excellent mobile optimization. Security-wise, the site enforces HTTPS, uses security headers, and employs Cookiebot for cookie consent, though it lacks visible privacy and terms of service pages. The domain registration is consistent and legitimate, registered through MarkMonitor since 2013, aligning with the company's history. Overall, Placeit demonstrates a strong digital maturity and security posture with minor gaps in privacy compliance and contact transparency.

S

Schweizerische Bundesbahnen SBB

sbb.ch

77

The website www.sbb.ch serves as the official online portal for the Swiss Federal Railways (SBB), providing comprehensive travel information, ticketing services, and customer support for public transportation in Switzerland. It holds a strong market position as the national railway operator, offering services to a broad audience including daily commuters, tourists, and business travelers. The site is well-branded, multilingual, and professionally maintained, reflecting the enterprise scale and public sector nature of the organization. Technically, the site leverages modern web technologies including React and Next.js frameworks, supported by performance and monitoring tools such as New Relic and Adobe Launch. The infrastructure is optimized for fast loading, mobile responsiveness, and accessibility, ensuring a high-quality user experience. SEO and metadata are well implemented, enhancing discoverability and usability. From a security perspective, the website enforces HTTPS, employs multiple security headers, and integrates cookie consent mechanisms compliant with GDPR. While no explicit security policy or incident response information is published, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. The domain registration is consistent with the official entity, reinforcing trust and legitimacy. Overall, the website demonstrates a high level of professionalism, security, and compliance, suitable for a critical national transportation service. Strategic recommendations include publishing dedicated security and incident response policies and enhancing transparency around vulnerability disclosures to further strengthen trust and security culture.

S

Satispay

satispay.com

67

Satispay is a leading Italian digital payment platform offering a mobile app for everyday payments, peer-to-peer money transfers, business payment solutions, and digital welfare products such as meal vouchers. The company targets individuals, merchants, and companies, boasting over 5.5 million users and 400,000 merchants, positioning itself strongly in the Italian finance and technology sectors. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site uses modern frameworks like Next.js and React, integrates Google Tag Manager and Trustpilot for analytics and reviews, and is hosted on a performant infrastructure with good SEO and accessibility features. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit security policies and incident response information are not publicly detailed. WHOIS data is unavailable, which slightly impacts trust but does not outweigh the professional business presence. Overall, the site is trustworthy, compliant with GDPR, and provides multiple contact and support channels.

A

Aifory Pro

aifory.pro

67

Aifory Pro operates as a cryptocurrency exchange service primarily targeting users in Moscow and other Russian cities, offering cash-based crypto buying and selling with an emphasis on anonymity and security. The business also provides wallet creation services and international transfers, supported by mobile applications on iOS and Android platforms. The website is professionally designed, localized primarily in Russian, and includes customer testimonials and social media engagement to build trust. Technically, the site uses modern frameworks such as Next.js and React, with proper HTTPS and security headers implemented, indicating a mature digital infrastructure. However, some privacy compliance aspects like cookie consent are missing, and no explicit incident response or vulnerability disclosure information is provided. Overall, the security posture is solid with room for improvement in transparency and privacy mechanisms. The domain WHOIS data is privacy protected, which is common in the crypto sector, but no suspicious patterns were detected. Strategic recommendations include enhancing privacy compliance, adding security policy disclosures, and improving accessibility features to further strengthen trust and compliance.

S

Slideshare

slideshare.net

75

Slideshare is a well-established content sharing platform specializing in professional presentations and infographics. It serves a global audience of professionals, educators, and content creators, offering a large repository of user-generated content. Owned by Scribd, Slideshare holds a strong market position as one of the largest professional content sharing communities worldwide. The business model revolves around content hosting, discovery, and freemium subscription services. Technically, the website leverages modern web technologies including React and Next.js, with integrations such as Google Tag Manager and Osano for consent management. The site demonstrates good performance, mobile optimization, and accessibility standards, reflecting a mature digital infrastructure. From a security perspective, Slideshare enforces HTTPS with strong SSL configurations and security headers. It implements cookie consent mechanisms aligned with GDPR compliance. However, the absence of a publicly available security policy, incident response details, and vulnerability disclosure reduces transparency. The missing WHOIS data is a notable anomaly but does not directly undermine the website's legitimacy given the brand consistency and ownership by Scribd. Overall, Slideshare presents a secure, professional, and user-friendly platform with minor gaps in security transparency and domain registration data. Strategic improvements in publishing security policies and incident response information would enhance trust and compliance posture.

Motion Industries is a well-established industrial distributor specializing in bearings, pneumatics, hydraulics, and mechanical power transmission products. Founded in 1946, it serves a broad industrial audience across North America, providing both MRO and OEM markets with advanced automation and engineering solutions. The company positions itself as a partner rather than a mere supplier, emphasizing customer service and supply chain proficiency. Technically, the website is built on modern frameworks such as Next.js and uses Builder.io as a CMS, with integrations for analytics and marketing tools like Google Tag Manager and Signifyd. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security policies are not publicly disclosed. Privacy compliance is strong with visible cookie consent and privacy policies. The lack of WHOIS data is a concern but does not detract significantly from the overall legitimacy given the professional web presence and business history.

L

LogMeIn

gotoresolve.com

69

LogMeIn Resolve is a comprehensive unified endpoint management software solution designed for modern IT operations, targeting IT professionals and MSPs. The platform integrates remote monitoring, management, support, automation, and AI-powered insights to streamline IT workflows and enhance endpoint security. The website demonstrates a mature digital presence with modern technologies such as Next.js and React, hosted on Sitecore Cloud, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and consent management, although direct incident response contacts are not prominently displayed. The absence of WHOIS data in the raw output is a limitation but does not detract from the overall legitimacy indicated by the website content and branding. Strategic recommendations include enhancing incident response visibility and continuous security audits.

B

BNESIM LIMITED

kasperskyesimstore.com

60

Kaspersky eSIM Store, operated by BNESIM LIMITED, offers global eSIM solutions and data plans targeting travelers, businesses, and remote workers. The platform enables users to select, purchase, and activate eSIMs for over 150 countries, emphasizing convenience and cost savings by eliminating roaming fees. The website is professionally designed with clear navigation and mobile optimization, reflecting a mature digital presence. Technically, the site leverages modern frameworks like Next.js and React, hosted with Cloudflare DNS services, and integrates Google Tag Manager and Analytics for marketing and performance tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though DNSSEC is not enabled and no explicit security policy or incident response information is published. The domain is newly registered in 2025 via RU-CENTER, which is somewhat inconsistent with the established Kaspersky brand, suggesting this is a partner or reseller platform rather than a direct Kaspersky Lab site. Overall, the site is trustworthy and professionally maintained but would benefit from enhanced transparency on security policies and incident response.

I

IT-Jobuniverse

it-jobuniverse.de

60

IT-Jobuniverse is a German-based online job board specializing in IT job listings, targeting IT professionals and employers. It offers a comprehensive platform with over 71,000 IT job openings, job alerts, and employer branding services. The website is part of the Golem media ecosystem, indicating a strong market position in the German IT recruitment sector. The platform is designed with modern web technologies, ensuring a fast, mobile-optimized, and user-friendly experience. Security is well-implemented with HTTPS and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is robust with clear cookie consent and a comprehensive privacy policy. Overall, the site presents a professional and trustworthy platform for IT job seekers and employers.

R

RSS.app

rss.app

57

RSS.app is a technology-focused SaaS platform specializing in generating and embedding RSS feeds from a wide variety of sources including websites and social media platforms. It offers a comprehensive suite of services such as RSS feed generation, embedding widgets, and integration bots for popular messaging platforms like Discord, Telegram, Slack, and Email. The platform is positioned as a leading solution in the RSS feed market, trusted by notable organizations and thousands of users worldwide. Technically, the website is built on modern frameworks including Next.js and Material-UI, leveraging React for a responsive and performant user experience. The site demonstrates good SEO practices, mobile optimization, and accessibility at a basic level. Security is robust with HTTPS enforced, strong security headers, and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit privacy and cookie policies, which impacts GDPR compliance and privacy posture. No direct contact information or security incident response details are provided, which could hinder trust and compliance. Overall, the security posture is strong but could be improved with better privacy and incident response transparency. The overall risk assessment is moderate with no critical vulnerabilities detected. Strategic recommendations include adding comprehensive privacy and cookie policies, publishing security policies and incident response contacts, and enhancing accessibility and contact transparency to improve trust and compliance.

B

Bluesky

blueskyweb.xyz

62

Bluesky is an innovative social media platform focused on creating an open and decentralized social internet. It offers users the ability to find communities, customize their social feeds, and engage with a growing developer ecosystem through public APIs. The platform positions itself as a public benefit corporation emphasizing openness, user control, and interoperability. Technically, the website leverages modern frameworks such as Next.js and React, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies are not evident. Privacy compliance is limited on the about page, lacking visible privacy or cookie policies. Overall, Bluesky presents a professional and trustworthy online presence with room for improvement in privacy transparency and security policy disclosures.

A

AO Kaspersky Lab

kaspersky.co.za

79

Kaspersky is a globally recognized cybersecurity company founded in 1997, offering a wide range of security solutions for home users and businesses. The website presents a professional and comprehensive portfolio of products including antivirus, internet security, VPN, password management, and enterprise-grade cybersecurity services. The company holds a strong market position supported by numerous industry awards and certifications, reflecting its commitment to quality and innovation. Technically, the website is built on modern frameworks such as React and Next.js, with extensive use of analytics and marketing tools, ensuring a fast, responsive, and user-friendly experience. Security posture is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, although improvements could be made in cookie consent transparency and incident response contact visibility. Overall, the site demonstrates high professionalism and trustworthiness, although WHOIS data is unavailable likely due to privacy protection, which is justified given the business type.

A

AO Kaspersky Lab

kaspersky.ma

74

Kaspersky is a globally recognized cybersecurity company founded in 1997, offering a wide range of security solutions for both individual consumers and enterprises. The website targets French-speaking users in Morocco, providing localized content and product offerings. The company maintains a strong market position with numerous awards and certifications, emphasizing its commitment to advanced threat protection and privacy. Technically, the website is built on modern frameworks like React and Next.js, with extensive use of analytics and marketing tools, ensuring a fast, responsive, and accessible user experience. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although some improvements in cookie consent and incident response transparency are recommended. Overall, the site reflects a mature digital presence aligned with industry best practices.