Security Directory

S

Sunscrapers

sunscrapers.com

62

Sunscrapers is a Warsaw-based technology company specializing in custom software development, data engineering, and cloud services. Established in 2009, the company positions itself as an elite development shop targeting forward-thinking businesses seeking advanced software solutions. Their key services include fullstack web development, data engineering, MVP development, agile project management, DevOps, and machine learning/AI. The website reflects a professional and modern digital presence built on Nuxt.js and Tailwind CSS, optimized for mobile and desktop users. Tracking and advertising integrations with Google, Twitter, and LinkedIn indicate a moderate level of user analytics and marketing sophistication. Security posture is good with HTTPS and domain protections, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. Overall, Sunscrapers demonstrates a credible and professional online presence consistent with its business claims.

J

Jasněna Vláhová Design (JVD)

lacerta-watch.com

51

Jasněna Vláhová Design (JVD) operates an e-commerce retail website specializing in watches and jewelry, primarily targeting Czech-speaking consumers. The brand Lacerta, founded in 1993, is featured prominently, indicating a niche market focus on design and fashion accessories. The website demonstrates a moderate level of digital maturity with modern JavaScript frameworks and integration of popular analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. Hosting and domain registration are consistent with the Czech Republic location, supporting business legitimacy. From a security perspective, the website enforces HTTPS and employs Cloudflare Turnstile captcha for bot mitigation, but lacks visible security headers and a published security policy or incident response contacts. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy or terms of service found on the analyzed page. The absence of direct contact information on this page limits immediate customer support visibility. Overall, the website is professionally designed with good user experience and navigation clarity, suitable for its retail business model. The security posture is adequate but could be improved by implementing additional security headers and publishing comprehensive privacy and security policies. The domain's long age and consistent registration details contribute positively to trustworthiness. Strategic recommendations include enhancing privacy and security disclosures, improving accessibility features, and increasing transparency of contact information to strengthen customer trust and compliance posture.

S

Sbírka Bílá pastelka

bilapastelka.cz

57

The website bilapastelka.cz represents a well-established charitable campaign focused on supporting people with visual impairments in the Czech Republic. It operates as a non-profit initiative, encouraging donations and volunteer participation to fund training programs, guide dog services, and employment opportunities for the visually impaired. The site is professionally designed, with clear navigation and integration of donation widgets, social media links, and volunteer statistics, reflecting a mature digital presence. Technically, the website is built on the Webnode CMS platform, leveraging modern web technologies including HTTPS, CDN delivery via Amazon Cloudfront, and analytics tools such as Google Analytics and Google Tag Manager. The site demonstrates good mobile optimization and basic accessibility features, although there is room for improvement in security headers and explicit privacy documentation. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism with granular user options, aligning with GDPR requirements. However, the absence of explicit privacy policies, terms of service, and security.txt files indicates gaps in compliance and vulnerability disclosure practices. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a trustworthy and professional front for its charitable mission, but the lack of WHOIS data and formal privacy documentation slightly reduces its trust score. Strategic improvements in security headers, privacy policy publication, and domain registration transparency would enhance its security posture and compliance standing.

V

Verkehrsverbund Rhein-Mosel

vrminfo.de

55

The Verkehrsverbund Rhein-Mosel (VRM) operates as a regional public transportation network in Germany, coordinating 47 transport companies across a large geographic area serving approximately 1.3 million residents. The website provides comprehensive information about public transport lines, ticketing, and network services, targeting regional commuters and travelers. The site is built on the TYPO3 CMS platform, indicating a mature and professional technical infrastructure. Integration with Cookiebot and Google Analytics demonstrates a commitment to privacy compliance and user analytics. Security posture is adequate with HTTPS enforced and cookie consent implemented, though additional security headers and policies could enhance protection. Overall, the website is accessible, well-structured, and trustworthy for its intended audience.

R

Regentalbahn GmbH

zugsammen.de

51

Die Länderbahn GmbH, betrieben unter Regentalbahn GmbH, ist ein führendes privates Eisenbahnverkehrsunternehmen im regionalen Personennahverkehr in Deutschland und Tschechien. Die Website präsentiert umfassende Karriere- und Ausbildungsangebote, unterstützt durch moderne Technologien wie Talention für Recruiting und Matomo sowie Google Tag Manager für Analytics. Die technische Infrastruktur ist modern, mobiloptimiert und nutzt Cloudflare als Hosting- und DNS-Anbieter. Die Sicherheitslage ist solide mit HTTPS und Cookie-Consent-Mechanismen, jedoch fehlen explizite Sicherheitsrichtlinien und Incident-Response-Kontakte. Die Website ist vertrauenswürdig, professionell gestaltet und bietet klare Kontaktinformationen, was die Glaubwürdigkeit stärkt.

E

erixx GmbH

erixx.de

56

erixx GmbH is a regional passenger rail service provider operating in Niedersachsen and northern Germany, focusing on routes through Harz, Heide, and Wendland. The company is positioned as a trusted regional transportation operator with a clear business model centered on passenger rail services. The website provides comprehensive travel information, live schedules, ticketing options, and customer support, targeting regional train passengers. The parent company is Netinera, a known transportation group, which adds to erixx's market credibility. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates a Progressive Web App manifest for enhanced user experience. Hosting and DNS are managed via Cloudflare, ensuring reliable performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with embedded third-party widgets for timetable and route planning. From a security perspective, the website enforces HTTPS and follows several best practices, though explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible in the HTML. No vulnerabilities or exposed sensitive data were detected. However, the absence of a published security policy or incident response contact limits transparency in security governance. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies. The risk profile is low with no signs of malicious activity or content safety concerns. Strategic recommendations include enhancing security header implementation, publishing a security.txt file, and providing explicit incident response contacts to improve security posture and trust.

M

metronom Eisenbahngesellschaft mbH

der-enno.de

52

The website www.der-enno.de represents a regional rail transport service operated by metronom Eisenbahngesellschaft mbH, serving the Hannover region and surrounding areas in Lower Saxony, Germany. It provides comprehensive travel planning tools, live timetable data, customer support, and career opportunities, positioning itself as a key regional transportation provider. The site is well-branded, professionally designed, and targets commuters and regional travelers with localized German content and an English alternative. Technically, the site employs modern web technologies including a Progressive Web App (PWA) framework, service workers, and integrates third-party public transport widgets from fahrplaner.vbn.de. Hosting and DNS are managed via Cloudflare, ensuring robust performance and security. The site is mobile-optimized with good accessibility and SEO practices. From a security perspective, the site enforces HTTPS, uses standard security headers, and avoids exposing sensitive data. However, it lacks a dedicated security policy or incident response contact information, and does not publish a vulnerability disclosure policy. Privacy compliance is strong with clear GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a mature digital presence with strong business credibility and technical implementation. The security posture is good but could be enhanced with additional transparency and security headers. The risk level is low, with no detected vulnerabilities or suspicious content.

H

Hunkemöller

hunkemoller.no

74

Hunkemöller is a leading European retailer specializing in lingerie, swimwear, and nightwear, targeting a mature general audience primarily in Norway and other European countries. The website presents a professional e-commerce platform with consistent branding and a clear focus on fashion retail. The company leverages multiple marketing and analytics technologies such as Google Tag Manager, Yotpo, and Bloomreach to enhance customer engagement and optimize sales. The technical infrastructure is built on Salesforce Commerce Cloud, ensuring a scalable and robust platform. Security measures include HTTPS enforcement, modern security headers, and cookie consent mechanisms compliant with GDPR. However, the absence of publicly available WHOIS data due to privacy protection limits domain registration transparency. Overall, the website demonstrates a mature digital presence with good security posture and privacy compliance, suitable for a large retail business.

H

Hunkemöller

hunkemoller.se

72

Hunkemöller is a well-established European lingerie and swimwear retailer operating a professional e-commerce platform targeting the Swedish market. The website offers a comprehensive product range including bras, panties, swimwear, and nightwear, catering to a general adult audience. The technical infrastructure leverages Salesforce Commerce Cloud (Demandware) and integrates multiple marketing and analytics tools such as Google Tag Manager, Bloomreach Exponea, Yotpo, and Visual Website Optimizer, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and service workers implemented, though explicit security headers are not clearly visible in the HTML content. Privacy compliance is partially addressed with a cookie consent mechanism, but no explicit privacy policy or contact information was found in the provided content. WHOIS data for the exact domain is missing, suggesting it is a subdomain or delegated domain, which slightly reduces trustworthiness. Overall, the site is professional, secure, and well-optimized for e-commerce, but could improve transparency around privacy and contact details.

M

MarchesOnline

marchesonline.com

62

MarchesOnline is a French online platform specializing in providing access to public and private tender notices, including public procurement and adapted procedures (MAPA). It serves as a reference site for businesses and professionals seeking to monitor and respond to over 400,000 market notices across various sectors in France. The website targets companies involved in services, public works, studies, and supplies, positioning itself as a key player in the French government and business procurement ecosystem. Technically, the site is built using modern JavaScript frameworks (Nuxt.js) and integrates monitoring and analytics tools such as New Relic and Google Tag Manager, indicating a moderate level of digital maturity. However, the absence of visible privacy and cookie policies, as well as incomplete WHOIS data, suggests areas for improvement in compliance and transparency. Security posture is moderate with no evident blocking or WAF mechanisms, but lacks explicit security headers and policies. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer business contact information to improve trust and regulatory adherence.

M

Mitegro GmbH & Co. KG

mitegro.de

61

Mitegro GmbH & Co. KG operates as a cooperative alliance of eight medium-sized, owner-managed electrical wholesale companies in Germany and Austria, collectively managing approximately 250 locations. The company primarily serves the industrial sector and electrical installation trades, providing marketing, sales promotion, digitalization, IT concepts, training, centralized billing, and contract negotiations with industry partners to strengthen market position and competitiveness. The website is professionally designed using TYPO3 CMS, featuring modern technologies such as Google Tag Manager and Google Analytics with a compliant cookie consent mechanism. The site is well-structured, mobile-optimized, and provides clear contact information and social media presence. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the digital maturity is moderate to good, supporting the business model effectively.

D

DEHA Elektrohandelsgesellschaft mbH & Co. KG

deha.de

56

DEHA Elektrohandelsgesellschaft mbH & Co. KG is a medium-sized German company operating in the manufacturing and retail sectors of the electrical industry. The company acts as a cooperative partner connecting manufacturers, trade, and craft professionals, providing marketing support, product data management, and key account management services. Their market position is strengthened by a group of five shareholder companies, each with their own domain and presence. The website is professionally designed using TYPO3 CMS and integrates modern web technologies including a consent management platform to ensure GDPR compliance. The site is well-structured, mobile-optimized, and provides clear contact information and social media links, enhancing trust and user experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies could be improved. Overall, the website reflects a credible and professional business with a solid digital presence.

E

EUEW

euew.org

64

The European Union of Electrical Wholesalers (EUEW) is a well-established European trade association founded in 1955, representing 17 national organizations within the electrical wholesaling sector. The organization focuses on advocating for the interests of electrical wholesalers distributing domestic and industrial products across Europe. Their website reflects a professional and consistent brand presence, targeting industry stakeholders and members. Technically, the site is built on the Wix platform using modern web technologies and provides a moderate level of performance and mobile optimization. Security-wise, the site enforces HTTPS and includes some cookie handling scripts but lacks comprehensive security headers and visible privacy or cookie policies, which are areas for improvement. The absence of WHOIS data limits full trust verification, but the overall presentation and structured data support legitimacy.

C

CONCEPTNET GmbH

conceptnet.de

53

CONCEPTNET GmbH is a well-established media agency based in Regensburg, Germany, founded in 1996. The company specializes in creative and technical services including web development, app development, marketing, SEO, corporate design, and digital business solutions. They leverage TYPO3 CMS and operate their own hosting infrastructure, ensuring data security and performance. Their market position is strong regionally with a Silver Membership in the TYPO3 Association and a comprehensive portfolio of services targeting businesses seeking professional media and digital solutions. The website reflects a professional and consistent brand image with clear navigation and detailed service descriptions. Technically, the site uses modern web technologies and analytics tools such as Matomo and Google Analytics, with a good security posture including a strict Content-Security-Policy. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Overall, the site is trustworthy, well-maintained, and suitable for its target audience.

P

Power2Drive Europe

powertodrive.de

50

Power2Drive Europe operates as a prominent international exhibition and conference platform specializing in charging infrastructure and e-mobility. The website provides comprehensive event information, exhibitor resources, and industry news, targeting professionals and stakeholders in the energy and transportation sectors. The business model centers on event organization and industry engagement, positioning itself as a key player in the European e-mobility market. Technically, the website employs modern JavaScript libraries, including FontAwesome Pro and Usercentrics for consent management, alongside Google Tag Manager for analytics. The site demonstrates good mobile optimization and SEO practices, although some technical details such as CMS and hosting specifics remain unclear. Performance is moderate with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and use of captcha mechanisms, but lacks explicit security policies and vulnerability disclosure channels. Privacy compliance is strong, evidenced by a comprehensive privacy policy and active cookie consent management. Business credibility is supported by consistent branding, social media presence, and detailed event content, though direct contact details and company registration information are limited. Overall, the website is professional, trustworthy, and well-suited for its audience, with recommendations to enhance security headers, publish incident response contacts, and improve accessibility for a more robust digital presence.

B

Boecker Stahl-Service GmbH

boecker-stahl-service.de

51

Boecker Stahl-Service GmbH is a medium-sized steel service center based in Germany, specializing in cold-rolled, surface-finished flat steel products such as coils, sheets, and slit strips. The company operates with approximately 25 employees and is part of the larger Niedax Group, a global player in electrical installation products and services. The website reflects a professional and consistent brand presence with detailed business descriptions and news updates, targeting industrial and manufacturing clients. Technically, the site is built on Joomla CMS with Uikit framework, offering good mobile optimization and accessibility. Security posture is solid with HTTPS and CSRF protections, though security headers and cookie consent mechanisms are lacking. Overall, the site is trustworthy and well-positioned in its market niche.

B

benevol Schweiz

dossier-freiwillig-engagiert.ch

49

The website 'Dossier freiwillig engagiert' is a Swiss non-profit digital platform managed by benevol Schweiz that recognizes and documents voluntary and unpaid engagement. It serves volunteers and organizations by providing a national quality label and a digital dossier to showcase volunteer experience and competencies. The platform is positioned as a recognized resource within Switzerland's voluntary sector, supported by reputable partners such as benevol Schweiz and SAJV. The site is professionally designed, multilingual, and provides clear navigation and relevant content tailored to its audience. Technically, the website employs modern JavaScript libraries including jQuery and Numeral.js, integrates Google Tag Manager and Google Analytics for tracking, and uses HTTPS with good SSL configuration. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No CMS or hosting provider details are explicitly detected. The site uses external scripts responsibly and includes a cookie consent mechanism compliant with GDPR. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerability disclosure or security.txt files are present. The WHOIS data aligns well with the website's claims, showing consistent registrant information and domain legitimacy. No WAF or blocking mechanisms interfere with content access. Overall, the website demonstrates a solid security posture and good privacy compliance, with room for improvement in security policy transparency and technical security headers. The business credibility is high due to clear contact information, partner endorsements, and professional presentation. The risk level is low, and the site is suitable for its intended audience without any adult or questionable content.

B

benevol Thurgau

benevol-thurgau.ch

56

benevol Thurgau is a regional non-profit organization specializing in volunteer work facilitation within the canton of Thurgau, Switzerland. The organization focuses on promoting volunteerism, providing advisory services, offering training, and supporting local organizations. Their market position is that of a trusted regional specialist with strong community ties and partnerships. The website reflects a professional and consistent brand image with clear communication of services and contact information. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and a cookie consent management system, ensuring compliance with privacy regulations. The use of Cloudflare Turnstile captcha enhances security against automated abuse. Security posture is solid with HTTPS enforced and no evident vulnerabilities, though some security headers are missing and no explicit security policy is published. Overall, the site is well-structured, accessible, and trustworthy, with moderate tracking consistent with its service nature.

B

benevol St. Gallen

benevol-sg.ch

58

benevol St.Gallen is a well-established non-profit organization serving as the primary contact point for volunteer organizations, associations, and individuals interested in volunteering in the St.Gallen region of Switzerland. The website effectively communicates its mission, services, and community engagement through a professional and well-structured digital presence. It offers a variety of services including consulting, job boards, training, and rental spaces, supported by a network of over 300 partners. The organization maintains a strong market position as a regional leader in volunteer facilitation. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management, alongside Cloudflare's Turnstile captcha for security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and privacy compliance evident through comprehensive cookie consent mechanisms and GDPR-aligned privacy policies. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility, making it a reliable resource for its target audience.

B

benevol Graubünden

benevol-gr.ch

56

benevol Graubünden is a Swiss non-profit organization dedicated to promoting and facilitating volunteer work within the canton of Graubünden. The organization provides advisory services, volunteer placement, and training courses for both volunteers and organizations. It holds a strong regional presence and is supported by various local partners. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in German. Technically, the site uses modern web technologies including Google Tag Manager, Google Analytics, and a cookie consent management system (CookieYes). Security measures include HTTPS enforcement and bot protection via Cloudflare Turnstile captcha. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and a detailed privacy policy. Contact information and social media presence enhance business credibility. No critical security or compliance issues were detected.

B

benevol Kanton Bern

benevol-be.ch

57

benevol Kanton Bern is a well-established non-profit organization focused on facilitating and supporting volunteer engagement within the Kanton Bern region of Switzerland. The organization provides consulting, networking, training, and digital tools to volunteers, organizations, and municipalities. Their market position is strong regionally, supported by a professional website, clear contact information, and active social media presence. The website demonstrates a high level of digital maturity with modern technologies such as Google Analytics, Google Tag Manager, and Cloudflare Turnstile captcha integrated for security and analytics purposes. Privacy compliance is robust, featuring a detailed cookie consent mechanism and a comprehensive privacy policy in German. Security posture is strong with HTTPS enforced and multiple security headers present, although no explicit security policy or incident response contacts are published. Overall, the website is professional, trustworthy, and well-optimized for user experience and accessibility.

B

benevol Baselland

benevol-baselland.ch

57

benevol Baselland is a regional non-profit organization serving as the competence center for volunteer work in the Basel-Landschaft canton of Switzerland. The organization supports volunteers, associations, and municipalities through consulting, mediation, networking, and digital platforms such as benevol-jobs.ch. Their website reflects a professional and consistent brand image, targeting local community stakeholders and volunteers. The business model focuses on fostering voluntary engagement and providing resources and recognition for volunteer efforts. The organization is well-positioned regionally with partnerships and sponsorships from reputable local entities.

B

benevol Aargau

benevol-aargau.ch

52

benevol Aargau is a specialized non-profit organization dedicated to promoting and supporting volunteer work within the canton of Aargau, Switzerland. The organization provides advisory services, networking opportunities, and training for volunteers, non-profit organizations, and municipalities. Their website reflects a strong regional focus with clear communication and professional presentation, supported by a network of reputable partners and supporters. The site also promotes a dedicated volunteer job platform, enhancing engagement opportunities. Technically, the website employs modern web technologies including Laravel Livewire, Google Tag Manager, and Cloudflare's Turnstile CAPTCHA, ensuring a secure and responsive user experience. Security posture is solid with HTTPS enforced and bot protection mechanisms in place, though some security headers could be improved. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity suitable for its non-profit mission.

F

Flexera

flexera.com

67

Flexera is a well-established enterprise specializing in IT management software and solutions, focusing on optimizing hybrid IT spend and risk management including ITAM, SaaS, and FinOps. With over 30 years of experience and a global team, Flexera serves more than 20,000 customers worldwide, positioning itself as a leader in technology spend optimization and IT insights. The company also operates a subsidiary, Revenera, which focuses on software monetization and analytics. The website reflects a mature digital presence built on Drupal 11, integrating advanced analytics and optimization tools such as Google Tag Manager and Visual Website Optimizer. While the site is professionally designed and mobile-optimized, SEO is limited by restrictive meta tags.

F

Forcepoint

forcepoint.com

75

Forcepoint is a leading enterprise cybersecurity company specializing in data security and cloud security solutions. The company serves over 10,000 customers globally, including government agencies and large enterprises, providing advanced protection for data across cloud and network environments. Their market position is strong, supported by recognized certifications such as ISO 27001, SOC 2, and FedRAMP, reflecting a commitment to security and compliance. The website clearly communicates their value proposition and key services, targeting security professionals and enterprise clients. Technically, the website is built on modern frameworks including Next.js and React, hosted on Pantheon with robust performance and mobile optimization. The site integrates advanced analytics and marketing tools such as Visual Website Optimizer and Google Analytics, enabling detailed user behavior tracking and optimization. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms implemented. From a security perspective, Forcepoint demonstrates strong security posture with HTTPS enforcement, security headers, and published security policies. The presence of incident response contacts and vulnerability disclosure programs further enhance trust. No critical vulnerabilities or suspicious content were detected. However, the WHOIS data is unavailable or protected, which slightly reduces transparency but does not detract significantly from overall legitimacy. Overall, Forcepoint's website reflects a mature, professional cybersecurity provider with strong technical and security foundations. Recommendations include maintaining up-to-date third-party libraries, enhancing transparency on data retention, and continuing rigorous security audits to sustain trust and compliance.

NetApp is a leading enterprise data storage and cloud data services provider, offering intelligent data infrastructure solutions embedded within major public cloud platforms. Founded in 1992 and headquartered in San Jose, California, NetApp serves enterprise IT professionals with a broad portfolio including unified data storage, hybrid cloud solutions, and subscription-based storage services. The website reflects a mature digital presence with professional design, comprehensive content, and strong branding consistency. Technically, the site employs modern JavaScript frameworks, advanced search capabilities via Coveo, and robust analytics through Adobe Analytics and mPulse, hosted on Akamai's CDN infrastructure. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and vulnerability disclosure information are not publicly detailed. The WHOIS data for the domain is unavailable, which is unusual but does not detract significantly from the site's trustworthiness given the strong external trust signals and professional presentation. Overall, NetApp's website demonstrates a high level of digital maturity, security awareness, and business credibility appropriate for a global technology enterprise.

The website analyzed is a login page for Helvetia, a Swiss insurance company. The page content is minimal and appears to be blocked or protected by a security mechanism, likely a Web Application Firewall (WAF), as indicated by the hidden body and placeholder text. The site lacks visible privacy, cookie, or terms of service policies, and no contact information or forms are present. The technical infrastructure shows minimal publicly accessible content with a single JavaScript file loaded, and no metadata or structured data is available for deeper analysis. From a security perspective, the absence of visible security headers, privacy policies, and incident response contacts suggests a low transparency posture, although this may be due to the page's nature as an identity provider login portal. The lack of accessible content limits the ability to assess SSL configuration or other security best practices. No vulnerabilities or exposed sensitive data were detected, but the inability to access full content restricts comprehensive evaluation. Overall, the website's risk assessment is constrained by the blocked content, resulting in a low AI score. Strategic recommendations include improving transparency by publishing privacy and cookie policies, adding contact and incident response information, and ensuring security headers and SSL configurations are properly implemented and visible. These steps will enhance trust and compliance with data protection regulations.

S

SMARTSEER GmbH

smartseer.com

65

SMARTSEER GmbH operates an AI-driven decisioning platform designed to profile individual users on digital channels and optimize product and service offerings to meet business goals. The company targets sectors such as travel, airlines, retail, and hospitality, positioning itself as a niche B2B SaaS provider with sector-specific AI modeling capabilities. The website presents a professional and consistent brand image with clear messaging about its AI capabilities and business benefits. Technically, the site uses modern web technologies including service workers and is hosted likely on Azure infrastructure, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration is consistent with the business age and branding, indicating legitimacy. Strategic recommendations include publishing comprehensive privacy and security policies, enabling DNSSEC, and enhancing security headers to improve trust and compliance.

F

Flying Bisons Sp. z o. o.

bisons.dev

64

Flying Bisons Sp. z o. o. is a Warsaw-based technology company specializing in web and mobile development services. With over six years of market presence and more than 200 successfully delivered products, the company serves a broad range of clients including major international brands. Their business model focuses on custom software development, emphasizing collaboration with UX designers to ensure high-quality, secure, and user-friendly digital solutions. The company maintains a strong market position supported by positive client rankings and a commitment to agile methodologies. Technically, the website reflects a mature digital infrastructure utilizing modern technologies such as PHP, React, React Native, and various backend tools like Redis and Rabbit MQ. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a high level of digital maturity. The use of Google Tag Manager and Iubenda for cookie consent demonstrates awareness of privacy and analytics best practices. From a security perspective, the website enforces HTTPS and implements a cookie consent mechanism, but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The domain registration details align well with the business claims, supporting legitimacy and trustworthiness. Overall, Flying Bisons presents a professional and credible online presence with strong technical and business foundations. Strategic improvements in security policy transparency and enhanced security headers would further strengthen their security posture and compliance standing.

S

swissporTON

swissporton.hr

55

swissporTON is a newly launched premium brand specializing in ceramic roof tiles, combining Swiss quality with durable design. The company targets investors, roofers, architects, and distributors primarily in Croatia and surrounding regions. Their product portfolio includes over 200 variations of ceramic tiles, thermal insulation, and roof drainage systems, supported by expert services and visualization tools. The website reflects a strong market position with a focus on quality and customer support. Technically, the website is modern, fast, and mobile-optimized, leveraging Cloudflare for hosting and CDN, and integrating advanced tracking and analytics tools such as Google Tag Manager, Facebook Pixel, and Hotjar. Security posture is robust with HTTPS enforced and appropriate security headers, though explicit security and incident response policies are not publicly available. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, swissporTON presents a professional and trustworthy digital presence aligned with its business goals.

L

KVM

linux-kvm.org

50

The linux-kvm.org website serves as the official information portal for the Kernel-based Virtual Machine (KVM) open source project, which provides full virtualization capabilities for Linux systems on x86 hardware. The site offers technical documentation, news, and community resources targeted at Linux users, developers, and IT professionals interested in virtualization technology. The project is mature, with a domain age of over 15 years, and is integrated into the Linux kernel and QEMU userspace, reflecting a strong market position in open source virtualization. Technically, the website is built on MediaWiki with Bootstrap and JavaScript, delivering a fast and well-structured user experience. The site uses HTTPS and modern web standards but lacks advanced security headers and comprehensive privacy or cookie policies. Mobile optimization and accessibility are basic, and no analytics or tracking technologies are detected, indicating a minimal user tracking approach. From a security perspective, the site shows good baseline practices such as HTTPS usage and no exposed sensitive data. However, the absence of security headers and published security or incident response policies suggests room for improvement. The WHOIS data is transparent and consistent with the open source nature of the project, enhancing trustworthiness. Overall, linux-kvm.org is a credible, well-maintained technical resource with a strong reputation in the open source community. Strategic enhancements in privacy compliance, security headers, and contact transparency would further strengthen its security posture and user trust.

The website supkadavid.cz represents ADD ADVERTISING DESIGN, a small Czech graphic design agency founded in 2007. The company offers a range of services including graphic design, web design, corporate identity, printing materials, and advertising graphics. The website content is primarily in Czech and targets local clients seeking professional design services. The business appears to be a small, service-oriented agency with a focus on personalized client solutions and portfolio presentation. Technically, the website relies on outdated Flash technology, which significantly impacts usability, accessibility, and security. The site lacks modern web standards such as responsive design and accessibility features. There is no evidence of HTTPS enforcement or security headers, which weakens the security posture. Google Analytics is used for tracking, but no cookie consent or privacy policies are present, indicating poor privacy compliance. From a security perspective, the absence of HTTPS, security headers, and privacy policies are notable weaknesses. The use of Flash technology introduces potential vulnerabilities and compatibility issues. The WHOIS data shows a consistent and long-standing domain registration, supporting the legitimacy of the business. However, the website would benefit from modernization and improved security and privacy practices. Overall, the website scores moderately due to its business credibility and content relevance but is held back by technical and security shortcomings. Strategic improvements in technology stack, security implementation, and privacy compliance are recommended to enhance trust and user experience.

A

Abelium d.o.o.

abelium.com

58

Abelium d.o.o. is a Slovenia-based technology company founded in 2015, specializing in tailored technology solutions including blockchain, AI, digital transformation, and platform business models. The company targets businesses seeking advanced technology and digital transformation services, positioning itself as an innovative and interdisciplinary expert in the technology sector. The website demonstrates a high level of digital maturity with modern JavaScript libraries, responsive design, and good SEO practices. Security posture is adequate with HTTPS enforced and domain transfer protection, but lacks DNSSEC and security headers, and does not publish explicit security or incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR, with room for improvement in security transparency and technical hardening.

P

PIKA SERVIS d.o.o.

mojsvet.com

46

PIKA SERVIS d.o.o. is a small Slovenian technology company specializing in computer hardware sales, repair services, web hosting, domain registration, and website development. Established in 2002, it serves local businesses, individual consumers, and educational institutions primarily in Murska Sobota. The company emphasizes customer satisfaction and offers integrated web solutions including AI-assisted site building. Technically, the website uses modern web technologies and is mobile optimized, though it lacks some advanced security headers. The site is served over HTTPS with a valid SSL certificate and includes a cookie consent mechanism, indicating basic privacy compliance. However, the domain is a subdomain without public WHOIS registration, which introduces some legitimacy concerns. Overall, the business appears credible with moderate trustworthiness but would benefit from improved security practices and clearer domain registration transparency.

E

Ekonomska šola Murska Sobota

vss-ms.si

46

Ekonomska šola Murska Sobota is an educational institution based in Slovenia, focused on providing secondary and higher vocational education in economics and informatics. The website serves as an informational platform for students, teachers, and staff, reflecting a regional educational provider with a medium-sized operation founded in 2009. The technical infrastructure is based on WordPress with the Divi theme and several accessibility and cookie consent plugins, indicating a moderate level of digital maturity. The site integrates social media via Facebook SDK but lacks advanced analytics or marketing tools. Security posture is moderate, with HTTPS implied but missing explicit security headers and no visible privacy or security policies. The absence of contact information and formal policies suggests areas for improvement in transparency and compliance. Overall, the website is professional and safe for general audiences but would benefit from enhanced privacy compliance and security practices.

I

Indonez

indonez.com

55

Indonez is a small technology business specializing in the design and sale of premium HTML templates, primarily distributed via the Themeforest marketplace. With over 15 years of domain age and experience, the company targets web developers and businesses seeking high-quality, customizable templates built with modern front-end frameworks such as UIkit 3 and Bootstrap 5. The website is professionally designed, mobile optimized, and SEO friendly, providing a good user experience and clear navigation. Technically, the site uses modern web technologies and is hosted by HOSTINGER operations, UAB, with HTTPS enabled and a valid SSL certificate. However, the absence of DNSSEC and security headers indicates room for improvement in security hardening. Security posture is moderate with no visible vulnerabilities or exposed sensitive data. Privacy compliance is weak due to the lack of privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the website is trustworthy and credible but would benefit from enhanced security and privacy practices.

Lowe's Companies, Inc operates a large-scale home improvement retail website offering a wide range of products including appliances, tools, building supplies, and garden equipment. The company targets both DIY consumers and professional contractors, providing services such as installation and business resources. The website is professionally designed with a strong brand presence and consistent messaging, reflecting its position as a leading retailer in the home improvement sector. Technically, the website leverages modern web technologies including React, multiple CDNs, and advanced analytics and performance monitoring tools. The infrastructure supports fast loading times and good mobile optimization, ensuring a positive user experience. However, explicit privacy and cookie policies were not detected in the provided content, indicating an area for improvement in compliance transparency. From a security perspective, the site enforces HTTPS and integrates fraud protection and monitoring scripts, demonstrating a mature security posture. The absence of explicit security headers in the HTML snippet suggests potential enhancements at the server configuration level. The WHOIS data is unavailable or inconsistent, which is unusual for a major brand but does not detract from the overall legitimacy of the site. Overall, Lowe's website presents a secure, professional, and user-friendly platform with minor gaps in privacy policy visibility and WHOIS transparency. Strategic improvements in these areas would further enhance trust and compliance.

M

migrolino

migrolino.ch

70

Migrolino operates as a well-established retail convenience store chain in Switzerland, providing quick and convenient shopping options for daily needs. The website serves primarily as a shop finder and promotional platform, targeting the general Swiss public with localized language options in German, French, and Italian. The business model focuses on retail convenience with a strong physical presence across Switzerland, supported by an interactive map of store locations. Technically, the website leverages modern web technologies including Google Maps API, Google Fonts, and Google Analytics, ensuring a functional and user-friendly experience with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and basic privacy controls such as cookie consent, though explicit privacy policies and security headers could be improved. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate business entity. Strategic recommendations include enhancing privacy compliance, publishing clear policies, and strengthening security headers to improve trust and compliance.

P

PowNed

powned.tv

61

PowNed is a Dutch media organization focused on delivering news, investigative journalism, and video content primarily for a general audience in the Netherlands. The website serves as a platform for their latest news, programs, and membership engagement. It is affiliated with public broadcasting entities, enhancing its credibility and market position. Technically, the site uses modern web technologies including Vue.js and Tailwind CSS, with integrations for analytics and video streaming. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit privacy policies indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness but does not detract from the site's operational legitimacy. Overall, PowNed's website is a well-maintained media platform with moderate technical sophistication and a good security baseline.

N

NTR

ntr.nl

56

NTR is a Dutch public broadcasting organization operating under the NPO umbrella, providing a wide range of programming focused on information, education, culture, youth, and diversity. The website serves as a portal to their content offerings, including television and radio programs, with a clear focus on accessibility and relevance for all audience segments. The site is well-branded, consistent, and professionally maintained, reflecting its status as a major public media entity in the Netherlands. Technically, the website employs modern web technologies including jQuery, Bitmovin video player, and a cookie consent management system. It is mobile-optimized with responsive design elements and integrates tracking and analytics tools compliant with privacy regulations. The site uses HTTPS with DNSSEC enabled, indicating strong foundational security practices, although some advanced security headers are not explicitly detected. From a security perspective, the site demonstrates good practices such as encrypted connections and cookie consent mechanisms. However, it lacks publicly visible security policies or incident response contacts, which could be improved to enhance transparency and trust. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the organization's identity and history. Overall, the website is a trustworthy, professional platform for a public broadcaster with a strong compliance posture and good user experience. Strategic improvements in security policy disclosure and header implementation could further strengthen its security posture.

T

Touren Service France S.A.S

grand-est-for-groups.com

55

The website grand-est-for-groups.com operates as an online platform dedicated to planning and booking group travel in France, targeting primarily bus operators and travel agencies. The business, identified as Touren Service France S.A.S, was founded in 2020 and offers services including hotel bookings, activities, and group packages. The platform positions itself as a niche regional service provider in the transportation and hospitality sectors. Technically, the site leverages modern JavaScript frameworks such as Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site appears to be mobile-optimized with a good user experience and professional design. However, there is a lack of visible privacy and cookie policies, and no explicit contact information was found in the analyzed content, which impacts trust and compliance. Security posture is moderate with no detected security headers and DNSSEC not enabled, suggesting room for improvement in technical security controls. Overall, the site is safe with no adult or questionable content detected, but it would benefit from enhanced privacy compliance and security practices.

J

Javni štipendijski, razvojni, invalidski in preživninski sklad Republike Slovenije

srips-rs.si

54

The website represents a Slovenian government institution dedicated to scholarships, workforce development, rights of workers, employment support for disabled persons, child support compensation, and recovery. It serves a broad audience including students, workers, employers, and educational institutions. The site is well-structured with clear navigation and relevant content, reflecting a mature digital presence. Technically, it uses modern web standards, includes cookie consent, and integrates Google Tag Manager and Analytics for tracking. Security posture is adequate with HTTPS enforced but lacks explicit security headers and published security policies. Privacy compliance is partial due to missing privacy and terms pages. Overall, the domain registration and hosting align with the institutional nature, indicating legitimacy and trustworthiness.

G

GitBook

gitbook.com

67

GitBook is a technology company providing a SaaS platform focused on documentation and knowledge management optimized for AI. The website presents a professional and modern interface targeting developers and product teams seeking efficient documentation solutions. The platform leverages AI to enhance user experience and conversion. Technically, the site uses modern frameworks such as Framer, integrates analytics tools like Google Analytics, Amplitude, and HubSpot, and hosts assets on Amazon S3, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are missing. The absence of WHOIS data reduces transparency but is common for commercial SaaS providers using privacy protection. Overall, the site is trustworthy and professional but could improve privacy compliance and security disclosures.

AD/D ADVERTISING DESIGN is a small Czech graphic design agency specializing in corporate identity, print, and web design services. The company has been operating since 2010, as supported by domain registration data. The website primarily serves as a portfolio and contact point for potential clients, featuring services such as logo creation, advertising graphics, and POP materials. The target audience includes businesses and individuals seeking professional graphic design solutions. Technically, the website relies on outdated Flash technology, which negatively impacts accessibility, performance, and user experience. The site lacks modern responsive design and accessibility features, limiting its reach on mobile devices and to users with disabilities. Security posture is weak, with no visible HTTPS enforcement or security headers, and no privacy or cookie policies are present, indicating compliance gaps with GDPR and other regulations. Google Analytics is used for user tracking without visible consent mechanisms, further highlighting privacy concerns. Overall, the website is functional but outdated and requires modernization to improve security, compliance, and user experience.

A

Acemail

acemail.cz

47

The website acemail.cz serves as a webmail client interface, powered by RainLoop Webmail software. It provides users with email management capabilities including support for PGP encryption and two-factor authentication, targeting general users seeking secure email access. The domain is registered since 2011 in the Czech Republic, indicating a mature service presence. Technically, the site uses modern JavaScript frameworks like Knockout.js and Bootstrap for UI rendering, but lacks advanced SEO and accessibility features. Security-wise, while it supports important features like 2FA and PGP, it lacks visible security headers and explicit privacy or cookie policies, which are critical for compliance and trust. Overall, the site is functional but could improve in transparency and security best practices.

A

AceIT Office

aceoffice.cz

62

AceIT Office operates a web-based business software platform powered by Group-Office, providing enterprise-level office management solutions. The website serves primarily as a login portal for authenticated users rather than a public-facing marketing site. The platform leverages ExtJS 3 for its frontend interface, indicating a mature but somewhat dated technology stack. The domain aceoffice.cz has been registered since 2012, consistent with the longevity of the software product. However, the website lacks publicly accessible business information, privacy policies, or contact details, limiting transparency for external visitors. Technically, the website employs HTTPS with a security token mechanism for AJAX requests, which is a positive security practice. Nonetheless, the absence of standard security headers and advanced bot protection on the login form suggests room for improvement in security hardening. The site does not appear to use any analytics or advertising technologies, indicating a focus on internal users rather than marketing or tracking external visitors. From a security and compliance perspective, the lack of visible privacy and cookie policies, as well as missing contact information, represents a compliance gap, especially under GDPR requirements. The site’s security posture is moderate but could benefit from implementing additional security headers and bot mitigation techniques. Overall, the risk to external users is low given the site’s nature as a login portal, but the lack of transparency and compliance documentation could impact trustworthiness. Strategically, AceIT Office should prioritize publishing clear privacy and cookie policies, enhancing security headers, and providing contact information to improve compliance and user trust. These steps will also support better security posture and regulatory adherence, which are critical for enterprise software providers.

S

Swisscare

swisscare.ch

69

Swisscare is an established insurance provider specializing in international health and travel insurance for students, interns, au pairs, travelers, and expatriates primarily in Europe and Switzerland. The company offers a digital-first experience with instant online insurance certificates and a customer account portal. The website is professionally designed, mobile-optimized, and supports multiple languages, reflecting a mature digital presence. Technically, the site uses modern web standards, Cloudflare DNS, and privacy-respecting analytics, though DNSSEC is not enabled. Security posture is good with HTTPS and CSRF tokens, but lacks explicit security policies and some security headers. Privacy compliance is strong with GDPR and FADP policies and cookie consent mechanisms. Overall, the domain and website content align well, indicating a legitimate and trustworthy business with a solid market position in niche insurance services.

G

Globetrotter

globetrotter.ch

63

Globetrotter is a Swiss travel company offering a wide range of travel experiences, advisory services, and curated travel recommendations. The website targets diverse traveler segments including families, solo travelers, and those interested in responsible tourism. The company appears to have a solid market position in Switzerland with a medium-sized business profile. Technically, the website uses modern web technologies such as the Svelte framework, lazy loading for images, and integrates a consent management platform to comply with privacy regulations. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses consent management but lacks explicit security headers and published security policies, which could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and compliant with privacy standards, though it would benefit from publishing privacy and security policies and providing clearer contact information.

L

Luzerner Kantonalbank

lukb.ch

75

Luzerner Kantonalbank (LUKB) is a leading regional bank based in Luzern, Switzerland, providing a broad range of financial services including retail banking, mortgages, investment products, and personalized financial advisory. The website targets private customers primarily in the Luzern and Central Switzerland region, emphasizing personal service and innovative banking solutions. The bank maintains a strong market position as a trusted cantonal bank with a professional digital presence. Technically, the website employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, and HTMX for dynamic content. It is well-optimized for mobile devices and accessibility, with good SEO practices and comprehensive metadata. The site uses HTTPS with strong security headers, ensuring secure communications and protecting user data. From a security perspective, the site demonstrates good practices including secure cookie handling, consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not publicly detailed, representing an area for improvement. The privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website is professional, trustworthy, and secure, with extensive content relevant to its audience. It integrates multiple analytics and marketing tools responsibly, maintaining transparency and user control over data. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing transparency around data protection officers to further strengthen trust and compliance.

S

Sympany Services AG

sympany.ch

70

Sympany Services AG is a Swiss insurance company specializing in health insurance, offering both basic and supplementary insurance products alongside vehicle, household contents, and business insurance. The company targets individuals and corporate customers within Switzerland, positioning itself as a trusted and customer-centric insurer with high satisfaction ratings. The website reflects a professional and comprehensive digital presence with clear navigation and extensive service information. Technically, the website employs modern JavaScript libraries, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with secure HTTPS connections and no visible technical vulnerabilities. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks publicly available dedicated security policies or incident response contacts. No exposed sensitive data or vulnerabilities were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with recommendations to enhance security transparency and implement additional security headers to further strengthen its security posture.