Security Directory

DuelOnline.cz is a Czech Republic-based online accounting portal focused on providing cloud-based access to the DUEL economic system. The website targets accounting professionals, businesses, and accounting firms seeking secure, remote, and integrated accounting solutions. The business model revolves around SaaS delivery of accounting, payroll, inventory, and retail sales management services. The company Ace IT s.r.o. appears as the parent entity, with partnerships with major technology providers such as HP, Dell, Cisco, Microsoft, and Debian, enhancing its market credibility. Technically, the website employs a traditional web stack with jQuery 1.6.1, jQuery UI, and Google Analytics for tracking. It integrates virtualization technologies and cloud infrastructure based on Microsoft and Linux platforms. However, the site shows signs of aging technology and lacks modern security headers and HTTPS confirmation, which impacts its security posture. Mobile optimization and accessibility are basic, and no CMS or hosting provider details are evident. From a security perspective, the site demonstrates some best practices like data backup and physical server security but lacks visible HTTPS enforcement, security headers, and formal privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness and raises concerns about domain registration legitimacy. No vulnerability disclosures or incident response contacts are provided, limiting transparency. Overall, DuelOnline.cz is a functional and professional business site with moderate technical maturity and security posture. Strategic improvements in security, privacy compliance, and technology modernization are recommended to enhance trust and resilience.

A

Ace IT s.r.o.

gdpr-experts.cz

0

GDPR Experts, operated by Ace IT s.r.o., is a specialized small business based in the Czech Republic providing GDPR compliance and IT security consulting services. Their offerings include GDPR training, audits, legal documentation, and IT security assessments tailored for companies and entrepreneurs within the EU. The website is professionally designed with clear navigation and relevant content targeting businesses needing GDPR solutions. Technically, the site employs modern frontend technologies such as Bootstrap, jQuery, and Google Analytics, indicating a moderate level of digital maturity. However, there are gaps in privacy compliance, notably the absence of explicit privacy and cookie policies. Security posture is adequate with HTTPS implied but lacks visible security headers and incident response information. Overall, the domain registration data aligns well with the business, supporting legitimacy and trustworthiness.

A

Acemail

acemail.cz

0

The website acemail.cz serves as a webmail client interface, powered by RainLoop Webmail software. It provides users with email management capabilities including support for PGP encryption and two-factor authentication, targeting general users seeking secure email access. The domain is registered since 2011 in the Czech Republic, indicating a mature service presence. Technically, the site uses modern JavaScript frameworks like Knockout.js and Bootstrap for UI rendering, but lacks advanced SEO and accessibility features. Security-wise, while it supports important features like 2FA and PGP, it lacks visible security headers and explicit privacy or cookie policies, which are critical for compliance and trust. Overall, the site is functional but could improve in transparency and security best practices.

A

AceIT Office

aceoffice.cz

0

AceIT Office operates a web-based business software platform powered by Group-Office, providing enterprise-level office management solutions. The website serves primarily as a login portal for authenticated users rather than a public-facing marketing site. The platform leverages ExtJS 3 for its frontend interface, indicating a mature but somewhat dated technology stack. The domain aceoffice.cz has been registered since 2012, consistent with the longevity of the software product. However, the website lacks publicly accessible business information, privacy policies, or contact details, limiting transparency for external visitors. Technically, the website employs HTTPS with a security token mechanism for AJAX requests, which is a positive security practice. Nonetheless, the absence of standard security headers and advanced bot protection on the login form suggests room for improvement in security hardening. The site does not appear to use any analytics or advertising technologies, indicating a focus on internal users rather than marketing or tracking external visitors. From a security and compliance perspective, the lack of visible privacy and cookie policies, as well as missing contact information, represents a compliance gap, especially under GDPR requirements. The site’s security posture is moderate but could benefit from implementing additional security headers and bot mitigation techniques. Overall, the risk to external users is low given the site’s nature as a login portal, but the lack of transparency and compliance documentation could impact trustworthiness. Strategically, AceIT Office should prioritize publishing clear privacy and cookie policies, enhancing security headers, and providing contact information to improve compliance and user trust. These steps will also support better security posture and regulatory adherence, which are critical for enterprise software providers.

S

swissporTON

swissporton.ro

0

swissporTON is a Romanian-based manufacturer and retailer specializing in high-quality ceramic roof tiles and related roofing products. The company emphasizes Swiss quality standards, offering over 200 product variants with a 50-year warranty, targeting investors, roof installers, architects, and distributors. The website presents a professional and consistent brand image with extensive product information and support resources. Technically, the site uses modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly but lacks explicit privacy and terms of service pages, which are areas for improvement. Security posture is good with HTTPS enforced, though security headers are not evident in the provided data. Overall, swissporTON demonstrates a solid market position with a trustworthy online presence but should enhance privacy compliance and security transparency.

N

NordNet SA (Registrar)

tourisme-en-champagne.com

0

The website tourisme-en-champagne.com serves as a comprehensive regional tourism portal for the Champagne region in France, offering information on destinations, cultural heritage, accommodations, and activities. It targets tourists and visitors interested in exploring the Champagne terroir and related experiences. The site is well-established with a domain age dating back to 1999, indicating a mature presence in the tourism sector. Technically, the site is built on Drupal 7 with a variety of JavaScript libraries for UI enhancements and analytics, including Matomo and Google Analytics. While the site is functional and provides good content quality and navigation, it uses some outdated JavaScript libraries that may pose security risks. Security posture is moderate with HTTPS enabled but lacks visible security headers and DNSSEC. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms. Overall, the site is credible and trustworthy but would benefit from improvements in security and privacy compliance.

S

Swisscare

swisscare.ch

0

Swisscare is an established insurance provider specializing in international health and travel insurance for students, interns, au pairs, travelers, and expatriates primarily in Europe and Switzerland. The company offers a digital-first experience with instant online insurance certificates and a customer account portal. The website is professionally designed, mobile-optimized, and supports multiple languages, reflecting a mature digital presence. Technically, the site uses modern web standards, Cloudflare DNS, and privacy-respecting analytics, though DNSSEC is not enabled. Security posture is good with HTTPS and CSRF tokens, but lacks explicit security policies and some security headers. Privacy compliance is strong with GDPR and FADP policies and cookie consent mechanisms. Overall, the domain and website content align well, indicating a legitimate and trustworthy business with a solid market position in niche insurance services.

G

Globetrotter

globetrotter.ch

0

Globetrotter is a Swiss travel company offering a wide range of travel experiences, advisory services, and curated travel recommendations. The website targets diverse traveler segments including families, solo travelers, and those interested in responsible tourism. The company appears to have a solid market position in Switzerland with a medium-sized business profile. Technically, the website uses modern web technologies such as the Svelte framework, lazy loading for images, and integrates a consent management platform to comply with privacy regulations. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and uses consent management but lacks explicit security headers and published security policies, which could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and compliant with privacy standards, though it would benefit from publishing privacy and security policies and providing clearer contact information.

H

Hotelplan

hotelplan.ch

0

Hotelplan.ch is a leading Swiss online travel agency specializing in personalized holiday and travel bookings including flights, hotels, cruises, and car rentals. The website targets Swiss travelers seeking convenient and comprehensive travel solutions. Technically, the site employs modern frameworks such as Next.js and integrates multiple analytics and marketing tools, indicating a mature digital infrastructure. Security posture is strong with HTTPS and security headers in place, though explicit privacy and cookie policies are not detected in the provided content, representing a compliance gap. Overall, the site is professional and trustworthy but would benefit from enhanced privacy disclosures and incident response documentation.

L

Luzerner Kantonalbank

lukb.ch

0

Luzerner Kantonalbank (LUKB) is a leading regional bank based in Luzern, Switzerland, providing a broad range of financial services including retail banking, mortgages, investment products, and personalized financial advisory. The website targets private customers primarily in the Luzern and Central Switzerland region, emphasizing personal service and innovative banking solutions. The bank maintains a strong market position as a trusted cantonal bank with a professional digital presence. Technically, the website employs modern web technologies such as Google Tag Manager, Cookiebot for consent management, and HTMX for dynamic content. It is well-optimized for mobile devices and accessibility, with good SEO practices and comprehensive metadata. The site uses HTTPS with strong security headers, ensuring secure communications and protecting user data. From a security perspective, the site demonstrates good practices including secure cookie handling, consent mechanisms, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response information are not publicly detailed, representing an area for improvement. The privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the website is professional, trustworthy, and secure, with extensive content relevant to its audience. It integrates multiple analytics and marketing tools responsibly, maintaining transparency and user control over data. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing transparency around data protection officers to further strengthen trust and compliance.

M

MonoSystems

monosystems.com

0

MonoSystems is a specialized manufacturer and direct seller of cable management systems including cable trays, raceways, power poles, and j-hooks. The company positions itself as a unique direct manufacturer with over 50 years of industry experience and is part of the NIEDAX GROUP. Their website targets electrical contractors, engineers, architects, and general contractors, offering detailed product information, downloadable resources, and customer engagement through forms and social media. Technically, the site is built on WordPress with WooCommerce and uses modern libraries such as jQuery and Bootstrap, integrating Google Analytics and Tag Manager for tracking. Security measures include HTTPS and Google reCAPTCHA on forms, but the site lacks visible privacy and cookie policies as well as security headers, which are areas for improvement. The WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and business presence indicate a legitimate operation. Overall, the site is professional and functional with moderate technical maturity and good business credibility.

E

Ebo-systems S.A.S

ebo-systems.com

0

Ebo Systems is a specialist manufacturer of composite cable tray systems with over 60 years of experience, serving demanding industrial sectors such as energy, transportation, chemistry, and water. The company is part of the Niedax Group, a global leader in cable management solutions, which strengthens its market position and global reach across 27 countries. The website reflects a professional and well-structured digital presence built on WordPress, leveraging modern technologies and SEO best practices. Security posture is strong with HTTPS enforced and no obvious vulnerabilities, though explicit security policies and privacy compliance documentation are lacking. WHOIS data is unavailable, which reduces transparency but does not negate the evident legitimacy of the business. Overall, the website is a credible and professional representation of a medium-sized industrial supplier.

S

SpinaGroup Srl

spinagroup.com

0

SpinaGroup Srl is an established Italian company specializing in integrated solutions for industrial plants, focusing on electrical and instrumentation packages. With over 30 years of experience and recent integration into the Niedax Group, the company offers customized and ready-made solutions for industrial plant engineering. Their target audience includes industrial companies and plant engineers seeking reliable electrical materials and services. The website reflects a professional B2B business model with a clear market position in the energy and manufacturing sectors. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable digital infrastructure. The site includes cookie consent mechanisms and Google Tag Manager for analytics, demonstrating digital maturity and privacy awareness. Performance and mobile optimization are good, though some accessibility features could be enhanced. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected, but improvements in security best practices and transparency are recommended. Overall, the website is trustworthy and professional, though the lack of WHOIS data reduces domain trust slightly. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility to strengthen compliance and user trust.

The domain auberge-de-l-ill.com is a long-registered domain since 2000, suggesting an established presence. However, the website content is currently inaccessible or blocked, displaying only a minimal placeholder message indicating the website could not be determined. This lack of accessible content prevents meaningful analysis of the business, its services, or its digital maturity. The technical infrastructure appears minimal with no detected CMS, frameworks, or modern technologies. Security posture is weak with no DNSSEC, no security headers, and no visible HTTPS enforcement details. Privacy and compliance policies are absent, and no contact or business information is available on the site. Overall, the website is not currently functional or publicly accessible, which significantly limits trust and credibility.

P

Pomurska gospodarska zbornica

pgz.si

0

Pomurska gospodarska zbornica (PGZ) is a regional economic chamber based in the Pomurje region of Slovenia, established in 2008. The organization focuses on uniting and supporting local businesses through networking events, consulting services, public documentation, and educational programs. The website reflects a professional and consistent brand presence, targeting a broad audience including businesses and stakeholders in the region. The site content is primarily in Slovenian and provides comprehensive information about the chamber's activities, projects, and regional economic data. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, FontAwesome, and Owl Carousel, with Google Analytics integrated for user tracking. The site is mobile-optimized and demonstrates good SEO practices.

S

SzeneSchweiz – Berufsverband Darstellende Künste

szeneschweiz.ch

0

SzeneSchweiz is the largest and most important Swiss professional association for performing artists in theater, film, and TV. It provides a range of services including legal advice, protection against abuse, pension schemes for freelancers, continuing education, and a casting platform. The organization targets professional artists in Switzerland and operates as a non-profit entity with a strong market position in the Swiss performing arts sector. The website is multilingual and professionally designed, reflecting a medium-sized organization founded around 2017. Technically, the website is built on WordPress 6.8.3 with modern plugins for social sharing and forms. It uses Google Analytics for tracking and is mobile-optimized with good SEO practices. Performance is moderate, and accessibility is basic. The site uses HTTPS with excellent SSL configuration but lacks some security headers and a cookie consent mechanism. From a security perspective, the site enforces HTTPS and does not expose sensitive data. However, it lacks explicit security policies, incident response information, and cookie consent banners, which are important for GDPR compliance. No vulnerabilities or suspicious content were detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's Swiss identity. Overall, the website is professional, trustworthy, and well-positioned in its niche but could improve privacy compliance and security posture by adding cookie consent, security headers, and incident response details.

V

VPOD/SSP

vpod.ch

0

VPOD/SSP is a well-established Swiss trade union representing employees in the public service sector, including education, healthcare, transportation, and government. The organization offers membership services, educational programs, advocacy on labor rights, and regional support through multiple subdomains. The website reflects a mature digital presence with clear branding, comprehensive content, and active social media engagement. Technically, the site is built on the ProcessWire CMS with modern JavaScript libraries and privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements in security headers and cookie consent mechanisms are recommended. Overall, the site is professional, trustworthy, and well-aligned with its mission and audience.

V

VCS Productions GmbH

vcs.ch

0

VCS Productions GmbH is a Swiss-based company specializing in visual computing services with over 30 years of experience. Their offerings include tailored content creation for product videos, LED display solutions, high lumen projectors, 3D animations, laser shows, video mapping, and streaming products. The company targets businesses and organizations seeking advanced visual content and display technologies. The website reflects a professional and consistent brand image with clear contact information and a focus on technology services. Technically, the site is built on WordPress with a modern theme and plugins, showing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and anti-spam measures, though lacking advanced security headers and explicit policies. Privacy compliance is partial, with a privacy policy present but no cookie consent or terms of service. Overall, the site is trustworthy and well-maintained, with room for improvement in security and compliance documentation.

U

Unia

unia.ch

0

Unia is the largest trade union in Switzerland, serving a broad range of employees across industries such as construction, manufacturing, commerce, and private services. The organization operates as a non-profit entity focused on labor rights, collective bargaining agreements, and member services. The website is built on TYPO3 CMS and integrates modern analytics and tracking tools like Google Tag Manager and Facebook Pixel, with privacy-conscious default settings denying consent until granted. Security posture is solid with HTTPS enforced, though improvements can be made by adding security headers and explicit privacy and cookie policies. The site is well-branded, multilingual, and professionally designed, targeting workers and union members in Switzerland.

S

syndicom

syndicom.ch

0

syndicom is a prominent Swiss trade union representing employees in logistics, information and communication technology, and media sectors. The organization advocates for fair working conditions, social justice, and responsible technological progress. It offers services such as collective bargaining, legal advice, education, and campaigns to its members. The website reflects a mature digital presence with a professional design, clear navigation, and multilingual support, targeting employees and stakeholders in Switzerland. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the domain registration aligns with the organization's identity, supporting legitimacy and trustworthiness.

S

Sympany Services AG

sympany.ch

0

Sympany Services AG is a Swiss insurance company specializing in health insurance, offering both basic and supplementary insurance products alongside vehicle, household contents, and business insurance. The company targets individuals and corporate customers within Switzerland, positioning itself as a trusted and customer-centric insurer with high satisfaction ratings. The website reflects a professional and comprehensive digital presence with clear navigation and extensive service information. Technically, the website employs modern JavaScript libraries, Google Tag Manager for analytics, and Usercentrics for consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with secure HTTPS connections and no visible technical vulnerabilities. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses consent management for cookies, but lacks publicly available dedicated security policies or incident response contacts. No exposed sensitive data or vulnerabilities were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, with recommendations to enhance security transparency and implement additional security headers to further strengthen its security posture.

R

RVK

rvk.ch

0

RVK is an independent and leading service provider in the Swiss healthcare market, offering specialized services including risk and performance management, insurance medicine consulting, and education through its RVK Academy. The company targets insurers, pension funds, and enterprises, providing tailored insurance and educational solutions. The website is professionally designed, consistent in branding, and provides clear contact information and trust signals such as client testimonials and SQS-Audit certification. Technically, the site uses modern web technologies like Swiper.js and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanism. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

Migros Verteilbetrieb AG

mvb.ch

0

Migros Verteilbetrieb AG is a leading logistics company within the Migros Group, specializing in storage, packaging, picking, and distribution of a wide range of products including food, textiles, and frozen goods. It operates multiple large distribution centers in Switzerland, serving hundreds of Migros stores and migrolino shops daily. The company is well-established with over 50 years of operational history, positioning itself as a key logistics partner in the Swiss retail sector. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and OwlCarousel, and is built on the Umbraco CMS platform. The site is mobile-optimized, uses HTTPS, and includes cookie consent mechanisms compliant with GDPR. While the site lacks explicit security headers and detailed security policies, it demonstrates a solid baseline security posture with no evident vulnerabilities or exposed sensitive data. From a security perspective, the website benefits from HTTPS encryption and cookie consent but could improve by implementing additional HTTP security headers and publishing incident response or security policies. No WAF or blocking mechanisms were detected, and the domain registration data aligns well with the business identity, indicating high legitimacy. Overall, the website is professional, trustworthy, and well-suited for its business purpose. Strategic recommendations include enhancing security headers, improving accessibility, and publishing explicit security and incident response information to further strengthen trust and compliance.

H

Helvetia Insurance

helvetia.ch

0

Helvetia Insurance is a well-established Swiss insurance company with over 160 years of history, serving more than 1.3 million customers. The company offers a broad range of insurance and pension products targeting private customers in Switzerland. Their website reflects a mature digital presence with comprehensive content, clear navigation, and professional branding. The technical infrastructure leverages Adobe Experience Manager CMS, integrates multiple analytics and marketing tools, and employs modern web technologies ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms in place. However, WHOIS data is not publicly available, likely due to privacy protection, which is common for large enterprises. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

G

Garanto

garanto.ch

0

Garanto is a Swiss trade union established in 2001 representing customs and border personnel. The organization provides legal protection, member services, and advocacy for its members within the customs administration sector. The website is professionally designed, multilingual (German, French, Italian), and provides clear navigation and relevant content for its target audience. Technically, the site uses modern JavaScript libraries such as jQuery, Swiper, and Fancybox, with a custom or unknown CMS. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers are missing. No critical vulnerabilities or blocking mechanisms were detected. Contact information is clearly presented, including phone and email, and a member login area is available. Overall, the site demonstrates a solid digital presence for a government-related non-profit entity.

ERV is a Swiss insurance company specializing in travel and leisure insurance products, offering comprehensive coverage including multi-trip, single-trip, group travel, mobility, health, accident, pet, and corporate insurance. The company maintains strong partnerships with reputable Swiss organizations such as Migros, LUKB, and Hotelplan, reinforcing its market position. The website is professionally designed, mobile-optimized, and uses Adobe Experience Manager as its CMS, with Adobe Analytics and OneTrust for tracking and consent management. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are not prominently published. No signs of blocking or WAF interference were detected, and the domain WHOIS data aligns well with the business claims, indicating legitimacy.

K

KENDRIS Capital Limited

kendriscapital.com

0

KENDRIS Capital Limited is an independent alternative investment fund manager specializing in multi-asset class fund solutions domiciled in Cyprus and Luxembourg. It operates as a wholly owned subsidiary of KENDRIS AG, targeting professional and well-informed investors with a comprehensive suite of fund management services including portfolio management, risk management, marketing, distribution, and fund administration. The company emphasizes a personal, independent, and digital approach to fund management, supported by a strong regulatory framework under CySEC. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, and CookieYes for consent management, ensuring a professional and user-friendly digital presence. Security measures include HTTPS enforcement and reCAPTCHA integration, though there is room for improvement in security headers and published security policies. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall website content and regulatory disclosures support a trustworthy business profile.

T

Touraine Val de Loire

tourainevaldeloire.com

0

Touraine Val de Loire is a regional tourism organization promoting cultural, natural, and gastronomic experiences in the Touraine region of France. The website is professionally designed with multi-language support and rich content targeting tourists and visitors. The technical infrastructure leverages modern JavaScript modules, WordPress CMS, and integrates analytics and consent frameworks, indicating a mature digital presence. Security posture is good with HTTPS and consent mechanisms, though explicit privacy policies and contact information are missing. The absence of WHOIS registration data is a notable concern but may be due to privacy or data source limitations. Overall, the site is trustworthy and well-positioned for tourism promotion but should improve transparency and compliance documentation.

M

MENTOR - Die Leselernhelfer Nordhessen e.V.

mentor-nordhessen.de

0

MENTOR - Die Leselernhelfer Nordhessen e.V. is a regional non-profit organization dedicated to improving children's literacy and language skills through individual mentoring programs. Affiliated with the national MENTOR federation, it connects volunteer mentors with schools to provide weekly reading support for children aged 6 to 16. The website reflects a clear mission and target audience focused on education and community support. Technically, the website is built on Joomla CMS with modern frontend technologies including Bootstrap 5 and jQuery. It is hosted on servers indicated by the nameservers from agenturserver, suggesting a professional hosting environment. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. From a security perspective, the site uses HTTPS and includes CSRF tokens and a GDPR-compliant cookie consent mechanism. However, it lacks visible security headers and does not provide explicit security policies or incident response contacts. No vulnerability disclosure or security.txt files are present, which could be improved to enhance trust and security posture. Overall, the website is safe, professional, and trustworthy with a strong focus on privacy compliance and user protection. The main risks relate to missing security headers and lack of formal security documentation. Strategic improvements in these areas would strengthen the organization's digital security and compliance standing.

Hurricane Electric operates a well-established free IPv6 tunnel broker service that enables users to access the IPv6 Internet by tunneling over IPv4 connections. The service is targeted primarily at developers, network engineers, and experimenters who require stable IPv6 connectivity. Hurricane Electric is a large, reputable ISP with a global backbone and multiple tunnel server locations worldwide, positioning it strongly in the IPv6 and networking market. The website content is professional and technically focused, providing clear information about the service and related offerings such as colocation and dedicated servers. The presence of a terms of service page and clear contact information supports business credibility. From a technical perspective, the website uses standard web technologies including HTML, CSS, and JavaScript with jQuery libraries. The hosting appears to be managed by Hurricane Electric itself, reflecting good control over infrastructure. Performance and mobile optimization are moderate, with room for improvement in accessibility and SEO. Security posture shows some gaps: no DNSSEC enabled, no visible security headers, and no explicit HTTPS enforcement in the provided HTML snapshot. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable compliance risk. Overall, the security posture is moderate with no critical vulnerabilities detected in the visible content, but improvements are recommended to enhance DNS security, implement security headers, and provide clear privacy and cookie policies. The domain WHOIS data is consistent and supports the legitimacy of the business, with a long domain age and matching registrant information. No WAF or blocking mechanisms were detected, allowing full content access and analysis. Strategic recommendations include enabling DNSSEC, improving HTTPS and security headers, publishing privacy and cookie policies, and adding vulnerability disclosure information to strengthen trust and compliance. These steps will improve the security posture and regulatory compliance, enhancing user trust and business resilience.

S

Stiftung Standortförderung Aarau und Region

asf-aarau.ch

0

The Stiftung Standortförderung Aarau und Region operates as a regional non-profit foundation focused on promoting economic development, tourism, and city management in Aarau and its surrounding region. The website clearly communicates its mission to unite business, quality of life, culture, and leisure under one umbrella, targeting local businesses, residents, tourists, and event organizers. The foundation offers services including economic promotion, city management, tourism marketing, and event planning, positioning itself as a key regional player fostering sustainable growth and community engagement. Technically, the website employs modern web technologies such as ES modules, Tailwind CSS, and integrates privacy-focused analytics via Plausible. The site is well-optimized for mobile devices, loads quickly, and features a professional design with clear navigation. Hosting and media assets are served via reliable providers, ensuring good performance and availability. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced protection and GDPR compliance. No incident response or vulnerability disclosure policies are published, indicating room for improvement in security transparency and readiness. Overall, the website presents a trustworthy and professional digital presence for the foundation, with minor gaps in privacy and security best practices. Strategic enhancements in these areas would strengthen compliance and user trust, supporting the foundation's mission and reputation.

F

flyo.cloud - flyo.cloud

flyo.cloud

0

flyo.cloud is a technology-focused SaaS platform aimed at revolutionizing content workflows, targeting content creators and teams. The website presents a professional login page with modern design elements and uses technologies such as Vue.js, Font Awesome, and Google reCAPTCHA to enhance user experience and security. The domain is registered since 2021 and uses Cloudflare for DNS and hosting, indicating a reliable technical infrastructure. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with HTTPS and bot protection but lacks security headers and published security policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security transparency.

D

Društvo DOVES – FEE SLOVENIA

ekosola.si

0

Ekošola.si represents a well-established Slovenian non-profit organization focused on environmental education and sustainable development awareness among children, students, and educators. The website serves as a hub for program information, news, projects, and partner engagement, positioning itself as a leading educational network in Slovenia. The business model revolves around educational program delivery, community involvement, and international cooperation under the Foundation for Environmental Education (FEE) umbrella. Technically, the website is built on WordPress using popular plugins such as Slider Revolution and WPBakery Page Builder, with modern web technologies including jQuery and Google reCAPTCHA for form security. The site demonstrates good mobile optimization and moderate performance, with a clean and professional design that supports user engagement and navigation. From a security perspective, the site enforces HTTPS, employs security headers, and integrates CAPTCHA to protect forms, reflecting a mature security posture. However, it lacks explicit security policies, vulnerability disclosure mechanisms, and incident response contacts, which are recommended for enhanced transparency and preparedness. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences. Strategic recommendations include adding dedicated security and incident response pages, improving accessibility features, and maintaining up-to-date software to mitigate potential vulnerabilities.

D

Društvo DOVES - FEE SLOVENIA

modrazastava.si

0

Modra Zastava is a Slovenian non-profit environmental program focused on promoting eco-label certification for coastal locations to ensure environmental protection, water quality, and sustainable tourism. The program is well-established since 2005 and operates under the management of Društvo DOVES - FEE SLOVENIA. The website serves as an informational and promotional platform targeting tourists, municipalities, and environmental stakeholders. Technically, the site is built on WordPress with common plugins such as Yoast SEO and uses Google Analytics for visitor tracking. The hosting is inferred to be with Hostmachine based on nameservers. The site is mobile-optimized and SEO-friendly with good content quality and clear navigation. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response information. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

D

DRUŠTVO DOVES - FEE SLOVENIA

drustvo-doves.si

0

Društvo DOVES-FEE Slovenia is a Slovenian non-profit organization dedicated to environmental education and sustainable development. As a full member of the international Foundation for Environmental Education (FEE), it operates several recognized environmental programs such as Blue Flag, Eco-Schools, Young Reporters for the Environment, and Green Key. The organization targets schools, youth, environmental groups, and hospitality sectors to promote sustainability and environmental awareness. The website is professionally designed using WordPress, with good content quality and clear navigation, supporting its mission effectively. Technically, the website employs a standard WordPress CMS with popular plugins like Yoast SEO and SiteOrigin Panels. It uses HTTPS with a good SSL configuration and integrates Google Analytics and ShareThis for analytics and social sharing. The site is moderately performant and mobile-optimized, though accessibility features are basic. Hosting is provided by Hostmachine, as indicated by the nameservers. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the organization's claims, showing a domain age appropriate for its history and no privacy protection, enhancing trustworthiness. Overall, the website presents a low-risk profile with a solid business credibility and compliance posture. Strategic improvements could include adding security headers, publishing a security policy, and enhancing accessibility. These steps would further strengthen the organization's digital trust and security posture.

C

Conseil départemental des Vosges

vosges.fr

0

The website www.vosges.fr is the official online presence of the Conseil départemental des Vosges, a regional government entity in France. It serves as a comprehensive portal for residents and visitors, offering information on public services, cultural events, tourism, and local governance. The site is positioned as a trusted source for regional information and services, targeting a broad audience including citizens, businesses, and tourists. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies such as jQuery, FontAwesome, and various analytics tools including Matomo and Facebook Pixel. The infrastructure supports good mobile optimization, accessibility, and SEO practices, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS, implements key security headers, and avoids exposing sensitive data. While no critical vulnerabilities were detected, the absence of a publicly available security policy and incident response contact suggests room for improvement in transparency and preparedness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, the website demonstrates a strong legitimacy and trustworthiness profile consistent with an official government entity. The lack of WHOIS data is likely due to privacy protection policies common in French domains. Strategic recommendations include publishing explicit security and incident response policies, enhancing monitoring of third-party scripts, and considering a vulnerability disclosure program to further strengthen security posture.

C

Conseil départemental de la Haute-Marne

haute-marne.fr

0

The Conseil départemental de la Haute-Marne operates as the official local government authority for the Haute-Marne department in France, providing a wide range of public services including road maintenance, education management, social support, and cultural activities. The website serves as a comprehensive portal for residents and stakeholders to access information and services. Technically, the site is built on WordPress using Elementor and Yoast SEO, with Matomo analytics for user tracking. The site demonstrates good design quality, mobile optimization, and SEO practices, though accessibility could be improved. Security posture is solid with HTTPS and security headers properly configured, but lacks published security policies or incident response details. Privacy compliance is limited due to absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the website's governmental nature, supporting high legitimacy and trustworthiness.

D

Département de la Marne

marne.fr

0

The Département de la Marne website serves as the official digital portal for the regional government of the Marne department in France. It provides comprehensive information about the department's missions, actions, elected officials, and public services. The site targets residents and stakeholders within the region, offering resources such as contact information, news, tourism details, and access to administrative procedures. The website maintains a professional and consistent brand image aligned with government standards. Technically, the site is built on WordPress with modern plugins like Yoast SEO and Matomo for analytics. It employs accessibility features and cookie consent management, ensuring compliance with basic privacy norms. The site is mobile-optimized and uses HTTPS, contributing to a secure and user-friendly experience. However, some advanced security headers and explicit privacy policies are not evident, indicating areas for improvement. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits full trust verification, but the official .fr domain and government affiliation support legitimacy. Overall, the site presents a moderate to high security posture with room for enhanced transparency and policy documentation. Strategically, the website effectively supports the department's public service mission, providing clear navigation and relevant content. It integrates social media channels to extend outreach and engagement. Recommendations include publishing detailed privacy and security policies, implementing additional security headers, and establishing a vulnerability disclosure process to strengthen trust and compliance.

S

Sorell Hotels

sorellhotels.com

0

Sorell Hotels is a Swiss boutique hospitality group operating 15 hotels, event locations, and restaurants across multiple Swiss cities. The website presents a professional and modern digital presence built on Drupal 11 with a focus on user experience, mobile optimization, and SEO. The company emphasizes unique guest experiences, local culture, and sustainability. The site integrates a booking system and consent management via Usercentrics, demonstrating awareness of privacy compliance. However, explicit privacy policy and terms of service pages are not clearly found, which is a compliance gap. The WHOIS data for the domain www.sorellhotels.com is unavailable, raising questions about domain registration transparency, though the website content and branding strongly indicate a legitimate business. Security posture is good with HTTPS and secure forms, but lacks visible security headers and incident response information.

S

Stadtmuseum Aarau

stadtmuseum.ch

0

Stadtmuseum Aarau is a Swiss cultural institution dedicated to collecting, conserving, and presenting the history and stories of the city of Aarau and its population. It serves a broad audience including families, schools, and local visitors by offering exhibitions, events, educational programs, and digital content. The museum operates under the auspices of the city of Aarau, positioning itself as a trusted local government-affiliated entity with a clear cultural mission. Technically, the website is built on the GOViS CMS platform, a Swiss eGovernment content management system, and employs modern web technologies such as jQuery, Font Awesome, and Matomo analytics. The site is well-optimized for mobile devices and accessibility, with good SEO practices and a clear navigation structure. Security-wise, the website enforces HTTPS and uses a comprehensive cookie consent mechanism, though it lacks explicit security headers and a published security policy or incident response contact. Overall, the site demonstrates a solid security posture with no visible vulnerabilities or suspicious content. The domain registration data aligns well with the website's claims, reinforcing its legitimacy. Strategic recommendations include enhancing HTTP security headers, publishing a security policy, and considering a vulnerability disclosure program to further strengthen trust and security posture.

K

kultur & kongresshaus aarau

kuk-aarau.ch

0

The Kultur & Kongresshaus Aarau is a cultural and congress venue located in Aarau, Switzerland, operating as an institution of the city of Aarau. The website presents a professional and well-structured platform showcasing their event spaces, services, and cultural events. The organization emphasizes accessibility and sustainability, holding certifications such as Swisstainable Level II and membership in OK:GO for barrier-free travel planning. Their target audience includes event organizers, cultural attendees, and local businesses. Technically, the website employs modern JavaScript libraries including jQuery, Font Awesome, and responsive slideshow plugins, ensuring a mobile-optimized and accessible user experience. The site uses a cookie consent mechanism compliant with GDPR principles, and analytics are handled via Matomo, indicating a moderate level of user tracking with privacy considerations. From a security perspective, the site uses HTTPS and implements cookie consent but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the website's claims, reinforcing the domain's legitimacy. Overall, the website is professional, trustworthy, and compliant with basic privacy standards, though improvements in security policy transparency and header implementation are recommended to enhance security posture and user trust.

F

Forum Schlossplatz

forumschlossplatz.ch

0

Forum Schlossplatz is a cultural institution based in Aarau, Switzerland, established in 1994. It serves as a vibrant venue for cultural and societal reflection through exhibitions, events, educational projects, and a podcast. The website reflects a well-structured and professionally presented digital presence targeting a general audience interested in arts and culture. The business model focuses on community engagement and cultural education rather than commercial sales. Technically, the website uses modern web technologies including lazy loading, JavaScript libraries for UI effects, and structured data for SEO. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is partial; a privacy policy is present but no cookie consent mechanism is detected. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professionally maintained.

F

Forstbetrieb Region Aarau

forst-aarau.ch

0

Forstbetrieb Region Aarau is a regional forestry management organization serving multiple municipalities in Switzerland, primarily Aarau, Biberstein, and Unterentfelden. The organization manages approximately 916 hectares of forest land, focusing on sustainable wood harvesting and diverse forestry services including garden and park forestry, tree care, root stock milling, consulting, and sales of firewood and forest products. The website is professionally designed using Joomla CMS and Bootstrap framework, providing clear navigation and relevant content in German for its target audience. Contact information is prominently displayed, enhancing business credibility. Technically, the site uses modern web technologies and enforces HTTPS, but lacks some security headers and privacy compliance mechanisms such as cookie consent. No blocking or WAF challenges were detected, allowing full content access.

B

benevol Schweiz

benevol.ch

0

benevol Schweiz is a Swiss non-profit umbrella organization that connects regional volunteer offices and promotes volunteer engagement across Switzerland. The website serves as a central hub for volunteer opportunities, educational resources, and recognition tools, positioning benevol as a leading entity in the volunteer sector. The organization targets volunteers, organizations seeking volunteers, and public entities, offering services such as a volunteer job platform and educational courses. Technically, the website employs modern web technologies including Google Tag Manager, CookieYes for consent management, and Cloudflare Turnstile for bot protection, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, security cookies, and privacy compliance, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

M

Mobimo Management AG

aeschbachquartier.ch

0

The website www.aeschbachquartier.ch represents the Aeschbachquartier Aarau, a mixed-use urban development project managed by Mobimo Management AG, a reputable Swiss real estate company. The site offers detailed information about residential, commercial, and community spaces, targeting residents, businesses, and visitors in Aarau. The business model centers on real estate development and management, with a medium-sized market presence in Switzerland. Technically, the website is built on Drupal 10 with Bootstrap 5, featuring embedded Vimeo videos and Matomo analytics configured to respect DoNotTrack settings. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is good with HTTPS enforced and some security headers present, though improvements are recommended in cookie consent and explicit security policies. No critical vulnerabilities or suspicious content were detected. Privacy compliance is adequate with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is clear, though no direct email addresses are published. Overall, the site is professional, trustworthy, and aligned with the parent company Mobimo Management AG.

Z

Zeitpol AG

aha.ag

0

AHA (operated by Zeitpol AG) is a hospitality and cultural venue located in Aarau, Switzerland, offering a diverse range of live events, dining experiences, and room rentals. The website presents a professional and engaging platform showcasing upcoming events, restaurant offerings, and cultural programs, targeting local residents and visitors interested in entertainment and social gatherings. The business is relatively young, founded in 2021, and positions itself as a vibrant community hub with a unique industrial ambiance. Technically, the website leverages modern frameworks such as Next.js and React, hosted on AWS infrastructure, and integrates common analytics tools like Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and domain transfer protections, but lacks DNSSEC and comprehensive security headers. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism. Overall, the site is trustworthy, well-branded, and user-friendly, though improvements in security and privacy transparency are recommended.

H

Hotel Aarauerhof

aarauerhof.net

0

Hotel Aarauerhof is a modern self check-in hotel located in the center of Aarau, Switzerland, offering 75 rooms with amenities such as highspeed WLAN and breakfast. The website is professionally designed using modern web technologies including Next.js and React, with integration of Usercentrics for consent management and Aleno for reservations. The security posture is good with HTTPS enforced and no exposed sensitive data, though some security headers and incident response information are missing. The domain WHOIS data is unavailable, which raises some legitimacy concerns, but the website content and business presentation are professional and trustworthy. Overall, the site is well-optimized for SEO, mobile, and accessibility, targeting business travelers and tourists seeking flexible accommodation.

The website adia.tv is registered to Unblu inc., a Swiss company established in 2007. The site content is extremely minimal, containing only a single external link to adiacom.ch, with no additional business description, contact information, or user engagement features. This limits the ability to fully assess the business model, target audience, or market position. Technically, the site uses Cloudflare DNS but lacks DNSSEC and security headers, indicating a basic security posture. There is no evidence of privacy or cookie policies, which impacts GDPR compliance negatively. The domain registration is consistent and legitimate, with appropriate domain status flags and a long registration history, supporting trustworthiness. Overall, the website appears to be a placeholder or minimal presence rather than a fully developed business site.

I

IFEMA MADRID

ifema.es

0

IFEMA MADRID is a leading Spanish operator and one of the most important in Europe within the international circuit of the fair and congress industry. The organization specializes in creating relationships between people, brands, and experiences through a wide range of events including leisure, tourism, art, fashion, technology, motor, education, employment, and gastronomy. Their market position is strong as a large entity serving businesses, professionals, and the general public interested in events in Madrid and Europe. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Google Analytics, Visual Website Optimizer, and OneTrust for cookie consent, reflecting a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though the absence of a public security policy or incident response contact is noted. WHOIS data is restricted by the Spanish registry policy, which is typical and not suspicious. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences.

AutoScout24.ch is a leading online automotive marketplace in Switzerland, offering vehicle listings for buyers and sellers. The platform is part of Scout24 AG, a reputable company in the digital classifieds sector. The website employs modern web technologies such as React and Next.js and is protected by Cloudflare's security services, including Turnstile captcha, indicating a strong focus on security and bot mitigation. However, the current content is inaccessible due to the Cloudflare WAF challenge, limiting the ability to fully assess the website's content, privacy policies, and user experience. WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website appears to be a professional and established platform in the transportation sector, but the security challenge page restricts comprehensive analysis.