Security Directory

X

XOXO Zone

xoxo.zone

0

XOXO Zone operates as a community-run Mastodon instance primarily serving attendees and speakers of the XOXO Festival, a cultural event held in Portland, Oregon. The platform facilitates social networking within the fediverse, leveraging the open-source Mastodon software. The website presents a niche social media service with a focused target audience, maintaining a small but active user base. The business model centers on community engagement rather than commercial monetization. Technically, the website is built on Mastodon version 4.4.1, utilizing React and modern JavaScript modules, hosted on DigitalOcean infrastructure with CDN support for media assets. The site demonstrates moderate performance and good mobile optimization, though accessibility and SEO optimizations are basic. The technical stack is modern and appropriate for a social networking platform of this scale. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and several recommended security headers. No exposed sensitive data or vulnerable libraries were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or terms of service published. Contact information is limited to Mastodon user profiles and sign-in forms, with no direct company emails or phone numbers. Overall, XOXO Zone is a trustworthy and professionally maintained community platform with a clear niche focus. Security posture is adequate but could be improved with enhanced policies and technical controls. Privacy compliance requires attention to meet GDPR standards fully. Strategic recommendations include enabling DNSSEC, publishing terms of service, implementing cookie consent, and enhancing security headers to strengthen trust and compliance.

The domain relimedia.biz is registered to AlCoda GmbH, a Swiss company established in 2017. However, the website content is completely inaccessible, returning a 403 Forbidden error page that blocks all access. Due to this, no business description, services, or contact information is available for analysis. The technical infrastructure appears minimal with DNS hosted on domaincontrol.com and registrar Mesh Digital Limited. Security posture is weak as no security headers or SSL details are available, and the site is effectively non-functional for visitors. Overall, the risk is elevated due to lack of transparency and accessibility, limiting trust and usability.

L

limor

ladyada.net

0

The website ladyada.net is a personal or portfolio site focused on technical projects, research, and creative works. It serves as a showcase for various technical and artistic endeavors, targeting technology enthusiasts and makers. The site structure is based on classic HTML and JavaScript with interactive image maps but lacks modern web technologies and responsive design. The domain is well-established, created in 2005, and registered with NameCheap without privacy protection, indicating transparency and legitimacy. From a technical perspective, the site uses basic JavaScript and HTML without modern frameworks or CMS. Hosting is inferred to be behind Cloudflare DNS, but no advanced security headers or HTTPS enforcement are evident from the provided data. The site lacks privacy and cookie policies, contact information, and analytics or tracking scripts, suggesting minimal data collection and a low digital footprint. Security posture is weak due to absence of HTTPS enforcement, security headers, and formal privacy compliance. No forms or input fields are present to assess input security. The site content is safe for general audiences with no adult or questionable content detected. Overall, the site is functional but basic, with room for improvement in security, privacy compliance, and modern web practices. Recommendations include implementing HTTPS, adding security headers, publishing privacy and cookie policies, and providing contact and incident response information to enhance trust and compliance.

P

PBworks, Inc.

pbworks.com

0

PBworks, Inc. operates a SaaS-based online team collaboration platform that enables teams to capture knowledge, share files, and manage projects securely and reliably. The company targets a broad audience including businesses, agencies, legal firms, and educational institutions, offering specialized hubs tailored to these sectors. The website presents a professional image with clear navigation and comprehensive service descriptions, positioning PBworks as an established player in the collaboration software market. Technically, the website is built using Adobe Muse with jQuery and RequireJS, and integrates Google Analytics for user tracking. While the site is accessible and functional, it uses an outdated jQuery version and lacks modern security headers, indicating room for technical modernization and improved security hardening. Mobile optimization and accessibility are basic but functional. From a security perspective, the site implements cookie consent and privacy policies aligned with GDPR, but lacks publicly visible incident response or vulnerability disclosure policies. The absence of WHOIS data for the domain is a concern, as it reduces transparency and trustworthiness. No WAF or blocking mechanisms were detected, and the content is safe and business-focused. Overall, PBworks demonstrates a solid business and technical foundation but should address security best practices and domain transparency to enhance trust and compliance. Strategic improvements in security headers, updated libraries, and public security policies are recommended.

Micropub Rocks! is a specialized online validator tool designed to assist developers and implementers in testing their Micropub client and server implementations. The website provides various testing capabilities and publishes implementation reports, targeting a niche audience within the IndieWeb and Micropub community. The business model is based on offering an open source, freely accessible validation service, with no evident commercial monetization or advertising. The site is small in scale and founded around 2016, consistent with the domain registration date. Technically, the website uses a straightforward technology stack including HTML5, CSS with Semantic UI, and JavaScript with jQuery. Hosting is provided by Linode, a reputable VPS provider. The site is moderately optimized for mobile and performance, with basic accessibility and SEO features. The code is open source and publicly available on GitHub, enhancing transparency. From a security perspective, the site lacks several modern security best practices such as DNSSEC, security headers, and visible SSL/TLS configuration details. The domain is privacy protected, which is reasonable for a small open source project. The site uses an email-based sign-in mechanism with a simple anti-bot field to facilitate authorization testing without complex authentication flows. No privacy or cookie policies are present, which is a compliance gap. No incident response or vulnerability disclosure information is provided. Overall, the website is functional and trustworthy within its niche but would benefit from improved security hardening and privacy compliance. The risk level is low given the nature of the site and its limited data collection. Strategic improvements in security headers, DNSSEC, and privacy documentation would enhance trust and compliance.

Webmention Rocks! is a niche technical website providing a validator and test suite for the Webmention protocol, primarily targeting developers and implementers within the IndieWeb and web standards communities. The site offers a variety of tests for endpoint discovery, updates, deletes, and receiver functionality, and encourages users to submit implementation reports to the W3C. It is open source and hosted on Linode, with a domain registered in 2016 and privacy protection enabled. From a technical perspective, the website uses a classic web stack including jQuery 1.11.3 and Semantic UI for styling and interactivity. The site is moderately performant, mobile optimized, and has a clear navigation structure. However, accessibility and SEO optimizations are basic. No CMS is detected, indicating a custom or static site. Security posture is moderate; the domain uses clientTransferProhibited status to prevent unauthorized transfers but lacks DNSSEC and visible security headers. No privacy or cookie policies are present, and no contact information is provided for security incidents or general inquiries. There are no signs of vulnerabilities or malicious content, and the site content is safe for general audiences. Overall, the website is a credible and useful tool within its niche but would benefit from improved security practices, privacy compliance, and contact transparency to enhance trust and compliance.

IndieAuth.net serves as an informational and specification website for the IndieAuth protocol, a decentralized identity solution built on OAuth 2.0. The site targets developers and website owners interested in decentralized authentication, providing detailed documentation, tutorials, and links to self-hosted and public IndieAuth providers. The business model is community and open-source driven, focusing on protocol adoption rather than commercial services. Technically, the site is a simple static HTML/CSS implementation hosted on Linode, with no detected CMS or complex frameworks. The site performs moderately with basic mobile optimization and accessibility features. Security posture is moderate; while HTTPS is implied (not explicitly stated in data), DNSSEC is not enabled and no security headers are detected, indicating room for improvement. No privacy or cookie policies are present, and no contact or incident response information is provided, which impacts compliance and trust. Overall, the site is trustworthy within its niche but would benefit from enhanced security and privacy disclosures.

Micropub.net serves as an informational website dedicated to the Micropub open API standard, which enables users to create posts on their own domains using third-party clients. The site primarily targets developers and members of the IndieWeb community interested in decentralized social web publishing. It provides links to the official specification, test suites, and implementation reports, positioning itself as a niche resource within the technology standards space. The website is simple and content-focused, reflecting its role as a documentation and community resource rather than a commercial entity. From a technical perspective, the site is hosted on Linode with domain registration through NameCheap, Inc. The technology stack is minimal, consisting of static HTML and CSS without advanced frameworks or CMS platforms. Performance and mobile optimization are basic but adequate for the site's purpose. SEO and accessibility features are minimal but sufficient given the limited scope of content. Security posture is moderate but could be improved. The site lacks DNSSEC, security headers, and privacy or cookie policies, which are important for compliance and user trust. No contact or incident response information is provided, limiting transparency in security matters. The domain is well aged and registered without privacy protection, which aligns with the open and community-driven nature of the project, supporting legitimacy. Overall, micropub.net is a trustworthy and safe resource for its intended audience but would benefit from enhanced security practices and compliance documentation to improve user trust and meet modern web standards.

Webmention.net serves as an informational hub for the Webmention protocol, a W3C Social Web Working Group specification contributed by the IndieWeb community. The site provides links to the latest published versions, drafts, and implementations of the protocol, targeting developers and web technologists interested in decentralized social web standards. The website is minimalistic, focusing on content delivery rather than commercial services or user engagement features. Technically, the site is hosted on Linode with domain registration through NameCheap, indicating a stable and reputable infrastructure. The technology stack is basic, consisting primarily of HTML and CSS, with no detected CMS or advanced frameworks. Performance and mobile optimization are moderate to basic, reflecting the simple nature of the site. From a security perspective, the site lacks advanced security headers, privacy policies, cookie consent mechanisms, and contact information for incident response. DNSSEC is not enabled, which is a recommended improvement for domain security. No analytics or tracking technologies are present, which reduces privacy concerns but also limits business intelligence capabilities. Overall, the website is safe and trustworthy for its intended audience but would benefit from enhanced security practices, privacy compliance documentation, and improved technical sophistication to better serve its community and maintain trust.

OAuth2Simplified.com is a specialized educational website dedicated to providing comprehensive guidance on building OAuth 2.0 servers. The site offers a variety of resources including a well-regarded book authored by Aaron Parecki, online courses on OAuth and advanced security topics, and related merchandise. The business is positioned as a niche authority in the OAuth and API security space, targeting developers, architects, and technical professionals interested in secure API authorization frameworks. The site is published by Okta, Inc., a recognized leader in identity and access management, lending strong credibility to the content and offerings. Technically, the website is well-constructed with modern HTML5 and CSS, uses reputable third-party services such as MailChimp for email marketing and Fathom Analytics for privacy-focused analytics, and is hosted on Linode, a reliable cloud provider. The site is mobile optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some security headers and formal privacy and cookie policies, which are areas for improvement. No contact emails or phone numbers are explicitly provided, which may impact user trust and compliance. Overall, the website is professional, trustworthy, and serves as a valuable resource in its domain, but would benefit from enhanced privacy compliance and security policy disclosures.

Backpedal TV is a small, specialized media service provider based in Portland, Oregon, offering video recording and live streaming services primarily for conferences, meetups, and events. The company has been operating since 2016 and targets event organizers and corporate clients in the local area. Their website reflects a professional and consistent brand with clear descriptions of their key services and client testimonials, positioning them as a trusted niche provider in the media services sector. Technically, the website uses a modern but simple technology stack including jQuery and Semantic UI, hosted on Linode. The site is moderately optimized for mobile and performance, with basic SEO and accessibility features. Google Analytics is used for user tracking, but there is no evidence of advanced privacy compliance mechanisms such as cookie consent banners or privacy policies. From a security perspective, the site lacks important security headers and DNSSEC is not enabled, which could be improved to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent and legitimate, with a long registration period and matching geographic information. However, the absence of privacy and cookie policies indicates compliance gaps that should be addressed. Overall, the website is functional and professional but would benefit from enhanced security and privacy compliance measures to improve trust and reduce risk. Strategic improvements in these areas will support the company’s credibility and protect user data effectively.

The website w7apk.com is a personal amateur radio enthusiast site maintained by Aaron Parecki. It provides a variety of radio-related content including cheat sheets, hardware and software reviews, protocol explanations, and community links. The site targets amateur radio hobbyists and serves as an informational resource rather than a commercial business. The domain age and content timeline are consistent, supporting the legitimacy of the site. Technically, the site is built with basic HTML, CSS, and JavaScript, with minimal use of external libraries and a lightweight analytics tool (Fathom Analytics). The site is moderately optimized for mobile and SEO but lacks advanced technical frameworks or CMS platforms. Security posture is basic; HTTPS is implied but no advanced security headers or DNSSEC are implemented. Privacy compliance is minimal with no visible privacy or cookie policies. Contact information is limited to a contact page without explicit emails or phone numbers. Overall, the site is safe, trustworthy, and suitable for general audiences with no adult or questionable content.

V

Venmo

venmo.com

0

Venmo is a well-established mobile payment platform founded in 2008 and currently operating as a subsidiary of PayPal Holdings, Inc. It offers peer-to-peer payment services, enabling users to manage balances, send and receive money, and split bills seamlessly. The website reflects Venmo's strong market position as a leading social payments app in the United States, targeting consumers who prefer mobile and social payment solutions. The business model focuses on facilitating easy and social financial transactions among friends and networks. Technically, the website is built using modern frameworks such as React and Gatsby, hosted on AWS infrastructure, and integrates analytics tools like Google Analytics and mParticle for data-driven insights. The site is optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. SEO practices are well implemented with comprehensive meta tags and structured data. From a security perspective, Venmo enforces HTTPS, employs multiple security headers, and uses domain registration protections to safeguard its digital presence. However, DNSSEC is not enabled, and there is no public security.txt or explicit incident response contact information, which are areas for improvement. Privacy compliance is strong with clear policies and consent mechanisms, aligning with GDPR requirements. Overall, Venmo's website demonstrates a high level of professionalism, security, and compliance, supporting its credibility and trustworthiness in the financial technology sector. Strategic recommendations include enabling DNSSEC, publishing vulnerability disclosure information, and enhancing incident response transparency to further strengthen security posture.

C

Cash App

cash.me

0

Cash App is a leading financial services platform owned by Block, Inc., offering a comprehensive suite of services including peer-to-peer payments, banking, investing, bitcoin trading, and tax filing. The platform targets general US residents seeking convenient and flexible financial management tools. The website demonstrates a mature digital presence with modern technologies such as Next.js and Contentful CMS, supported by a robust CDN infrastructure for fast and reliable performance. Mobile optimization and accessibility are well implemented, ensuring a seamless user experience across devices. Security is a core focus, with HTTPS enforcement, encryption, fraud detection, and real-time alerts enhancing user trust. Privacy compliance is strong, featuring clear policies and consent mechanisms. Overall, the site reflects a professional, trustworthy fintech brand with high market credibility.

R

Registrant of kit.co

kit.co

0

Kit.co is a technology-oriented platform with a domain registered since 2010 under a UK-based registrant named 'Registrant of kit.co'. The website uses modern front-end technologies such as AngularJS and Material Design and is hosted on Amazon AWS infrastructure. However, the website content provided is minimal and lacks explicit metadata such as privacy policies, cookie policies, terms of service, or contact information. The technical implementation is moderate with basic mobile optimization and accessibility. Security posture is basic with HTTPS enabled but missing important security headers and DNSSEC. No advanced security or incident response policies are published. Overall, the website appears legitimate but would benefit from enhanced transparency and security practices.

Aaron Parecki operates a personal brand website focused on livestreaming tutorials, gear reviews, and consulting services. The site targets livestreaming enthusiasts and professionals seeking expert advice and educational content. The business model combines content creation with paid consulting and affiliate marketing, positioning Aaron Parecki as a niche expert in the media space. The website is well-branded, content-rich, and supported by active social media channels, enhancing its market presence. Technically, the website is built using standard web technologies including HTML5, CSS3, JavaScript, and jQuery, hosted on Linode infrastructure. The design is responsive and user-friendly, with embedded video content and calendar integration. Analytics are handled via privacy-focused Fathom Analytics, indicating a moderate level of digital maturity. However, the site lacks CMS usage and some modern security headers, which could be improved. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. The domain is privacy protected but consistent with a personal brand site. No security or incident response policies are published, and no cookie or privacy policies are present, representing compliance gaps. DNSSEC is not enabled, and security headers are missing, suggesting room for security posture enhancement. Overall, the website is trustworthy, professional, and safe for general audiences. Strategic improvements in privacy compliance, security headers, and formal policies would strengthen its security and regulatory posture, supporting long-term business credibility and user trust.

OAuth.net is a well-established community and informational website dedicated to the OAuth open protocol, which enables secure authorization for web, mobile, and desktop applications. Founded in 2007, the site serves developers and API providers by offering specifications, code samples, articles, videos, events, and security guidance. The website positions itself as an authoritative resource in the technology sector, focusing on OAuth 2.0 and related standards. Its business model revolves around community engagement and educational content rather than direct commercial services. Technically, the site uses a straightforward stack including Bootstrap for styling, jQuery for scripting, and integrates privacy-conscious tools such as Fathom Analytics and EthicalAds for advertising. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting appears stable with NameCheap as the registrar, though no CMS or advanced hosting details are evident. From a security perspective, the site enforces HTTPS and avoids collecting sensitive user data, which reduces risk. However, it lacks important security headers and formal policies such as privacy, cookie, and incident response disclosures. No contact information or vulnerability disclosure mechanisms are provided, which could hinder trust and compliance. The domain registration is consistent and long-standing, supporting legitimacy. Overall, OAuth.net is a credible and professional resource with good content quality and technical implementation. To improve, it should implement formal privacy and cookie policies, add security headers, and provide clear contact and security incident channels to enhance compliance and trustworthiness.

C

CUSTOM Design Sàrl

custom-design.ch

0

CUSTOM Design Sàrl is a Swiss-based small design agency established in 2002, specializing in custom design and communication services including graphic identity, packaging, web design, and branding. The company positions itself as a creative partner delivering tailored concepts with a 360-degree approach. The website reflects a professional and consistent brand image with clear contact information and client testimonials, targeting businesses seeking bespoke design solutions. Technically, the website uses legacy JavaScript libraries such as jQuery 1.7.1 and jQuery UI 1.8.16, integrated with Google Analytics and Slick Carousel for UI components. The site is mobile optimized and has basic SEO and accessibility features but lacks advanced security headers and modern JavaScript versions. Security posture is moderate with HTTPS enabled but no visible security headers and outdated libraries that may pose risks. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanism. Overall, the website is functional and trustworthy but requires improvements in security and privacy compliance to enhance its risk profile.

C

cathkathcatt.ch

cathkathcatt.ch

0

cathkathcatt.ch is a multilingual Catholic media platform serving the Swiss Catholic community across German, French, and Italian language groups. The website provides news, job listings, and advertising space related to Catholic institutions in Switzerland. The platform is built on WordPress and uses common web technologies such as Bootstrap, jQuery, and integrates tracking tools like Google Tag Manager, Facebook Pixel, and Mouseflow. The website's content is minimal on the main page, with a 'Nothing Found' message indicating possible content gaps or misconfiguration. Contact information is limited to a contact form page without direct emails or phone numbers. No privacy or cookie policies are found, and no security headers are implemented, although HTTPS is enforced. The site links to partner domains representing language variants and job listings for Catholic institutions.

H

Husitské muzeum v Táboře

husitskemuzeum.cz

0

Husitské muzeum v Táboře is a cultural institution focused on presenting historical and educational content related to the Hussite movement and medieval history in the Czech Republic. The website serves as an information portal for museum exhibitions, educational programs, and cultural events, targeting general visitors and history enthusiasts. The site is multilingual, primarily in Czech with English support, and provides detailed event information and partner references. Technically, the website is built on WordPress with a variety of plugins for multilingual support, GDPR compliance, and user engagement. It uses standard web technologies including jQuery, Google Fonts, Google Analytics, and Facebook SDK. The site is served over HTTPS, ensuring secure communication, but uses an outdated jQuery version which may pose security risks. The site has moderate performance and basic mobile optimization. From a security perspective, the site implements GDPR-compliant cookie consent mechanisms and uses HTTPS. However, it lacks advanced security headers and uses an outdated JavaScript library version. No explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are found. WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the website is professionally maintained with good content quality and user experience. The main risks relate to outdated libraries and lack of visible security policies. Strategic improvements in security headers, library updates, and enhanced contact transparency would strengthen the site's security posture and trustworthiness.

V

Vysoká škola evropských a regionálních studií

vsers.cz

0

Vysoká škola evropských a regionálních studií (VŠERS) is a Czech higher education institution specializing in regional and European studies, offering bachelor's degree programs primarily in Security and Legal Activities and Public Administration. The institution targets prospective students in the Czech Republic, providing educational services, lifelong learning, and research activities. The website reflects a well-established educational entity with a domain registered since 2003, consistent with its business claims. Technically, the website is built on WordPress 6.8.2, utilizing popular plugins such as Slider Revolution and SiteOrigin Panels, and employs modern web technologies including jQuery and Font Awesome. The site is hosted under a Czech registrar with appropriate DNS configurations. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS, includes some security headers, and does not expose sensitive data. Privacy compliance is strong, with a clear privacy policy and cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or security incidents were detected. Overall, the website demonstrates a solid risk posture with no blocking WAF or security challenges, making it accessible and trustworthy. Strategic recommendations include enhancing security headers and maintaining up-to-date software to mitigate emerging threats.

E

Enki o.p.s.

enki.cz

0

Enki o.p.s. is a Czech non-profit research organization specializing in applied environmental research and laboratory services, operating since 1999. Their website reflects a professional presence with a focus on environmental balance and scientific expertise. The organization offers a range of services including accredited laboratory testing, educational programs, and mobile laboratory services. The site is built on WordPress using the Divi theme, indicating a modern and maintainable technical infrastructure. Security posture is strong with HTTPS and security headers implemented, though privacy compliance could be improved by adding cookie consent mechanisms and clearer contact information. Overall, the website supports the organization's credibility and mission effectively.

M

Mikrobiologický ústav AV ČR, v.v.i.

alga.cz

0

Centrum Algatech is a reputable research center under the Microbiological Institute of the Czech Academy of Sciences, specializing in microscopic algae research and biotechnology. The center is internationally recognized and operates unique cultivation facilities. The website reflects a medium-sized scientific institution with a focus on research and public outreach. Technically, the site uses older but functional technologies like the Dojo Toolkit, with moderate performance and basic mobile optimization. Security posture is moderate with room for improvement, especially in HTTPS enforcement and security headers. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy page. WHOIS data is unavailable, which reduces domain transparency but does not negate the site's legitimacy given its institutional affiliation. Overall, the website is professional, content-rich, and safe for general audiences.

V

Vysoká škola technická a ekonomická v Českých Budějovicích

vstecb.cz

0

Vysoká škola technická a ekonomická v Českých Budějovicích (VŠTE) is a public higher education institution located in the Czech Republic, specializing in technical and economic disciplines. The university distinguishes itself by a strong emphasis on practical education, offering accredited bachelor and master degree programs. It serves students primarily from the Czech Republic and international students through exchange programs. The institution maintains a medium-sized presence with various subsidiaries including a basic and nursery school, sports clubs, and student organizations. The website reflects a professional and well-structured digital presence with comprehensive information about academic programs, admissions, and student services. Technically, the website is built on WordPress CMS with modern plugins such as Yoast SEO, WPBakery Page Builder, and Cookiebot for cookie consent management. It uses Bootstrap for responsive design and integrates Google Analytics and Facebook Pixel for analytics and marketing. The site is mobile-optimized and accessible, with clear navigation and ARIA attributes enhancing usability. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain registration trust verification, but the website content and official contact details support legitimacy. Overall, VŠTE's website is a reliable and professional digital asset supporting its educational mission. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance. The site is safe for general audiences with no adult or questionable content detected.

E

Evangelisch-reformierte Kirche Basel-Landschaft

ref-bl.ch

0

The Evangelisch-reformierte Kirche Basel-Landschaft operates a professional and well-structured website serving its community in Basel-Landschaft, Switzerland. The site provides comprehensive information about church services, community engagement, and social support, targeting members and prospective members of the regional church. The organization positions itself as a key religious and non-profit entity in the region, with clear branding and consistent messaging. Technically, the website employs modern web technologies including UIkit, jQuery, and FontAwesome, supported by a CloudTec CMS platform. It integrates privacy-conscious analytics via Matomo and implements a robust cookie consent mechanism through Cookiebot, reflecting a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, though some accessibility improvements could be made. From a security perspective, the website enforces HTTPS and uses a Content-Security-Policy header, ensuring a good baseline security posture. However, additional security headers and explicit incident response information are absent. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with a detailed GDPR-compliant privacy policy and user consent mechanisms. Overall, the website is trustworthy, professionally maintained, and aligned with the organization's mission. Strategic enhancements in security headers, incident response transparency, and accessibility would further strengthen its posture.

K

KW-Software AG

kw-software.ch

0

KW-Software AG is a Swiss technology company specializing in software development and IT services, primarily targeting church organizations across Switzerland with their flagship product KiKartei, a church member management system trusted by over 1000 customers. The company also offers CRM, time tracking, document management, and website services. Their market position is that of a niche, established provider with a focused customer base. Technically, the website is built on WordPress using the Divi theme, enhanced with Yoast SEO and Google Fonts, and integrates Zendesk for customer support. The site is well-structured, mobile-optimized, and employs modern web standards. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though dedicated security and incident response policies are not publicly disclosed. Overall, the website reflects a professional and trustworthy business with good digital maturity. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to enhance trust and compliance.

K

KW-Software AG

kikartei.ch

0

KW-Software AG operates the KiKartei.ch website, providing specialized church administration software tailored for Swiss parishes and pastoral organizations. With over 20 years of experience and more than 1000 customers, the company holds a strong position in the niche market of church software solutions. Their offerings include a core software module, mobile app K!Mobil, and various additional modules, supported by training and customer service. The website is professionally designed using WordPress and modern plugins, hosted securely in a Swiss high-security data center, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no evident vulnerabilities, though explicit security headers and privacy policies are lacking. Overall, the site is trustworthy and well-positioned but would benefit from enhanced privacy compliance and incident response disclosures.

C

cloudtec AG

cloudtec.ch

0

cloudtec AG is a Swiss-based technology company specializing in the development of custom online platforms, web applications, and enterprise websites. Positioned as a specialized partner for businesses seeking tailored digital solutions, cloudtec offers a comprehensive suite of services including API integrations, e-commerce solutions, and cloud architecture consulting. Their market presence is focused on the Swiss business sector, emphasizing quality and efficiency over volume. Technically, the website demonstrates a mature digital infrastructure utilizing modern web technologies, structured data, and compliance tools such as Cookiebot for GDPR adherence. Security posture is solid with HTTPS enforcement, security headers, and error monitoring via Sentry, although explicit security policies and incident response contacts are not publicly disclosed. Overall, cloudtec presents a professional and trustworthy digital presence with good privacy compliance and moderate user tracking. Strategic recommendations include enhancing transparency around security policies and incident response, and improving accessibility features to further strengthen their digital maturity.

V

VideoWeek

europeanvideoawards.com

0

The European Video Awards website represents a specialized event platform celebrating excellence in video and CTV advertising across Europe. The awards are produced by VideoWeek and target advertising professionals, agencies, brands, and adtech companies. The site provides information on categories, judges, nominees, and event details, supported by a modern WordPress infrastructure with Elementor and Yoast SEO for content management and optimization. The technical setup includes Google Analytics and Tag Manager for tracking, with a moderate performance profile and good mobile responsiveness. Security posture is solid with HTTPS and no obvious vulnerabilities, though some security headers could be improved and DNSSEC is not enabled. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is primarily via email and contact forms, with no phone numbers listed. Overall, the site is professional, trustworthy, and well-branded, supporting a niche but established event in the media industry.

S

Stratégies

strategies.fr

0

Stratégies is a leading French media company specializing in communication, marketing, and media industry news. The website offers comprehensive content including news articles, dossiers, events, job listings, and training resources, targeting marketing and communication professionals. The digital infrastructure is built on Drupal CMS with modern JavaScript libraries and integrates multiple analytics and advertising technologies, demonstrating a mature digital presence. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers should be verified. The absence of WHOIS registration data slightly impacts domain trust but the professional content and branding indicate a legitimate business. Overall, the site is well-structured, GDPR compliant, and provides a positive user experience.

C

ChooseMyCompany - Certified reviews

choosemycompany.com

0

ChooseMyCompany is a well-established platform founded in 2014 that specializes in providing certified ESG reviews, rankings, and job postings for companies and schools. The platform targets businesses, employees, trainees, and job seekers, offering services such as review collection, benchmarking, and certified review broadcasting with a strong emphasis on GDPR compliance and data protection. The website demonstrates a high level of professionalism, content quality, and user experience, supported by multiple language options and recognized certifications like HappyIndex®. Technically, the site employs modern JavaScript libraries including jQuery, Bootstrap Vue, and cookie consent management tools, hosted on a reputable cloud provider. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS enforced and domain transfer protection, but lacks DNSSEC and some security headers. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is trustworthy and credible, though it would benefit from publishing explicit security policies and incident response contacts.

Inspiring Workplaces Group Limited operates a professional website focused on promoting PeopleFirst workplace cultures globally. The company offers awards programs, certification services, content resources, and community events to support organizations in building and celebrating positive workplace environments. The website positions itself as a global community and certification authority in this niche, targeting HR professionals and organizations committed to employee engagement and culture excellence. Technically, the website is built on WordPress with modern technologies including Laravel Livewire, Alpine.js, and integrates Google Analytics, Google Tag Manager, Stripe for payments, and Mailchimp for marketing. The site is hosted behind Cloudflare DNS and CDN services, ensuring good performance and availability. Security posture is solid with HTTPS enforced and domain protection flags set, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism or explicit GDPR compliance indicators. Contact information is limited to contact forms and social media links, with no direct emails or phone numbers published. Overall, the website is professional, trustworthy, and well-maintained, serving a medium-sized business with a clear market position in workplace culture certification and community engagement.

T

Titan OS | Re-thinking TV

titanos.tv

0

Titan OS presents itself as an independent operating system for connected TV (CTV) devices, focusing on a collaborative business model that includes revenue sharing and user experience customization for manufacturers, alongside monetization and data support for content owners. The website is professionally designed using the Framer framework and incorporates modern web fonts and Google Analytics for tracking. However, the absence of privacy policies, contact information, and WHOIS registration details limits the transparency and trustworthiness of the business. Technically, the site is moderately optimized with good mobile responsiveness and SEO practices but lacks visible security headers and explicit compliance indicators. The security posture is weak due to missing security best practices and lack of incident response information. Overall, the site is safe for general audiences and does not contain adult or questionable content.

S

Scope3, PBC

scope3.com

0

Scope3 is a technology company focused on decarbonizing media and advertising through AI-powered agentic advertising platforms. They serve major brands and agencies by providing tools to measure and reduce carbon emissions in digital media campaigns, integrating sustainability with performance. The company has a strong market position supported by strategic funding and partnerships with industry leaders. Technically, the website is built on modern frameworks like Next.js and Material-UI, hosted on Cloudflare, and uses analytics tools such as PostHog and HubSpot. Security posture is strong with HTTPS, security headers, and Cloudflare protection, though DNSSEC is not enabled and no explicit security policy is published. Privacy compliance is good with clear policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for performance and SEO.

S

SCAN-MATCH

equativatcannes2025.com

0

The website 'Equativ at Cannes Lions 2025' serves as a professional event platform for Equativ's participation at the Cannes Lions festival. It offers detailed schedules, panel sessions, wellness activities, and exclusive invite-only events targeted at marketing and media professionals. The site facilitates user registration and meeting bookings, positioning itself as a niche event organizer within the media industry. Technically, the site employs modern frontend technologies including Bootstrap, jQuery, Font Awesome, and Matomo analytics, hosted on Google Cloud Platform. The design is professional, mobile-optimized, and content-rich, providing a good user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers and explicit policies are lacking. WHOIS data shows a suspicious future domain creation date, which may be a data anomaly but warrants monitoring. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, with room for security and policy enhancements.

T

Transfon Ltd

uniconsent.com

0

UniConsent, operated by Transfon Ltd, is a specialized Consent Management Platform (CMP) focused on helping digital publishers, SaaS providers, marketers, and e-commerce businesses comply with global privacy regulations such as GDPR, CCPA, and LGPD. The platform is IAB TCF 2.2 certified and integrates with major advertising and analytics technologies including Google Consent Mode and Prebid.js. UniConsent positions itself as a leading CMP trusted by over 5000 global clients, offering comprehensive consent lifecycle management, cookie scanning, and customizable user interfaces. Technically, the website is built using modern web technologies including Next.js and Tailwind CSS, with integrations for Google Tag Manager and analytics. The platform supports multiple device platforms including web and mobile (iOS, Android, Flutter). The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements consent management best practices. However, it lacks explicit security headers and published security policies or incident response contacts, which are areas for improvement. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the business information and certifications support legitimacy. Overall, UniConsent presents a professional, trustworthy, and technically sound CMP solution with strong privacy compliance features. Strategic recommendations include enhancing security header implementation, publishing a formal security policy, and clarifying domain registration details to improve trust and compliance posture.

R

Rockero

rockero.cz

0

Rockero is a Czech technology company specializing in end-to-end digital product development, including market research, UX/UI design, software development, and AI model creation. The company targets visionary clients seeking data-driven innovation and digital transformation. Their website reflects a professional and modern digital presence with strong branding and client trust signals. Technically, the site uses modern frameworks such as Laravel Livewire and Alpine.js, integrates multiple analytics and marketing tools, and employs a GDPR-compliant consent management platform. Security posture is solid with HTTPS and no exposed sensitive data, though some security headers and explicit policies could be improved. Overall, Rockero presents a credible and trustworthy business profile with a well-executed digital infrastructure.

I

i&i Prague

iniprague.com

0

i&i Prague is a biotech incubator and venture builder focused on supporting innovations in drug discovery, diagnostics, medtech, and other life science fields. The company positions itself as a niche player in the European biotech ecosystem, targeting startups and innovators in the life sciences sector. The website is professionally designed using the Wix platform, providing clear information about the business focus but lacks detailed contact or compliance information. Technically, the site uses Wix's Thunderbolt framework and related polyfills, indicating a modern but standard web infrastructure. Security posture is weak due to absence of HTTPS verification, security headers, and privacy policies. No WHOIS registration data was found, which raises concerns about domain legitimacy and trustworthiness. Overall, the site is accessible and safe but requires improvements in security, compliance, and business transparency to enhance credibility and trust.

L

LUMI consortium

lumi-supercomputer.eu

0

The LUMI website represents a large-scale European supercomputing consortium providing high-performance computing resources and AI services to researchers and industry. The site is well-structured, professionally designed, and targets a technical audience involved in HPC and AI innovation. The technical infrastructure is based on WordPress with modern plugins and frameworks, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security headers could be improved. Privacy compliance is well addressed with a comprehensive cookie policy and privacy page. The absence of terms of service and security policy pages is noted but does not critically impact trust. Overall, the website reflects a credible and mature digital presence aligned with its business goals.

F

fadegrad Podcast

fadegrad-podcast.ch

0

Fadegrad Podcast is a small, regionally focused podcast initiative presented by the Roman Catholic and Evangelical Reformed churches of the St.Gallen and Appenzell cantons in Switzerland. The website serves as a platform for sharing inspiring life stories and faith-related content, targeting a general audience interested in personal narratives and religious topics. The business model centers on content creation and distribution through podcasts, videos, and social media engagement. Technically, the site is built on WordPress with modern web technologies and integrates multimedia content effectively. Security posture is strong with HTTPS, security headers, and GDPR-compliant cookie consent mechanisms in place. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates good digital maturity and compliance with privacy regulations, supporting its credibility and trustworthiness.

S

Sternenglanz

sternenglanz.ch

0

Sternenglanz is a small media entity focused on producing spiritual podcast and blog content primarily for the Swiss Ostschweiz region. It is affiliated with the Roman Catholic and Evangelical Reformed churches of St.Gallen and Appenzell, providing spiritual inspiration and biblical impulses through regular podcast episodes and blog posts. The website is professionally designed using WordPress and modern web technologies, offering a good user experience with clear navigation and mobile optimization. The technical infrastructure includes common WordPress plugins such as Yoast SEO, Contact Form 7, and MailPoet for newsletter management. Security posture is solid with HTTPS enforced and cookie consent implemented, though additional security headers could improve defenses. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Contact information is transparent and includes a company email and phone number. Overall, the site is trustworthy, safe, and well-maintained, serving a niche spiritual audience effectively.

V

Visuelle Fabrik

visuellefabrik.ch

0

Visuelle Fabrik is a small, professional branding and graphic design agency based in Basel, Switzerland. The company specializes in corporate branding, design, marketing, and consulting services aimed at businesses seeking to enhance their brand identity and market presence. Their website reflects a strong market position with a clear focus on quality and client engagement. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and SEO tools such as Rank Math and Google Tag Manager. The site is well-optimized for mobile devices and provides a good user experience. Security-wise, the website uses HTTPS and implements a comprehensive cookie consent mechanism, but lacks explicit privacy and security policy pages and security headers, which are recommended for enhanced compliance and protection. Overall, the domain registration details are consistent with the business claims, supporting the legitimacy of the site.

W

World YWCA

worldywca.org

0

World YWCA is a globally recognized non-profit organization dedicated to empowering women, young women, and girls through grassroots leadership and advocacy. It holds a strong market position as the largest organization of its kind, engaging millions annually. The website reflects a mature digital presence with comprehensive content, clear navigation, and multiple engagement channels including donations, membership, and events. Technically, the site is built on WordPress with modern frameworks and integrates analytics and translation services, indicating a well-maintained infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates high professionalism and trustworthiness, supported by certifications and clear contact information.

Y

YMCA Europe

ymcaeurope.com

0

YMCA Europe is a well-established non-profit umbrella organization serving 36 national YMCA movements across Europe, impacting millions of beneficiaries through youth empowerment, community development, and advocacy programs. The website reflects a mature digital presence built on WordPress with modern plugins and SEO optimizations. Security posture is good with HTTPS and secure forms, though some security headers and explicit incident response policies are absent. The WHOIS data is missing or privacy protected, which slightly reduces trust but is mitigated by the organization's transparency and social media presence. Overall, the site is professional, content-rich, and trustworthy with room for security enhancements.

W

World YMCA

ymca.int

0

World YMCA is a globally recognized non-profit organization dedicated to empowering young people and communities to lead positive change. The website reflects a mature digital presence with a focus on youth-led initiatives, community wellbeing, and global partnerships. The organization leverages modern web technologies including WordPress, Yoast SEO, and GiveWP for donations, indicating a well-maintained infrastructure. Social media integration and multilingual support enhance its outreach capabilities. Security posture is solid with HTTPS and reCAPTCHA usage, though explicit security policies and headers could be improved. Privacy compliance is limited due to absence of visible privacy and cookie policies. Overall, the site is professional, trustworthy, and aligned with the organization's mission.

Cevi Schweiz is a Swiss non-profit organization dedicated to youth community engagement, education, and social projects. The website serves as an informational and resource platform for members and interested parties, offering details on events, courses, and donation opportunities. The organization holds a reputable position in the Swiss non-profit sector, supported by trust indicators such as ZEWO certification and active social media channels. Technically, the website is built on the Contao CMS platform, utilizing modern JavaScript libraries for enhanced user experience. It is secured with HTTPS and employs a cookie consent mechanism compliant with GDPR standards. However, some security headers and detailed security policies are absent, representing areas for improvement. Overall, the site is professional, trustworthy, and well-structured, targeting youth and community members in Switzerland.

H

Haus Seewil

seewil.ch

0

Haus Seewil operates as a non-profit youth camp house affiliated with Cevi Region Basel, located in Vinelz, Switzerland. The website serves as an informational and booking platform for community and youth groups seeking event and camp facilities. The business model focuses on facility rental and community service within the hospitality and non-profit sectors. The site targets youth organizations and local community groups, positioning itself as a trusted regional facility. Technically, the website is built on WordPress using the Uncode theme and incorporates modern web technologies including Slider Revolution, Google Analytics, and Google Tag Manager. Hosting appears to be provided by a Swiss hosting provider (Metanet). The site is mobile optimized with moderate performance and basic SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses nonce tokens for AJAX calls, but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service pages. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the website is professionally designed and trustworthy but would benefit from enhanced privacy disclosures, improved security headers, and more transparent contact information to strengthen compliance and user trust.

C

Cevi Region Basel

duranna.ch

0

Duranna is a non-profit organization operating an environmentally friendly holiday house in the Basel region of Switzerland, targeting families and youth groups for various camps and retreats. The website is built on WordPress using modern plugins and themes, demonstrating moderate digital maturity with good mobile optimization and user experience. Security posture is adequate with HTTPS and privacy mechanisms in place, though additional security headers and explicit policies could enhance protection. Overall, the site is trustworthy, professionally presented, and compliant with GDPR requirements.

C

Cevi Region Basel

ferienhaus-braunwald.ch

0

Ferienhaus Braunwald is a small hospitality business offering two holiday houses in the mountain village of Braunwald, Switzerland. The website targets families and groups seeking vacation accommodations in a scenic, car-free alpine environment. The business operates a niche model focusing on group and family stays with clear descriptions of their properties and local attractions. Technically, the website is built on WordPress with modern plugins such as Revolution Slider and Contact Form 7, and integrates Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and presents a professional design with good navigation and relevant content. Security-wise, the site uses HTTPS and hCaptcha for form protection but lacks visible security headers and formal privacy or cookie policies, which are compliance gaps. The domain uses privacy protection for WHOIS data, which is common and justified for this business type. Overall, the website is functional, trustworthy, and safe for general audiences but would benefit from enhanced privacy compliance and security hardening.

C

Concur Technologies, Inc.

concur.tw

0

SAP Concur China Taiwan provides an integrated online travel and expense management solution tailored for businesses in Taiwan. As a subsidiary of SAP, it holds a strong market position offering automated and efficient expense, travel, and invoice management services. The website reflects a mature digital presence with localized content, professional branding, and comprehensive product offerings aimed at enterprise clients. The technical infrastructure leverages Drupal CMS, modern JavaScript frameworks, and robust monitoring tools such as New Relic and TrustArc for privacy compliance. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.