Security Directory

E

Edital SA

edital.ch

0

Edital SA operates as the publisher of L’Echo du Gros-de-Vaud, an independent official journal serving the Gros-de-Vaud district in Switzerland. The publication has a strong local presence with a subscriber base of 3500 and free distribution to 19600 households eleven times a year. The company is family-owned and has been active for over three decades, positioning itself as a trusted local media outlet. The business model relies on subscriptions and advertising services targeted at local businesses and residents. The website reflects this focus with clear information about subscriptions, advertising opportunities, and contact details.

L

Le Courrier

lecourrier.ch

0

Le Courrier is a French-language Swiss news media outlet offering a wide range of news and cultural content focused on regional, national, and international topics. The website supports a subscription and donation business model, leveraging WooCommerce for e-commerce functionalities. The site is well-branded, professionally designed, and optimized for SEO and accessibility, targeting French-speaking readers interested in news and culture. Technically, the site is built on WordPress with modern JavaScript frameworks and integrates marketing and push notification tools such as Brevo and WonderPush. Security posture is strong with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. Privacy compliance is robust with clear cookie consent mechanisms and a comprehensive privacy policy. Overall, the site is trustworthy and safe for general audiences.

Confedere.ch is a French-language Swiss media website providing news and journal content, including print editions. The site is built on WordPress using a professional Newspaper theme and includes GDPR-compliant cookie consent mechanisms. The technical infrastructure is modern with standard plugins and Google Analytics integration. Security posture is adequate with HTTPS enforced but could be improved by adding explicit security headers and hardening login forms. The website is trustworthy with consistent domain registration data and no suspicious content detected. Privacy compliance is good with clear cookie policies and consent mechanisms, though terms of service and security policies are not explicitly found.

The website frequenzwechsel.org is currently inaccessible, returning a 403 Forbidden error page served by nginx on Ubuntu. Due to the lack of accessible content, no business description, services, or user engagement features can be analyzed. The domain is registered since 2007 with a German registrar and hosting provider, indicating a potentially established entity, but no further business details are available from the site itself. Technically, the site uses a standard nginx web server but lacks visible security headers or HTTPS confirmation in the provided data. The security posture cannot be fully assessed due to blocked access, but the absence of DNSSEC and security policies suggests room for improvement. Overall, the site presents a low trust and content quality profile due to inaccessibility and lack of transparency.

F

Freifunk

freifunk.net

0

Freifunk.net is a well-established community-driven platform dedicated to promoting free and open communication networks in digital data networks. Founded in 2003, it operates as a decentralized non-commercial initiative primarily targeting technology enthusiasts and local community groups in Germany. The website offers a variety of services including community news aggregation, mailing lists, collaborative tools, and event calendars, supporting the growth and maintenance of free wireless mesh networks. The platform maintains a consistent brand presence and provides multilingual support with a focus on German and English audiences. Technically, the website is built on WordPress 6.8.1 with a robust set of plugins for SEO, GDPR compliance, event management, and multilingual content. It employs Matomo analytics, emphasizing privacy-conscious data collection. The site is mobile-optimized with good navigation and accessibility features, although some accessibility aspects could be enhanced. Hosting details are partially known, with domain registration through INWX GmbH and no DNSSEC enabled, representing a minor security gap. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. However, incident response and vulnerability disclosure policies are not publicly available, which could be improved to enhance trust and readiness. Overall, Freifunk.net presents a trustworthy, professional, and community-focused platform with a solid technical foundation and good privacy practices. Strategic improvements in DNS security, security policy transparency, and accessibility would further strengthen its security posture and user trust.

The website dadacafe.org currently presents no accessible content, with an empty HTML body and no metadata, scripts, or visible business information. The domain is registered since 2006 with a reputable German registrar, indicating a potentially legitimate registration, but the lack of website content suggests the site is inactive or under development. There are no privacy or cookie policies, no contact information, and no security policies visible, which limits the ability to assess compliance or security posture. The technical infrastructure cannot be fully assessed due to the absence of content and technical indicators. Security posture is weak by default due to missing HTTPS and security headers information. Overall, the site appears to be a placeholder or inactive domain with minimal digital maturity and no evident business operations online.

S

Spoedpost Noord-Limburg

huisartsenspoedpostnoordlimburg.nl

0

The website huisartsenpoedpostnoordlimburg.nl serves as the official online presence for Spoedpost Noord-Limburg, a regional healthcare provider specializing in out-of-hours general practitioner emergency services in the Noord-Limburg region of the Netherlands. The site offers relevant health information, contact details, and educational videos to assist patients in urgent care scenarios. The business is positioned as a medium-sized healthcare entity under the parent organization VieCuri, focusing on integrated emergency care services including crisis and pharmacy support. The website is primarily targeted at local residents seeking urgent medical assistance outside regular office hours. Technically, the website is built on WordPress 6.8.1 with a custom theme and uses modern web technologies including jQuery and embedded Vimeo videos. It integrates Google Tag Manager for analytics and uses Azure-hosted widgets for interactive health complaint carousels. The site is mobile-optimized, accessible, and SEO-friendly with structured data implemented. Performance is moderate, with lazy loading for images enhancing load times. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks DNSSEC for domain security and does not explicitly present security headers in the HTML. There is no visible incident response or security policy page, and cookie consent mechanisms are absent despite having a cookie policy page. These gaps suggest room for improvement in security posture and privacy compliance. Overall, the website is professional, trustworthy, and well-aligned with its healthcare mission. Strategic recommendations include enabling DNSSEC, implementing security headers, adding incident response information, and deploying a cookie consent mechanism to enhance GDPR compliance and user trust.

The website www.viiv-studyregister.com appears to be related to study registration, likely in the healthcare or clinical research domain. However, the homepage content is minimal with no visible descriptive text or business information. The site uses modern frontend technologies including Gatsby, Bootstrap, jQuery, and Google reCAPTCHA v3, indicating a contemporary technical infrastructure. Despite this, there is a lack of essential business and compliance information such as privacy policies, cookie consent mechanisms, terms of service, and contact details, which limits the site's credibility and user trust. Security posture is moderate with the use of HTTPS and reCAPTCHA but lacks visible security headers and incident response information. WHOIS data is unavailable, which raises concerns about domain legitimacy and transparency. Overall, the site requires significant improvements in content, compliance, and security disclosures to enhance trust and professionalism.

B

Bys Hosting

byshosting.nl

0

Bys Hosting is a Dutch hosting provider established in 2004, specializing in business hosting solutions with a focus on personal support and reliability. Their services include various hosting packages, VPS, and security offerings, with servers hosted in an ISO 27001 certified data center in the EU. The website is built on WordPress and uses modern frontend technologies, providing a professional and user-friendly experience targeted at business customers in the Netherlands. Security posture is solid with HTTPS and SSL certificates, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic with a privacy policy and terms of service present but lacking cookie consent mechanisms. Overall, the website and business appear legitimate and trustworthy.

Salland Zorgkantoor is a regional healthcare organization in the Netherlands responsible for executing the Long-term Care Act (Wet langdurige zorg - Wlz) for residents in the Salland region, including municipalities such as Deventer, Olst-Wijhe, Raalte, and Voorst. The organization facilitates access to appropriate long-term care services, including care in kind and personal budgets, and provides support through client advisors and informational resources. Their market position is that of a trusted regional care office, supported by clear contact information and a professional web presence. The website is designed to serve individuals needing long-term care and professionals in the healthcare sector.

dispi software engineering is a small Dutch software company specializing in the development and support of e-Captain, an online relationship management platform tailored for associations and non-profit organizations. The platform offers comprehensive modules including member management, bookkeeping, invoicing, event registration, website management, and mailing services. Established in 1996, dispi positions itself as a dedicated provider focused on simplifying administrative tasks for its target audience. Technically, the website employs a traditional tech stack featuring jQuery 1.11.3, Bootstrap 3.3.7, and FontAwesome, with custom CMS components. While the site is mobile responsive and well-structured, some technologies are outdated, and security headers are not evident. Google Analytics and Tag Manager are used for tracking, with basic consent mechanisms implemented. From a security perspective, the site lacks visible HTTP security headers and uses an older jQuery version, which may expose it to vulnerabilities. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact information appear consistent and professional. Privacy and terms of service pages exist, but a clear cookie policy is missing. Overall, the website is functional and professional but would benefit from modernizing its technical stack, enhancing security practices, and clarifying privacy compliance. The domain registration status should be verified to ensure legitimacy and trustworthiness.

Putter & de Boer B.V. is a Dutch company providing tailored administrative, fiscal, and payroll services primarily targeting small and medium-sized enterprises (MKB) and private individuals. With over 45 years of experience, the company positions itself as a reliable and comprehensive service provider offering a 'one stop shopping' approach. Their website is built on the concrete5 CMS and integrates common web technologies such as jQuery, Google Analytics, and Facebook SDK for tracking and social media integration. The hosting provider is Easyhosting BV, a reputable Dutch hosting company, consistent with the company's geographic focus. From a security perspective, the website uses HTTPS but lacks important security headers, privacy and cookie policies, and explicit contact information, which are areas for improvement to enhance compliance and trust. No vulnerabilities or suspicious content were detected in the HTML content. The website is accessible without WAF or security challenges, indicating no blocking or filtering mechanisms are interfering with access. Overall, the website demonstrates a moderate level of technical maturity and business credibility but falls short in privacy compliance and security best practices. Strategic improvements in these areas would strengthen the company's digital trustworthiness and regulatory adherence.

Het Koninklijk Nederlands Watersportverbond is the official Dutch national federation for watersports, serving over 350 affiliated clubs and 80,000 members. The organization promotes a wide range of watersports including sailing, windsurfing, kitesurfing, canoeing, SUP, and motorboating. It focuses on safety, accessibility, environmental stewardship, training, event organization, and supporting elite athletes. The website reflects a mature and professional digital presence with comprehensive content and clear navigation tailored to its target audience of watersport enthusiasts and affiliated organizations in the Netherlands. Technically, the site uses modern JavaScript libraries, analytics tools, and is hosted by a reputable Dutch provider with DNSSEC and HTTPS enabled, indicating good infrastructure and security practices. However, some security headers and explicit vulnerability disclosure mechanisms are absent, suggesting room for improvement in security posture. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy, well-branded, and serves as a central hub for the Dutch watersport community.

K

KNRB

knrb.nl

0

KNRB is the official Dutch rowing federation dedicated to promoting rowing sports across the Netherlands. The website serves as a comprehensive portal for rowing clubs, athletes, coaches, and enthusiasts, offering news, event calendars, training academies, and knowledge resources. It holds a strong market position as the national governing body for rowing, supported by long domain tenure and reputable partnerships. Technically, the site is built on WordPress with integration of Google Tag Manager for analytics, hosted by team.blue nl B.V. The site demonstrates good mobile optimization and user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements are needed in security headers and DNSSEC. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is trustworthy and professional, with clear contact information and active social media presence.

S

Stichting Roparun

roparun.nl

0

Stichting Roparun operates a well-established non-profit charity event focused on a 500+ kilometer estafetteloop to raise funds for cancer patients. The website reflects a mature digital presence with clear messaging, strong branding, and active engagement through social media and donation calls. Technically, the site leverages modern JavaScript frameworks and integrates multiple analytics and tracking tools while maintaining good performance and mobile optimization. Security posture is solid with HTTPS enforcement and CSRF protections, though some HTTP security headers could be improved. Privacy compliance is strong with explicit policies and consent mechanisms. Overall, the site is trustworthy, professional, and aligned with its charitable mission.

The website www.sitearchief.nl serves as the official platform for web archiving of Dutch government websites, operated under the Rijksoverheid brand. It provides access to archived versions of various government-related web projects and initiatives, enabling users to browse historical web content. The platform is developed and managed by GW Crossmedia using the Archiefweb.eu product tailored for the Dutch government. The target audience includes government agencies, researchers, and the general public interested in government web archives. The site demonstrates consistent branding aligned with government standards and offers a comprehensive archive listing.

The analyzed content corresponds to a browser internal error page (chrome-error://chromewebdata/) displaying the Chromium offline dinosaur game. No actual website content is accessible or served. Consequently, there is no business information, contact details, or privacy and security policies available for analysis. The technical content is limited to embedded JavaScript and CSS related to the offline game. The absence of accessible content and metadata prevents meaningful assessment of business operations or compliance. Security posture is minimal due to lack of HTTPS and security headers. Overall, the site appears to be a placeholder or error page rather than an active business website.

F

Flix SE

flixbus.si

0

Flix SE operates the www.flixbus.si website, providing affordable and extensive bus travel services across Slovenia and Europe. The company offers a large network of routes, modern buses with amenities, and a user-friendly booking platform including a mobile app. The website is professionally designed, localized in Slovenian, and provides comprehensive information about services, routes, and travel options. Technically, the site uses modern web technologies including React, Drupal CMS, and integrates analytics and marketing tools such as Google Tag Manager and Usercentrics CMP. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is evident with clear privacy and cookie policies and GDPR adherence. Overall, the site reflects a mature digital presence of a large transportation company with good trust indicators and user experience.

F

FlixBus Nederland

flixbus.nl

0

FlixBus Nederland operates as a major intercity bus transportation provider offering affordable travel across more than 40 countries in Europe and beyond. The company provides a comprehensive network of bus routes, real-time tracking, and a user-friendly booking experience via website and mobile app. Their market position is strong, supported by a large customer base and multiple subsidiary brands such as FlixTrain and Greyhound. Technically, the website is built on modern frameworks with good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS, security headers, and session replay masking, though explicit security policies and incident response contacts are not prominently published. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and safe for general audiences.

K

Koocook

koocook.com

0

Koocook is a French meal planning platform established in 2006, offering users personalized recipes, shopping lists, and meal plans focused on healthy eating and reducing food waste. The business operates a freemium model with a premium subscription unlocking advanced features such as personalized meal plans, nutrition and allergen information, and online grocery ordering. The website is well-designed, mobile responsive, and uses modern web technologies including Bootstrap, jQuery, and integrates Google Analytics and Stripe for payments. Hosting appears to be via SwissCenter based on nameservers. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are present and GDPR compliant, though no explicit security or incident response policies are published. Contact is available via a web form, with no direct emails or phone numbers found. Overall, the site is professional, trustworthy, and safe for general audiences.

C

Cafés Cuendet Torréfaction SA

cafes-cuendet.ch

0

Cafés Cuendet Torréfaction SA is a well-established Swiss coffee roasting company founded in 1907, specializing in supplying high-quality coffee products primarily to hospitality professionals in the Swiss Romande region. The company emphasizes artisanal roasting methods and freshness, supporting a strong market position as a trusted supplier with a professional e-commerce presence. Technically, the website is built on WordPress with WooCommerce, leveraging modern libraries and privacy-conscious analytics tools such as Matomo Cloud alongside Google Analytics. The site is well-optimized for SEO and mobile devices, providing a positive user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and formal policies are absent. Overall, the domain registration data aligns well with the business claims, reinforcing legitimacy and trustworthiness.

D

Domaine Croix-Duplex

croix-duplex.ch

0

Domaine Croix-Duplex is a small family-owned vineyard and wine producer located in Lavaux, Switzerland, offering a diverse range of wines and hosting various events including tastings and private functions. The website is professionally designed, multilingual, and supports e-commerce through WooCommerce, targeting wine enthusiasts and local visitors. The technical infrastructure leverages WordPress with modern plugins for performance and multilingual support, alongside Google Analytics and Mailchimp for marketing and analytics. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site presents a trustworthy and professional online presence for a regional wine business.

G

Garage Dind

garagedind.ch

0

Garage Dind is a Swiss family-owned automotive business with over 40 years of experience, specializing in vehicle sales, after-sales services, and vintage vehicle restoration, particularly focusing on the Citroën brand. The website reflects a well-established local business with clear contact information and a professional online presence. Technically, the site is built on WordPress with modern libraries such as Bootstrap and jQuery, offering a good user experience and mobile optimization. Security-wise, the site uses HTTPS and a reputable cookie consent management tool but lacks explicit security headers and detailed security policies. Privacy compliance is partial due to the absence of a privacy policy and terms of service pages. Overall, the website is trustworthy and professional but could improve compliance and security transparency.

L

Ligue Romande de Football

lrf.ch

0

The Ligue Romande de Football (LRF) is a well-established non-profit sports association founded in 1899 and based in Lausanne, Switzerland. It focuses on promoting and organizing amateur football activities within the canton of Vaud. The website serves as an information hub for match schedules, results, official communications, and club support services. The target audience primarily consists of amateur football clubs and players in the region. The organization maintains a consistent brand presence and is supported by local sponsors, reinforcing its regional importance. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, with Google Fonts for typography. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is room for improvement in accessibility and SEO optimization. No CMS or hosting provider details were identified. Performance is moderate, with no evident critical technical issues. From a security perspective, the site uses HTTPS (assumed from the URL), but no security headers were detected in the provided data. There is no visible privacy policy, cookie consent mechanism, or terms of service, which are important for GDPR compliance given the European location. No incident response or vulnerability disclosure information is present. No analytics or tracking scripts were found, indicating minimal user tracking. Overall, the security posture is average with recommendations to enhance headers, policies, and incident response readiness. The overall risk assessment is moderate with a legitimacy score of 90 based on consistent WHOIS data and alignment with the organization's claims. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, establishing vulnerability disclosure and incident response processes, and improving accessibility and SEO. These steps will enhance trust, compliance, and security maturity for the LRF website.