Security Directory

The website medef79.fr serves as a minimal event landing page for Medef's 2025 event invitation validation, currently displaying a message that the event has ended. The site lacks substantive business information, contact details, or interactive features, indicating a very limited digital presence. Technically, the site is hosted behind Cloudflare DNS but does not have a valid SSL/TLS certificate, resulting in HTTP-only access which severely impacts security posture and user trust. The absence of privacy, cookie, and terms policies further reduces compliance with GDPR and other regulations. Security headers and best practices are not implemented, exposing the site to potential risks. Overall, the website's technical and content maturity is low, with significant room for improvement in security, compliance, and user experience.

P

PLANETE CSCA

planetecsca.fr

0

PLANETE CSCA is a professional syndicate representing insurance brokers in France, providing advocacy, legal assistance, training, and operational tools to its members. The website is well-structured, content-rich, and targets insurance professionals and brokers. Technically, it is built on WordPress with modern technologies such as PHP 8.3, Apache, and integrates SEO and search optimization tools like Yoast SEO and Algolia. The site uses HTTPS with TLS 1.3 and 1.2 protocols, but lacks some advanced SSL security features such as HSTS and OCSP stapling. Privacy and cookie policies are present with consent mechanisms, indicating good GDPR compliance. Contact information is available primarily through a contact page, with no direct emails or phone numbers exposed. Social media presence is active, enhancing trust and engagement. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and security posture.

The website newsassurancespro.com is currently inaccessible beyond a Cloudflare security challenge page, which blocks access to any substantive content. As a result, no business information, privacy policies, or contact details are available for analysis. The site uses Cloudflare for security and hosting, with a valid SSL certificate but lacks advanced SSL configurations such as HSTS or DNSSEC. The presence of Cloudflare's managed challenge indicates a strong security posture at the perimeter but prevents content inspection. No metadata, forms, or external business links are present in the accessible content. Overall, the site appears to be in a protected state, but this limits the ability to assess its business model, compliance, or user experience.

The website swissre.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct access to the actual content. As a result, no business descriptive content, metadata, or contact information is available for detailed analysis. The domain is associated with the finance sector, likely representing a large enterprise given the domain and DNS configuration. The technical infrastructure leverages Cloudflare for security and hosting, with strong security headers and a valid SSL certificate indicating a good security posture. However, DNSSEC is not enabled, and no public security or privacy policies are detectable in the served content. The website employs Cloudflare Insights for minimal analytics tracking. Overall, the site is well protected but currently inaccessible for content and compliance evaluation due to the WAF challenge.

W

Wevioo

wevioo.com

0

Wevioo is an international consulting company specializing in digital transformation, IoT, and innovation, serving major clients in banking, insurance, industry, logistics, and public sectors. The website is built on Drupal 8 and hosted on OVH infrastructure, leveraging modern web technologies such as Bootstrap and jQuery. While the site offers good content quality, clear navigation, and social media integration, it critically lacks HTTPS support, exposing visitors to security risks. The presence of cookie consent and privacy policies indicates some GDPR compliance, but absence of terms of service and security policies reduces overall trust. Strategic improvements in security posture and SSL implementation are essential to enhance user trust and compliance.

I

innovAARE AG

parkinnovaare.ch

0

innovAARE AG operates the Park Innovaare, a high-tech innovation and industrial park in Switzerland focused on accelerating deep-tech research and commercialization. The park provides modern office, laboratory, and specialized research spaces, along with community and networking services to startups, SMEs, and R&D departments. The website is professionally designed, content-rich, and well-structured, targeting innovation ecosystem participants. Technically, the site uses TYPO3 CMS with modern frontend libraries and is hosted by cyon AG. However, a critical security gap is the lack of HTTPS/SSL, exposing users to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Business credibility is strong with clear contact details and legal information.

Switzerland Innovation Park Biel/Bienne AG is a private Swiss non-profit organization focused on applied research and development, bridging the gap between research and industry. It operates as part of the Switzerland Innovation Foundation network, promoting innovation, startups, and research investment in Switzerland. The website is professionally designed using WordPress and Elementor, showcasing multiple research centers, projects, and partnerships. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Privacy and cookie policies are present and GDPR compliant, and contact information is clearly provided. The overall security posture is basic with room for significant improvement in SSL/TLS configuration and security headers.

S

Switzerland Innovation Park Basel Area AG

sip-baselarea.com

0

Switzerland Innovation Park Basel Area AG operates a comprehensive innovation hub and coworking space platform focused on healthcare, life sciences, and technology sectors in Switzerland. The company provides flexible workspace solutions including ready-made offices, coworking spaces, lab spaces, and customizable workspaces tailored to startups, SMEs, and research institutions. Positioned as a key player in the Basel Area innovation ecosystem, it supports collaboration and growth through community building and event hosting. Technically, the website is built on WordPress with modern plugins and tracking tools, but lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with clear policies and cookie consent mechanisms. The site is professionally designed with excellent content quality and user experience, though performance data is limited. Security weaknesses include missing HTTPS, HSTS, DMARC, DNSSEC, and vulnerability disclosure mechanisms, which should be prioritized to improve trust and compliance. Overall, the business demonstrates strong market positioning and digital maturity but requires urgent security enhancements to protect user data and maintain credibility.

U

UserScape, Inc.

helpspot.com

0

HelpSpot, operated by UserScape, Inc., is a specialized help desk software provider focused on transforming chaotic email support into an efficient, unified system. Established in 2005, the company targets businesses and organizations that require streamlined customer support solutions. Their offerings include email ticketing, automation, reporting, and self-service portals, available as both cloud-hosted and on-premise deployments. The website demonstrates strong branding, comprehensive content, and a professional user experience, positioning HelpSpot as an affordable and customizable alternative in the help desk software market. Technically, the site uses modern web technologies such as Alpine.js, Livewire, and Cloudflare CDN, hosted on AWS infrastructure. However, the absence of a valid SSL certificate and HTTPS implementation significantly impacts the security posture. Security headers are present, but critical TLS protocols and encryption are missing, exposing the site to potential risks. Privacy compliance is supported by a comprehensive privacy policy and terms of service, though cookie consent mechanisms are not evident. Overall, while the business and technical maturity are solid, the lack of HTTPS is a critical vulnerability that must be addressed to ensure trust and security.

The website roomies.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, including business descriptions, policies, or contact information. The SSL configuration is valid and secure with HSTS enabled, indicating good baseline security practices at the infrastructure level. However, the lack of accessible content and metadata severely limits the ability to assess the business model, technical maturity, or compliance posture. The website performance is poor due to the challenge page load time, and no privacy or security policies are visible. Overall, the site is effectively blocked from analysis, resulting in a low AI score and limited insights.

U

URL Networks

url.net.au

0

URL Networks is an Australian telecommunications provider specializing in business telephony and internet services, including hosted cloud PBX, SIP trunking, and various internet connectivity plans. The company positions itself as a trusted provider for businesses seeking stress-free telecommunications solutions. Their website is built on WordPress with modern plugins and tools, targeting Australian business customers with a focus on cloud and virtualized telephony services. The site includes detailed service descriptions and multiple contact channels, including phone, email, and social media. Technically, the website uses a WordPress CMS with Elementor, Yoast SEO, and several marketing and analytics tools such as Google Tag Manager and Chatlio live chat. Hosting appears to be on AWS infrastructure. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. Performance data is missing, and no cookie consent mechanism is present, indicating limited privacy compliance. Security posture is weak due to the absence of HTTPS, no security headers, and no modern TLS protocols enabled. While no active vulnerabilities like Heartbleed or POODLE are detected, the lack of encryption exposes users to significant risks. Privacy policy is present and comprehensive but GDPR compliance is uncertain due to missing cookie consent. Incident response and security policies are not published. Overall, the website is functional and professionally designed but requires urgent security improvements, especially enabling HTTPS and implementing security best practices. Privacy compliance should be enhanced with cookie consent mechanisms. Business credibility is supported by clear contact information and social media presence, but security gaps reduce trustworthiness.

The website tixel.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) security challenge page employing Turnstile captcha verification. This prevents access to any substantive content, metadata, or business information. The SSL configuration is valid and strong with HSTS enabled, but DNS security features like DNSSEC and CAA are not enabled. No privacy, cookie, or terms of service policies are detectable, nor is any contact information or structured data present. The site uses Cloudflare as a hosting and security provider, with external dependencies on Google mail services and marketing tools such as Sendinblue and Facebook tracking pixels. Performance is poor due to the challenge page, and no SEO or accessibility optimizations are evident. Overall, the site’s security posture is good in terms of SSL and HSTS but lacks DNS security and transparency policies. Due to the WAF blocking, the analysis is incomplete and scores are heavily penalized.

I

Institut Polytechnique de Paris

ip-paris.fr

0

Institut Polytechnique de Paris is a leading French higher education and research institution that unites five prestigious engineering schools to deliver world-class science and technology education. The website reflects a strong focus on education, research, innovation, and entrepreneurship, targeting students, researchers, entrepreneurs, and companies. The digital infrastructure is built on Drupal 10 with modern PHP and includes integrations for analytics and consent management. However, the security posture is weakened by the absence of a valid SSL certificate and proper HTTPS configuration, which is a critical vulnerability. Privacy compliance is well addressed with clear cookie management and privacy policies. Overall, the website is professionally designed, content-rich, and trustworthy but requires urgent security improvements to protect user data and maintain credibility.

N

Niort Numeric

innn.fr

0

The website innn.fr represents Niort Numeric's flagship event focused on digital innovation, InsurTech, and risk management, held in Niort, France. It serves as a platform for networking, showcasing startups, and hosting conferences, targeting professionals and decision-makers in the insurance and technology sectors. The site is well-branded, content-rich, and optimized for SEO with structured data and social media integration. Technically, it is built on WordPress with modern JavaScript libraries for UI components and uses OVH as the hosting provider. However, a critical security gap is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. The site implements cookie consent via Piwik PRO, indicating good privacy compliance practices. Overall, the site is professional and functional but requires urgent security improvements.

P

Pix

pix.org

0

Pix.org is a multilingual website offering localized content primarily in English and French, including regional variants for Belgium and France. The site appears to be an educational or informational platform branded as 'Pix', targeting a broad audience seeking language-specific access. The technical infrastructure leverages modern JavaScript frameworks such as Nuxt.js and a headless CMS (Prismic), with analytics provided by Matomo and Plausible. However, the site suffers from significant security shortcomings, notably the absence of a valid SSL certificate and HTTPS support, which critically undermines user trust and data protection. Additionally, no privacy, cookie, or terms of service policies are present, indicating poor compliance with data protection regulations. The website's performance is slow, and DNS configurations reveal misconfigured CAA records and lack of DNSSEC. Overall, while the site demonstrates modern technical choices and multilingual support, its security posture and privacy compliance require urgent improvement to meet industry standards and user expectations.

S

Switzerland Innovation

switzerland-innovation.com

0

Switzerland Innovation is a Swiss innovation park ecosystem that facilitates collaboration between companies, startups, and universities to accelerate the transformation of research into marketable products and services. It holds a leading position in the Swiss innovation landscape, offering access to world-class research institutions and a broad range of support services. The website is built on Drupal 10 and integrates modern web technologies and marketing tools such as Google Analytics and HubSpot. However, the absence of a valid SSL certificate and HTTPS support is a critical security weakness that undermines user trust and data protection. The site features comprehensive cookie consent mechanisms and clear contact information, supporting good privacy compliance. Overall, the website presents a professional and trustworthy image but requires urgent improvements in security infrastructure.

M

Mantu

mantu.com

0

Mantu is a global consulting platform focused on providing guidance and services to businesses and entrepreneurs worldwide. With a large and diverse workforce spread across multiple continents, Mantu positions itself as a collaborative network of brands delivering transformative business solutions. The website reflects a professional and well-structured digital presence, leveraging WordPress CMS with modern tools such as Elementor and WP Rocket to optimize user experience and performance. However, the absence of a valid SSL certificate and lack of HTTPS support significantly weaken the site's security posture. While DNS records show good email authentication practices with SPF and DMARC, the lack of security headers and modern TLS protocols exposes the site to potential risks. Privacy compliance is partially addressed with a comprehensive privacy policy, but no cookie consent mechanism was detected. Overall, the site demonstrates strong business credibility and content quality but requires urgent security improvements to protect user data and enhance trust.

I

iliad

iliad.it

0

Iliad Italia S.p.A. is a major telecommunications provider in Italy offering mobile telephony services including 4G and 5G, fiber internet via FTTH technology, and smartphone sales both new and refurbished. The company positions itself as a competitive and transparent operator with no hidden costs, targeting both private consumers and businesses. The website reflects a mature digital presence with comprehensive service offerings and clear customer support channels. Technically, the site uses modern JavaScript libraries and responsive design to ensure good user experience across devices. However, a critical security gap is the absence of a valid SSL certificate and HTTPS support, which severely impacts the security posture and trustworthiness of the site. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, Iliad's website is professional and content-rich but requires urgent security improvements to protect user data and maintain trust.

A

appliedAI Institute for Europe gGmbH

ai-startups-europe.eu

0

The appliedAI Institute for Europe gGmbH is a non-profit organization focused on generating and disseminating high-quality knowledge about trustworthy Artificial Intelligence. It serves professionals and policymakers by providing educational formats, tools, community engagement, and regulatory guidance, positioning itself as a leading AI knowledge hub in Europe. Technically, the website employs modern JavaScript frameworks like Vue.js, Bootstrap for responsive design, and integrates marketing and analytics tools such as Google Tag Manager, HubSpot, and Usercentrics for consent management. However, the security posture is weakened by the absence of a valid SSL certificate, lack of HSTS, and missing DMARC records, which are critical for secure communications and email protection. Overall, the site is content-rich and professionally presented but requires urgent improvements in SSL/TLS configuration to enhance trust and security.

F

French Assurtech

french-assurtech.com

0

French Assurtech is a French-based accelerator and innovation platform focused on the insurance technology sector. Supported by eight leading mutual insurance companies, it offers a comprehensive program including startup acceleration, an innovation lab (Lab XP), and a training campus to foster digital transformation and new insurance business models. The website positions French Assurtech as a key player in the French insurtech ecosystem, targeting startups, insurance professionals, and innovation managers. Technically, the site is built on WordPress using Elementor and integrates SEO and multilingual capabilities. However, the site suffers from a critical security shortfall due to the absence of a valid SSL certificate and lack of HTTPS enforcement, which significantly impacts its security posture. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy, but no explicit security or incident response policies are found. Overall, the website is professional and content-rich but requires urgent improvements in security and performance to enhance trust and user experience.

The website jamespot.pro is currently inaccessible, serving only a default backend 404 error message with no visible content or metadata. This indicates the site is either offline, misconfigured, or a placeholder domain. The DNS records show hosting and mail services provided by OVH, but no active web content is available. The lack of a valid SSL certificate and absence of TLS protocols severely impact the security posture, despite the presence of an HSTS header which is ineffective without HTTPS. No privacy, cookie, or security policies are found, and no contact or business information is available on the site. Overall, the site is non-functional and does not provide any business or user-facing services at this time.

L

Laracon

laracon.us

0

Laracon.us is the official website for Laracon 2025, the flagship Laravel conference targeting Web Artisans and the global PHP developer community. The site provides comprehensive information about the event, including dates, venue, speakers, accommodations, and sponsors, positioning itself as a key industry event in the technology sector. The business model revolves around event organization and community engagement, with a strong emphasis on sponsorship and ticket sales through third-party platforms.

J

Just a moment...

laravel-news.com

0

The website laravel-news.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct access to the actual content. As a result, no business-related content, metadata, or contact information is available for analysis. The site appears to be protected by Cloudflare, but lacks a valid SSL/TLS certificate and proper HTTPS configuration, which is a critical security issue. The minimal HTML content indicates a security checkpoint rather than a functional website page. From a technical perspective, the site is hosted behind Cloudflare, which provides DNS and security services. However, the absence of a valid SSL certificate and modern TLS protocols severely impacts the security posture. Security headers are present but cannot compensate for the lack of HTTPS. Performance and SEO cannot be assessed due to the blocked content. Security-wise, the site shows strong indications of protection via Cloudflare's challenge mechanism, but the lack of HTTPS and SSL certificate compliance is a major vulnerability. No privacy, cookie, or terms of service policies are detectable, indicating poor privacy compliance. No contact or incident response information is available. Overall, the site is currently not analyzable beyond its security challenge layer, resulting in a low AI score and a recommendation to resolve SSL issues and allow content access for a full evaluation.

S

Switzerland Innovation Park Ost

startfeld.ch

0

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

F

Free

etre-free.fr

0

Free is a major French telecommunications company with a strong focus on innovation, customer service, and a diverse range of career opportunities. The website serves as a recruitment and corporate culture portal, targeting job seekers interested in various telecom-related professions. The site is well-branded and consistent with its parent company iliad, providing clear navigation and relevant content about the company's values and mission. Technically, the site uses modern web technologies such as React and Next.js, with multimedia content including videos and animations to engage visitors. However, performance is hindered by a large page size and slow load times. Security posture is weakened by the absence of a valid SSL certificate, lack of DNSSEC and DMARC, and missing advanced TLS features, which exposes the site to potential risks and reduces user trust. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected. Overall, the site is professional and credible but requires urgent improvements in security and privacy practices to enhance trust and compliance.

G

Groupe iliad

iliad.fr

0

Groupe iliad is a major telecommunications and technology group based in France, operating multiple subsidiaries that provide internet, mobile, and cloud services across Europe. The website reflects a professional and consistent brand presence targeting a broad audience including consumers, investors, and media. The technical infrastructure leverages modern frontend technologies such as React and Material-UI, but suffers from slow load times and lacks a valid SSL certificate, resulting in insecure HTTP connections. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

J

Jamespot

jamespot.com

0

Jamespot is a French technology company specializing in SaaS collaborative digital workplace solutions, including enterprise social networks, intranet, and AI-powered collaboration tools. The company positions itself as a flexible and customizable provider with over 20 years of experience, targeting professional organizations seeking to enhance internal communication and teamwork. The website demonstrates strong business credibility with comprehensive content, customer testimonials, and recognized certifications such as ISO 27001 and RGAA 4.1 accessibility compliance. Technically, the site is built on WordPress with modern SEO and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with detailed cookie policies and consent mechanisms. Security practices include SPF and DMARC DNS records, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

S

Swiss Federal Institute for Forest, Snow and Landscape Research WSL

wsl.ch

0

The Swiss Federal Institute for Forest, Snow and Landscape Research WSL is a prominent Swiss federal research institute focused on environmental sciences including forest, landscape, biodiversity, natural hazards, and snow and ice. It operates under the ETH Domain and serves a broad audience including researchers, forestry experts, policymakers, and the public. The website reflects a professional government research entity with comprehensive content and consistent branding. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, hosted likely by switch.ch. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. No privacy or cookie policies are explicitly found, and security headers are absent, indicating gaps in security best practices. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

O

Open Research Data Portal

open-research-data-portal.ch

0

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

E

ETH Zürich Foundation

ethz-foundation.ch

0

ETH Zürich Foundation is a reputable non-profit organization dedicated to supporting education, research, and innovation at ETH Zürich through donations and strategic projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting donors, alumni, and organizations interested in philanthropy. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely within ETH Zürich's infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with detailed cookie consent mechanisms and a comprehensive privacy policy. Contact information and social media presence further enhance business credibility.

B

Behamics

behamics.com

0

Behamics is an AI-driven platform specializing in enhancing e-commerce performance through behavioral science and advanced analytics. The company offers a suite of products including Nudge, Diagnostic, Organic SEO, Merchandise optimization, and Automations, targeting enterprise clients to boost revenue, conversions, and visibility. The website reflects a professional and modern design with comprehensive content and clear navigation, although performance is hindered by slow load times and a lack of HTTPS. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, which poses risks to data protection and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, Behamics demonstrates strong business credibility and market positioning but requires urgent improvements in security and technical performance to enhance trust and compliance.

Q

Quarkslab

quarkslab.com

0

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

O

Open Source Technology Improvement Fund

ostif.org

0

The Open Source Technology Improvement Fund (OSTIF) is a small non-profit organization focused on improving the security of open source software through facilitating security audits and reviews. Their website positions them as a key community-driven entity with a large network of security experts and partner projects. Technically, the site is built on WordPress using the OceanWP theme and is hosted behind Cloudflare DNS and CDN services. However, the website suffers from a lack of a valid SSL certificate and does not properly enable HTTPS, which is a critical security shortfall. Security headers are minimal, with only HSTS enabled but without full recommended settings. Privacy and cookie policies are absent, and no contact information such as emails or phone numbers are provided, which impacts trust and compliance. The site has a slow load time and basic SEO and accessibility features. Overall, OSTIF's website provides good content and branding but requires urgent improvements in security and privacy compliance to enhance trustworthiness and user safety.

S

Smart reporting

smartreporting.eu

0

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 28 security findings identified across all modules.

L

Les Sherpas

truzzer.fr

0

Les Sherpas is a French education platform specializing in personalized tutoring and online courses for students across various academic levels. The company positions itself as a flexible and quality-driven service provider, leveraging a proprietary platform that integrates messaging and videoconferencing to enhance the learning experience. The website is content-rich, featuring extensive user testimonials and structured data to boost SEO and trust. Technically, the site uses modern web standards and is hosted by o2switch, with moderate performance and good mobile optimization. Security is adequate with HTTPS and valid SPF records, but lacks advanced features such as HSTS and OCSP stapling, and no security headers are present. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism detected. Overall, the site demonstrates a strong business credibility and user trust, though security and privacy practices could be improved.

A

Applied Behavioural Science Academy by Affective Advisory Ltd.

behavioralscience.academy

0

The Applied Behavioural Science Academy by Affective Advisory Ltd. is a specialized education provider offering a unique three-day executive program in applied behavioural science and behavioural economics. The program targets executives, policy makers, and project leaders seeking practical insights to drive sustainable change. The academy operates with a small, exclusive cohort model, emphasizing quality and networking in a prestigious Zurich location. Technically, the website is built on Squarespace, leveraging modern web technologies and Google services for analytics and security. While the site is well-designed and content-rich, performance is somewhat slow due to large page size and resource count. Security posture is good with strong TLS configurations but lacks some advanced headers like HSTS and DMARC. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR certification. Overall, the site projects high professionalism and trustworthiness, with clear contact channels and social media presence.

All Channels Communication Austria GmbH is a medium-sized marketing and communication agency operating primarily in Austria and the CEE region. The company offers a comprehensive range of services including campaign management, brand management, PR, digital strategies, and social media marketing. Positioned as one of the fastest growing and most awarded agencies in its region, it targets businesses seeking integrated multi-channel marketing solutions. The website content is well-structured and professionally presented in German, with clear navigation and mobile optimization. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but suffers from a lack of a valid SSL certificate, impacting security and trust. Security posture is basic with no advanced headers or policies implemented, and privacy compliance is minimal with only a basic disclaimer modal and cookie consent banner. Contact information is clearly provided including phone, email, physical address, and a contact form. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to meet modern standards.

K

KTHE | Team Farner

kthe.at

0

KTHE | Team Farner is a medium-sized Austrian communications company offering a comprehensive range of communication services including brand design, campaigns, PR concepts, and platforms. They position themselves as a leading provider in the Austrian market with a strong emphasis on creativity and international outlook. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Yoast SEO, but suffers from slow performance and basic accessibility. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing DNS security features. Privacy compliance is basic with a privacy policy and cookie notice present but no advanced GDPR indicators. Business credibility is moderate with clear contact information and social media presence but lacks certifications or detailed policies. Overall, the site is functional and professional but requires urgent security improvements.

S

Skills

skills.at

0

Skills is a well-established Austrian public relations and communication consultancy agency founded in 1984. The company specializes in full-service PR and communication consulting, focusing on sensitive and complex topics. It serves a broad business audience seeking expert communication services, supported by a strong network and quality certifications. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common frameworks like Bootstrap and uses jQuery and Yoast SEO for enhanced functionality and SEO. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a privacy policy and DMARC/SPF email protections, but lacks a cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

R

Rod Kommunikation

rod.ag

0

Rod Kommunikation is a well-established communications agency based in Zurich, Switzerland, specializing in market, brand, and human-centered communication services. The website reflects a professional and creative business model targeting companies and brands seeking comprehensive communication and marketing solutions. The agency demonstrates strong market positioning with a portfolio of notable clients and industry memberships, supported by high-quality content and consistent branding. Technically, the site is built on Drupal 10, hosted by Hostpoint, and integrates modern marketing tools such as Google Tag Manager and HubSpot forms. However, the website suffers from an invalid SSL certificate and lacks modern TLS protocol support, which significantly impacts its security posture. While security headers are properly configured and no major vulnerabilities are detected, the absence of a valid SSL certificate and cookie consent mechanism are notable compliance and security gaps. Overall, the site offers excellent user experience, clear navigation, and trustworthy business information, but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and regulatory adherence.

M

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH

massgeschneidert.at

0

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH is a Vienna-based communications agency specializing in public relations, media, creative concepts, content, strategy, 360 communications, and partnerships. With approximately 10 years of experience, the company targets projects and brands seeking tailored communication strategies. The website reflects a professional branding approach with consistent messaging and a focus on creative communications services. Technically, the site is built on WordPress using the BeTheme theme and common plugins, but suffers from slow performance and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, missing security headers, and no cookie consent mechanism, which poses risks to user data protection and trust. Overall, the site is functional and informative but requires significant improvements in security and privacy compliance to meet modern standards.

K

komm.passion GmbH

komm-passion.de

0

komm.passion GmbH is a medium-sized full-service communication consultancy and creative agency operating primarily in Germany with offices in Düsseldorf, Hamburg, and Berlin. The company is affiliated internationally with Team Farner, enhancing its market position. Their service portfolio includes corporate communications, change management, digital health, employer branding, sustainability, and crisis communication among others. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting corporate clients seeking integrated communication solutions. Technically, the site is built on TYPO3 CMS and uses modern web technologies including Google Tag Manager and FontAwesome. However, a critical security gap exists as the website lacks HTTPS, exposing users to potential risks. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Social media presence and trust indicators such as Google Partner and BVDW membership support business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

Kirchhoff Consult GmbH is a specialized consulting firm focused on financial communication, corporate communications, sustainability, ESG, investor relations, and IPO advisory services. The company targets capital markets professionals and corporate clients seeking expert guidance in reporting and sustainability communication. The website reflects a strong market position supported by multiple industry awards and a consistent, professional brand presence. Technically, the site is built on TYPO3 CMS with Apache and PHP 8.3, but lacks proper HTTPS configuration, which is a critical security gap. Security posture is moderate with valid SPF and DMARC records but no SSL/TLS encryption, no HSTS, and no DNSSEC. Privacy compliance is partial with a comprehensive privacy policy but no cookie consent mechanism. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

J

jim & jim

jimjim.ch

0

jim & jim is a leading Swiss marketing agency specializing in NextGen Marketing, focusing on engaging young, hyperconnected customers through innovative digital and physical strategies. The company offers a wide range of services including content creation, community management, live execution, and strategic consulting, positioning itself as a comprehensive partner for brands targeting Millennials and Gen Z. The website reflects a professional and consistent brand image with strong client references and active social media presence. Technically, the site is built on WordPress with modern enhancements like Lottie animations and integrates marketing and analytics tools such as Google Tag Manager and HubSpot. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing the site to potential risks and undermining user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie policy and explicit consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Farner Consulting AG

farner.ch

0

Farner Consulting AG is a well-established Swiss communication agency with over 70 years of experience and a large team of 300 experts. The company offers a broad range of communication services including public affairs, media relations, corporate communications, healthcare, financial services, technology communications, and more. Their target audience primarily consists of businesses and organizations in Switzerland seeking integrated communication solutions. The website is built on WordPress and leverages multiple modern JavaScript libraries and marketing tools such as HubSpot and Google Tag Manager. While the site is professionally designed with good SEO and mobile optimization, it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. The presence of HSTS headers is positive but ineffective without proper SSL. Email authentication records like SPF have syntax errors, and the DMARC policy is minimal, indicating room for improvement in email security. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

E

eKomi Holding GmbH

ekomi.nl

0

eKomi Holding GmbH operates a global SaaS platform specializing in collecting and managing authentic customer and product reviews to enhance business trust and conversion rates. The company is positioned as a market leader with over 15,000 clients worldwide and integrates with major search engines and platforms such as Google to provide seller rating extensions and social commerce technology. Their services focus on increasing SEO, conversion, and customer engagement through verified feedback. Technically, the website is built on WordPress with common web technologies and includes modern marketing and analytics tools like Google Analytics and Intercom. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which significantly impacts its security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Business credibility is supported by clear contact information, client testimonials, and industry awards. Overall, the site is professional and content-rich but requires urgent security improvements to protect user data and enhance trust.

E

eKomi Holding GmbH

ekomi.pt

0

eKomi Holding GmbH operates a global SaaS platform specializing in authentic customer and product review collection and management, serving over 15,000 companies worldwide. The company is positioned as a leader in social commerce technology, integrating with major search engines and e-commerce platforms to enhance client conversion rates and SEO performance. Their services include seller and product ratings, review syndication, and social recommendation features. The website is built on WordPress with a modern tech stack including Bootstrap and jQuery, and integrates marketing and analytics tools such as Google Analytics and Intercom. However, the site lacks a valid SSL certificate and proper HTTPS configuration, which is a critical security concern. Cookie consent mechanisms are implemented, and privacy and terms policies are present and comprehensive. Contact information and social media presence are clearly provided, supporting business credibility.

E

eKomi Holding GmbH

ekomi.es

0

eKomi Holding GmbH operates a global SaaS platform specializing in authentic customer and product reviews to enhance business conversion rates and SEO performance. The company is well-positioned in the technology and e-commerce sectors, serving over 15,000 clients worldwide with recognized certifications and awards. Technically, the website is built on WordPress with modern frameworks and includes essential marketing and analytics integrations with user consent. Security posture is solid with HTTPS and SPF/DMARC email protections, though improvements like HSTS and OCSP stapling are recommended. Overall, the website demonstrates good professionalism, trustworthiness, and compliance with privacy regulations.

E

eKomi Holding GmbH

ekomi.fr

0

eKomi Holding GmbH operates a leading SaaS platform specializing in authentic customer and product review management, serving over 15,000 companies globally. The company leverages advanced technology integrations with major platforms like Google to enhance client conversion rates and SEO performance. Technically, the website is built on WordPress with Bootstrap and includes modern marketing and analytics tools such as Intercom and CookieScript. However, the absence of a valid SSL certificate and lack of HTTPS significantly undermine the site's security posture. While privacy compliance is strong with comprehensive policies and consent mechanisms, the security configuration requires urgent improvements to protect user data and maintain trust. Strategic recommendations include implementing proper SSL/TLS, enabling security headers, and publishing a vulnerability disclosure policy.

V

VRM Anna

vrm-anna.de

0

VRM Anna operates as an online platform facilitating ad submission and management for newspapers and weekly papers primarily in the Rhein-Main and Mittelhessen regions of Germany. The service targets both private and business customers, offering features such as ad drafting, personal ad archives, and payment method storage. The website reflects a regional media service provider with a moderate digital presence and a focus on user convenience for ad bookings. Technically, the site employs modern frontend technologies like React and integrates Google Analytics and Tag Manager for tracking, alongside a GDPR-compliant cookie consent mechanism. However, the absence of a valid SSL certificate and HTTPS support significantly undermines the site's security posture, exposing users to potential risks. No advanced security headers or DNS security features are implemented, and no explicit security or incident response policies are found. Overall, while the business model and content quality are solid, the technical and security implementations require urgent improvements to meet modern standards and build user trust.