Other security reports

M

MUKS Museum Kultur und Spiel Riehen

muks.ch

0

MUKS Museum Kultur und Spiel Riehen is a small cultural museum located in Riehen, Switzerland, focusing on exhibitions and programs related to local culture, history, and play. The website presents a professional and well-structured digital presence, offering detailed information about exhibitions, events, and visitor services. The museum targets a broad audience including families, children, students, and cultural visitors, operating primarily as a non-profit institution. Technically, the site is built on Drupal 10 with modern JavaScript libraries and includes privacy-conscious analytics via Matomo. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policy and incident response information. Overall, the domain registration aligns well with the museum's identity, supporting trustworthiness and legitimacy.

C

Culturescapes

culturescapes.ch

0

Culturescapes is a Swiss-based cultural festival and platform dedicated to international cultural exchange, with a focus on thematic editions such as Sahara 2025 that explore North African culture and its political ties with Switzerland. The website offers a rich array of content including event programs, magazines, books, and archives, targeting cultural enthusiasts, academics, and the general public interested in intercultural dialogue. The business operates primarily as a non-profit cultural organization, leveraging events and publications to engage its audience. Technically, the website employs modern web technologies including Vue.js, ES modules, and Swiper.js for interactive content presentation. It integrates Mailchimp for newsletter subscriptions and maintains a responsive design optimized for mobile devices. While the site performs moderately well, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy policy and cookie banner present but no terms of service or vulnerability disclosure policy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in security policies, contact transparency, and compliance documentation would enhance its security posture and user trust.

Z

zweihochdrei gmbh

zweihochdrei.ch

0

zweihochdrei gmbh is a small Swiss agency based in Basel that has operated for 17 years, providing agency services to clients. The website announces the cessation of agency activities as of May 31, 2023, and provides contact details for support after closure. The company maintains a professional web presence using WordPress and UIkit, with a consistent brand image and clear contact information. Technically, the site uses common web technologies and is moderately optimized for performance and mobile devices. Security posture is adequate with HTTPS enabled but lacks important security headers and privacy compliance elements such as privacy and cookie policies. No forms or tracking scripts are present, reducing privacy risks but also limiting user engagement and analytics capabilities. Overall, the website is trustworthy and professional but could improve compliance and security practices.

Gewerbeverein Pfaffnau / St. Urban & Roggliswil is a small local business association focused on fostering networking and collaboration among local and regional businesses and community stakeholders in Switzerland. The website is built on WordPress using the Divi theme, providing a good user experience with clear navigation and relevant content about the association's purpose, events, and members. Security posture is moderate with HTTPS enabled but lacks advanced security headers and policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is safe, professional, and trustworthy for its intended audience but could improve in compliance and security transparency.

B

Building

building.co.uk

0

Building.co.uk is a leading UK-based online magazine and resource portal for construction professionals, offering news, CPD modules, events, and industry data. The website is well-established with a professional design, consistent branding, and a comprehensive content offering targeted at construction industry stakeholders. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Amazon CloudFront CDN, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and standard security best practices observed, although explicit security policies and vulnerability disclosure mechanisms are not publicly available. Overall, the site presents a trustworthy and authoritative presence in its sector, though WHOIS data for the exact domain is unavailable due to domain naming rules, indicating the domain is likely a subdomain or alias under a registered parent domain.

M

anthrazit CMS |

mopage.ch

0

The website cms.anthrazit.org serves as a login portal for the anthrazit CMS platform, providing access to registered users. The site is minimalistic, focusing on authentication with no public-facing business information or marketing content. The platform appears to be a specialized CMS solution, but lacks visible business identity or contact details, limiting external trust signals. Technically, the site uses modern JavaScript libraries such as jQuery 3.7.1 and Bootstrap CSS for styling, and it is optimized for mobile devices with responsive design elements. However, the absence of security headers and privacy policies indicates room for improvement in compliance and security maturity. The WHOIS data is unavailable due to a malformed query or privacy protection, which is common for CMS platforms but reduces transparency. Overall, the site is functional but basic, with moderate technical implementation and security posture.

G

Guidle AG

kallaender.ch

0

The website www.kallaender.ch is a local event listing platform focused on the municipality of Allschwil, Switzerland. Operated by Guidle AG, it provides users with information about upcoming events and allows event organizers to submit their events via a dedicated page. The site targets residents and visitors interested in community activities, positioning itself as a localized event management and information service. The business model revolves around providing a centralized platform for event discovery and submission within the Allschwil community. Technically, the website employs modern web technologies including JavaScript modules, SVG graphics, and the Vite build system. It uses HTTPS to secure communications and loads external scripts from trusted domains such as guidle.com and ajax.googleapis.com. The site is mobile-optimized with responsive design elements and good navigation clarity. However, it lacks some advanced accessibility features and security headers that could enhance its security posture. From a security perspective, the site benefits from HTTPS encryption and does not expose sensitive data in its HTML content. There are no detected vulnerabilities or malicious scripts. However, the absence of security headers like Content-Security-Policy and Strict-Transport-Security, as well as the lack of a cookie consent mechanism, represent areas for improvement. No explicit privacy or security policies are published beyond an impressum page, and no incident response or vulnerability disclosure information is provided. Overall, the website is functional, trustworthy, and serves its community purpose well but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include implementing cookie consent, publishing detailed privacy and security policies, adding security headers, and considering a vulnerability disclosure program to improve trust and compliance.

M

Museum Allschwil – Haus für Kultur und Geschichte

museumallschwil.ch

0

Museum Allschwil is a local cultural and historical institution based in Allschwil, Switzerland, dedicated to preserving and showcasing regional culture and history. The website serves as an informational portal for visitors, providing details about the museum and its offerings. The business model is typical for a small museum, focusing on exhibitions and cultural education for the general public. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as HTML5, CSS, and JavaScript. It includes multilingual support and basic SEO metadata but lacks comprehensive privacy and terms of service documentation. Security measures include HTTPS enforcement and cookie consent mechanisms, with some security hardening scripts in place. However, there is no visible incident response or vulnerability disclosure information, which could be improved to enhance trust and compliance. Overall, the website is professionally designed and functional, suitable for its purpose but with room for improvement in privacy and security transparency.

SoCal NOMA is a regional chapter of the National Organization of Minority Architects focused on advancing education and careers for historically underrepresented groups in architecture and allied design professions. The organization offers educational programs, professional development, advocacy, and community engagement primarily in Southern California. Their website reflects a small non-profit with a clear mission and active community involvement. Technically, the site is built on WordPress, using modern libraries such as jQuery, Bootstrap, and Smart Slider 3, hosted on Bluehost. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent with the organization's history and supports legitimacy.

Architecture for Communities Los Angeles (ACLA) is a small non-profit organization dedicated to inspiring and empowering communities in Los Angeles through architecture education, events, and engagement. Their website serves as a hub for promoting community events, student exhibitions, scholarships, and sustainability initiatives. The organization targets students, architects, and community members interested in architecture and social impact within the Los Angeles region. The site reflects a consistent brand and professional presentation aligned with their mission. Technically, the website is built on WordPress with WooCommerce for donations and event registrations, leveraging common libraries such as jQuery, RoyalSlider, and Slick Carousel. Hosting is provided by InMotion Hosting, and the site uses HTTPS with a good SSL configuration. SEO and mobile optimization are well addressed, though accessibility features are basic. Analytics are implemented via Google Analytics and Jetpack Stats, but the Google Analytics plugin is not fully configured. From a security perspective, the site enforces HTTPS and uses domain transfer protections. However, it lacks DNSSEC and important security headers like Content-Security-Policy. No cookie consent mechanism is present, which may impact GDPR compliance. Payment processing is handled securely via Authorize.Net CIM. No incident response or security policy is published, and no vulnerability disclosure or security.txt file is found. Overall, the website is safe, professional, and trustworthy with a moderate security posture. Recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, completing analytics configuration, and publishing security policies to enhance compliance and trust.

A

ARVHA

femmes-archi.org

0

The website www.femmes-archi.org represents ARVHA, a non-profit association dedicated to promoting women architects through the French Prize for Women Architects and related events. The site serves as a platform to showcase award winners, organize conferences, and provide media content supporting gender parity in architecture. The target audience includes women architects, architecture professionals, and supporters of diversity in the field. The business model is centered on event organization and awareness campaigns, supported by institutional and private sponsors. Technically, the website is built on WordPress 5.5.17 using the Enfold theme and several plugins such as LayerSlider and Video Popup. It employs Google Analytics and Google Tag Manager for tracking and uses Google Fonts for typography. The site is mobile-optimized with a moderate performance profile and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, it lacks visible security headers and a published privacy policy, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the professional presentation and active social media presence support trustworthiness. Overall, the website is a well-maintained, professional platform serving a niche non-profit mission. Strategic recommendations include publishing a comprehensive privacy policy, enhancing security headers, updating WordPress and plugins regularly, and providing clear contact information for security and business inquiries to strengthen compliance and trust.

G

Grimshaw Foundation

grimshaw.foundation

0

The Grimshaw Foundation is a charitable trust established in 2020 by Grimshaw Architects, dedicated to promoting creativity and supporting young people aged 11-15 in exploring creative careers, particularly in architecture and the built environment. The foundation provides educational resources, stories, and opportunities to empower youth and address social and economic equity. The website reflects a focused non-profit mission with a clear target audience and consistent branding. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party services such as Mailchimp for newsletter subscriptions and Vimeo for video content. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with a valid SSL certificate and has domain registration protections such as clientTransferProhibited status, but lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is limited as no privacy or cookie policies are present, representing a compliance gap. Overall, the site is professional and trustworthy but could improve in privacy and security policy transparency.

The website www.russellgroup.ac.uk is currently inaccessible, returning a 403 Forbidden error page generated by Amazon CloudFront, indicating that access is blocked likely due to security or configuration settings. This prevents any meaningful extraction of business, technical, or security information from the site content. The WHOIS data is completely missing or unavailable, which further limits the ability to verify domain registration details, ownership, and legitimacy. Without access to the website content or WHOIS data, no assessment of privacy policies, contact information, or security posture can be performed. The site appears to be protected by a Web Application Firewall (WAF), but this also restricts visibility into its operations and compliance status.

S

Stage de rugby Stade Rochelais

stages-staderochelais.com

0

The website 'Stages Stade Rochelais' offers rugby training camps associated with the Stade Rochelais rugby club, targeting rugby players and enthusiasts primarily in France. The business operates a niche sports training service with a focus on rugby camps. The website is built on the Wix platform, utilizing modern web technologies including Google Analytics and Tag Manager for tracking. The site is professionally designed, mobile-optimized, and provides structured business information including a physical address. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Security posture is adequate with HTTPS enforced but lacks explicit security headers and privacy compliance mechanisms such as a privacy policy or cookie consent banner. Overall, the site presents a moderate risk profile with recommendations to improve privacy compliance and domain registration transparency.

P

Paul Mellon Centre for Studies in British Art and Yale Center for British Art

britishartstudies.ac.uk

0

British Art Studies is a specialized academic digital publication focusing on peer-reviewed scholarship in British art, with a current thematic issue on Queer Art in Britain since the 1980s. The website is affiliated with reputable institutions such as the Paul Mellon Centre for Studies in British Art and the Yale Center for British Art, positioning it as a trusted source in its niche academic field. The content is rich, well-structured, and targeted towards academics, researchers, and students interested in British and queer art history. Technically, the site uses a modern JavaScript framework (Quire) and is hosted on Netlify, with Google Tag Manager implemented for analytics. The site demonstrates good mobile optimization and accessibility, though SEO could be improved. Security posture is moderate with HTTPS implied but lacks explicit security headers and formal privacy or cookie policies. No forms or contact information for incident response are present, which limits user engagement and security transparency. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

Jobbnorge.no is a Norwegian online recruitment platform focused on connecting job seekers with employers across Norway. The website offers job search functionality and recruitment tools, positioning itself as an important player in the Norwegian recruitment market. The platform targets both job seekers and employers, providing a streamlined experience for finding and posting jobs. The business model revolves around providing digital recruitment services and tools to facilitate hiring processes. Technically, the website employs modern technologies including ASP.NET, Matomo analytics, and Cloudflare for hosting and security. It features a comprehensive cookie consent mechanism compliant with GDPR, enhancing user privacy and transparency. Security posture is strong with HTTPS enforced and device fingerprinting used for security purposes, although some security headers could be improved. Overall, the website is professional, well-branded, and trustworthy, with good mobile optimization and accessibility. However, the lack of publicly available WHOIS data slightly reduces trust but is likely due to privacy protection. Strategic recommendations include publishing a privacy policy page, terms of service, and a vulnerability disclosure policy to further enhance compliance and trust.

The domain postmansubs.com is registered since 2018 with a reputable registrar and has a valid registration status. However, the website content is currently inaccessible, returning a 404 Not Found error page with no meaningful content, metadata, or business information. There are no privacy, cookie, or terms of service policies, nor any contact information or forms available. The technical infrastructure appears minimal with no detected scripts, analytics, or tracking technologies. Security posture cannot be assessed due to lack of HTTPS information and security headers. Overall, the website is non-operational and lacks any digital maturity or business presence.

D

Designers’ Saturday

designerssaturday.no

0

Designers’ Saturday is a Norwegian event organization specializing in showcasing design news in furniture, textiles, lighting, flooring, interior, and furnishing products. Positioned as Norway's only dedicated design exhibition platform, it targets design professionals, exhibitors, and enthusiasts primarily in Oslo and the surrounding region. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as htmx, Google Tag Manager, and AWS S3 for media hosting, and is built on Craft CMS. The site is well-optimized for mobile and SEO, with clear navigation and rich multimedia content. From a security perspective, the website employs HTTPS with strong SSL configuration and includes security best practices such as CSRF tokens in forms. However, it lacks explicit cookie consent mechanisms and published security or incident response policies, which are areas for improvement. The absence of WHOIS data due to privacy protection is common for event organizations but reduces transparency. Overall, the site demonstrates a high level of professionalism and trustworthiness with moderate privacy compliance. Strategically, the organization should focus on enhancing privacy compliance by implementing cookie consent banners, publishing terms of service, and providing clear security incident contact channels. These steps will strengthen user trust and regulatory adherence. The technical infrastructure is robust, but ongoing audits of third-party scripts and security policies are recommended to maintain a strong security posture.

I

Gardiner | Ia Torgersen design

ia-torgersen.no

0

The website www.ia-torgersen.no appears to be a small-scale business site built on the Wix platform. The content is minimal and lacks detailed business descriptions, contact information, or policy disclosures. The technical infrastructure relies on Wix's standard scripts and hosting, indicating a basic digital maturity level. Security posture is weak due to the absence of security headers, privacy policies, and WHOIS transparency. No forms or data collection mechanisms were detected, reducing immediate data protection concerns but also limiting user engagement. Overall, the site presents a low trust profile with significant gaps in compliance and security best practices.

T

TreCe

trece.se

0

TreCe is a Swedish company specializing in office storage and recycling solutions designed to integrate seamlessly with office interiors. Their website presents a professional and well-structured digital presence built on WordPress with WooCommerce, leveraging modern plugins such as Yoast SEO and Cookiebot for SEO and privacy compliance. The site targets businesses and organizations seeking flexible and user-friendly storage and sorting solutions for office and public environments. Technically, the website is well-optimized for mobile devices and includes standard tracking and consent mechanisms, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses reCAPTCHA, but lacks some advanced security headers and explicit security policies, which could be improved. The absence of WHOIS data for the domain www.trece.se reduces trustworthiness from a domain registration perspective, though the website content and structure appear legitimate and professional. Overall, the site is safe for general audiences and provides a solid foundation for business operations, but would benefit from enhanced transparency in privacy and security documentation.

The website at tru.am appears to be primarily an exposed storage bucket or file listing rather than a fully developed business website. The content is minimal and technical in nature, showing XML data of stored files without any visible business branding, contact information, or user-facing content. The domain is registered since 2012 with a reputable registrar and is active, indicating legitimacy in domain ownership but not necessarily in website content or presentation. The technical infrastructure lacks modern web technologies, security headers, and HTTPS, which indicates a low level of digital maturity and security posture. No privacy or cookie policies are present, and no contact or incident response information is available, which raises concerns about compliance and user trust. Overall, the site does not present itself as a professional or customer-facing platform and may be misconfigured or under development.

T

Togel SDY

dlhpalembang.com

0

The website 'Togel SDY' operates as a niche informational portal providing daily lottery results and historical data for the Togel Sidney (SDY) lottery market, primarily targeting Indonesian lottery players. The business model centers on delivering timely and accessible lottery data to assist bettors in making informed decisions. The site is relatively new, with domain registration in late 2024, and uses Squarespace CMS hosted with Cloudflare DNS services. The technical infrastructure is modern but basic, with moderate performance and mobile optimization. Security posture is adequate with HTTPS and HSTS enabled, but lacks advanced security headers and DNSSEC, and no privacy or cookie policies are published, indicating compliance gaps. The site does not provide contact information or business credentials, which limits trust and credibility. Content is gambling-related, thus age-restricted and considered questionable for general audiences. Overall, the site is functional but requires improvements in privacy compliance, security hardening, and business transparency to enhance trust and regulatory adherence.

D

Live Draw SGP Tercepat Hari Ini – Result Togel Singapore Pools Resmi 2025

dlhhelvetia.com

0

The website dlhhelvetia.com is a small-scale, Indonesia-based informational site focused on providing live draw results and historical data for the Singapore Pools lottery (Togel Singapore) for the year 2025. It targets lottery players and enthusiasts seeking real-time and accurate lottery results. The site is built on the Squarespace platform, leveraging modern web technologies and hosted with Cloudflare DNS services, ensuring basic security and performance standards. However, the site lacks critical privacy and cookie policies, which impacts its compliance posture. Security-wise, HTTPS and HSTS are enabled, but no advanced security policies or incident response information are published. Overall, the site is functional and moderately optimized but requires improvements in privacy compliance and security transparency to enhance trust and regulatory adherence.

D

Live Draw HK 4D - Keluaran Togel Hongkong Pools - Data HK Prize - Result HK Lotto Hari Ini

dlhsinabang.com

0

The website dlhsinabang.com operates as a niche platform providing live lottery draw results and data aggregation for Hong Kong pools, primarily targeting an Indonesian audience interested in togel gambling. The business model centers on disseminating lottery results and related information, with a small-scale market presence and basic content quality. Technically, the site is built on Squarespace, leveraging its CMS and hosting infrastructure, with Cloudflare DNS and basic performance optimizations. The site is mobile-optimized but lacks advanced accessibility and SEO features. Security posture is moderate with HTTPS and HSTS enabled, but DNSSEC is not implemented, and no explicit security or privacy policies are published. The absence of contact information and compliance documentation reduces business credibility and privacy compliance. Overall, the site is functional but requires improvements in transparency, security, and compliance to enhance trust and user confidence.

The website property-system-uk.com currently presents no accessible content beyond an empty HTML skeleton. There is no metadata, no visible text, no forms, no external links, and no contact information, indicating the site is either inactive or under construction. The domain is registered since 2015 via NameCheap, Inc., which suggests some longevity but no active digital presence is evident. The lack of content and technical implementation severely limits the ability to assess the business or its market position. Technically, the site lacks HTTPS, security headers, and any modern web technologies, which poses significant security and trust concerns. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. Overall, the site scores very low on content quality, technical implementation, security posture, privacy compliance, and business credibility, resulting in a critical risk profile. Strategic recommendations include immediate deployment of HTTPS, content development, and implementation of privacy and security best practices.

The website www.capterra.ca is currently inaccessible due to a Cloudflare security challenge page (Turnstile captcha) that blocks direct access to content. This prevents extraction of any meaningful business, contact, or policy information. The domain WHOIS data is unavailable, indicating privacy protection or non-registration under the exact subdomain. The site is protected by Cloudflare's WAF, which enhances security but limits external analysis. Without access to actual content, the business overview, market position, and services cannot be determined. The technical infrastructure includes Cloudflare security services and standard web technologies, but no CMS or advanced frameworks are detectable. Security posture is difficult to assess fully but benefits from Cloudflare protection. Overall risk assessment is moderate due to lack of accessible data and inability to verify legitimacy fully. Strategic recommendations include obtaining access to full site content for analysis, verifying domain registration details, and ensuring transparency of business and security policies.

The website rcahmw.gov.uk currently presents a robot challenge screen implementing a proof-of-work CAPTCHA mechanism, indicating the presence of a Web Application Firewall or similar security control that blocks direct access to content. This prevents direct analysis of the actual website content, policies, or business information. The domain is a longstanding UK government domain registered since 1996 directly with Nominet, consistent with a legitimate government entity. The technical infrastructure includes advanced client-side cryptographic challenges and hosting via Amazon CloudFront CDN, demonstrating a modern approach to bot mitigation. However, no privacy, cookie, or terms of service policies are visible on this challenge page, nor is any contact or business information exposed. Security headers and SSL configuration details are not available from the provided data. Overall, the site shows strong security posture in terms of bot protection but lacks visible compliance and business transparency on this page.

H

Hallett Independent Limited

hallettindependent.com

0

Hallett Independent Limited is a specialist insurance brokerage firm focused on private clients and art insurance. The company operates independently from large global insurers, providing expert advice and tailored risk management services to a niche market including artists, art dealers, museums, and private collectors. Their market position is that of a trusted, small-scale expert broker with a strong emphasis on professionalism and client care. The website reflects this with high-quality content, clear navigation, and consistent branding. Technically, the site is built on WordPress with modern libraries and integrations such as Google Analytics and reCAPTCHA, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and Cyber Essentials certification displayed, though some improvements like security headers and cookie consent are recommended. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the overall business credibility remains high due to regulatory compliance and professional presentation.

L

Lyon & Turnbull

lyonandturnbull.com

0

Lyon & Turnbull is a well-established UK specialist auction house with a rich history dating back to 1826. The company operates primarily in Edinburgh and London, offering expert auctioneering services in fine art, antiques, jewellery, and collectibles. Their market position is strong within the UK auction sector, targeting collectors and sellers of high-value items. The website reflects a professional and modern digital presence, utilizing advanced web technologies such as Next.js and Material-UI, and integrates multiple analytics and tracking tools with user consent mechanisms. Security posture is generally good with HTTPS enforced and no exposed sensitive data, though the absence of WHOIS data and security headers suggests room for improvement in transparency and security best practices. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected in the provided content. Overall, the website is trustworthy and professional, but the lack of domain registration data and some missing security policies slightly reduce the confidence level.

G

Grimshaw

grimshaw.global

0

Grimshaw is an internationally recognized architecture and design firm focused on innovative and sustainable solutions. Their website showcases a comprehensive portfolio of projects across multiple sectors including aviation, infrastructure, education, and residential design. The firm emphasizes its commitment to net zero carbon ready buildings and socially and environmentally regenerative architecture, positioning itself as a leader in sustainable design. Technically, the website employs a modern technology stack with various JavaScript libraries for enhanced user experience, multimedia integration, and responsive design. The site is well-optimized for mobile devices and provides rich content including videos and detailed project descriptions. Security-wise, the site uses HTTPS and modern libraries but lacks explicit security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. WHOIS data is limited due to TLD restrictions, but the website's professional presentation and consistent branding support its legitimacy. Overall, Grimshaw's digital presence reflects a mature, credible business with strong sustainability credentials and a global market position.

T

Tyréns Group

tyrens.com

0

Tyréns Group is a multidisciplinary consultancy specializing in sustainable urban design, infrastructure, and the built environment. The company positions itself as a market leader in delivering sustainable solutions for cities and infrastructure projects, targeting urban planners, municipalities, and infrastructure developers. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on Umbraco CMS and integrates modern tools such as Google Tag Manager and Cookiebot for analytics and cookie consent management. The site is mobile optimized and performs moderately well in terms of speed and accessibility. Security posture is solid with HTTPS enforced and standard security headers present, although there is room for improvement by adding a Content-Security-Policy header and publishing security policies. Privacy compliance is partially met with a cookie consent mechanism but lacks a visible privacy policy page. The absence of WHOIS registration data is a notable concern, reducing overall trustworthiness despite the professional appearance. Contact information is available, including a Stockholm office address and phone number, but no direct company emails were found. Overall, the site scores well but should address privacy and WHOIS transparency to improve credibility.

Women In Architecture France is a small non-profit association dedicated to promoting gender equity in the architecture profession, primarily in France and Europe. Founded in 2018 by three architects, the organization focuses on advocacy, research, awards, and international collaboration to enhance the visibility and professional equality of women architects. The website serves as an informational platform showcasing the founders, their mission, and related activities. Technically, the website is built on an older version of WordPress with the Enfold theme and uses common web technologies such as jQuery and LayerSlider. The site is accessible, mobile-optimized, and uses HTTPS, but lacks modern security headers and up-to-date software versions, which could pose security risks. No analytics or tracking scripts are present, indicating minimal user tracking. From a security perspective, the site has a good SSL configuration but lacks important security headers and privacy compliance documentation such as privacy and cookie policies. The absence of WHOIS data for the domain is a concern for trust and legitimacy verification. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is professional and content-rich for its niche but requires improvements in security practices, privacy compliance, and transparency to enhance trustworthiness and reduce risk.

A

Association for Women in Architecture & Design

awaplusd.org

0

The Association for Women in Architecture & Design is a well-established non-profit professional society dedicated to advancing and supporting women in architecture and allied design fields. Their offerings include scholarships, fellowships, professional development, and networking opportunities, supported by a sister foundation (AWAF). The organization maintains an active online presence and partnerships with reputable industry organizations, positioning itself as a key advocate for women in the built environment. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including Google reCAPTCHA Enterprise for form security and Typekit fonts for branding consistency. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS with HSTS and uses CAPTCHA to protect forms, indicating a solid security posture. However, the absence of visible privacy and cookie policies, as well as lack of incident response or vulnerability disclosure information, represents compliance and transparency gaps. Overall, the website is professional and trustworthy, but improvements in privacy compliance and transparency would strengthen its security and user trust profile.

A

Agentur Frontal AG

frontal.ch

0

Agentur Frontal AG is a Swiss advertising agency specializing in branding and digital marketing with over 20 years of experience. The company offers a broad range of creative services including branding, communication design, campaigns, packaging, websites, social media, trade shows, and storytelling. Their website reflects a professional and consistent brand image targeting businesses seeking comprehensive branding and digital solutions. Technically, the site uses modern JavaScript libraries and a CMS platform (Contens CMS), with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some HTTP security headers are missing and no explicit security or incident response policies are published. Overall, the website is trustworthy, content-rich, and well-maintained, supporting the company's credibility and market position.

A

Alliance Française de Bâle

af-bale.ch

0

The Alliance Française de Bâle is a small non-profit cultural association dedicated to promoting the French language and culture in the Basel region and surrounding border areas. The website serves as a platform to announce and organize francophone events such as conferences, guided visits, courses, theatre, cinema, concerts, and clubs. It targets French speakers and cultural enthusiasts locally, positioning itself as a niche cultural promoter within the community. Technically, the website is built on WordPress with common plugins such as Events Manager and uses jQuery for interactivity. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers and cookie consent mechanisms. The site is moderately optimized for performance and accessibility, with basic mobile responsiveness and SEO features. From a security perspective, the site enforces HTTPS but does not implement key HTTP security headers like CSP or HSTS. There is no visible privacy or cookie policy compliance mechanism, and no incident response or vulnerability disclosure information is provided. Analytics tracking is present via a plugin but not configured, indicating minimal user tracking. Overall, the website is trustworthy and professionally maintained for its purpose but would benefit from enhanced security practices and privacy compliance improvements to better protect users and meet regulatory requirements.

D

Der Holzring GmbH

holzring.de

0

Der Holzring GmbH operates as a cooperative service provider focused on process optimization, intelligent performance remuneration, and fostering successful networking between shareholders and suppliers. The company positions itself as a trusted intermediary enhancing business relationships within the wood supply sector. The website reflects a medium-sized enterprise based in Germany, offering consulting and optimization services with a clear business model centered on collaboration and efficiency. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies such as Bootstrap and jQuery, hosted likely on Your-Server.de infrastructure. The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security posture is solid with HTTPS enforced and privacy-conscious analytics implementation, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's business credibility and digital maturity.

The website qwenty.fr is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which prevents full content analysis. The domain is registered since 2019 with Scaleway as registrar and uses Cloudflare for DNS and security services. Due to the WAF challenge, no business information, contact details, or policies are visible, limiting the ability to assess the company's market position, services, or compliance posture. The technical infrastructure indicates use of modern CDN and bot mitigation technologies but lacks visible security headers or SSL details in the accessible content. The security posture cannot be fully evaluated, but the presence of Cloudflare Turnstile suggests a proactive approach to mitigating automated threats. Overall, the site is rated low in AI scoring due to blocked content, with recommendations to allow access for comprehensive analysis and to publish clear privacy and security policies.

The website hostay.fr is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, which blocks direct access to any business content or information. The domain is registered with Scaleway and uses Cloudflare nameservers, indicating a hosting and security setup consistent with a French-based small business or service. Due to the lack of visible content, no privacy, cookie, or terms of service policies are available, nor is there any contact or security policy information. The technical infrastructure includes modern security measures such as Cloudflare's WAF and CAPTCHA, but the absence of accessible content limits the ability to assess the website's full digital maturity or business model. The security posture is moderate based on the presence of Cloudflare protections, but the lack of visible security headers or policies reduces confidence. Overall, the site is low in trustworthiness and content quality due to the blocking mechanism.

H

Haufe-Lexware GmbH & Co. KG

lexrocket.de

0

Haufe-Lexware GmbH & Co. KG is a well-established German software company specializing in business and accounting software solutions for self-employed individuals, freelancers, and small to medium-sized enterprises. Operating since 1993 as part of the Haufe Group, Lexware holds a strong market position in Germany, offering a range of products including accounting, payroll, and business management software, complemented by educational content and tools for entrepreneurs. The website content is professionally curated, targeting entrepreneurs and business owners with relevant knowledge and practical advice on business formation and management. Technically, the website is built on the TYPO3 CMS platform and integrates modern technologies such as Usercentrics for consent management, Econda for analytics, and Kameleoon for marketing optimization. The hosting infrastructure is managed by the Haufe Group, ensuring reliable performance and security. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs consent management to comply with privacy regulations. While explicit security headers are not visible in the provided data, no vulnerabilities or exposed sensitive data were detected. The company maintains comprehensive privacy and cookie policies, indicating a mature approach to data protection and GDPR compliance. However, the absence of a public security policy or incident response information suggests areas for improvement. Overall, Haufe-Lexware's website reflects a mature, trustworthy, and professional digital presence with strong business credibility and compliance posture. Strategic enhancements in security transparency and header implementation could further strengthen its security stance and user trust.

G

Gewerbeausstellung GEWA | 17. – 19. April 2026 | Reithalle Turbenthal

gewa-turbenthal.ch

0

The website www.gewa-turbenthal.ch appears to represent a small Swiss business, likely in the energy or local services sector, based on the domain and partial content context. The site is built on the Wix platform, utilizing Wix Thunderbolt framework and standard Wix hosting infrastructure. The technical infrastructure is modern but basic, with no advanced SEO or accessibility features detected. Security posture is moderate with HTTPS enabled but lacks security headers and formal privacy or cookie policies. No contact or business registration information is clearly presented, limiting trust and compliance assessment. Overall, the site is functional but minimal in content and security maturity.

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) which is displayed when a requested website is not accessible or offline. This page includes embedded Chromium offline game scripts and styling but contains no actual business or website content. Consequently, there is no identifiable company, no privacy or cookie policies, no contact information, and no external links or marketing content. The technical infrastructure is limited to Chromium internal scripts and basic HTML/CSS, with no hosting or CMS details available. Security posture is minimal due to the nature of the page being an error display rather than a public website. Overall, this page does not represent a legitimate business website and cannot be evaluated for compliance or security beyond its role as a browser error page.

Unser-stadtplan.de is a German website operated by Städte-Verlag E. v. Wagner & J. Mitterhuber GmbH, providing digital and printed city maps, district maps, and comprehensive business directories. The platform also features job listings, targeting local residents and businesses in Germany. The website content is primarily in German and focuses on delivering detailed geographic and commercial information to its users. The business model revolves around map publishing and local business promotion, positioning itself as a regional leader in city planning and local information services. Technically, the website uses standard web technologies including JavaScript and CSS with custom scripts for UI interactions and animations. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. No CMS or major frameworks are detected. The hosting provider and SSL configuration details are not explicitly available, limiting a full technical assessment. From a security perspective, the site does not explicitly show HTTPS status or security headers in the provided data, indicating potential gaps in security best practices. No privacy or cookie consent banners are present, which is a compliance concern under GDPR. The site includes a privacy policy and contact form but lacks visible incident response or security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is functional and provides valuable local information but would benefit from enhanced security measures, improved privacy compliance, and better technical modernization to strengthen trust and user experience.

The website revsci.net currently hosts extremely minimal content, consisting solely of a small JavaScript snippet that loads an external accessibility script. There is no metadata, no business information, no contact details, and no policies present on the site. The domain is newly registered in August 2023 via DropCatch.com, a domain drop-catching registrar, suggesting the site is either in early development or speculative. The lack of content and business information prevents any meaningful assessment of the company's market position or services. From a technical perspective, the site uses basic JavaScript but lacks modern web development best practices such as SEO metadata, accessibility features, or performance optimizations. There is no evidence of HTTPS or security headers, which poses a significant security risk. No analytics or advertising technologies are detected, indicating minimal digital maturity. Security posture is weak due to the absence of HTTPS, security headers, privacy policies, and contact information for incident response. The domain registration is legitimate but does not align with any visible business claims, reducing trustworthiness. No vulnerabilities or malicious indicators are detected, but the site is not production-ready. Overall, the site scores very low on content quality, security, privacy compliance, and business credibility. Strategic recommendations include enabling HTTPS, adding comprehensive privacy and cookie policies, publishing contact and security incident response information, and developing meaningful website content to establish trust and legitimacy.

S

Swiss Institute for Art Research (SIK-ISEA)

sikart.ch

0

The Swiss Institute for Art Research (SIK-ISEA) operates a specialized research portal focused on Swiss art and art history. The website serves as an authoritative platform offering access to the SIKART Lexicon, catalogues raisonnés, and collections/projects, targeting researchers, academics, and art enthusiasts. The business model is non-profit and research-oriented, positioning the institute as a key resource in the cultural heritage sector in Switzerland. Technically, the site employs modern web technologies including React and Font Awesome, with Matomo analytics for user tracking. The site is mobile-optimized and demonstrates good design and navigation clarity. Security posture is solid with HTTPS enforced and cookie consent implemented, though lacks visible advanced security headers and formal privacy or security policies. Overall, the site is trustworthy and professionally maintained, but could improve transparency by publishing privacy and terms of service documents.

S

Stiftung Stadt.Geschichte.Basel

stadtgeschichtebasel.ch

0

Stadt.Geschichte.Basel is a non-profit foundation focused on providing deep insights into the history of Basel through digital storytelling, research data platforms, and public engagement. The website serves a niche audience including history enthusiasts, students, and researchers by offering access to nine individual volumes and an overview volume of Basel's history, enriched with innovative data stories and a blog covering various historical epochs. The platform emphasizes open access to research data and collaborative dissemination through partnerships and events. Technically, the site is built on modern frameworks like SvelteKit, ensuring fast performance, mobile optimization, and good accessibility. The use of privacy-respecting analytics (Plausible) aligns with the foundation's educational mission. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of some security headers and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and well-aligned with its cultural and educational objectives.

E

EasyRecyclage

easyrecyclage.com

0

EasyRecyclage is a leading French company specializing in tertiary waste management services, including recycling, secure destruction of confidential documents, and customized waste solutions. The company operates under the Paprec Group umbrella, leveraging a strong market position and extensive service offerings tailored to businesses and organizations across France. Their website reflects a professional and consistent brand image, emphasizing their expertise and client base of over 20,000 companies. Technically, the website is built on WordPress with Elementor, incorporating modern web technologies and providing a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is trustworthy and professionally maintained, supporting the company's credibility in the waste management sector.

The website cloud32.ch currently serves as a minimal 'Coming Soon' placeholder page with no substantive business content, contact information, or policies. The site uses WordPress with a Coming Soon plugin and includes styling via Tailwind CSS and FontAwesome. There is no evidence of active business operations or services presented on the site. The technical infrastructure is basic, with standard libraries such as jQuery and Google Fonts included. No analytics or tracking scripts are detected, and no security headers or SSL configuration details are available from the provided data. The security posture is weak due to lack of visible HTTPS enforcement and absence of security best practices. Privacy compliance is non-existent as no privacy or cookie policies are found. Overall, the site lacks business credibility and trust indicators, making it unsuitable for customer engagement at this time.

The website sefeaimpact.it currently serves a robot challenge screen implementing a proof-of-work captcha mechanism to verify visitors. This indicates the presence of a Web Application Firewall (WAF) or security layer blocking direct access to the actual website content. Due to this, no business-related content, contact information, or policies are accessible for analysis. The domain is registered since 2016 with DNSSEC enabled, suggesting a legitimate registration, but the lack of accessible content limits further trust evaluation. Technically, the site uses custom JavaScript with Web Workers and cryptographic hashing to implement the captcha challenge. The hosting leverages AWS Cloudfront CDN for content delivery. However, no SEO, accessibility, or privacy compliance features are present on the challenge page. Security headers and HTTPS configuration details are not visible in the provided data. The security posture shows some strengths in DNSSEC and captcha usage but lacks visible security headers and privacy compliance mechanisms. The site does not expose forms or inputs, reducing attack surface but also limiting user interaction. Overall, the site is currently inaccessible for normal users without passing the challenge, which impacts usability and trust. Given these factors, the overall risk is moderate due to the blocking mechanism, but the lack of transparency and policies is a concern. Strategic recommendations include implementing visible security headers, publishing privacy and cookie policies, providing contact and incident response information, and improving user experience post-challenge.

A

Axapharm AG

grafixpharm.ch

0

Grafixpharm, operated by Axapharm AG, is a Swiss-based graphic design service provider with a multilingual WordPress website. The site demonstrates moderate digital maturity with the use of modern plugins such as Yoast SEO, WPML for multilingual support, and Google Analytics for visitor tracking. The website design is professional and mobile-optimized, providing a good user experience and clear navigation. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is adequate with HTTPS enabled and some tracking opt-out mechanisms, but it lacks advanced security headers and public security policies. Overall, the domain registration aligns well with the business claims, indicating legitimacy and consistency.

K

Kirchen in Zürich - Diese Seite ist nicht mehr in Betrieb.

kirchen-in-zuerich.ch

0

The website kirchen-in-zuerich.ch is currently inactive, displaying a message that it is no longer in operation. It appears to have been a WordPress-based site focused on churches in Zürich, Switzerland, but no active content or business services are available. The technical infrastructure is minimal, relying on WordPress with an under construction plugin and standard web fonts and CSS frameworks. There are no visible security headers or advanced security configurations, and no privacy or cookie policies are present. The site lacks contact information, forms, or social media links, indicating a low level of digital maturity and business engagement. Overall, the security posture is weak due to the absence of security best practices and policies, though no critical vulnerabilities or malicious indicators were detected. The domain registration data is consistent with the website's geographic focus and theme, but the inactive status reduces trust and business credibility. Strategic recommendations include reactivating the site with proper content, implementing security headers and HTTPS, adding privacy and cookie policies, and providing clear contact and incident response information to improve compliance and trust.