Security Directory

Z

Zermatt-Matterhorn: Ferien in den Bergen & Alpen

zermatt.ch

62

The website zermatt.swiss serves as a regional tourism portal promoting vacations and holidays in the Zermatt-Matterhorn area of the Swiss Alps. It targets tourists interested in mountain and alpine experiences, providing information and services related to travel and accommodation. The business model is focused on destination marketing and tourism promotion, positioning itself as a key regional player in hospitality. The website demonstrates a good level of digital maturity, utilizing modern web technologies such as Nuxt.js, Tailwind CSS, and integrating analytics and marketing tools like Google Analytics, Facebook Connect, and Cookiebot. Performance and mobile optimization are good, though accessibility is basic. From a security perspective, the site enforces HTTPS and employs a Content-Security-Policy header, reflecting sound security practices. However, additional security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited, with no explicit privacy or cookie policies found in the provided content, which is an area for improvement. Business credibility is supported by consistent WHOIS data and a professional web presence, though contact information and trust indicators are minimal. Overall, the website presents a moderate risk profile with strengths in technical implementation and business legitimacy but gaps in privacy compliance and security policy transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, enhancing security headers, and improving accessibility and user trust signals.

M

Media One Group

rockstarradio.ch

47

Rockstar is a digital radio station operated by Media One Group, focusing on rock music from the 1960s to today. The website serves as a streaming platform and brand presence for the radio station, targeting rock music enthusiasts primarily in Switzerland. The site uses modern web technologies including Vue.js and Nuxt.js, and integrates Google Tag Manager and Axeptio for analytics and consent management, although no explicit cookie or privacy policies are published. Social media presence on Instagram and Facebook supports audience engagement. Technically, the website is well-structured with responsive design and moderate performance. However, security posture is moderate due to lack of visible security headers and absence of published security or privacy policies. The domain uses privacy protection in WHOIS, which is common and acceptable for media entities, and no suspicious patterns were detected. The site content is safe for general audiences with no adult or explicit material. Overall, the website is professionally presented and credible as a niche digital radio station. Key improvements include publishing privacy and cookie policies, adding security headers, and providing clear contact information to enhance trust and compliance. These steps will strengthen the security posture and privacy compliance, aligning with best practices for media websites.

M

Media One Group

kisscollector.ch

48

Kiss Collector is a digital radio station operated by Media One Group, targeting French-speaking audiences interested in classic hits from the 1970s and 1980s. The website offers streaming services with a focus on nostalgic music content, positioning itself as a niche media outlet within Switzerland. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, with integration of Google Tag Manager for analytics and Axeptio for consent management, indicating a moderate level of digital maturity. The site is mobile optimized and presents a professional design with consistent branding. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies, and no explicit contact information is provided for users or security incidents. Overall, the website is functional and trustworthy but would benefit from enhanced compliance and security transparency.

E

Eye-Able

eye-able.com

67

Eye-Able is a medium-sized German technology company specializing in digital accessibility solutions. Their platform offers a comprehensive suite of tools including accessibility reporting, auditing, AI assistants, and language translation to help businesses comply with accessibility standards such as WCAG. The company positions itself as a leading European provider with a strong focus on inclusion and compliance. Technically, the website is built on modern frameworks like Nuxt.js and uses Storyblok CMS, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and domain protection, though improvements can be made by enabling DNSSEC and publishing security policies. Privacy compliance is currently weak due to missing explicit privacy and cookie policies. Overall, the website is professional and trustworthy, targeting businesses seeking to improve digital accessibility.

C

Carac Media SA

carac.tv

48

Carac Media SA operates carac.tv, a Swiss French-language media platform offering live TV streaming, replay content, and program guides. Positioned as a niche broadcaster under Media One Group, it targets Swiss viewers interested in character-based TV content. The website employs modern web technologies including Nuxt.js and Vue.js, integrates advertising via Smart AdServer, and uses Google Tag Manager for analytics. Cookie consent is managed through Axept.io, reflecting some privacy compliance efforts. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of explicit privacy policies and security incident contacts indicates room for improvement. Overall, the site is professional, trustworthy, and well-branded, serving its audience effectively.

B

Bits of Freedom

jouwplatformrechten.nl

60

The website 'Blijf Luid | Bits of Freedom' is an advocacy platform focused on informing users about their digital rights and new European regulations that empower users to claim their online space more freely and autonomously. It is operated by Bits of Freedom, a non-profit organization based in the Netherlands. The site targets a general audience interested in digital rights and platform freedoms, providing educational content and advocacy resources. Technically, the site is built using modern JavaScript frameworks such as Nuxt.js and Vue.js, with custom fonts and a responsive design optimized for mobile devices. Matomo analytics is employed, reflecting a privacy-conscious approach to user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and security policy pages suggests room for improvement. Privacy compliance is limited due to the lack of visible privacy and cookie policies. Overall, the site is professional and trustworthy but could enhance transparency and compliance by publishing relevant policies and contact information.

L

LensDirect

lensdirect.com

58

LensDirect operates as an e-commerce platform specializing in discount contact lenses, targeting consumers seeking affordable vision correction products online. The website demonstrates a moderate level of digital maturity, utilizing modern web technologies such as Vue.js, Nuxt.js, Bootstrap, and multiple third-party marketing and analytics tools including Google Analytics, Matomo, Yotpo, and Trustpilot. The infrastructure leverages cloud-based CDNs like AWS Cloudfront and performance optimization services such as Yottaa. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and transparency. Security posture is moderate with HTTPS usage and some best practices observed, but lacks critical security headers and explicit privacy or cookie policies, which are essential for compliance and user trust. Overall, the website provides a professional user experience with good content quality but requires improvements in privacy compliance and security hardening.

Pix is a French public service platform dedicated to evaluating, developing, and certifying digital skills for individuals throughout their lives. Established as a non-profit group of public interest, Pix collaborates with various public actors in education and training. The platform serves a broad audience including citizens, educators, public employment services, and employers, positioning itself as a key player in digital skills certification recognized by the French government and professional sectors. Technically, Pix leverages modern web technologies such as Nuxt.js and Prismic CMS, ensuring a fast, mobile-optimized, and user-friendly experience. The website demonstrates excellent content quality and professional design, with clear navigation and consistent branding. Security posture is solid with HTTPS enforcement and domain protection, though some improvements in security headers and incident response transparency are recommended. Privacy compliance is good, with a comprehensive privacy policy and GDPR adherence, but lacks a visible cookie consent mechanism. Overall, Pix presents a trustworthy, well-maintained digital platform with strong business credibility and public trust.

G

gibb Berufsschule Bern

gibb.ch

72

The gibb Berufsschule Bern is the largest vocational school in Switzerland, offering over 60 professions and diverse further education programs. The website reflects a professional educational institution targeting students and apprentices seeking vocational training and general education. The technical infrastructure is modern, leveraging Vue.js, Nuxt.js, Tailwind CSS, and Swiper.js, with analytics provided by Fathom Analytics, indicating a focus on privacy-conscious minimal tracking. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned but would benefit from enhanced privacy and security disclosures.

G

GitLab Inc.

gitlab.com

70

GitLab Inc. operates a leading AI-powered DevSecOps platform that integrates planning, development, security, and operations into a single application. The company targets developers, DevOps, and security teams, offering a comprehensive SaaS solution that accelerates secure software delivery. Positioned as a market leader, GitLab emphasizes collaboration and automation to enhance software development efficiency. The website reflects a mature enterprise with consistent branding and high-quality content, reinforcing its strong market presence. Technically, the site employs modern JavaScript frameworks such as Vue.js and Nuxt.js, alongside industry-standard marketing and analytics tools including Google Tag Manager, Optimizely, and Marketo. The platform demonstrates excellent performance, mobile optimization, and good accessibility, indicating a high level of digital maturity and user experience focus. From a security perspective, GitLab maintains robust practices including HTTPS enforcement, comprehensive security headers, and a transparent incident response program. Certifications like ISO 27001 and SOC 2 Type II further attest to their commitment to security and compliance. The presence of detailed privacy and cookie policies with consent mechanisms highlights strong privacy compliance aligned with GDPR requirements. Overall, GitLab's website and domain exhibit high trustworthiness and professionalism, with no indications of vulnerabilities or suspicious activity. The WHOIS data for the subdomain is unavailable, which is typical and expected for subdomains. The site is fully accessible without WAF or blocking mechanisms, enabling thorough analysis.

T

Tirdzniecības centrs SPICE

spice.lv

68

Tirdzniecības centrs SPICE is a prominent retail shopping center in Latvia, offering over 200 fashion and lifestyle stores including well-known international brands. The website reflects a professional retail business with a clear market position targeting general consumers interested in fashion and lifestyle products. The business model focuses on providing a comprehensive shopping experience with a wide variety of stores and services. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with good mobile optimization and performance. Security posture is solid with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are not publicly available. Privacy compliance is strong with comprehensive privacy and cookie policies and active consent mechanisms. Overall, the website and business demonstrate legitimacy and professionalism with no critical security or content safety concerns.

C

Crisp

crisp.chat

68

Crisp is a French technology company offering an AI-powered multichannel messaging platform designed to enhance customer support and engagement for businesses. Positioned as a leading SaaS provider in the customer support technology space, Crisp delivers a comprehensive suite of tools enabling instant connection between businesses and their customers or leads. The platform supports rapid growth through conversational AI and integrations, targeting businesses seeking advanced customer communication solutions. Technically, the website is built on modern web technologies including Nuxt.js and JavaScript, with strong SEO and accessibility features. The site is mobile-optimized and performs well, reflecting a mature digital infrastructure. Structured data and metadata are well implemented, supporting discoverability and user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating good baseline security hygiene. However, explicit security policies, incident response details, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. No vulnerabilities or suspicious elements were detected in the site content or linked resources. Overall, Crisp demonstrates a strong business and technical foundation with high trustworthiness and professional presentation. Strategic enhancements in transparency around security policies and incident response would further strengthen its security posture and compliance profile.

M

Media One Contact SA

mediaone.ch

50

Media One Contact SA is a Swiss media company specializing in tailored advertising solutions across radio, TV, digital platforms, production, and events, primarily serving the Suisse Romande region. The company operates multiple radio stations and TV channels, positioning itself as a regional leader in local advertising. The website reflects a professional and consistent brand image with good content quality and user experience, targeting advertisers and businesses seeking local media exposure. Technically, the website is built on modern frameworks such as Nuxt.js and Tailwind CSS, with integration of Google Tag Manager and cookie consent management via Axeptio. The site is mobile-optimized and uses HTTPS, ensuring secure connections. However, some security best practices like security headers and explicit privacy and cookie policies are missing or not easily discoverable. From a security perspective, the site benefits from HTTPS and modern tech stack usage but lacks visible security policies, incident response contacts, and vulnerability disclosures. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business claims, indicating legitimacy and consistency. Overall, the website presents a moderate to good security posture and digital maturity but should improve privacy compliance and transparency to enhance trust and regulatory adherence.

S

Skyguide S.A.

skyguide.ch

57

Skyguide S.A. is the leading Swiss air navigation service provider, offering comprehensive air traffic control and related services across Switzerland and delegated airspaces. The company maintains a strong market position with key services including flight information, aeronautical information management, drone flight coordination, and commercial aviation services. The website reflects a professional and well-structured digital presence, targeting aviation professionals, industry stakeholders, and job seekers. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, integrates multiple analytics and marketing tools with user consent, and is optimized for mobile and accessibility. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, supporting Skyguide's reputation as a reliable aviation service entity.

D

Dept (formerly Hinderling Volkart)

hinderlingvolkart.com

67

The website represents the rebranding of Hinderling Volkart as part of the global digital agency Dept. It positions itself as a leading full-service digital agency in Switzerland with a broad range of services from strategy to experience design. The site is professionally designed with modern technologies such as Vue.js and Nuxt.js, and integrates analytics and marketing tools like Google Analytics and Google Tag Manager. Security posture is good with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and explicit privacy and terms policies. The missing WHOIS data is a concern but the website's professional appearance and parent company affiliation mitigate trust issues. Overall, the site is a credible digital agency landing page with room for improvement in compliance transparency and security hardening.

ArcInfo is a regional news media organization providing comprehensive news coverage for the cantons of Neuchâtel and Jura in Switzerland, along with national and international news. The website targets a general audience interested in regional developments and broader news topics. It holds a strong market position as a trusted regional news source with a consistent brand presence and active social media engagement. Technically, the website is built on modern JavaScript frameworks, specifically Nuxt.js, and integrates Google Tag Manager for analytics and marketing purposes. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO practices are adequately implemented through meta tags and structured data. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating awareness of privacy regulations. However, it lacks visible security headers, a published security policy, or incident response contacts, which are areas for improvement. No vulnerabilities or suspicious activities were detected in the provided content. Overall, ArcInfo presents a professional and trustworthy online presence with room to enhance privacy compliance and security posture. Strategic improvements in these areas would further solidify its credibility and user trust.

Garaventa, a brand under the Doppelmayr Group, is a well-established manufacturer of cable cars and international transport solutions with over 100 years of experience and approximately 380 employees. The website presents professional content focused on their transport solutions business, targeting organizations and businesses worldwide. The technical infrastructure leverages modern web technologies including Nuxt.js, Google Tag Manager, and various analytics and marketing tools, indicating a mature digital presence. Security posture is solid with HTTPS and Content-Security-Policy headers implemented, though additional security headers and incident response information are lacking. Privacy compliance is minimal with no explicit privacy or cookie policies detected in the provided content. The absence of WHOIS data reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is professional and functional but could improve in privacy compliance and security transparency.

N

Nuxt

nuxtjs.org

58

Nuxt is an established open source progressive web framework designed to simplify full-stack development with Vue.js. It holds a strong market position within the web development community, supported by a large GitHub presence and modern technology stack. The website demonstrates excellent design quality, mobile optimization, and user experience, reflecting a mature and professional digital infrastructure. Security posture is good with HTTPS enforced and domain registration consistent with best practices, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is limited due to absence of privacy and cookie policies. Overall, the site is trustworthy and well-positioned in the technology sector.

S

Schweizerische Konferenz der kantonalen Erziehungsdirektoren EDK

edk.ch

58

The website www.edk.ch represents the Schweizerische Konferenz der kantonalen Erziehungsdirektoren (EDK), a Swiss governmental body responsible for national coordination in education and cultural policy. The site provides comprehensive information about the Swiss education system, policy updates, and resources for educators and the public. It holds a strong market position as the authoritative source for education coordination in Switzerland, targeting education professionals, policymakers, and citizens interested in education matters. The business model is non-profit and government-funded, focusing on policy coordination and information dissemination. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, styled with Tailwind CSS, and integrates Vimeo for video content and Matomo for analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Hosting appears to be Swiss-based, enhancing trust and compliance with local regulations. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, it lacks a visible cookie consent mechanism and dedicated security or incident response policies, which are areas for improvement to enhance GDPR compliance and user trust. No vulnerabilities or suspicious activities were detected. Overall, the website is professional, trustworthy, and well-maintained, with minor gaps in privacy compliance and security transparency. Strategic recommendations include implementing a cookie consent banner, publishing security policies, and adding vulnerability disclosure information to strengthen the security posture and regulatory adherence.

I

Innosuisse

innosuisse.ch

75

Innosuisse is the Swiss Innovation Agency dedicated to supporting science-based innovation for the benefit of the economy and society. As a government-backed entity, it provides funding, coaching, and networking services primarily targeting startups, SMEs, and research institutions in Switzerland. The website reflects a professional and consistent brand image aligned with its government affiliation. Technically, the site employs modern frontend technologies such as Nuxt.js and Tailwind CSS, offering good mobile responsiveness and user experience. However, the site lacks visible privacy and cookie policies, security headers, and incident response information, which are important for compliance and security transparency. The domain is a legitimate Swiss government domain with consistent WHOIS data, indicating high trustworthiness. Overall, the site is credible and functional but could improve its security posture and privacy compliance to enhance user trust and regulatory adherence.

B

Bergpunkt

bergpunkt.ch

66

Bergpunkt is a Swiss-based company specializing in mountain sports education and guided tours, including mountaineering, climbing, ski touring, and snowshoeing. The website presents a professional and well-structured digital presence targeting outdoor enthusiasts interested in mountain activities. The technical infrastructure leverages modern web technologies such as Vue.js and Nuxt.js, with integrations for maps (Leaflet), rich text editing (TinyMCE), and anti-bot protection (Google reCAPTCHA). While the site is well-designed and mobile-optimized, it lacks some critical compliance elements such as a privacy policy and terms of service pages. Security posture is generally good with HTTPS and reCAPTCHA, but the absence of security headers and incident response information indicates room for improvement. Overall, the website is legitimate and trustworthy but would benefit from enhanced compliance and security transparency.

S

Swiss Healthcare Startups

swisshealthcarestartups.com

64

Swiss Healthcare Startups is a prominent networking organization dedicated to fostering collaboration within the Swiss healthcare ecosystem. It connects startups with investors, healthcare providers, and industry partners through events, a digital directory (SHS Cortex), and targeted networking. The organization is well-positioned as a leading entity in Swiss healthcare innovation and startup support. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with a responsive design and moderate performance. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the website is professional and trustworthy, though improvements in privacy and security documentation are recommended.

K

kv pro

kvpro.ch

63

kv pro is a Swiss-based educational institution specializing in part-time professional continuing education and training programs. The website positions the company as a reputable provider of career advancement opportunities through various courses, seminars, and personalized consultation services. Their market presence is supported by partnerships with regional educational organizations and a consistent brand identity. Technically, the website employs modern frameworks such as Nuxt.js and Vue.js, integrates analytics and live chat tools, and maintains a good performance and mobile optimization level. Security-wise, the site enforces HTTPS, uses standard security headers, and avoids exposing sensitive data, reflecting a mature security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates a high level of professionalism and trustworthiness, suitable for its target audience of professionals seeking career development.

A

Archiui

archiui.com

69

Archiui is a specialized software platform focused on the digitalization, cataloging, management, and valorization of historical and cultural archives for institutions, companies, and public entities primarily in Italy. The platform offers modular, customizable solutions with integrated services including digital preservation, online publication, and advanced search capabilities. It is supported by Promemoria Group, a recognized partner in cultural heritage digital services. The website demonstrates a mature digital presence with modern technologies such as Nuxt.js and Vue.js, and strong SEO and accessibility features. Security posture is solid with HTTPS and security headers, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, but the professional content and association with Promemoria mitigate immediate trust issues. Overall, Archiui presents as a credible and professional service provider in the archival technology sector.

D

Danesco Trading Ltd.

multirates.org

50

MultiRates is an online platform specializing in monitoring currency exchangers to provide users with the best exchange rates from various exchange points. The service primarily targets Russian-speaking users interested in electronic money and cryptocurrency exchanges. The platform leverages modern web technologies such as Nuxt.js and integrates analytics tools like Yandex Metrika and Google Analytics to track user interactions and improve service quality. The website is professionally designed with good navigation and mobile optimization, offering a positive user experience. Security measures include HTTPS enforcement and domain registration protections, although there is room for improvement in DNS security and security headers. Privacy and cookie policies are absent, which may impact compliance and user trust. Overall, the website presents a moderate risk profile with a solid foundation but requires enhancements in privacy compliance and security best practices.

A

Allchange

allchange.org

64

Allchange.org is a Russian-language online platform specializing in monitoring currency exchangers, including cryptocurrency and fiat currency exchange services. The website provides users with up-to-date exchange rates, user reviews, and ratings for over 400 exchangers, positioning itself as a niche leader in the currency exchange monitoring market. Founded in 2019, the platform targets users seeking reliable and current information on currency exchange services. Technically, the website is built using modern JavaScript frameworks such as Vue.js and Nuxt.js, hosted with Cloudflare DNS services, and demonstrates moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and some advanced security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Contact information is limited to contact forms and a Telegram support link, with no explicit company emails or phone numbers published. Overall, the website is professional and trustworthy within its niche but could improve in privacy compliance and security practices.

H

HWZ Hochschule für Wirtschaft Zürich

fh-hwz.ch

50

HWZ Hochschule für Wirtschaft Zürich is a well-established higher education institution based in Zurich, Switzerland, specializing in business and economics education. The website presents a professional image with a clear focus on educational offerings, practical experience, and networking opportunities. The target audience primarily includes students and professionals seeking business education. The institution maintains a solid market position within the Swiss education sector, supported by a consistent brand presence and comprehensive content.

M

Metka

metka.cc

68

Metka is a Russian-based online service specializing in electronic currency and cryptocurrency wallet top-ups. The platform supports over 50 types of cryptocurrencies and multiple fiat currencies, offering users a convenient and secure way to fund their wallets around the clock. The website is built using modern frontend technologies such as Vue.js and Nuxt.js, with integrated analytics via Yandex Metrika and customer support through JivoSite chat. The business targets crypto users and investors seeking reliable exchange and wallet funding services. Security measures include HTTPS enforcement and standard security headers, though explicit incident response and vulnerability disclosure policies are absent. Privacy and cookie policies exist but are basic in scope. Overall, the site presents a professional and trustworthy front for a small finance-focused business.

iEXExchanger FZCO offers a professional and comprehensive software solution for launching automated cryptocurrency and electronic currency exchange platforms. The company positions itself as a trusted provider with over 300 active exchange services using its platform, targeting businesses and operators in the cryptocurrency exchange market. Their offerings include premium licenses, Telegram-based exchange bots, and additional services such as company registration and SEO support. Technically, the website is built on modern frameworks including Vue.js, Nuxt.js, and Laravel, with Cloudflare DNS and a focus on performance and mobile optimization. Security is a key focus, with multiple layers of protection including 2FA, CAPTCHA, and protections against common web vulnerabilities. However, the site lacks explicit privacy and cookie policies, and incident response information is not publicly available. Overall, the platform demonstrates a mature security posture and a professional digital presence, though improvements in privacy compliance and transparency are recommended.

H

hep Verlag

hep-verlag.ch

66

hep Verlag is a Swiss-based educational publishing company specializing in academic and professional training materials. The website presents a professional and modern design, targeting students and educators primarily within Switzerland. The business operates in the education sector with a medium-sized market presence. Technically, the site uses modern JavaScript frameworks such as Vue.js and Nuxt.js, along with Google Tag Manager for analytics and Adobe Typekit for fonts, indicating a contemporary digital infrastructure. However, there is a lack of visible privacy and cookie policies, and no explicit contact information was found in the provided HTML content. Security posture appears minimal with no detected security headers or incident response policies. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices.

B

Fast Cryptocurrency Exchange at www.btcchange24.com - BTCChange24

btcchange24.com

60

BTCChange24 is a cryptocurrency exchange platform offering instant and secure trading services for Bitcoin, Ethereum, and other cryptocurrencies. The website presents a professional and modern interface built with Nuxt.js and Vue.js technologies, targeting cryptocurrency traders and users seeking competitive exchange rates. However, the absence of WHOIS registration data and lack of visible privacy, cookie, or terms of service policies raise concerns about transparency and regulatory compliance. The technical infrastructure is modern but lacks visible security headers and explicit security policies, which could expose the platform to potential risks. Overall, while the platform appears functional and user-friendly, the lack of critical business and security information suggests a moderate risk profile requiring further due diligence.

M

Mokveza LTD

1xbet.com

52

1XBET Finland is an established online gambling and betting platform offering a wide range of services including sports betting, live betting, casino games, and other gaming options. The website targets adult users interested in online betting, providing localized content and multiple language support. The business operates under Mokveza LTD, a Cyprus-registered company, which is common in the gambling industry for regulatory and operational reasons. The domain has been active since 2018, indicating a mature presence in the market. Technically, the website employs modern JavaScript frameworks such as Vue.js and Nuxt.js, leveraging CDN services for content delivery and performance optimization. The site is mobile-optimized and demonstrates good SEO practices. Security measures include HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not prominently available. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is indicated by the presence of privacy and cookie policies, though contact information for privacy or security concerns is limited. The site is not blocked by WAF or security challenges, allowing full content access for users. Overall, the platform presents a moderate to high trust level for users seeking online betting services, with recommendations to enhance transparency around security and privacy contacts to further improve trust and compliance.

O

Obmify

obmify.com

56

Obmify is a small UK-based fintech startup specializing in cryptocurrency exchange services targeted primarily at Ukrainian users. The platform aggregates and verifies crypto exchange services, offering users a trusted environment to buy and sell cryptocurrencies with local currency support. The website is built on modern technologies such as Vue.js and Nuxt.js, providing a responsive and user-friendly experience. While the technical infrastructure is solid and the site is well-optimized for SEO and mobile use, there is a lack of explicit privacy, cookie, and terms of service policies, which impacts compliance and trust. Security posture is good with HTTPS and domain transfer protections, but DNSSEC is not enabled and no vulnerability disclosure policy is published. Contact information is available via structured data, and the company maintains an active social media presence. Overall, Obmify presents as a legitimate and professional service with room for improvement in privacy and security transparency.

J

JAMS (powered by MDPI)

jams.pub

65

JAMS is a specialized journal management system designed to streamline academic publishing workflows for societies and SME publishers. Powered by MDPI, a recognized leader in open-access publishing, JAMS offers a comprehensive platform including submission handling, production services, website hosting, billing infrastructure, and editorial support. The platform integrates with trusted academic tools such as iThenticate, ORCID, and Crossref, enhancing its credibility and utility in the scholarly publishing ecosystem. Technically, the website is built on modern frameworks like Nuxt.js and Tailwind CSS, ensuring a responsive and performant user experience. Security measures include HTTPS enforcement and bot protection via Cloudflare Turnstile, complemented by a privacy consent mechanism through Usercentrics. However, the absence of explicit privacy and terms of service pages, as well as public contact information, slightly detracts from full transparency. Overall, JAMS presents a professional, secure, and trustworthy platform for academic publishers seeking efficient journal management solutions.

ShareInvestor Thailand is a specialized service provider offering investor relations and tailored web design services primarily targeted at corporate clients and investors in Thailand. The website presents a professional but basic digital presence focused on promoting their IR services, annual reports, and web design expertise. Technically, the site leverages modern JavaScript frameworks such as Nuxt.js and Vue.js, integrates cloud storage via AWS S3, and employs Google Analytics and Tag Manager for analytics and tracking. Security measures include HTTPS enforcement and a strict Content Security Policy, along with reCAPTCHA v3 for bot mitigation. However, the absence of explicit privacy, cookie, and terms of service policies, as well as missing contact information, limits the site's compliance and trustworthiness. The WHOIS data is unavailable, which raises concerns about domain registration transparency and legitimacy. Overall, the site is functional and moderately secure but requires improvements in privacy compliance and business transparency to enhance trust and regulatory adherence.

P

Pilulka.sk - Lekáreň pre vaše zdravie a krásu!

pilulka.sk

54

Pilulka.sk operates as a leading online pharmacy and health product retailer in Slovakia, offering a wide range of products including medicines, supplements, cosmetics, and home care items. The company positions itself as a modern pharmacy with extensive physical pickup points, targeting general consumers seeking health and wellness products. The website demonstrates a mature digital infrastructure using modern frameworks like Nuxt.js and Vue.js, with PWA capabilities and multimedia content to enhance user engagement. Security posture is solid with HTTPS and no visible sensitive data exposure, though it lacks some advanced security headers and explicit privacy and cookie policies, indicating room for compliance improvements. Overall, the site is professional, trustworthy, and well-optimized for performance and user experience.

S

SWAPSPACE LLC

swapspace.co

76

SwapSpace operates as a crypto exchange aggregator, providing users with access to offers from over 43 services for cross-chain swaps involving Bitcoin, Ethereum, Metaverse coins, and more than 3500 altcoins. The company positions itself as a time- and cost-saving platform that ranks exchange offers without charging extra fees, targeting cryptocurrency traders and enthusiasts globally. Founded in 2019 and registered in the US, SwapSpace has established a medium-sized presence with a strong brand and user trust, evidenced by a high aggregate rating and active social media channels. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, ensuring a responsive and performant user experience across web and mobile platforms. Hosting and DNS services are managed via reputable providers including Cloudflare and GoDaddy, with analytics and user behavior tracking implemented through Google Analytics, Hotjar, and Visual Website Optimizer. The site demonstrates good SEO and accessibility practices, contributing to its professional digital maturity. From a security perspective, SwapSpace enforces HTTPS and employs several security headers, although DNSSEC is not enabled, representing an area for improvement. The domain registration uses privacy protection, which is justified given the nature of the crypto industry. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and include consent mechanisms, aligning with GDPR compliance requirements. Overall, SwapSpace presents a secure, trustworthy, and professionally managed platform with a solid business model and technical foundation. Strategic recommendations include enabling DNSSEC, publishing explicit security and incident response policies, and maintaining vigilance on third-party script security to further enhance trust and compliance.

B

Bojangles OpCo, LLC

bojangles.com

71

Bojangles OpCo, LLC operates a well-established quick service restaurant chain specializing in Southern-style fried chicken and biscuits. The company offers multiple service channels including dine-in, drive-thru, delivery, online ordering, catering, and merchandise sales. The website reflects a mature digital presence with modern technologies such as Nuxt.js and Vue.js, integrated marketing and analytics tools, and mobile app support. Security posture is strong with HTTPS enforcement and comprehensive security headers, though there is room for improvement in publishing explicit security policies and incident response contacts. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Overall, the website projects a professional and trustworthy image consistent with a large retail and hospitality business.

P

Pharma Manufacturing

pharmamanufacturing.com

61

Pharma Manufacturing is a specialized media platform providing news, analysis, and resources focused on pharmaceutical manufacturing, drug development, and biomanufacturing. It serves industry professionals by delivering timely content including webinars, podcasts, ebooks, and a magazine. The website demonstrates a modern technical infrastructure built on Vue.js and Nuxt.js frameworks, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are absent. The domain WHOIS data is missing, raising concerns about domain registration legitimacy. Overall, the site is professional and trustworthy in content but would benefit from improved transparency in security and contact information.

S

State Government of Victoria

vic.gov.au

75

The website www.vic.gov.au serves as the official digital portal for the State Government of Victoria, Australia. It provides comprehensive access to government services, grants, programs, and information across multiple sectors including education, health, transport, and community services. The site targets residents, businesses, and stakeholders within Victoria, positioning itself as a central hub for government-related information and citizen engagement. The business model is public service-oriented, focusing on information dissemination and service facilitation without commercial intent. Technically, the site leverages modern web technologies such as Nuxt.js and Vue.js, ensuring a responsive and accessible user experience. The presence of Google Tag Manager and Microsoft Clarity indicates moderate user tracking for analytics purposes. Hosting details are not explicitly stated, but DNS is managed via Constellix, and the site enforces HTTPS with strong domain registration protections. Performance is moderate with good mobile optimization and SEO practices. From a security perspective, the site demonstrates a solid posture with HTTPS enforcement and domain locking status codes that prevent unauthorized domain changes. However, DNSSEC is not enabled, and there is a lack of publicly available security policies or incident response contacts. Privacy compliance is partial; while a comprehensive privacy policy exists, there is no visible cookie consent mechanism, which could be improved to align with GDPR and other privacy regulations. Overall, the site is trustworthy and professional, reflecting the stature of a government entity. Recommendations include enabling DNSSEC, implementing a cookie consent banner, and publishing explicit security and incident response policies to enhance transparency and compliance. These improvements would further strengthen the site's security posture and user trust.

M

mschf

jesus.shoes

54

The website jesus.shoes is a niche retail e-commerce platform focused on selling a limited edition sneaker product called 'Jesus Shoes' by the brand MSCHF. The site markets the product as air bubble shoes filled with holy water, targeting sneaker enthusiasts and collectors interested in unique and artistic footwear. The business model revolves around limited product drops and building a subscriber base via phone number text lists for future releases. The site content is professionally designed with consistent branding and good user experience, optimized for mobile devices and leveraging modern web technologies such as Nuxt.js and Bulma CSS framework. Analytics tools like Google Analytics and Facebook Pixel are integrated for marketing and user tracking purposes. However, the site lacks publicly available privacy, cookie, and terms of service policies, as well as explicit contact information, which impacts privacy compliance and business credibility scores. Security posture is moderate with HTTPS enforced but missing security headers and vulnerability disclosure mechanisms. The domain WHOIS data is privacy protected, which is common for this type of small retail artistic project, and no suspicious patterns were detected. Overall, the site is functional and visually appealing but would benefit from improved compliance and security transparency.

M

MSCHF

mschf.xyz

57

MSCHF is a creative entity focused on producing culturally impactful projects and limited edition products that blend art, internet culture, and streetwear. The company positions itself as a cultural innovator competing with major corporations and media entities. Their business model revolves around creative projects, product drops, and cultural commentary, targeting a niche audience interested in internet culture and art. Technically, the website is built using modern frameworks such as Nuxt.js and TailwindCSS, with integrations for multiple analytics and advertising platforms. The site is mobile optimized and SEO friendly but lacks some accessibility features and explicit privacy and cookie policies. Security posture is moderate with HTTPS enabled and use of reCAPTCHA, but lacks DNSSEC and security headers. Overall, the domain registration is consistent and legitimate, supporting the business credibility. Recommendations include improving privacy compliance, adding security headers, and publishing security policies to enhance trust and security posture.

H

Hambly Freeman

hamblyfreeman.com

65

Hambly Freeman is a small, UK-based digital development studio specializing in bespoke, innovative, and visually appealing website creation for brands. Established in 2014, the company positions itself as a specialist in bespoke web development, targeting brands seeking custom digital solutions. The website demonstrates a modern technical infrastructure utilizing Vue.js, Nuxt.js, and Tailwind CSS, hosted with Cloudflare DNS and registered through NameCheap. The site is visually rich and mobile-optimized, providing a good user experience and clear navigation. However, it lacks explicit privacy, cookie, and terms of service policies, as well as visible contact information, which impacts privacy compliance and trustworthiness scores. Security posture is moderate with no detected security headers and DNSSEC not enabled, suggesting room for improvement in security best practices. Overall, the website is professional and credible but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

C

Collletttivo

collletttivo.it

46

Collletttivo is an open-source type foundry and a collaborative network promoting type design through mutual exchange. The website serves a niche audience of type designers and font enthusiasts, offering open source fonts, resources, and a journal with updates. The business model relies on community support and donations, reflecting a small but active organization. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though lacks published security policies and cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in privacy compliance and formal security disclosures.

N

Nik Bentel

nikbentel.com

58

Nik Bentel's website is a professionally designed creative portfolio showcasing artistic and design work. The site targets creative professionals and potential clients, serving primarily as a personal branding and portfolio platform. The business appears to be small and recently founded in 2022, with no complex corporate structure or subsidiaries. The website uses modern web technologies including Nuxt.js and Vue.js, hosted on Squarespace, providing a good user experience with mobile optimization and smooth animations. Security posture is adequate with HTTPS enabled and domain registrar protections, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Contact is limited to a subscription form without direct emails or phone numbers. Overall, the site is safe, trustworthy, and well-structured but would benefit from enhanced privacy and security disclosures.

D

Dispersion Capital

dispersion.xyz

63

Dispersion Capital is an early-stage venture capital firm specializing in decentralized infrastructure, aiming to pioneer a multi-chain, multi-currency, and multi-platform future. The company targets developers and startups building foundational blockchain technologies and decentralized applications. Their business model focuses on providing capital and strategic support to early-stage projects in the web3 ecosystem. The website presents a professional and consistent brand image with clear messaging and testimonials from founders of portfolio companies, reinforcing their market position as a trusted investor in the decentralized infrastructure space. Technically, the website is built using modern JavaScript frameworks (Nuxt.js) and leverages Cloudflare for DNS services, indicating a contemporary and scalable infrastructure. The site is moderately performant, mobile-optimized, and includes SEO best practices such as meta tags and Open Graph data. Analytics are implemented via Google Tag Manager, enabling user behavior tracking. From a security perspective, the website uses HTTPS with a good SSL configuration and basic security headers. However, DNSSEC is not enabled, and there is a lack of detailed security policies or incident response information publicly available. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with a privacy policy and terms of service present but lacking explicit GDPR compliance indicators or cookie consent mechanisms. Overall, Dispersion Capital's website reflects a credible and professional venture capital firm with a solid technical foundation and a good security posture. To enhance trust and compliance, the firm should consider implementing DNSSEC, expanding privacy and security policies, and adding cookie consent mechanisms.

P

Private by Design, LLC

everstake.one

76

Everstake is a prominent crypto staking service and validator platform serving over 735,000 users across more than 70 blockchain networks. Founded in 2018, it offers secure, automated, and non-custodial staking solutions with a strong emphasis on uptime and reliability. The company targets both retail and institutional clients, providing enterprise-grade node hosting and staking services. Technically, the website leverages modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare and Azure infrastructure, ensuring good performance and mobile optimization. The security posture is robust, with HTTPS, security headers, and multiple certifications including GDPR, SOC 2, ISO 27001, and CPRA compliance. However, the site lacks publicly accessible privacy policy and terms of service pages, and no explicit contact or incident response information is found. Overall, the website demonstrates a mature digital presence with extensive analytics and advertising integrations, balanced with strong security practices.

B

BITMAIN

bitmain.com

67

BITMAIN is a leading global manufacturer specializing in ASIC bitcoin mining hardware and blockchain-related solutions. The company targets both consumer and enterprise markets, offering a range of products designed for cryptocurrency mining and AI applications. Their market position is strong, supported by a comprehensive product catalog and global presence with offices in China, Hong Kong, Singapore, and the USA. The website reflects a mature digital infrastructure using modern JavaScript frameworks and analytics tools, indicating a good level of digital maturity. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal privacy or cookie policies, which are important for compliance and trust. The absence of WHOIS data reduces transparency and slightly impacts trustworthiness, though the business presence and content quality mitigate this concern. Overall, the security posture is solid but could be improved with enhanced compliance documentation and security best practices. The website is professionally designed with good content relevance and user experience, targeting a general audience interested in cryptocurrency mining hardware. No adult or questionable content is present, ensuring content safety. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing incident response and vulnerability disclosure information to enhance trust and compliance.

K

Kaiko

kaiko.com

74

Kaiko is a leading provider of cryptocurrency market data, analytics, and indices, targeting institutional investors, financial institutions, and regulators. The company offers institutional-grade, regulatory-compliant solutions that position it as a key player in the crypto data industry. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as Nuxt.js and HubSpot for marketing and analytics. Security posture is strong with HTTPS enforcement and appropriate security headers, though some security policy documentation could be improved. Overall, Kaiko demonstrates a mature and trustworthy online presence suitable for its target audience.

D

Domains By Proxy, LLC

apillon.io

65

Apillon.io is a technology startup platform focused on enabling faster launch and scalable development of Web3 applications by combining Web3 technologies with Web2 logic. The platform targets developers and businesses interested in blockchain and decentralized app development, offering embedded wallet solutions and blockchain integration services. The website is built using modern web technologies including Nuxt.js and Tailwind CSS, hosted on AWS infrastructure, and integrates MailerLite for marketing automation. The site is accessible with no blocking or WAF challenges, but lacks key compliance pages such as privacy policy, cookie policy, and terms of service. No contact information or security policies are published, which limits transparency and user trust. The domain is relatively new, registered in 2022 with privacy protection, which is common for startups but reduces registrant visibility. Security posture is moderate with HTTPS enforced and domain locks, but missing security headers and DNSSEC. Overall, the website is functional and professional but would benefit from improved compliance documentation and security best practices.