Security Directory

J

Just a moment...

laravel-news.com

30

The website laravel-news.com is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) challenge page that blocks direct access to the actual content. As a result, no business-related content, metadata, or contact information is available for analysis. The site appears to be protected by Cloudflare, but lacks a valid SSL/TLS certificate and proper HTTPS configuration, which is a critical security issue. The minimal HTML content indicates a security checkpoint rather than a functional website page. From a technical perspective, the site is hosted behind Cloudflare, which provides DNS and security services. However, the absence of a valid SSL certificate and modern TLS protocols severely impacts the security posture. Security headers are present but cannot compensate for the lack of HTTPS. Performance and SEO cannot be assessed due to the blocked content. Security-wise, the site shows strong indications of protection via Cloudflare's challenge mechanism, but the lack of HTTPS and SSL certificate compliance is a major vulnerability. No privacy, cookie, or terms of service policies are detectable, indicating poor privacy compliance. No contact or incident response information is available. Overall, the site is currently not analyzable beyond its security challenge layer, resulting in a low AI score and a recommendation to resolve SSL issues and allow content access for a full evaluation.

L

LaraJobs

larajobs.com

59

LaraJobs is a specialized job board dedicated to Laravel developers and related technology professionals. It serves as a platform for job listings, consultant listings, and industry articles, targeting Laravel developers and employers seeking talent in this niche. The website positions itself as a trusted resource within the Laravel community, supported by testimonials and endorsements from notable companies. Technically, the site employs modern web technologies including Laravel, VueJS, Livewire, and TailwindCSS, and is hosted behind Cloudflare DNS services. However, the SSL certificate is invalid or missing, resulting in no HTTPS support, which is a significant security concern. The site lacks privacy and cookie policies, which impacts its compliance posture. Advertising and analytics tools such as Google Ads and Google Tag Manager are used, indicating moderate user tracking. Overall, the site offers good content quality and user experience but requires urgent improvements in security and privacy compliance to enhance trust and protect users.

L

Laracasts

laracasts.com

58

Laracasts is a well-established online education platform specializing in Laravel and PHP programming courses. It offers a wide range of video tutorials, interactive coding challenges, and community engagement features, targeting developers seeking to improve their skills in web development. The platform operates on a subscription model with multiple plans including individual, team, and lifetime access. Technically, Laracasts uses modern web technologies such as Laravel, Vue.js, and Inertia.js, hosted on DigitalOcean with Cloudflare DNS services. However, the site currently lacks a valid SSL certificate, which impacts its security posture negatively. While SPF and DMARC records are configured, the absence of HTTPS and security headers reduces overall security. Privacy compliance is partially addressed with a privacy policy and terms of service, but no cookie consent mechanism is detected. Overall, Laracasts presents a professional and trustworthy educational service but should improve its security infrastructure to enhance user trust and compliance.

G

glatec

glatec.ch

56

glatec is a non-profit business incubator based in Zurich-Dubendorf, Switzerland, supporting startups and collaborative research in materials science, environmental science, and technology. It operates in partnership with prominent research institutions such as Empa and Eawag, providing infrastructure and professional support to new companies. The website is built on the Liferay CMS platform with React and Alloy UI technologies, featuring a comprehensive navigation structure and multilingual support. However, the site suffers from a lack of a valid SSL certificate, impacting its security posture. Cookie consent mechanisms are implemented, but no explicit privacy policy or terms of service were found in the scanned content. Contact information including phone numbers and physical addresses for multiple Swiss locations is clearly provided, alongside active social media channels.

S

Switzerland Innovation Park Ost

startfeld.ch

40

Switzerland Innovation Park Ost operates a comprehensive startup support platform focused on the Eastern Switzerland region, providing services such as consulting, financing, infrastructure, and networking to ambitious startup founders. The organization holds a strong market position, recognized as the 3rd ranked startup hub in Switzerland within Europe’s Leading Start-Up Hubs 2024. The website is built on a modern WordPress stack with Elementor and WooCommerce, integrating advanced front-end libraries and marketing tools like Google Tag Manager and CleverReach for newsletters. However, the security posture is weak due to the absence of a valid SSL certificate and HTTPS support, exposing the site to potential risks and undermining user trust. Privacy and cookie policies are present and GDPR compliant, with clear contact information and social media presence enhancing business credibility.

F

Free

etre-free.fr

40

Free is a major French telecommunications company with a strong focus on innovation, customer service, and a diverse range of career opportunities. The website serves as a recruitment and corporate culture portal, targeting job seekers interested in various telecom-related professions. The site is well-branded and consistent with its parent company iliad, providing clear navigation and relevant content about the company's values and mission. Technically, the site uses modern web technologies such as React and Next.js, with multimedia content including videos and animations to engage visitors. However, performance is hindered by a large page size and slow load times. Security posture is weakened by the absence of a valid SSL certificate, lack of DNSSEC and DMARC, and missing advanced TLS features, which exposes the site to potential risks and reduces user trust. Privacy compliance is partially addressed with a privacy policy present, but no cookie consent mechanism is detected. Overall, the site is professional and credible but requires urgent improvements in security and privacy practices to enhance trust and compliance.

G

Groupe iliad

iliad.fr

40

Groupe iliad is a major telecommunications and technology group based in France, operating multiple subsidiaries that provide internet, mobile, and cloud services across Europe. The website reflects a professional and consistent brand presence targeting a broad audience including consumers, investors, and media. The technical infrastructure leverages modern frontend technologies such as React and Material-UI, but suffers from slow load times and lacks a valid SSL certificate, resulting in insecure HTTP connections. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. However, the absence of HTTPS and modern TLS protocols significantly weakens the security posture. Overall, the site is functional and professional but requires urgent security improvements to protect user data and enhance trust.

G

Golem

golem.ai

64

Golem.ai is a French technology company specializing in AI-powered semantic analysis and automation solutions for business communication and document processing. Positioned as a trusted AI provider, it offers products like InboxCare and the Golem.ai Core platform, targeting industries such as insurance, retail, transport, defense, tourism, and customer relations. The company is recognized by Gartner and integrated into the French tech ecosystem, emphasizing explainability, sovereignty, and energy-efficient AI. Technically, the website is built on WordPress with Elementor, hosted on Scaleway, and uses modern web technologies with good performance and mobile optimization. Security posture is solid with HTTPS, DMARC, and SPF configured, though improvements in security headers and DNS security are recommended. Privacy compliance is strong with clear policies and consent mechanisms. Overall, Golem.ai presents a professional, trustworthy, and well-structured digital presence with strong business credibility and technical maturity.

L

LittleBig Connection

littlebigconnection.com

68

LittleBig Connection is a technology-focused collaborative platform that connects large companies with freelancers and consulting firms specializing in technology and engineering. It operates a global marketplace and management platform with a presence in 50 countries and a community of 500,000 experts. The company is part of the Mantu group and emphasizes long-term, high-impact projects. Technically, the website is built on WordPress with modern JavaScript libraries and animation frameworks, delivering a good user experience and mobile optimization. Security posture is strong with HTTPS, robust security headers, and certifications including ISO 27001 and ISO 9001. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. Overall, the site demonstrates a mature digital presence with good SEO, trust indicators, and extensive analytics usage.

J

Jamespot

jamespot.com

48

Jamespot is a French technology company specializing in SaaS collaborative digital workplace solutions, including enterprise social networks, intranet, and AI-powered collaboration tools. The company positions itself as a flexible and customizable provider with over 20 years of experience, targeting professional organizations seeking to enhance internal communication and teamwork. The website demonstrates strong business credibility with comprehensive content, customer testimonials, and recognized certifications such as ISO 27001 and RGAA 4.1 accessibility compliance. Technically, the site is built on WordPress with modern SEO and marketing tools, but suffers from slow performance and lacks a valid SSL certificate, which significantly impacts its security posture. Privacy compliance is well addressed with detailed cookie policies and consent mechanisms. Security practices include SPF and DMARC DNS records, but the absence of HTTPS and modern TLS protocols is a critical weakness. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration to enhance security and user trust.

A

Aternos

aternos.org

67

Aternos is a well-established provider of free Minecraft server hosting services, boasting a large user base exceeding 120 million users. The company offers personal Minecraft servers supporting both Java and Bedrock editions, with features such as mods, plugins, DDOS protection, automatic backups, and custom domains. Their business model is unique in that all services are free with no paid options, positioning them as a popular choice for Minecraft players seeking accessible multiplayer experiences. The website is professionally designed, multilingual, and provides clear navigation and extensive content about their offerings and team. Technically, the site leverages Cloudflare for DNS and CDN services, uses modern JavaScript libraries, and integrates Google Tag Manager for analytics. However, the absence of a valid SSL certificate and HTTPS support is a significant technical shortfall, impacting security and user trust. Performance is moderate, and mobile optimization is good, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and language alternates. From a security perspective, the site has strong DNS configurations including SPF and DMARC policies, reducing email spoofing risks. However, the lack of HTTPS, missing security headers, and no HSTS implementation are critical vulnerabilities that expose users to potential risks. No formal security policy, incident response contacts, or vulnerability disclosure mechanisms are evident, indicating room for improvement in security governance. Overall, Aternos presents a trustworthy and professional front for its free Minecraft server services but must urgently address its SSL/TLS deficiencies and enhance security best practices to protect its large user base and maintain compliance with privacy regulations.

A

Agentycs Limited

sentium-consulting.com

60

Agentycs Limited operates a sophisticated Agentic AI platform designed to empower enterprises with custom AI applications tailored to their unique data, processes, and goals. The company positions itself as a leading UK-based provider of AI solutions emphasizing flexibility, security, and scalability. Their platform supports deployment across cloud, hybrid, and on-premises environments, with a strong focus on zero-trust architecture and data governance. Technically, the website is built using modern frameworks such as Astro and integrates third-party services like Vimeo for video content and PostHog for analytics. The hosting and DNS are managed via Cloudflare, providing performance and security benefits. However, a critical security gap exists as the site lacks a valid SSL certificate and does not serve content over HTTPS, exposing users to potential risks. Security posture is bolstered by claims of ISO 27001 certification, enterprise-grade penetration testing, and strict data privacy practices including no retraining on customer data and full data ownership. Despite these strengths, the absence of HTTPS and modern TLS protocols significantly undermines the overall security stance. Overall, while the business demonstrates strong domain expertise and a professional digital presence, the lack of HTTPS is a critical vulnerability that must be addressed immediately to protect user data and maintain trust. Strategic recommendations include implementing SSL/TLS, enhancing security headers, and publishing formal vulnerability disclosure policies.

C

Cloud IAM

cloud-iam.com

71

Cloud IAM is a technology company specializing in managed identity and access management (IAM) solutions based on the open-source Keycloak platform. Founded in 2018 and based in France, the company offers a fully managed Keycloak SaaS and consulting services with a strong emphasis on security, reliability, and compliance, including ISO 27001 certification and a 99.95% SLA uptime guarantee. Their target audience includes developers and organizations seeking scalable, secure, and customizable IAM solutions without the complexity of self-hosting Keycloak. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content about their services and security posture. Technically, the site uses modern web technologies including Webflow CMS, HubSpot marketing and analytics tools, Matomo analytics, and Google reCAPTCHA for bot protection. The SSL configuration is good with TLS 1.3 support, though improvements such as enabling HSTS and DNSSEC could enhance security further. Privacy compliance is well addressed with a comprehensive privacy policy and strong email authentication records (SPF, DMARC). Overall, Cloud IAM presents a trustworthy and professional service with a solid security foundation and transparent business practices.

S

swissuniversities

swissuniversities.ch

63

swissuniversities.ch is the official website of swissuniversities, the umbrella organisation representing Swiss universities. It serves as a central platform to promote cooperation and coordination among Swiss higher education institutions, providing information on policies, scholarships, research, and international relations. The website targets academic institutions, students, researchers, and stakeholders in the Swiss education sector. Technically, the site is built on TYPO3 CMS and integrates modern tools such as Klaro for cookie consent and Matomo for analytics. However, the site currently lacks a valid SSL certificate, resulting in no HTTPS support, which is a significant security concern. The site is well-structured with good navigation, accessibility, and SEO, but performance is slow with a page load time exceeding 6 seconds. Security posture is weak due to missing HTTPS and limited security headers, though SPF and DMARC records are properly configured. Privacy compliance is good with clear privacy and cookie policies. Overall, the site is professional and trustworthy but requires urgent improvements in SSL/TLS configuration and performance optimization.

E

Empa - Swiss Federal Laboratories for Materials Science and Technology

empa.ch

69

Empa is a Swiss federal research institute specializing in materials science and technology, operating under the ETH Domain. The organization focuses on interdisciplinary research to address industrial and societal challenges, aiming to transform research into marketable innovations. The website reflects a mature digital presence with extensive content, multilingual support, and a professional design tailored to industry partners, researchers, and the public. Technically, the site is built on Liferay CMS with React and Alloy UI, integrating modern web technologies and analytics tools. Security posture is adequate with HTTPS and SPF/DMARC email protections, though improvements in HSTS, DNSSEC, and DMARC policy are recommended. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but no explicit privacy policy page was found. Overall, the site demonstrates a high level of professionalism and trustworthiness, suitable for a leading research institution.

E

Eawag

eawag.ch

63

Eawag is a leading water research institute within the ETH domain in Switzerland, focusing on sustainable water resource management, aquatic ecology, and environmental research. The website serves as a comprehensive portal for research, education, consulting, and public information, targeting researchers, policymakers, and the general public. Technically, the site is built on TYPO3 CMS and integrates modern web technologies and analytics tools, but suffers from slow load times and lacks a valid SSL certificate, impacting security and user trust. The security posture is basic with HSTS enabled but no valid TLS protocols or certificate, which is a critical issue. Privacy policies are present and GDPR compliant, though no explicit cookie consent mechanism is implemented. Overall, the site is professional and content-rich but requires urgent improvements in security and performance to enhance trust and compliance.

S

Swiss Federal Institute for Forest, Snow and Landscape Research WSL

wsl.ch

48

The Swiss Federal Institute for Forest, Snow and Landscape Research WSL is a prominent Swiss federal research institute focused on environmental sciences including forest, landscape, biodiversity, natural hazards, and snow and ice. It operates under the ETH Domain and serves a broad audience including researchers, forestry experts, policymakers, and the public. The website reflects a professional government research entity with comprehensive content and consistent branding. Technically, the site is built on TYPO3 CMS and uses Matomo for analytics, hosted likely by switch.ch. However, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical security deficiency. No privacy or cookie policies are explicitly found, and security headers are absent, indicating gaps in security best practices. Overall, the site is content-rich and trustworthy but requires urgent security improvements.

K

KnpUniversity

knpuniversity.com

59

KnpUniversity operates the SymfonyCasts website, a specialized online education platform focused on PHP and Symfony tutorial screencasts. The platform offers a subscription-based model with over 125 video tutorial courses and guided learning tracks, targeting developers seeking to enhance their skills in PHP and Symfony frameworks. The website is well-branded, professionally designed, and features rich content including testimonials and code downloads, positioning itself as a trusted resource in the developer education market. Technically, the website is hosted on SymfonyCloud and uses Cloudflare for DNS and nameservers. The tech stack includes modern JavaScript, CSS, and Symfony framework components. However, performance is slow with a high page load time, and accessibility is basic. SEO is adequately addressed with proper meta tags and Open Graph data. Mobile optimization is good, ensuring usability across devices. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. No modern TLS protocols or security headers are enabled, and there is no evidence of security best practices such as HSTS or OCSP stapling. Privacy compliance is partial, with a privacy policy and terms of service present but no cookie consent mechanism or GDPR compliance indicators. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the website presents a professional and content-rich platform but suffers from significant security shortcomings that could impact user trust and data protection. Strategic improvements in SSL/TLS implementation, security headers, and privacy compliance are recommended to enhance the security posture and regulatory adherence.

F

Free

free.org

59

Free is a major French telecommunications provider offering fiber internet, Wi-Fi 7 enabled Freebox devices, TV packages, and 5G mobile plans. The company holds a strong market position in France with a large retail presence and a comprehensive portfolio of internet and entertainment services. The website reflects a mature digital infrastructure built on modern web technologies such as Next.js and React, providing a rich user experience with detailed product information and customer reviews. However, the absence of a valid SSL certificate and HTTPS support is a critical security gap that undermines user trust and data protection. Security headers are partially implemented, but the lack of TLS protocols and HSTS reduces the overall security posture. Privacy and legal compliance are well addressed with dedicated pages and GDPR-aligned policies. Overall, the site is professional and trustworthy but requires urgent security improvements to meet modern standards.

S

Scaleway SAS

bookmyname.com

63

BookMyName is a domain registration and email service provider operating as a subsidiary of Scaleway SAS, itself part of the Iliad Group. The website targets individuals and businesses seeking domain management solutions, offering services such as domain registration, transfer, renewal, and Whois lookup. The company positions itself as a reliable and professional provider in the domain registration market, with clear service offerings and pricing. Technically, the website uses jQuery and Segment Analytics for tracking, hosted on Scaleway infrastructure. The site has moderate performance and good mobile optimization but lacks a valid SSL certificate, which significantly impacts security posture. Security practices include DNS SPF and DMARC records and a cookie consent mechanism, but critical gaps exist such as missing HTTPS, no security headers, and no DNSSEC. Privacy compliance is basic with a privacy policy and cookie banner present. Overall, the website is functional and professional but requires urgent security improvements to protect user data and enhance trust.

W

WEBKINDER AG

webkinder.ch

71

WEBKINDER AG is a Swiss digital agency specializing in web design, development, and online strategies, primarily serving clients in Luzern and Zürich. The company offers comprehensive services including WordPress and WooCommerce development, SEO, and custom web applications, positioning itself as a trusted partner for businesses and non-profit organizations seeking effective digital solutions. The website reflects a mature digital presence with professional design, clear navigation, and rich content including client references and insights. Technically, the website is built on WordPress with a modern tech stack including Gravity Forms, Yoast SEO, and WP Rocket for performance optimization. Hosting is managed via cyon.ch, and the site employs HTTPS with valid SSL certificates and SPF records for email security. The site is mobile-optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS, uses security headers like HSTS (though not fully enabled), and employs Google reCAPTCHA v3 on forms. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. Contact information is clearly presented, enhancing trust and credibility. Overall, WEBKINDER AG demonstrates a strong digital maturity and security posture suitable for its business model. Strategic improvements could include enabling full HSTS policies, OCSP stapling, and publishing a security.txt file to further enhance security transparency and resilience.

W

WP SYNTEX

polylang.pro

65

Polylang.pro is a technology-focused website offering a popular WordPress plugin that enables multilingual website creation. The company, WP SYNTEX, targets WordPress users and developers seeking to expand their sites' language capabilities. The business model centers on software sales via Easy Digital Downloads with integrated Stripe payment processing. The website is well-structured, professionally designed, and provides clear navigation and relevant content for its audience. Technically, the site is built on WordPress with common web technologies such as PHP and jQuery, and integrates third-party services for e-commerce and analytics. Performance is moderate with good mobile optimization and basic accessibility features. Security posture is weakened by the absence of a valid SSL certificate despite HSTS being enabled, and lack of advanced security headers or DNS security features. Privacy compliance is basic with a privacy policy and terms of sale present but no cookie consent mechanism or GDPR enforcement indicators. Overall, the site is functional and credible but would benefit from improved security and privacy practices.

P

Pipecat by Daily

pipecat.ai

61

Pipecat.ai is an open source framework focused on voice and multimodal conversational AI, supported by the Pipecat community and the Daily.co engineering team. The website serves primarily as an informational and resource hub with links to GitHub, documentation, and community Discord. The business model centers on open source software development and community engagement within the conversational AI technology sector. The site targets developers and organizations interested in building conversational AI solutions. Technically, the website uses modern JavaScript modules and CSS assets, likely hosted on Vercel infrastructure. Performance is moderate with a load time of approximately 3.5 seconds and a small number of resources. The site is mobile optimized and has good SEO metadata but lacks advanced accessibility features. No CMS or major frameworks are detected. From a security perspective, the site lacks a valid SSL certificate and does not serve content over HTTPS, which is a critical vulnerability. No security headers or advanced DNS security features such as DNSSEC or CAA records are configured. Email security is partially addressed with SPF but lacks DMARC. No privacy or cookie policies are present, and no contact information is provided, limiting trust and compliance posture. Overall, the site presents moderate business credibility and technical implementation but suffers from critical security and privacy compliance gaps. Strategic improvements in SSL deployment, security headers, and privacy policies are recommended to enhance trust and security posture.

O

Open Research Data Portal

open-research-data-portal.ch

40

The Open Research Data Portal is a collaborative platform dedicated to implementing Open Research Data (ORD) practices within the ETH Domain, encompassing prominent Swiss research institutions such as ETH Zurich, EPFL, Eawag, PSI, WSL, and Empa. The portal provides comprehensive information on ORD projects, services, and training resources, targeting researchers and academic institutions. Technically, the website is built on WordPress using Elementor and various Jet plugins, with integration of Google Analytics for minimal user tracking. However, the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security shortfall. The presence of SPF and DMARC records indicates some email security awareness, though the DMARC policy is set to 'none', offering no enforcement. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site offers good content quality and professional design but requires urgent security improvements to protect user data and enhance trust.

E

ETH Zürich Foundation

ethz-foundation.ch

40

ETH Zürich Foundation is a reputable non-profit organization dedicated to supporting education, research, and innovation at ETH Zürich through donations and strategic projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting donors, alumni, and organizations interested in philanthropy. The technical infrastructure is based on WordPress with modern JavaScript libraries and SEO optimizations, hosted likely within ETH Zürich's infrastructure. However, a critical security weakness is the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts the site's security posture. Privacy compliance is well addressed with detailed cookie consent mechanisms and a comprehensive privacy policy. Contact information and social media presence further enhance business credibility.

Security assessment completed with an overall score of 50/100 (unknown risk). Total of 11 security findings identified across all modules.

P

Private Packagist

packagist.com

66

Private Packagist is a technology company providing a SaaS platform for private PHP Composer package management, mirroring, and security monitoring. Founded by the creators of Composer, it holds a strong market position with hundreds of customers and offers key services such as private package hosting, integration with major VCS platforms, and security vulnerability alerts. The website content is professionally presented with clear navigation and good user experience, targeting developers and organizations using PHP Composer. Technically, the site uses modern JavaScript frameworks and is hosted on AWS infrastructure, but performance is moderate and accessibility is basic. Security posture is weakened by an invalid SSL certificate and lack of TLS protocol support, despite good DNS security configurations and HSTS enforcement. Privacy and terms policies are comprehensive and GDPR compliant, but no cookie consent mechanism is present. Overall, the site is trustworthy and credible but requires urgent SSL and TLS remediation to improve security.

L

Laravel

laravel.com

57

Laravel is a leading open source PHP web application framework designed for web artisans and developers seeking elegant and expressive syntax. It offers a comprehensive ecosystem including a robust framework, commercial products like Laravel Cloud, Forge, Nova, and monitoring tools such as Nightwatch, Pulse, and Telescope. The website demonstrates a mature digital presence with extensive documentation, code examples, and community testimonials, positioning Laravel as a dominant player in the PHP framework market. Technically, the site employs modern frontend technologies including Inertia.js, Livewire, React, and Vue, enhancing developer experience and application performance. However, the absence of a valid SSL certificate and lack of explicit privacy and cookie policies indicate significant security and compliance gaps. The site integrates analytics and marketing tools like RudderStack and Fathom, reflecting moderate user tracking practices. Overall, Laravel's website is professional and content-rich but requires urgent improvements in security posture and privacy compliance to maintain trust and meet modern standards.

B

Behamics

behamics.com

49

Behamics is an AI-driven platform specializing in enhancing e-commerce performance through behavioral science and advanced analytics. The company offers a suite of products including Nudge, Diagnostic, Organic SEO, Merchandise optimization, and Automations, targeting enterprise clients to boost revenue, conversions, and visibility. The website reflects a professional and modern design with comprehensive content and clear navigation, although performance is hindered by slow load times and a lack of HTTPS. Technically, the site is built on WordPress with Elementor and integrates multiple marketing and analytics tools. Security posture is weak due to the absence of a valid SSL certificate and missing security headers, which poses risks to data protection and user trust. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but lacks a cookie consent mechanism. Overall, Behamics demonstrates strong business credibility and market positioning but requires urgent improvements in security and technical performance to enhance trust and compliance.

Pinterest operates a leading visual discovery and social media platform serving millions of users worldwide. The analyzed page is part of their official help center, providing detailed guidance on troubleshooting email receipt issues. The company demonstrates strong digital maturity with a modern Drupal 10 CMS, integration of advanced analytics and consent management tools, and a well-structured, content-rich website. However, the pinterestmail.com domain used for email services lacks a valid SSL certificate and modern TLS configuration, which poses a security risk for email delivery and trust. The presence of SPF and a strict DMARC policy with reject enforcement indicates good email authentication practices. Overall, the website is professional, user-friendly, and privacy-conscious, but the email domain's SSL issues should be addressed promptly to maintain security and trust.

Q

Quarkslab

quarkslab.com

50

Quarkslab is a cybersecurity company specializing in offensive and defensive security solutions, combining consulting, R&D, and proprietary software to help organizations protect their digital assets. The company is recognized in the Gartner Emerging Tech report and serves a target audience of companies and governmental organizations seeking advanced cyber defense. Technically, the website is built on WordPress with Elementor and integrates multiple analytics and marketing tools. However, the site lacks a valid SSL certificate and modern TLS support, which significantly impacts its security posture. While email authentication is well configured with SPF and DMARC, the absence of HTTPS and security headers exposes the site to risks. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional and content-rich but requires urgent improvements in SSL/TLS configuration to enhance security and trust.

O

Open Source Technology Improvement Fund

ostif.org

40

The Open Source Technology Improvement Fund (OSTIF) is a small non-profit organization focused on improving the security of open source software through facilitating security audits and reviews. Their website positions them as a key community-driven entity with a large network of security experts and partner projects. Technically, the site is built on WordPress using the OceanWP theme and is hosted behind Cloudflare DNS and CDN services. However, the website suffers from a lack of a valid SSL certificate and does not properly enable HTTPS, which is a critical security shortfall. Security headers are minimal, with only HSTS enabled but without full recommended settings. Privacy and cookie policies are absent, and no contact information such as emails or phone numbers are provided, which impacts trust and compliance. The site has a slow load time and basic SEO and accessibility features. Overall, OSTIF's website provides good content and branding but requires urgent improvements in security and privacy compliance to enhance trustworthiness and user safety.

T

The PHP Foundation

thephp.foundation

55

The PHP Foundation is a non-profit collective dedicated to supporting, advancing, and developing the PHP programming language. It operates as a key steward of the PHP ecosystem by providing financial support and organizational guidance to PHP developers and contributors. The foundation is supported by a range of sponsors and members from the technology sector, positioning itself as an important entity within the open-source and developer community. The website reflects a professional and consistent branding approach with clear messaging targeted at PHP users and contributors. Technically, the site leverages modern frontend technologies such as Alpine.js and Highlight.js, and uses analytics tools like Matomo and Fathom to monitor user engagement. However, the site suffers from an invalid SSL certificate and lack of HTTPS support, which significantly impacts its security posture. While email authentication protocols like SPF and DMARC are properly configured, the absence of a cookie policy and direct contact emails or phone numbers limits privacy compliance and user trust. Overall, the website is functional and informative but requires critical improvements in security and privacy compliance to enhance trust and professionalism.

Security assessment completed with an overall score of 50/100 (unknown risk). Total of 9 security findings identified across all modules.

S

Smart reporting

smartreporting.eu

40

Security assessment completed with an overall score of 50/100 (unknown risk). 1 critical issues require immediate attention. Total of 28 security findings identified across all modules.

L

Les Sherpas

truzzer.fr

40

Les Sherpas is a French education platform specializing in personalized tutoring and online courses for students across various academic levels. The company positions itself as a flexible and quality-driven service provider, leveraging a proprietary platform that integrates messaging and videoconferencing to enhance the learning experience. The website is content-rich, featuring extensive user testimonials and structured data to boost SEO and trust. Technically, the site uses modern web standards and is hosted by o2switch, with moderate performance and good mobile optimization. Security is adequate with HTTPS and valid SPF records, but lacks advanced features such as HSTS and OCSP stapling, and no security headers are present. Privacy compliance is basic, with a privacy policy found but no cookie consent mechanism detected. Overall, the site demonstrates a strong business credibility and user trust, though security and privacy practices could be improved.

C

Crossware Limited

crossware.co.nz

64

Crossware Limited is a New Zealand-based enterprise software company specializing in email signature management solutions for medium to large organizations. Positioned as a world-leading provider, Crossware offers SaaS products that integrate with Microsoft 365, Google Workspace, Microsoft Exchange, and HCL Domino to ensure consistent, compliant, and centrally managed email signatures. The website demonstrates a mature digital presence with professional design, comprehensive content, and multiple customer engagement points such as free trials and demo requests. Technically, the site is hosted on Cloudflare with Webflow CMS, uses modern web technologies, and implements good security practices including HTTPS and OCSP stapling. However, there is room for improvement in SPF record validity and DMARC policy enforcement. Privacy compliance is supported by a comprehensive privacy policy and GDPR adherence, though cookie consent mechanisms are not evident. Overall, the site reflects a high level of business credibility and technical maturity.

A

Applied Behavioural Science Academy by Affective Advisory Ltd.

behavioralscience.academy

40

The Applied Behavioural Science Academy by Affective Advisory Ltd. is a specialized education provider offering a unique three-day executive program in applied behavioural science and behavioural economics. The program targets executives, policy makers, and project leaders seeking practical insights to drive sustainable change. The academy operates with a small, exclusive cohort model, emphasizing quality and networking in a prestigious Zurich location. Technically, the website is built on Squarespace, leveraging modern web technologies and Google services for analytics and security. While the site is well-designed and content-rich, performance is somewhat slow due to large page size and resource count. Security posture is good with strong TLS configurations but lacks some advanced headers like HSTS and DMARC. Privacy compliance is basic with a cookie banner and privacy policy present but no explicit GDPR certification. Overall, the site projects high professionalism and trustworthiness, with clear contact channels and social media presence.

All Channels Communication Austria GmbH is a medium-sized marketing and communication agency operating primarily in Austria and the CEE region. The company offers a comprehensive range of services including campaign management, brand management, PR, digital strategies, and social media marketing. Positioned as one of the fastest growing and most awarded agencies in its region, it targets businesses seeking integrated multi-channel marketing solutions. The website content is well-structured and professionally presented in German, with clear navigation and mobile optimization. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Google Analytics, but suffers from a lack of a valid SSL certificate, impacting security and trust. Security posture is basic with no advanced headers or policies implemented, and privacy compliance is minimal with only a basic disclaimer modal and cookie consent banner. Contact information is clearly provided including phone, email, physical address, and a contact form. Overall, the website is functional and professional but requires significant improvements in security and privacy compliance to meet modern standards.

K

KTHE | Team Farner

kthe.at

40

KTHE | Team Farner is a medium-sized Austrian communications company offering a comprehensive range of communication services including brand design, campaigns, PR concepts, and platforms. They position themselves as a leading provider in the Austrian market with a strong emphasis on creativity and international outlook. The website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Yoast SEO, but suffers from slow performance and basic accessibility. Security posture is weak due to the absence of a valid SSL certificate and HTTPS, lack of security headers, and missing DNS security features. Privacy compliance is basic with a privacy policy and cookie notice present but no advanced GDPR indicators. Business credibility is moderate with clear contact information and social media presence but lacks certifications or detailed policies. Overall, the site is functional and professional but requires urgent security improvements.

L

Lansons

lansons.com

63

Lansons is a communications and reputation management consultancy operating primarily in the media sector with offices in London and New York. It is part of the larger Team Farner group, positioning itself as an established player offering a wide range of services including public relations, financial communications, crisis management, and sustainability advisory. The website content is professionally presented, targeting organizations and individuals seeking expert communications consultancy. Technically, the site uses modern JavaScript frameworks such as Alpine.js and GSAP, is built on Craft CMS, and is hosted by UKFast. However, performance metrics indicate slow loading times, and the site lacks a valid SSL certificate, resulting in no HTTPS support, which is a critical security concern. Security headers are well configured, but the absence of HTTPS significantly reduces the overall security posture. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. Contact information including email and phone number is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but requires urgent SSL/TLS implementation to improve security and user trust.

V

VIM Group

vim-group.com

61

VIM Group is a specialized consulting firm focused on supporting world-leading brands through complex rebranding and brand change projects. They offer services in brand management, rebranding, and brand technology, positioning themselves as experts in ensuring smooth, on-time, and on-budget brand transformations. The company is part of the Team Farner group, which adds corporate credibility and resources. Technically, the website is built on the Framer platform and integrates Google Analytics and HubSpot for marketing and data collection. However, a critical security weakness is the absence of a valid SSL certificate and modern TLS protocols, which undermines the security posture of the site. Privacy and cookie policies are present and indicate GDPR compliance, and contact is facilitated via email and HubSpot forms. Overall, the site presents a professional and trustworthy image but requires urgent security improvements to protect user data and enhance trust.

S

Skills

skills.at

40

Skills is a well-established Austrian public relations and communication consultancy agency founded in 1984. The company specializes in full-service PR and communication consulting, focusing on sensitive and complex topics. It serves a broad business audience seeking expert communication services, supported by a strong network and quality certifications. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site is built on WordPress with common frameworks like Bootstrap and uses jQuery and Yoast SEO for enhanced functionality and SEO. However, the site suffers from a critical security issue due to the absence of a valid SSL certificate, resulting in no HTTPS support, which significantly impacts its security posture. Privacy compliance is partially addressed with a privacy policy and DMARC/SPF email protections, but lacks a cookie consent mechanism. Overall, the site is functional and credible but requires urgent security improvements to protect user data and enhance trust.

R

Rod Kommunikation

rod.ag

40

Rod Kommunikation is a well-established communications agency based in Zurich, Switzerland, specializing in market, brand, and human-centered communication services. The website reflects a professional and creative business model targeting companies and brands seeking comprehensive communication and marketing solutions. The agency demonstrates strong market positioning with a portfolio of notable clients and industry memberships, supported by high-quality content and consistent branding. Technically, the site is built on Drupal 10, hosted by Hostpoint, and integrates modern marketing tools such as Google Tag Manager and HubSpot forms. However, the website suffers from an invalid SSL certificate and lacks modern TLS protocol support, which significantly impacts its security posture. While security headers are properly configured and no major vulnerabilities are detected, the absence of a valid SSL certificate and cookie consent mechanism are notable compliance and security gaps. Overall, the site offers excellent user experience, clear navigation, and trustworthy business information, but requires urgent improvements in SSL/TLS configuration and privacy compliance to enhance security and regulatory adherence.

M

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH

massgeschneidert.at

40

MASSGESCHNEIDERT KOMMUNIKATIONSBÜRO GMBH is a Vienna-based communications agency specializing in public relations, media, creative concepts, content, strategy, 360 communications, and partnerships. With approximately 10 years of experience, the company targets projects and brands seeking tailored communication strategies. The website reflects a professional branding approach with consistent messaging and a focus on creative communications services. Technically, the site is built on WordPress using the BeTheme theme and common plugins, but suffers from slow performance and lacks modern security configurations such as HTTPS. Security posture is weak due to the absence of a valid SSL certificate, missing security headers, and no cookie consent mechanism, which poses risks to user data protection and trust. Overall, the site is functional and informative but requires significant improvements in security and privacy compliance to meet modern standards.

K

komm.passion GmbH

komm-passion.de

33

komm.passion GmbH is a medium-sized full-service communication consultancy and creative agency operating primarily in Germany with offices in Düsseldorf, Hamburg, and Berlin. The company is affiliated internationally with Team Farner, enhancing its market position. Their service portfolio includes corporate communications, change management, digital health, employer branding, sustainability, and crisis communication among others. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting corporate clients seeking integrated communication solutions. Technically, the site is built on TYPO3 CMS and uses modern web technologies including Google Tag Manager and FontAwesome. However, a critical security gap exists as the website lacks HTTPS, exposing users to potential risks. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Social media presence and trust indicators such as Google Partner and BVDW membership support business credibility. Overall, the site is functional and professional but requires urgent security improvements to meet modern standards.

Kirchhoff Consult GmbH is a specialized consulting firm focused on financial communication, corporate communications, sustainability, ESG, investor relations, and IPO advisory services. The company targets capital markets professionals and corporate clients seeking expert guidance in reporting and sustainability communication. The website reflects a strong market position supported by multiple industry awards and a consistent, professional brand presence. Technically, the site is built on TYPO3 CMS with Apache and PHP 8.3, but lacks proper HTTPS configuration, which is a critical security gap. Security posture is moderate with valid SPF and DMARC records but no SSL/TLS encryption, no HSTS, and no DNSSEC. Privacy compliance is partial with a comprehensive privacy policy but no cookie consent mechanism. Overall, the site is content-rich and professionally designed but requires urgent security improvements to protect user data and enhance trust.

J

jim & jim

jimjim.ch

40

jim & jim is a leading Swiss marketing agency specializing in NextGen Marketing, focusing on engaging young, hyperconnected customers through innovative digital and physical strategies. The company offers a wide range of services including content creation, community management, live execution, and strategic consulting, positioning itself as a comprehensive partner for brands targeting Millennials and Gen Z. The website reflects a professional and consistent brand image with strong client references and active social media presence. Technically, the site is built on WordPress with modern enhancements like Lottie animations and integrates marketing and analytics tools such as Google Tag Manager and HubSpot. However, the absence of a valid SSL certificate and HTTPS implementation is a critical security gap, exposing the site to potential risks and undermining user trust. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie policy and explicit consent mechanisms. Overall, the site demonstrates good business credibility and content quality but requires urgent security improvements to meet modern standards.

F

Farner Consulting AG

farner.ch

40

Farner Consulting AG is a well-established Swiss communication agency with over 70 years of experience and a large team of 300 experts. The company offers a broad range of communication services including public affairs, media relations, corporate communications, healthcare, financial services, technology communications, and more. Their target audience primarily consists of businesses and organizations in Switzerland seeking integrated communication solutions. The website is built on WordPress and leverages multiple modern JavaScript libraries and marketing tools such as HubSpot and Google Tag Manager. While the site is professionally designed with good SEO and mobile optimization, it suffers from a critical security issue due to the absence of a valid SSL certificate, which undermines HTTPS security. The presence of HSTS headers is positive but ineffective without proper SSL. Email authentication records like SPF have syntax errors, and the DMARC policy is minimal, indicating room for improvement in email security. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism despite tracking scripts. Overall, the website is functional and professional but requires urgent security enhancements to protect user data and improve trust.

B

BlueGlass | Team Farner

blueglass.ch

60

BlueGlass Interactive AG, operating as BlueGlass | Team Farner, is a leading digital marketing agency based in Zurich, Switzerland. The company offers a comprehensive suite of services including digital strategy consulting, SEO, content marketing, social media marketing, web design and development, data analytics, and e-sports video productions. With a strong market position supported by multiple industry awards and partnerships with major technology providers such as Google, Meta, and Microsoft, BlueGlass serves both national and international clients with a focus on data-driven and user-centric marketing solutions. The company is a medium-sized enterprise founded in 2007 and is part of the larger Team Farner communications group.