Security Directory

O

Offene Kirche Elisabethen Basel

offenekirche.ch

54

Offene Kirche Elisabethen Basel operates as a non-profit church organization based in Switzerland, providing community church services and event hosting. The website serves as a platform for event information and booking, leveraging WordPress and the EventPrime plugin for event management. The target audience is the general public interested in church activities and community events. The organization holds a local market position as the first city church in Switzerland, focusing on community engagement rather than commercial activities. Technically, the website is built on a modern CMS with standard plugins, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and nonce-based AJAX security, but lacks advanced security headers and explicit privacy and cookie policies, which are areas for improvement. The site does not employ extensive tracking or advertising, indicating a privacy-conscious approach, though GDPR compliance is incomplete due to missing policies. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing privacy and cookie policies, and improving accessibility and compliance to strengthen trust and security.

C

Caritas beider Basel

caritas-beider-basel.ch

11

Caritas beider Basel is a regional non-profit organization focused on providing social and legal support services, integration assistance, and emergency aid to individuals in the Basel-Landschaft and Basel-Stadt regions of Switzerland. The organization operates multiple service locations and offers a wide range of programs including social counseling, legal advice related to social welfare, secondhand clothing stores, affordable meals, child sponsorships, and support for caregivers. Their market position is strong within the regional social services sector, supported by their ZEWO certification which attests to their trustworthy handling of donations. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and SEOmatic for SEO management. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. Privacy and cookie policies are implemented with consent mechanisms, reflecting good compliance with GDPR requirements. Analytics usage is extensive, leveraging Google Analytics and Tag Manager, with transparent cookie consent. From a security perspective, the site uses HTTPS and includes CSRF tokens, but explicit security headers are not clearly visible in the HTML content. No critical vulnerabilities or exposed sensitive data were detected. The domain WHOIS data aligns well with the organization's identity and location, indicating legitimacy and consistency. No WAF or blocking mechanisms interfere with content access. Overall, Caritas beider Basel presents a professional, trustworthy, and well-maintained online presence that supports its mission of social aid and community support. Strategic recommendations include enhancing security headers, publishing a formal security policy, and establishing a vulnerability disclosure process to further strengthen their security posture.

ÖKK is a Swiss insurance company specializing in providing health insurance products tailored to private clients. The company positions itself as a reliable and sensible insurance provider with a focus on customer needs. The website reflects a professional and consistent brand image, targeting private clients primarily within Switzerland. The business model revolves around offering various insurance models and supplementary services to meet diverse client requirements. Technically, the website employs modern web technologies including JavaScript frameworks, font services, and third-party consent management tools, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS, implements strong security headers, and uses reCAPTCHA to protect forms, although it lacks a dedicated security policy or incident response page. Overall, the website demonstrates a mature digital presence with good privacy compliance and trustworthy business information.

K

Karate Academy Hamburg e.V.

karateacademy.de

56

Karate Academy Hamburg e.V. is a specialized martial arts dojo located in Hamburg, Germany, offering karate training for children, youth, and adults across various skill levels. The organization emphasizes respect, self-defense, and physical and mental development through karate. The website is built on the Squarespace platform, featuring a professional design with good mobile optimization and clear navigation. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is adequate with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms. Privacy policy is present and GDPR compliant but could be improved with explicit cookie management. Overall, the website reflects a trustworthy small business with a focus on community and training services.

D

Deutsche Stiftung für junge Erwachsene mit Krebs

junges-krebsportal.de

49

The Deutsche Stiftung für junge Erwachsene mit Krebs operates the Junges Krebsportal, a specialized online platform providing young cancer patients in Germany with direct access to expert advice and support. The portal offers multiple communication channels including online chats, telephone consultations, and in-person meetings, complemented by a Tandem-Beratung program where affected individuals support each other. The foundation is supported by recognized partners and foundations, reinforcing its credibility in the healthcare non-profit sector. Technically, the website is built using modern web standards including HTML5, CSS3, JavaScript, and the UIkit framework, hosted on a reputable German hosting provider. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. No major performance or technical issues were detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and explicit security or incident response policies. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism is evident. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the website presents a trustworthy, professional, and focused service with a strong business credibility score. Security posture is solid but could be improved with additional headers and policies. The absence of cookie consent mechanisms and incident response information are notable gaps. The domain WHOIS data is limited but consistent with the business purpose. No WAF or blocking mechanisms interfere with content access.

D

Deutsche Krebshilfe

bewegung-bei-krebs.org

65

The website bewegung-bei-krebs.org is a specialized German-language informational platform focused on the role of sport and physical activity in cancer therapy and rehabilitation. It is supported and funded by the reputable Deutsche Krebshilfe and is part of the IMPLEMENT project. The platform targets cancer patients, their relatives, and healthcare professionals, providing scientifically validated content, therapy offers, and free sports counseling. The site demonstrates a clear mission to support oncological rehabilitation through movement therapy, positioning itself as a trusted resource in this niche healthcare segment. Technically, the website uses modern web technologies including the Scrivito CMS, Bootstrap for styling, and Matomo for privacy-conscious analytics. Hosting appears to be on AWS infrastructure, and the site is mobile-optimized with good SEO practices. However, some security enhancements such as enabling DNSSEC and adding security headers could improve the overall security posture. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. Cookie consent mechanisms are implemented, and privacy policies are present and GDPR compliant. No critical vulnerabilities or suspicious content were detected. The absence of a security policy or incident response contact is noted as an area for improvement. Overall, the website scores well on content quality, business credibility, and privacy compliance, with moderate scores in technical implementation and security posture. It is a professionally maintained, trustworthy platform serving a sensitive healthcare niche with a clear non-profit orientation.

The website gemeinsamgesund-hessen.de represents a regional health promotion program "teamw()rk für Gesundheit und Arbeit" in Hessen, Germany, focused on improving health and social participation for unemployed individuals. It is funded by the GKV-Bündnis für Gesundheit and coordinated by HAGE, collaborating with local job centers and community partners. The site provides detailed program information, team contacts, and a variety of health-related offerings both online and in-person. Technically, the site uses modern frameworks such as UIkit and Flatpickr, with interactive SVG maps and a cookie consent mechanism, indicating a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a non-profit healthcare and social inclusion mission.

F

FIGGE+SCHUSTER AG

figge-schuster.de

58

FIGGE+SCHUSTER AG is a Munich-based internet agency specializing in high-quality websites and online presences for medium-sized companies, with over 20 years of experience. Their core competencies include website relaunches, Weblication CMS development, SEO, Google Ads, film and video production, and corporate design. The company targets clients primarily in the German-speaking region, focusing on complex industries such as healthcare, real estate, and technology. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the site is built on the Weblication CMS platform, uses modern JavaScript libraries, and integrates etracker analytics. Mobile optimization and SEO practices are well implemented, though accessibility is basic. Security posture is good with HTTPS and cookie consent mechanisms, but lacks explicit security policies or incident response information. WHOIS data is consistent with the business profile, and no suspicious patterns were detected. Overall, the website is trustworthy, professional, and compliant with GDPR requirements.

S

Sparkassen- und Giroverband Hessen-Thüringen (SGVHT)

mein-fahrtwind.de

55

Mein Fahrtwind is a promotional website operated by the Sparkassen- und Giroverband Hessen-Thüringen (SGVHT), a public financial association in Germany. The site hosts a contest offering participants the chance to win one of eight electric scooters, targeting residents of Hessen, Thüringen, and parts of Rheinland-Pfalz. The website is professionally designed with comprehensive legal and privacy documentation, reflecting a strong commitment to GDPR compliance and user data protection. The contest employs a double opt-in mechanism to ensure participant consent and data accuracy. Technically, the site uses modern web technologies including Google Tag Manager, Matomo analytics, Adobe Typekit fonts, and a cookie consent management system. Hosting is managed via DomainControl, indicating a professional infrastructure. The site is mobile-optimized and accessible, with good SEO practices. Security measures include HTTPS and IP masking in analytics, though HTTP security headers are not explicitly detected. From a security perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. Privacy policies are detailed and transparent, including a named data protection officer contact. No incident response or vulnerability disclosure policies are found, which could be areas for improvement. Overall, the site presents a low risk profile with strong compliance and trust indicators. Strategically, the site effectively supports the SGVHT's marketing and public engagement goals, leveraging digital tools to promote sustainable mobility. The integration of multiple marketing and tracking tools is balanced with user privacy considerations, positioning the organization as responsible and trustworthy in its digital presence.

S

Sparkassen- und Giroverband Hessen-Thüringen (SGVHT)

finanzen-mit-daniel-jung.de

47

The website 'finanzen-mit-daniel-jung.de' is an educational platform focused on financial literacy, primarily targeting students and educators in the Hessen and Thüringen regions of Germany. It is operated under the auspices of the Sparkassen- und Giroverband Hessen-Thüringen, a reputable financial association. The site offers a series of well-structured, easy-to-understand videos and learning materials to enhance financial knowledge. The partnership with Sparkassen and the inclusion of the Sparkassen-SchulService platform reinforce its credibility and regional relevance. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and Matomo for analytics, alongside a GDPR-compliant cookie consent mechanism. The site is hosted on servers indicated by the nameservers 'your-server.de' and related domains, suggesting a professional hosting environment. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in accessibility and security headers could be made. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are comprehensive and clearly presented, with a designated data protection officer contact provided. The site does not employ a vulnerability disclosure policy, which could be considered for future enhancement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. It effectively serves its educational mission with professional content and transparent governance. Strategic recommendations include enhancing HTTP security headers, formalizing a vulnerability disclosure process, and improving accessibility features to further strengthen the site's security and user experience.

G

Geschwister Meier Stiftung

gmstiftung.ch

61

The Geschwister Meier Stiftung is a Swiss non-profit foundation dedicated to supporting music and cultural activities ranging from traditional folk music to avant-garde experimental sounds. The website serves as an informational platform to present the foundation's mission and activities, targeting a general audience interested in arts and culture within Switzerland. The foundation operates in a niche cultural sector with a small organizational size and a focused business model centered on cultural funding and promotion. Technically, the website is built on the Wix platform, utilizing Wix's standard JavaScript libraries and hosting infrastructure. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The technical stack is modern but limited to Wix's ecosystem, which simplifies maintenance but may restrict advanced customization. From a security perspective, the site benefits from HTTPS and a good SSL configuration. However, it lacks several security best practices such as security headers and explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency and readiness. Overall, the website is professionally designed and consistent with the foundation's branding and mission. The absence of contact details and privacy-related policies slightly diminishes trust and compliance posture. Strategic enhancements in privacy compliance, security headers, and contact transparency would strengthen the foundation's digital presence and user confidence.

B

Bajour

bajour.ch

61

Bajour is a Swiss media company specializing in community journalism focused on Basel and its local community. The website offers news articles, community engagement features, and membership options, positioning itself as a trusted local media outlet. The content is professionally presented with a modern design and clear navigation, targeting residents interested in local news and cultural topics. Technically, the site is built on modern web technologies including React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy business entity.

Avadis Vorsorge AG is a Swiss financial services company specializing in pension fund management and investment solutions for institutional and private clients. The company offers a range of services including pension fund administration, private equity investments, real estate investments, and financial planning. With over 450 institutional clients and a strong presence in Switzerland, Avadis positions itself as a reliable and independent partner in the financial sector. The website reflects a professional and consistent brand image, targeting institutional investors and private individuals seeking investment opportunities and pension solutions. Technically, the website employs modern JavaScript frameworks, Google Analytics, and OneTrust for cookie consent, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS with strong SSL configuration and appropriate security headers, but lacks publicly available security policies or incident response contacts. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website demonstrates a high level of professionalism and trustworthiness, with minor recommendations to enhance security transparency and incident response readiness.

M

mediacampus-frankfurt

mediacampus-frankfurt.de

66

Mediacampus Frankfurt is an established educational institution specializing in seminars, training, and educational programs for the book trade and media industry in Germany. The website presents a professional and well-structured platform offering a variety of courses, webinars, and training sessions targeting professionals, newcomers, and specialists in publishing and media sectors. The institution maintains a strong social media presence and provides detailed event information, enhancing its market position as a key player in media education. Technically, the website employs modern web technologies including JavaScript, Algolia Search for site search functionality, and Google Tag Manager for analytics, which is loaded conditionally upon cookie consent. The site is hosted on Anexia servers, uses HTTPS with good SSL configuration, and is optimized for mobile devices with good accessibility and SEO practices. However, some security headers are not explicitly detected, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and privacy-aware analytics loading. No vulnerabilities or exposed sensitive data were found in the provided content. The WHOIS data aligns with the business claims, showing consistent domain registration and hosting. Privacy and cookie policies are not explicitly found in the provided content, which is a compliance gap. Overall, the site is safe, professional, and trustworthy with room for improvement in privacy disclosures and security policy transparency.

À

À la lyonnaise

alalyonnaise.fr

61

À la lyonnaise is a French lifestyle media company focusing on the city of Lyon, offering content related to food, shopping, cultural discoveries, and leisure activities. The website serves as a digital platform complementing their print magazine editions, targeting residents and visitors interested in Lyon's local culture and lifestyle. Their market position is that of a niche local media outlet with a consistent brand presence and active social media engagement. Technically, the website employs modern JavaScript libraries, Matomo and Google Analytics for tracking, and uses HTTPS with cookie consent mechanisms, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and cookie consent but lacks explicit security headers and public security policies, suggesting room for improvement in security posture. No critical vulnerabilities or blocking mechanisms were detected. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, though it could enhance transparency around terms of service and incident response. Strategic recommendations include implementing security headers, publishing security policies, and improving SEO and accessibility compliance.

O

Office du Tourisme et des Congrès de la métropole de Lyon

visiterlyon.com

69

The website www.visiterlyon.com serves as the official tourism portal for Lyon and its metropolitan area, operated by the Office du Tourisme et des Congrès de la métropole de Lyon. It provides comprehensive tourism information, online booking services for hotels, restaurants, leisure activities, and city passes such as the Lyon City Card. The site targets tourists, families, business travelers, and groups, positioning itself as an authoritative and trusted source for visiting Lyon. The content is rich, professionally presented, and available in multiple languages, enhancing accessibility and user experience. Technically, the website employs modern web technologies including Alpine.js for interactivity, Swiper.js for sliders, and MapLibre GL for mapping. It integrates Google Tag Manager and Google reCAPTCHA for analytics and security. The site is mobile-optimized, accessible, and SEO-friendly, with good performance metrics. Security best practices are observed with HTTPS enforcement, security headers, and secure forms, although explicit security policy and incident response information are not published. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. However, WHOIS data for the domain is missing or unavailable, which is unusual for an official entity and slightly impacts trustworthiness. Despite this, the website's certifications, social media presence, and comprehensive content support its legitimacy. Overall, the website is a high-quality, secure, and user-friendly platform for promoting tourism in Lyon. Strategic recommendations include publishing a dedicated security policy, incident response contacts, and a vulnerability disclosure policy to further enhance trust and transparency.

P

ProveSource

provesrc.com

61

ProveSource operates as a SaaS provider specializing in social proof and live sales notification tools designed to boost online sales conversions. The company positions itself as a market leader in this niche, targeting e-commerce businesses and online marketers. The website reflects a modern WordPress-based infrastructure with Elementor and Yoast SEO plugins, supported by AWS hosting inferred from DNS servers. The technical setup includes multiple analytics and marketing scripts such as Mixpanel, Facebook Pixel, and Google Tag Manager, indicating a mature digital marketing strategy. Security posture is adequate with HTTPS enabled and domain registration protections in place, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies, which is a notable gap for GDPR and other regulations. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

S

SAIO

saio.io

60

SAIO is a small ecommerce service provider specializing in Shopify development, offering custom themes, live webshop tweaks, and app development. The company positions itself as an industry leader trusted by thousands of shop owners worldwide. The website is built on Squarespace, leveraging standard web technologies and Google Analytics for tracking. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is basic with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and published security policies. WHOIS data is incomplete and privacy-protected, which limits transparency but is common for small businesses. Overall, the website is professional and trustworthy with room for improvement in security and compliance documentation.

K

Keyweb AG

keymachine.de

75

Keyweb AG is a well-established German technology company specializing in custom-built dedicated servers and hosting services. With over 20 years of experience and TÜV certification, the company offers high-performance, sustainable server solutions tailored to business needs. Their close partnership with Keymachine Server Manufaktur enables rapid and flexible server manufacturing, supporting a broad range of IT infrastructure and hosting services. The website reflects a professional and trustworthy business with clear contact channels and comprehensive service offerings. Technically, the site uses modern web technologies including Bootstrap and JavaScript, is mobile-optimized, and performs well. Security posture is strong with HTTPS, cookie consent, and secure forms, though explicit security policies and incident response contacts are not published. Overall, the domain and WHOIS data align with the company's history and legitimacy, supporting a high trust level.

J

JAXForms AG

jaxforms.com

70

JAXForms AG is a Swiss technology company specializing in digital form and workflow solutions, offering a range of services from simple forms to tailored complete solutions. The company positions itself as a competent partner for digital transformation projects, serving a business audience primarily in Switzerland. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content including success stories and job postings, indicating active operations and growth. Technically, the site is built on WordPress with modern JavaScript libraries and integrates Google Analytics for user tracking. Security posture is strong with HTTPS enforced and security headers present, though the absence of a dedicated security policy and incident response information suggests room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a high level of professionalism, trustworthiness, and technical maturity, suitable for its business clientele.

F

Finom

finom.co

80

Finom is a fintech company founded in 2019, providing online business banking and financial management solutions tailored for SMEs, freelancers, and entrepreneurs across multiple European countries. The platform offers business accounts with local IBANs, cashback rewards, electronic invoicing, and accounting integrations, leveraging partnerships with licensed banks SolarisBank and Treezor. Finom positions itself as a fast, reliable, and secure financial platform with multilingual support and regulatory compliance under De Nederlandsche Bank (DNB). Technically, the website is built on modern frameworks such as Next.js and React, hosted on Amazon Cloudfront CDN, and optimized for mobile and SEO. The site employs TLS encryption and security best practices, including strong security headers and GDPR compliance. The user experience is professional, with clear navigation, comprehensive content, and trust signals like awards and customer reviews. Security posture is strong, with encrypted data transfers, no exposed sensitive information, and deposit insurance coverage. However, the site lacks a dedicated security policy and incident response contact details, which could enhance transparency and trust. Overall, the domain registration aligns well with the business claims, supporting legitimacy and credibility. The website is safe for general audiences, contains no adult or questionable content, and provides clear contact channels primarily via email and web forms. Strategic recommendations include publishing explicit security and incident response policies, enhancing vulnerability disclosure, and maintaining rigorous third-party script audits to sustain security and compliance.

H

Haufe-Lexware GmbH & Co. KG

lexware.de

70

Lexware, a division of the Haufe Group since 1993, is a leading German software provider specializing in business and accounting software for self-employed individuals, freelancers, and small to medium-sized enterprises. The company offers a comprehensive suite of products including invoicing, bookkeeping, payroll, e-invoicing, and integrated business banking solutions. With over one million customers and multiple industry certifications, Lexware holds a strong market position as a trusted provider in the German SME software market. The website reflects a mature digital presence with modern technologies, strong branding, and extensive customer engagement features.

B

blue-community.ch

bluecommunity.ch

48

Blue Community is a Swiss non-profit organization dedicated to advocating for water as a human right and promoting sustainable water management practices. The website serves as a community platform for municipalities, educational institutions, technical enterprises, church communities, and companies to demonstrate responsibility locally and globally. The organization positions itself as a niche player in the environmental non-profit sector with a focus on water resource protection and international partnerships. Technically, the website is built on WordPress using modern Gutenberg blocks, enhanced with Matomo analytics and Mautic marketing automation tools. It employs a cookie consent mechanism compliant with GDPR, ensuring user privacy and transparency. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses cookie consent best practices but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the organization's Swiss non-profit identity. Overall, the website presents a trustworthy, professional, and privacy-conscious platform with room for improvement in formal security documentation and incident response readiness.

E

Evang.-ref. Kirchgemeinde Zürich

migrationskirchen.ch

44

The Zentrum für Migrationskirchen (ZMK) is a non-profit church-affiliated organization under the Evangelisch-reformierte Kirchgemeinde Zürich, focused on supporting migration churches and fostering intercultural Christian dialogue in Zurich. The website provides comprehensive information about their services, including room rental for worship, support and mediation between migration churches and local reform churches, and current news. The organization is well-positioned regionally with clear contact details and a professional online presence. Technically, the site uses a CMS likely based on DynPG, with Bootstrap and Matomo analytics, delivering a mobile-optimized and user-friendly experience. Security posture is adequate with HTTPS and secure form handling, though security headers and explicit policies are not evident. Privacy compliance is strong with a clear cookie consent mechanism and a detailed privacy policy in German. Overall, the site is trustworthy, professional, and serves its community well.

S

Home | Stadtkloster Zürich

stadtkloster.ch

61

The website www.stadtkloster.ch is a small-scale, community-oriented site hosted on the Wix platform, primarily serving a Swiss audience. The site uses Wix's Thunderbolt framework and standard JavaScript libraries, indicating a modern but basic technical infrastructure. The content is minimal with no visible business or contact information, privacy policies, or terms of service, which limits its professional and compliance stature. Security posture is basic with no advanced headers or policies detected, and no forms or data collection mechanisms are apparent. Overall, the site appears safe and suitable for general audiences but lacks critical compliance and security features.

B

Bayerische Botanische Gesellschaft e.V.

bbgev.de

57

The Bayerische Botanische Gesellschaft e.V. is a long-established non-profit botanical society based in Munich, Germany, founded in 1890. The organization focuses on the scientific study and conservation of Bavaria's native flora, offering members educational programs, excursions, and publications. The website serves as an informational portal for members and interested parties, highlighting the society's history, activities, and protected areas it manages. Technically, the site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the site is functional and professionally presented, mobile optimization and accessibility are basic, and there is room for improvement in SEO and privacy compliance. Security posture is adequate with HTTPS and standard headers, but lacks explicit security policies or incident response contacts. Overall, the site is trustworthy and suitable for its audience but could benefit from enhanced privacy and security features.

M

MVB GmbH

vlb.de

46

MVB GmbH operates the VLB (Verzeichnis Lieferbarer Bücher), a central platform for automated exchange of product information in the German-speaking book industry. The website serves key stakeholders including bookstores, publishers, self-publishers, and service providers, offering services such as order clearing (IBU), reference databases, and subscription discounts. The platform holds a strong market position as an authoritative source in its sector. Technically, the website employs modern web technologies including Bootstrap, Owl Carousel, and Google Tag Manager, hosted on Anexia infrastructure. It features responsive design, good SEO, and accessibility standards, with a cookie consent mechanism ensuring privacy compliance. The site is well-structured and professionally designed, providing a positive user experience. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy pages, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security posture. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR. The WHOIS data aligns with the business entity, reinforcing legitimacy. Strategic improvements in security transparency and incident response readiness would further strengthen the platform's reliability.

N

National Geographic Partners, LLC

nationalgeographic.com

65

National Geographic Partners, LLC operates the National Geographic website, a globally recognized media organization specializing in science, exploration, geography, and environmental journalism. The website serves a broad audience interested in educational and documentary content, supported by flagship publications and television programming. Owned by The Walt Disney Company, it maintains a strong market position with consistent branding and high-quality content. Technically, the website employs modern web technologies including React and integrates advanced monitoring and consent management tools such as New Relic and OneTrust. Security posture is robust with HTTPS enforcement, security headers, and no detected vulnerabilities, although explicit vulnerability disclosure and incident response contacts are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates a mature digital presence with excellent content quality and user experience, suitable for a large enterprise media entity.

N

National Geographic España

nationalgeographic.es

55

National Geographic España operates as a prominent media brand delivering high-quality content focused on science, nature, history, and travel. The website serves a broad general audience with a mix of free and subscription-based content, supported by advertising partnerships and e-commerce through affiliated domains. The brand is well-established in Spain, leveraging multimedia content and digital subscriptions to maintain market relevance. Technically, the website employs a modern tech stack including advanced advertising technologies, consent management via Didomi, and multimedia delivery through JWPlayer. The site is mobile-optimized and uses HTTPS with appropriate security headers, reflecting a mature digital infrastructure. However, some areas such as explicit privacy policy publication and accessibility could be improved. Security posture is solid with HTTPS enforcement and consent mechanisms, but lacks visible vulnerability disclosure or incident response contacts. The absence of WHOIS data limits domain trust verification, though the website's professional presentation and branding strongly indicate legitimacy. Overall, the site presents a low-risk profile with good content quality and technical implementation, but should enhance transparency around privacy, contact information, and security disclosures to strengthen trust and compliance.

B

BOSS TONE EXCHANGE

bosstoneexchange.com

56

BOSS TONE EXCHANGE is a specialized online platform launched in 2022 that enables users of BOSS musical products to share original Livesets globally. The platform targets musicians and music producers who use BOSS gear, providing a community-driven service focused on content sharing. The website is professionally designed with good SEO and mobile optimization, leveraging modern web technologies and third-party services such as Google Analytics and OneTrust for cookie consent management. Hosting appears to be on AWS infrastructure, ensuring reliable performance. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, DNSSEC is not enabled and security headers are missing, representing areas for improvement. No direct contact information or detailed security policies are published, which could impact user trust. Overall, the domain registration is consistent and legitimate, supporting the platform's credibility. The site contains no adult or questionable content and maintains a safe environment for general audiences.

A

ANSARO

ansaro.ch

62

ANSARO is a Swiss-based coffee roastery specializing in freshly roasted coffee beans and retailing coffee products. The company positions itself as a local Swiss quality brand with a focus on authentic taste and craftsmanship. The website is professionally designed using the Wix platform, indicating a moderate level of digital maturity suitable for a small retail business. The technical infrastructure leverages Wix's Thunderbolt framework, ensuring reasonable performance and mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and visible privacy compliance mechanisms. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security features to meet compliance standards. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and improving accessibility.

S

Swiss Olympic

coolandclean.ch

64

The website coolandclean.ch represents a national youth sports prevention program operated under the auspices of Swiss Olympic. It focuses on promoting healthy behaviors, fair play, and substance abuse prevention among young athletes and their leaders. The platform offers educational content, training tips, a material shop, and community support including regional ambassadors and consultation services. The site is well-branded, professionally designed, and targets youth sports organizations and their stakeholders in Switzerland. Technically, the site employs modern web technologies including Google Analytics, Facebook Pixel, and Google Maps API, likely built on a CMS such as Adobe Experience Manager. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not visible. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

SWISS is a major international airline operating under the Lufthansa Group, providing comprehensive flight booking and travel services globally. The website is professionally designed, mobile-optimized, and offers a rich user experience with clear navigation and extensive travel-related content. Technically, the site leverages modern JavaScript frameworks, Adobe Helix RUM for performance monitoring, and Tealium for tag management, hosted on Akamai CDN ensuring fast and reliable delivery. Security posture is strong with HTTPS enforcement, secure login mechanisms, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high business credibility and trustworthiness, aligned with the Lufthansa Group's reputation.

Z

zurichnetgroup ag

netgroupcloud.ch

56

Zurichnetgroup ag is a Swiss ICT service provider specializing in cloud solutions tailored for small and medium-sized enterprises (KMU). The company leverages strong partnerships with Microsoft and Swisscom to offer a range of cloud services including private, public, hybrid clouds, and Microsoft 365 cloud solutions. Their market position is solidified by certifications such as ISO 9001, 14001, and 27001, and their focus on Swiss data protection standards appeals to privacy-conscious KMU clients. Technically, the website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and good SEO practices. The use of JSON-LD structured data and lazy loading images enhances performance and search engine visibility. Hosting is implied to be with Swisscom, aligning with their service offerings. From a security perspective, the site enforces HTTPS, employs multiple security headers, and benefits from the robust encryption standards of their cloud partners. No critical vulnerabilities or exposed sensitive data were detected. However, explicit incident response and vulnerability disclosure policies are not publicly available, representing an area for improvement. Overall, the website and business present a trustworthy, professional image with strong compliance to privacy regulations and security best practices. The company is well-positioned in the Swiss KMU market with a comprehensive portfolio of cloud and IT services.

The website stefan-aufdermaur.ch serves as a personal or professional portfolio site for Stefan Auf der Maur, likely showcasing artistic or photographic work. The site is minimalistic with limited metadata and no structured data, focusing primarily on visual content. The target audience appears to be general visitors interested in the individual's work, with no commercial or transactional features evident. Technically, the site uses basic HTML, CSS, and JavaScript with lazy loading for images, but lacks advanced SEO, accessibility, and performance optimizations. Security posture is weak, with no visible security headers or privacy policies, and no HTTPS status confirmed from the provided data. No contact information or forms are present, limiting user engagement and trust signals. Overall, the site is functional but basic, with room for significant improvements in security, privacy compliance, and user experience.

Genossenschaft Haus Oslo Ateliers is a small cooperative likely focused on providing atelier spaces or community services for artists and creatives in Switzerland. The website is primarily informational, presented in German, and built on the CraftCMS platform. The technical infrastructure is moderate with HTTPS enabled and hosted on an Apache server, but lacks advanced security headers and privacy compliance features. No contact or policy information is provided, which limits user trust and compliance with regulations such as GDPR. The site does not employ analytics or advertising technologies, indicating a minimal digital footprint. Overall, the website serves its niche audience but requires improvements in privacy, security, and contact transparency to enhance credibility and compliance.

Julian Salinas Fotografie is a small photography business based in Switzerland, focusing on artistic and commissioned photography services primarily in Basel and Zurich. The website presents basic information about the business and its offerings, including art works, commissioned projects, exhibitions, portraits, and video projects. The target audience is general, including art enthusiasts and potential clients seeking photography services. Technically, the website is built using React and standard web technologies such as JavaScript and CSS. The site appears moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. There are no detected content management systems or third-party analytics or advertising tools integrated. From a security perspective, the website lacks visible security headers and privacy or cookie policies, indicating a low maturity level in security and compliance. No forms or data collection mechanisms are present, reducing immediate data protection concerns but also limiting user engagement. The absence of HTTPS information prevents a full SSL configuration assessment. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website presents a basic but functional online presence for a small photography business. Key recommendations include implementing HTTPS, adding privacy and cookie policies, improving security headers, and providing clear contact information to enhance trust and compliance.

J

Jugendkulturfestival Basel (JKF)

jkf.ch

45

Jugendkulturfestival Basel (JKF) is a small-scale cultural festival focused on youth engagement in Basel, Switzerland. The website serves as an informational platform for the festival's upcoming events, providing program links, partner information, and contact details. The festival targets youth and cultural enthusiasts in the region, positioning itself as a key local cultural event. Technically, the site is built on WordPress with modern web standards, including HTTPS and responsive design, but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no visible incident response or security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve in compliance and security transparency.

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which serves as a placeholder when the browser cannot load the requested website content. The page includes the offline dinosaur game scripts and styles but contains no actual business or website content. Consequently, there is no identifiable company information, business description, or market positioning. The technical infrastructure is limited to client-side JavaScript for the embedded game, with no server-side or hosting details available. Security posture cannot be assessed due to the absence of real website content, security headers, or HTTPS information. Privacy compliance elements such as privacy policies, cookie consent, or contact information are missing. Overall, this is not a functional website but a browser error page, and thus the risk assessment is that no meaningful business or security evaluation can be performed.

A

ARS Architektur AG

ars-architektur.ch

52

ARS Architektur AG is a Swiss architecture firm located in Münchenstein, Basel region, specializing in architecture, interior design, general planning, project development, and area development. The website presents a professional image with project showcases and a clean, modern design using the Svelte framework. The technical infrastructure is moderately modern with good mobile optimization and SEO practices, but lacks explicit CMS or hosting details. Security posture is weak due to absence of security headers, privacy policies, and incident response information. No HTTPS or SSL configuration details were available from the provided data. Overall, the site is functional and professional but requires improvements in security and privacy compliance to meet modern standards. The risk level is moderate with no critical vulnerabilities detected but gaps in security best practices and compliance.

U

unterdessen.ch

unterdessen.ch

48

The website unterdessen.ch presents minimal accessible content with no visible business description, contact information, or policies. The site uses a modern JavaScript framework (SvelteKit) and custom fonts, indicating some technical maturity, but lacks SEO, accessibility, and user engagement features. Security posture is weak due to absence of security headers and privacy policies, and WHOIS data is privacy protected, limiting transparency. Overall, the site appears to be a small or early-stage project with limited public-facing information, resulting in low trust and credibility scores.

S

Stück Labor Basel

stuecklabor.ch

47

Stück Labor Basel is a well-established cultural initiative founded in 2008 by Theater Basel to promote new Swiss dramaturgy. The program annually supports selected playwrights and collaborates with major Swiss theaters such as Theater Basel, Bühnen Bern, and Luzerner Theater. The website reflects this cultural focus with professional design and consistent branding, targeting theater professionals and audiences interested in Swiss dramaturgy. Technically, the site uses modern JavaScript frameworks (Svelte) and demonstrates good mobile optimization and SEO practices, although some accessibility features are basic. Security posture is moderate with no HTTPS or security headers explicitly detected in the provided data, and no privacy or cookie policies are present, indicating room for improvement in compliance and security best practices. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy and trustworthiness.

A

ateliernord.ch

ateliernord.ch

44

The website ateliernord.ch presents minimal accessible content with no metadata, structured data, or visible business information. The site uses the SvelteKit JavaScript framework, indicating a modern technical foundation, but lacks visible SEO, accessibility, or security features. No privacy, cookie, or terms of service policies are found, and no contact information or forms are present, limiting user engagement and trust. Security posture cannot be fully assessed due to lack of headers and SSL details. Overall, the site appears to be in an early or minimal state with limited business or security maturity.

Christine Moser's website serves as an online portfolio showcasing her art exhibitions and objects, primarily targeting art enthusiasts and museum visitors. The site highlights projects such as 'Double Face' at the Museum für Gestaltung Zürich, positioning her as a niche artist in the contemporary art and design space. The business model is centered on artistic presentation rather than commercial sales or services. Technically, the website employs modern frontend technologies including Svelte and Swiper.js for interactive galleries, indicating a moderate level of digital maturity. The site appears mobile-optimized with good design quality and navigation clarity, although accessibility features are basic. No CMS or hosting provider details are evident. From a security perspective, the site lacks key security headers and explicit privacy or cookie policies, which lowers its compliance posture. The absence of contact information and incident response details further limits trust and security transparency. However, no vulnerabilities or suspicious elements were detected, and the content is safe for general audiences. Overall, the website is functional and professionally presented but would benefit from enhanced security practices, privacy compliance, and clearer contact information to improve trustworthiness and regulatory adherence.

The website mirjamplattner.ch appears to be a minimal personal or professional portfolio site built using the SvelteKit framework. The content is very limited, primarily displaying a logo image with no additional textual or metadata content. There is no evidence of privacy policies, cookie consent mechanisms, or terms of service, indicating a basic digital maturity level. The technical infrastructure is modern in terms of framework choice but lacks visible SEO, accessibility, or performance optimizations. Security posture is minimal with no detected security headers or HTTPS confirmation in the provided data, and no contact or incident response information is available. Overall, the site presents a low-risk profile due to minimal content and no suspicious elements, but it lacks many standard compliance and security features expected for professional or business websites.

S

szenografieschweiz.ch

szenografieschweiz.ch

43

The website szenografieschweiz.ch currently presents minimal accessible content, primarily consisting of a basic HTML structure with JavaScript modules loaded via the SvelteKit framework. There is no visible textual content, metadata, or structured data to provide insights into the business operations, services, or market positioning. The absence of privacy, cookie, or terms of service policies, as well as contact information, limits the ability to assess compliance and user engagement. Technically, the site uses modern JavaScript frameworks but lacks visible performance or security optimizations. Security posture is weak due to missing HTTPS/SSL information and absence of security headers or policies. Overall, the site appears to be in an early or placeholder state, with significant gaps in content, compliance, and security.

M

Miranda Roux

mirandaroux.net

51

Miranda Roux is a Danish artist based in Geneva, specializing in figurative art that explores surrealism, classical sculpture, and taboo themes. The website serves as a portfolio showcasing her selected works, biography, news, texts, and contact information. The site targets art enthusiasts, collectors, and galleries interested in contemporary European art. Technically, the website is built using the modern Svelte framework, hosted by Infomaniak Network SA, and employs HTTPS with domain transfer protection. However, it lacks DNSSEC and a defined Content-Security-Policy header, which are recommended for enhanced security. The site does not provide privacy or cookie policies, nor does it include direct contact emails or phone numbers, relying solely on a contact form for communication. No tracking or advertising technologies are detected, indicating a privacy-conscious approach but also a lack of compliance documentation. Overall, the website is professional and well-structured but would benefit from improved security headers and privacy compliance measures.

The website vittoriosantoro.info serves as an online portfolio for the artist Vittorio Santoro, showcasing current and past exhibitions, recent works, and publications. It targets art enthusiasts, galleries, and cultural institutions interested in the artist's work. The business model is primarily promotional, focusing on visibility and information dissemination rather than direct sales. The site is niche and small scale, consistent with an individual artist's portfolio. Technically, the site is built using modern JavaScript technologies, specifically the SvelteKit framework, and includes interactive elements such as a swiper for featured content. The site is mobile optimized and has a good design quality, though accessibility and SEO optimizations are basic. No CMS or hosting provider details are evident from the content. From a security perspective, the site lacks visible security headers and privacy-related policies, which lowers its security posture. No HTTPS or SSL configuration details were available from the data, and no contact or incident response information is provided. The WHOIS data is incomplete due to unsupported TLD WHOIS queries, limiting domain trust assessment. Overall, the site appears legitimate but would benefit from improved security and compliance measures. The overall risk is moderate with recommendations to implement security headers, add privacy and cookie policies, provide contact information, and verify SSL/TLS configurations to enhance trust and compliance.

S

Stücheli Pestalozzi Schiratzki Architekt*innen ETH SIA

stuepetzki.ch

44

Stücheli Pestalozzi Schiratzki Architekt*innen ETH SIA is a small architecture firm based in Zürich, Switzerland, specializing in architecture and urban planning projects ranging from new constructions to renovations. The website showcases a portfolio of projects with extensive imagery, targeting clients interested in architectural services. The technical infrastructure is modern, leveraging the SvelteKit framework and JavaScript modules, indicating a contemporary digital presence. However, the site lacks critical privacy and security policies, contact information, and security best practices, which impacts its overall security posture. No WAF or blocking mechanisms were detected, and the site is fully accessible. The WHOIS data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

The eMuseum website serves as the digital archive platform for the Museum für Gestaltung Zürich and the Archive of the Zurich University of the Arts (ZHdK). It provides extensive access to a large collection of design and art objects, positioning itself as the largest Swiss online database in this domain. The platform targets researchers, curators, designers, collectors, and the general public interested in design and art history. The business model is non-profit, focusing on cultural preservation and digital access rather than commercial activities. Technically, the website is built on a custom CMS leveraging the Apache Tapestry framework, with frontend technologies including Bootstrap, jQuery, OpenLayers, and Font Awesome. It employs Matomo for analytics and AddToAny for social sharing. The site is mobile-optimized with moderate performance and basic accessibility features. SEO optimization is basic, with room for improvement in structured data and meta tags. From a security perspective, the site enforces HTTPS and uses secure form tokens, but lacks several security headers and published policies such as privacy, cookie, and incident response. No vulnerabilities or malicious content were detected. The WHOIS data aligns well with the institutional identity, confirming legitimacy and trustworthiness. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, improved security headers, and more transparent contact and incident response information to strengthen user trust and regulatory adherence.