Security Directory

I

IG Rottaler Ernte

erntefest.ch

47

The website erntefest.ch represents the IG Rottaler Ernte, a small regional organization dedicated to organizing the annual Rottaler Erntefest, a cultural and culinary event celebrating the Rottaler region in Switzerland. The site provides information about the event, its history, partners, and sponsors, targeting local audiences interested in regional traditions and products. The business model is community and non-profit focused, emphasizing regional culture and local product promotion. Technically, the website is built with basic HTML, CSS, and JavaScript without a detected CMS or advanced frameworks. It offers moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is minimal with no detected HTTPS enforcement or security headers, and no incident response or vulnerability disclosure information is provided. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the site is trustworthy and consistent with its regional cultural mission but would benefit from improved security and privacy practices.

A

Aargauische Kantonalbank

akb.ch

29

Aargauische Kantonalbank is a leading financial services provider operating primarily in the Canton of Aargau and the Olten-Gösgen-Gäu region in Switzerland. The website reflects a professional banking institution offering a range of financial products and customer support services. The company maintains a strong market position as a regional bank with a clear focus on its local clientele. The digital presence is built on a modern technical infrastructure leveraging Liferay CMS, React, and Clay UI components, ensuring a responsive and user-friendly experience. Integration with Google Tag Manager and Jentis Analytics indicates a mature approach to user behavior tracking and marketing analytics. Security posture is robust with HTTPS enforcement, script nonce usage, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly visible. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for a financial institution.

PostBus Ltd operates a comprehensive regional and local bus transportation network throughout Switzerland, providing essential public transit services, special trips, and leisure excursions. The company maintains a professional and user-friendly website that supports multiple languages and offers extensive customer service resources, including ticket purchases and lost property services. The website reflects a mature digital infrastructure with modern technologies such as Google Tag Manager, Coveo search integration, and Usercentrics consent management, indicating a high level of digital maturity and compliance with privacy regulations. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, though explicit security policies and incident response details are not published. Overall, the website and domain registration data align well, confirming the legitimacy and trustworthiness of the business.

T

Tarifverbund A-Welle

a-welle.ch

10

Tarifverbund A-Welle operates as a regional public transportation tariff association in Switzerland, providing ticketing, subscriptions, zone plans, and travel information services primarily for the A-Welle region. The website is professionally designed and targets general public users including commuters and travelers within the region. The business model focuses on facilitating public transport access through digital and physical ticketing solutions, supported by partnerships such as SwissPass. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and integrates Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good performance profile. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. Strategic recommendations include enhancing security transparency and incident response readiness to further strengthen trust and compliance.

P

planval AG

planval.ch

57

Planval AG is a Swiss consultancy specializing in sustainable development, policy design, and knowledge management for municipalities, regions, and businesses. Their website presents a professional and consistent brand image with clear contact information and multiple office locations in Switzerland. The company targets stakeholders involved in societal, ecological, and economic challenges, offering services that guide complex projects to successful outcomes. Technically, the website uses modern JavaScript frameworks (Vue.js), service workers, and responsive design, providing a moderate performance and good mobile optimization. SEO and accessibility are basic but adequate. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking formal security policies and headers. Overall, the site is trustworthy, safe, and compliant with GDPR, with no detected vulnerabilities or suspicious content. The WHOIS data aligns well with the business claims, reinforcing legitimacy. Strategic improvements could focus on enhancing security policies, incident response transparency, and accessibility features.

M

Maison de la Tourbière

mdt-ne.ch

60

Maison de la Tourbière is a small Swiss ecotourism establishment focused on scientific, cultural, and hospitality services dedicated to the study, promotion, and protection of peatlands. The website is professionally designed using the Wix platform, providing a good user experience with clear content relevant to its target audience interested in environmental conservation and ecotourism. The technical infrastructure is modern and leverages Wix's Thunderbolt framework, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though explicit security headers and privacy policies are missing, representing areas for improvement. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

E

EKZ

energiefranken.ch

60

Energiefranken is a Swiss online platform operated by EKZ that provides a comprehensive database of funding programs related to energy and mobility. It serves Swiss companies and private individuals seeking financial support for energy efficiency and mobility projects, supporting the national Energy Strategy 2050. The platform is supported by reputable partners including Faktor Journalisten AG, EnergieSchweiz, and Energie-Experten, enhancing its credibility and data accuracy. Technically, the website uses modern JavaScript and privacy-focused analytics (Plausible), with good mobile optimization and accessibility features. Security posture is solid with HTTPS and CSRF protections, though additional security headers and explicit security policies could improve it. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-positioned in its niche market.

E

EnergieSchweiz

local-energy.swiss

66

The website local-energy.swiss represents EnergieSchweiz, a Swiss federal government program aimed at promoting energy efficiency and renewable energy through voluntary measures targeted at cities, municipalities, and regions. The site provides information on various programs such as project funding, energy regions, smart city initiatives, and mobility solutions. The content is professionally presented, consistent with Swiss government branding, and designed to serve a public sector audience. Technically, the website employs modern web standards with responsive design and uses MailerLite for email marketing. Security posture is adequate with HTTPS enabled, but lacks explicit security headers and privacy compliance mechanisms such as cookie consent and privacy policies. WHOIS data is privacy protected, which is typical for government-related domains, and the domain appears legitimate and consistent with its stated purpose. Overall, the site is trustworthy and serves as an authoritative resource for energy-related programs in Switzerland.

B

Bundesamt für Umwelt BAFU

onlinetool-klimaanpassung.ch

65

The website www.onlinetool-klimaanpassung.ch is an official Swiss government platform operated by the Bundesamt für Umwelt (BAFU) under the Eidgenössisches Departement für Umwelt, Verkehr, Energie und Kommunikation (UVEK). It provides an online tool aimed at Swiss municipalities to help them understand and adapt to local climate change risks. The platform offers localized hazard information and practical measures based on experiences from comparable communities, positioning itself as a trusted resource for public sector climate adaptation efforts. Technically, the site is built using modern web technologies including Angular 17.3.8 and Kendo UI components, ensuring a contemporary user experience. The site is multilingual (German, French, Italian) and includes video content to engage users. While the site is moderately optimized for performance and mobile use, there is room for improvement in accessibility and SEO. No major technical issues or vulnerabilities were detected in the provided HTML content. From a security perspective, the site uses HTTPS and employs some best practices such as disabling video downloads. However, explicit security headers are not visible in the HTML content, and no vulnerability disclosure or incident response information is provided. Privacy compliance is partially addressed with a privacy and contact page, but no cookie consent mechanism is evident. Overall, the security posture is adequate but could be enhanced with additional headers and transparency. The overall risk assessment is low given the official nature of the site, absence of suspicious content, and consistent WHOIS data confirming legitimacy. Strategic recommendations include implementing security headers, adding cookie consent, improving accessibility, and publishing a vulnerability disclosure policy to strengthen trust and compliance.

D

Das Gebäudeprogramm

dasgebaeudeprogramm.ch

68

Das Gebäudeprogramm is a Swiss government-supported initiative focused on promoting energy efficiency in buildings through subsidies and consulting. The website serves as an information hub for private homeowners and builders in Switzerland, providing detailed guidance on energy-saving measures, subsidy applications, and success stories. The program is positioned as a key pillar in Swiss energy and climate policy, backed by federal and cantonal authorities. Technically, the website employs modern web standards with HTTPS, security headers, and Matomo analytics, reflecting a mature digital infrastructure. The security posture is strong with no evident vulnerabilities, though privacy compliance could be enhanced by adding cookie consent mechanisms and explicit data retention policies. Overall, the site is professional, trustworthy, and well-aligned with its governmental mission.

O

okaj zürich

okaj.ch

47

okaj zürich is a well-established non-profit umbrella organization dedicated to coordinating and supporting open, associative, and church-based child and youth work in the canton of Zürich, Switzerland. With a history spanning 100 years, it serves approximately 600 member organizations and operates under a mandate from the canton government. The website effectively communicates its mission, projects, and events, targeting professionals in youth work, government officials, and member organizations. The organization emphasizes education, networking, and advocacy through various projects and publications.

W

Werkstatt F

werkstatt-fischenthal.ch

59

Werkstatt F is a community development project operated by the Gemeinde Fischenthal, focusing on local initiatives such as biodiversity, community engagement, and educational projects. The website serves as an informational platform for residents and stakeholders, providing updates on projects, events, and results. The site is hosted on Squarespace, leveraging modern web technologies and providing a responsive user experience. While the site is well-structured and visually consistent, it lacks formal privacy and cookie policies, which are important for compliance with data protection regulations. Security posture is adequate with HTTPS enabled, but could be improved by adding security headers and incident response information. Overall, the website is trustworthy and serves its community purpose effectively.

B

Bundesamt für Statistik (BFS)

dashboard-agglomeration.ch

43

The website dashboard-agglomeration.ch is an official Swiss government portal managed by the Bundesamt für Statistik (BFS), providing detailed statistical data and visualizations about the 52 agglomerations in Switzerland. It serves researchers, policymakers, urban planners, and the general public interested in Swiss urban development and demographic statistics. The site uses modern web technologies including JavaScript, TailwindCSS, and a specialized visualization library (dynvis.js) to deliver interactive content. The technical infrastructure appears solid with good mobile optimization and accessibility, though performance is moderate and SEO optimization is basic. Security posture is moderate with HTTPS likely enabled but lacking explicit security headers and published security policies. Privacy compliance is low due to absence of privacy and cookie policies or consent mechanisms. Business credibility is high given the official government affiliation and consistent domain registration data. Overall, the site is trustworthy and safe for general audiences but could improve in privacy and security transparency.

2

2038 | Home

2038.xyz

9

2038.xyz is a cultural and artistic project presenting a vision of a future society through multimedia storytelling and expert collaboration across various disciplines including architecture, ecology, and technology. The website serves as a platform to showcase films, publications, and expert insights related to the project, which is positioned as a niche cultural initiative with international exhibition presence. Technically, the site is built on modern web technologies such as Gatsby and React, hosted likely via GoDaddy, and optimized for mobile with good SEO practices. However, it lacks advanced security configurations such as DNSSEC and security headers, and does not provide privacy or cookie policies, which impacts compliance and trust. No contact information or incident response channels are provided, limiting user engagement and transparency. Overall, the site is professionally designed and content-rich but could improve in security and privacy compliance to enhance trustworthiness.

FAR frohn&rojas is a small, networked architectural design and research practice operating internationally with locations in Berlin, Santiago de Chile, and Los Angeles. The website presents basic information about the firm and its services but lacks detailed business or contact information. The technical infrastructure is based on WordPress CMS with common JavaScript libraries, providing moderate performance and basic mobile optimization. Security posture is limited, with no evident security headers or privacy policies, and the absence of WHOIS registration data raises concerns about domain legitimacy. Overall, the site is professional in content but requires improvements in security, compliance, and transparency to enhance trust and credibility.

station.plus is an online TV station dedicated to communicating architecture as a discipline that impacts society and everyday life. The platform uses video content to explore architectural themes beyond traditional plans and models, emphasizing societal and political implications. The website presents a rich catalog of documentary series and thematic content aimed at a broad audience interested in architecture and its broader context. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and embeds YouTube videos for content delivery. The site is mobile optimized with good navigation and content relevance. However, there is a lack of visible privacy, cookie, or terms of service policies, and no contact or business registration information is provided, which impacts trust and compliance. Security headers and explicit security policies are not detected, suggesting room for improvement in security posture. WHOIS data is not publicly available due to privacy protections, which is common for media platforms but reduces transparency. Overall, the site is professional and content-rich but would benefit from enhanced privacy, security, and contact transparency.

O

Oslo Architecture Triennale

oslotriennale.no

50

Oslo Architecture Triennale is a cultural institution organizing architecture-related exhibitions, journals, films, and urban labs primarily targeting architects, urban planners, cultural institutions, and the general public interested in architecture and urbanism. The website presents a professional and consistent brand image with rich content and partnerships with reputable organizations. Technically, the site uses modern web technologies including Google Analytics and Imgix for image optimization, though it still relies partially on deprecated Universal Analytics. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy and cookie policies. No WHOIS data is publicly available due to privacy protection, which is common for Norwegian domains and does not raise immediate concerns. Overall, the website is trustworthy and professionally maintained but would benefit from improved privacy compliance and security best practices.

A

ARCH+ Verlag GmbH

archplus.net

57

ARCH+ Verlag GmbH operates a well-established German architecture and urbanism magazine with a strong digital presence. The website serves as a platform for magazine sales, event promotion, and architectural discourse, targeting professionals, students, and enthusiasts in the architecture sector. The business model centers on publishing quarterly issues in print and digital formats, supplemented by events and advertising. The company holds a leading position in its niche market in Germany with international outreach through English content and social media engagement. Technically, the website employs modern web standards, including HTML5, CSS3, and JavaScript, with embedded video content and Google Tag Manager for analytics and marketing. The site is hosted on Namespace4You infrastructure and shows moderate performance with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though improvements are recommended such as enabling DNSSEC and adding security headers. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and aligns well with the company's business objectives.

N

New Generations

newgenerationsweb.com

36

New Generations is a European media and cultural platform focused on emerging architectural practices since 2013. It provides a space for knowledge exchange, events, publications, and networking for architects across Europe. The website is built on SilverStripe CMS, uses modern web technologies including Bootstrap and jQuery, and integrates Google Analytics and reCAPTCHA for user interaction and spam protection. The security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but lacks some security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

R

Reka

reka.ch

70

Reka operates as a Swiss-based company specializing in family-friendly holiday and leisure services, primarily through its Reka-Card discount payment system and holiday offerings in Switzerland and Europe. The website reflects a professional and consistent brand presence targeting families and leisure travelers. Technically, the site employs modern web standards including HTML5, CSS3, and Bootstrap grid, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and compliance.

B

Burgergemeinde Bern

bgbern.ch

48

Burgergemeinde Bern is a municipal government entity serving the city and canton of Bern, Switzerland. It provides a broad range of community services including social welfare, environmental stewardship, cultural activities, urban development, sports, education, and scientific engagement. The website reflects its role as a public sector organization with clear communication and community outreach. Technically, the site is built on the Plone CMS platform, leveraging modern JavaScript libraries and frameworks to deliver a responsive and user-friendly experience. The presence of Matomo analytics indicates a privacy-conscious approach to user data collection. Security posture is solid with HTTPS enforced and CSRF protections in place, though there is room for improvement in implementing security headers and explicit cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, the website is professional, trustworthy, and well-aligned with its governmental mission.

V

Vee24

vee24.com

64

Vee24 operates as an enterprise-focused technology company specializing in video chat and virtual consultation platforms designed to enhance digital customer experiences. Their services target luxury retail, beauty, home furnishing, automotive, and financial services sectors, positioning them as a key player in video commerce and virtual appointments. The website reflects a mature digital presence with professional branding, clear messaging, and a focus on increasing sales and customer satisfaction through innovative digital engagement tools. Technically, the website leverages modern web technologies including React, JSON-LD structured data, and custom scripts hosted on dedicated CDNs. The site is mobile-optimized, accessible, and SEO-friendly, with fast loading times and a clean user interface. Privacy and cookie compliance are well implemented, with clear policies and consent mechanisms in place. From a security perspective, the site uses HTTPS and secure form inputs but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or malicious content were detected, and trust is bolstered by certifications such as AICPA SOC and reputable client logos. The absence of WHOIS data is a minor concern but does not significantly detract from the overall trustworthiness. Overall, Vee24 presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security transparency and header implementation would further enhance their security posture and trust.

F

Feratel Medien Technologien AG

feratel.ch

67

Feratel Medien Technologien AG is a Swiss-based technology company specializing in tourism and media solutions. The company offers a range of B2B services including marketing, upselling, service platforms, data strategies, communication, and interface development. Positioned as an established player in the DACH region, Feratel targets tourism industry professionals and media companies with a comprehensive suite of technology-driven services. The website reflects a professional and consistent brand image with clear navigation and good content quality. Technically, the website is built on TYPO3 CMS and integrates modern tools such as Cookiebot for consent management and Google Tag Manager for analytics. The site is mobile optimized and employs standard web technologies including JavaScript and CSS. Performance is moderate with good SEO and basic accessibility features. Security is well addressed with HTTPS enforcement and multiple security headers, though explicit security and incident response policies are not publicly documented. The security posture is strong with no detected vulnerabilities or exposed sensitive data. Privacy compliance is robust, featuring a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. The site uses extensive tracking and marketing tools but manages user consent effectively. Overall, the website demonstrates a high level of trustworthiness and professionalism. Strategically, Feratel should consider publishing explicit security and incident response policies to enhance transparency and trust. Accessibility improvements and regular audits of third-party scripts would further strengthen the security and user experience. The domain registration data aligns well with the business claims, supporting legitimacy and credibility.

B

bexio AG

bexio.ch

74

bexio AG is a Swiss-based company founded in 2013, providing comprehensive business software solutions tailored for small businesses, startups, and self-employed individuals. Their SaaS platform offers a wide range of services including contact management, sales process automation, expense and accounting management, payroll, and integrated e-banking. Positioned as a trusted Swiss SME software provider, bexio serves over 90,000 customers and benefits from strong partnerships with reputable organizations such as Mobiliar and UBS. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including Alpine.js, Google Tag Manager, and Usercentrics for consent management, ensuring a fast, mobile-optimized, and SEO-friendly platform. Security best practices are observed with HTTPS enforcement, security headers, and secure form handling. However, explicit security policies and incident response information are not publicly available, representing an area for improvement. The security posture is strong with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS domain registration details is a notable concern, slightly impacting business credibility, but the overall digital presence and trust signals mitigate this risk. Overall, bexio demonstrates a mature digital infrastructure and a secure, privacy-conscious environment suitable for its target SME audience. Strategic recommendations include publishing detailed security policies, incident response plans, and vulnerability disclosure information to enhance transparency and trust further.

Davos Klosters is a prominent tourism organization promoting holidays and outdoor activities in the Swiss Alps, specifically in the Graubünden region. The website offers comprehensive information and booking options for skiing, hiking, biking, and cultural events, targeting tourists seeking alpine experiences. The company holds a strong market position as a leading alpine destination with a professional online presence and integrated e-commerce capabilities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although dedicated security and incident response policies are not explicitly found on the site. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professional, and well-aligned with its business goals.

M

Musik Basel

musik.bs

56

Musik Basel is a regional media platform focused on providing news, event information, and venue details related to the music scene in Basel, Switzerland. The website targets music enthusiasts and residents interested in cultural events and music news within the Basel region. It operates primarily as a content publishing platform with a focus on local music culture and events. Technically, the website is built using modern web technologies including the Nuxt.js framework and Vue.js, with integrations such as Google Tag Manager and Google Maps API for enhanced user experience and analytics. The site demonstrates good mobile optimization, SEO practices, and a professional design consistent with its regional media focus. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers, indicating a solid security posture. However, it lacks a cookie consent mechanism despite using tracking scripts, and there is no publicly available security policy or incident response information. No vulnerabilities or suspicious content were detected. Overall, Musik Basel presents a trustworthy and professional online presence for its niche audience. Strategic improvements in privacy compliance and transparency around security policies would further enhance its credibility and user trust.

BURGUNDER is a small Swiss-based e-commerce retailer specializing in semi-professional outdoor gear. The website is built on the Shopify platform, leveraging its e-commerce capabilities and integrations. The product catalog includes various outdoor gear items, targeting outdoor enthusiasts seeking quality equipment. The business appears to be relatively young, founded around 2020, consistent with the domain registration date. The website presents a professional design with clear navigation and product presentation, although direct contact details such as emails or phone numbers are not provided, relying instead on a contact form. Privacy and cookie policies are minimal, with only a terms page detected that may contain some privacy information. The site uses common marketing and analytics tools including Meta pixel and Mailchimp, indicating moderate user tracking.

K

kühne wicki GmbH

kuehnewicki.com

57

kühne wicki GmbH is a Swiss-based interdisciplinary futures research and consulting firm specializing in Futures Research, Development, Implementation, and Futures Literacy. Founded in 2017, the company serves organizations and individuals interested in strategic foresight, scenario planning, and transformative future-oriented processes. Their market position is that of a specialized boutique consultancy with a strong focus on innovation and future competencies, supported by a professional team and reputable clients. The website reflects a high level of professionalism, with detailed project case studies and team profiles, indicating a mature business presence. Technically, the website is built using modern JavaScript frameworks (Nuxt.js/Vue.js) and integrates Google Analytics and Tag Manager for tracking. Hosting is provided by Hostpoint AG, a reputable Swiss hosting provider. The site is mobile-optimized and performs moderately well, though some accessibility features could be improved. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS but lacks important security headers and DNSSEC is not enabled. No privacy or cookie policies are present, which is a compliance gap especially under GDPR. No incident response or security contact information is provided. The site does not show signs of vulnerabilities or malicious content but could improve its security posture by implementing recommended headers and policies. Overall, the website is trustworthy and professional with minor gaps in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, implementing security headers, enabling DNSSEC, and publishing incident response information to enhance trust and compliance.

K

Kunsttage Basel

kunsttagebasel.ch

59

Kunsttage Basel is a well-established cultural event organizer focused on contemporary and modern art in Basel, Switzerland. The website showcases a comprehensive program of exhibitions, workshops, talks, and performances involving over 60 institutions. The event targets art enthusiasts and the local cultural community, providing rich content and multiple engagement channels including social media and newsletters. Technically, the site is built on modern frameworks such as Nuxt.js and integrates Mapbox for location services, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and security headers, though cookie consent and explicit security policies are lacking. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve privacy compliance and incident response transparency.

L

LiveSurface

livesurface.com

64

The website 'LiveSurface' presents a professional front focused on product visualization and design tools, as indicated by the page title and styling. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy or recent registration status. The technical infrastructure includes use of Google Tag Manager for analytics, but lacks visible security headers and privacy compliance documentation. No contact information or business details are provided, limiting trust and transparency. Overall, the site appears functional and visually coherent but lacks critical security and compliance elements.

A

Avacon AG

avacon-shop.de

66

Avacon AG operates the Avacon Shop, an e-commerce platform specializing in energy-related products and services including electromobility, photovoltaic systems, energy storage, and electrical installations. The website targets consumers and businesses in Germany seeking comprehensive energy solutions. The platform is built on the Shopware CMS and hosted by Hetzner, leveraging modern web technologies and marketing tools such as Google Tag Manager and Facebook Pixel. The site features a professional design with good navigation and mobile optimization, supporting customer account management and product browsing. Security posture is adequate with HTTPS and secure forms, though lacks explicit security headers and published privacy or cookie policies. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate business presence.

W

Worldsoft AG

worldsoft.info

68

Worldsoft AG is a well-established Swiss technology company specializing in comprehensive web project solutions including domain registration, website building, email marketing, online shops, CRM, and hosting services. With over 25 years of experience, they serve a broad business audience across Europe, positioning themselves as a reliable and professional provider. Their website reflects a mature digital presence with clear branding, extensive product offerings, and strong customer trust indicators such as high Google review ratings and multiple certifications. Technically, the website employs modern web technologies including progressive web app capabilities, custom CMS, and third-party widgets for enhanced user engagement. The site is well-optimized for mobile devices, fast loading, and SEO-friendly. However, some security best practices like explicit security headers and published incident response policies could be improved. From a security perspective, the site uses HTTPS and shows no obvious vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Contact information is transparent and professional, supporting business credibility. Overall, the website and business demonstrate a strong security posture and digital maturity, though there is room for improvement in formalizing security policies and enhancing transparency around vulnerability disclosures. The domain WHOIS data is privacy protected, which is typical for this business type and does not raise immediate concerns. Strategic recommendations include implementing security headers, publishing incident response and vulnerability disclosure information, and maintaining ongoing security audits to sustain trust and compliance.

K

Kniv-Web GmbH

kniv-web.ch

65

Kniv-Web GmbH is a Swiss-based digital agency specializing in web design, e-commerce solutions, SEO, and online marketing services. With over 25 years of experience, the company targets small and medium-sized businesses primarily in the March and Höfe districts of Switzerland. Their service offerings include professional website development, progressive web apps, online shops, branding, and video production, positioning them as a comprehensive digital partner for local businesses. Technically, the website leverages modern web technologies including PWA capabilities, Google Fonts, and integrates with analytics and cookie consent management tools. Hosting is provided by a Swiss company, Worldsoft AG, ensuring local infrastructure alignment. The site is mobile-optimized, SEO-friendly, and demonstrates good performance and accessibility standards. From a security perspective, the site enforces HTTPS and employs a robust cookie consent mechanism compliant with GDPR. However, explicit security policies and incident response contacts are not publicly disclosed, representing an area for improvement. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional, trustworthy, and compliant digital presence with strong business credibility. Strategic enhancements in security transparency and formal incident response processes would further strengthen their security posture and client trust.

W

Worldsoft AG

worldsoft.ch

68

Worldsoft AG is a well-established Swiss technology company specializing in comprehensive web project solutions including domain registration, website building, email marketing, online shops, CRM, and hosting services. With over 25 years of experience, the company targets businesses and professionals seeking integrated digital tools to enhance their online presence. Their market position is strengthened by strong customer satisfaction, certifications, and a broad product portfolio. Technically, the website demonstrates a modern and performant infrastructure using proprietary CMS technology, progressive web app features, and integration with third-party widgets for enhanced user engagement. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security policy or incident response contacts, which are recommended for further strengthening the security posture. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. Overall, the risk assessment is low with no indications of malicious activity or content safety concerns. Strategic recommendations include implementing security headers, publishing a vulnerability disclosure policy, and enhancing transparency around incident response to further build trust and resilience.

M

Messen.de

messen.de

53

Messen.de is a well-established online platform providing a comprehensive calendar and overview of trade fairs and exhibitions primarily in Germany, Austria, Switzerland, and the Netherlands. It serves exhibitors, visitors, event organizers, and service providers by offering detailed event information, ratings, and news updates. The platform positions itself as a key resource in the German-speaking trade fair market, leveraging structured data and a user-friendly interface to deliver relevant content without requiring login. Technically, the website employs modern JavaScript frameworks, integrates Google Tag Manager, and uses a consent management platform to comply with GDPR regulations. Advertising and tracking are managed through reputable networks such as Criteo and Sourcepoint. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response details are absent. Overall, the site is professional, trustworthy, and compliant with privacy standards, making it a reliable resource for its target audience.

L

Landeshauptstadt Hannover

herrenhausen.de

52

The website 'Herrenhäuser Gärten - Hannover.de' serves as the official online presence for the Herrenhäuser Gardens and the Museum Schloss Herrenhausen, operated by the Landeshauptstadt Hannover (City of Hannover). It provides comprehensive visitor information, event details, group tours, and ticketing services, targeting tourists, families, and cultural enthusiasts. The site is well-positioned as a leading cultural and botanical attraction in Hannover, supported by consistent branding and professional content. Technically, the website employs modern web standards including HTML5, CSS3, SVG graphics, and JavaScript, with Matomo analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The CMS appears custom or proprietary, typical for government sites. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. No vulnerabilities or exposed sensitive data were detected. However, the site lacks a visible cookie consent mechanism and dedicated security or incident response policies, which are recommended for enhanced GDPR compliance and transparency. Overall, the website is trustworthy, professionally maintained, and provides a safe user experience. Strategic improvements in privacy consent and security transparency would further strengthen its compliance and user trust.

H

Hannover Marketing und Tourismus GmbH

visit-hannover.com

61

Visit Hannover is an official tourism portal managed by Hannover Marketing und Tourismus GmbH, providing comprehensive information on hotels, sightseeing, events, congresses, and regional attractions in Hannover, Germany. The website targets tourists, business travelers, and event attendees, offering booking options and cultural highlights. Technically, the site uses modern JavaScript libraries, Matomo analytics, and Google advertising scripts, with a likely CMS based on eZ Platform. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is good with HTTPS and consent management, though explicit security headers and policies are missing. WHOIS data is unavailable, which slightly reduces trust but the website content and branding indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with GDPR.

Z

zinnobergruen gmbh

bestarchitects.de

50

The website bestarchitects.de represents the 'best architects award', a prestigious European architecture award recognizing outstanding architectural achievements. The site serves architects, industry professionals, and enthusiasts by providing award results, news, and a bookshop for related publications. The business model centers on award organization and publication sales, positioning itself as a recognized authority in the European architecture sector. Technically, the site is built on depage CMS with modern web standards, includes responsive design, and uses Google Analytics for visitor insights. Security posture is solid with HTTPS, CSRF protection on forms, and cookie consent mechanisms, though it lacks explicit security headers and published security policies. Overall, the site is professional, trustworthy, and compliant with GDPR, but could improve transparency on security and incident response. No blocking or WAF interference was detected, allowing full content access and analysis.

B

Beer Merz AG

beermerz.ch

61

Beer Merz AG is a small architecture firm based in Basel, Switzerland, specializing in architectural design, building renovations, and project competitions. The website presents a professional portfolio of projects primarily focused on real estate and urban development. The firm targets a general audience interested in architectural services within the Basel region. Technically, the website is built using React and modern JavaScript, with a custom CMS or framework. It shows moderate performance and good mobile optimization but lacks some accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers were detected. Cookie consent is implemented, and Google Analytics is used for tracking. However, no explicit contact information, terms of service, or security policies are present on the site. The domain uses privacy protection for WHOIS data, which is justified for this business type. Overall, the website is professional and trustworthy but could improve in security and compliance transparency.

Truwant + Rodet + is a small architecture and design studio based in Basel, Switzerland, specializing in innovative architectural projects, competitions, research studios, and exhibitions. Their portfolio includes a variety of projects primarily in Switzerland with some international collaborations, emphasizing adaptive reuse, artistic installations, and academic design studios. The website reflects a professional and artistic brand image targeting architecture professionals, clients, and academic institutions. Technically, the website employs modern JavaScript frameworks such as Alpine.js and GSAP, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks security headers and formal privacy or cookie policies. The presence of Google Analytics without a configured tracking ID and absence of privacy compliance mechanisms indicate areas for improvement. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security practices.

8

820

820.ch

56

820 is a Zurich-based architecture studio specializing in innovative designs that integrate technology and environmental considerations. Led by Nicolas König and Lewis Horkulak, the studio emphasizes techno-environmental synergies and speculative spatial scenarios to foster deeper environmental integration. Their portfolio showcases a range of projects, competitions, and installations, highlighting a strong presence in the architectural design community with multiple awards and exhibitions. Technically, the website is built on the Cargo Collective platform, utilizing modern web standards including HTML5, CSS3, and JavaScript. The site is well-optimized for mobile devices and presents a professional, visually rich portfolio. However, there is room for improvement in accessibility and SEO practices. From a security perspective, the site uses HTTPS and does not expose sensitive data or forms, reducing attack surface. Nonetheless, it lacks important security headers and does not provide explicit security policies or incident response contacts, which could be enhanced to improve trust and compliance. Overall, the website reflects a credible and professional architecture studio with a strong digital presence but would benefit from enhanced privacy, security, and compliance disclosures to align with best practices and regulatory requirements.

D

dorsa

dorsa.cc

55

Dorsa is a small, collaborative architecture practice based in Zurich, Switzerland, specializing in innovative architectural design, research, and installations. The website showcases a comprehensive portfolio of projects, academic collaborations, and exhibitions, positioning the collective as a niche player in the architecture and real estate sectors. The technical infrastructure is modern, leveraging Cargo CMS and standard web technologies, with good mobile optimization and moderate performance. Security posture is strong with HTTPS and security headers implemented, though privacy and cookie policies are absent, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and incident response transparency.

A

Andreas Gminder

myko-service.de

71

Myko-Service, operated by Andreas Gminder, is a small specialized e-commerce business focused on providing products and literature related to mycology and botany. The website targets a niche audience of scientists, hobby mycologists, and mushroom pickers, offering a broad range of items including microscopy supplies, truffle products, and creative materials. The business operates primarily in Germany and has been active since 2020. The website is multilingual, enhancing accessibility to an international audience. Technically, the website is built on the Epages e-commerce platform, utilizing modern JavaScript frameworks and is hosted on servers associated with rzone.de. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO is basic but functional, and the site includes essential legal pages and cookie consent mechanisms. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks visible advanced security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with GDPR-aligned policies and cookie consent. However, no explicit security or incident response policies are published. Overall, the website presents a trustworthy and professional front for a small niche retailer. Strategic improvements in security headers and explicit security policies could enhance trust and compliance further.

F

Felix Hampe, Pilzkurse und Kartierung

pilz-wissen.de

57

Felix Hampe operates a specialized educational and consulting business focused on mycology, offering mushroom courses, guided walks, consulting, and mapping services primarily in Hessen, Germany. The website presents a clear market position as a niche expert serving mushroom enthusiasts and nature lovers. The business model centers on direct service provision through seminars and personalized courses. Technically, the website is built on a modern stack with a CMS named MyWebsite, featuring responsive design and good SEO practices. Privacy compliance is well addressed with a GDPR-compliant privacy policy and cookie consent mechanisms. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though security headers are absent and could be improved. Overall, the website is professional, trustworthy, and safe for general audiences.

PilzCoach Badenweiler is a small, specialized business focused on mushroom coaching, education, and related product sales in the Badenweiler region of Germany. The company offers mushroom identification workshops, educational outreach to schools and kindergartens, and sells mushroom-related books and products. Their market position is niche and local, targeting mushroom enthusiasts and nature lovers. The website is built on the One.com Web Editor platform and hosted by One.com, featuring a moderate technical infrastructure with basic SEO and mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are lacking. Privacy compliance is basic but present, with cookie consent and privacy policy pages available. Overall, the website is professional, trustworthy, and content-rich for its niche audience.

K

Kieler Pilzfreunde e.V.

kieler-pilzfreunde.de

56

Kieler Pilzfreunde e.V. is a small non-profit association based in Germany focused on mushroom education, conservation, and community engagement. The website provides information about mushroom identification, courses, exhibitions, and artistic projects involving fungi. It targets mushroom enthusiasts, nature lovers, and local community members including adults and children. The business model relies on memberships, donations, and event participation. Technically, the website is built using Incomedia WebSite X5 CMS with jQuery and standard web technologies. The site has moderate performance and basic mobile optimization. SEO is reasonably addressed with meta tags and structured navigation. However, there is no visible cookie consent mechanism or advanced accessibility features. From a security perspective, the site lacks visible security headers and explicit HTTPS confirmation in the provided data, which lowers its security posture. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic with a privacy policy present but no cookie banner. No incident response or security policies are published. Overall, the website is functional and trustworthy for its non-profit educational purpose but would benefit from improved security practices, HTTPS verification, and enhanced privacy compliance to strengthen user trust and regulatory adherence.

R

Roger Lehner

rogerlehner.com

47

Roger Lehner operates a small, specialized design studio based in Germany, focusing on ambitious projects that emphasize collaboration, creativity, and accessibility. The website showcases a professional portfolio with services including branding, digital and print design, and inclusive design practices. The business targets clients seeking high-quality, dynamic visual communication solutions. Technically, the website employs modern JavaScript libraries such as Swup and Swiper for enhanced user experience and uses Umami Analytics for minimal user tracking. Hosting is provided by hosttech.de, a German hosting provider, aligning with the business location. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not implement cookie consent mechanisms, which are areas for improvement. Overall, the website is professional, trustworthy, and well-designed but could enhance compliance and security practices.

W

Westermann Gruppe

hoelzel.at

75

Westermann Gruppe is a well-established educational publisher in Austria, offering a broad range of educational media including school books, digital learning platforms, and specialized services such as the OMNIA Schularbeitengenerator. The website targets educators, parents, students, and therapists, providing comprehensive digital and physical educational resources. The company maintains a consistent brand presence and integrates modern digital services to enhance user engagement and learning experiences. Technically, the website employs modern JavaScript frameworks, responsive design, and analytics tools, ensuring good performance and accessibility. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie consent, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

W

Westermann Gruppe

westermann.at

75

Westermann Gruppe is a well-established educational publisher in Austria, offering a broad range of educational media including schoolbooks, digital learning platforms, and educational services targeted primarily at educators, parents, and students. The website reflects a mature digital presence with integrated services such as digital libraries, learning media, and user account management. The company maintains a consistent brand identity and provides comprehensive customer support and engagement channels. Technically, the website employs modern web technologies, responsive design, and analytics tools while ensuring GDPR compliance through detailed privacy and cookie policies. Security posture is strong with HTTPS enforcement and secure form handling, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for its audience.

W

Westermann Schweiz AG

westermann-schweiz.ch

72

Westermann Schweiz AG is a reputable Swiss educational publisher offering a wide range of print and digital learning materials across all school levels. Their portfolio includes well-known imprints such as SCHUBI, WSS, and KLV, targeting educators, parents, students, and therapists. The company maintains a strong market position within the Swiss education sector, supported by a professional website with comprehensive product information, customer services, and digital learning solutions. Technically, the website employs modern JavaScript frameworks, analytics tools, and responsive design, ensuring good performance and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.