High-risk security reports

Studierendenwerk Aachen is a regional non-profit organization providing essential student services such as housing, dining, and social support primarily for the academic community in Aachen, Germany. The website serves as an informational portal targeting students and university affiliates. The technical infrastructure relies on established but somewhat dated technologies including jQuery 1.12.4, Materialize CSS, and Google Maps API, with consent management handled by Usercentrics, indicating some GDPR awareness. However, the website lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is moderate with HTTPS implied but no visible security headers or modern security practices. No contact or business certification information is readily available in the provided content, limiting trust signals. Overall, the site is functional but could benefit from modernization and enhanced compliance documentation.

The website cloud32.ch currently serves as a minimal 'Coming Soon' placeholder page with no substantive business content, contact information, or policies. The site uses WordPress with a Coming Soon plugin and includes styling via Tailwind CSS and FontAwesome. There is no evidence of active business operations or services presented on the site. The technical infrastructure is basic, with standard libraries such as jQuery and Google Fonts included. No analytics or tracking scripts are detected, and no security headers or SSL configuration details are available from the provided data. The security posture is weak due to lack of visible HTTPS enforcement and absence of security best practices. Privacy compliance is non-existent as no privacy or cookie policies are found. Overall, the site lacks business credibility and trust indicators, making it unsuitable for customer engagement at this time.

The website sefeaimpact.it currently serves a robot challenge screen implementing a proof-of-work captcha mechanism to verify visitors. This indicates the presence of a Web Application Firewall (WAF) or security layer blocking direct access to the actual website content. Due to this, no business-related content, contact information, or policies are accessible for analysis. The domain is registered since 2016 with DNSSEC enabled, suggesting a legitimate registration, but the lack of accessible content limits further trust evaluation. Technically, the site uses custom JavaScript with Web Workers and cryptographic hashing to implement the captcha challenge. The hosting leverages AWS Cloudfront CDN for content delivery. However, no SEO, accessibility, or privacy compliance features are present on the challenge page. Security headers and HTTPS configuration details are not visible in the provided data. The security posture shows some strengths in DNSSEC and captcha usage but lacks visible security headers and privacy compliance mechanisms. The site does not expose forms or inputs, reducing attack surface but also limiting user interaction. Overall, the site is currently inaccessible for normal users without passing the challenge, which impacts usability and trust. Given these factors, the overall risk is moderate due to the blocking mechanism, but the lack of transparency and policies is a concern. Strategic recommendations include implementing visible security headers, publishing privacy and cookie policies, providing contact and incident response information, and improving user experience post-challenge.

C

Consorzio Cooperativo Finanziario per lo Sviluppo

fin4coop.it

40

FIN4COOP is a cooperative financial intermediary operating nationally in Italy, focusing on providing financial services and support to cooperative members. The website serves as an information portal offering details on financial activities, brochures, membership procedures, financial statements, and news updates. The company targets cooperative organizations and mutual societies, positioning itself as a niche player in the cooperative finance sector with strategic partnerships and a cooperative business model. The website is professionally designed, consistent in branding, and includes trust signals such as privacy compliance and social media presence. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Maps API, and Google Analytics integrated with consent management. The site shows moderate performance and good mobile optimization. SEO practices are well implemented with proper meta tags and structured data. However, a visible PHP warning indicates a plugin issue that should be resolved to improve security and user experience. From a security perspective, the site uses HTTPS with excellent SSL configuration and employs a cookie consent mechanism via Iubenda. No critical vulnerabilities were detected, but the absence of security headers and the PHP warning reduce the security posture score. No incident response or security policy pages were found, suggesting room for improvement in transparency and preparedness. Overall, the website is trustworthy and professional with a good balance of content quality, technical implementation, and privacy compliance. Addressing the minor security issues and enhancing security headers would further strengthen the site's security and user trust.

The domain rumahweb.net is registered to CV. Rumahweb Indonesia since 2005, indicating a long-standing business presence in Indonesia within the technology sector. However, the website content is completely empty, with no metadata, no visible content, no forms, no links, and no scripts, which severely limits the ability to assess the company's digital presence or offerings. The lack of any privacy, cookie, or terms of service policies, as well as absence of contact information, further restricts evaluation of compliance and user engagement capabilities. From a technical perspective, no information about the technology stack, hosting provider, or performance can be derived due to the absence of content. Security posture cannot be assessed beyond the WHOIS data, which shows a domain with clientTransferProhibited and clientUpdateProhibited statuses, indicating some level of domain security. No WAF or blocking mechanisms were detected. Overall, the security posture is unknown due to lack of data, but the domain registration data is consistent and trustworthy. The website's lack of content and policies represents a significant risk for user trust and compliance. Strategic recommendations include developing a functional website with clear business information, implementing privacy and cookie policies, and establishing contact and security policies to improve trust and compliance.

A

Axapharm AG

grafixpharm.ch

46

Grafixpharm, operated by Axapharm AG, is a Swiss-based graphic design service provider with a multilingual WordPress website. The site demonstrates moderate digital maturity with the use of modern plugins such as Yoast SEO, WPML for multilingual support, and Google Analytics for visitor tracking. The website design is professional and mobile-optimized, providing a good user experience and clear navigation. However, the site lacks visible privacy and cookie policies, which impacts its privacy compliance score. Security posture is adequate with HTTPS enabled and some tracking opt-out mechanisms, but it lacks advanced security headers and public security policies. Overall, the domain registration aligns well with the business claims, indicating legitimacy and consistency.

O

ORDRE DES ARCHITECTES - ORDE VAN ARCHITECTEN FCGOA

nroa-cnoa.be

44

The website represents the National Council of the Order of Architects (NROA) in Belgium, a governmental regulatory body overseeing architects. It provides information about the council's assignments, composition, and offers a service to find architects via an external API. The site is multilingual, targeting Dutch, French, and German-speaking audiences in Belgium. The business model is regulatory and service-oriented, focusing on governance and professional oversight within the architecture sector. The organization is relatively new online, with domain registration in 2023, consistent with the website's recent content updates. Technically, the website is built on WordPress with Elementor and uses modern SEO and cookie consent plugins. Hosting is provided by OVH, a reputable provider. The site is mobile-optimized, has good SEO practices, and uses Google Analytics with consent-based loading. Performance is moderate, and accessibility is basic but functional. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected. Security-wise, no critical vulnerabilities or exposed sensitive data were found. The site lacks explicit security policies or incident response contacts, which could be improved. Privacy compliance is good with a clear cookie policy and consent mechanism. Business credibility is supported by consistent branding, structured data, and trust signals such as official logos and partner links. Overall, the website is professional, secure, and compliant with GDPR requirements, serving its role as a national architectural regulatory authority effectively.

K

Kirchen in Zürich - Diese Seite ist nicht mehr in Betrieb.

kirchen-in-zuerich.ch

43

The website kirchen-in-zuerich.ch is currently inactive, displaying a message that it is no longer in operation. It appears to have been a WordPress-based site focused on churches in Zürich, Switzerland, but no active content or business services are available. The technical infrastructure is minimal, relying on WordPress with an under construction plugin and standard web fonts and CSS frameworks. There are no visible security headers or advanced security configurations, and no privacy or cookie policies are present. The site lacks contact information, forms, or social media links, indicating a low level of digital maturity and business engagement. Overall, the security posture is weak due to the absence of security best practices and policies, though no critical vulnerabilities or malicious indicators were detected. The domain registration data is consistent with the website's geographic focus and theme, but the inactive status reduces trust and business credibility. Strategic recommendations include reactivating the site with proper content, implementing security headers and HTTPS, adding privacy and cookie policies, and providing clear contact and incident response information to improve compliance and trust.

F

Fachkommission Internet – Amnesty International

fk-internet.de

44

The Fachkommission Internet (FK Internet) website serves as an IT support portal for the German section of Amnesty International, providing services such as webhosting, email, cloud storage, and intranet support. The organization operates as a small, volunteer-driven non-profit entity, targeting Amnesty International groups and districts in Germany. The website is built on WordPress and hosted on Manitu servers, reflecting a moderate to good level of technical maturity with modern plugins and responsive design. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and explicit security policies. Privacy compliance is mostly met with a comprehensive privacy policy, but lacks a cookie consent mechanism. Overall, the website is trustworthy, professional, and well-maintained, supporting its niche audience effectively.

D

Deutsche Stiftung für junge Erwachsene mit Krebs

junge-erwachsene-mit-krebs.de

46

The Deutsche Stiftung für junge Erwachsene mit Krebs is a specialized non-profit foundation dedicated to supporting young adults aged 18 to 39 diagnosed with cancer. The organization provides comprehensive information, support services, advocacy, and educational resources tailored to this demographic within Germany. Their market position is focused and niche, serving a critical healthcare segment with a strong emphasis on community engagement and scientific collaboration. The website reflects a mature digital presence with multilingual support and donation capabilities, indicating a well-established infrastructure. Technically, the website is built on WordPress with modern plugins such as Yoast SEO for optimization, GiveWP for donations, and WPML for multilingual content. The site demonstrates good mobile responsiveness, accessibility compliance (including BITV standards), and SEO best practices. Performance is moderate, with room for optimization, but overall the technical implementation supports the foundation's mission effectively. From a security perspective, the site enforces HTTPS and employs cookie consent management via Borlabs Cookie. While explicit security headers are not fully evident, no critical vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the organization's identity, showing consistent registration and no privacy protection, which is appropriate for a non-profit entity. No incident response or vulnerability disclosure policies are publicly visible, suggesting an area for improvement. Overall, the website presents a low-risk profile with strong business credibility and compliance with privacy regulations. Strategic recommendations include enhancing security headers, formalizing incident response and vulnerability disclosure processes, and continuous monitoring of plugin security to maintain a robust security posture.

S

Schazo AG

schazo.ch

45

Schazo AG is a well-established regional delivery company based in Switzerland, specializing in early morning delivery of newspapers, magazines, and advertising materials across the Schaffhausen region and neighboring cantons. With over 30 years of experience and a workforce of approximately 150 employees, Schazo serves over 51,000 households, positioning itself as a key player in regional print media distribution. The company offers services including early delivery, advertising mail distribution, and comprehensive delivery solutions in partnership with local providers. Technically, the website is built on the webEdition CMS platform and utilizes jQuery and custom image fading scripts. The site demonstrates moderate performance and basic mobile optimization, with a clear navigation structure and consistent branding. SEO and accessibility features are basic but functional. The site includes a cookie consent mechanism compliant with GDPR requirements, and privacy and terms of service documents are available, though security policies and incident response information are absent. From a security perspective, the website uses HTTPS (assumed from modern standards though not explicitly confirmed in the HTML), but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected in the content. The cookie consent mechanism is implemented properly, enhancing privacy compliance. WHOIS data confirms the domain is consistent with the business profile, showing legitimacy and alignment with the company's claimed history and location. Overall, the website presents a professional and trustworthy image with good business credibility and privacy compliance. However, improvements in security headers, incident response transparency, and technical modernization could enhance the security posture and user trust further.

R

Revaia

revaia.com

40

Revaia is a growth equity investment fund dedicated to supporting sustainable leaders in technology and innovation. The website presents a professional image with clear branding and a focus on ESG principles, supported by multiple certifications and industry awards. The target audience includes investors and technology companies focused on sustainability. The site uses modern web technologies such as Nuxt.js, Google Analytics, and reCAPTCHA, indicating a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although some security policies and incident response information are absent. Privacy compliance is well addressed with comprehensive privacy and cookie policies. However, the absence of WHOIS data and direct contact information reduces overall trustworthiness. Strategic recommendations include verifying domain registration, enhancing contact transparency, and adding security incident response details.

S

Stiftung z'Rieche

zrieche.ch

48

Stiftung z'Rieche is a Swiss cultural foundation dedicated to publishing the annual 'Jahrbuch z’Rieche', a yearbook focusing on the history, culture, and societal developments of the Riehen community near Basel. Established in 1961, the foundation serves a niche audience interested in regional heritage and cultural documentation. The website is built on TYPO3 CMS and integrates modern web technologies such as Google Analytics and Google Tag Manager for visitor tracking. The site is well-designed, mobile-optimized, and provides clear navigation to its key offerings including yearbook sales and news updates. However, direct contact information such as emails or phone numbers is not explicitly displayed, relying instead on a contact form.

K

Startseite - Kunstspaziergang Riehen

kunstspaziergang-riehen.ch

46

The website 'Kunstspaziergang Riehen' serves as an informational platform focused on art walks in the municipality of Riehen, Switzerland. It provides visitors with navigation and cultural insights related to local art installations. The site is built on WordPress and integrates Google Maps API for interactive map features. The design is professional and mobile-optimized, offering a good user experience with clear navigation. However, the site lacks critical privacy and cookie policies, which may impact GDPR compliance. No explicit contact information or security policies are present, limiting direct communication and transparency regarding data protection. Security headers are absent, representing a potential vulnerability. Overall, the website is functional and trustworthy for its cultural purpose but requires improvements in privacy, security, and contact transparency to enhance compliance and user trust.

I

IBA Basel

iba-basel.net

47

IBA Basel is a regional urban development organization focused on coordinating and disseminating information about projects and initiatives in the Basel area, involving multiple municipalities and partners. The website serves as an information hub offering project details, news, events, media, and publications. The organization targets government entities, urban planners, and the general public interested in regional development. Technically, the website uses a range of JavaScript libraries including jQuery, Slick Carousel, and Google Analytics with IP anonymization, indicating a moderate level of digital maturity. The site is mobile optimized and provides cookie consent mechanisms, reflecting basic privacy compliance. Security posture is moderate with room for improvement, particularly in updating libraries and implementing security headers. The WHOIS data is missing or unavailable, which raises some concerns about domain legitimacy, but the professional content and official partner links support the site's credibility. Overall, the website is functional, informative, and trustworthy but would benefit from enhanced security and transparency measures.

M

Multimedia ABC GmbH (hilfmir.ch)

multimedia-abc.ch

43

Multimedia ABC GmbH is a Swiss-based small enterprise specializing in multimedia project services including videoproduction, VoIP telephony, livestreaming, and IT support for private clients, SMEs, and associations. Founded in 1999, the company has evolved to unify multiple projects under one brand, offering a diversified portfolio of digital and multimedia solutions. The website reflects a professional and consistent brand presence targeting a German-speaking Swiss audience. Technically, the site is built on Joomla CMS with modern UIkit framework and integrates Google Analytics with privacy considerations. Security posture is solid with HTTPS and CSRF protections, though some security headers could be improved. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. Contact information is complete and transparent, enhancing business credibility.

G

Genossenschaft Getränkekollektiv

getraenkekollektiv.ch

47

Genossenschaft Getränkekollektiv operates a sustainable and fair beverage delivery and retail business based in Basel, Switzerland. The company targets private customers, offices, event organizers, and the hospitality sector with a focus on regional and environmentally friendly products. Their business model includes direct delivery via cargo bike or van, subscription options, and an online shop. The website is built on WordPress with Elementor and integrates privacy-conscious tools like Matomo analytics and hCaptcha for form security. Contact information and social media presence support customer engagement and trust. Security posture is adequate with HTTPS and basic protections, but lacks published security policies and advanced headers. Privacy compliance is partial, missing a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-aligned with the business's local and sustainable ethos.

B

B-Seite - Agenda für Basel

bseite.info

48

B-Seite is a niche community-driven agenda platform focused on providing an overview of subversive, alternative, and activist events in Basel, Switzerland. The website offers a calendar of events, event creation capabilities, and communication channels such as a newsletter and Telegram channel to engage its target audience. The platform serves a specialized community interested in political, cultural, and social activism. Technically, the website is built on Ruby on Rails with modern frontend technologies like Turbo Rails and Trix editor, providing a responsive and user-friendly experience. Security posture is moderate with HTTPS enforced and CSRF protections in place, but lacks advanced security headers and explicit privacy or cookie policies. The WHOIS data is privacy protected, which aligns with the nature of the site’s community focus. Overall, the site is functional, trustworthy, and well-positioned within its niche but could improve compliance and security transparency.

S

Schlossgut Turbenthal

schlossgut-turbenthal.ch

44

Schlossgut Turbenthal is a community-centered non-profit organization based in Turbenthal, Switzerland, focused on preserving and utilizing the Schlossgut as a cultural and social hub. The website serves as an informational platform highlighting the center's offerings, including support for local clubs, cultural events, markets, and community gatherings. The target audience primarily consists of local residents, cultural enthusiasts, and community groups. Technically, the website is built on WordPress using the Divi theme, leveraging standard web technologies such as jQuery and Google Fonts. The site is moderately optimized for performance and mobile devices, with a clean and consistent design that supports good user experience. Security posture is adequate with HTTPS enabled and basic form protections; however, it lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy features.

Energiestadt Turbenthal is a community-driven energy and sustainability initiative based in Turbenthal, Switzerland. The website serves as a platform to inform residents and stakeholders about local energy projects, sustainability efforts, and community events. It is positioned as a local government affiliated entity focused on promoting renewable energy and sustainable living. The site leverages TYPO3 CMS and integrates Google Analytics and Tag Manager for visitor insights, with basic privacy considerations such as IP anonymization. The design is professional and user-friendly, with clear navigation and mobile optimization. However, the absence of explicit privacy and cookie policies represents a compliance gap. Security posture is adequate with HTTPS enabled but lacks several recommended security headers. Contact information is available via a contact form and obfuscated email, enhancing user communication. Overall, the site is trustworthy and well-aligned with its community mission.

P

Primarschule Turbenthal

ps-turbenthal.ch

48

Primarschule Turbenthal is a public primary school serving approximately 500 children across multiple school units in Turbenthal, Switzerland. The institution provides comprehensive educational services including kindergartens, special education, and various support offerings such as speech therapy and school social work. The website is professionally designed using WordPress and includes clear navigation and contact information targeted at parents and the local community. The school holds a stable market position as a key educational provider in the region. Technically, the site uses common WordPress plugins and libraries, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and CAPTCHA on forms, but lacks advanced security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and well-maintained, suitable for its educational purpose.

G

Gesamtverband Deutscher Holzhandel e. V

gdholz.de

41

Gesamtverband Deutscher Holzhandel e. V (GD Holz) is a representative industry association for the German wood trade sector, aggregating the interests of 800 member companies. The organization focuses on advocacy, education, sustainability, and regulatory compliance support such as EUTR/EUDR. The website reflects a professional and well-structured digital presence with a modern WordPress infrastructure, SEO optimization, and active social media engagement. However, explicit privacy and cookie policies are not found, and contact information is not clearly presented on the homepage. Security posture is adequate with HTTPS enabled but lacks visible security headers and incident response information. Overall, the site is trustworthy and serves its target audience effectively.

M

Meier + Cie AG

meier-cie.ch

47

Meier + Cie AG is a well-established regional media company based in Schaffhausen, Switzerland, with a history dating back to 1861. It operates multiple media channels including print newspapers, online news portals, radio (Radio Munot), and television (SHf). The company is majority-owned by the Carl Oechslin Stiftung, which supports its independence and liberal stance. The website reflects a professional and comprehensive digital presence, targeting residents of Schaffhausen and the broader Swiss audience interested in regional and national news. The business model focuses on multi-channel media delivery and crossmedia advertising services.

ÖKK is a Swiss insurance company specializing in providing health insurance products tailored to private clients. The company positions itself as a reliable and sensible insurance provider with a focus on customer needs. The website reflects a professional and consistent brand image, targeting private clients primarily within Switzerland. The business model revolves around offering various insurance models and supplementary services to meet diverse client requirements. Technically, the website employs modern web technologies including JavaScript frameworks, font services, and third-party consent management tools, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS, implements strong security headers, and uses reCAPTCHA to protect forms, although it lacks a dedicated security policy or incident response page. Overall, the website demonstrates a mature digital presence with good privacy compliance and trustworthy business information.

T

Team Deutschland Paralympics

teamdeutschland-paralympics.de

45

Team Deutschland Paralympics is the official German Paralympic team website, providing comprehensive information about athletes, events, news, and partners related to Paralympic sports in Germany. The site serves as an authoritative platform for fans, athletes, and stakeholders interested in Paralympic activities. It is supported by official government and sports federation entities, enhancing its credibility and trustworthiness. Technically, the website is built on TYPO3 CMS and employs modern front-end libraries and privacy-conscious analytics (Matomo) with GDPR compliance. The site is well-structured, mobile-optimized, and accessible, offering a professional user experience. Security posture is good with HTTPS enforced and privacy mechanisms in place, though some security headers could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the website demonstrates a mature digital presence suitable for its non-profit, government-affiliated sports mission.

D

Deutsche Stiftung für junge Erwachsene mit Krebs

junges-krebsportal.de

49

The Deutsche Stiftung für junge Erwachsene mit Krebs operates the Junges Krebsportal, a specialized online platform providing young cancer patients in Germany with direct access to expert advice and support. The portal offers multiple communication channels including online chats, telephone consultations, and in-person meetings, complemented by a Tandem-Beratung program where affected individuals support each other. The foundation is supported by recognized partners and foundations, reinforcing its credibility in the healthcare non-profit sector. Technically, the website is built using modern web standards including HTML5, CSS3, JavaScript, and the UIkit framework, hosted on a reputable German hosting provider. The site is mobile-optimized with good SEO practices and clear navigation, although accessibility features are basic. No major performance or technical issues were detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and explicit security or incident response policies. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism is evident. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. Overall, the website presents a trustworthy, professional, and focused service with a strong business credibility score. Security posture is solid but could be improved with additional headers and policies. The absence of cookie consent mechanisms and incident response information are notable gaps. The domain WHOIS data is limited but consistent with the business purpose. No WAF or blocking mechanisms interfere with content access.

M

MOVE-ON(KO)

move-onko.de

47

MOVE-ONKO is a German healthcare project dedicated to integrating movement therapy into oncological care to improve patient outcomes by reducing side effects of cancer treatment. The project is funded by Deutsche Krebshilfe with a substantial budget and involves a consortium of clinical, scientific, and patient organizations. The website presents comprehensive information about the project, its vision, partners, and news updates, targeting cancer patients, healthcare professionals, and researchers. Technically, the site is built on WordPress with modern plugins and libraries, optimized for SEO and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and formal policies could be improved. WHOIS data is minimal but consistent with the project timeline and hosting infrastructure. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

The website gemeinsamgesund-hessen.de represents a regional health promotion program "teamw()rk für Gesundheit und Arbeit" in Hessen, Germany, focused on improving health and social participation for unemployed individuals. It is funded by the GKV-Bündnis für Gesundheit and coordinated by HAGE, collaborating with local job centers and community partners. The site provides detailed program information, team contacts, and a variety of health-related offerings both online and in-person. Technically, the site uses modern frameworks such as UIkit and Flatpickr, with interactive SVG maps and a cookie consent mechanism, indicating a moderate to good digital maturity. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR, serving a non-profit healthcare and social inclusion mission.

S

Sparkassen- und Giroverband Hessen-Thüringen (SGVHT)

finanzen-mit-daniel-jung.de

47

The website 'finanzen-mit-daniel-jung.de' is an educational platform focused on financial literacy, primarily targeting students and educators in the Hessen and Thüringen regions of Germany. It is operated under the auspices of the Sparkassen- und Giroverband Hessen-Thüringen, a reputable financial association. The site offers a series of well-structured, easy-to-understand videos and learning materials to enhance financial knowledge. The partnership with Sparkassen and the inclusion of the Sparkassen-SchulService platform reinforce its credibility and regional relevance. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager and Matomo for analytics, alongside a GDPR-compliant cookie consent mechanism. The site is hosted on servers indicated by the nameservers 'your-server.de' and related domains, suggesting a professional hosting environment. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in accessibility and security headers could be made. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are comprehensive and clearly presented, with a designated data protection officer contact provided. The site does not employ a vulnerability disclosure policy, which could be considered for future enhancement. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. It effectively serves its educational mission with professional content and transparent governance. Strategic recommendations include enhancing HTTP security headers, formalizing a vulnerability disclosure process, and improving accessibility features to further strengthen the site's security and user experience.

S

Stiftung Edith Maryon

maryon.ch

42

Stiftung Edith Maryon is a Swiss non-profit foundation focused on securing land and real estate for social, cultural, educational, and agricultural projects. The organization operates primarily in Switzerland and offers services including project development, legacy consulting, housing assistance, and cultural promotion. Their market position is niche, targeting community-oriented and socially responsible real estate initiatives. The website is built on WordPress with a modern tech stack including Yoast SEO and Matomo analytics, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS and secure forms, but could be improved by adding security headers and a cookie consent mechanism. Overall, the site is professional, trustworthy, and compliant with GDPR, though some privacy compliance aspects could be enhanced.

B

Bäckerei Kult

baeckereikult.ch

48

Bäckerei Kult is a small local bakery business based in Basel, Switzerland, operating multiple physical locations and offering bakery products, ordering services, and event hosting. The website is professionally designed using WordPress and integrates social media channels such as Facebook and Instagram to engage with its local audience. The business targets local customers and partners within the Basel region, maintaining a consistent brand presence and providing clear information about opening hours and locations. Technically, the website uses a modern CMS with SEO optimization and basic accessibility features, though there is room for improvement in security headers and incident response transparency. Security posture is solid with HTTPS enabled and cookie consent implemented, but lacks advanced security policies or vulnerability disclosure mechanisms. Overall, the website is trustworthy, well-maintained, and compliant with GDPR requirements, reflecting a legitimate and established local business.

S

Sommercasino Basel

sommercasino.ch

49

Sommercasino Basel is a small cultural venue located in Basel, Switzerland, offering a diverse program of concerts, theater, workshops, and community events. It also operates a café (Café Stoa) that serves seasonal meals and private event catering. The website is built on WordPress with modern plugins and technologies, providing a good user experience with clear navigation and event information. Social media integration and partner logos enhance its community presence. Security posture is adequate with HTTPS and email obfuscation, but lacks advanced security headers and cookie consent mechanisms. The domain uses privacy protection which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-maintained.

H

Helvetiarockt

helvetiarockt.ch

48

Helvetiarockt is a Swiss non-profit organization dedicated to empowering girls, women, intersex, non-binary, trans, and agender individuals through music workshops, sensitization events, and networking platforms. The organization positions itself as a niche player in the Swiss cultural and social empowerment sector, leveraging partnerships such as musicdirectory.ch and diversityroadmap.org to extend its reach and impact. The website is multilingual, supporting German, French, Italian, Romansh, and English, reflecting its inclusive and broad audience approach. Technically, the website is built on WordPress with modern integrations including Google Analytics, Google Tag Manager, and Elfsight widgets. It uses jQuery and GSAP for animations and interactive elements. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with deferred script loading to improve user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks advanced security headers and explicit security or incident response policies. Privacy compliance is basic, with privacy and cookie policies present but no active consent mechanism. The site collects user data via newsletter subscription forms and uses tracking scripts moderately. Overall, Helvetiarockt presents a trustworthy and professional online presence with a clear mission and audience. Security and privacy practices are adequate but could be improved to meet higher compliance standards. The domain registration data aligns well with the organization's profile, supporting legitimacy. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing explicit security policies to strengthen trust and compliance.

A

Amnesty International Deutschland e.V.

amnesty-international.de

41

Amnesty International Deutschland e.V. operates this website as a portal for local groups and districts within the German section of Amnesty International. The site serves as an informational hub linking to the main Amnesty International Germany website and providing resources for groups interested in establishing their own web presence. The organization is a well-established non-profit focused on human rights advocacy with a medium-sized presence in Germany. Technically, the website is built on WordPress with a moderate tech stack including jQuery and several plugins for enhanced user experience. The site is mobile-optimized and accessible, though content quality is basic and primarily informational. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and explicit incident response or vulnerability disclosure mechanisms. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is trustworthy and legitimate, but could benefit from enhanced security and privacy features.

B

blue-community.ch

bluecommunity.ch

48

Blue Community is a Swiss non-profit organization dedicated to advocating for water as a human right and promoting sustainable water management practices. The website serves as a community platform for municipalities, educational institutions, technical enterprises, church communities, and companies to demonstrate responsibility locally and globally. The organization positions itself as a niche player in the environmental non-profit sector with a focus on water resource protection and international partnerships. Technically, the website is built on WordPress using modern Gutenberg blocks, enhanced with Matomo analytics and Mautic marketing automation tools. It employs a cookie consent mechanism compliant with GDPR, ensuring user privacy and transparency. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and uses cookie consent best practices but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy and consistency with the organization's Swiss non-profit identity. Overall, the website presents a trustworthy, professional, and privacy-conscious platform with room for improvement in formal security documentation and incident response readiness.

Seelsorge Polizei und Rettungskräfte Zürich SPuR is a specialized non-profit organization providing confidential and free counseling services to police and emergency personnel in Zurich. The website serves as an informational and contact platform, offering support for stressful work or personal situations and special life events. The organization maintains a local presence with clear contact details and event announcements, positioning itself as a trusted support resource within its niche. Technically, the website is built on WordPress using common plugins and frameworks, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site is professional, trustworthy, and serves its target audience effectively, though it would benefit from enhanced compliance and security measures.

E

Evang.-ref. Kirchgemeinde Zürich

migrationskirchen.ch

44

The Zentrum für Migrationskirchen (ZMK) is a non-profit church-affiliated organization under the Evangelisch-reformierte Kirchgemeinde Zürich, focused on supporting migration churches and fostering intercultural Christian dialogue in Zurich. The website provides comprehensive information about their services, including room rental for worship, support and mediation between migration churches and local reform churches, and current news. The organization is well-positioned regionally with clear contact details and a professional online presence. Technically, the site uses a CMS likely based on DynPG, with Bootstrap and Matomo analytics, delivering a mobile-optimized and user-friendly experience. Security posture is adequate with HTTPS and secure form handling, though security headers and explicit policies are not evident. Privacy compliance is strong with a clear cookie consent mechanism and a detailed privacy policy in German. Overall, the site is trustworthy, professional, and serves its community well.

S

Streetchurch

streetchurch.ch

48

Streetchurch is a small non-profit organization based in Zurich, Switzerland, dedicated to supporting young people through work integration, housing, and social enterprise services. The organization focuses on providing holistic and low-threshold assistance to help individuals develop new life perspectives. Their website is professionally designed using WordPress with the Salient theme and includes clear navigation and relevant content tailored to their target audience. The site is accessible, mobile-optimized, and includes social media integration to enhance community engagement. Technically, the website uses modern web technologies and plugins, though some performance and security enhancements could be made. Security posture is adequate with HTTPS enforced, but lacks security headers and a formal security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website reflects a credible and trustworthy non-profit entity with room for improvement in security and privacy practices.

P

Pilgerzentrum St. Jakob Zürich

jakobspilger.ch

49

Pilgerzentrum St. Jakob Zürich is a small non-profit organization affiliated with the reformierte Kirche Zürich, focused on offering spiritual pilgrimage experiences, thematic pilgrimages, community events, and educational programs. Their website provides detailed event listings, newsletter signups, and community engagement features targeting pilgrims and spiritually interested individuals primarily in Switzerland. Technically, the site uses modern JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics and Tag Manager for tracking, and is built on the Redaxo CMS platform. The site is mobile optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and email obfuscation implemented, though it lacks advanced security headers and explicit security policies. Privacy and cookie policies are present and GDPR compliant. WHOIS data confirms the domain is registered consistently with the organization's identity, enhancing trust. Overall, the site is professional, trustworthy, and well-suited for its community-focused mission.

Z

Zytlos

zyt-los.com

46

Zytlos is a small non-profit community organization affiliated with the reformed church of Zurich, providing a welcoming space near Bahnhof Enge that includes a café and diverse event offerings such as concerts, coworking, meditation, and yoga. The website is professionally designed using WordPress and Elementor, featuring modern web technologies and responsive design. Security posture is adequate with HTTPS and reCAPTCHA integration, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is trustworthy and serves its community-focused mission effectively.

IT-Atelier is a small German engineering office specializing in media and information technology, offering IT coordination, management consulting, web-based software applications, and internet services primarily targeting businesses and public sector organizations such as municipalities. The company has over two decades of experience since its founding in 2003 and operates with a local/regional focus in Leipzig, Germany. The website content is basic but relevant, providing clear contact information and a concise description of services. Technically, the site uses legacy technologies such as jQuery 1.4.4 and basic CSS styling with some mobile optimization. There is no evidence of modern CMS or advanced frameworks. Security posture is moderate but limited by the use of outdated libraries and lack of visible security headers or HTTPS status information. No privacy or cookie policies are published, indicating compliance gaps. Overall, the domain registration data is consistent with the business claims, supporting legitimacy.

M

MVB GmbH

vlb.de

46

MVB GmbH operates the VLB (Verzeichnis Lieferbarer Bücher), a central platform for automated exchange of product information in the German-speaking book industry. The website serves key stakeholders including bookstores, publishers, self-publishers, and service providers, offering services such as order clearing (IBU), reference databases, and subscription discounts. The platform holds a strong market position as an authoritative source in its sector. Technically, the website employs modern web technologies including Bootstrap, Owl Carousel, and Google Tag Manager, hosted on Anexia infrastructure. It features responsive design, good SEO, and accessibility standards, with a cookie consent mechanism ensuring privacy compliance. The site is well-structured and professionally designed, providing a positive user experience. From a security perspective, the site uses HTTPS with good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security policy pages, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security posture. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR. The WHOIS data aligns with the business entity, reinforcing legitimacy. Strategic improvements in security transparency and incident response readiness would further strengthen the platform's reliability.

P

Preiss Werbe- und Internetagentur

contao-themes-shop.de

44

The website www.contao-themes-shop.de represents Preiss Werbe- und Internetagentur, a small German company specializing in providing professional Contao CMS themes, templates, and extensions. Their business model focuses on e-commerce sales of digital products tailored for Contao CMS users, alongside offering custom theme development and support services primarily targeting agencies and businesses seeking customizable web solutions. The site is well-structured, with clear navigation and comprehensive legal and privacy documentation, reflecting a professional and trustworthy online presence. Technically, the website is built on the Contao Open Source CMS platform, utilizing modern JavaScript libraries such as jQuery, AOS, and mmenu for enhanced user experience and mobile responsiveness. Hosting is provided via kasserver.com, consistent with the domain's nameservers. Performance is moderate with good mobile optimization and basic accessibility features. The site employs secure form handling with CSRF tokens but lacks explicit HTTP security headers. From a security perspective, the site uses HTTPS and secure form tokens, indicating a baseline security posture. However, the absence of security headers and a formal security policy or incident response contact reduces the overall security maturity. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy, though no cookie consent mechanism is detected. Business credibility is high due to clear contact information, official Contao partner certifications, and consistent branding. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, cookie consent, and incident response documentation would enhance the security posture and compliance further.

H

Human Rockstars

human-rockstars.com

47

Human Rockstars is a small coaching business based in Germany, specializing in systemic coaching, microdosing, and psychedelic integration. The website presents a professional and consistent brand with a strong focus on personal development and educational content, including a podcast featuring expert guests. The business targets individuals interested in microdosing and psychedelic experiences, offering personal and group coaching programs. Technically, the site is built on WordPress using Elementor and several plugins for SEO, cookie management, and podcasting. Security measures include HTTPS, reCAPTCHA on forms, and cookie consent mechanisms, though some security headers could be improved. Privacy policies are comprehensive and GDPR compliant. No direct contact emails or phone numbers are publicly listed, with contact primarily via a secured form. The domain registration is consistent with the business age and claims, enhancing trustworthiness.

I

INL – Privates Institut für Nachhaltige Landbewirtschaftung GmbH

nachhaltige-landbewirtschaftung.de

39

INL – Privates Institut für Nachhaltige Landbewirtschaftung GmbH is a specialized institute focused on measuring ecological sustainability in agriculture. With over 16 years of experience, the company offers consulting, certification, monitoring, and scientific services primarily targeting agricultural businesses, retailers, and environmental stakeholders in Germany. The website reflects a niche market position with a professional presentation and clear service offerings. Technically, the website is built on WordPress 6.8.2 with a modern plugin ecosystem including OpenLayers for mapping and WP Statistics for analytics. Hosting is provided by Cloudpit, and the site uses HTTPS with good SSL configuration. Mobile optimization and SEO are well addressed, though accessibility is basic. No major technical issues or vulnerabilities were detected in the visible content. From a security perspective, the site uses HTTPS and some security best practices but lacks explicit security headers and published security or incident response policies. No vulnerabilities or exposed sensitive data were found. Privacy compliance is supported by a privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, the site presents a low risk profile with a good balance of content quality, technical implementation, and business credibility. Strategic improvements could focus on enhancing security headers, publishing incident response information, and adding direct contact details for security and data protection officers.

The Netzwerk Agrartechnik Sachsen website represents a regional competence network focused on agritech innovation and collaboration between Saxon companies and research institutions. The network aims to strengthen the competitiveness of the agricultural technology sector through knowledge transfer, workshops, and innovation forums. The website is built on WordPress with moderate technical sophistication, including SEO optimization and basic mobile responsiveness. Security posture is moderate with some gaps such as lack of DNSSEC and outdated JavaScript libraries. Privacy compliance is basic with a cookie consent banner but a minimal privacy policy lacking explicit GDPR statements. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but could improve security and compliance aspects.

E

EWS Wirtschaftsprüfung AG

ews.li

43

EWS Wirtschaftsprüfung AG is a small, independent auditing firm based in Liechtenstein, specializing in statutory and voluntary audits, financial statement reviews, and compliance with Liechtenstein and European auditing standards. The company serves businesses and organizations requiring professional auditing and financial consulting services, leveraging a team with strong professional credentials and partnerships in Switzerland. The website is built on WordPress with a custom theme, employing standard web technologies such as jQuery and CSS3. The site is accessible, mobile-optimized, and professionally designed, though it lacks privacy and cookie policies, which are important for GDPR compliance. Security posture is adequate with HTTPS enforced, but missing security headers and absence of a vulnerability disclosure policy indicate areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

V

Verein Hilfe für Bangladesch

bangladesch.li

47

Verein Hilfe für Bangladesch is a small non-profit organization dedicated to supporting educational and social development projects in Bangladesh. Their website provides information about ongoing and archived projects, encouraging donations and sponsorships. The organization targets donors and supporters interested in charitable aid for Bangladesh. The site is primarily in German and uses WordPress with WooCommerce for donation processing. Technically, the website is built on a modern WordPress platform with common plugins such as WooCommerce, Contact Form 7, and Yoast SEO. It uses HTTPS and external CDNs for performance. The site is moderately optimized for mobile and SEO, with good navigation and content quality. However, some accessibility features are basic, and performance is moderate. From a security perspective, the site enforces HTTPS and restricts ad and personalization tracking in Google Analytics, indicating some privacy awareness. However, it lacks important security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. Overall, the website is legitimate and trustworthy for a small non-profit, with room for improvement in security posture and privacy compliance. Strategic recommendations include implementing security headers, adding a cookie consent mechanism, publishing security policies, and maintaining up-to-date software to enhance trust and compliance.

W

Wasch- & Küchentechnik Urs Ruoss | Altendorf, March Höfe

wakutech.ch

45

Wasch- & Küchentechnik Urs Ruoss is a small, established retail business based in Switzerland specializing in household and kitchen appliances, including washing machines, kitchen technology, and coffee machines. The company operates a physical showroom in Altendorf SZ and offers repair services, home delivery, and disposal of old appliances. Their market position is that of a trusted local specialist with over 20 years of experience, supported by partnerships with well-known appliance brands and an online webshop. Technically, the website is built on WordPress using modern plugins such as Yoast SEO, WPBakery Page Builder, and Slider Revolution, with Google reCAPTCHA implemented for form security. The site is mobile-optimized and SEO-friendly, though some accessibility features could be improved. Security posture is good with HTTPS enforced and reCAPTCHA in place, but lacks advanced security headers and a formal security policy. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with the business's local retail focus.