High-risk security reports

T

Tag der Demokratie

democracyday.ch

49

The website democracyday.ch serves as an informational and campaign platform dedicated to promoting democracy awareness in Switzerland. It targets the general public interested in civic engagement and democratic participation. The site provides multilingual content, event mapping, idea sharing, and partnership information, positioning itself as a niche non-profit campaign platform. Technically, the site is built on WordPress with modern JavaScript libraries such as jQuery, Foundation, and Isotope for layout and interactivity. It integrates Google Analytics and Facebook SDK for tracking and marketing purposes. The site is mobile optimized and shows moderate performance with basic SEO and accessibility features. Security-wise, the site enforces HTTPS and avoids exposing sensitive data but lacks advanced security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Contact information and incident response details are absent, which limits user trust and compliance. Overall, the site is functional and professional but could improve in privacy, security, and user engagement aspects.

K

Konnektiv Kollektiv GmbH

konnektiv.de

44

Konnektiv Kollektiv GmbH is a Berlin-based agency specializing in sustainable and ethical digital transformation primarily in the public sector and international development contexts. Their services include developing privacy-friendly open-source software, consulting on digital sovereignty, and providing training and moderation on inclusive digital transformation. The company collaborates globally with NGOs, foundations, local innovators, and government institutions, focusing on Africa, Asia, and Latin America. Technically, the website is built on WordPress with modern plugins and themes, hosted via Schlund Technologies, and uses Matomo analytics with privacy-conscious settings. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and formal policies could be improved. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, reflecting a credible small non-profit entity.

V

Verein Hauptstadtregion Schweiz

hauptstadtregion.ch

41

The Verein Hauptstadtregion Schweiz is a regional non-profit association uniting five Swiss cantons and multiple municipalities to strengthen the capital region as an innovative living and economic space. The website presents a clear focus on seven key thematic areas including political center development, healthcare, smart infrastructure, food and nutrition clusters, economic and spatial development, transport, and bilingualism. The site is built on TYPO3 CMS with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. Social media presence on Twitter and LinkedIn supports outreach and transparency. Security posture is solid with HTTPS and anonymized analytics, though some security best practices like security headers and incident response contacts could be improved. Overall, the site is professional, trustworthy, and well-structured for its target audience of regional stakeholders and citizens.

I

IG Rottaler Ernte

erntefest.ch

47

The website erntefest.ch represents the IG Rottaler Ernte, a small regional organization dedicated to organizing the annual Rottaler Erntefest, a cultural and culinary event celebrating the Rottaler region in Switzerland. The site provides information about the event, its history, partners, and sponsors, targeting local audiences interested in regional traditions and products. The business model is community and non-profit focused, emphasizing regional culture and local product promotion. Technically, the website is built with basic HTML, CSS, and JavaScript without a detected CMS or advanced frameworks. It offers moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Security posture is minimal with no detected HTTPS enforcement or security headers, and no incident response or vulnerability disclosure information is provided. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism or terms of service. Overall, the site is trustworthy and consistent with its regional cultural mission but would benefit from improved security and privacy practices.

N

NaturDienst Bieri

naturdienst.ch

37

NaturDienst Bieri is a small, locally focused nature conservation and biodiversity consulting firm founded in 2022 by Markus Bieri in Richenthal, Switzerland. The company offers services including biodiversity promotion consulting, nature excursions, sensitization courses, and educational programs. The website is professionally designed using WordPress with the Divi theme and includes structured data for SEO. It provides clear contact information and promotes upcoming events and offerings related to nature conservation. Technically, the site uses modern web technologies and integrates Google Analytics and Tag Manager for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, accessible, and well-aligned with the business's stated mission and services.

A

Aargauische Kantonalbank

akb.ch

29

Aargauische Kantonalbank is a leading financial services provider operating primarily in the Canton of Aargau and the Olten-Gösgen-Gäu region in Switzerland. The website reflects a professional banking institution offering a range of financial products and customer support services. The company maintains a strong market position as a regional bank with a clear focus on its local clientele. The digital presence is built on a modern technical infrastructure leveraging Liferay CMS, React, and Clay UI components, ensuring a responsive and user-friendly experience. Integration with Google Tag Manager and Jentis Analytics indicates a mature approach to user behavior tracking and marketing analytics. Security posture is robust with HTTPS enforcement, script nonce usage, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly visible. Overall, the website demonstrates a high level of professionalism and trustworthiness suitable for a financial institution.

S

Schlossrestaurant Habsburg

schlossrestaurant-habsburg.ch

47

Schlossrestaurant Habsburg is a hospitality business operating a historic castle restaurant and event venue in Switzerland. The company offers regional cuisine and hosts weddings, banquets, seminars, and private celebrations. It is positioned as a premium venue with a strong local heritage and scenic views, targeting individual guests and event organizers. The website is professionally designed using WordPress and the Avada theme, with modern SEO and analytics integrations. Security posture is good with HTTPS and security headers, though cookie consent mechanisms and explicit security policies are missing. Overall, the site is trustworthy and well-maintained, reflecting a small but established hospitality business under the parent company AARGAUHOTELS.CH.

E

Erlebnis Freiamt

freiamt.ch

39

Erlebnis Freiamt is a regional tourism and cultural promotion website dedicated to showcasing the Freiamt region in Switzerland. The site offers comprehensive information on local events, hiking and biking routes, gastronomy, cultural activities, and services aimed at tourists, families, and local residents. It positions itself as a key regional information hub with a focus on nature, culture, and community engagement. The business model revolves around promoting regional tourism and providing accessible, engaging content to attract visitors and support local businesses.

A

Aargau Tourismus AG

aargautourismus.ch

48

Aargau Tourismus AG operates as the regional tourism authority for the canton of Aargau in Switzerland, providing comprehensive tourism information, event promotion, and services such as meeting location facilitation and an online shop for vouchers. The website targets tourists, cultural enthusiasts, families, and event attendees, positioning itself as a trusted regional tourism hub with strong partnerships and certifications like Swisstainable. Technically, the site employs modern tracking and analytics tools including Google Analytics and Facebook Pixel, uses Bootstrap and jQuery UI for UI components, and is likely powered by the ZMS CMS platform. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

S

Smaragdgebiet Oberaargau

smaragdoberaargau.ch

46

Smaragdgebiet Oberaargau is a Swiss non-profit organization dedicated to the conservation and promotion of endangered species and habitats within the Oberaargau region. Established in 2008, it operates as part of an international species protection initiative, focusing on local engagement, environmental education, and habitat enhancement. The website serves as an information hub, offering news, newsletters, event announcements, and partnership details to environmental enthusiasts and local stakeholders. Technically, the website is built on the Joomla CMS platform, utilizing modern web technologies such as Bootstrap 5 and jQuery for responsive design and interactivity. The site demonstrates good mobile optimization and basic accessibility features, though there is room for improvement in SEO and performance tuning. The absence of advanced analytics or tracking tools indicates a privacy-conscious approach. From a security perspective, the site benefits from HTTPS encryption and includes CSRF tokens in forms, but lacks important security headers that could enhance protection against common web threats. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or explicit GDPR compliance indicators. Contact information is limited to a web form, with no direct emails or phone numbers visible. Overall, the website is trustworthy and professionally maintained, with a clear mission and consistent branding. Strategic improvements in security headers, privacy compliance, and contact transparency would further strengthen its posture and user trust.

P

plusenergiequartier

plusenergiequartier.ch

49

plusenergiequartier is a Swiss-based initiative focused on promoting sustainable development in the building sector through Plusenergie-Quartiere, which produce more energy than they consume annually. The project supports the Swiss Federal Energy Strategy 2050 and collaborates with regional governments, infrastructure companies, and investors. The website serves as an informational and coordination platform, targeting municipalities, investors, and the general public interested in sustainable urban development. Technically, the site is built on WordPress with common plugins for SEO, multilingual support, and user engagement via newsletters. While the site uses HTTPS and follows basic security practices, it lacks advanced security headers and a cookie consent mechanism. The presence of a Google Analytics plugin is noted but it is not configured, indicating minimal user tracking. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

E

Euromontana

euromontana.org

48

Euromontana is a European multi-stakeholder network dedicated to sustainable development and improving quality of life in mountain areas. It serves as a recognized voice for European mountain communities, providing policy advocacy, networking, research promotion, and event organization. The website reflects a professional and consistent brand image targeting policymakers, researchers, and local stakeholders in mountain regions. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and user experience. Security posture is solid with HTTPS and reCAPTCHA usage, though it lacks some security headers and formal security policies. Privacy compliance is partially met with a privacy policy but no cookie consent mechanism. WHOIS data is unavailable, limiting domain trust analysis, but the site content and presentation suggest legitimacy. Overall, the site is well-maintained, informative, and trustworthy for its audience.

E

engage.ch

engage.ch

49

engage.ch is an online platform dedicated to enabling youth participation in political and social issues within Switzerland. It offers a user-friendly interface for young people to submit their concerns and ideas, facilitating engagement at municipal, cantonal, and national levels. The platform is closely affiliated with the Dachverband Schweizer Jugendparlamente (DSJ), which supports its credibility and mission. The website is multilingual, primarily in German, and provides news, campaigns, and contact options to its users. Technically, the site is built on Drupal 8 CMS, leveraging modern web technologies such as Google Fonts, Plausible Analytics for privacy-focused tracking, and EU Cookie Compliance modules. The site is mobile-optimized, accessible, and demonstrates good SEO practices. Security is well-handled with HTTPS enforced and spam traps in forms, although explicit security policies and incident response contacts are not published. Overall, engage.ch presents a trustworthy and professional digital presence with strong privacy compliance and user engagement features. It serves a niche audience effectively, with clear business and social objectives aligned with youth civic participation in Switzerland.

O

okaj zürich

okaj.ch

47

okaj zürich is a well-established non-profit umbrella organization dedicated to coordinating and supporting open, associative, and church-based child and youth work in the canton of Zürich, Switzerland. With a history spanning 100 years, it serves approximately 600 member organizations and operates under a mandate from the canton government. The website effectively communicates its mission, projects, and events, targeting professionals in youth work, government officials, and member organizations. The organization emphasizes education, networking, and advocacy through various projects and publications.

M

mybuxi AG

mybuxi.ch

49

mybuxi AG operates a sustainable on-demand driving service primarily targeting rural areas in Switzerland. The company leverages a mobile app and web platform to provide flexible regional transport solutions, positioning itself as a mobility startup focused on ecological and community-oriented transport. The website reflects a professional and consistent brand image with clear navigation and multilingual support, enhancing accessibility for diverse users. Technically, the site is built on WordPress with Elementor and uses modern libraries such as Swiper.js and Bootstrap, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and formal security policies. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Contact information is comprehensive, including multiple regional emails and a customer hotline, supporting business credibility. Overall, the website is trustworthy and well-positioned but could improve in privacy and security transparency.

InnovationsTransfer Zentralschweiz is a regional Swiss organization focused on promoting innovation and supporting startups, SMEs, and private individuals in Central Switzerland. Their services include startup acceleration, innovation coaching, digital financing, patent and trademark consulting, and funding programs. The website is built on WordPress using the Breakdance theme and integrates marketing and analytics tools such as HubSpot and Google Tag Manager. While the site uses HTTPS and has a cookie consent mechanism, the specific requested page is missing (404 error), and no privacy policy or terms of service are found, which impacts compliance and user trust. Security headers are not detected, indicating room for improvement in security posture.

I

INOS – Innovationsförderung für Ostschweizer KMU

inos.swiss

45

INOS is a Swiss innovation support organization focused on fostering innovation in small and medium-sized enterprises (SMEs) in Eastern Switzerland. Affiliated with the University of St. Gallen, INOS offers professional innovation coaching and platforms for cross-company networking and resource pooling. The website is well-structured, primarily in German, and targets regional SMEs seeking innovation support. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, indicating a mature digital infrastructure. However, the domain is currently expired but pending renewal, which poses a risk to service continuity. Security posture is moderate with HTTPS enabled but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but requires improvements in security and privacy transparency.

B

Bundesamt für Statistik (BFS)

dashboard-agglomeration.ch

43

The website dashboard-agglomeration.ch is an official Swiss government portal managed by the Bundesamt für Statistik (BFS), providing detailed statistical data and visualizations about the 52 agglomerations in Switzerland. It serves researchers, policymakers, urban planners, and the general public interested in Swiss urban development and demographic statistics. The site uses modern web technologies including JavaScript, TailwindCSS, and a specialized visualization library (dynvis.js) to deliver interactive content. The technical infrastructure appears solid with good mobile optimization and accessibility, though performance is moderate and SEO optimization is basic. Security posture is moderate with HTTPS likely enabled but lacking explicit security headers and published security policies. Privacy compliance is low due to absence of privacy and cookie policies or consent mechanisms. Business credibility is high given the official government affiliation and consistent domain registration data. Overall, the site is trustworthy and safe for general audiences but could improve in privacy and security transparency.

MADixel GmbH operates a specialized tracking tool designed to support sales teams by identifying companies visiting their websites and providing insights into visitor interests. The company positions itself as a niche provider in the technology sector focused on GDPR-compliant marketing analytics solutions. The website presents a professional and consistent brand image with clear contact details and a downloadable data protection report, indicating a focus on privacy and compliance. Technically, the site uses a modern frontend stack including Bootstrap and jQuery, with good mobile optimization and moderate performance. However, the absence of visible security headers and privacy/cookie policies suggests room for improvement in security and compliance transparency. No blocking or WAF mechanisms were detected, allowing full content access and analysis.

1

10dencehispahard, S.L.

eumiesawards.com

49

EUmies Awards is a specialized platform dedicated to promoting excellence in European architecture through awards, exhibitions, and related cultural events. The organization operates primarily in Spain and targets architecture professionals, emerging talents, and cultural institutions. The website serves as a comprehensive resource for award procedures, jury information, and event dissemination. Technically, the site is built on WordPress with modern technologies such as Vue.js and D3.js, optimized for SEO and mobile responsiveness. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though improvements like DNSSEC and security headers are recommended. Overall, the site demonstrates a professional and trustworthy presence with strong compliance to privacy regulations.

A

Architecture Foundation

architecturefoundation.org.uk

46

The Architecture Foundation is a well-established UK-based non-profit organization dedicated to uniting the global architecture community through events, podcasts, tours, and publications. Founded in 1991, it operates as an independent charity with a strong presence in the architecture sector, supported by numerous reputable partners and supporters. The website reflects this mission with rich content targeting architects, clients, and professionals interested in the built environment. Technically, the website employs a modern yet straightforward technology stack including jQuery, Bootstrap, and Google reCAPTCHA Enterprise for form security. The site is mobile-optimized and uses HTTPS, ensuring secure communications. However, it lacks some advanced security headers and formal privacy and cookie policies, which are important for compliance and user trust. From a security perspective, the site demonstrates good baseline practices such as HTTPS enforcement and spam protection on forms. There are no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms the domain's legitimacy and long-standing registration consistent with the organization's history. Overall, the Architecture Foundation's website is professional, trustworthy, and content-rich, though it would benefit from enhanced privacy compliance and additional security headers to further strengthen its posture.

N

New Generations

newgenerationsweb.com

36

New Generations is a European media and cultural platform focused on emerging architectural practices since 2013. It provides a space for knowledge exchange, events, publications, and networking for architects across Europe. The website is built on SilverStripe CMS, uses modern web technologies including Bootstrap and jQuery, and integrates Google Analytics and reCAPTCHA for user interaction and spam protection. The security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but lacks some security headers and DNSSEC. Privacy and cookie policies are absent, which impacts compliance. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

H

Hochparterre

hochparterre.ch

46

Hochparterre is a Swiss media platform specializing in architecture, planning, and design news, publications, and events. It serves professionals and enthusiasts in the Swiss architecture and design community, offering news articles, event information, subscription services, and an online shop. The website is built on TYPO3 CMS with modern frontend technologies and integrates multiple advertising and tracking services. The site is well-designed, mobile-optimized, and provides a professional user experience. Security posture is good with HTTPS and secure form practices, but lacks visible privacy and cookie policies, as well as explicit security and incident response policies. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site is a reputable media outlet with room for improvement in privacy compliance and security transparency.

S

Stellare Agency

stellare.global

49

Stellare Agency is a small technology-focused digital agency based in St. Moritz, Switzerland, specializing in web development, SEO, and Webflow solutions. The website presents a professional but minimal online presence targeting local businesses or individuals seeking digital services in the Engadin region. The technical infrastructure is built on the Webflow platform with jQuery, indicating a modern but straightforward tech stack. Performance and mobile optimization are adequate, though accessibility and SEO optimizations are basic. Security posture is moderate with no HTTPS or security headers explicitly detected in the provided data, and no privacy or cookie policies are present, which may impact compliance. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional but lacks comprehensive security and privacy features, limiting its credibility and compliance standing.

C

Complemedia AG

comple-media.ch

44

Complemedia AG is a Swiss-based full-service agency specializing in golf-related advertising and solutions, serving golf courses and brands across Switzerland and neighboring countries. The company offers a comprehensive range of services including consulting, marketing, installation, and maintenance, supported by a multinational team. Their market position is solid with partnerships in five countries and a recognized Swiss PGA recommendation. Technically, the website is built on a modern WordPress platform using Elementor and optimized with Autoptimize, featuring Google reCAPTCHA for form security. However, some security best practices like security headers and cookie consent mechanisms are missing. Overall, the site is professional, well-structured, and trustworthy, with clear contact information and good SEO practices. Strategic improvements in privacy compliance and security posture would enhance their digital maturity and trustworthiness.

G

graubünden Bike

graubuendenbike.org

47

Graubünden Bike is a regional project initiative focused on advancing bike tourism and sustainable mobility in the Graubünden region of Switzerland. The project is positioned as a pioneer in the bike tourism sector, aiming to enhance the region's attractiveness through development of bike offerings, training, and community engagement. The website serves as an information hub with event calendars, news, and project documentation, targeting cyclists, local stakeholders, and tourists. Technically, the site is built on WordPress with a modern tech stack including jQuery, Bootstrap, and Matomo analytics, providing a good user experience with mobile optimization and SEO best practices. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not implement cookie consent mechanisms. The domain registration is recent but consistent with the project timeline and shows no suspicious patterns. Overall, the site is professional and trustworthy but could improve privacy compliance and security hardening.

B

Burgergemeinde Bern

bgbern.ch

48

Burgergemeinde Bern is a municipal government entity serving the city and canton of Bern, Switzerland. It provides a broad range of community services including social welfare, environmental stewardship, cultural activities, urban development, sports, education, and scientific engagement. The website reflects its role as a public sector organization with clear communication and community outreach. Technically, the site is built on the Plone CMS platform, leveraging modern JavaScript libraries and frameworks to deliver a responsive and user-friendly experience. The presence of Matomo analytics indicates a privacy-conscious approach to user data collection. Security posture is solid with HTTPS enforced and CSRF protections in place, though there is room for improvement in implementing security headers and explicit cookie consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, the website is professional, trustworthy, and well-aligned with its governmental mission.

4

41 Campus gGmbH

forty.one

46

FORTYONE is a niche media platform operated by 41 Campus gGmbH, focusing on the charitable activities and stories related to Dirk Nowitzki and his foundations in Germany and the USA. The website serves as a communication and donation platform, supported by sponsors such as ING. The content is professionally presented with a focus on storytelling and foundation updates, targeting a general audience interested in sports philanthropy and Dirk Nowitzki's legacy. Technically, the site is built on WordPress with modern plugins for donations and GDPR compliance, showing moderate performance and good mobile optimization. Security posture is solid with HTTPS and anti-spam measures, though improvements like DNSSEC and CSP headers are recommended. Privacy compliance is well addressed with clear cookie consent and policies. Overall, the site is trustworthy and professionally maintained, with no signs of malicious or adult content.

T

Tobias Erlach

tobiaserlach.com

47

Tobias Erlach operates a professional web presence focused on providing conversion-focused web design and marketing integration services under the brand The Web Accelerator. The website positions Tobias as a creative business consultant and designer, targeting businesses seeking to improve their online sales through effective website design. The site includes a portfolio, newsletter, and YouTube channel to engage the audience and share insights. Technically, the website is built on WordPress with a modern theme and uses Cloudflare DNS and Google Analytics for tracking. The site is well-optimized for SEO and mobile devices, with a cookie consent mechanism ensuring GDPR compliance. Security posture is good with HTTPS enabled, though DNSSEC is not enabled and security headers are not detected, representing areas for improvement. No explicit security or incident response policies are published, and no contact emails or phone numbers are listed, relying on a contact form instead. Overall, the website is professional, trustworthy, and safe for general audiences.

B

bewegt-sein.ch Praxis für Osteopathie | Jacqueline Labèr

bewegt-sein.ch

42

bewegt-sein.ch is a small healthcare practice specializing in osteopathy and physiotherapy services located in Bubikon, Switzerland. The website provides detailed information about the practitioner Jacqueline Labèr, her qualifications, and the range of osteopathic treatments offered, targeting local clients seeking holistic healthcare solutions. The business operates a private practice with a focus on musculoskeletal and pediatric conditions. Technically, the website uses a traditional web stack with jQuery, Google Maps API, and several UI libraries such as Owl Carousel and Magnific Popup. The site is moderately optimized for mobile and SEO, with a clear navigation structure and good content quality. However, there is no detected CMS or advanced platform integration. From a security perspective, the website uses HTTPS but lacks visible security headers and published privacy or cookie policies, which are important for GDPR compliance. No incident response or vulnerability disclosure information is provided. The site does not use analytics or tracking scripts, indicating minimal user tracking. Overall, the website is professional and trustworthy for its business purpose but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

T

Homeland

thisishomeland.com

49

The website 'Homeland' is a small business or brand site created in 2020, built using the Framer platform. It presents minimal content focused on marketing slogans emphasizing customer satisfaction but lacks detailed business descriptions, contact information, or legal policies. The technical infrastructure relies on Framer hosting and content delivery, with basic HTTPS security but missing advanced DNS and HTTP security features. No privacy or cookie policies are present, indicating low compliance with data protection regulations. The absence of contact details and security disclosures limits trust and business credibility. Overall, the site is functional but minimalistic, suitable for a startup or brand awareness but requires enhancements for professional and secure online presence.

S

S AM Schweizerisches Architekturmuseum

sam-basel.org

49

S AM Schweizerisches Architekturmuseum is a Swiss cultural institution dedicated to architecture, located in Basel. The website provides information about exhibitions, events, educational programs, and a shop, targeting architecture enthusiasts and the general public interested in cultural heritage. The museum maintains a professional online presence with multilingual support and active social media channels. Technically, the site is built on Drupal 7 with modern JavaScript libraries and uses Cookiebot for GDPR-compliant cookie management. Security posture is adequate with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and CMS updates. WHOIS data is unavailable due to privacy or query failure, but the website content and contact details support legitimacy. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations.

S

Studio Céline Baumann

studiocelinebaumann.com

46

Studio Céline Baumann is a specialized landscape architecture studio based in Switzerland, active since at least 2018. The website serves as a portfolio and news platform showcasing their projects, awards, publications, and exhibitions. The studio targets professionals and enthusiasts in landscape architecture and urban planning, offering design, consultancy, and academic teaching services. Technically, the website is built on WordPress using the FoundationPress theme, with modern frontend libraries like jQuery and FlexSlider. The site is moderately performant and mobile-optimized but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies and no consent mechanisms. No contact emails or phone numbers are explicitly provided, limiting direct communication. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

B

Bund der Selbständigen Bayern

bds-bayern.de

45

Bund der Selbständigen Bayern is a well-established membership association founded in 1874, representing the interests of self-employed individuals and the independent middle class in Bavaria, Germany. The organization operates as a non-partisan, cross-industry network providing advocacy, legal advice, educational programs, and member services. Their market position is strong regionally with a history of over 150 years and a comprehensive service offering including academies, competence centers, and event organization. The website reflects a professional and consistent brand image targeting self-employed professionals and SMEs in Bavaria.

O

ostseepilze.de

ostseepilze.de

47

The website ostseepilze.de is currently inaccessible, returning a 403 Forbidden error with a generic Jimdo error page. The site appears to be hosted on the Jimdo platform, a DIY website builder service, but contains no business-specific content, contact information, or policies. The lack of accessible content and security features severely limits the ability to assess the business or security posture. Technically, the site uses Jimdo's hosting and CSS assets but lacks HTTPS confirmation and security headers. No analytics or tracking scripts are present, indicating minimal digital maturity. The security posture is weak due to the absence of HTTPS and security best practices. Overall, the site appears to be inactive or under construction, resulting in a low trust and credibility score.

R

Roger Lehner

rogerlehner.com

47

Roger Lehner operates a small, specialized design studio based in Germany, focusing on ambitious projects that emphasize collaboration, creativity, and accessibility. The website showcases a professional portfolio with services including branding, digital and print design, and inclusive design practices. The business targets clients seeking high-quality, dynamic visual communication solutions. Technically, the website employs modern JavaScript libraries such as Swup and Swiper for enhanced user experience and uses Umami Analytics for minimal user tracking. Hosting is provided by hosttech.de, a German hosting provider, aligning with the business location. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not implement cookie consent mechanisms, which are areas for improvement. Overall, the website is professional, trustworthy, and well-designed but could enhance compliance and security practices.

M

MOBILEE

mobilee-plattform.de

43

MOBILEE is a German non-profit platform dedicated to social work through sport and movement. It serves as a networking and resource hub for initiatives, organizations, and individuals working at the intersection of social work and sports. The platform is supported by notable foundations and sport organizations, enhancing its credibility and reach within its niche. The website is professionally designed using WordPress and Elementor, featuring rich content, event information, and partner links. Technically, the site uses modern web technologies and privacy-conscious analytics (Matomo), but lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is good with HTTPS and no exposed sensitive data, but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the site is trustworthy, well-branded, and serves its target audience effectively.

A

Afeefa - Digitaler Zusammenhalt e.V.

afeefa.de

48

Afeefa - Digitaler Zusammenhalt e.V. operates a non-profit digital platform focused on social integration and community engagement in Leipzig, Germany. The website provides multilingual access to information about social services, volunteer opportunities, and local offers for people with diverse backgrounds. The platform positions itself as a local community hub fostering inclusion and participation. Technically, the website uses modern frontend technologies such as Vue.js and MapLibre GL for interactive maps, indicating a moderate level of digital maturity. However, the site lacks visible security headers and explicit privacy or cookie consent mechanisms, which are areas for improvement. Social media presence on Instagram and Facebook supports community outreach. Overall, the security posture is basic with no critical vulnerabilities detected but improvements are recommended to enhance compliance and trust. The domain registration data is consistent and supports the legitimacy of the website. Strategic recommendations include implementing security headers, cookie consent, and clearer contact information to improve user trust and regulatory compliance.

N

NDK Wurzen

leerstellen-lkl.de

47

The website leerstellen-lkl.de is a well-structured non-profit project focused on documenting cases of right-wing violence in the Leipzig district. It provides a digital memorial and educational resource through a web documentary, peer networks, and workshops primarily targeting youth and affected communities. The project is funded by reputable organizations and operated by NDK Wurzen, indicating a credible and mission-driven initiative. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, ensuring a responsive and user-friendly experience, though some improvements in accessibility and SEO could be made. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the site is trustworthy, professional, and safe for general audiences.

K

kollygujer

kollygujer.ch

48

kollygujer.ch is a website representing a small creative studio or agency based in Switzerland, focusing on showcasing creative work, offering a shop, and sharing content such as gossip and about pages. The business model appears to be service-oriented with an e-commerce component. The website uses basic web technologies including HTML, CSS, JavaScript, and the p5.js library for interactive graphics. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is minimal with no detected security headers or privacy policies, and no evidence of HTTPS was found in the provided data. Contact information is limited to a single email address and an Instagram social media link. The domain WHOIS is privacy protected, which is common and justified for small creative businesses. Overall, the website is functional but basic in design and security.

T

CMS und Webseiten Lösung speziell für Tourismus - TourismusWeb

tourismusweb.site

48

TourismusWeb is a specialized modular open-source CMS and website solution tailored specifically for the tourism industry. It offers a flexible content management system with integrated content hubs, image databases, AI tools, and various integrations designed to meet the needs of tourism organizations, destinations, associations, and related sectors. The platform leverages the Contao Open Source CMS and is supported by modern web technologies and analytics tools such as Google Tag Manager and Plausible Analytics. The website presents a professional and consistent brand image, targeting primarily tourism-related businesses in Denmark and possibly broader European markets.

T

TSO AG

digital.fitness

42

Digital.Fitness® is a Swiss-based software solution focused on providing digital maturity assessments and benchmarking tools for businesses. Operated by TSO AG, the platform offers a modular SaaS product that includes a digital fitness app, a 7-C model framework developed in partnership with Fachhochschule Westschweiz (HES-SO), and a network membership for consultants, system providers, and educational institutions. The website targets business consultants, system providers, and educational entities seeking to evaluate and improve digital transformation levels within companies. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and integrates analytics tools like Google Analytics and Plausible. The site is mobile-optimized and well-structured, providing a professional user experience.

E

Eisen Optikergeschäft AG

eisen-optiker.ch

49

Eisen Optikergeschäft AG is a small retail optical business based in Winterthur, Switzerland, specializing in eyewear, contact lenses, and related optical services. The website serves as an informational and promotional platform showcasing their products, team, and services, targeting local customers seeking quality optical solutions. The company maintains a consistent brand presence with clear contact details and social media engagement on Instagram and Facebook. Technically, the site is built on the Zeta Producer CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript with jQuery and FlexSlider for UI components. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS but lacks several security headers and explicit security policies, indicating room for improvement in security posture and GDPR compliance. No cookie consent mechanism is present, and privacy policy coverage is basic. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

Radio Stadtfilter

stadtfilter.ch

46

Radio Stadtfilter is a community-focused radio station based in Winterthur, Switzerland, providing live streaming, archived shows, and a variety of cultural and music programming. The website serves as a hub for listeners to access streams, program schedules, and community engagement features. The business operates as a small non-profit entity with a clear local audience and a mission to promote local culture through media. Technically, the website is built on WordPress with modern plugins and frameworks, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and security headers implemented, though there is room for improvement in privacy compliance and incident response transparency. Overall, the site is trustworthy and professionally maintained, with no critical security issues detected.

H

Hans Späti AG Wohnkultur

spaetiwohnkultur.ch

41

Hans Späti AG Wohnkultur operates a retail business specializing in design furniture, lighting, and textiles with physical showrooms in Wil and Winterthur, Switzerland. The company offers consulting services in planning, furnishing, and interior architecture, targeting design-conscious consumers and professionals. The website reflects a professional retail presence with good design and navigation but lacks comprehensive privacy and security disclosures. Technically, the site uses modern frontend technologies including Bootstrap and jQuery, with Google Analytics for tracking. Security posture is adequate with HTTPS enabled but missing important security headers and privacy policies. Overall, the site is legitimate and trustworthy but could improve compliance and security transparency.

S

scherrer

designmoebel.ch

45

The website designmoebel.ch represents 'scherrer', a small retail business specializing in high-end design furniture and interior planning services in Winterthur, Zürich, and the Eastern Switzerland region. The company partners with renowned furniture brands such as USM, Vitra, Cassina, and Alias, positioning itself as a niche player in the Swiss design furniture market. The website content is primarily in German and targets consumers and businesses interested in premium furniture solutions. Technically, the site is built on the cm4all CMS platform hosted by Hostpoint, utilizing older JavaScript libraries and standard web technologies. While the site offers good content quality and clear navigation, it lacks modern security headers and privacy compliance elements such as a privacy policy or terms of service. The cookie policy is present but lacks an explicit consent mechanism. Security posture is moderate with room for improvement, especially in updating libraries and implementing security best practices. Overall, the site is legitimate and professional but would benefit from enhanced privacy and security measures.

W

Weyell Zipse

weyellzipse.ch

44

Weyell Zipse is a Swiss architecture studio specializing in architectural design, competitions, exhibitions, and academic guest critiques. The firm has a strong presence in Switzerland and Germany, with a portfolio including schools, residential buildings, and public spaces. Their market position is that of an established, award-winning practice engaged in both professional projects and academic discourse. Technically, the website is built on WordPress with modern JavaScript libraries, offering good mobile optimization and accessibility. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but could improve in compliance and security transparency.

HANSEPILZ is a small local business specializing in mushroom consulting and educational mushroom walks primarily serving the Northern Germany region including Hamburg, Schleswig-Holstein, and Niedersachsen. The website also showcases mushroom photography, appealing to enthusiasts and learners interested in mycology. The business maintains a niche market position with a focus on education and community engagement, supported by media appearances and active social media channels on Instagram and Facebook. Technically, the website is built on WordPress using the Twenty Seventeen theme, with standard plugins such as Contact Form 7 and CleanTalk for spam protection. Hosting is provided by 1blu, as indicated by the nameservers. The site demonstrates moderate performance and basic mobile optimization, with room for improvement in accessibility and SEO. Security posture is adequate with HTTPS enabled and anti-spam measures in place, but lacks important security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the site is trustworthy and professional but could benefit from enhanced security and privacy features to improve compliance and user trust.

D

Deutscher Olympischer Sportbund e.V.

sportdeutschland.de

44

Sportdeutschland is the official digital platform of the Deutscher Olympischer Sportbund e.V., Germany's leading sports organization. It promotes sports participation nationwide, offering digital tools such as an interactive sports club map, a club app, and website services tailored for sports clubs and associations. The platform supports Olympic and Paralympic initiatives and targets sports enthusiasts, clubs, and volunteers across Germany. Technically, the website is built on TYPO3 CMS with modern front-end libraries and uses Matomo for privacy-conscious analytics. The site is well-structured, mobile-optimized, and professionally designed, reflecting a mature digital presence. Security posture is solid with HTTPS and secure forms, though it lacks some security headers and a cookie consent mechanism. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy. Overall, the site is trustworthy and authoritative in its domain.

B

BOTAX Steuerberatungsgesellschaft mbH

botax.de

49

BOTAX Steuerberatungsgesellschaft mbH is a German tax consulting firm offering a range of services including corporate, private individual, employee, association, and testament-related tax consulting. The company positions itself as a trusted advisor with certifications and memberships in professional organizations, targeting businesses and private clients in Germany. The website is built on WordPress using the Themify Ultra theme and employs common plugins such as Contact Form 7 and GDPR Cookie Compliance, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.