High-risk security reports

S

SoVD-Landesverband Niedersachsen e.V.

inklusionspreis-niedersachsen.de

48

The website www.inklusionspreis-niedersachsen.de represents a regional non-profit initiative jointly managed by the SoVD-Landesverband Niedersachsen e.V. and the LandesSportBund Niedersachsen e.V. It focuses on promoting and awarding projects that foster inclusion and equal participation of people with and without disabilities in Niedersachsen, Germany. The site provides detailed information about award categories, past winners, and event highlights, targeting volunteers, media professionals, sports clubs, and the general public interested in inclusion. The business model is centered on recognition and awareness rather than commercial activities. Technically, the website is built on TYPO3 CMS, leveraging modern frontend libraries such as jQuery and Slick Slider for interactive content. It demonstrates good digital maturity with mobile responsiveness, accessibility features, and SEO optimization. The cookie consent mechanism is implemented with clear user options, reflecting compliance with GDPR requirements. Hosting appears to be managed via Your-Server.de, with secure HTTPS enforced. From a security perspective, the site benefits from HTTPS and a cookie consent framework but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is minimal but consistent with a legitimate non-profit entity. Overall, the security posture is solid but could be enhanced by adding security headers and formal incident response information. The overall risk is low, with no signs of malicious activity or content safety concerns. Strategic recommendations include improving security headers, publishing security and incident response policies, and enhancing contact information transparency to further build trust and compliance.

Radpass Hannover is a small, community-focused organization dedicated to promoting cycling sports and organizing cycling events in Hannover, Germany. The website serves as a hub for event information, registration links, and showcases partner cycling clubs. Technically, the site is built on WordPress with modern plugins for gallery display, GDPR compliance, and lightweight analytics. The site is well-optimized for performance and mobile devices, with good SEO and accessibility features. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or compliance gaps were detected. Overall, the site presents a trustworthy and professional image suitable for its local community audience.

E

eichels GmbH

marathon-hannover.de

45

The ADAC Marathon Hannover website represents a well-established regional sports event organizer specializing in marathon and related running events in Lower Saxony, Germany. The business is operated by eichels GmbH and enjoys strong partnerships with reputable sponsors and regional organizations such as ADAC. The website provides comprehensive event information, registration options, media galleries, and community engagement features, targeting runners, sponsors, and local participants. Technically, the site is built on TYPO3 CMS with a modern yet slightly dated technology stack including Bootstrap 3 and jQuery 3.2.1. It demonstrates good mobile optimization, accessibility features, and SEO practices. The site uses HTTPS with strong SSL configuration and employs spam protection for email addresses. However, it lacks some advanced security headers and a formal security policy or incident response information. From a security perspective, the site is generally secure with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a clear privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is transparent and includes multiple channels. No suspicious or malicious content is detected, and the site is free from adult or NSFW content. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Strategic improvements in security headers, incident response transparency, and modernization of the tech stack could further enhance the site's security and resilience.

W

Wilhelm Hirte Stiftung

wilhelm-hirte-stiftung.de

42

The Wilhelm Hirte Stiftung is a small non-profit foundation based in Hannover, Germany, focused on supporting projects in youth aid, sports, and social sectors. The website clearly communicates its mission and provides donation information, targeting a general audience interested in charitable activities. The foundation appears to have a stable market position within its local/regional context, with a business model centered on funding and supporting community projects. Technically, the website is built on WordPress, utilizing common plugins such as Yoast SEO and Contact Form 7, with additional anti-spam measures like Honeypot. The hosting provider is inferred to be netcup based on DNS data. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features and good SEO practices. However, some technical improvements could enhance security and privacy compliance. From a security perspective, the site uses HTTPS and implements basic anti-spam protections. However, it lacks important security headers and does not provide explicit security policies or incident response contacts. The absence of a cookie consent mechanism despite using Google Analytics indicates a gap in privacy compliance. No vulnerabilities or suspicious content were detected, and the domain registration data aligns well with the website's claims, supporting legitimacy. Overall, the website presents a trustworthy and professional image for a non-profit foundation but would benefit from enhanced security headers, privacy compliance improvements, and clearer security policies to strengthen its security posture and user trust.

N

Niedersächsische Bingo-Umweltstiftung

bingo-umweltstiftung.de

46

The Niedersächsische Bingo-Umweltstiftung is a well-established non-profit foundation based in Lower Saxony, Germany, dedicated to environmental protection and development cooperation. The foundation supports various projects and initiatives aimed at sustainability and community engagement. The website reflects a professional and consistent brand presence, targeting residents and organizations interested in environmental causes within the region. The foundation operates with a transparent and accessible digital presence, including multilingual accessibility features and comprehensive content about its activities and funding opportunities. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and accessibility enhancements, hosted on a professional hosting provider (hostpress.de). The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the security posture is strong for a non-profit organization, with no critical vulnerabilities detected. The site lacks explicit public security policies or incident response contacts, which could be enhanced. The domain registration is consistent and trustworthy, supporting the legitimacy of the foundation. No adult or questionable content is present, making the site safe for general audiences. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and maintaining regular updates and audits to sustain security and compliance standards.

P

PluSport Behindertensport Schweiz

plusport.ch

49

PluSport Behindertensport Schweiz is a well-established Swiss non-profit organization dedicated to promoting sports and inclusion for children, youth, and adults with disabilities. Founded in 1960, it serves as the national competence center offering a wide range of services including sport camps, clubs, education, elite sports, and events. The organization targets individuals with disabilities as well as inclusive participants, supported by a strong partnership network including Swiss Olympic and Swiss Paralympic. The website reflects a professional and accessible digital presence with multilingual support and clear navigation.

Restaurant TS Green Inn is a small hospitality business located in Switzerland offering European-Asian fusion cuisine with facilities for dining and event hosting. The website presents a professional design built on WordPress with the Divi theme, providing clear navigation and relevant content such as menus and event information. Technically, the site uses standard web technologies and is mobile optimized, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled but lacks important security headers and formal policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the business appears legitimate and trustworthy with room for improvement in security and compliance.

B

BRAUEREI FALKEN AG

falken.ch

48

Brauerei Falken AG is a Swiss brewery company based in Schaffhausen, specializing in the production and retail of beers, spirits, and related merchandise. The company operates an online shop and offers event services, targeting adult consumers and beer enthusiasts primarily in Switzerland. The website is professionally designed, featuring clear navigation, age verification for alcohol compliance, and active social media engagement. Technically, the site is built on TYPO3 CMS with Bootstrap and Font Awesome, integrating Google Tag Manager for analytics and marketing. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and headers could be improved. Overall, the website reflects a mature digital presence consistent with a medium-sized regional brewery.

N

Nailfashion by Theresa Richard

nailtheresa.ch

42

Nailfashion by Theresa Richard is a small local nail studio business based in Rapperswil, Switzerland, specializing in professional nail care and creative nail designs including natural nails, French Pearl nails, and Gellack. The website presents a professional and consistent brand image targeting local customers seeking quality nail services. The business has been established since 2016, with clear contact information and a user-friendly website built on WordPress. Technically, the site uses common WordPress plugins for galleries, testimonials, and sliders, with basic mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security measures.

P

Umleitung

pccaddie.net

49

The domain pccaddie.net currently serves as a simple redirect to https://www.pccaddie.de/, providing no direct content or business information on its own. The domain is well-established, having been registered since 2002, which suggests a mature business presence. However, the lack of content, metadata, or security and privacy policies on this domain limits the ability to assess its direct security posture or compliance. Technically, the site is minimal with no scripts or tracking detected, indicating a low digital footprint on this domain itself. Security posture cannot be fully evaluated due to the absence of content and security headers. Overall, the domain appears legitimate but functions solely as a redirect, pushing users to the main business site.

F

Fachagentur Nachwachsende Rohstoffe e.V.

bauerhubert.de

41

Bauer Hubert is an educational website operated by Fachagentur Nachwachsende Rohstoffe e.V., a German non-profit organization focused on renewable raw materials. The site targets children and parents by providing educational stories, games, comics, and audio plays to promote awareness of sustainable resources. The website is well-branded, consistent, and supported by official German government and agency partners, reflecting a strong market position in educational content for renewable energy and sustainability. Technically, the website is built on TYPO3 CMS with Foundation CSS and uses jQuery and Matomo analytics with cookies disabled, indicating a privacy-conscious approach. The site is hosted on servers associated with agenturserver domains, suggesting professional hosting. The website is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. From a security perspective, Bauer Hubert enforces HTTPS and disables cookies in analytics, which is positive. However, it lacks visible security headers, a cookie consent mechanism, and published security or incident response policies. No vulnerabilities or exposed sensitive data were detected. WHOIS data is consistent with the website's claims, showing legitimacy and stable domain registration. Overall, the website presents a low-risk profile with good business credibility and technical implementation but could improve privacy compliance and security posture by adding cookie consent, security headers, and formal security policies.

F

Fachagentur Nachwachsende Rohstoffe e.V. (FNR)

charta-fuer-holz.de

43

The website www.charta-fuer-holz.de represents the 'Charta für Holz 2.0' initiative managed by the Fachagentur Nachwachsende Rohstoffe e.V. (FNR), a German non-profit agency focused on promoting sustainable wood use and forestry. The site serves as an information hub for government bodies, industry stakeholders, researchers, and the public, offering resources, event information, and project updates related to renewable raw materials and wood construction. The business model is non-profit and government-supported, positioning the organization as a key player in Germany's sustainable forestry sector. Technically, the website is built on TYPO3 CMS with modern front-end technologies including jQuery, Foundation CSS, and Slick Carousel. It is mobile-optimized and provides a good user experience with clear navigation and professional design. Analytics are implemented via Matomo with cookies disabled, reflecting a privacy-conscious approach. However, the site lacks a cookie consent mechanism and some security headers, which are areas for improvement. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. No major vulnerabilities or security incidents are evident. The absence of a published security policy or incident response contact reduces transparency but does not indicate immediate risk. WHOIS data is consistent and supports the legitimacy of the domain and organization. Overall, the website is professional, trustworthy, and well-aligned with its mission. Strategic recommendations include implementing security headers, adding cookie consent mechanisms, and publishing security and incident response policies to enhance compliance and trust.

F

Fachagentur Nachwachsende Rohstoffe e.V. (FNR)

klav.de

45

KLAV is a German government-affiliated competence center focused on reducing food waste across the supply chain sectors including primary production, processing, trade, and out-of-home catering. It operates as part of the National Strategy to reduce food waste and collaborates with economic actors, policymakers, and scientists. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing comprehensive information, seminar offerings, and sector dialogue facilitation. The technical infrastructure is solid with good mobile optimization and accessibility. Security posture is strong with HTTPS and privacy-conscious analytics (Matomo with disabled cookies), though explicit cookie consent and security policies are missing. Contact information is clearly presented, enhancing trust and credibility. Overall, KLAV presents a trustworthy and authoritative online presence aligned with its governmental mission.

F

Fachagentur Nachwachsende Rohstoffe e. V. (FNR)

klimaanpassung-wald.de

44

The website www.klimaanpassung-wald.de is an official government-related platform operated by the Fachagentur Nachwachsende Rohstoffe e. V. (FNR) that provides comprehensive information and support for the climate-adapted forest management funding program in Germany. It serves private and communal forest owners by offering program details, document submission options, and relevant news. The site is well-positioned as an authoritative source within the forestry and environmental protection sector, supported by government ministries. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and uses Matomo for privacy-conscious analytics. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced, though some security headers are missing and privacy policies are not explicitly presented. Contact information is clearly provided, enhancing trust and credibility.

L

Laurids Jensen Photographer

lauridsjensen.com

48

Laurids Jensen operates a professional photography portfolio website showcasing editorial, commissioned, and moving image works. The business is positioned as a niche creative service provider in the media industry, targeting clients and collaborators in the art and editorial sectors. The website content is well-structured and visually oriented to highlight the photographer's work, with a consistent branding approach and good user experience. Technically, the website is built using standard web technologies including HTML5, CSS, JavaScript, and jQuery, hosted by cyon.ch. It employs Google Analytics and Google Tag Manager for visitor tracking but lacks advanced CMS or frameworks. The site is mobile optimized with moderate performance and basic accessibility features. However, there is room for improvement in SEO and technical modernization. From a security perspective, the site uses HTTPS and has domain transfer protections enabled but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, and no incident response contacts are provided, indicating gaps in compliance and security readiness. The use of tracking scripts without visible consent mechanisms also raises privacy concerns. Overall, the website is a legitimate, small-scale professional portfolio with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and incident response readiness would enhance trust and reduce risk.

BHEND DESIGN STUDIO GMBH is a small Swiss-based design studio specializing in product and furniture design. The website reflects a professional and focused business with clear contact information and a privacy policy, targeting design professionals and manufacturers. The technical infrastructure is built on WordPress with modern plugins and Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks some security headers and cookie consent mechanisms, which are recommended for improved compliance and protection. Overall, the website is trustworthy and well-maintained, with room for enhancements in security and privacy compliance.

H

Hostpoint AG

code-zh.com

40

The website code-zh.com is currently displaying a minimal placeholder page indicating that the PHP version used is no longer supported. The domain is registered since 2012 and is hosted by Hostpoint AG, the largest Swiss web hosting provider managing over a million domain names. The business focus is on web hosting and domain management services targeted primarily at Swiss customers. The website content is minimal and lacks essential elements such as privacy policies, cookie consent mechanisms, terms of service, and contact information, which negatively impacts user trust and compliance with regulations such as GDPR. Technically, the site uses outdated PHP, jQuery 3.6.0, and standard web fonts but lacks modern security headers and SEO optimizations. Security posture is weak due to the unsupported PHP version and absence of security best practices. Overall, the site is accessible without WAF or security blocks but requires significant improvements in content, security, and compliance to meet professional standards.

S

Supporting Golf

supportinggolf.ch

48

Supporting Golf is a Swiss non-profit organization established in 2019 that financially supports the golf sport ecosystem in Switzerland. It collaborates with Swiss Golf, ASGI, and Migros GolfCard to fund professional tournaments and support Swiss golf professionals. The website is built on WordPress using Elementor and related plugins, providing a multilingual experience in German, French, and Italian. The site is well-designed with good content relevance and user experience but lacks published privacy and cookie policies, which impacts compliance. Security posture is good with HTTPS enabled and no obvious vulnerabilities, but security headers and incident response information are missing. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

The website www.jaschwyz.ch is currently inaccessible due to a Cloudflare security challenge page requiring human verification via Turnstile captcha. As a result, no business content, metadata, or contact information is available for analysis. The site appears to be protected by Cloudflare's WAF, which blocks automated access and limits visibility into the site's actual content and services. Without access to the underlying content, it is not possible to assess the company's market position, services, or technical infrastructure in detail. The security posture is difficult to evaluate beyond the presence of Cloudflare protection. Overall, the site is currently in a blocked state, preventing comprehensive analysis.

Typical Organization for Standards & Order is a creative entity showcasing a broad portfolio of design and publication projects including visual identity, exhibitions, packaging, films, and typeface design. The website serves primarily as a portfolio platform targeting creative professionals and clients interested in design services. The business appears to be a small-sized organization founded in 2014, with a consistent brand presence and a well-structured website built on WordPress CMS. Technically, the site uses modern web technologies including jQuery, WooCommerce, and Google Analytics, with good mobile optimization and SEO practices. However, the security posture is moderate with basic SSL but lacking DNSSEC and security headers, and no visible privacy or cookie policies, which impacts compliance and trust. Overall, the domain registration is consistent and legitimate, supporting the business claims. Strategic improvements in security and privacy compliance would enhance the organization's trustworthiness and risk profile.

The website eye-able.org is currently inaccessible due to a Cloudflare error 525 indicating an SSL handshake failure between Cloudflare and the origin server. This prevents any meaningful content from being delivered to visitors, resulting in a minimal error page with no business or contact information. The domain is very new, registered in March 2024, and hosted via IONOS SE with Cloudflare DNS. The lack of DNSSEC and SSL misconfiguration reduces the trustworthiness and security posture of the site. No privacy, cookie, or terms of service policies are present, and no forms or tracking technologies are detected. Overall, the website is effectively blocked from analysis due to the WAF error page.

R

Rasso Hilber

rassohilber.com

41

Rasso Hilber is a creative web developer based in Germany specializing in building original and accessible websites, primarily for artistic and cultural clients. The website serves as a professional portfolio showcasing a variety of projects developed using WordPress and Kirby CMS, often in collaboration with design partners. The business operates as a small entity with a niche focus on creative web development services. Technically, the website employs modern web technologies including HTTPS, jQuery, and video embedding, with good mobile optimization and SEO practices. However, there is room for improvement in accessibility and security headers implementation. Security posture is solid with HTTPS and domain transfer protection, but lacks DNSSEC and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional, trustworthy, and well-maintained, with a domain registration consistent with the business history.

F

fertig design

fertigdesign.com

43

fertig design is an award-winning design studio based in Berlin specializing in developing reasoned design concepts for various media types. The company positions itself as a niche creative agency with a strong portfolio showcased on its website. The website reflects a professional and consistent brand image targeting clients interested in high-quality design services. Technically, the site is built on WordPress with common libraries such as jQuery and Swiper.js, and it employs the Yoast SEO plugin to optimize search engine presence. The site is mobile optimized and presents a good user experience with clear navigation and professional design quality. Security-wise, the website uses HTTPS, but lacks advanced security headers and formal privacy or cookie policies, which are important for compliance and trust. The WHOIS data for the domain is missing, which raises concerns about domain registration legitimacy and transparency. Overall, the website is functional and professional but would benefit from improved privacy compliance and clearer contact information to enhance trust and security posture.

S

Spreewaldverein e.V.

gutes-spreewald.de

38

The website 'Gutes aus dem Spreewald' is a regional platform managed by Spreewaldverein e.V., focusing on promoting and marketing local products, providers, and cultural experiences in the Spreewald region of Germany. It serves as an information hub for tourists and locals interested in authentic regional specialties, events, and businesses. The site enjoys a solid market position as part of one of Germany's successful regional brands, featuring over 2,000 products from 130 companies. Technically, the site is built on WordPress with modern SEO practices via Yoast and interactive maps using Leaflet.js, hosted on kasserver.com. The design is professional, mobile-optimized, and content-rich, supporting good user experience and SEO.

The website bet-pmi.in is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) blocking access with a 403 Forbidden error. This prevents any meaningful content analysis or business information extraction. The site uses HTTPS with modern TLS 1.3 and HTTP/2 protocols, indicating a secure hosting environment, but no visible security headers or policies are present on the blocked page. The lack of accessible content and privacy-protected WHOIS data limits the ability to verify the legitimacy or business details of the domain. Overall, the site appears to be either under strict security controls or potentially inactive, resulting in a low trust and credibility score.

G

Gasthof zum Ochsen

ochsen.ch

48

Gasthof zum Ochsen is a well-established family-run hospitality business located in Arlesheim, Switzerland, offering hotel accommodations, restaurant dining, event hosting, and seminar facilities. The company emphasizes tradition, quality, and sustainability, supported by recognized certifications such as Gault & Millau and ibex fairstay platinum. The website is professionally designed, multilingual, and provides clear contact information and booking options. Technically, the site uses a custom CMS with a legacy jQuery version and standard web technologies, delivering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, though some security headers and updated libraries could improve resilience. Overall, the domain registration and business information are consistent and trustworthy, reflecting a legitimate and credible hospitality provider.

The website serverdrift.com currently presents no accessible content, with an empty HTML body and no metadata, scripts, or visible business information. The domain is registered since 2002 with a long expiry date, indicating a potentially established business, but the lack of website content suggests the site is either down, under maintenance, or blocked by security mechanisms. No privacy, cookie, or terms of service policies are present, nor any contact or security-related information. The technical infrastructure cannot be assessed due to the absence of content and metadata. Security posture is poor with no visible HTTPS or security headers. Overall, the site is not currently usable or trustworthy for visitors or customers.

The Schweizerischer Städteverband is a Swiss non-profit organization representing the interests of cities and urban municipalities across Switzerland. The website serves as an information hub providing news, dossiers, publications, and event information relevant to urban policy and city governance. It targets city officials, policymakers, and the general public interested in urban development and political advocacy. Technically, the site uses a modern JavaScript stack including jQuery, bxSlider, and Google Analytics, hosted on a CMS platform by artasio.com. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and cookie consent implemented, though explicit security headers and incident response information are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

K

Kinderregion

kinderregion.ch

46

Kinderregion is a Swiss regional platform dedicated to providing families with children ideas for excursions, family-friendly events, and regional information to facilitate leisure planning. The website targets families seeking engaging activities and cultural experiences in their local area. Technically, the site is built on WordPress, leveraging modern front-end technologies such as Lottie animations and slick carousels, and integrates Google Tag Manager and Analytics for tracking. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are absent. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the site is professional, trustworthy, and well-suited for its niche audience.

J

JUNGKUNST

jungkunst.ch

47

JUNGKUNST is a cultural event organizer hosting an art and music festival in Winterthur, Switzerland, scheduled for October 2025. The website serves as an information portal for the event, providing details about dates, location, participating artists, and opportunities for sponsorship and support. The target audience is the general public interested in arts and culture within the region. The business model revolves around event organization, sponsorships, and community engagement. Technically, the website uses standard web technologies including jQuery and integrates Facebook Pixel for tracking. The site is served over HTTPS with good SSL configuration, and performance is moderate with good mobile optimization. However, there is no detected CMS or advanced frameworks, suggesting a custom or lightweight platform. SEO and accessibility are basic but adequate for the site’s purpose. From a security perspective, the site employs HTTPS and secure form submission via Mailchimp for newsletter subscriptions. However, it lacks security headers and explicit security or incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. User tracking is moderate due to Facebook Pixel usage. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional and trustworthy, with a moderate security posture and good business credibility. Recommendations include implementing security headers, adding cookie consent, publishing security policies, and enhancing privacy compliance to improve trust and security posture.

D

DESIGNGUT

designgut.ch

47

DESIGNGUT is a Swiss-based platform organizing an annual design exhibition focused on sustainable products including fashion, accessories, jewelry, ceramics, and furniture. It serves as a marketplace and showcase for approximately 80 sustainable Swiss designers, positioning itself as a niche leader in sustainable Swiss design exhibitions. The website content is rich and well-structured, targeting consumers interested in sustainable and Swiss-made design products. Technically, the website uses standard web technologies such as HTML5, CSS3, jQuery, and Fancybox, with a custom CMS inferred from URL patterns. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Social media presence is strong, with multiple Facebook and Instagram links for exhibitors and the event itself. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security measures.

M

Musik Spiri

spiri.ch

47

Musik Spiri is a small regional retailer specializing in musical instruments including woodwind, brass, string, and percussion instruments, with physical locations in Winterthur and Meilen, Switzerland. The company offers sales, rentals, repair services, and an online shop, targeting musicians and music enthusiasts in the region. The website is built on the cm4all CMS platform and hosted by Hostpoint AG, utilizing legacy JavaScript libraries and Google Analytics for tracking. While the site provides useful business information and event details, it lacks visible contact emails or phone numbers in the HTML content and does not have explicit terms of service or comprehensive privacy compliance mechanisms. Security posture is moderate with HTTPS implied but missing explicit security headers and outdated JavaScript libraries. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

M

Musikhaus Bucher AG

musikbucher.ch

49

Musikhaus Bucher AG is a well-established Swiss retail business specializing in wind instruments, accessories, rentals, and repairs, operating since 1978. The company targets musicians of all levels primarily in the Zürich Nord region, offering both physical store services and an online shop. Their market position is that of a trusted local specialist with a strong customer service focus and a comprehensive product and service range. Technically, the website employs a modern technology stack including Bootstrap, jQuery, and tracking tools such as Google Analytics and Facebook SDK, providing a responsive and user-friendly experience. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and incident response information are absent. Privacy compliance is addressed with visible cookie consent and privacy policies, aligning with GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, supporting the company's credibility and business goals.

A

Andys Musicshop

andys-musicshop.ch

49

Andys Musicshop is a small retail business based in Uster, Switzerland, specializing in the sale of musical instruments and related equipment such as PA systems, studio recording gear, and keyboard instruments. The company operates both a physical store and an e-commerce platform, targeting musicians and music enthusiasts primarily within Switzerland. The website is professionally designed with consistent branding and clear navigation, providing essential business information including contact details and terms of service. Technical infrastructure indicates use of Shopware CMS and integration of Google Analytics with IP anonymization, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and basic privacy compliance, though improvements are needed in security headers and cookie consent mechanisms. Overall, the website is trustworthy and safe for general audiences, with no adult or questionable content detected.

R

RESIGN. Grafikstudio

resign.ch

49

RESIGN. Grafikstudio is a well-established small design and web agency based in Winterthur, Switzerland, specializing in WordPress website design, branding, and SEO services. With over 25 years of experience, the company targets businesses and startups seeking modern and professional digital presence solutions. The website reflects a mature digital infrastructure using modern technologies such as Bootstrap, jQuery, and Google Tag Manager, indicating a good level of digital maturity and SEO awareness. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though the absence of explicit cookie consent and security policies suggests room for compliance improvement. Overall, the site is professional, trustworthy, and well-structured, supporting the company's market position as a reliable local web agency.

M

Matthäi

matthaei.de

48

Matthäi is a well-established German construction and infrastructure company with over 90 years of experience. The company operates across multiple sectors including infrastructure construction, building construction, raw materials, building materials, logistics, and disposal services. With a workforce of over 3,500 employees and more than 75 locations, Matthäi holds a strong market position in Germany. The website reflects a mature digital presence with modern technologies, good performance, and a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS and privacy-respecting analytics, though explicit security policies and incident response contacts are not publicly visible. Overall, the domain registration and website content align well, indicating a trustworthy and credible business.

The Niedersächsischer Fußballverband e.V. operates the NFV Nachhaltigkeitspreis website to promote and award sustainable projects initiated by football clubs in Niedersachsen. The website serves as an informational and application portal for member clubs to participate in the annual sustainability award, supported by prominent partners such as Volkswagen and regional financial institutions. The site is well-branded, content-rich, and targets a regional non-profit sports audience effectively. Technically, the site is built on TYPO3 CMS with modern JavaScript components, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks some security headers and formal policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site is trustworthy and professionally maintained, with room for improvements in privacy and security transparency.

N

Niedersächsischer Fußballverband e. V. (NFV)

nfv-fussballschule.de

46

The Niedersächsischer Fußballverband e. V. (NFV) operates the Matthäi-Fußballschule, a well-established football training school for youth aged 7 to 14, located in Barsinghausen, Germany. The school has a strong regional presence with over 22,000 participants since its founding in 2005 and benefits from partnerships with reputable brands such as adidas, Volkswagen, and AOK. The website effectively communicates its services, schedules, and news, targeting young football enthusiasts and their families. Technically, the site is built on TYPO3 CMS, employs modern web technologies, and is mobile-optimized with good SEO practices. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms, and integrates Google Analytics with privacy considerations, though it lacks some advanced security headers and explicit security policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, supporting the organization's credibility and user trust.

N

Niedersächsischer Fußballverband (NFV) and VGH Versicherungen

vghmasters.de

44

The VGH Masters website serves as a regional event portal for eSports tournaments organized by the Niedersächsischer Fußballverband (NFV) and VGH Versicherungen. It targets football clubs in Niedersachsen, Germany, promoting competitive gaming on PlayStation 5 with EA Sports FC 26. The site provides detailed tournament schedules, locations, and registration links, primarily directing users to an external platform for sign-ups. Technically, the site is built on WordPress using the Divi theme, with interactive features such as a Leaflet.js map and embedded YouTube videos enhancing user engagement. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers are missing. Privacy compliance is limited due to the absence of privacy and terms of service pages, representing an area for improvement. Overall, the site is professional, trustworthy, and well-branded, serving its niche audience effectively.

N

Niedersächsischer Fußballverband e.V.

cupderregion.de

43

The website www.cupderregion.de represents the 'Cup der Region', a well-established annual youth football tournament organized by the Niedersächsischer Fußballverband e.V. It targets A-Junioren teams from the Hannover region, providing a platform for competitive sportsmanship and community engagement. The site offers detailed information about the event, including schedules, participating teams, prizes, and fair play awards, supported by regional sponsors such as Sparkasse Hannover and UESTRA. The business model is non-profit and focused on regional sports promotion. Technically, the website is built on TYPO3 CMS, utilizing modern web standards including HTML5, CSS3, and JavaScript. The site is mobile-optimized with a clear layout and good user experience. However, performance is moderate and accessibility features are basic. SEO optimization is present but could be improved. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS, but lacks visible security headers and cookie consent mechanisms. No forms or sensitive data collection points are present, reducing attack surface. WHOIS data confirms domain legitimacy and consistency with the business purpose. No vulnerabilities or suspicious patterns were found. Privacy policy is present and GDPR compliance appears basic but adequate. Overall, the website is a trustworthy, well-maintained regional sports event platform with good content quality and business credibility. Security posture is adequate but could be enhanced with additional headers and privacy features. Recommendations include implementing cookie consent, security headers, and publishing incident response contacts to improve compliance and trust.

S

Studio B54

studio-b54.de

45

Studio B54 is a local fitness and wellness studio located in Barsinghausen, Germany, offering a wide range of services including fitness training, aqua-fitness, yoga, massages, and personal training. The business targets health-conscious individuals seeking modern training facilities and wellness services. The website is built on TYPO3 CMS and incorporates modern frontend technologies such as Bootstrap and FontAwesome, with Google Analytics integrated for visitor insights while respecting privacy through IP anonymization. The site is well-structured, mobile-optimized, and provides clear navigation and contact options including phone, email, and a newsletter subscription form. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Overall, the website reflects a professional and trustworthy business presence with strong local partnerships and customer engagement.

The Gemeinsame Ethikkommission der Hochschulen Bayerns (GEHBa) serves as the joint ethics commission for Bavarian universities, providing ethical review and evaluation of research projects involving human subjects. It operates as a specialized non-profit academic body, ensuring compliance with ethical and legal standards in research. The website clearly targets researchers and academic staff within Bavarian higher education institutions, offering information on application procedures and contact details. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and hosted on AWS infrastructure, indicating a mature digital presence. The use of Matomo analytics with Do Not Track enabled reflects a privacy-conscious approach. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in implementing security headers and visible cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-aligned with its academic mission.

The Association of the Bavarian Universities of Applied Sciences (UAS), represented by Hochschule Bayern e.V., is a significant educational organization combining academic education with applied research and development across Bavaria. It encompasses 19 universities, serving approximately 120,000 students including a substantial international cohort. The association offers a broad spectrum of degree programs and maintains extensive partnerships with companies and universities worldwide, positioning itself as a key player in regional higher education. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as Swiper and Drawer for UI components, and Font Awesome for icons. The site is mobile-optimized with good navigation and SEO practices. Analytics are handled via Matomo with Do Not Track enabled, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism. No security policy or incident response information is published, which could be improved to enhance trust and compliance. The WHOIS data is privacy protected, which is justified for this type of organization. Overall, the website is professional, trustworthy, and serves its educational mission well. Strategic improvements in security headers, privacy notices, and incident response transparency would further strengthen its posture.

D

Dennis Dasios

ddasios.com

42

The website ddasios.com serves as a personal portfolio for Dennis Dasios, showcasing a history of web design and development projects primarily for corporate clients and informational sites. The site positions itself as a niche personal branding platform within the technology industry, targeting potential clients or collaborators interested in web design services. The business model is centered around portfolio presentation rather than direct e-commerce or service transactions. Technically, the site employs a modest technology stack including jQuery, typed.js, and Google Analytics for tracking, hosted on Contabo servers. The site demonstrates basic mobile optimization and SEO practices but lacks advanced accessibility features or modern frameworks. Security posture is minimal; while the domain is registered with a reputable registrar and protected against unauthorized transfers, the site lacks DNSSEC, visible HTTPS enforcement, and security headers. No privacy, cookie, or terms of service policies are published, and no contact information is provided, limiting trust and compliance. Overall, the site is functional as a portfolio but requires improvements in security, privacy compliance, and contact transparency to enhance credibility and user trust.

Hochschule Bayern e.V. is a non-profit association representing the interests of Bavarian universities of applied sciences. The organization acts as a communication bridge between its member institutions and governmental bodies, politics, and the public. The website is professionally designed using TYPO3 CMS and hosted on AWS infrastructure, indicating a mature technical setup. The site provides comprehensive information about member universities, current news, events, and position papers relevant to higher education in Bavaria. Security posture is solid with HTTPS and privacy-conscious analytics (Matomo with DoNotTrack), though improvements are recommended in cookie consent and security headers. Overall, the site is trustworthy, well-maintained, and serves its educational and representative mission effectively.

M

MTV v. 1848 Hildesheim e.V.

mtv48hildesheim.de

49

MTV v. 1848 Hildesheim e.V. is a well-established local sports club in Germany, offering a wide range of sports and health-related activities including courses, training, rehabilitation sports, and community events. The club targets a broad audience including families, children, seniors, and sports enthusiasts within the Hildesheim region. Their market position as the oldest sports club in Hildesheim supports a strong community presence and trust. Technically, the website is built with standard web technologies including HTML5, CSS, and JavaScript, enhanced by Matomo analytics for user tracking and Sliderm.js for interactive slideshows. Hosting is provided by rzone.de, and the site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers, a cookie consent mechanism, and formal security or incident response policies. The use of Matomo suggests some privacy awareness, but GDPR compliance could be improved by adding explicit cookie consent and privacy notices. Overall, the website is professional, trustworthy, and content-rich, serving its community effectively. Strategic improvements in privacy compliance and security posture would enhance user trust and regulatory adherence.

M

Musikschule Alato

ms-alato.ch

47

Musikschule Alato is a regional music school based in Switzerland offering a wide range of instrumental and vocal lessons for children, youth, adults, and seniors. The school operates in multiple locations including Illnau-Effretikon, Lindau, Dietlikon, and Wallisellen, and maintains partnerships with various music-related businesses and organizations. Their business model focuses on direct enrollment for individual and group music education services, supported by a professional and user-friendly website. Technically, the website is built on WordPress with Bootstrap and jQuery, integrating modern web technologies such as Google Analytics and FontAwesome. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and includes standard security headers, secure forms, and a cookie consent mechanism, reflecting a good security posture. However, explicit security policies and incident response contacts are not present, indicating areas for enhancement. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR requirements. The risk level is low, but strategic improvements in security transparency and accessibility could further strengthen the site's posture.

The Schweizerischer Städteverband is a Swiss non-profit association representing the interests of cities and urban municipalities across Switzerland. It acts as a political lobby and public advocate to promote urban concerns in areas such as finance, transport, environment, social policy, and culture. The website is professionally designed, content-rich, and targets municipal stakeholders and the general public interested in urban policy. Technically, the site uses a modern JavaScript stack with analytics and search integrations, hosted on a CMS platform. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and incident response policies are absent. Overall, the site is trustworthy, compliant with privacy regulations, and well-positioned as a leading urban association in Switzerland.

D

DINGFO | Donau-Iller-Nahverkehrsverbund-GmbH

dingfo.de

45

DINGFO is a digital magazine operated by Donau-Iller-Nahverkehrsverbund-GmbH, focusing on public transportation and regional stories within the DING area in Germany. The website serves as an information portal providing news, fun facts, and travel destinations related to the local public transport network. It holds a niche regional market position with a medium-sized audience. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and Elementor, with integrated cookie consent management via Cookiebot and analytics through Google Analytics. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS and uses a consent mechanism for cookies, but lacks some security headers and explicit security policies, which could be improved. Overall, the website is trustworthy, compliant with GDPR, and safe for general audiences.

K

Kunsthaus Baselland

kunsthausbaselland.ch

49

Kunsthaus Baselland is a prominent cultural institution specializing in contemporary art exhibitions and educational programs in the Basel region of Switzerland. The website reflects a well-established non-profit organization with a clear focus on regional, national, and international contemporary art. It offers a variety of services including exhibitions, artist showcases, educational events, and membership opportunities, targeting art enthusiasts and the general public interested in culture. The site is professionally designed with consistent branding and clear navigation, supporting both German and English languages. Technically, the website employs modern JavaScript libraries such as jQuery and Masonry for dynamic layouts and uses MailChimp for newsletter subscriptions. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices are adequately implemented with proper meta tags and Open Graph data. However, no explicit CMS or hosting provider details are evident. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML content. Nevertheless, it lacks visible security headers and formal security policies, including incident response contacts. Privacy and cookie policies are absent, which impacts compliance with GDPR and related regulations. The newsletter form collects user emails with consent confirmation but does not provide detailed data retention or privacy information. Overall, Kunsthaus Baselland's website is trustworthy, professional, and content-rich, but it would benefit from enhanced privacy compliance, security hardening, and formal policy disclosures to improve its security posture and regulatory adherence.