Security Directory

F

FXB Climate

fxbclimateadvocates.org

54

FXB Climate Advocates is a small, youth-focused non-profit organization dedicated to climate activism and environmental protection. Their website, built on the Wix platform, presents a professional and consistent brand image targeting young climate activists. The site provides information about their mission and encourages engagement but lacks explicit contact details and formal privacy or cookie policies. Technically, the website uses modern web technologies with HTTPS enforced, but it lacks advanced security headers and privacy compliance mechanisms. The absence of WHOIS data due to privacy protection limits the ability to fully verify domain legitimacy. Overall, the website is safe and functional but would benefit from enhanced privacy and security features to improve trust and compliance.

Z

Zürcher Kantonalbank

zkb.ch

75

Zürcher Kantonalbank is a well-established Swiss universal bank with over 150 years of history, offering a broad range of financial services including private banking, retail banking, mortgages, investment, and digital banking solutions. The website reflects a mature digital presence with comprehensive service information targeting private clients in Switzerland. The bank positions itself as a secure and trusted financial institution with strong local roots. Technically, the site uses Adobe Experience Manager as its CMS, integrates OneTrust for cookie consent, and employs Adobe Analytics for user tracking. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is strong with HTTPS enforced and consent mechanisms in place, though explicit security policies and incident response contacts are not found. Overall, the domain registration and WHOIS data align well with the bank's identity, supporting legitimacy and trust.

T

ti&m AG

ti8m.com

76

ti&m AG is a Swiss-based technology company specializing in digital solutions and security products, serving clients primarily in Switzerland and the European Union. Positioned as a market leader, the company focuses on innovation projects and digital transformation services. Their website reflects a professional and modern digital presence, emphasizing their expertise and leadership in the technology sector. The company targets business clients seeking advanced digital and security solutions, leveraging certifications such as ISO 27001 to reinforce trust and credibility. The technical infrastructure of the website includes modern web technologies and multiple analytics tools such as Google Analytics, Microsoft Clarity, Hotjar, and LinkedIn Insight Tag, integrated with a consent management platform (OneTrust) to ensure GDPR compliance. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital strategy. However, the absence of explicit CMS or hosting provider details limits full infrastructure transparency. From a security perspective, the website enforces HTTPS with strong SSL configuration and employs privacy-conscious tracking practices like IP anonymization. While security headers are implied, explicit implementation details are not fully visible. The presence of ISO 27001 certification suggests a robust internal security framework, though the lack of a dedicated security policy or incident response page indicates room for improvement in transparency and readiness. Overall, the website presents a trustworthy and professional image with good privacy compliance and security posture. The main risk factor is the lack of WHOIS data, which raises questions about domain registration transparency. Strategic recommendations include enhancing security header implementation, publishing detailed security policies, and establishing clear incident response contacts to further strengthen trust and compliance.

I

Inventage AG

inventage.com

70

Inventage AG is a Swiss-based technology company specializing in custom software solutions leveraging modern web technologies and open-source components. Established in 2000, the company targets businesses and organizations seeking tailored digital solutions. Their market position is that of a trusted, established provider with a focus on quality and innovation. The website reflects a professional and consistent brand image with clear contact information and social media presence, supporting credibility and trust. Technically, the website uses modern web standards with JavaScript and CSS, and integrates Matomo Analytics for privacy-conscious user tracking. Hosting is provided by Cloud DNS Ltd, and the domain is well-maintained with a long history. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured data. From a security perspective, HTTPS is enforced, and domain status includes clientTransferProhibited, indicating domain transfer protection. However, DNSSEC is not enabled, and no security headers were detected, which could be improved. No explicit security policies or incident response contacts are published, representing an area for enhancement. Privacy compliance is good with a comprehensive privacy policy, but no cookie consent mechanism was found. Overall, the website and business demonstrate a solid risk posture with no critical vulnerabilities or suspicious indicators. Strategic recommendations include enabling DNSSEC, adding security headers, publishing security policies, and implementing cookie consent to enhance compliance and trust.

I

INNOQ

innoq.com

73

INNOQ is a professional technology consulting firm specializing in software architecture, digital product development, AI, and training services. The company operates primarily in Germany and Switzerland with multiple office locations, serving technology-focused clients seeking innovative and pragmatic software solutions. Their market position is that of an established medium-sized consultancy with a strong emphasis on future-proofing technology and delivering effective digital infrastructures. Technically, the website demonstrates a mature digital infrastructure with modern web technologies, including optimized performance, mobile responsiveness, and accessibility features. The use of Cloudflare for hosting and analytics, Cloudinary for media delivery, and FriendlyCaptcha for form protection indicates a well-architected and secure technical environment. From a security perspective, the site enforces HTTPS, uses CAPTCHA to prevent spam, and offers S/MIME certificates for encrypted email communication, reflecting a strong security posture. However, the absence of explicit security headers and a public security policy or vulnerability disclosure program suggests areas for improvement. The lack of WHOIS data reduces transparency but does not detract significantly from the overall trustworthiness given the professional presentation and contact information. Overall, INNOQ presents a low-risk profile with a solid business and technical foundation. Strategic recommendations include enhancing security headers, publishing security policies, and implementing cookie consent mechanisms to further improve compliance and trust.

Hexagon AB is a global leader in measurement technologies, providing advanced solutions that enhance productivity, quality, safety, and sustainability across vital industries such as construction, manufacturing, mining, and transportation. The company leverages cutting-edge technologies including robotics, AI, digital twins, and spatial intelligence to deliver innovative products and services tailored for enterprise clients. Hexagon's market position is strong, supported by numerous customer success stories and a consistent brand presence. Technically, the website is built on modern frameworks like Next.js and React, with content managed via Sitecore Content Hub. The site demonstrates excellent performance, mobile optimization, and SEO practices. Security is robust with HTTPS enforced and multiple security headers implemented, alongside a cookie consent mechanism indicating privacy awareness. However, explicit privacy policies, terms of service, and security incident response information are not visibly published. The security posture is solid with no detected vulnerabilities or exposed sensitive data. WHOIS data confirms the legitimacy of the domain and company information, aligning with the website's claims. The absence of direct contact emails or phone numbers and lack of published security policies represent areas for improvement. Overall, Hexagon's website reflects a mature, enterprise-grade digital presence with strong business credibility and technical implementation. Strategic enhancements in privacy and security transparency would further strengthen trust and compliance.

Astina AG is a Swiss technology company specializing in e-commerce, process digitization, and system integrations. Their business model focuses on providing tailored digital transformation solutions to other businesses, leveraging platforms such as the Paloma Platform and various e-commerce and automation services. The company maintains a professional online presence with a clear focus on customer success and digital innovation, supported by a portfolio of reputable clients and partners. Technically, the website employs standard web technologies including JavaScript, CSS, and HTML5, with a responsive design optimized for mobile devices. While the site performs moderately well, there is room for improvement in accessibility and SEO enhancements. No CMS or hosting provider details were explicitly identified. From a security perspective, the website uses HTTPS, indicating basic encryption standards. However, there is a lack of visible security headers and no published security or incident response policies, which could be improved to enhance trust and compliance. The absence of privacy and cookie policies represents a compliance gap, especially under GDPR regulations. Overall, the website is trustworthy and professionally maintained, with clear business contact information and no signs of malicious content or blocking mechanisms. Strategic improvements in privacy compliance and security transparency would further strengthen the company's digital maturity and customer trust.

A

Adnovum

adnovum.ch

68

Adnovum is a technology company specializing in digital business solutions, cybersecurity, consulting, and cloud services, with a strong focus on banking, insurance, public sector, and transportation industries. The company positions itself as a trusted partner with over 30 years of experience, delivering tailored software and security solutions to enterprises and organizations. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that targets enterprise clients seeking digital transformation and security expertise. Technically, the website is built on the HubSpot CMS platform, leveraging modern analytics and marketing tools such as Google Analytics 4, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized, accessible, and SEO-friendly, indicating a well-maintained digital infrastructure. Security best practices are observed with HTTPS enforcement and security headers, though explicit security policy and incident response information are not publicly detailed. From a security perspective, the site demonstrates good posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring clear privacy and cookie policies with consent mechanisms aligned with GDPR requirements. However, the absence of WHOIS registration data and domain transparency slightly reduces trustworthiness, suggesting possible privacy protection or registration under a different domain variant. Overall, Adnovum's website presents a professional, secure, and privacy-conscious digital front that supports its business credibility. Strategic improvements could include publishing detailed security policies, incident response plans, and enhancing domain registration transparency to further strengthen trust and compliance.

Z

Zühlke Group

zuehlke.com

66

Zühlke Group is a well-established global technology and innovation service provider specializing in digital transformation, software engineering, and business innovation. The company targets enterprise clients seeking to modernize and innovate their business processes and products. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content that aligns with the company's market positioning and services. Technically, the site leverages modern frameworks such as Nuxt.js and includes advanced UI components like Plyr and Flickity, ensuring a fast and responsive user experience across devices. Security is robust with HTTPS enforcement, security headers, and no visible vulnerabilities, complemented by comprehensive privacy and cookie policies that demonstrate GDPR compliance. However, the absence of WHOIS registration data limits domain trust analysis, though the website's professionalism and certifications like ISO 27001 support its legitimacy. Overall, the site presents a low-risk profile with strong business credibility and technical maturity.

O

Orange Business

orange-business.com

77

Orange Business is a leading global provider of digital transformation services, specializing in end-to-end intelligent solutions, hybrid and public cloud services, cybersecurity, AI, and IoT. The company targets enterprise clients seeking to modernize their IT infrastructure and enhance operational efficiency. Their market position is strong, supported by partnerships with major technology firms and a comprehensive portfolio of services. Technically, the website is built on Drupal CMS with modern JavaScript frameworks and includes personalization and privacy management tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and privacy compliance mechanisms in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the website reflects a professional and trustworthy enterprise presence with moderate to high technical and security maturity.

Ergon Informatik AG is a well-established Swiss IT company founded in 1984, specializing in custom software development, digital transformation consulting, security solutions, and advanced technologies such as artificial intelligence and blockchain. The company holds a strong market position in Switzerland and Germany, serving diverse industries including finance, healthcare, retail, and government. Their business model focuses on delivering tailored software solutions and consulting services to ambitious organizations seeking digital innovation and operational excellence. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the website employs modern web technologies including JavaScript frameworks (likely Vue.js), CSS, and integrates a consent management platform (Usercentrics) alongside Google Tag Manager for analytics. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a high level of digital maturity. Security measures such as HTTPS enforcement, security headers, and privacy compliance mechanisms are in place, demonstrating a responsible approach to user data protection. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive information. However, explicit security policies and incident response contacts are not publicly available, which could be improved to enhance transparency and trust. Privacy compliance is strong, with GDPR-aligned cookie consent and a detailed privacy policy. Overall, Ergon Informatik AG presents a trustworthy and professional online presence with robust technical and privacy standards. Strategic recommendations include publishing explicit security policies, adding vulnerability disclosure information, and enhancing incident response readiness to further strengthen their security posture and stakeholder confidence.

B

B4Takeoff.net

b4takeoff.net

55

B4Takeoff.net is a specialized digital platform providing electronic flight logbook services compliant with European aviation regulations. It targets pilots and aviation professionals, offering features such as flight tracking, license monitoring, checklists, and multi-user collaboration. The business operates on a subscription model with free registration and premium paid plans, positioning itself as a niche but recognized player in the aviation digital tools market. Technically, the website uses standard web technologies (HTML, CSS, JavaScript) with moderate performance and good mobile optimization. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

F

FlightCenterPlus

flightcenterplus.de

50

FlightCenterPlus is a specialized software provider offering a comprehensive flight club and aviation sports management platform primarily targeting German-speaking aviation clubs, flight schools, and individual pilots. The platform includes modules for member management, aircraft tracking, flight logging, maintenance, financial administration, training, and reporting. The business model is subscription-based with flexible monthly terms and no minimum contract duration, positioning it as a niche but professional player in the aviation software market in Germany. Technically, the website is built with standard web technologies including HTML5, CSS, and JavaScript, with custom scripts supporting functionality such as smooth scrolling and login features. Hosting is managed via GoDaddy's domain control services, and the site shows moderate performance and good mobile optimization. However, there is no evidence of a CMS or modern web frameworks. SEO and accessibility are basic but adequate for the target audience. From a security perspective, the site uses HTTPS (assumed but not explicitly confirmed in provided data) and implements some security best practices in the login form, such as password visibility toggling and cryptographic salts. However, the absence of security headers, anti-CSRF tokens, and published security or incident response policies indicates room for improvement. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected. Overall, the website is professional and trustworthy with clear contact information and relevant content for its niche. The security posture is moderate but could be enhanced with standard web security headers and policies. The risk level is low to moderate, with recommendations focusing on improving security headers, privacy compliance, and incident response transparency.

H

Togel HK ~ Pengeluaran HK Pools ~ Angka Keluaran HK ~ Data HK Hari Ini ~ Result HK Prize

hplc2023-duesseldorf.com

47

The website eurocorr2021.org operates as an e-commerce platform focused on providing lottery-related data and results, specifically targeting the Indonesian market interested in Togel HK (Hong Kong pools). The business model revolves around selling lottery data and results, catering to online lottery players. The site is built on the Squarespace platform, leveraging standard web technologies and Cloudflare DNS services. The technical infrastructure is basic but functional, with moderate performance and mobile optimization. Security posture is adequate with HTTPS and HSTS enabled, but lacks advanced security headers and DNSSEC. The WHOIS data raises significant concerns due to a future domain creation date and use of a domain drop catching registrar, which undermines trust and legitimacy. No privacy, cookie, or terms of service policies are present, and no contact information is provided, limiting compliance and user trust. The content is gambling-related, targeting mature audiences, and the site does not employ WAF or blocking mechanisms, allowing full content access.

L

Land Berlin

berlin.de

63

Berlin.de is the official city portal of Germany's capital, Berlin, providing comprehensive information and services for residents, tourists, and stakeholders. The website offers a wide range of public services including online administrative procedures, cultural event information, tourism guidance, and career opportunities within the city administration. It serves as a central hub for official communications and citizen engagement, reflecting the city's governance and community priorities. Technically, the website is hosted on Amazon AWS infrastructure, utilizing a custom or proprietary CMS with a modern JavaScript and CSS stack. The site demonstrates good mobile optimization, accessibility features, and SEO practices, ensuring a positive user experience across devices. The use of async scripts and crossorigin attributes indicates attention to performance and security. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks explicit security headers and does not publicly provide vulnerability disclosure or incident response information, which are areas for improvement. Privacy compliance is strong with a comprehensive GDPR-compliant privacy policy, though no cookie consent mechanism was detected. Overall, Berlin.de presents a trustworthy, professional, and well-maintained digital presence for the city government, with minor gaps in security transparency and cookie consent that could be addressed to enhance compliance and user trust.

B

Bundesministerium für wirtschaftliche Zusammenarbeit und Entwicklung

bmz.de

74

The Bundesministerium für wirtschaftliche Zusammenarbeit und Entwicklung (BMZ) is the German Federal Ministry responsible for planning and implementing Germany's development policy. The website serves as an official government platform providing information on development cooperation, policy updates, press releases, and international collaboration efforts. It targets citizens, partner organizations, and international development stakeholders. The site is professionally designed with consistent branding and offers content primarily in German with an English option.

B

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMBFSFJ)

bmfsfj.de

67

The Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend (BMBFSFJ) is the German federal ministry responsible for education, family affairs, senior citizens, women, and youth. The website serves as an official government portal providing comprehensive information, policy updates, and public services related to these sectors. It targets a broad audience including families, seniors, women, youth, and stakeholders in education and social policy. The ministry operates as a large government entity with a strong market position as a federal authority in Germany. Technically, the website employs a modern and accessible design with a custom framework (Rebrush) and uses Matomo analytics configured for privacy compliance. The site is mobile-optimized, SEO-friendly, and hosted under a German research network DNS, indicating a robust infrastructure. The content quality is excellent with clear navigation and rich, relevant information. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR. While some advanced security headers are missing, no vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the official government domain usage, reinforcing legitimacy. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding a vulnerability disclosure mechanism to further strengthen the security posture.

The website www.zug.ch serves as the official online portal for the canton and city of Zug in Switzerland, providing a wide range of government-related information and public services. It targets residents, businesses, and visitors by offering access to political bodies, administrative departments, education, health, social services, tax information, and more. The portal links extensively to official canton and city subdomains, reinforcing its role as a trusted government resource. Technically, the site employs established JavaScript libraries such as jQuery and jQuery UI to deliver interactive features like accordions and carousels. The use of HTTPS ensures secure communication, and the site appears to be mobile-optimized with responsive CSS stylesheets. However, the absence of explicit privacy and cookie policies, as well as missing security headers, indicates areas for improvement in compliance and security hardening. From a security perspective, the site shows no signs of WAF blocking or security challenges, and no vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the official government entity, confirming the domain's legitimacy and trustworthiness. Nonetheless, the lack of published privacy and cookie policies and incident response contacts reduces the overall privacy compliance score. Overall, www.zug.ch is a credible and professional government portal with good content quality and technical implementation. Strategic enhancements in privacy compliance and security headers would further strengthen its security posture and user trust.

T

TEKO Schweizerische Fachschule AG

teko.ch

56

TEKO Schweizerische Fachschule AG is a Swiss educational institution specializing in technical and business education with campuses in Basel, Bern, Luzern, Olten, and Zürich. The website presents a professional and well-structured platform offering a variety of higher education programs, seminars, and preparation courses for federal professional exams. The institution holds recognized certifications such as ISO and eduQua, reinforcing its credibility in the education sector. The target audience includes students and professionals seeking advanced education in technology and business fields within Switzerland. Technically, the website employs modern JavaScript frameworks and analytics tools including Google Tag Manager, Google Analytics, Facebook Pixel, Matomo, and Olark live chat. The CMS appears to be Pimcore, supporting a responsive and user-friendly design optimized for mobile devices. SEO and accessibility are adequately addressed, though accessibility could be enhanced further. From a security perspective, the site uses HTTPS with good SSL configuration and implements Google reCAPTCHA v3 for bot protection. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy policy or terms of service pages found in the provided content. Overall, the website is trustworthy, professional, and secure with room for improvement in privacy and security policy transparency. The domain registration data aligns well with the website's claims, indicating legitimacy and consistency. Strategic recommendations include publishing comprehensive privacy and security policies, adding security headers, and enhancing accessibility features.

TheFork.nl is a website associated with TheFork, a restaurant reservation platform operating in the Netherlands. The business focuses on providing online restaurant booking services to a general audience. The domain is registered since 2014, consistent with an established hospitality service provider. However, the website content is currently inaccessible due to a security challenge page, likely a CAPTCHA, which prevents full content analysis. This limits visibility into the website's privacy, cookie, and security policies, as well as contact information and business details. From a technical perspective, the site uses JavaScript and a third-party CAPTCHA service for bot mitigation. No further technical or CMS details are available. The lack of accessible content and metadata restricts assessment of SEO, accessibility, and performance. Security posture cannot be fully evaluated due to missing headers and SSL details. The WHOIS data indicates a legitimate domain registration with no privacy protection and a consistent registration date and registrar. No suspicious patterns were detected. The absence of visible privacy and cookie policies and contact information is a concern for compliance and user trust. Overall, the site’s security posture is limited by the blocking mechanism, and the lack of accessible content hinders a comprehensive evaluation. Strategic recommendations include improving transparency by publishing privacy and cookie policies, enabling DNSSEC, and providing clear contact channels for security incidents.

The website thefork.es is currently inaccessible due to a bot protection mechanism implemented via captcha-delivery.com services, which blocks direct access to the site's content. As a result, no business-specific information, metadata, or contact details could be extracted from the provided HTML content. The site appears to be protected by a Web Application Firewall or similar security layer that requires CAPTCHA validation before granting access. Without access to the actual content, a detailed assessment of the business, technical infrastructure, or security posture is not feasible. From the limited data, the site uses JavaScript and external CAPTCHA scripts for bot mitigation. No privacy, cookie, or terms of service policies were found in the provided content, nor were any contact details or social media links. The lack of accessible content prevents evaluation of SEO, accessibility, or performance metrics. Security-wise, the presence of a CAPTCHA challenge indicates an effort to mitigate automated attacks or abuse, which is a positive security control. However, no further security headers or SSL details were available to assess the overall security posture. The absence of visible business or compliance information limits trust and credibility evaluation. Overall, the site is currently blocked from analysis due to security controls, resulting in a low AI score and incomplete insights. For a comprehensive evaluation, access to the full website content without WAF restrictions is necessary.

E

Engadiner Post / Posta Ladina

engadinerpost.ch

43

Engadiner Post / Posta Ladina is a regional media outlet serving the Engadin region in Switzerland, providing local news, community information, and advertising services. The website offers subscription options, e-paper digital editions, and a platform for local announcements and classifieds. The target audience includes residents and visitors interested in regional news and events. Technically, the site employs modern JavaScript frameworks, Google Tag Manager for analytics, and Revive Adserver for advertising. The design is responsive and optimized for mobile devices, with clear navigation and good content relevance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is adequate with a privacy policy and cookie consent mechanism present. WHOIS data confirms the legitimacy and consistency of the domain registration with the business focus. Overall, the website is professional, trustworthy, and well-positioned in its regional media market.

V

Vereinsflieger.de

vereinsflieger.de

50

Vereinsflieger.de is a specialized online platform providing club management software tailored for flight sport clubs in Germany. The website offers services including online club administration, flight logging, seminar scheduling, and integrations with flight school solutions and electronic logbooks. The target audience primarily consists of flight clubs, flight instructors, and aviation enthusiasts within the German-speaking market. The business operates as a small-sized entity focusing on a niche transportation sector with a SaaS business model. Technically, the website is built with standard HTML, CSS, and JavaScript, hosted with DNS services from GoDaddy. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses password masking and cryptographic salts in login forms but lacks visible security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No blocking or WAF mechanisms were detected, and the domain registration appears consistent with the business purpose. Overall, the website demonstrates a good balance of content quality, technical implementation, and business credibility, with room for improvement in security and privacy compliance.

W

WeGlide

weglide.org

59

WeGlide is a niche community platform dedicated to the gliding sports community, offering services such as flight uploads, story sharing, pilot following, competitions, live tracking, and task planning. The platform targets gliding pilots and enthusiasts, positioning itself as a specialized social and competitive hub within the transportation sector. The website is implemented as a modern Progressive Web App (PWA) using JavaScript and Vue.js frameworks, optimized for mobile devices with good design and navigation clarity. Technical infrastructure includes custom privacy-focused analytics and map rendering technologies, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS usage and no visible sensitive data exposure, but lacks explicit security headers and formal privacy or cookie policies. The absence of WHOIS registrant data suggests privacy protection, which is typical for community platforms. Overall, the site is trustworthy and functional but could improve in privacy compliance and security best practices.

S

skyguide

skybriefing.com

69

Skybriefing.com is a professional aviation service website operated under the brand skyguide, providing essential services such as flight plan filing, NOTAM briefings, weather briefings, and access to aviation publications primarily for the Swiss aviation community. The website is well-structured, uses modern web technologies including Vaadin and Liferay, and maintains a consistent brand identity aligned with its parent organization. The domain is well-established since 2012, with registration details consistent with the business profile. Privacy and cookie policies are implemented with GDPR compliance in mind, and user tracking is conducted via Google Analytics with event tracking for downloads and form interactions. However, direct contact information such as emails or phone numbers is not prominently displayed, and no explicit security or incident response policies are published on the site.

C

Computer Online AG

on-res.com

48

The website on-res.com is operated by Computer Online AG, a Swiss company specializing in providing an online reservation and administration system tailored for aviation clubs, flight schools, and charter services. The platform offers real-time flight scheduling, digital flight logs approved by Swiss aviation authorities (BAZL), technical maintenance logs, and integration with Swiss accounting software (Comatic). The business model is that of an Application Service Provider (ASP), targeting niche aviation organizations primarily in Switzerland. The company has been established since 2002, indicating a mature presence in its market segment. Technically, the website employs basic web technologies including HTML, CSS, JavaScript, and jQuery 2.2.4. It supports multiple browsers and mobile devices such as iPads and iPhones, though mobile optimization is basic. The site lacks modern CMS frameworks and advanced SEO or accessibility features, reflecting a functional but dated technical infrastructure. From a security perspective, the domain is registered with a reputable registrar and has a long history, supporting legitimacy. However, the site lacks DNSSEC, security headers, and published privacy or cookie policies, which are notable compliance and security gaps. No WAF or blocking mechanisms are detected, and no analytics or tracking scripts are present, indicating minimal user tracking. Contact information is clearly provided, enhancing trust. Overall, the website scores moderately on content quality and business credibility but lower on technical implementation and privacy compliance. Strategic improvements in security headers, privacy documentation, and modernizing the technical stack would enhance the site's security posture and user trust.

S

Swiss Bankers Association

swissbanking.ch

67

The Swiss Bankers Association (SBA) is a prominent industry association representing Swiss banks and financial institutions. The website serves as a comprehensive platform for advocacy, information dissemination, and engagement with stakeholders in the Swiss banking sector. It offers detailed content on banking stability, regulation, digital finance, and sustainable finance, targeting banks, financial intermediaries, clients, and regulators. The SBA holds a strong market position as the leading representative body for Swiss banking, providing key services such as publications, events, and political engagement. Technically, the website is built on the Neos CMS platform using the Flow PHP framework, with modern JavaScript integrations including Google Tag Manager and Usercentrics for consent management. The site is mobile-optimized with good SEO and accessibility features, though some accessibility aspects could be improved. Performance is moderate, with a professional and consistent design that enhances user experience. From a security perspective, the site enforces HTTPS with excellent SSL configuration and uses a consent management platform for cookies, reflecting good privacy compliance. However, explicit security headers are not detected, and there is no publicly available security policy or incident response contact information. No vulnerabilities or exposed sensitive data were found, indicating a solid security posture but with room for improvement in transparency and security best practices. Overall, the SBA website is a trustworthy, professional, and well-maintained platform that effectively supports its business objectives. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

B

Bank Cler

cler.ch

76

Bank Cler is a Swiss financial institution focused on providing comprehensive banking services to private customers, including investment strategies and mobile banking solutions. The website reflects a mature digital presence with multilingual support and clear navigation tailored to its target audience. Technically, the site employs modern tracking and consent management tools such as Google Tag Manager and OneTrust, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response information are not publicly detailed. Overall, the site demonstrates professionalism and trustworthiness consistent with a reputable banking entity.

G

GANGL Dienstleistungen

gangl.de

42

Gangl.de is a specialized software developer focused on Microsoft Outlook and Exchange add-ins, serving a broad user base with over 600,000 active users. Established in 1999, the company holds a market-leading position in the D-A-CH region, offering productivity-enhancing tools tailored for business and individual users. Their product portfolio includes email management, calendar optimization, and collaboration features, supported by a dedicated development team and comprehensive customer support. The website reflects a professional and well-structured digital presence, with strong branding and clear communication of services.

E

Eventfrog

eventfrog.ch

76

Eventfrog is a Switzerland-based event calendar and ticket sales platform, positioning itself as the largest event calendar in the country with over 25,000 published events. The platform enables users to discover events and sell tickets easily and free of charge, targeting a broad general audience interested in events and parties. The website is professionally designed with consistent branding and clear business contact information, enhancing its credibility and trustworthiness. Technically, the website employs standard web technologies including JavaScript and CSS, with moderate performance and good mobile optimization. SEO practices are well implemented with comprehensive meta tags and Open Graph data, although accessibility features are basic. The site uses tracking pixels from Meta and Google Tag Manager for marketing and analytics purposes but lacks a visible cookie consent mechanism, which may impact privacy compliance. From a security perspective, the site enforces HTTPS and includes domain verification meta tags for Google, Facebook, and Microsoft, indicating some level of security awareness. However, no explicit security headers or vulnerability disclosure information are present, and privacy and cookie policies are not found in the provided content. The WHOIS data is consistent with the website's claims, showing legitimate registration and no privacy protection, which supports the domain's trustworthiness. Overall, Eventfrog presents a solid business and technical foundation with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, implementing security headers, and providing vulnerability disclosure and incident response information to enhance user trust and regulatory compliance.

B

Berner Fachhochschule

digisus-lab.ch

61

Berner Fachhochschule's Digital Sustainability Lab is a research and development unit focused on enhancing digital and innovative capabilities within the public sector. The lab offers software development, UI/UX design, data visualization, and consulting services related to digital transformation, open source, and AI. The website reflects a well-established academic institution with a clear mission to foster sustainable digital solutions for public administration. Technically, the site uses modern web technologies including Google Tag Manager and OneTrust for cookie consent, ensuring good performance and compliance with basic privacy standards. Security posture is solid with HTTPS and obfuscated emails, though explicit security policies and vulnerability disclosures are absent. Overall, the site is professional, trustworthy, and serves its target audience effectively.

S

Spektrum Media

spektrummedia.com

55

Spektrum Media is a small French technology company specializing in web software development, mobile applications, and website creation. The company has an established domain since 2008, indicating a mature presence in its niche market. The website content is minimal and primarily in French, targeting businesses and individuals seeking digital solutions. The technical infrastructure includes usage of JavaScript, Google Analytics, and hosting via Amazon AWS DNS services. However, the site lacks advanced SEO optimization and accessibility features. From a security perspective, the website uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing domain and web application security. There are no visible privacy, cookie, or terms of service policies, which indicates gaps in compliance with GDPR and other privacy regulations. No contact information or incident response details are provided, limiting transparency and trust. Overall, the website demonstrates a basic digital maturity level with room for improvement in security posture, privacy compliance, and content richness. The absence of critical security issues is positive, but the lack of policies and contact details reduces business credibility and user trust. Strategic improvements in security headers, privacy policies, and contact transparency are recommended to enhance the website's professionalism and compliance.

S

Styla GmbH

styla.com

61

Styla GmbH is a German technology company specializing in providing headless frontend solutions for e-commerce platforms, specifically BigCommerce and Shopware. Their website presents a professional and modern interface targeting merchants seeking fast and decoupled storefronts. The company is positioned as a niche B2B SaaS provider with a clear focus on enhancing e-commerce success through advanced frontend technology. The business is small-sized, founded in 1996, and operates primarily in Germany. The website content is relevant and well-structured, with good SEO and mobile optimization.

H

Hotel4home

hotel4home.com

57

Hotel4home is a German e-commerce platform specializing in exclusive hotel products for home use, including furniture, accessories, beds, and delicatessen items. The website targets consumers interested in bringing hotel-quality products into their homes and positions itself as a niche retailer with partnerships with leading hotels and brands. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, PayPal SDK for payments, and Cookiebot for cookie consent management. The site is built on the Shopware CMS platform and demonstrates good mobile optimization and SEO practices. Security-wise, HTTPS is enforced, and cookie consent is implemented; however, no security headers were detected, and no privacy policy or terms of service pages were found in the analyzed content. The WHOIS data for the domain is missing, which raises concerns about domain legitimacy despite the professional appearance of the site. Overall, the site is functional and safe for general audiences but would benefit from improved transparency and security practices.

P

prointernet GmbH & Co. KG

prointernet.de

56

prointernet GmbH & Co. KG is a well-established full-service internet agency based in Kastellaun, Germany, founded in 1998. The company specializes in web development, design, online shops, and voucher systems, serving a broad business clientele both regionally and worldwide. Their website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site employs modern web technologies including Matomo and Google Analytics for tracking, along with a consent management platform to ensure GDPR compliance. The site is mobile optimized and SEO friendly, contributing to a positive user experience. Security-wise, the website enforces HTTPS and anonymizes IP addresses in analytics, but lacks explicit security headers and published security policies, which are areas for improvement. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the company.

P

Prime Promotion GmbH

prime-promotion.de

51

Prime Promotion GmbH operates a travel website focused on socially responsible tourism, integrating charitable donations to the FLY & HELP foundation within their travel packages. The company offers a variety of travel services including event and concert trips, school visit travels, cruises, and helicopter flights, targeting travelers interested in combining leisure with social impact. The website is professionally designed, well-structured, and provides comprehensive information about travel offers, contact details, and company background. Technically, the site uses modern web technologies including Shopware CMS, Google Analytics (GA4), and a consent management platform to ensure GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy and cookie policies are present and well implemented with user consent mechanisms. The domain WHOIS data is minimal but consistent with the business claims, and no blocking or WAF mechanisms interfere with content access. Overall, the website presents a trustworthy and professional digital presence for a small-sized travel and charity business based in Germany.

P

prointernet GmbH & Co. KG

prointernet.com

56

prointernet GmbH & Co. KG is a well-established full-service internet agency based in Kastellaun, Germany, founded in 1998. The company specializes in web development, design, e-commerce solutions, and consulting services, targeting businesses seeking comprehensive digital solutions. Their market position is solid within their regional base with a worldwide client reach, supported by a professional website and active social media presence. Technically, the website employs modern technologies including Matomo and Google Analytics for tracking, Angular for consent management, and uses HTTPS with privacy-conscious configurations. The site is mobile optimized and SEO friendly, providing a good user experience. Security posture is strong with HTTPS and cookie consent mechanisms, though improvements could be made by adding security headers and publishing explicit security policies. Overall, the website is trustworthy, professional, and compliant with GDPR regulations, with no signs of blocking or suspicious activity.

O

Oscarware Inc

oscarwareinc.com

52

Oscarware Inc is a small US-based company specializing in manufacturing and selling high-quality grill toppers designed for outdoor cooking enthusiasts. Established in 1989, the company has a strong niche market presence with products made in the USA, emphasizing quality and safety. Their e-commerce website is professionally designed, featuring clear navigation, product showcases, and customer engagement through recipes and tips. The company leverages modern digital marketing and analytics tools to optimize customer experience and sales. Technically, the website is built on WordPress with WooCommerce, hosted on HostGator, and uses various third-party integrations for marketing and analytics. Security posture is good with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is basic with policies present but limited GDPR indicators. Overall, the website and business demonstrate credibility and professionalism with room for security and compliance improvements.

P

pretalx

pretalx.com

68

pretalx is a specialized conference management software platform that facilitates the entire event planning process from Call for Papers to scheduling and publishing. It is positioned as an open source, customizable, and extendable solution trusted by a variety of conferences including PyCon and JuliaCon. The platform targets conference organizers seeking a flexible and transparent tool to manage submissions, reviews, communications, and scheduling. Technically, the website is well-structured with modern HTML, CSS, and JavaScript, optimized for mobile and SEO, and hosted under a reputable German registrar. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is mostly addressed with clear privacy and terms of service pages, but lacks a cookie consent mechanism. Overall, pretalx demonstrates a mature digital presence with strong business credibility and trust signals.

R

Reiner Meutsch Stiftung FLY & HELP

fly-and-help.de

52

The Reiner Meutsch Stiftung FLY & HELP is a German non-profit organization dedicated to building schools in developing countries through donor funding. The foundation emphasizes transparency by ensuring all donations flow directly into educational projects, with operational costs covered privately or by sponsors. The website reflects a well-established entity with a clear mission, targeting donors and supporters interested in educational development. Technically, the site employs modern JavaScript libraries and frameworks such as jQuery, Leaflet, and Swiper, and integrates Google Analytics with a consent mechanism, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security policies or incident response information. WHOIS data confirms domain legitimacy and consistency with the organization's profile. Overall, the site presents a trustworthy and professional image suitable for its non-profit mission.

W

Wackenhut

wackenhut.de

57

Wackenhut is a German company established in 1948, specializing in innovative mobility and transportation services. The website titled 'World of WACKENHUT' presents a professional and consistent brand image, targeting a general audience interested in mobility solutions. The site features client logos such as Mercedes and AMG, indicating a reputable market position within the transportation sector. Technically, the website is built using modern technologies including React and Next.js, with good mobile optimization and moderate performance. However, some technical aspects such as security headers are missing, and no CMS or hosting provider details are evident from the content. Security-wise, the site uses HTTPS but lacks important security headers and published security policies, which could be improved to enhance trust and compliance. Privacy compliance is weak, with no visible privacy or cookie policies or consent mechanisms, which is a significant gap given GDPR requirements. Overall, the website is safe, professional, and functional but would benefit from enhanced privacy and security practices to improve its risk profile and user trust.

ArcInfo is a regional news media organization providing comprehensive news coverage for the cantons of Neuchâtel and Jura in Switzerland, along with national and international news. The website targets a general audience interested in regional developments and broader news topics. It holds a strong market position as a trusted regional news source with a consistent brand presence and active social media engagement. Technically, the website is built on modern JavaScript frameworks, specifically Nuxt.js, and integrates Google Tag Manager for analytics and marketing purposes. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. SEO practices are adequately implemented through meta tags and structured data. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating awareness of privacy regulations. However, it lacks visible security headers, a published security policy, or incident response contacts, which are areas for improvement. No vulnerabilities or suspicious activities were detected in the provided content. Overall, ArcInfo presents a professional and trustworthy online presence with room to enhance privacy compliance and security posture. Strategic improvements in these areas would further solidify its credibility and user trust.

T

TPC - Transports publics du Chablais SA

aomc2030.ch

55

The website www.aomc2030.ch represents TPC - Transports publics du Chablais SA, a regional public transportation entity in Switzerland focused on the AOMC 2030 infrastructure project. The site provides detailed project updates, images, and information aimed at the general public and local community, emphasizing safety and service improvements. The business operates in the transportation sector with a medium-sized organizational footprint. Technically, the website is built on WordPress, leveraging modern JavaScript libraries such as jQuery, Fancybox, and Slick Carousel, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though it lacks explicit security headers and incident response policies. Privacy compliance is well addressed with GDPR-aligned cookie consent and a privacy policy in French. Overall, the site is professional, trustworthy, and safe, with no signs of malicious activity or adult content.

C

CS2 AG

zweiblog.com

72

CS2 AG is a well-established Swiss digital and web agency founded in 1997, specializing in digital strategy, consulting, web development, and hosting services primarily for SMEs and large enterprises. Their website, Zweiblog, serves as a knowledge hub offering expert insights on CMS, e-commerce, AI, and web technologies tailored for the Swiss market. The company demonstrates a mature digital infrastructure using TYPO3 CMS and integrates modern analytics and marketing tools with GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA usage, though explicit security headers and privacy policy pages could be improved. The absence of public WHOIS data slightly reduces domain transparency but does not detract significantly from the company's legitimacy. Overall, the website is professional, well-branded, and trustworthy, serving its target audience effectively.

P

Pictet

group.pictet

70

Pictet is a well-established independent investment partnership specializing in wealth management, asset management, and asset servicing with over 200 years of global investment leadership. The website reflects a mature and professional financial services firm targeting high-net-worth individuals and institutional clients. The digital infrastructure is built on Adobe Experience Manager, leveraging modern web technologies and consent management tools to ensure compliance and user experience. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

F

Home | Famsa Foundation

famsafoundation.org

56

The website www.famsafoundation.org appears to be a small or new foundation site built on the Wix platform. The content is minimal and primarily in French, with no visible privacy, cookie, or terms of service policies. There is no contact information or business details provided, which limits the ability to assess the organization's legitimacy or operational scope. Technically, the site uses standard Wix scripts and polyfills but lacks advanced SEO, accessibility, and security features. The WHOIS data is inaccessible due to a malformed request or blocking, which raises concerns about domain transparency and trustworthiness. Overall, the site shows low digital maturity and limited security posture.

A

Anouk Foundation

anouk.org

69

Anouk Foundation is a small non-profit organization based in Geneva, Switzerland, focused on enhancing healthcare environments through art. Their mission is to create positive, healing spaces by designing murals that improve the well-being of patients and residents in social and medical institutions. The website reflects a professional and consistent brand image, targeting healthcare providers and institutions seeking to improve patient experience through art. Technically, the website is built on a modern platform with JavaScript, CSS, and HTML5 technologies, including service workers for progressive web app capabilities and Cookiebot for GDPR-compliant cookie management. The site is mobile-optimized, accessible, and performs moderately well, hosted likely on a CDN associated with multiscreensite.com. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident and could be improved. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical for non-profits, and no suspicious patterns were found. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response policies, and adding a terms of service page to improve transparency and trust.

F

Foundation Le Solstice Switzerland

lesolstice.org

59

Foundation Le Solstice Switzerland is a small non-profit organization dedicated to supporting children and young adults in pursuing education, as well as assisting other civil society organizations with their projects. The website is professionally designed using the Wix platform, featuring a consistent brand presence and clear messaging focused on philanthropy and education support. The technical infrastructure relies on Wix's Thunderbolt framework and standard JavaScript polyfills, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and some cookie handling best practices, though the absence of security headers and privacy policies indicates room for improvement. Overall, the website presents a trustworthy and professional image suitable for its non-profit mission.

V

Verein Gletscherpiloten

gletscherpiloten.ch

48

Verein Gletscherpiloten is a small Swiss aviation club specializing in mountain and glacier flying training and experiences. The website provides detailed information about their unique flight services in the Alpine region, targeting pilots and aviation enthusiasts interested in specialized mountain flying. The business operates as a non-profit club with a niche market position focused on aviation education and recreational flights. Technically, the website uses basic HTML, CSS, and JavaScript with jQuery 1.7.1 and Nivo Slider for image slideshows. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS. Security posture is limited, with no visible security headers and use of outdated JavaScript libraries, posing potential vulnerabilities. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism despite tracking pixels. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional but would benefit from technical and security improvements to enhance trust and compliance.

G

Gammeter Media AG

gammeterweb.ch

48

Gammeter Media AG is a Swiss-based small technology company specializing in custom web design solutions, including individually programmed websites, template-based Webkit Smart sites, e-commerce platforms, SEO marketing, progressive web apps, and digital magazines. The company targets businesses and organizations seeking tailored digital presence enhancements. Their market position is that of a regional digital agency with a strong focus on personalized service and technical innovation. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and Google services for analytics and security. The site is well-structured, mobile-optimized, and includes comprehensive privacy and cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks explicit security headers and published security policies. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence. The WHOIS data aligns well with the business claims, indicating legitimacy and transparency.