Security Directory

S

Stadt Rheinfelden (Baden)

rheinfelden.de

49

Stadt Rheinfelden (Baden) operates an official municipal website providing extensive information and services to residents and visitors. The site covers a broad range of topics including citizen services, cultural events, urban planning, and tourism. The website is well-structured, professionally designed, and primarily targets local citizens and tourists. Technically, the site uses the cEasy CMS platform and integrates Matomo analytics for privacy-conscious user tracking. The infrastructure is modern with HTTPS enforced, but lacks some advanced security headers and cookie consent mechanisms. Security posture is moderate with no critical vulnerabilities detected. Overall, the site reflects a mature municipal digital presence with room for improvement in privacy compliance and security best practices.

L

Landkreis Lörrach

loerrach-landkreis.de

49

Landkreis Lörrach operates as a regional government authority in Germany, providing a broad range of public services including transportation, economic development, social and family support, environmental initiatives, and tourism promotion. The website serves residents and visitors with comprehensive information and digital services, reflecting a mature public sector entity with a consistent brand and professional presentation. Technically, the site is built on the cEasy CMS platform, employs modern web technologies, and integrates privacy-conscious analytics via Matomo. The site is well-optimized for mobile and accessibility standards, ensuring a good user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a trustworthy and professional digital presence aligned with its governmental role.

S

Stiftung Stadt.Geschichte.Basel

stadtgeschichtebasel.ch

11

Stadt.Geschichte.Basel is a non-profit foundation focused on providing deep insights into the history of Basel through digital storytelling, research data platforms, and public engagement. The website serves a niche audience including history enthusiasts, students, and researchers by offering access to nine individual volumes and an overview volume of Basel's history, enriched with innovative data stories and a blog covering various historical epochs. The platform emphasizes open access to research data and collaborative dissemination through partnerships and events. Technically, the site is built on modern frameworks like SvelteKit, ensuring fast performance, mobile optimization, and good accessibility. The use of privacy-respecting analytics (Plausible) aligns with the foundation's educational mission. Security posture is solid with HTTPS and no visible vulnerabilities, though the absence of some security headers and incident response contacts suggests room for improvement. Overall, the site is professional, trustworthy, and well-aligned with its cultural and educational objectives.

L

Loonexx AG

smartaxxess.io

9

The website smartaxxess.io serves as a login portal for the smartakte service, operated by Loonexx AG, a German technology company founded in 2022. The site targets professional users requiring secure access to digital services. The business model appears to be subscription or account-based access to a technology platform. The website is professionally designed with a consistent brand presence and basic content quality focused on user authentication. Technically, the site uses modern web technologies including JavaScript ES modules and CSS, hosted by IONOS SE. The site is mobile optimized and performs moderately well. However, it lacks advanced SEO and accessibility features. Security is enforced via HTTPS and CSRF tokens in forms, but no security headers or DNSSEC are implemented, representing areas for improvement. From a security posture perspective, the site shows good basic protections but lacks published privacy, cookie, and terms policies, as well as incident response or vulnerability disclosure information. No contact information or social media presence is visible, which limits transparency. The WHOIS data is consistent and trustworthy, with no suspicious patterns. Overall, the site is safe and suitable for general audiences, with no adult or questionable content. The main risks relate to compliance and security best practices gaps. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, enabling DNSSEC, and providing clear contact and incident response information to enhance trust and compliance.

C

Common Ground

app.cg

58

Common Ground is a web3 community platform aimed at serving users interested in blockchain and decentralized technologies. The website presents a minimal but consistent branding and content focused on the web3 community, with a clear emphasis on technology and community engagement. The platform appears to be in early or growth stages given the limited content and lack of detailed business information. Technically, the site uses modern frontend technologies such as React and Google Fonts, ensuring a responsive and moderately optimized user experience. However, the absence of privacy, cookie, and terms of service policies indicates gaps in compliance and user trust mechanisms. Security posture is adequate with HTTPS enforced, but lacks important security headers and incident response contact information, which are critical for a platform dealing with web3 users. Overall, the site is safe with no adult or questionable content detected, but improvements in privacy compliance and security best practices are recommended to enhance trust and regulatory adherence.

B

B. Metzler seel. Sohn & Co. AG

metzler.com

10

Bankhaus Metzler is Germany's oldest family-owned bank, specializing in capital market services for institutions and discerning private clients. The company operates across four main business areas: Asset Management, Capital Markets, Corporate Finance, and Private Banking. The website reflects a strong market position with a focus on personalized, long-term financial solutions. The bank emphasizes stability, reliability, and a tradition of excellence in its services. Technically, the website is well-structured with modern HTML5, CSS, and JavaScript technologies. It is mobile-optimized and provides a good user experience with clear navigation and comprehensive content. The presence of structured data (JSON-LD) enhances SEO and trustworthiness. However, explicit security headers are missing, and no CMS or hosting provider details are evident from the source. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a notable concern for a financial institution, potentially indicating privacy protection or registry issues. No incident response or vulnerability disclosure information is publicly available, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but improvements in security headers, incident response transparency, and WHOIS data availability are recommended to strengthen the security posture and business credibility.

H

herzog kommunikation GmbH

herzogkommunikation.de

53

herzog kommunikation GmbH is a small digital agency based in Stuttgart, Germany, specializing in scalable and future-proof web and application development. Their services include customized web tools, mobile apps, digital installations, and concept development, targeting both established companies and startups. The website reflects a professional digital agency with a clear portfolio and contact information, positioning them as a regional player in the technology sector. Technically, the site uses modern web technologies such as HTML5, Bootstrap, PHP, and Docker, ensuring responsive design and moderate performance. Security posture is good with HTTPS enforced and CSRF tokens present, but lacks advanced security headers and formal security policies. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is trustworthy and professionally maintained.

B

Bad Egelsee

badegelsee.ch

60

Bad Egelsee is a public family and sports swimming facility located in Kreuzlingen, Switzerland, offering a variety of aquatic and wellness services including sport pools, family pools, saunas, and steam baths. The website presents a professional and consistent brand image targeting families, sports swimmers, and wellness seekers in the local community. The business model focuses on providing recreational and health-related aquatic services with a clear emphasis on family-friendly and sports-oriented offerings. Technically, the website uses modern JavaScript frameworks such as Alpine.js and integrates Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly with good accessibility features, although some accessibility aspects could be improved. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks published security policies or incident response information. Overall, the website is trustworthy and professionally maintained with no signs of malicious activity or content safety concerns.

A

Albert und Barbara von Metzler-Stiftung

metzler-stiftung.de

61

The Albert und Barbara von Metzler-Stiftung is a small non-profit foundation based in Germany, focused on supporting children and youth through targeted social projects primarily in Frankfurt and surrounding areas. Established in 1998, the foundation operates with a clear mission to improve societal well-being through financial support and active engagement in projects. The website reflects a professional and consistent brand image, emphasizing transparency and community involvement. Technically, the site is hosted on Colt's infrastructure and likely uses an enterprise CMS, delivering a moderate performance with good mobile optimization and SEO practices. Security-wise, the site implements cookie consent mechanisms and avoids exposing sensitive data, but lacks explicit security policies or incident response information. Overall, the foundation demonstrates a trustworthy online presence with strong business credibility and privacy compliance.

O

OWNBIT GmbH

ownbit.net

56

OWNBIT GmbH is a Swiss web agency specializing in custom websites and web applications, with a strong focus on user-centered digital solutions. The company targets Swiss SMEs, corporations, and design agencies, offering tailored WordPress and web development services. With over 12 years of market presence and more than 200 clients, OWNBIT holds a reputable position in the local technology sector. The website reflects a professional and consistent brand image, supported by client testimonials and a 5-star Google rating. Technically, the website is built using modern frameworks such as Vue.js and Gridsome, ensuring fast performance and excellent mobile optimization. The use of WordPress for client projects indicates flexibility in CMS solutions. The site includes cookie consent mechanisms and a comprehensive privacy policy, demonstrating good GDPR compliance. However, explicit security headers and SSL configuration details are not evident from the data, suggesting areas for security enhancement. The security posture is moderate with no visible vulnerabilities or exposed sensitive data, but the absence of detailed security policies and incident response information indicates room for improvement. The WHOIS data is privacy protected, which is justified for this business type, though it limits domain age verification. Overall, the website is trustworthy, professional, and compliant with privacy regulations, with recommendations to strengthen security headers and transparency. Strategically, OWNBIT should focus on enhancing security best practices and publishing vulnerability disclosure policies to further build client trust and compliance readiness.

OeSA is a small non-profit organization based in Switzerland providing ecumenical pastoral care and support services to asylum seekers in the Northwestern Switzerland region. The organization is supported by regional churches and private members and offers a range of community services including pastoral visits, language courses, and donation programs. The website is built on CMSimple, a lightweight CMS, and presents clear contact information and donation options, but lacks advanced technical and security features. The site is accessible with basic mobile optimization and SEO metadata but does not include privacy or cookie policies, nor security headers or HTTPS confirmation in the provided data. Security posture is moderate with no visible vulnerabilities but missing key best practices. Overall, the website is functional and trustworthy for its non-profit mission but would benefit from improved security and compliance measures.

O

Offene Kirche Elisabethen Basel

offenekirche.ch

54

Offene Kirche Elisabethen Basel operates as a non-profit church organization based in Switzerland, providing community church services and event hosting. The website serves as a platform for event information and booking, leveraging WordPress and the EventPrime plugin for event management. The target audience is the general public interested in church activities and community events. The organization holds a local market position as the first city church in Switzerland, focusing on community engagement rather than commercial activities. Technically, the website is built on a modern CMS with standard plugins, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and nonce-based AJAX security, but lacks advanced security headers and explicit privacy and cookie policies, which are areas for improvement. The site does not employ extensive tracking or advertising, indicating a privacy-conscious approach, though GDPR compliance is incomplete due to missing policies. Overall, the domain registration data aligns well with the website's claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing privacy and cookie policies, and improving accessibility and compliance to strengthen trust and security.

K

Karate Academy Hamburg e.V.

karateacademy.de

56

Karate Academy Hamburg e.V. is a specialized martial arts dojo located in Hamburg, Germany, offering karate training for children, youth, and adults across various skill levels. The organization emphasizes respect, self-defense, and physical and mental development through karate. The website is built on the Squarespace platform, featuring a professional design with good mobile optimization and clear navigation. Contact information and social media presence are clearly provided, enhancing business credibility. Security posture is adequate with HTTPS enforced but lacks advanced security headers and cookie consent mechanisms. Privacy policy is present and GDPR compliant but could be improved with explicit cookie management. Overall, the website reflects a trustworthy small business with a focus on community and training services.

G

Geschwister Meier Stiftung

gmstiftung.ch

61

The Geschwister Meier Stiftung is a Swiss non-profit foundation dedicated to supporting music and cultural activities ranging from traditional folk music to avant-garde experimental sounds. The website serves as an informational platform to present the foundation's mission and activities, targeting a general audience interested in arts and culture within Switzerland. The foundation operates in a niche cultural sector with a small organizational size and a focused business model centered on cultural funding and promotion. Technically, the website is built on the Wix platform, utilizing Wix's standard JavaScript libraries and hosting infrastructure. The site demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The technical stack is modern but limited to Wix's ecosystem, which simplifies maintenance but may restrict advanced customization. From a security perspective, the site benefits from HTTPS and a good SSL configuration. However, it lacks several security best practices such as security headers and explicit privacy and cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency and readiness. Overall, the website is professionally designed and consistent with the foundation's branding and mission. The absence of contact details and privacy-related policies slightly diminishes trust and compliance posture. Strategic enhancements in privacy compliance, security headers, and contact transparency would strengthen the foundation's digital presence and user confidence.

B

Bajour

bajour.ch

61

Bajour is a Swiss media company specializing in community journalism focused on Basel and its local community. The website offers news articles, community engagement features, and membership options, positioning itself as a trusted local media outlet. The content is professionally presented with a modern design and clear navigation, targeting residents interested in local news and cultural topics. Technically, the site is built on modern web technologies including React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. Overall, the domain registration and website content are consistent and legitimate, reflecting a trustworthy business entity.

K

Keyweb AG

keymachine.de

75

Keyweb AG is a well-established German technology company specializing in custom-built dedicated servers and hosting services. With over 20 years of experience and TÜV certification, the company offers high-performance, sustainable server solutions tailored to business needs. Their close partnership with Keymachine Server Manufaktur enables rapid and flexible server manufacturing, supporting a broad range of IT infrastructure and hosting services. The website reflects a professional and trustworthy business with clear contact channels and comprehensive service offerings. Technically, the site uses modern web technologies including Bootstrap and JavaScript, is mobile-optimized, and performs well. Security posture is strong with HTTPS, cookie consent, and secure forms, though explicit security policies and incident response contacts are not published. Overall, the domain and WHOIS data align with the company's history and legitimacy, supporting a high trust level.

IT-Atelier is a small German engineering office specializing in media and information technology, offering IT coordination, management consulting, web-based software applications, and internet services primarily targeting businesses and public sector organizations such as municipalities. The company has over two decades of experience since its founding in 2003 and operates with a local/regional focus in Leipzig, Germany. The website content is basic but relevant, providing clear contact information and a concise description of services. Technically, the site uses legacy technologies such as jQuery 1.4.4 and basic CSS styling with some mobile optimization. There is no evidence of modern CMS or advanced frameworks. Security posture is moderate but limited by the use of outdated libraries and lack of visible security headers or HTTPS status information. No privacy or cookie policies are published, indicating compliance gaps. Overall, the domain registration data is consistent with the business claims, supporting legitimacy.

A

ANSARO

ansaro.ch

62

ANSARO is a Swiss-based coffee roastery specializing in freshly roasted coffee beans and retailing coffee products. The company positions itself as a local Swiss quality brand with a focus on authentic taste and craftsmanship. The website is professionally designed using the Wix platform, indicating a moderate level of digital maturity suitable for a small retail business. The technical infrastructure leverages Wix's Thunderbolt framework, ensuring reasonable performance and mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and visible privacy compliance mechanisms. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security features to meet compliance standards. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and improving accessibility.

S

Swiss Olympic

coolandclean.ch

64

The website coolandclean.ch represents a national youth sports prevention program operated under the auspices of Swiss Olympic. It focuses on promoting healthy behaviors, fair play, and substance abuse prevention among young athletes and their leaders. The platform offers educational content, training tips, a material shop, and community support including regional ambassadors and consultation services. The site is well-branded, professionally designed, and targets youth sports organizations and their stakeholders in Switzerland. Technically, the site employs modern web technologies including Google Analytics, Facebook Pixel, and Google Maps API, likely built on a CMS such as Adobe Experience Manager. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security policies and incident response contacts are not visible. Overall, the domain registration aligns well with the business identity, supporting legitimacy and trustworthiness.

The website stefan-aufdermaur.ch serves as a personal or professional portfolio site for Stefan Auf der Maur, likely showcasing artistic or photographic work. The site is minimalistic with limited metadata and no structured data, focusing primarily on visual content. The target audience appears to be general visitors interested in the individual's work, with no commercial or transactional features evident. Technically, the site uses basic HTML, CSS, and JavaScript with lazy loading for images, but lacks advanced SEO, accessibility, and performance optimizations. Security posture is weak, with no visible security headers or privacy policies, and no HTTPS status confirmed from the provided data. No contact information or forms are present, limiting user engagement and trust signals. Overall, the site is functional but basic, with room for significant improvements in security, privacy compliance, and user experience.

Julian Salinas Fotografie is a small photography business based in Switzerland, focusing on artistic and commissioned photography services primarily in Basel and Zurich. The website presents basic information about the business and its offerings, including art works, commissioned projects, exhibitions, portraits, and video projects. The target audience is general, including art enthusiasts and potential clients seeking photography services. Technically, the website is built using React and standard web technologies such as JavaScript and CSS. The site appears moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. There are no detected content management systems or third-party analytics or advertising tools integrated. From a security perspective, the website lacks visible security headers and privacy or cookie policies, indicating a low maturity level in security and compliance. No forms or data collection mechanisms are present, reducing immediate data protection concerns but also limiting user engagement. The absence of HTTPS information prevents a full SSL configuration assessment. No WAF or blocking mechanisms were detected, and the site content is fully accessible. Overall, the website presents a basic but functional online presence for a small photography business. Key recommendations include implementing HTTPS, adding privacy and cookie policies, improving security headers, and providing clear contact information to enhance trust and compliance.

A

ARS Architektur AG

ars-architektur.ch

52

ARS Architektur AG is a Swiss architecture firm located in Münchenstein, Basel region, specializing in architecture, interior design, general planning, project development, and area development. The website presents a professional image with project showcases and a clean, modern design using the Svelte framework. The technical infrastructure is moderately modern with good mobile optimization and SEO practices, but lacks explicit CMS or hosting details. Security posture is weak due to absence of security headers, privacy policies, and incident response information. No HTTPS or SSL configuration details were available from the provided data. Overall, the site is functional and professional but requires improvements in security and privacy compliance to meet modern standards. The risk level is moderate with no critical vulnerabilities detected but gaps in security best practices and compliance.

M

Miranda Roux

mirandaroux.net

51

Miranda Roux is a Danish artist based in Geneva, specializing in figurative art that explores surrealism, classical sculpture, and taboo themes. The website serves as a portfolio showcasing her selected works, biography, news, texts, and contact information. The site targets art enthusiasts, collectors, and galleries interested in contemporary European art. Technically, the website is built using the modern Svelte framework, hosted by Infomaniak Network SA, and employs HTTPS with domain transfer protection. However, it lacks DNSSEC and a defined Content-Security-Policy header, which are recommended for enhanced security. The site does not provide privacy or cookie policies, nor does it include direct contact emails or phone numbers, relying solely on a contact form for communication. No tracking or advertising technologies are detected, indicating a privacy-conscious approach but also a lack of compliance documentation. Overall, the website is professional and well-structured but would benefit from improved security headers and privacy compliance measures.

H

Hofheim

hofheim.de

54

Hofheim am Taunus operates an official municipal website providing comprehensive information and services to residents, visitors, and local stakeholders. The site covers a broad range of topics including culture, tourism, politics, administration, and community life, positioning itself as the primary digital interface for the city. The website is built on TYPO3 CMS, a robust open-source content management system, and demonstrates good technical maturity with responsive design and structured data for SEO and accessibility. Security posture is adequate with HTTPS enabled and no exposed sensitive data, though improvements are recommended in security headers and privacy compliance documentation. Overall, the website reflects a trustworthy and professional government presence with clear contact information and consistent branding.

T

Techniker Krankenkasse

tk.de

66

Techniker Krankenkasse (TK) is a leading statutory health insurance provider in Germany, offering comprehensive health coverage, digital health services, and personalized member support. The website reflects a mature digital presence with a strong focus on user experience, accessibility, and privacy compliance. The technical infrastructure leverages modern web technologies and a custom design system, hosted on reliable infrastructure with Versatel. Security posture is solid with HTTPS, CSRF protection, and a consent manager, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-aligned with the business's market position.

IKEA Deutschland GmbH & Co. KG operates a comprehensive retail website offering affordable furniture and home accessories tailored for the German market. The site provides extensive product categories, planning services, and customer support, positioning IKEA as a leading furniture retailer in Germany. The website is well-branded, professionally designed, and optimized for mobile and accessibility, reflecting a mature digital presence. Technically, the site employs modern web technologies including JavaScript frameworks, cookie consent management via OneTrust, and A/B testing with Optimizely, ensuring a robust user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy compliance is well addressed with clear cookie and privacy policies, including GDPR adherence and a consent mechanism. The absence of WHOIS data limits domain registration trust analysis, but the overall site quality and brand reputation strongly indicate legitimacy. No adult or questionable content is present, making the site safe for general audiences.

T

Taunus Sparkasse

taunussparkasse.de

66

Taunus Sparkasse is a regional German savings bank offering a comprehensive range of financial services including online banking, accounts, credit cards, loans, investments, insurance, and real estate services. The website targets both private and corporate customers with a strong focus on accessibility, user experience, and digital service delivery. The bank maintains a strong local market position with trusted brand recognition and multiple customer contact channels including phone, chat, and video consultations. Technically, the site is built on modern web technologies and a robust CMS platform (Adobe Experience Manager), optimized for mobile and accessibility compliance. Security posture is strong with HTTPS enforcement, session management, and cookie consent mechanisms, though explicit security headers could be further confirmed. Privacy policies and cookie management are comprehensive and GDPR compliant. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

Spitex Glattal is a Swiss non-profit association providing comprehensive home care and support services in the Glattal region, including nursing, psychiatric care, household assistance, and meal delivery. Established in 2013, it serves multiple municipalities with a team of approximately 100 employees, emphasizing empathy, professionalism, and multicultural diversity. The website reflects a well-structured and professional digital presence, leveraging modern web technologies such as Next.js and React, hosted with DigitalOcean Spaces for media assets. The site is mobile-optimized and offers clear navigation and relevant content for its target audience. From a security perspective, the website employs HTTPS with a strong SSL configuration and does not expose sensitive data or vulnerable libraries. However, it lacks some security headers and does not provide explicit security policies or incident response contacts. Privacy compliance is generally good, with a comprehensive privacy policy available, but the absence of a cookie consent mechanism is a notable gap. Overall, the domain registration details align well with the business claims, supporting the legitimacy and trustworthiness of the entity. The risk assessment indicates a low risk profile with recommendations to enhance security headers, implement cookie consent, and publish incident response information to strengthen compliance and trust. The website's content is safe for general audiences, focusing solely on healthcare services without any adult or questionable content.

The website 'Bonn hilft Cherson' is a humanitarian aid initiative led by the city of Bonn in partnership with the NGO Help – Hilfe zur Selbsthilfe e.V. It focuses on raising donations to support medical aid and infrastructure rebuilding in the Ukrainian city of Cherson. The site is well-structured, professionally designed, and provides comprehensive information about the project, donation methods, and partner organizations. The target audience includes citizens of Bonn, local organizations, and donors interested in humanitarian support. Technically, the website is built on TYPO3 CMS and uses modern web technologies including Bootstrap for responsive design. The site is mobile-optimized and SEO-friendly, though some accessibility features are basic. Hosting appears to be managed via German hosting providers, with no signs of blocking or WAF interference. From a security perspective, the site uses HTTPS and does not expose sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are recommended for GDPR compliance. No incident response or vulnerability disclosure policies are published, which could be improved to enhance trust and security posture. Overall, the website scores well on content quality, business credibility, and technical implementation, with minor penalties for privacy and security policy gaps. It represents a trustworthy and professional platform for humanitarian fundraising and awareness.

B

Bundesstadt Bonn

bonn.de

58

The website www.bonn.de serves as the official digital portal for the Bundesstadt Bonn, providing extensive information and services related to the city administration. It targets residents, visitors, and businesses, offering multilingual content and access to municipal services such as event calendars, service portals, and contact forms. The site is well-branded with consistent city imagery and logos, reflecting its authoritative position as a government entity. Technically, the site employs a modern CMS platform (Information Enterprise Server by Sitepark GmbH) and uses standard web technologies including JavaScript, CSS, and SVG icons. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are observed with HTTPS enforcement, security headers, and cookie consent mechanisms. From a security perspective, the site demonstrates a solid posture with no visible vulnerabilities or exposed sensitive data. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not published, which could be improved to enhance transparency and trust. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent aligned with GDPR requirements. Overall, www.bonn.de is a professional, trustworthy, and well-maintained government website. It effectively balances user experience, privacy, and security, serving as a reliable resource for its audience. Strategic recommendations include publishing detailed security and incident response policies, adding vulnerability disclosure information, and providing data protection officer contact details to further strengthen compliance and user trust.

D

Deutscher Tischtennis-Bund e.V.

tischtennis.de

34

The Deutscher Tischtennis-Bund e.V. (German Table Tennis Association) operates the website tischtennis.de as the official platform for table tennis in Germany. The site serves as a comprehensive resource for players, clubs, fans, and stakeholders, offering news, event information, training resources, and organizational details. It holds a strong market position as the national governing body for the sport in Germany, supported by subsidiaries such as Tischtennis Marketing GmbH and TTBL Sport GmbH. The business model is non-profit and community-focused, targeting the German table tennis ecosystem.

D

Deutscher Ruderverband e.V.

rudern.de

55

The website www.rudern.de is the official digital presence of the Deutscher Ruderverband e.V., the German Rowing Federation. It serves as a comprehensive resource for rowing athletes, clubs, and enthusiasts in Germany, offering detailed information on national teams, competitions, youth programs, and organizational governance. The site demonstrates a high level of professionalism with excellent content quality, clear navigation, and consistent branding. Technically, it is built on Drupal 10, employs modern web standards, and is optimized for mobile devices. Security practices include HTTPS enforcement and a GDPR-compliant cookie consent mechanism, though some security headers and explicit incident response policies are absent. Overall, the domain and website content align well, indicating legitimacy and trustworthiness.

O

Olympiabewerbung München

olympiabewerbung-muenchen.com

55

The website www.olympiabewerbung-muenchen.com is a professionally designed government-related campaign site promoting Munich's bid for the Olympic and Paralympic Summer Games starting from 2036. It targets citizens and stakeholders in Munich and Bavaria, aiming to inform and engage the public about the bid's vision, concept, and benefits. The site uses WordPress CMS with modern front-end technologies including JavaScript libraries like Plyr and Swiper, and employs Matomo for analytics. The content is rich, well-structured, and visually appealing, supporting a positive user experience and clear navigation. However, the site lacks explicit privacy and cookie policies, security headers, and incident response contact information, which are important for compliance and security posture. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain registration legitimacy, though the official nature of the content suggests a legitimate campaign. Overall, the site scores well on content quality and business credibility but needs improvements in privacy compliance and security best practices.

The website fuer-ihr-gutes-recht.de serves as an informational platform for legal advisory services primarily in labor, traffic, tenancy, medical, and family law. It is affiliated with the Sozialverband Deutschland (SoVD) in Niedersachsen, a significant social welfare association in Germany. The platform connects users with qualified lawyers across multiple regional locations, emphasizing social welfare legal support. The business model focuses on providing accessible legal representation and advice through a network of individual lawyers tied to a reputable non-profit organization. Technically, the website is built on TYPO3 CMS version 6.1, an outdated content management system, which may pose security and maintenance challenges. The site uses standard web technologies such as CSS and JavaScript but lacks modern performance and security enhancements. The hosting appears to be managed via your-server.de based on the nameservers. The site shows basic mobile optimization and accessibility features but could benefit from modernization and improved SEO practices. From a security perspective, no HTTPS or SSL configuration details were confirmed, and no advanced security headers or policies are evident. The absence of cookie consent mechanisms and privacy policy details indicates limited GDPR compliance. No incident response or security contact information is provided. The site does not employ analytics or tracking technologies, which reduces privacy concerns but also limits business intelligence capabilities. Overall, the website is functional and provides relevant content for its target audience but requires significant improvements in security posture, privacy compliance, and technical modernization to enhance trustworthiness and resilience against emerging threats.

Hotel Des Alpes is a well-established family-run hospitality business located in the picturesque Saanenmöser-Gstaad region of Switzerland, with a history dating back to 1904. The website reflects a professional and consistent brand image, offering hotel accommodation, gastronomy, and event services. The target audience includes tourists and travelers seeking premium mountain hospitality experiences. The business maintains a strong market position through its tradition and partnership with Hotel Kernen. Technically, the website employs modern web technologies including Google Tag Manager and Cookiebot for analytics and cookie consent management, ensuring GDPR compliance and user privacy. The site is mobile-optimized with good SEO and accessibility basics. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response information are absent, representing an area for improvement. Overall, the website is trustworthy, secure, and compliant, supporting the business's credibility and customer engagement.

L

Lokalinfo AG

avwa.ch

47

Anzeiger von Wallisellen is a small, independent local newspaper serving the city of Wallisellen, Switzerland. It provides weekly news coverage on political, economic, cultural, and sports events from a local perspective. The business operates under Medienhaus Lokalinfo AG and offers advertising, subscriptions, and special thematic publications. The website reflects a professional local media outlet with clear contact channels and a focus on community engagement. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11 and integrates Google services for fonts, maps, and advertising. While the site is functional and well-structured, it lacks modern security headers and privacy compliance mechanisms such as cookie consent and privacy policies. Security posture is moderate but could be improved by updating libraries and implementing security best practices. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

F

Filemail Inc.

filemail.com

61

Filemail Inc. operates a mature and professional cloud-based file transfer service specializing in sending and sharing large files securely. The company targets a broad audience including individuals, teams, businesses, and enterprises, offering a free tier and multiple paid subscription plans with advanced features such as managed file transfer, compliance certifications, and custom branding. The website demonstrates a strong market position with over 50 million users and global data centers, emphasizing security and ease of use. Technically, the website is built on modern frameworks like Next.js and React, with native applications available across major platforms including desktop, mobile, and Outlook. The site is well-optimized for performance, mobile responsiveness, accessibility, and SEO. Security is robust with HTTPS, multiple security headers, end-to-end encryption, 2FA, virus scanning, and regular penetration testing. The security posture is strong, with compliance to standards such as ISO 27001, HIPAA, GDPR, and Cyber Essentials UK. However, explicit incident response and vulnerability disclosure policies are not publicly found, representing an area for improvement. The absence of WHOIS data limits domain registration trust analysis, but the overall business credibility and website professionalism mitigate concerns. Overall, Filemail presents a low-risk profile with a secure, compliant, and user-friendly service offering. Strategic recommendations include publishing incident response and vulnerability disclosure policies, adding a security.txt file, and providing Data Protection Officer contact details to enhance transparency and trust.

Wienerberger is an international manufacturer and supplier of building and infrastructure solutions, specializing in energy-efficient and sustainable construction materials such as bricks, roof tiles, pipelines, and solar panels. The website serves primarily as a recruitment platform targeting job seekers interested in joining the company’s diverse workforce across multiple locations in Belgium. The company positions itself as a large, established player with a family-oriented culture and a strong focus on innovation and sustainability. Technically, the website uses modern web technologies including JavaScript, CSS, Google Tag Manager, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site employs HTTPS and cookie consent mechanisms but lacks visible security headers and explicit security policies. WHOIS data is inconsistent, showing a future domain creation date and a registrar that does not match the company, which raises some trust concerns. Overall, the website is professional and functional but could improve in privacy transparency and security posture.

G

Gebäudeversicherung Bern (GVB)

fachstelle-naturgefahren.ch

63

The Fachstelle Naturgefahren website represents a specialized division of the Gebäudeversicherung Bern, focusing on natural hazard protection and building insurance within the Canton of Bern, Switzerland. It offers advisory services, hazard maps, and support for protective measures such as automated hail protection systems. The organization holds a strong regional market position as the mandatory building insurer and provides additional voluntary insurance products through affiliated entities. The website targets property owners and professionals seeking to mitigate natural hazard risks.

I

I am Sanderson

iamsanderson.com

42

I am Sanderson is a professional design portfolio website showcasing the work of Sander Vermeulen, a designer specializing in branding, typeface design, graphic design, and visual identity for cultural institutions, art galleries, and brands. The website presents a rich collection of projects with high-quality images and videos, demonstrating a strong creative portfolio. The technical infrastructure includes modern web technologies such as JavaScript, CSS, and lazy loading of images, with media assets hosted on Amazon S3. The site is responsive and optimized for mobile devices, though SEO and accessibility features are basic. Security posture is limited, with no detected security headers or privacy policies, and no WHOIS data available for the domain, which reduces trustworthiness from a domain registration perspective. Overall, the website is professional and content-rich but lacks formal privacy and security compliance documentation.

H

Healthline Media LLC

healthline.com

56

Healthline Media LLC operates www.healthline.com, a leading health and wellness information website providing expert medical guidance, wellness advice, and product reviews. The company holds a strong market position as a trusted source for health content, supported by a large content library, sponsored programs, and community engagement platforms. The website targets a broad audience seeking reliable health information and wellness resources. Technically, the site is built on modern web technologies including Next.js and React, with integrations for analytics, advertising, and consent management, delivering a fast and mobile-optimized user experience. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. WHOIS data is privacy-protected, which is common for media companies, slightly impacting transparency but justified by the business type. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

T

Takentreprenørenes forening

taktekker.no

66

Takentreprenørenes forening (TEF) is a Norwegian professional association representing qualified and reputable roofing contractors. The organization focuses on safeguarding members' common interests and promoting collaboration and expertise in roofing and membrane roofing trades. The website serves as an informational and organizational platform for its members and stakeholders within the roofing industry in Norway. Technically, the website employs modern web technologies including HTTPS, JavaScript frameworks, Microsoft Application Insights, Siteimprove analytics, Google reCAPTCHA Enterprise, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and bot protection mechanisms in place, though explicit security headers and privacy policies are lacking. The absence of WHOIS data due to privacy protection slightly reduces trust but is common for professional associations. Overall, the site is professional, secure, and compliant with basic privacy standards, serving its target audience effectively.

Zingreen is a small Swiss garden construction company based in Gstaad, specializing in landscaping and garden building services. The website is built on WordPress using the Divi theme, indicating a moderate level of digital maturity with a focus on visual presentation. The site is accessible and mobile-optimized but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but no detected security headers or explicit security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the website presents a legitimate local business but would benefit from enhanced security and compliance measures.

Hotel Kernen AG operates a family and sport hotel located in Gstaad-Schönried, Switzerland, with a long tradition dating back to 1904. The business focuses on hospitality services including accommodation, gastronomy, and outdoor activity packages targeting families and active vacationers. The website reflects a well-established market position, recognized for quality and value. Technically, the site employs modern web technologies including Cookiebot for consent management and Google Tag Manager for analytics, ensuring compliance and performance. Security posture is strong with HTTPS enforcement and standard security headers, though no explicit security policy or incident response information is published. Overall, the site is professional, user-friendly, and trustworthy, with good privacy compliance and clear business information.

V

Volvo Car Switzerland

volvocars-partner.ch

59

Volvo Car Switzerland operates a comprehensive partner portal serving as the official network for Volvo dealerships across Switzerland. The website provides detailed information on Volvo's vehicle models, offers, and services, targeting current and prospective Volvo customers in the Swiss market. The business model focuses on automotive sales, leasing, servicing, and customer support, positioning itself as a key player in the transportation sector within Switzerland. The site reflects consistent Volvo branding and offers extensive dealer contact information, enhancing customer accessibility and trust. Technically, the website is built on the TYPO3 CMS platform, integrating modern technologies such as Google Tag Manager and Google Maps API for enhanced user experience and analytics. The site demonstrates good mobile optimization and SEO practices, although accessibility features could be improved. Performance is moderate, with asynchronous loading of scripts to optimize speed. From a security perspective, the site employs HTTPS with excellent SSL configuration, ensuring secure data transmission. However, it lacks explicit security headers and does not provide visible security policies or incident response contacts. Privacy compliance is weak due to the absence of privacy and cookie policies, which is a notable gap given GDPR requirements. The site uses Google Tag Manager for tracking, indicating moderate user tracking levels. Overall, the website is professional, trustworthy, and well-aligned with the Volvo brand, but it would benefit from enhanced privacy compliance and security transparency. Strategic improvements in these areas would strengthen its security posture and regulatory adherence.

H

Holzforschung Austria

fenstereinbau.info

54

fenstereinbau.info is an informational website operated as a service by Holzforschung Austria, providing planning aids and tested materials for window installation according to Austrian standards (ÖNORM B 5320). The site targets professionals in the construction and window installation sectors in Austria and Germany, offering access to standards, guidelines, and a free planning tool. Technically, the website is built on the TYPO3 CMS platform, with compressed CSS and JavaScript assets, and is accessible via HTTPS. The site demonstrates good content quality, clear navigation, and mobile optimization, though accessibility features could be improved. Security posture is moderate, with HTTPS usage but lacking explicit security headers and cookie consent mechanisms. No forms or contact details are directly available on the main page, limiting direct user engagement. Overall, the domain registration is privacy protected but consistent with the business purpose, and the website maintains strong trust indicators through affiliations and certifications.

S

SBB (Swiss Federal Railways)

spartageskarte-gemeinde.ch

62

The website 'spartageskarte-gemeinde.ch' serves as an informational portal for the Municipal Saver Day Pass, a discounted travel ticket offered through Swiss municipalities under the Swiss Federal Railways (SBB) umbrella. It provides detailed pricing, availability, and terms for travelers seeking economical day passes within the GA Travelcard area. The site is well-branded with official SBB logos and links to SBB's data protection and travel information pages, reinforcing its legitimacy and trustworthiness. Technically, the site is built using modern web technologies including Vue.js and ES modules, delivering a responsive and user-friendly experience. While performance and mobile optimization are good, there is room for improvement in accessibility and SEO. The site does not appear to collect personal data directly, instead relying on municipalities for ticket issuance, which reduces direct data protection risks. From a security perspective, the site uses personalized ticketing to prevent misuse and references comprehensive data protection policies hosted on the official SBB domain. However, explicit security headers and incident response contacts are not visible, suggesting areas for enhancement. No WAF or blocking mechanisms interfere with content access, and no vulnerabilities or suspicious domains were detected. Overall, the website presents a professional, secure, and trustworthy platform aligned with a large national transportation provider. Strategic improvements in privacy disclosures, security headers, and contact transparency would further strengthen its posture.

O

Oberaargau Classics

oberaargau-classics.ch

60

Oberaargau Classics is a small regional cultural initiative based in Switzerland, focusing on music ensembles Camerata 49 and Grenzklang. The website serves as an informational platform to promote their musical activities and events. The business model appears to be non-profit or community-oriented, targeting general audiences interested in classical and cultural music. The site is built on the Squarespace platform, leveraging modern web technologies and fonts, with a moderate performance and good mobile optimization. Security posture is strong with HTTPS and HSTS enabled, but lacks explicit privacy and terms of service documentation. Contact information is not clearly provided, which may impact user trust and compliance. Overall, the site is professional and consistent in branding but could improve privacy compliance and user engagement features.

G

Gemeinde Madiswil

madiswil.ch

61

The website www.madiswil.ch serves as the official online presence of the municipality of Madiswil in Switzerland. It provides residents and visitors with comprehensive information about local government services, political and administrative matters, community events, and public resources. The site targets local citizens and stakeholders, offering key services such as online administrative forms, event calendars, and contact directories. The business model is that of a government service portal, focusing on transparency and accessibility. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies including JavaScript, CSS, and HTML5. It integrates Swiss government mapping services via Leaflet and employs Matomo for privacy-conscious analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not publish a formal security policy or incident response contacts. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism aligned with GDPR requirements. No vulnerabilities or suspicious activities were detected. Overall, the website is a trustworthy and professional municipal portal with a strong focus on user accessibility and privacy. Strategic improvements could include enhancing security headers, publishing a security framework, and adding incident response contact information to further strengthen its security posture.

I

Agence de communication créative & digitale à Troyes

ikadia.fr

59

The website represents a creative and digital communication agency based in Troyes, France, offering services in creative and digital communication. The business model is service-oriented, targeting companies seeking communication expertise. The website is built on WordPress, utilizing modern web fonts and JavaScript libraries, with a moderate level of technical maturity and good mobile optimization. Security posture is limited due to lack of visible security headers and missing HTTPS verification in the provided data. Privacy compliance is weak, with no detected privacy or cookie policies. Overall, the site is professional but would benefit from enhanced security and compliance measures to improve trustworthiness and user confidence.