Security Directory

L

LandLiebe

landliebe.ch

63

LandLiebe is a Swiss lifestyle media brand focused on authentic rural living, nature, gardening, recipes, crafts, and cultural stories. The website serves as a digital magazine platform offering rich editorial content, subscription services, an e-commerce shop, and courses. It targets a general audience interested in Swiss countryside life and natural living. The brand maintains a consistent and professional online presence with strong visual branding and clear navigation. Technically, the site is built using the Hugo static site generator, employs modern web technologies, and integrates consent management and tag management tools to ensure compliance and analytics. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-maintained, and compliant with GDPR regulations.

R

Ringier AG

illustre.ch

63

Illustre.ch is a professional media website serving the French-speaking Swiss audience with weekly news, events, and cultural content. It operates under Ringier AG, a reputable family-owned media group with a strong presence in Europe and Africa. The website offers subscription services, contests, and digital e-paper access, positioning itself as a key media brand in Suisse romande. Technically, the site employs modern JavaScript frameworks such as Alpine.js and htmx, integrates advanced analytics via Datadog and Google Tag Manager, and uses OneTrust for GDPR-compliant consent management. The site is well-optimized for mobile devices and maintains good SEO and accessibility standards. Security-wise, the website enforces HTTPS, includes standard security headers, and avoids exposing sensitive data. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the site is trustworthy, compliant with privacy regulations, and professionally maintained.

J

jobbern.ch

jobbern.ch

53

jobbern.ch operates as a leading job portal focused on the Bern region in Switzerland, offering daily updated job listings and subscription-based job alerts. The platform targets job seekers and employers within the Bern area, positioning itself as a key player in the local employment market. The website employs modern web technologies such as React and integrates Google Tag Manager and ConsentManager for analytics and cookie consent management. While the site demonstrates good design quality and user experience, it lacks explicit privacy and terms of service pages, which are critical for compliance and user trust. Security posture is adequate with HTTPS enforced and basic security headers, but could be improved with additional headers and clearer security policies. The WHOIS data aligns well with the website's business claims, indicating a legitimate and consistent registration. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security transparency.

T

Tamedia Espace AG

berneroberlaender.ch

61

Berner Zeitung is a well-established regional news media outlet under Tamedia Espace AG, serving the Bernese Oberland region with news, events, and subscription services. The website demonstrates a mature digital infrastructure using modern web technologies such as Next.js and UnityCMS, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforcement, security headers, and consent management for GDPR compliance. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

G

Gemeinde Urdorf

urdorf.ch

61

Gemeinde Urdorf operates an official municipal website providing residents and visitors with comprehensive information about local services, politics, events, and community projects. The site serves as a primary digital interface for the municipality, offering online service portals such as an online counter for administrative services, room reservations, and waste disposal information. The target audience primarily consists of local citizens and stakeholders interested in municipal affairs. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies including JavaScript, CSS, and SVG graphics. It incorporates Matomo analytics for privacy-conscious user tracking and demonstrates good mobile optimization and accessibility features. The site uses HTTPS exclusively, ensuring secure data transmission. From a security perspective, the website enforces HTTPS and secure login mechanisms with multi-factor authentication recommendations. However, it lacks explicit security headers like Content-Security-Policy and does not publicly disclose an incident response or vulnerability disclosure policy. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is trustworthy and professionally maintained, with clear contact information and privacy policies aligned with GDPR requirements. The domain registration details are consistent with the municipality's identity, reinforcing legitimacy. Strategic improvements could include enhancing security headers and publishing a security contact or security.txt file to improve transparency and incident handling readiness.

G

Gemeinde Unterengstringen

unterengstringen.ch

59

The website www.unterengstringen.ch serves as the official digital presence of the municipality of Unterengstringen in Switzerland. It provides residents and visitors with comprehensive information about local governance, services, events, and community news. The site targets local citizens and stakeholders seeking municipal services and updates. The business model is that of a government information portal, focusing on transparency and service facilitation. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies including JavaScript and CSS, with Matomo analytics integrated for user behavior insights. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a good user experience across devices. Hosting and content delivery appear to be managed by i-web.ch, a Swiss hosting provider. From a security perspective, the site enforces HTTPS and uses secure login forms for user accounts. While no advanced security headers were detected, no vulnerabilities or exposed sensitive data were found. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. However, the site lacks a dedicated security policy and incident response contact information. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

G

Gemeinde Lindau

lindau.ch

58

Gemeinde Lindau operates an official municipal website providing comprehensive information and services to its residents and interested parties. The site covers a broad range of topics including local politics, administration, public services, events, education, and community life. It serves as a primary digital touchpoint for the municipality, offering online service access such as an online counter for administrative tasks and room reservations. The website targets local citizens and stakeholders seeking municipal information and services. Technically, the website employs modern web technologies including Bootstrap for responsive design, JavaScript modules, and a Swiss-based CMS platform (i-web.ch). The site is well-structured, mobile-optimized, and includes accessibility features such as skip links and ARIA roles. Performance is moderate with efficient use of images and scripts. SEO is adequately addressed with meta tags and structured navigation. From a security perspective, the site enforces HTTPS and uses secure form submissions for login. It includes a cookie consent mechanism aligned with GDPR requirements and anonymizes web analytics data. However, explicit security headers are not detected, and no public security or incident response policies are available. No vulnerabilities or exposed sensitive data were found in the content. The WHOIS data confirms the domain's legitimacy and consistency with the municipality's identity. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements could include adding explicit security policies, incident response contacts, and enhanced security headers to further strengthen the security posture.

G

Gemeindeverwaltung Henggart

henggart.ch

61

The website www.henggart.ch serves as the official digital presence of the municipal government of Henggart, Switzerland. It provides residents and visitors with comprehensive information about the community, local administration, political affairs, social services, education, events, and online services. The site is well-structured with clear navigation and multiple interactive modals for contact, login, and search functionalities, enhancing user engagement. The target audience primarily includes local citizens and stakeholders interested in municipal services and community news. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, and Bootstrap framework elements. It integrates Matomo analytics with a user consent mechanism, demonstrating a commitment to privacy compliance. The site is hosted securely over HTTPS and embeds multimedia content via Vimeo. The CMS appears to be i-web, a platform commonly used by Swiss municipalities. From a security perspective, the website enforces HTTPS and uses secure forms for user input. However, no explicit security policies, incident response contacts, or vulnerability disclosure mechanisms are published. Security headers are not evident in the provided data, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a trustworthy and professional municipal portal with good content quality and technical implementation. Strategic recommendations include enhancing security posture by implementing security headers, publishing incident response and vulnerability disclosure policies, and adding terms of service to improve legal clarity and user trust.

S

Schule Fehraltorf

schulefehraltorf.ch

60

Schule Fehraltorf is a Swiss educational institution providing comprehensive schooling services from kindergarten through secondary education, including adult education and various extracurricular offerings. The website serves as an information and service portal for students, parents, staff, and the local community, reflecting a well-established local school with a clear market position in Fehraltorf, Switzerland. The site features detailed navigation, contact options, and integration with social media platforms, supporting community engagement and transparency. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Bootstrap framework, and Matomo analytics for user tracking. The site is mobile-optimized, accessible, and demonstrates good SEO practices. The CMS used appears to be i-web, a Swiss-based content management system tailored for municipal and educational websites. From a security perspective, the site enforces HTTPS and uses secure modals for user interactions. While no explicit security headers were detected, no vulnerabilities or exposed sensitive data were found. Privacy compliance is addressed with visible privacy and cookie policies, including a consent mechanism, aligning with GDPR requirements. However, no dedicated security policy or incident response contact information is publicly available. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could focus on enhancing security headers, publishing a security policy, and providing incident response contacts to further strengthen trust and compliance.

G

Gemeindeverwaltung Aesch ZH

aesch-zh.ch

59

The website www.aesch-zh.ch serves as the official digital presence of the municipality of Aesch in the canton of Zurich, Switzerland. It provides residents and visitors with comprehensive information about local governance, services, events, and administrative procedures. The site is well-structured, targeting local citizens and stakeholders, offering key services such as an online service counter, official publications, event listings, and contact options. The business model is focused on public service and community engagement, positioning itself as a trusted local government resource. From a technical perspective, the site employs a modern CMS platform (i-web CMS) with standard web technologies including JavaScript, CSS, and HTML5. It integrates Matomo analytics for privacy-conscious visitor tracking and demonstrates good mobile optimization and accessibility features. Performance is moderate, with room for improvement in loading speed and technical modernization. Security posture is adequate with HTTPS enforced and secure form handling. However, the absence of explicit security headers and a published security policy or incident response contact reduces the overall security maturity. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, the website is a professional, trustworthy municipal platform with good content quality and user experience. Strategic improvements in security headers, incident response transparency, and technical performance could enhance its security and operational resilience.

B

Badener Tagblatt

badenertagblatt.ch

63

Badener Tagblatt is a well-established regional news media outlet serving the Baden region in Switzerland. Founded in 1856 and operated under the parent company CH Media, it provides comprehensive news coverage including sports, politics, economy, and entertainment. The website targets local residents and readers interested in regional news, offering digital content and subscription services. Technically, the site employs modern web technologies such as React, push notifications via CleverPush, and analytics tools like Chartbeat, hosted on a reliable cloud infrastructure. The site demonstrates good mobile optimization and SEO practices, ensuring accessibility and user engagement. Security-wise, the website enforces HTTPS, employs standard security headers, and avoids exposing sensitive data, though it lacks a dedicated security policy or incident response page. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and legal disclosures.

E

Elektrizitäts-Genossenschaft Siggenthal

egs-strom.ch

50

Elektrizitäts-Genossenschaft Siggenthal is a Swiss-based electricity cooperative focused on providing sustainable and community-supported energy solutions. The website presents a professional and consistent brand image, targeting local customers interested in sustainable electricity. The business model is community-oriented, positioning itself as a local energy provider with a clear focus on sustainability. Technically, the website is built on WordPress using the Astra theme and Elementor page builder, leveraging modern web technologies and SEO best practices. The site is mobile-optimized and includes structured data for enhanced search engine visibility. Security-wise, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism, but lacks explicit security headers and detailed security or incident response policies. No privacy policy or terms of service documents were found, which is a gap in compliance. Overall, the website is trustworthy and professionally maintained but could improve in privacy and security transparency.

I

Integriertes Standortmarketing Zürich (joint initiative of Stadt Zürich, Kanton Zürich, and Zürich Tourismus)

zuerich.ch

62

The website zuerich.ch serves as the official web portal for the location of Zürich, Switzerland, operated by a joint initiative of the city (Stadt Zürich), canton (Kanton Zürich), and Zürich Tourismus. It provides comprehensive information and services targeting tourists, new residents, businesses, and students, covering tourism, living, economy, and education. The site positions itself as an authoritative and trusted source for location-based information in Zürich. Technically, the site uses a StandardCMS platform with jQuery, Adobe Analytics, and jwplayer for video tracking. The site is moderately optimized for mobile and SEO, with a good design and clear navigation. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit privacy and cookie policies. User tracking is moderate via Adobe Analytics, but no cookie consent mechanism is present. Contact information is available via email and a contact form (commented out in HTML). Overall, the site is professional, trustworthy, and safe for general audiences.

B

Beratungsstelle für Unfallverhütung (BFU)

bfu.ch

72

The BFU (Beratungsstelle für Unfallverhütung) is a Swiss non-profit organization dedicated to accident prevention research, consultation, and public safety campaigns. The website serves as a comprehensive resource for accident prevention in various contexts such as road traffic, home, leisure, and sports. It targets the Swiss population, companies, and municipalities with educational content, safety products, and legal advice. The organization holds a strong market position as a leading authority in Swiss accident prevention. Technically, the website is built on ASP.NET Core with modern JavaScript libraries and integrates multiple analytics and marketing tools, all managed with user consent and privacy compliance. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is strong with HTTPS, security headers, and anti-forgery protections, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR and Swiss data protection standards.

The website erlinsbach-historie.ch serves as a community-driven photo archive dedicated to the history of Erlinsbach, Switzerland, commemorating its 850-year documented history. It provides historical timelines, photo galleries, videos, and an upload feature for community contributions. The site targets local residents, historians, and those interested in regional history, operating as a non-commercial informational resource. Technically, the site uses basic JavaScript and jQuery without advanced frameworks or CMS, with moderate performance and basic mobile and accessibility support. Security posture is limited, with no visible HTTPS confirmation or security headers, and no privacy or cookie policies present, indicating gaps in compliance and security best practices. Contact is limited to a single email address, with no phone or physical address information. Overall, the site is functional and content-rich for its purpose but requires improvements in security, privacy compliance, and technical modernization.

S

Scriby, Inc.

pwa.xyz

66

Progressier is a technology company specializing in providing a Progressive Web App (PWA) toolkit designed for web developers and AI-powered vibe coders. The platform enables users to easily integrate universal installation pages, push notifications, and other PWA features into existing web applications without requiring coding expertise. Positioned as a niche SaaS provider, Progressier targets no-code builders and developers seeking to enhance their web apps with modern PWA capabilities. The company operates under Scriby, Inc., founded in 2020, and maintains a consistent brand presence with a professional and well-structured website. Technically, Progressier employs modern web technologies including JavaScript, Font Awesome, Feather Icons, and integrates third-party services like Intercom for customer engagement. The website is mobile-optimized, fast-loading, and SEO-friendly, supporting a broad range of platforms and frameworks such as React, Vue.js, Webflow, and Shopify. Hosting is managed via GoDaddy.com, LLC, with domain registration details consistent with the company's operational timeline. From a security perspective, the site enforces HTTPS and domain-level protections such as clientDeleteProhibited status flags. However, it lacks visible security headers and published security policies or incident response contacts. The use of third-party scripts like Intercom introduces moderate user tracking, balanced by clear privacy and cookie policies with consent mechanisms. No vulnerabilities or suspicious content were detected. Overall, Progressier presents a low-risk profile with a strong business credibility and technical maturity. Strategic recommendations include enabling DNSSEC, implementing security headers, publishing a security policy, and adding a security.txt file to enhance transparency and security posture.

S

Scriby, Inc.

progressier.app

66

Progressier is a technology-focused SaaS company specializing in providing a Progressive Web App (PWA) toolkit aimed at web developers and no-code 'vibe coders'. The platform offers a comprehensive suite of services including universal installation pages, push notifications, no-code manifest creation, and PWA analytics, positioning itself as a niche player in the PWA development ecosystem. The company targets developers and businesses seeking to enhance their web applications with modern PWA capabilities without extensive coding effort. Technically, the website demonstrates a mature digital infrastructure leveraging modern JavaScript, CSS, and third-party integrations such as Intercom for customer engagement. The site is well-optimized for mobile and desktop, with fast performance and good SEO practices. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though it lacks explicit security headers and a public security policy or vulnerability disclosure page. The domain registration is consistent and appropriate for the company's founding date in 2020, with no privacy protection masking registrant details. Overall, Progressier presents a professional and trustworthy online presence with room for improvement in formal security disclosures and contact transparency.

S

Schule Oensingen

primarschule-oensingen.ch

46

Schule Oensingen is a local primary school in Switzerland providing education services including kindergarten, primary school classes, and after-school care. The website serves as an information portal for parents, students, and the local community, offering news, events, contact details, and administrative information. The institution positions itself as a community-focused educational provider with clear communication channels and a structured service offering. Technically, the website is built on a modern CMS platform (i-web.ch), utilizing HTML5, CSS3, JavaScript, and responsive design techniques. It incorporates accessibility features and a user-friendly navigation structure. The site includes interactive elements such as carousels and modals for contact and search functionalities, indicating a moderate level of digital maturity. From a security perspective, the website enforces HTTPS and uses secure forms with CSRF tokens. However, it lacks explicit published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, reflecting adherence to GDPR principles. Overall, the website is trustworthy, professionally maintained, and suitable for its educational purpose. Strategic improvements could include publishing formal security and incident response policies and enhancing HTTP security headers to further strengthen the security posture.

M

MySign AG

ecommerce-automation.com

66

MySign AG operates the ecommerce-automation.com website, focusing on providing expertise, consulting, and research in e-commerce automation to improve efficiency and customer experience for B2B and B2C clients. The company collaborates with the FHNW university for research reports and offers digital tools and webinars. Technically, the website uses modern JavaScript libraries, lazy loading, and a custom CMS, delivering fast performance and excellent mobile optimization. Security posture is good with HTTPS and cookie consent mechanisms, but lacks explicit security headers and published security policies. WHOIS data is unavailable, which raises some concerns about domain legitimacy, though the website content and contact information support trustworthiness. Overall, the site is professional, well-structured, and privacy compliant, with recommendations to enhance security transparency and domain registration verification.

I

ImmoScout24

immoscout24.ch

59

ImmoScout24 is a leading Swiss real estate platform offering comprehensive services for buying, renting, and valuating properties. Owned by Scout24 AG, it serves a broad audience in Switzerland with a professional and user-friendly website. The platform integrates mortgage services and property advertising, positioning itself as a one-stop solution for real estate needs. Technically, the website employs modern JavaScript frameworks, CDN delivery, and robust consent management tools, ensuring fast performance and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

The website www.jaem.ch is currently inaccessible beyond a Cloudflare security challenge page that requires human verification via Turnstile captcha. Due to this, no actual business content, contact information, or policies are accessible for analysis. The site appears to be protected by Cloudflare's WAF, indicating an intent to secure the site from automated or malicious traffic. However, this also limits the ability to assess the company's market position, services, or compliance posture. The technical infrastructure includes Cloudflare services and standard web technologies but lacks visible SEO or accessibility features due to the blocked content. Security posture cannot be fully evaluated, but the presence of Cloudflare WAF is a positive indicator. Overall, the site currently provides minimal information, resulting in a low trust and credibility score. For a comprehensive assessment, access beyond the WAF challenge is necessary.

B

Baptist Health South Florida

baptisthealth.net

73

Baptist Health South Florida is a well-established healthcare provider network serving the South Florida region with a comprehensive range of medical services including hospitals, doctors, urgent care, and outpatient centers. The website reflects a professional and consistent brand presence, targeting patients and healthcare consumers in the region. The business model focuses on delivering healthcare services through multiple facilities and expert medical staff, positioning Baptist Health as a leading healthcare provider in its market. Technically, the website employs a modern technology stack including JavaScript frameworks, Google Maps API, and analytics tools such as New Relic and Yext Answers. The site is built on a CMS likely to be Sitecore, optimized for mobile use, and incorporates SEO best practices. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS, uses security headers for cache control, and has domain registration protections such as clientTransferProhibited status. However, DNSSEC is not enabled, and explicit security or incident response policies are not publicly available. The extensive use of tracking and analytics indicates a high level of user monitoring, balanced by the presence of privacy and cookie policies with consent mechanisms. Overall, the website demonstrates a high level of business credibility and trustworthiness with no signs of blocking or WAF interference. Recommendations include enabling DNSSEC, publishing detailed security policies, and enhancing security headers to further strengthen the security posture.

JADPRO Live is a specialized educational event platform targeting advanced practitioners in oncology. The website serves as a hub for professional development and conference information, positioning itself as a niche leader in oncology education. The business model revolves around event hosting and educational content delivery, catering to healthcare professionals seeking advanced knowledge and networking opportunities. The domain has been active since 2014, indicating an established presence in its sector. Technically, the website employs a modern technology stack including Google Analytics, Facebook Pixel, LinkedIn Insight Tag, Microsoft Clarity, and Matomo for analytics and user tracking. It uses HTTPS with domain locks enabled, hosted via GoDaddy infrastructure. The site shows moderate performance and good mobile optimization but lacks some advanced security headers and DNSSEC implementation. The cookie consent mechanism is present, reflecting some privacy compliance efforts. From a security perspective, the site maintains a good baseline with HTTPS and domain management best practices. However, it lacks visible privacy policies, terms of service, security policies, and incident response contacts, which are critical for compliance and trust. The extensive use of third-party tracking scripts increases the attack surface and privacy risks. No vulnerabilities or malicious indicators were detected in the provided content. Overall, the website is professional and trustworthy for its intended audience but would benefit from enhanced privacy compliance documentation, improved security headers, and clearer contact information to strengthen its security posture and regulatory adherence.

G

Gemeinde Wohlen

wohlen.ch

62

Gemeinde Wohlen operates as the official municipal government website for the town of Wohlen in Switzerland, providing a broad range of services and information to residents, businesses, and visitors. The site offers detailed sections on administration, politics, education, culture, social services, and local events, positioning itself as a comprehensive community resource. The business model is centered on public service and community engagement, with a clear focus on accessibility and user-friendly navigation. Technically, the website is built on the i-web CMS platform, utilizing modern web technologies such as JavaScript modules and CSS. The site demonstrates good mobile optimization and accessibility features, with a moderate performance profile. SEO practices are adequately implemented, including meta tags and structured navigation. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and published security policies or incident response contacts, which could be improved to enhance trust and resilience. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism, ensuring GDPR alignment. Overall, the website presents a low-risk profile with strong business credibility and good content quality. Strategic improvements in security policy transparency and technical security controls would further strengthen its posture.

J

Jugendanimation Ennetbaden

j-eb.ch

61

The website www.j-eb.ch is a small business site hosted on the Wix platform, utilizing Wix Thunderbolt and Wix UI technologies. The site content is minimal and primarily technical, with limited business descriptive information available. The business appears to be based in Switzerland, consistent with domain registration data. The technical infrastructure is modern for a Wix-based site, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and some JavaScript security hardening, but lacks important security headers and published privacy or cookie policies. Contact information and incident response details are not present, limiting user trust and compliance. Overall, the site is safe for general audiences but requires improvements in privacy compliance and security best practices to enhance trustworthiness and regulatory adherence.

J

JFB Region Baden

jfbb.ch

60

JFB Region Baden is a regional non-profit organization based in Switzerland providing personal and financial advice and support to residents of the Baden region. The website serves as an informational and contact portal for community members seeking assistance. The organization positions itself as a trusted local service provider with a focus on social support. Technically, the website is built on the Wix platform using Wix Thunderbolt and standard web technologies, offering a moderate performance and good mobile optimization. Security posture is solid with HTTPS and security headers implemented, though privacy and cookie policies are missing, which is a compliance gap. Overall, the website is professional and trustworthy but could improve privacy compliance and incident response transparency.

G

Gemeinde Obergösgen

obergoesgen.ch

59

The website www.obergoesgen.ch serves as the official digital presence of the municipality of Obergösgen in Switzerland. It provides residents and visitors with comprehensive information about local government services, community news, events, and administrative functions including an online service portal. The site targets local citizens and stakeholders, offering a user-friendly interface with clear navigation and relevant content tailored to municipal needs. Technically, the website is built on a modern CMS platform (i-web CMS) utilizing standard web technologies such as HTML5, CSS, JavaScript, and Bootstrap for responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices. It employs HTTPS for secure communication and includes a cookie consent mechanism ensuring compliance with privacy regulations. From a security perspective, the site enforces HTTPS and uses secure form submission methods. However, it lacks explicit security headers and a dedicated security policy or incident response contact, which are recommended best practices. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy policies and terms of service are present and appear compliant with GDPR requirements. Overall, the website is a trustworthy and professional municipal portal with a strong focus on community engagement and service delivery. Strategic improvements in security headers and incident response transparency could further enhance its security posture and user trust.

G

Gemeinde Niedergösgen

niedergoesgen.ch

61

Gemeinde Niedergösgen betreibt eine offizielle Website, die umfassende Informationen und Dienstleistungen für Einwohner und Interessierte der Gemeinde bereitstellt. Die Website ist klar strukturiert und bietet Inhalte zu Verwaltung, Politik, Bildung, Gewerbe und sozialem Leben. Die Zielgruppe sind hauptsächlich lokale Bürger und Besucher der Gemeinde. Die Website nutzt das i-web CMS und ist technisch solide mit moderater Performance und guter mobiler Optimierung. Die Sicherheitslage ist grundlegend gut mit HTTPS, jedoch fehlen erweiterte Sicherheitsheader und explizite Sicherheitsrichtlinien. Datenschutz wird durch eine gut sichtbare Datenschutzerklärung und Cookie-Einwilligung gewährleistet. Insgesamt zeigt die Website eine hohe Vertrauenswürdigkeit und Professionalität, typisch für eine kommunale Institution.

G

Gemeinde Niederbuchsiten

niederbuchsiten.ch

59

The website www.niederbuchsiten.ch serves as the official digital presence of the Gemeinde Niederbuchsiten, a small municipal government entity in Switzerland. It provides comprehensive information about the community, including services, events, political structure, and contact details. The site targets residents and visitors seeking municipal information and online services such as room reservations and administrative contacts. The business model is focused on public service and community engagement, positioning itself as a trusted local government resource. Technically, the website is built on the i-web CMS platform, utilizing modern web technologies including JavaScript modules and import maps. The site is mobile-optimized, accessible, and structured with clear navigation. Performance is moderate, with no critical technical issues detected. The use of a Swiss-based anonymized web statistics service indicates a privacy-conscious approach to analytics. From a security perspective, the site employs HTTPS but lacks visible advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is well addressed with a clear privacy and cookie policy, including user consent mechanisms. Contact information is transparent and professionally presented, enhancing trustworthiness. Overall, the website demonstrates a solid security posture and good digital maturity for a municipal government site. Recommendations include implementing additional security headers, publishing security policies, and enhancing incident response transparency to further strengthen security and compliance.

G

Gemeinde Gunzgen

gunzgen.ch

60

Gemeinde Gunzgen is a municipal government website serving the local community in Switzerland. It provides a broad range of public services and information including politics, administration, education, social services, events, and waste management. The site targets residents and visitors seeking official information and online services such as the Online-Schalter. The website is well-structured, professionally designed, and consistent with the branding of a local government entity. Technically, the site uses a modern CMS platform (i-web CMS) with standard web technologies such as JavaScript, CSS, and HTML5. It is mobile-optimized and accessible, with good SEO practices and a moderate performance profile. The site employs HTTPS and includes a cookie consent mechanism, reflecting a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and anonymizes web statistics data, but lacks explicit security headers and a published security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is supported by a clear privacy policy and cookie consent banner, aligned with GDPR requirements. Overall, the website presents a low-risk profile with strong business credibility as a government entity. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further improve trust and security posture.

G

Gemeinde Fulenbach

fulenbach.ch

59

Gemeinde Fulenbach operates an official municipal website serving the local community of Fulenbach, Switzerland. The site provides comprehensive information about local government services, news, events, and administrative contacts. It targets residents and visitors seeking municipal information and online services. The website is positioned as a trusted local government portal with clear navigation and relevant content. Technically, the website is built on the i-web.ch CMS platform, utilizing modern web technologies including JavaScript, CSS, and responsive design. The site demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, with no critical technical issues detected. From a security perspective, the website enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and does not publish a security policy or incident response contacts. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, indicating awareness of GDPR requirements. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements could focus on enhancing security headers and publishing a vulnerability disclosure policy to further strengthen trust and security posture.

G

Gemeindeverwaltung Egerkingen

egerkingen.ch

61

The website www.egerkingen.ch serves as the official digital presence of the municipal administration of Egerkingen, Switzerland. It provides comprehensive information about the community, local politics, administrative services, events, and official publications. The site targets residents and visitors seeking municipal services and information. The business model is that of a government entity delivering public services and community engagement. The website is well-structured, professionally designed, and consistent with the branding expected from a local government authority. Technically, the site utilizes a Swiss municipal CMS (iCMS) with modern web technologies including JavaScript, CSS, and HTML5. It employs Matomo analytics with a clear user consent mechanism, indicating a mature approach to privacy. The site is mobile-optimized and accessible, with good SEO practices. Performance is moderate, suitable for the content and audience. From a security perspective, the website enforces HTTPS and uses secure login forms. However, it lacks explicit security headers and does not publish a security policy or vulnerability disclosure page. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the legitimacy and consistency of the domain registration with the municipal identity. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further improve trust and security posture.

M

MySign

mysign.ch

68

MySign is a Swiss-based e-commerce platform provider offering a flexible, cloud-native solution tailored for both B2B and B2C businesses. The company emphasizes seamless integration with third-party systems and provides hosting services, positioning itself as a comprehensive e-commerce automation partner. The website reflects a mature digital presence with professional design and clear business messaging targeting Swiss and German-speaking markets. Technically, the site leverages modern marketing and analytics tools including HubSpot, Matomo, and Microsoft Clarity, indicating a strong digital marketing and data-driven approach. Security posture is solid with HTTPS enforced and external security audits claimed, though explicit security policies and incident response details are not published. Overall, the website is trustworthy, well-structured, and compliant with GDPR, with clear contact information and parent company affiliation to Allgeier (Schweiz) AG.

Sihlcity is a prominent urban entertainment and shopping center located in Zurich, Switzerland. The website presents a well-structured digital presence with a focus on retail, dining, and entertainment services targeting the general public and visitors in Zurich. The business model revolves around providing a comprehensive shopping and leisure experience in a large-scale urban environment. The site is professionally designed with consistent branding and good content quality, supporting its market position as a major retail hub. Technically, the website leverages modern JavaScript frameworks, notably Vue.js, and is managed via Magnolia CMS. It integrates Cookiebot for cookie consent management and Google Tag Manager for analytics, indicating a moderate level of digital maturity. The site is mobile-optimized and performs moderately well, with good SEO practices observed. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies such as incident response or vulnerability disclosure. No critical vulnerabilities or suspicious content were detected. Privacy compliance is basic, with no visible privacy policy or terms of service on the homepage, which is a notable gap. Overall, the website is trustworthy and professional, with a solid business credibility score. Strategic improvements in privacy policy publication, security header implementation, and incident response transparency would enhance the security posture and compliance standing.

Schule Wettingen is a public educational institution serving the Wettingen community in Switzerland, offering comprehensive educational services from kindergarten through secondary school, including special education and music school programs. The website reflects a well-structured organization with multiple subdomains dedicated to different school levels and services, targeting parents, students, and local residents. The content is primarily in German and focuses on educational information and integration support for foreign language speakers. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and Piwik/Matomo for analytics. The site is served over HTTPS, ensuring secure communication, but lacks advanced security headers and visible privacy or cookie policies, which are areas for improvement. Mobile optimization and accessibility are basic but functional, with moderate performance. From a security perspective, the site shows a good baseline with HTTPS and no visible vulnerabilities or exposed sensitive data. However, the absence of security headers, privacy policies, and incident response information indicates gaps in security maturity and compliance, particularly with GDPR requirements. The use of analytics without a consent mechanism further highlights privacy compliance risks. Overall, Schule Wettingen presents a trustworthy and professional online presence appropriate for a public educational institution. Strategic improvements in privacy compliance, security headers, and mobile accessibility would enhance the site's security posture and user trust.

The website www.genomeweb.com is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks content access until human verification is completed. No meaningful website content, metadata, or business information is available for analysis. The WHOIS query for the domain returned no registration data, indicating the domain may be unregistered or WHOIS data is withheld, which raises concerns about domain legitimacy. The technical infrastructure includes Cloudflare security services but lacks visible security headers or policies. Due to the blocked content and missing WHOIS data, the overall risk assessment is high, and the website's trustworthiness and business credibility cannot be established.

D

Devex

devex.com

68

Devex is a well-established media platform focused on the global development community, providing news, career services, funding information, and events to over 1.3 million professionals worldwide. The platform operates with a professional and consistent brand presence, offering subscription-based premium content and advertising partnerships. Technically, the website employs modern web technologies including Bootstrap 5, various analytics and marketing tools, and CDN services to ensure performance and scalability. Security posture is solid with HTTPS enforced and bot protection in place, although some security headers and explicit security policies are absent. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. Overall, the website presents a trustworthy and professional front with minor areas for security enhancement.

The International Society for Animal Genetics (ISAG) is a non-profit scientific organization dedicated to advancing research and collaboration in molecular genetics of animals. The society organizes conferences, workshops, comparison tests, and publishes the official journal Animal Genetics. The website serves as a hub for members and researchers to access resources, membership services, and event information. The target audience primarily consists of scientists and researchers in the animal genetics field. Technically, the website uses basic web technologies including JavaScript and CSS with no detected modern frameworks or CMS. The site is moderately optimized for performance and mobile use but lacks advanced accessibility features. Security posture is moderate with HTTPS implied but no visible security headers or advanced protections. Privacy and cookie policies are present but basic, with a consent mechanism implemented. Overall, the security posture is adequate for a non-profit scientific society but could be improved by implementing security headers and enhancing privacy compliance. The absence of WHOIS data is likely due to privacy protection, which is justified for this type of organization. No suspicious or malicious indicators were found. The website is trustworthy and serves its community effectively.

U

Upworthy

leaps.org

70

Upworthy is a media company focused on sharing positive and uplifting stories that inspire a general audience. The website positions itself as a niche media outlet emphasizing heartwarming and thought-provoking content. Its business model revolves around content publishing supported by advertising and affiliate marketing, particularly through partnerships with ad networks like AdThrive and Amazon Affiliates. The site maintains a consistent brand presence across multiple social media platforms, enhancing its reach and engagement. Technically, Upworthy employs a modern JavaScript-based infrastructure with integrations of Google Analytics, Google Tag Manager, and ad-serving technologies. The site uses the RebelMouse CMS platform, which supports dynamic content delivery and advertising management. Performance and mobile optimization are good, though accessibility features are basic. SEO practices are well implemented with proper meta tags and structured data. From a security perspective, the site enforces HTTPS and uses a consent management platform for cookie compliance. However, some security headers such as Content-Security-Policy and X-Frame-Options are not explicitly present, indicating room for improvement. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with cookie consent mechanisms present but no explicit privacy policy found in the analyzed content. Overall, the website is professionally designed and trustworthy in content and user experience. However, the WHOIS data is missing or indicates the domain is unregistered, which is inconsistent with the active website presence. This discrepancy warrants further investigation to confirm domain legitimacy. Strategic recommendations include enhancing security headers, publishing a clear privacy policy, and verifying domain registration details to improve trust and compliance.

I

Illumina

illuminagenomicsforum.com

11

Illumina, Inc. is a leading enterprise in the genomics and healthcare technology sector, specializing in genomic sequencing and precision medicine solutions. The website analyzed promotes a genomics forum event, targeting healthcare professionals, researchers, and industry leaders. Illumina holds a strong market position with a comprehensive portfolio of genomic technologies and services. The website content is professionally curated, with clear branding and a focus on industry events and innovation in healthcare. Technically, the website employs modern web technologies including Adobe Experience Manager as CMS, Bootstrap 4 framework, and integrates marketing and analytics tools such as Google Tag Manager and Adobe Launch. The site is mobile optimized, accessible, and SEO friendly, reflecting a mature digital infrastructure. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, uses standard security headers, and implements cookie consent mechanisms compliant with GDPR. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. The WHOIS data is privacy protected, which is justified for a large healthcare technology company. Overall, Illumina's website demonstrates a high level of professionalism, security, and compliance suitable for an enterprise in the healthcare technology domain. Strategic recommendations include publishing detailed security policies, incident response information, and vulnerability disclosure to enhance trust and security posture.

The website www.science.org is the official online presence of the American Association for the Advancement of Science (AAAS), a leading global scientific publisher and association. It offers peer-reviewed journals, scientific news, expert commentary, and career resources targeted at researchers, academics, and science professionals. The site supports a subscription and membership business model, providing exclusive content and community access to members. The brand is well-established with consistent and professional presentation, reflecting its enterprise-level stature in the education and media sectors. Technically, the site employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Adobe DTM, and Cloudflare Insights for performance and analytics. It is hosted likely behind Cloudflare, ensuring fast loading and robust security. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. From a security perspective, the site enforces HTTPS, implements multiple security headers, and uses cookie consent mechanisms aligned with GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly detailed, representing an area for improvement. Overall, the website demonstrates a strong security posture, excellent content quality, and good privacy compliance. The lack of WHOIS data is attributed to privacy protection and does not detract from the site's legitimacy given its well-known institutional backing. Strategic recommendations include publishing detailed security policies, vulnerability disclosure mechanisms, and enhancing security contact information to further strengthen trust and compliance.

1

1xBet

esp-congress.org

57

The website www.esp-congress.org appears to be a gambling and sports betting platform branded as 1xBet, targeting users in Bangladesh. It offers a wide range of betting and casino services, including sports betting, live bets, online slots, poker, and a mobile app for Android and iOS. The platform claims to operate under a Curacao license issued to Caecus N.V. and emphasizes localized payment methods and bonuses for Bangladeshi customers. The site is professionally designed with good navigation and mobile optimization, providing detailed information about registration, deposits, withdrawals, and promotions. Technically, the website uses standard web technologies such as HTML5, CSS, and JavaScript, with no detected CMS or advanced frameworks. The site is mobile-friendly and optimized for performance, though no explicit security headers or analytics scripts were detected in the provided HTML content. The WHOIS data is unavailable or malformed, limiting the ability to verify domain registration details and reducing trustworthiness from a domain perspective. From a security standpoint, the site uses HTTPS as implied by canonical links but lacks visible security headers and formal privacy or cookie policies. Incident response contact is provided via a security-related email address. No critical vulnerabilities or malware indicators were found in the content. The content is focused on gambling, which is considered questionable content requiring adult user targeting but no explicit adult material was detected. Overall, the site presents a functional and professional gambling platform with moderate trustworthiness due to missing WHOIS data and privacy compliance gaps. Strategic recommendations include improving security headers, publishing privacy and cookie policies, enhancing incident response visibility, and verifying domain registration information to increase user trust and compliance.

U

UofL Health

uoflhealth.org

71

UofL Health is a large, not-for-profit academic health system serving Kentucky and Indiana, operating multiple hospitals, medical centers, and physician practices. The website reflects a professional healthcare provider platform with a focus on patient services, appointments, and community engagement. The technical infrastructure is based on WordPress with modern web technologies including Bootstrap and JavaScript libraries, delivering a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and security headers, though DNSSEC is not enabled and no explicit vulnerability disclosure or incident response policies are published. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the website is trustworthy and well-positioned for its audience but could improve transparency and compliance documentation.

V

Volksschule Baden

schule-baden.ch

45

Volksschule Baden is a public educational institution serving the Baden community in Switzerland, providing comprehensive kindergarten, primary, and secondary education services. The website is professionally designed using TYPO3 CMS and offers detailed information about school organization, educational offers, agendas, and contact details. The target audience includes parents, students, educators, and local residents. The institution holds a stable market position as a local government education provider with key services including school social work, youth projects, and extracurricular activities. Technically, the website employs a modern CMS (TYPO3) and integrates Google Analytics and Google Tag Manager for user tracking. The site is mobile-optimized with good navigation and design quality. However, it lacks visible privacy and cookie policies and does not implement a consent mechanism, which impacts privacy compliance. Security posture is good with HTTPS enforced and secure form handling, but no advanced security headers or vulnerability disclosure policies are present. Overall, the website is trustworthy and professionally maintained, with clear contact information and consistent branding. The absence of privacy and cookie policies and security headers are notable gaps. There are no signs of malicious content or blocking mechanisms, and the domain registration data aligns well with the website's public education purpose. Strategic recommendations include implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, publishing a vulnerability disclosure policy, and enhancing accessibility features to improve compliance and security posture.

F

Font Awesome

fontawesome.io

71

Font Awesome is a leading provider of icon libraries and toolkits widely used by designers, developers, and content creators globally. Established in 2012, the company offers a freemium business model with free and Pro subscription plans, delivering millions of icons and developer-friendly tools via CDN and APIs. The website reflects a mature digital presence with modern frameworks, fast performance, and comprehensive content tailored to its target audience. Security practices are robust, including HTTPS enforcement, CSRF protection, and user consent for analytics, although DNSSEC is not enabled. Privacy and legal policies are clearly presented, supporting GDPR compliance. Overall, Font Awesome maintains a strong market position with consistent branding and trustworthy operations.

T

Tamedia AG

carteblanche.ch

61

The website www.carteblanche.ch serves as a customer loyalty platform for subscribers of Tamedia AG's newspapers and magazines, offering exclusive discounts, contests, and cultural event benefits. It is well integrated into the Tamedia media ecosystem, reflecting a strong market position in the Swiss media sector. The site targets subscribers interested in cultural, sports, and travel offers, leveraging a digital customer card model to enhance subscriber engagement. Technically, the site is built on modern web technologies including Next.js and React, supported by a robust content management system (UnityCMS). It employs industry-standard analytics and advertising tools such as Google Analytics, DoubleClick, and OneTrust for cookie consent, ensuring compliance and performance. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the website enforces HTTPS, uses multiple security headers, and integrates CAPTCHA on contact forms to mitigate abuse. While no explicit security policy or incident response contacts are published, the overall security posture is strong with no evident vulnerabilities. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and aligned with the business identity of Tamedia AG. It demonstrates a mature digital presence with good security and privacy practices, supporting its role as a customer engagement platform within the media industry.

E

European Reference Networks

erncare4ua.com

59

The website www.erncare4ua.com represents the European Reference Networks' initiative to support Ukrainian patients with rare diseases by providing healthcare professionals with information on diagnosis, treatment, and advice. The site is built on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies. It offers multilingual support and structured data to enhance search engine visibility. The technical infrastructure is modern and moderately performant, with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforcement and some JavaScript-based security controls, though explicit security headers and privacy policies are missing. The absence of WHOIS data limits domain trust assessment, but the website content and branding align with a legitimate healthcare network. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact information.

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which indicates that the actual website content is inaccessible or blocked. The page content is primarily the offline dinosaur game embedded in Chrome and does not represent a real website. Consequently, no business information, privacy policies, or contact details are available. The technical infrastructure is limited to client-side JavaScript for the game, with no server-side or hosting details. Security posture is minimal with no HTTPS or security headers detected. Overall, the site is non-functional from a user or business perspective and cannot be properly assessed for compliance or security.

P

PentaGen s.r.o.

pentagen.cz

56

PentaGen s.r.o. is a specialized Czech company founded in 2006, focused on the supply and distribution of products for laboratory diagnostics and in vitro fertilization (IVF). The company targets laboratories, medical professionals, and IVF clinics primarily in the Czech Republic and Slovakia. Their business model is B2B distribution of specialized medical and genetic diagnostic products, supported by technical services and product expertise. The website reflects a professional and consistent brand image with clear navigation and relevant content for their niche market. Technically, the website employs modern JavaScript frameworks such as Vue.js and uses Google Tag Manager for analytics. It is hosted on Czech hosting infrastructure (Forpsi) and shows good mobile optimization and SEO practices. The site uses HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers and a published security policy are absent. From a security perspective, the site demonstrates good practices including secure forms with captcha and GDPR consent, no exposed sensitive data, and minimal user tracking. The absence of a vulnerability disclosure policy or incident response contact limits transparency in security management. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with the business claims, indicating a trustworthy domain. Overall, the website scores well in content quality, technical implementation, security posture, privacy compliance, and business credibility. Recommendations include adding security headers, publishing a security policy, and establishing a vulnerability disclosure channel to enhance trust and security posture further.

T

Tamedia AG

landbote.ch

11

Tamedia AG operates the Tages-Anzeiger website, a leading Swiss news media platform providing regional news and background information for Winterthur and surrounding areas. The company has a strong market position as a reputable media publisher with a subscription-based business model offering digital and print content. The website demonstrates a mature digital infrastructure using modern web technologies such as Next.js, JavaScript, and integrated paywall solutions. It employs robust privacy and cookie consent mechanisms, reflecting compliance with GDPR and other privacy regulations. Security posture is strong with HTTPS enforcement, security headers, and CAPTCHA-protected forms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and well-optimized for user experience and SEO.