Security Directory

M

MPskin

mpskin.com

64

MPskin is a specialized technology company offering an overlay solution to enhance Matterport virtual tours with advanced features such as augmented reality, multilingual support, and virtual staging. The company targets real estate professionals and digital marketers seeking to create engaging digital twins and immersive virtual experiences. Their market position is niche but well-defined, supported by a professional website and ISO 27001 certified hosting infrastructure. Technically, the website leverages modern JavaScript frameworks like Vue.js and Nuxt.js, integrates multiple analytics and marketing tools, and demonstrates strong performance and mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and certified hosting, though the absence of public WHOIS data and incident response contacts suggests areas for improvement. Overall, MPskin presents a trustworthy and professional digital presence with minor gaps in transparency and vulnerability disclosure.

S

Digitale Themen- und Erlebniswege – smarTrails

smartrails.ch

64

The website smartrails.ch presents itself as a digital platform focused on thematic and experience trails, likely serving a niche market in Switzerland. The site uses modern web technologies such as Nuxt.js, Vue.js, and Tailwind CSS, indicating a contemporary technical infrastructure with good mobile optimization and user experience. However, the content is basic and lacks comprehensive business and contact information, which limits the depth of user engagement and trust signals. Security posture is weak due to the absence of security headers and explicit policies, and privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is functional and professionally designed but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

B

BOTfriends

botfriendsx.com

63

BOTfriends X is a conversational AI platform designed to enable businesses and developers to build, optimize, and scale virtual assistants efficiently. The platform offers a comprehensive suite of tools including AI workflow management, human handover capabilities, and integration with various NLU services. Positioned as a specialized SaaS provider in the conversational AI market, BOTfriends targets enterprises seeking advanced AI-driven customer engagement solutions. The company was founded in 2019 and operates primarily out of Germany, reflecting a medium-sized technology business profile. Technically, the website leverages modern web technologies such as Vue.js, Nuxt.js, and Vuetify, ensuring a responsive and user-friendly interface. The use of Google Fonts and Material Design Icons enhances the visual appeal and usability. Hosting and domain registration are managed through reputable providers, although DNSSEC is not enabled, representing a minor security gap. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and uses secure input types for authentication forms. However, no explicit security headers were detected in the provided data, and there is no published security or incident response policy. The absence of privacy and cookie policies reduces compliance confidence, although the platform does collect analytics data via Chatbase. The WHOIS data indicates a consistent and legitimate domain registration with no suspicious patterns. Overall, BOTfriends X presents a professional and credible online presence with a solid technical foundation. To enhance trust and compliance, it is recommended to publish comprehensive privacy and cookie policies, enable DNSSEC, and implement standard security headers. These improvements will strengthen the platform's security posture and regulatory adherence, supporting its growth in the competitive conversational AI market.

F

Fundació Mies van der Rohe

miesbcn.com

48

Fundació Mies van der Rohe is a well-established non-profit cultural foundation based in Spain, dedicated to promoting contemporary architecture and urban planning, with a special focus on the work of Ludwig Mies van der Rohe and the Modern Movement. The foundation offers a variety of services including exhibitions, research, publications, educational programs, and pavilion visits. The website reflects a professional and consistent brand image with good content quality and clear navigation, targeting architecture enthusiasts, researchers, and the general public. Technically, the website is built on WordPress with modern JavaScript libraries such as Vue.js and jQuery, and uses plugins for SEO and GDPR compliance. The site is mobile-optimized and performs moderately well. Security posture is adequate with HTTPS enabled and cookie consent implemented, though it lacks some security headers and DNSSEC is not enabled. No critical vulnerabilities or exposed sensitive data were detected. Overall, the domain registration is consistent with the business profile, showing a long-standing presence since 1996, enhancing trustworthiness. The site integrates Google Analytics and Mailchimp for marketing and analytics, with good privacy compliance indicators. Contact is primarily through forms and social media channels, with no direct emails or phone numbers published. Strategic recommendations include enhancing security headers, enabling DNSSEC, publishing security and incident response policies, and considering a vulnerability disclosure policy to improve transparency and security maturity.

Ausstellungsraum Klingental operates as a cultural exhibition space in Switzerland, focusing on hosting art exhibitions and providing free consultations for cultural workers. The website presents a clear schedule of upcoming events and exhibitions, targeting artists, cultural professionals, and the general public interested in contemporary art. The business model appears to be non-profit or cultural institution-oriented, with a local/regional market position. Technically, the website is built using Vue.js with deferred JavaScript loading, indicating a modern frontend framework usage. The site shows moderate performance and basic mobile optimization but lacks advanced SEO and accessibility features. Hosting details and CMS are not explicitly identified. From a security perspective, the website lacks visible security headers, privacy policies, cookie consent mechanisms, and contact information for security or data protection concerns. No analytics or tracking scripts were detected, which reduces privacy risks but also indicates limited data-driven insights. The absence of HTTPS enforcement details and security best practices lowers the security posture. Overall, the website is functional and professionally designed for its cultural purpose but requires improvements in privacy compliance, security hardening, and contact transparency to enhance trust and regulatory adherence.

S

Schweizer Milchproduzenten SMP Genossenschaft

swissmilk.ch

66

Swissmilk is the official online platform of the Schweizer Milchproduzenten SMP Genossenschaft, a Swiss dairy cooperative focused on promoting Swiss milk and milk products. The website serves as an online cookbook featuring seasonal recipes, kitchen tips, healthy nutrition information, and competitions, targeting a general audience interested in Swiss dairy products. The cooperative holds a strong market position within Switzerland as a trusted promoter of local dairy. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with integration of Cloudinary for media and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. Privacy compliance is limited due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy, well-maintained, and serves its business purpose effectively.

O

OCHSNER SPORT

ochsnersport.ch

67

OCHSNER SPORT is a prominent Swiss sports retail company operating a comprehensive e-commerce platform offering over 30,000 sports articles and top brands. The website targets sports enthusiasts in Switzerland, providing a broad range of sportswear and equipment with value-added services such as free shipping and free in-store returns. The business model is focused on online retail complemented by physical stores, positioning itself as a leading player in the Swiss sports retail market. Technically, the website leverages modern web technologies including Vue.js and Nuxt.js frameworks, styled with Tailwind CSS, and integrates marketing and analytics tools such as Google Tag Manager and Dynamic Yield. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS with excellent SSL configuration but lacks visible security headers and explicit security policies. Cookie consent is managed via a consent manager, indicating some privacy compliance efforts. No critical vulnerabilities or blocking mechanisms were detected, suggesting a stable security posture but with opportunities for enhancement. Overall, the website is professional and trustworthy with a strong business presence. However, it would benefit from publishing clear privacy and terms of service policies and implementing additional security headers to strengthen its security and compliance posture.

W

World Sailing

sailing.org

10

World Sailing is the official international governing body for the sport of sailing, providing comprehensive information on sailors, international regattas, events, boat classes, member federations, and rankings across multiple sailing disciplines including fleet racing, match racing, para sailing, and e-sailing. The organization serves a global audience of sailing enthusiasts, athletes, and affiliated federations, positioning itself as the authoritative source for sailing governance and event information worldwide. The website reflects a medium-sized, professional non-profit entity with consistent branding and good content quality. Technically, the website employs modern web technologies such as Vue.js and is hosted on a CDN infrastructure (Amazon CloudFront), ensuring moderate to good performance and mobile optimization. The presence of Google Tag Manager indicates active analytics and marketing tracking, although privacy compliance measures such as cookie consent and privacy policies are not evident in the provided content. From a security perspective, the site enforces HTTPS and follows some best practices but lacks visible security headers and explicit privacy or incident response policies. No vulnerabilities or suspicious elements were detected in the content. The WHOIS data is unavailable or privacy-protected, which is common for organizations of this nature, and does not raise immediate concerns. Overall, the website is professional, trustworthy, and safe for general audiences, but improvements in privacy compliance and security header implementation are recommended to enhance trust and regulatory adherence.

M

Mirabella–Morganti

mirabella-morganti.ch

58

Mirabella–Morganti is a Swiss design studio founded in 2013 specializing in art, culture, and education projects. The company offers a range of creative services including visual identities, campaigns, posters, books, and digital media, with a strong emphasis on print design and typography. They also contribute to education through lecturing roles at the Zurich University of the Arts. The website reflects a professional portfolio with rich content and a consistent brand image targeting cultural and educational organizations. Technically, the site is built using Vue.js with deferred JavaScript loading, providing good mobile optimization and SEO. However, the site lacks visible privacy and cookie policies, security headers, and explicit contact emails or phone numbers, which are areas for improvement. No WAF or blocking mechanisms were detected, and the WHOIS data aligns well with the business claims, indicating legitimacy.

S

Stiftung Denk an mich

denkanmich.ch

62

Stiftung Denk an mich is a Swiss non-profit organization dedicated to supporting people with disabilities by providing financial assistance for holidays and leisure activities. The foundation fills a social gap by enabling those who cannot afford recreational time to enjoy improved quality of life. The website reflects a focused mission with clear messaging, targeting individuals with disabilities and their supporters within Switzerland. The organization maintains a credible market position as a niche non-profit with recognized certifications such as ZEWO. Technically, the website is built on modern frameworks including Vue.js and Nuxt.js, with integrations for analytics and media content. The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some accessibility features could be enhanced. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, but lacks a public security policy or vulnerability disclosure. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable digital presence for the foundation.

Sportabzeichen-Digital is a German digital platform dedicated to managing and facilitating the German Sports Badge program. It provides users with registration, login, and access to sport badge events and information, targeting sports participants and organizers within Germany. The platform leverages modern web technologies such as Nuxt.js and Vue.js and is hosted on Hetzner infrastructure, ensuring reliable performance and availability. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, including opt-in for analytics via Matomo. Security posture is adequate with HTTPS enforced and anti-bot measures in place, though improvements are recommended in implementing security headers and publishing incident response information. Overall, the website is professional, user-friendly, and trustworthy, serving a niche sports community effectively.

K

Kontainer

kontainer.com

62

Kontainer is a Denmark-based technology company specializing in digital asset management, product information management, and image bank solutions. Established in 2000, it serves businesses seeking efficient digital content management through a B2B SaaS platform. The website reflects a professional and consistent brand image with a focus on user experience and mobile responsiveness. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, ensuring a contemporary and performant digital presence. Security posture is solid with HTTPS enabled and domain protections in place, though improvements like DNSSEC and explicit security policies could enhance trust further. Overall, Kontainer presents a credible and mature digital footprint suitable for its market segment.

Orms is a London-based architecture firm focused on delivering ultrapractical, deeply functional, and generous architectural solutions. Their website reflects a professional and modern digital presence built with Nuxt.js and Tailwind CSS, targeting clients seeking architectural design and consultancy services. The firm positions itself as an established player in the real estate sector with a clear focus on quality and client engagement. Technically, the website is well-structured, mobile-optimized, and uses modern frameworks, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data and domain registration details introduces some trust concerns, though the website content and contact information support business credibility. Overall, the site is professional but would benefit from enhanced privacy compliance and security best practices.

N

Nasjonalmuseet

nasjonalmuseet.no

74

Nasjonalmuseet is Norway's largest national museum dedicated to art, architecture, and design, offering extensive collections from antiquity to modern times. The institution serves a broad audience including the general public, families, researchers, and art enthusiasts, operating primarily as a government-funded cultural entity. The website reflects a professional and comprehensive digital presence with clear navigation, multilingual support, and a strong emphasis on privacy and user consent. Technically, the site leverages modern frameworks such as Vue.js, is hosted on Microsoft Azure, and integrates multiple analytics and marketing tools while maintaining GDPR compliance through a detailed cookie consent mechanism. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates a mature digital infrastructure suitable for a large government cultural institution, with good privacy and security practices, and a high level of trustworthiness.

1

10dencehispahard, S.L.

eumiesawards.com

49

EUmies Awards is a specialized platform dedicated to promoting excellence in European architecture through awards, exhibitions, and related cultural events. The organization operates primarily in Spain and targets architecture professionals, emerging talents, and cultural institutions. The website serves as a comprehensive resource for award procedures, jury information, and event dissemination. Technically, the site is built on WordPress with modern technologies such as Vue.js and D3.js, optimized for SEO and mobile responsiveness. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though improvements like DNSSEC and security headers are recommended. Overall, the site demonstrates a professional and trustworthy presence with strong compliance to privacy regulations.

S

Sanitas

sanitas.com

63

Sanitas is a leading Swiss health insurance provider offering a range of basic and supplementary insurance plans tailored for private customers. The website demonstrates a mature digital presence with modern technologies such as Vue.js and comprehensive privacy and cookie management, reflecting compliance with GDPR. The site is well-structured, mobile-optimized, and professionally designed, targeting private customers in Switzerland with clear service offerings and customer support pathways. Security posture is strong with HTTPS enforcement and security headers, though public security policies and incident response details are absent. WHOIS data is unavailable, which slightly impacts trust but does not detract from the overall legitimacy of the business as evidenced by the professional website and comprehensive policies.

E

Energie 360° AG

energie360.ch

73

Energie 360° AG is a Swiss energy company specializing in the supply of renewable and sustainable energy solutions, including integrated mobility services. The company positions itself as a key player in Switzerland's energy transition, offering a broad range of environmentally friendly products and services. Their website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to Swiss customers interested in sustainable energy and mobility. Technically, the site employs modern technologies such as Vue.js and integrates consent management and analytics tools to ensure compliance and user tracking. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness.

Davos Klosters is a prominent tourism organization promoting holidays and outdoor activities in the Swiss Alps, specifically in the Graubünden region. The website offers comprehensive information and booking options for skiing, hiking, biking, and cultural events, targeting tourists seeking alpine experiences. The company holds a strong market position as a leading alpine destination with a professional online presence and integrated e-commerce capabilities. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although dedicated security and incident response policies are not explicitly found on the site. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professional, and well-aligned with its business goals.

H

HEK (Haus der Elektronischen Künste)

hek.ch

61

HEK (Haus der Elektronischen Künste) is a well-established Swiss cultural institution and museum specializing in digital and electronic arts. It serves as a platform for interdisciplinary projects, exhibitions, and workshops, connecting art, science, and technology. The website reflects a professional and modern digital presence with multilingual support and a rich program offering. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good performance and mobile optimization. Security posture is strong with HTTPS, security headers, and privacy compliance including cookie consent mechanisms. However, some areas like explicit security policies, incident response contacts, and terms of service are missing or not publicly visible. Overall, the domain registration and website content align well, indicating a legitimate and trustworthy entity.

C

Home – catapult

catapultbasel.ch

56

The website catapultbasel.ch represents a youth-focused funding platform based in Basel, Switzerland. It aims to support young people by providing a platform for project submissions and community engagement. The site is built using modern web technologies including Vue.js and Nuxt.js, with multimedia support via Video.js and audio recording libraries. Google Analytics is used for visitor tracking, though no visible consent mechanism is present. The website content is primarily in German and targets the local youth demographic. Security posture is basic with no advanced headers or policies detected, and privacy compliance is minimal due to the absence of privacy and cookie policies. WHOIS data confirms the domain's legitimacy and local registration, supporting the trustworthiness of the platform.

S

Swiss Golf

swissgolf.ch

50

Swiss Golf is the official umbrella organization for golf sports in Switzerland, providing comprehensive services including player development, tournament organization, and sustainability initiatives. The website is well-structured, professionally designed, and targets golf players and enthusiasts across all levels in Switzerland. It features clear navigation, rich content, and strong branding supported by reputable sponsors such as Rolex and Helsana. Technically, the site uses modern JavaScript frameworks like Vue.js and libraries such as Axios and Chart.js, ensuring a dynamic and interactive user experience. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Security-wise, the website enforces HTTPS and implements a cookie consent mechanism, but lacks visible security headers and an explicit security policy or incident response contact. The WHOIS data aligns well with the website's claims, indicating a trustworthy domain registration. Overall, the site scores highly on content quality, business credibility, and privacy compliance, with minor technical and security enhancements recommended.

K

KAWAHARA KRAUSE ARCHITECTS

kawahara-krause.com

62

KAWAHARA KRAUSE ARCHITECTS is a small, specialized architectural practice based in Germany, founded in 2007. The firm offers architectural design services, academic research, exhibitions, and publications, targeting clients interested in innovative and contextually rich architecture. The website is professionally designed using modern technologies such as Nuxt.js, Vue.js, Tailwind CSS, and Sanity CMS, providing a good user experience and mobile optimization. However, the site lacks explicit privacy and cookie policies, contact information, and security headers, which are important for compliance and security. The domain registration is consistent with the business claims, indicating legitimacy and stability. Overall, the website is safe, professional, and moderately secure but would benefit from enhanced privacy compliance and security practices.

A

Afeefa - Digitaler Zusammenhalt e.V.

afeefa.de

48

Afeefa - Digitaler Zusammenhalt e.V. operates a non-profit digital platform focused on social integration and community engagement in Leipzig, Germany. The website provides multilingual access to information about social services, volunteer opportunities, and local offers for people with diverse backgrounds. The platform positions itself as a local community hub fostering inclusion and participation. Technically, the website uses modern frontend technologies such as Vue.js and MapLibre GL for interactive maps, indicating a moderate level of digital maturity. However, the site lacks visible security headers and explicit privacy or cookie consent mechanisms, which are areas for improvement. Social media presence on Instagram and Facebook supports community outreach. Overall, the security posture is basic with no critical vulnerabilities detected but improvements are recommended to enhance compliance and trust. The domain registration data is consistent and supports the legitimacy of the website. Strategic recommendations include implementing security headers, cookie consent, and clearer contact information to improve user trust and regulatory compliance.

Cowiki is a non-profit project affiliated with anstiftung and the Verbund offener Werkstätten, providing a structured knowledge base platform aimed at supporting open workshops and collaborative communities in Germany. The website serves as a community resource with links to partner organizations and open source code repositories, reflecting a niche market position focused on knowledge sharing and collaboration. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates Umami Analytics for minimal user tracking, indicating a moderate level of digital maturity. The website is accessible, mobile-optimized, and presents a consistent brand image aligned with its non-profit mission. Security posture is moderate with HTTPS implied but lacking explicit security headers and published security policies. Privacy compliance is basic, with a privacy policy linked externally but no cookie consent mechanism detected. Overall, the site is trustworthy and safe for general audiences, with no adult or questionable content detected.

N

NDK Wurzen

leerstellen-lkl.de

47

The website leerstellen-lkl.de is a well-structured non-profit project focused on documenting cases of right-wing violence in the Leipzig district. It provides a digital memorial and educational resource through a web documentary, peer networks, and workshops primarily targeting youth and affected communities. The project is funded by reputable organizations and operated by NDK Wurzen, indicating a credible and mission-driven initiative. Technically, the site uses modern frameworks like Nuxt.js and Vue.js, ensuring a responsive and user-friendly experience, though some improvements in accessibility and SEO could be made. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. Overall, the site is trustworthy, professional, and safe for general audiences.

N

Niedersächsische Lotto-Sport-Stiftung

lotto-sport-stiftung.de

56

The Niedersächsische Lotto-Sport-Stiftung is a regional non-profit foundation focused on promoting sports and the integration of people with migration backgrounds in Lower Saxony, Germany. The website serves as an information and engagement platform, offering news, project details, funding opportunities, and community initiatives. It targets local organizations, sports clubs, and integration stakeholders. The foundation maintains a professional online presence with clear branding and consistent messaging aligned with its mission. Technically, the website employs modern web technologies including Vue.js and Bootstrap, with performance and mobile optimization rated as good. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. However, some technical improvements are possible, such as implementing security headers and a cookie consent mechanism to enhance GDPR compliance. From a security perspective, the site uses HTTPS with a strong SSL configuration and no visible vulnerabilities in the HTML content. The absence of explicit security policies or incident response contacts suggests room for maturity in security governance. Overall, the domain registration data aligns well with the foundation's identity, supporting legitimacy and trustworthiness. The website is safe for general audiences, containing no adult or explicit content. It provides valuable resources and engagement channels for its community. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and adding cookie consent to improve compliance and user trust.

S

Schweizer Tourismus-Verband

stv-fst.ch

62

The Schweizer Tourismus-Verband website represents a national umbrella organization for the Swiss tourism sector, focusing on interest representation and networking within the hospitality industry. The website content is primarily in German and targets tourism stakeholders in Switzerland. The business model is that of a membership and advocacy association with a medium-sized organizational footprint. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Tailwind CSS for styling, indicating a contemporary digital infrastructure. Performance and mobile optimization are good, though accessibility features are basic. Security posture is moderate, with HTTPS presumably enabled but lacking explicit security headers and policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy disclosures.

T

Toto-Lotto Niedersachsen GmbH

lotto-niedersachsen.de

53

LOTTO Niedersachsen operates as the official state-licensed lottery provider for Lower Saxony, Germany, offering a broad portfolio of lottery games including LOTTO 6aus49, Eurojackpot, and others. The company positions itself as a premium provider, emphasizing security, trust, and responsible gambling. The website is professionally designed, mobile-optimized, and provides comprehensive information about lottery products, results, and services such as subscription play and community participation. Technically, the site leverages modern frameworks like Nuxt.js and Vue.js, uses Cloudflare DNS, and integrates Piwik PRO for analytics with a cookie consent mechanism, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and trust seals displayed, though explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, compliant with GDPR, and targets adult users with clear age restrictions.

Q

Querfeld's Wiener Kaffeehaus GesmbH

cafe-wien.at

66

Querfeld's Wiener Kaffeehaus GesmbH operates an e-commerce platform dedicated to selling gift vouchers for its chain of cafés and restaurants in Vienna, Austria. The website offers a user-friendly interface with multiple voucher categories, a voucher value checking feature, and digital delivery options. The business targets general consumers looking to gift hospitality experiences. The company is positioned as a reputable regional hospitality brand with a medium-sized operation and consistent branding across its digital presence. Technically, the website employs a modern technology stack including Vue.js, jQuery, and various tracking and analytics tools such as Google Analytics, Facebook Pixel, and eTracker. It uses the Incert e-commerce system, which is specialized for tourism and hospitality sectors. The site is mobile-optimized and includes accessibility and SEO best practices, though accessibility could be further enhanced. From a security perspective, the site enforces HTTPS, implements cookie consent mechanisms via Klaro, and uses security headers to protect users. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which are recommended for improved security posture. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports the business model of online voucher sales for hospitality services. Strategic recommendations include publishing security policies, adding incident response contacts, and enhancing accessibility features to further strengthen trust and compliance.

A

Alcova

alcovamilano.com

61

Alcova is a specialized platform focused on design exhibitions and collaborations, primarily operating in Milan and Miami. It serves designers, companies, institutions, and researchers interested in the future of living and making. The platform organizes recurring international exhibitions and maintains a design shop for curated products. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, with a headless CMS (Directus) and Shopify integration for e-commerce. The site is performant, mobile-optimized, and professionally designed, though accessibility and SEO could be improved. Security posture is adequate with HTTPS enforced but lacks important security headers and published security policies. Privacy compliance is limited, with no cookie consent mechanism and only a basic privacy policy. Overall, the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

I

iart AG

iart.ch

11

iart AG is a Swiss-based innovative studio specializing in media architecture, creative engineering, and interactive visitor experiences. The company serves corporate clients, cultural institutions, and architectural sectors, positioning itself as a leader in digital and interactive architectural solutions. Their business model focuses on designing and building digital media architectures that create engaging multisensory experiences. The website reflects a mature and professional organization with strong market presence, evidenced by prestigious awards and notable clients such as Fondation Beyeler and CERN. Technically, the website is built on modern frameworks including Nuxt.js and Vue.js, powered by Craft CMS. It features embedded multimedia content, responsive design, and SEO best practices. The site loads quickly and is optimized for mobile devices, indicating a high level of digital maturity. From a security perspective, the site enforces HTTPS, implements standard security headers, and includes a cookie consent mechanism aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks explicit security policy and incident response disclosures, which could enhance trust and compliance. Overall, the website demonstrates a high level of professionalism, security, and compliance, with a strong business credibility score. Strategic recommendations include publishing security policies, incident response information, and adding a security.txt file to facilitate vulnerability reporting.

D

Dachstiftung der Christoph Merian Stiftung

dachstiftung-cms.ch

57

The Dachstiftung der Christoph Merian Stiftung (DS-CMS) is a well-established non-profit foundation based in Basel, Switzerland, managing 35 sub-foundations to fund social, cultural, and natural projects in the region. It serves as an efficient vehicle for donors to implement their philanthropic goals. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience of donors and project applicants. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, hosted likely by cyon AG, and uses Craft CMS for content management. Analytics are implemented via Google Tag Manager, indicating moderate user tracking. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is adequate with a clear privacy policy but lacks a cookie consent mechanism. Overall, the site is trustworthy and credible, aligned with its parent organization Christoph Merian Stiftung.

A

Afeefa - Digitaler Zusammenhalt e.V.

bunter-kompass-thueringen.info

54

Afeefa - Digitaler Zusammenhalt e.V. operates the website 'Afeefa - Bunter Kompass für Thüringen', a non-profit digital platform providing a comprehensive and accessible overview of services and offers for immigrants in the Thuringia region of Germany. The platform supports newcomers by listing language courses, counseling services, leisure activities, and other integration-related resources. It also facilitates community engagement by allowing users to submit their own offers. The website is positioned as a regional integration support tool with a clear focus on accessibility and up-to-date information. Technically, the website employs modern frontend technologies including Vue.js and MapLibre GL for interactive maps, along with Font Awesome for icons. The site demonstrates good mobile optimization and accessibility features, though performance is moderate and SEO optimization is basic. The absence of a CMS or hosting provider details limits deeper infrastructure insights. From a security perspective, the site uses HTTPS but lacks visible security headers and cookie consent mechanisms, indicating room for improvement in security best practices and privacy compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. WHOIS data is privacy protected, which is typical for non-profit organizations, but limits transparency. Contact information is clearly provided, enhancing trust. Overall, the website presents a professional and trustworthy platform for its target audience, with a solid business credibility score. Strategic recommendations include implementing cookie consent, enhancing security headers, and publishing security policies to improve compliance and security posture.

K

Karl der Grosse

karldergrosse.ch

60

Karl der Grosse is a well-established cultural and hospitality venue located in Zurich, Switzerland, offering a diverse range of services including a bistro, event space rentals, and a rich program of cultural events. The venue is municipally affiliated, enhancing its credibility and market position as a key cultural hub. The website reflects a professional and consistent brand image targeting a general audience interested in culture, dining, and event participation. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers implemented, though some compliance aspects like cookie consent and security policies could be improved. Overall, the site is trustworthy and professionally maintained, with moderate tracking and marketing tools in use.

R

rockit GmbH

rockit.at

44

rockit GmbH is a specialized TYPO3 CMS agency based in Vienna, Austria, offering comprehensive web development services including responsive design, accessibility, SEO, and GDPR-compliant solutions. The company holds certifications as TYPO3 integrators and serves a diverse client base including government and large organizations, positioning itself as a trusted technology service provider in the Austrian market. Their business model focuses on delivering tailored TYPO3 websites with ongoing maintenance and quality assurance. Technically, the website is built on a modern TYPO3 CMS platform with a rich technology stack including PHP, TailwindCSS, JavaScript frameworks like Vue.js and Alpine.js, and uses Matomo for privacy-conscious analytics. The site is well-optimized for mobile devices, accessibility, and SEO, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is room for improvement in publishing explicit security policies, incident response contacts, and implementing additional HTTP security headers. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy digital presence with strong compliance and technical maturity. The lack of WHOIS data limits domain trust verification but does not detract from the evident business legitimacy. Strategic recommendations include enhancing security header implementation and publishing formal security policies to further strengthen trust and compliance.

C

Christoph Merian Stiftung

cms-basel.ch

61

The Christoph Merian Stiftung is a well-established non-profit foundation based in Basel, Switzerland, focused on promoting social cohesion, cultural diversity, and environmental stewardship within the city. The foundation operates through project funding, real estate development, and managing cultural institutions such as a publishing house, museum, and gardens. Their website reflects a strong local presence and commitment to community engagement. Technically, the site is built on modern frameworks including Vue.js and Nuxt.js, powered by Craft CMS, and integrates Google Tag Manager for analytics. The site is performant, mobile-optimized, and accessible, with clear navigation and professional design. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements could be made by adding security headers and formal incident response policies. Privacy compliance is adequate with a comprehensive privacy policy but lacks an explicit cookie consent mechanism. Overall, the website and domain registration data align well, indicating a legitimate and trustworthy organization.

A

Alcova

alcova.xyz

53

Alcova is a specialized platform dedicated to designers, companies, institutions, and researchers focused on exploring the future of living and making. Established in 2018, it has positioned itself as an international platform hosting recurring exhibitions primarily in Milan and Miami, complemented by collaborations and a design shop. The website reflects a professional and consistent brand image, targeting a niche audience interested in design and art. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, integrates Shopify for e-commerce, and uses Directus as a headless CMS, indicating a mature and scalable digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though improvements in security headers and incident response disclosures are recommended. Privacy compliance is basic with a privacy policy present but lacking cookie consent mechanisms. Overall, the site is trustworthy, content-rich, and well-structured, supporting Alcova's market position as a credible design platform.

K

Kesselhaus Josephsohn

kesselhaus-josephsohn.ch

50

Kesselhaus Josephsohn is a small cultural institution based in Switzerland that operates as a museum, gallery, and exhibition space dedicated to the works of Hans Josephsohn. The website serves as a digital presence showcasing their exhibitions, artworks, and related events, targeting art enthusiasts and the general public interested in cultural activities. The business model revolves around art exhibition and gallery services, with a niche market position in the cultural sector. Technically, the website employs modern JavaScript frameworks such as Vue.js and uses lazy loading techniques for images to optimize performance. It integrates Matomo analytics for user tracking, indicating a moderate level of digital maturity with some privacy considerations. However, the site lacks comprehensive SEO and accessibility features and shows only basic mobile optimization. From a security perspective, the website is accessible without WAF or blocking mechanisms, but it lacks important security headers and does not display privacy or cookie policies, which are critical for GDPR compliance. No contact information or incident response channels are provided, limiting transparency and trust. The SSL configuration could not be verified from the provided data, which is a potential risk. Overall, the website is functional and professionally designed but requires improvements in security posture, privacy compliance, and contact transparency to enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and providing clear contact information for users and security incidents.

S

Stiftung Sitterwerk

sitterwerk.ch

51

Stiftung Sitterwerk is a Swiss non-profit cultural foundation dedicated to supporting the arts through its art library, material archive, atelier house, and various cultural events and publications. The foundation targets artists, researchers, and the general public interested in cultural and artistic activities. The website reflects a well-structured and professionally designed platform using modern technologies such as Vue.js and Matomo analytics, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. Overall, the site is safe, trustworthy, and provides clear contact information, but could enhance compliance and security transparency.

V

von Bartha

vonbartha.com

49

von Bartha is a well-established Swiss art gallery specializing in contemporary and modern art, operating since 1970 with locations in Basel and Copenhagen. The gallery represents a diverse roster of artists and hosts exhibitions, fairs, and publishes related materials. The website reflects a professional and polished digital presence, leveraging modern web technologies such as Nuxt.js and Vue.js, ensuring fast performance and excellent mobile optimization. Security posture is solid with HTTPS and no obvious vulnerabilities, though improvements in security headers and incident response transparency are recommended. Privacy compliance is good with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a gap. Overall, the website is trustworthy and serves its target audience effectively.

C

Cartoonmuseum Basel

cartoonmuseum.ch

62

The Cartoonmuseum Basel is a specialized cultural institution in Switzerland dedicated exclusively to the art of narrative drawing, including cartoons, comics, and graphic novels. It holds a unique market position as the only Swiss museum focused on this art form, offering exhibitions, educational programs, events, and a shop. The website reflects a professional and well-structured digital presence, targeting art enthusiasts, educational institutions, and the general public interested in narrative art. The museum operates as a non-profit entity with a clear focus on cultural education and community engagement. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, with Craft CMS likely used as the content management system. It demonstrates good performance, mobile optimization, and accessibility. The site uses Google Analytics for visitor tracking and Campaign Monitor for newsletter management. Security best practices are observed, including HTTPS enforcement and secure form handling, although there is room for improvement in cookie consent mechanisms and explicit security policy disclosures. From a security standpoint, the site has a solid posture with appropriate security headers and no visible vulnerabilities or exposed sensitive data. The WHOIS data confirms the legitimacy of the domain registration, matching the museum's identity and location in Switzerland. No WAF or blocking mechanisms interfere with content accessibility, allowing full analysis. Privacy compliance is adequate with a comprehensive privacy policy, though cookie consent could be enhanced. Overall, the Cartoonmuseum Basel website is a trustworthy, professional, and well-maintained digital asset supporting the museum's mission. Strategic recommendations include implementing explicit cookie consent, publishing a security and incident response policy, and considering a vulnerability disclosure statement to further enhance trust and compliance.

K

Kanton Basel-Landschaft

bl.ch

58

Kanton Basel-Landschaft operates an official government website serving the residents and stakeholders of the Basel-Landschaft canton in Switzerland. The site provides governmental information, public services, and news updates relevant to its audience. The website is built using modern web technologies such as Nuxt.js and Vue.js, with a responsive design and good user experience. Security posture is adequate with HTTPS enabled and no visible exposed sensitive data, but lacks explicit security headers and formal security policies. Privacy compliance is limited due to the absence of clear privacy and cookie policies. Overall, the website is trustworthy and professional, reflecting its governmental nature.

R

Radio X

radiox.ch

58

Radio X is a well-established community radio station based in Basel, Switzerland, focusing on youth and cultural programming. It serves a diverse audience locally and internationally via multiple broadcast channels including DAB+, FM, cable, and internet streaming. The station relies heavily on volunteer broadcasters and offers a wide range of specialty shows, podcasts, and live events, positioning itself as a key cultural media player in the region. Technically, the website is built using modern web technologies such as Vue.js and Adobe Experience Manager, with integration of Google Analytics and Tag Manager for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and rich content. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS, includes important security headers, and does not expose sensitive data. However, it lacks explicit security or incident response policies publicly available. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, Radio X demonstrates a mature digital presence with strong community engagement and trustworthy operations. Strategic improvements could focus on enhancing accessibility, publishing security policies, and providing clearer contact information to further strengthen trust and compliance.

BGO Living is a Canadian property management company specializing in residential apartments and townhomes across multiple provinces. The company emphasizes exceptional resident service, community engagement, and environmental responsibility, managing over 45 rental communities. Their website reflects a professional and modern digital presence built on Vue.js and the Rentsync platform, with good mobile optimization and accessibility features. Privacy and cookie compliance are well implemented with clear policies and user consent mechanisms. Security posture is moderate with room for improvement in HTTP security headers and explicit incident response information. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the professional content and external references. Strategic recommendations include enhancing security headers, verifying SSL configuration, and publishing explicit security policies to improve trust and compliance.

Z

ZoomDesign

zoomdesign.ch

48

ZoomDesign is a Swiss agency specializing in design, web development, and communication services based in Geneva. The website presents a professional image with a modern tech stack including Vue.js and popular JavaScript libraries, indicating a contemporary digital infrastructure. However, the site lacks explicit privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is moderate with no visible security headers or incident response information, and no vulnerability disclosure mechanisms are present. Overall, the site is functional and professional but would benefit from enhanced privacy and security features to improve compliance and trustworthiness.

S

sayanythingstream.com

sayanythingstream.com

56

The website sayanythingstream.com appears to be a newly registered domain (April 2023) with minimal publicly accessible content. The site uses modern JavaScript frameworks such as Vue.js and Nuxt.js and is delivered via a fast CDN, indicating a contemporary technical infrastructure. However, the website lacks substantive business information, contact details, and any visible privacy or security policies, which limits its credibility and trustworthiness. Security posture is basic with HTTPS enabled but no advanced security headers or DNSSEC. Advertising and tracking scripts are present but without clear privacy compliance mechanisms. Overall, the site is accessible and safe but lacks maturity and transparency.

V

Verkehrsbetriebe Biel

vb-tpb.ch

61

Verkehrsbetriebe Biel (VB) operates as a regional public transportation provider in Switzerland, primarily serving the Biel area with bus, trolleybus, and cable car services. The website offers comprehensive information on schedules, tickets, and current operational updates, targeting local commuters and residents. The company maintains a consistent brand presence and active social media channels to engage its audience. Technically, the website employs modern JavaScript frameworks such as Vue.js and jQuery, alongside libraries like Axios and Slick Carousel, indicating a contemporary and interactive user experience. The use of Wagtail CMS is evident, supporting content management and digital maturity. Performance and mobile optimization are good, though accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, explicit security headers and incident response policies are not visible, and no vulnerability disclosure or security.txt files are present. Tracking technologies include Google Analytics and Facebook Pixel, with moderate user tracking levels balanced by privacy compliance. Overall, the website is professional, trustworthy, and well-suited for its public transportation business model. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen its posture and user trust.

D

Domains By Proxy, LLC

mytoggle.io

47

The website at mytoggle.io currently serves a 404 error page, indicating that the requested content is not available. The domain is registered through a privacy protection service, Domains By Proxy, LLC, which obscures the true registrant details. The site uses modern frontend technologies such as Vue.js and Bootstrap, hosted on AWS infrastructure, but lacks meaningful business content or contact information. There are no visible privacy, cookie, or terms of service policies, and no security policies or incident response information is provided. The absence of DNSSEC and security headers, combined with the use of privacy protection and lack of business transparency, lowers the trustworthiness of the domain. Overall, the site is non-functional and provides no business or security assurances.

W

Wellbeing Economy Alliance

weall.org

53

Wellbeing Economy Alliance (WEAll) is a UK-registered non-profit organization established in 2011, focused on transforming the economic system towards a wellbeing economy that prioritizes people and planet. The website serves as a hub for changemakers, governments, businesses, and organizations to collaborate, access resources, and participate in advocacy and education efforts. WEAll maintains a strong market position with over 500 member organizations and multiple national governments involved. Technically, the website is built on WordPress with modern JavaScript frameworks and libraries, offering a good user experience with mobile optimization and moderate performance. Security practices include HTTPS, GDPR-compliant cookie consent, and use of reCAPTCHA, though improvements such as DNSSEC and security headers are recommended. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it lacks explicit terms of service and direct contact emails or phone numbers.

C

Center RS za poklicno izobraževanje

nrpslo.org

66

The website www.nrpslo.org serves as the national information center for vocational qualifications in Slovenia, operated by the Center RS za poklicno izobraževanje. It provides comprehensive resources and services related to the validation and verification of non-formally acquired knowledge through the NPK system. The site targets candidates, advisors, commissions, and vocational education providers, positioning itself as an authoritative government-supported portal in the education sector. Technically, the website employs modern web technologies including Bootstrap, Vue.js, jQuery, and several UI libraries, indicating a mature and maintainable infrastructure. The presence of cookie consent mechanisms and privacy policies reflects a good level of digital maturity and compliance with GDPR requirements. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and implements cookie consent, but lacks explicit security headers and incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable or privacy-protected, which is common for governmental or public institutions, and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and maintaining up-to-date third-party libraries to further strengthen security posture.