Security Directory

O

OST – Ostschweizer Fachhochschule

ost.ch

0

OST – Ostschweizer Fachhochschule is a regional Swiss educational institution offering forward-looking degree programs, research, and continuing education across multiple campuses. The website demonstrates a mature digital infrastructure leveraging TYPO3 CMS and integrates multiple reputable analytics and marketing platforms such as Google Analytics, Hotjar, and Microsoft Bing. Privacy compliance is robust, with a detailed cookie consent mechanism and a comprehensive privacy policy in German, indicating GDPR adherence. Security posture is strong with HTTPS enforcement, security headers, and Cloudflare CDN usage, though explicit security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and well-optimized for users, with no critical vulnerabilities or suspicious content detected.

S

Scuola universitaria professionale della Svizzera italiana (SUPSI)

supsi.ch

0

The Scuola universitaria professionale della Svizzera italiana (SUPSI) is a recognized Swiss professional university offering Bachelor, Master, and continuing education programs. The website reflects a well-established educational institution with a strong market position in Switzerland's higher education sector. It targets students, professionals, and regional stakeholders with a comprehensive range of academic and research services. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies such as React and Bootstrap, and integrates Matomo for analytics. The site demonstrates good performance, mobile optimization, and accessibility standards. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with cookie consent mechanisms and privacy policies, although explicit security and incident response policies are not prominently published. Overall, the site is professional, trustworthy, and well-maintained, with a high legitimacy score based on WHOIS data and content alignment.

M

Mt Pelerin Group Ltd

mtpelerin.com

0

Mt Pelerin Group Ltd is a Swiss fintech company specializing in cryptocurrency exchange, mobile wallet services, and asset tokenization. The company positions itself as a trusted Swiss gateway to the crypto world, offering services such as buying, selling, swapping cryptocurrencies, and providing a crypto-fiat gateway for businesses. Their Bridge Wallet app enhances user control over crypto assets, and their Bridge Protocol enables security token issuance on public blockchains. The company enjoys a strong market presence with multiple partnerships and positive customer reviews, supported by a comprehensive multilingual website and active social media channels. Technically, the website employs modern web technologies including JavaScript frameworks, Bootstrap, and lazy loading for performance optimization. The site is mobile-optimized, SEO-friendly, and integrates Google Tag Manager for analytics. Security-wise, the site enforces HTTPS and links to a bug bounty program, indicating a proactive security posture. However, explicit security policies and incident response contacts are not prominently published. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency. Despite this, the website content, business registration references, and external trust signals strongly support the legitimacy of the business. Overall, the website is professional, secure, and compliant with privacy regulations, making it a reliable platform for cryptocurrency services. Strategic recommendations include publishing detailed security policies, adding a security.txt file for vulnerability disclosures, and maintaining vigilance on third-party script security to further enhance trust and security posture.

B

BlogaTech AG

ajuna.io

0

Ajuna.io is a blockchain gaming platform operated by BlogaTech AG, focusing on creating a future for gaming through blockchain technology. The platform offers a suite of products including NFT-based games (AAA), a crosschain gasless NFT marketplace (Wildcard), and an SDK for game developers integrating blockchain features. It also operates dedicated parachains on the Polkadot and Kusama networks, leveraging Trusted Execution Environments for performance and security. The company targets blockchain game developers, gamers, and NFT enthusiasts, positioning itself as an innovative player in the web3 gaming ecosystem. Technically, the website is built on Webflow CMS with modern web technologies such as Google Fonts and JavaScript libraries. It includes a cookie consent mechanism indicating some level of privacy compliance. The site is mobile-optimized and provides clear navigation and professional design. However, the absence of a visible privacy policy and terms of service reduces compliance transparency. WHOIS data is unavailable, limiting domain trust assessment. Security posture is moderate with HTTPS implied but no explicit security headers detected. No vulnerability disclosure or incident response information is provided. The site links to multiple social media and community platforms, enhancing engagement and trust. Overall, the platform appears legitimate and professionally presented but would benefit from improved transparency and security practices. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, providing vulnerability disclosure channels, and improving WHOIS transparency to enhance trust and compliance.

B

Bitcoin Suisse AG

bitcoinsuisse.com

0

Bitcoin Suisse AG is a Swiss-based premium crypto finance service provider established in 2016. The company positions itself as a leading player in the Swiss crypto finance market, offering a cohesive product suite and expert client services tailored for crypto investors and institutions. The website reflects a modern technical infrastructure built on React and Next.js frameworks, hosted on Azure, with a professional design and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but could improve transparency and security documentation to enhance trust.

A

Aleph Zero Foundation

alephzero.org

0

Aleph Zero Foundation operates a cutting-edge blockchain platform focused on privacy and scalability, targeting developers and enterprises in the Web3 space. The website reflects a mature digital presence with comprehensive ecosystem support and partnerships with notable organizations such as Deutsche Telekom and Nasdaq. Technically, the site employs modern web technologies, including Google Tag Manager and Hotjar for analytics, and is hosted via Cloudflare ensuring good performance and security. The security posture is strong with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is well addressed with a visible cookie consent mechanism and a privacy policy linked in the documentation. Overall, the site is professional, trustworthy, and well-structured, supporting Aleph Zero's position as an enterprise-grade blockchain solution.

R

Rainfall Inc.

rainfall.one

0

Rainfall Inc. operates a privacy-focused, decentralized personal AI platform that empowers users to control and monetize their personal data securely. The company targets individuals concerned with data privacy and the benefits of AI, positioning itself as an emerging player in the personal AI and data sovereignty market. The website is professionally designed with clear messaging, an invite-only waitlist, and multiple user engagement points such as contact forms and social media links. Technically, the site uses modern frontend technologies including React and Font Awesome, hosted with Google Domains DNS services. Analytics are implemented via Google Tag Manager and Google Analytics, with basic cookie consent mechanisms in place. Security posture is moderate with HTTPS enforced and privacy-by-design principles stated, but lacks DNSSEC and security headers, and no formal security or incident response policies are published. The domain is privacy protected but legitimately registered since 2019, consistent with a startup profile. Overall, the site is trustworthy, safe, and professionally maintained, though improvements in security transparency and DNS security are recommended.

Polkadot is a leading blockchain platform focused on interoperability, scalability, and security for Web3 applications. It offers a multi-chain network enabling developers and users to build and participate in decentralized ecosystems. The platform is supported by a strong community, developer tools, and governance via DAO structures. Technically, the website leverages modern frameworks such as Next.js and React, hosted on AWS infrastructure, with integrated analytics and consent management tools. Security posture is robust with HTTPS, domain transfer protections, and a public bug bounty program, though DNSSEC is not enabled and no security.txt file is published. Overall, the site is professional, well-structured, and compliant with privacy regulations, reflecting a mature and credible business entity.

D

Decentralized Security AG

chainsecurity.com

0

ChainSecurity, operated by Decentralized Security AG, is a Swiss-based company specializing in smart contract audits and blockchain security consulting. Since 2017, it has established itself as a trusted partner for leading DeFi protocols, central banks, and international corporations. The company offers comprehensive smart contract auditing services, leveraging expertise in decentralized finance and blockchain technology to ensure security and reliability for its clients. The website reflects a professional and well-branded digital presence, emphasizing transparency through public audit reports and client testimonials. Technically, the website is built on the Webflow CMS platform, utilizing modern JavaScript libraries such as jQuery, GSAP, and Swiper.js for enhanced user experience and interactivity. The site is well-optimized for mobile devices, loads quickly, and includes accessibility features. Security measures include HTTPS enforcement and the use of Google reCAPTCHA to protect forms, although explicit security headers and cookie consent mechanisms are absent. From a security posture perspective, the site demonstrates good practices but could improve by adding security headers, publishing a vulnerability disclosure policy, and implementing cookie consent to enhance privacy compliance. The absence of WHOIS data for the domain introduces some uncertainty regarding domain registration legitimacy, although the business content and client references strongly support its authenticity. Overall, ChainSecurity presents a credible and professional front in the blockchain security space, with recommendations to strengthen technical security and privacy compliance to further solidify trust and regulatory adherence.

Sygnum Bank is a pioneering regulated digital asset bank with Swiss and Singapore heritage, offering a comprehensive suite of crypto-related financial services including trading, custody, staking, tokenization, and asset management. Positioned as a trusted player in the digital asset economy, Sygnum targets institutional and retail investors seeking secure and compliant crypto banking solutions. The website reflects a mature digital presence with professional design, clear navigation, and extensive service descriptions. Technically, the site is built on WordPress with modern analytics and marketing integrations, ensuring good performance and SEO optimization. Security posture is strong with HTTPS, security headers, and consent management, though explicit security policies and incident response details are not publicly disclosed. WHOIS data is unavailable, which slightly impacts trust but is common in regulated financial sectors. Overall, Sygnum Bank demonstrates a solid business and technical foundation with room for enhanced transparency in security and contact information.

G

Gelato | Smart Wallets, Gasless UX & Rollups on One Platform

gelato.network

0

Gelato.cloud is a technology platform specializing in blockchain infrastructure, offering smart wallets, gasless user experiences, and rollup solutions supporting ERC-4337 and ERC-7702 standards across over 100 chains. The website is professionally designed using Framer and hosted via Cloudflare, indicating a modern and reliable technical infrastructure. However, the site lacks visible privacy, cookie, and terms of service policies, as well as contact information, which impacts its privacy compliance and business credibility scores. Security posture is generally good with HTTPS and registrar protections, but DNSSEC is not enabled, and security headers are not evident. Overall, the site is accessible without WAF challenges and presents safe, technology-focused content suitable for a general audience.

B

Binary Builders AG

join.builders

0

The Interchain Builders Program, operated by Binary Builders AG, is a specialized support initiative aimed at assisting Cosmos blockchain builders, including enterprises, Web3 startups, and digital innovators. The program offers technical guidance, ecosystem partnership introductions, and business strategy consulting to help projects reach mainnet launch and beyond. The website is professionally designed with consistent branding and clear navigation, targeting a technology-savvy audience within the blockchain ecosystem. The business operates from Switzerland and is supported by the Interchain Foundation, enhancing its credibility within the blockchain community. Technically, the website leverages modern web technologies including Astro framework and HubSpot for marketing and analytics. Google Analytics is used for user tracking, indicating moderate data collection practices. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is good with HTTPS enforced and no visible sensitive data exposure, but lacks some recommended security headers and explicit privacy or cookie policies. From a security perspective, the site shows a mature approach with no detected vulnerabilities or malicious content. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are important for transparency and trust in the blockchain space. The WHOIS data is privacy-protected, which is common and justified for this business type, though it limits direct registrant verification. Overall, the website presents a trustworthy and professional front for a niche blockchain support program. Strategic improvements in privacy compliance, security transparency, and incident response readiness would enhance trust and security posture further.

The Ethereum Foundation, registered as Stiftung Ethereum in Switzerland since 2014, operates the domain ethereum.foundation. The website appears to be built using modern web technologies such as Next.js and React, hosted on infrastructure involving AWS and OVH DNS services. However, the site content is minimal with no visible privacy, cookie, or terms of service policies, and lacks contact information or forms. This limits the user experience and compliance posture. Security-wise, the domain is registered transparently without privacy protection, but DNSSEC is not enabled and no security headers are detected, indicating room for improvement in security hardening. Overall, the site is accessible without WAF or blocking mechanisms but requires significant enhancements in content, privacy compliance, and security practices to meet professional and regulatory standards.

G

Givaudan

givaudan.com

0

Givaudan is a leading Swiss multinational company specializing in the manufacture of flavours, fragrances, and active cosmetic ingredients. It holds a dominant market position with approximately 25% market share in a CHF 17 billion industry. The company targets global, regional, and local food, beverage, consumer goods, and fragrance companies, operating primarily in a B2B model. The website reflects a mature digital presence with comprehensive business information, investor relations, sustainability initiatives, and career opportunities. Technically, the website is built on Drupal 10, leveraging modern web technologies including Coveo for search, Google Tag Manager for analytics, and UserWay for accessibility. The site is mobile optimized, accessible, and SEO friendly, with good performance and user experience. The presence of multiple localized domains indicates a global footprint. From a security perspective, the site enforces HTTPS and uses standard privacy and cookie compliance mechanisms. However, explicit security headers and published security policies are not evident, suggesting room for improvement in security posture transparency. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-maintained, supporting Givaudan's reputation as a global leader. The absence of WHOIS registration details limits domain trust analysis but does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and establishing a vulnerability disclosure program to further strengthen trust and compliance.

T

Tenity Group AG

tenity.com

0

Tenity Group AG operates a global innovation ecosystem and early-stage investment platform focused on fintech, insurtech, regtech, and adjacent technologies. The company provides incubation and acceleration programs, facilitating collaboration between startups, corporates, and investors. With hubs across Europe and Asia, and partnerships with major financial institutions and technology firms, Tenity positions itself as a key player in shaping the future of finance. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization. Technically, it leverages modern web technologies including Webflow CMS, HubSpot marketing tools, and Cloudflare security features. Security posture is strong with HTTPS and bot protection, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with cookie consent and a comprehensive privacy policy. However, the absence of WHOIS data raises questions about domain registration transparency. Overall, Tenity presents a credible and professional business with a solid digital footprint but could improve transparency in domain registration and security disclosures.

C

cloudlift

cloudlift.app

0

Cloudlift GmbH operates a Shopify-based e-commerce website offering specialized Shopify apps aimed at improving storefronts through personalized product upload and preview features, as well as B2B wholesale tools. The company targets Shopify merchants and e-commerce store owners, positioning itself as a niche technology provider within the Shopify ecosystem. The website demonstrates a good level of professionalism and branding consistency, leveraging modern web technologies and Shopify's platform capabilities to deliver a performant and user-friendly experience. Technically, the site is built on the Shopify platform using the Dawn theme and integrates several JavaScript libraries such as FilePond for file uploads, Doka for image editing, and Fabric.js for canvas manipulation. Hosting and content delivery are managed via Shopify's CDN, ensuring fast load times and good mobile optimization. SEO is supported through structured data (JSON-LD) and proper meta tags, while accessibility features are adequately implemented. From a security perspective, the site benefits from Shopify's robust HTTPS enforcement and platform security features. However, explicit security headers and published security policies are not evident in the content. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited due to the absence of visible privacy and cookie policies, which is a notable gap. Contact information for security incidents or general inquiries is also missing, reducing transparency. Overall, the website presents a moderate to high trust level with strong technical and security foundations but requires improvements in privacy compliance and contact transparency to enhance user trust and regulatory adherence.

The Interchain Foundation is a Switzerland-based non-profit organization founded in 2016 that stewards and funds the development of an interoperable decentralized blockchain ecosystem, primarily focused on the Cosmos network and related technologies. Their website clearly communicates their mission to support interoperable sovereignty, public goods development, and a future-proof decentralized tech stack. The foundation operates Cosmos Labs as a subsidiary to consolidate product, growth, and development efforts. Technically, the website is built on a modern React and Next.js stack, hosted and registered via Cloudflare, with excellent mobile optimization, accessibility, and SEO practices. Security posture is strong with HTTPS enforcement, security headers, and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No critical vulnerabilities or suspicious content were detected, and the WHOIS data aligns well with the organization's claims, indicating high legitimacy and trustworthiness.

P

pCloud International AG

pcloud.com

0

pCloud International AG operates a secure cloud storage platform primarily targeting European users, emphasizing privacy and data protection under Swiss law. The company offers encrypted cloud storage solutions with flexible plans including lifetime storage options and client-side encryption for enhanced security. Their market position is strong, with over 22 million users and a clear focus on GDPR compliance and European data sovereignty. The website is professionally designed, mobile-optimized, and provides comprehensive information about their services and security features. Technically, the site uses modern JavaScript frameworks, integrates payment gateways securely, and employs TLS/SSL encryption with additional client-side encryption options. Security posture is robust with HTTPS enforcement and use of reCAPTCHA, though explicit security policies and vulnerability disclosure mechanisms are absent. WHOIS data is unavailable, which is unusual but does not detract significantly from the company's legitimacy given the strong online presence and trust signals. Overall, pCloud presents as a credible, secure, and privacy-conscious cloud storage provider with a mature digital infrastructure.

S

Solidity Team

soliditylang.org

0

Soliditylang.org is the official website for the Solidity programming language, a statically-typed language designed for developing smart contracts on the Ethereum blockchain. The site serves a global developer audience, providing comprehensive documentation, blog updates, community forums, and event information. It is maintained by the Solidity Team and positioned as a leading technology resource in the blockchain and smart contract development space. The business model is open-source and community-driven, with no direct commercial transactions on the site. Technically, the website is built using modern web technologies including Next.js and Chakra UI, hosted on Amazon AWS infrastructure. The site is fast, mobile-optimized, accessible, and SEO-friendly. It uses HTTPS exclusively, ensuring secure communications. However, some security best practices such as DNSSEC and explicit security headers are not enabled, and there is no cookie consent mechanism or dedicated privacy policy page on the site itself. From a security perspective, the site demonstrates good maturity with a published security policy and clear vulnerability reporting instructions. The domain registration is consistent and trustworthy, with no suspicious patterns. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with the privacy policy hosted on GitHub rather than the main site, and no cookie consent mechanism present. Overall, soliditylang.org is a professional, trustworthy, and technically sound website serving a specialized developer community. Strategic improvements in privacy compliance and security headers would enhance its posture further. The site poses low risk and is a reliable resource for Ethereum smart contract developers.

D

Divio Technologies AB

divio.com

0

Divio Technologies AB operates as a Platform as a Service (PaaS) provider specializing in cloud infrastructure management and web application hosting for business-critical applications. The company positions itself as a reliable and secure partner offering affordable pricing, best-in-class cloud services, and comprehensive support. Their market presence is reinforced by ISO certifications and partnerships with industry leaders such as Cloudflare. The website targets businesses seeking scalable and secure cloud hosting solutions with a focus on ease of use and collaboration. Technically, Divio employs a modern technology stack including React, Node.js, and various backend frameworks such as Laravel and Symfony. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. Security is a core focus, with HTTPS enforced, multiple security headers, and adherence to ISO 27001/17/18 standards. The company also offers end-to-end encryption, backups, penetration testing, and disaster recovery as standard features. While the website demonstrates strong security posture and business credibility, the absence of WHOIS registration data introduces some uncertainty regarding domain legitimacy. No signs of WAF or content blocking were detected, allowing full content analysis. Privacy compliance is good but could be improved by adding a visible cookie consent mechanism and explicit vulnerability disclosure channels. Overall, Divio presents as a professional and trustworthy cloud service provider with robust security and compliance measures. Strategic recommendations include enhancing privacy transparency, publishing vulnerability disclosure policies, and improving WHOIS data visibility to strengthen trust further.

É

École Polytechnique Fédérale de Lausanne (EPFL)

scala-lang.org

0

The Scala Programming Language website represents a mature, well-established open-source technology project supported by the École Polytechnique Fédérale de Lausanne (EPFL) and major industry partners such as JetBrains, Gradle, and VirtusLab. The site provides comprehensive resources including documentation, tutorials, community engagement, and tooling for developers interested in Scala. The business model is community and sponsorship-driven, focusing on education and ecosystem growth. Technically, the site employs modern web technologies, is performant, mobile-optimized, and uses Cloudflare for DNS and CDN services. Security posture is strong with HTTPS enforced and domain transfer protections, though some improvements like DNSSEC and explicit security headers could be made. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is professional, trustworthy, and serves a global developer audience effectively.

mömax.ch is a professional e-commerce website specializing in furniture, home decoration, and kitchen products targeted primarily at the Swiss market. The site offers a broad product catalog with detailed listings, pricing, and images, supporting a strong retail presence both online and through physical stores. The website is well-branded and consistent with the mömax brand, which operates in multiple European countries. Technically, the site uses modern web technologies including React and Webpack, with integrated marketing and analytics tools such as Jentis and Neocom. The site is mobile-optimized and provides a good user experience with clear navigation and search capabilities. Security posture is solid with HTTPS enforced and secure login forms, though some security headers are not visibly implemented. Privacy compliance is limited as no explicit privacy or cookie policies were found in the provided content. Overall, the site is trustworthy and legitimate, with WHOIS data consistent with the business claims.

E

Eventbrite

eventbrite.ch

0

Eventbrite is a leading global technology company specializing in event management and online ticketing services. The Swiss localized site (eventbrite.ch) offers event discovery, creation, and ticket sales primarily targeting German-speaking users in Switzerland. The platform supports event organizers with marketing tools and payment processing, positioning itself as a comprehensive solution in the event technology market. The website demonstrates a mature digital infrastructure with modern technologies such as React, Google Analytics, and advanced consent management via Transcend. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the site reflects a professional, trustworthy, and user-friendly platform with extensive marketing and analytics integrations.

Möbel Hubacher is a Swiss furniture retailer operating under the Arco Regio AG umbrella and affiliated with the XXXLutz group. The company offers a broad selection of furniture and home decoration products, supported by services such as interior design consultation, a loyalty program, and additional customer conveniences. The website serves as a digital storefront and information hub, linking to the larger XXXLutz online shop and providing brochures, brand information, and service details. The target audience is general consumers seeking furniture solutions in Switzerland.

W

Worldline

saferpay.com

0

Worldline is a leading European payment services provider offering secure and modern electronic payment solutions, including Saferpay for online and mobile payments. The company targets merchants and e-commerce businesses, providing comprehensive payment processing services with a strong market position in Switzerland and globally. The website reflects a mature digital infrastructure leveraging Adobe Experience Manager and Adobe Analytics, with a focus on user experience and multilingual support. Security posture is strong with HTTPS enforcement, security headers, and consent management, though some improvements such as DNSSEC and vulnerability disclosure could enhance trust. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

W

Weidmüller

weidmueller.ch

0

Weidmüller is a well-established Swiss company specializing in industrial connectivity and automation solutions. With a history spanning over 175 years, it holds a strong market position in manufacturing and supplying electrical connection technology, electronics, and automation software primarily for industrial clients. The website reflects a mature digital presence with comprehensive product catalogs, solution offerings, and digital tools such as configurators and e-commerce integration. Technically, the site employs modern web technologies including Google Tag Manager and OneTrust for privacy compliance, and it is optimized for mobile and accessibility standards. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy or vulnerability disclosure page is absent. Overall, the domain registration and WHOIS data align well with the company's identity, supporting high legitimacy and trust. Strategic recommendations include publishing explicit security policies and incident response contacts to enhance transparency and trust further.

Weidmüller Schweiz AG is a well-established industrial connectivity company operating primarily in Switzerland with a global presence. The company specializes in connection technology, electronics, automation software, and related services, targeting industrial customers in sectors such as energy, transportation, and manufacturing. Their business model focuses on B2B manufacturing and distribution, supported by digital tools like the Weidmüller Configurator and a comprehensive e-commerce platform. The website reflects a mature digital infrastructure with modern technologies, responsive design, and good SEO practices. Security posture is strong, with HTTPS enforced, a PSIRT program in place, and cookie consent mechanisms implemented. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and other privacy standards.

C

CORE Association

corenic.org

0

CORE Association is a well-established not-for-profit registry service provider based in Switzerland, operating more than 25 top-level domains (TLDs) since 2001. The organization offers comprehensive services including registry management, registry software, consultancy, and brand development tailored to various types of TLDs such as open, community, geographic, brand, IDNs, and ccTLDs. Their clientele includes Fortune 500 companies, intergovernmental organizations, governments, and grassroots non-profits, positioning CORE as a trusted and experienced player in the domain registry industry. Technically, the website is built on WordPress CMS, utilizing standard web technologies such as jQuery and Google Tag Manager for analytics. The site demonstrates good mobile optimization, clear navigation, and professional design quality. Performance is moderate, with opportunities for improvement in accessibility and SEO. The technical infrastructure appears stable and appropriate for the organization's needs. From a security perspective, the site enforces HTTPS and domain registration statuses that prevent unauthorized changes. However, it lacks DNSSEC and important security headers, which are recommended to enhance DNS and web security. No critical vulnerabilities or exposed sensitive data were detected. Incident response contact is provided via a dedicated abuse/legal email address, but no formal security policy or vulnerability disclosure program is present. Overall, the website and domain registration data indicate a high level of legitimacy and professionalism. The absence of privacy and cookie policies is a notable compliance gap, especially under GDPR. Strategic improvements in security headers, DNSSEC, and privacy compliance would strengthen the organization's security posture and trustworthiness.

F

FehrAdvice & Partners AG

fehradvice.com

0

FehrAdvice & Partners AG is a Swiss-based consulting firm specializing in behavioral economics, helping organizations improve decision-making through evidence-based strategies. Established in 2009, the company offers services including customer strategy, corporate strategy, employee strategy, and citizen participation. Their market position is strong, supported by extensive project experience and a professional online presence. Technically, the website is built on WordPress with modern plugins and technologies, optimized for performance and mobile use. Security posture is solid with HTTPS, consent management, and no visible vulnerabilities, though DNSSEC and additional security headers could enhance protection. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the website reflects a credible, professional business with high trustworthiness and good digital maturity.

A

APU AG

apu.ch

0

APU AG is a Swiss-based manufacturer specializing in the development, production, and distribution of high-quality plastic plaster connection profiles for interior plaster, exterior plaster, and thermal insulation composite systems. The company targets primarily B2B customers in the construction and building materials sector, offering innovative and reliable system solutions with a longstanding market presence. The website reflects a professional and consistent brand image with clear business information and accessible legal documentation. Technically, the site is built on TYPO3 CMS with custom JavaScript and CSS, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though formal security policies and incident response contacts are absent. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Fermeria

fermeria.ch

0

Fermeria is a well-established online platform specializing in connecting individuals seeking or offering care-related services such as senior care, child care, household help, tutoring, specialist professions, and pet care. Operating primarily in Switzerland with sister sites across multiple European countries, Fermeria serves a broad audience with over 40,000 users. The platform offers free profile creation and job matching, positioning itself as a regional leader in care service marketplaces. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and reCAPTCHA, alongside a PHP-based backend framework (Nette). The site is mobile-optimized and demonstrates good SEO and accessibility practices. Security-wise, the site enforces HTTPS, uses CSRF tokens in forms, and provides cookie consent management, though it lacks explicit security headers and published security policies. Privacy compliance is strong, with clear GDPR-aligned privacy and cookie policies. Overall, Fermeria presents a professional, trustworthy, and user-friendly platform with moderate technical sophistication and a solid security posture.

RELUX Informatik AG is a well-established Swiss company specializing in lighting planning and product presentation software, with a strong focus on BIM solutions and manufacturer services. The company offers a range of software products, including the free-to-use ReluxDesktop, and supports its users with training, courses, and a comprehensive knowledge hub. Their market position is strong, supported by decades of experience and active participation in industry committees. Technically, the website is built on the Odoo CMS platform and integrates modern tracking and marketing tools such as Google Tag Manager, Facebook Pixel, and Hotjar. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements client transfer protection on the domain, but lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is partial, with a cookie policy and consent mechanism present but no explicit privacy policy page found. Overall, the website is trustworthy, professional, and safe for general audiences.

G

GWF AG

gwf-unimon.ch

0

Unimon GmbH, a subsidiary or brand under GWF AG, specializes in advanced water quality monitoring and management solutions. Their offerings include modular online monitoring systems, consulting, data analysis, and training services targeted at water utilities, industrial clients, and environmental authorities. The company has a strong market position supported by over 20 years of experience and partnerships with leading sensor manufacturers. The website reflects a mature digital presence built on WordPress with modern SEO and privacy compliance implementations. Security posture is strong with HTTPS, security headers, and CAPTCHA protections, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

N

NeoVac

neovac.ch

0

NeoVac is a Swiss-based company specializing in energy and water measurement, billing, monitoring, and secure plant construction. With a history spanning approximately 50 years, NeoVac serves business clients with a comprehensive suite of services including energy optimization, tank protection, and water technology solutions. The website is professionally designed, multilingual, and integrates modern technologies such as Alpine.js and Matomo analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and consent management implemented, though explicit security headers and detailed privacy policies are not evident in the provided content. Overall, the site demonstrates a high level of business credibility and technical competence, suitable for its B2B target audience.

S

Sontex SA

sontex.it

0

Sontex SA is a Swiss-based company specializing in innovative metering systems for energy and water resource management. The company offers a broad portfolio of products including thermal energy meters, heat cost allocators, electronic water meters, and radio communication modules. Their business model focuses on manufacturing, software solutions, and providing professional support to partners and customers. Sontex maintains a strong market position with international subsidiaries and a wide partner network. The website demonstrates a mature digital presence with multilingual support and professional branding. Technically, the site is built on WordPress with modern frameworks and includes SEO and accessibility considerations. Security posture is good with HTTPS and cookie consent mechanisms, though some improvements in security headers and library updates are recommended. Overall, Sontex SA presents a trustworthy and professional online presence aligned with its business operations.

S

Sontex SA

sontex.eu

0

Sontex SA is a Swiss-based company specializing in innovative measurement systems for energy and water resource optimization. The company offers a broad range of metering products including thermal energy meters, heat cost allocators, electronic water meters, and radio modules, supported by digital platforms such as My Sontex. Sontex maintains a strong international presence with subsidiaries and partners across Europe and beyond. The website reflects a professional and consistent brand image with comprehensive business and legal information, targeting energy suppliers, realtors, and building automation professionals. Technically, the site is built on WordPress with modern plugins and libraries, though some components like jQuery are outdated. Security posture is good with HTTPS and cookie consent mechanisms, but could be improved with updated libraries and enhanced security headers. Overall, the domain registration and WHOIS data align well with the business claims, indicating a legitimate and trustworthy entity.

G

GWF MessSysteme AG

infin.io

0

Infin.io is a digital ecosystem platform operated by GWF MessSysteme AG, a Swiss company founded in 2012. The platform focuses on linking physical measurement assets to data-driven tools, targeting industrial and infrastructure sectors. Their key services include portals, service integration, data connectivity, insights, and APIs, positioning them as a niche technology provider in smart infrastructure and industry. The website is professionally designed with good content quality and clear navigation, supporting a medium-sized business profile. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, GSAP animations, and Swiper.js for UI components. It is hosted on Microsoft Azure DNS infrastructure and built on Craft CMS. Performance and mobile optimization are good, though accessibility and SEO are basic. Security posture is solid with HTTPS enforced and secure forms, but lacks DNSSEC and security headers. No explicit security or incident response policies are published. Overall, the website and domain registration data indicate a trustworthy and legitimate business presence with moderate technical maturity. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. No suspicious or malicious indicators were found. Recommendations include enabling DNSSEC, adding security headers, and publishing security policies to enhance trust and compliance.

G

GWF AG

unimon.ch

0

Unimon GmbH, a subsidiary of GWF AG, specializes in advanced water quality monitoring and management solutions, targeting water utilities, industrial clients, and environmental authorities. The company offers modular online monitoring systems, consulting, implementation, and training services, leveraging IoT and real-time data analytics to enhance water safety and sustainability. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to its B2B audience. Technically, the site is built on WordPress with modern plugins and scripts, ensuring good performance and SEO optimization. Security measures include HTTPS, security headers, CAPTCHA protections, and cookie consent management, although a dedicated security policy and incident response information are absent. Overall, the site demonstrates a strong security posture and compliance with GDPR, supporting trustworthiness and business credibility.

G

GWF AG

gwf-hydropower.com

0

GWF AG operates a professional website focused on precision flow measurement solutions for hydropower plants and large-scale water applications. The company positions itself as an experienced and innovative provider with a global footprint and a history of product development since 2005. The website is well-structured, content-rich, and targets hydropower industry professionals and infrastructure managers. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie compliance, hosted on Azure DNS infrastructure. Security posture is good with HTTPS and CAPTCHA protections, though some security headers and explicit policies are missing. The WHOIS data shows inconsistencies with a future domain creation date, which raises concerns about domain legitimacy despite the professional appearance and external trust signals. Overall, the site is trustworthy and professional but would benefit from clarifying domain registration details and publishing formal security policies.

G

GWF AG

gwf-balance.com

0

GWF AG operates the GWF Balance platform, a technology-driven solution focused on reducing water network leakage and improving water utility efficiency. The company leverages advanced sensors, proprietary AI algorithms, and a data-rich platform to deliver measurable leakage reductions and operational savings. Positioned as a technology leader with a 125-year heritage, GWF AG targets water utilities and network operators globally, emphasizing sustainability and cost-effective interventions. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, integrated with Google Analytics and Tag Manager for tracking. The site employs robust cookie consent management via Borlabs Cookie and uses FriendlyCaptcha for form security. Hosting is supported by Azure DNS, and the site is served over HTTPS with good SSL configuration, ensuring secure communications. From a security perspective, the site demonstrates good practices including HTTPS enforcement, CAPTCHA on forms, and cookie consent compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly present and could be added to enhance security. No vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are comprehensive and GDPR compliant, supporting strong privacy posture. Overall, the website presents a professional, trustworthy, and technically sound digital presence for GWF AG. The domain is newly registered but consistent with the company's established business. Recommendations include enhancing security headers, publishing a dedicated security policy, and establishing incident response contact channels to further strengthen trust and compliance.

Z

Zendo Inneres Lind

zendo-inneres-lind.ch

0

Zendo Inneres Lind is a small Zen meditation center located in Winterthur, Switzerland, led by Kathrin Stotz Sensei. The website provides information about Zen meditation courses, workshops, and events following the Glassman-Lassalle Zen lineage. The business targets individuals interested in Zen practice without religious dogma, offering a community-oriented approach with experienced guidance. The market position is local and niche, focusing on spiritual and meditation services. Technically, the website is built on the Cloudrexx CMS platform and uses older JavaScript libraries such as jQuery 1.6.1 and Modernizr. The site includes responsive design elements but shows only basic mobile optimization and accessibility features. SEO is basic with proper meta tags but lacks advanced structured data or analytics integration. Performance is moderate with no evident critical errors. From a security perspective, the website lacks visible security headers and does not confirm HTTPS usage in the provided data. The use of an outdated jQuery version may expose the site to vulnerabilities. No privacy, cookie, or terms of service policies are present, indicating low privacy compliance. Contact information is limited to an email and physical address, with no phone or social media presence. No incident response or security policy information is available. Overall, the website is functional and provides relevant content for its audience but requires improvements in security posture, privacy compliance, and technical modernization to enhance trust and protect users. Strategic recommendations include implementing HTTPS, updating JavaScript libraries, adding privacy and cookie policies, and improving security headers and accessibility.

S

Sontex SA

sontex.ch

0

Sontex SA is a Swiss-based company specializing in innovative measurement systems for energy and water resource optimization. The company offers a range of products including thermal energy meters, heat cost allocators, electronic water meters, and data communication solutions. With a strong international presence supported by subsidiaries and partners, Sontex positions itself as a reliable provider of high-quality metering technology. The website reflects a mature digital infrastructure built on WordPress, incorporating modern web technologies and SEO best practices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms implemented, although explicit security policies and incident response details are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

GWF MessSysteme AG

gwf.ch

0

GWF MessSysteme AG is a well-established Swiss company specializing in innovative measurement systems for energy, water, and building technology sectors. With a history spanning over 125 years, the company has evolved from a manufacturer of gas and water meters to a system integrator offering digital and IoT solutions for smart cities, buildings, industries, and infrastructure. Their market position is strong in Switzerland with growing international presence supported by partnerships and service offices. The website reflects a mature digital infrastructure built on WordPress with modern SEO and accessibility practices. Security posture is robust with HTTPS, security headers, CAPTCHA protections, and cookie consent mechanisms in place. However, explicit security policies and incident response contacts are not publicly available, representing an area for improvement. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

Z

Die Website informiert über die Zen-Aktivitäten im zürcherischen Studentenheim Maximilianeum

zenimmax.ch

0

The website www.zenimmax.ch is a WordPress-based informational site dedicated to Zen activities at the Zurich student residence Maximilianeum. It offers details about daily meditation sessions, monthly courses, and related Zen community events. The site targets individuals interested in Zen practice within the Zurich area and operates as a small, community-focused entity without commercial intent. Technically, the site uses a modern WordPress CMS with the Astra theme and Google Fonts, providing a good user experience with mobile optimization and accessibility. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. The site links to partner Zen organizations, enhancing its community integration. Overall, the site is safe, professional, and relevant to its niche audience but would benefit from improved privacy compliance and security practices.

Z

Zen Integral

zen-integral.com

0

Zen Integral is a small Swiss-based coaching and seminar company specializing in Zen meditation, mindful self-development, and lucid dreaming. The company offers a range of services including individual coaching, open seminars, and tailored in-house corporate trainings. The website is professionally designed using WordPress and Elementor, integrating modern event management and e-commerce plugins to facilitate course bookings. The technical infrastructure is solid with HTTPS enabled and use of reputable plugins, though some security headers and DNSSEC are missing. Privacy compliance is good with a comprehensive privacy policy, but lacks a cookie consent mechanism despite using Google Analytics and Tag Manager. The business is credible with detailed background information, published works, and client logos. Overall, the website is trustworthy, content-rich, and well-positioned in its niche market.

W

Webnode AG

webnode.co.uk

0

Webnode AG operates a mature and professional website builder platform that enables users worldwide to create websites, blogs, and e-commerce stores with ease. The platform leverages modern technologies including AI to streamline website creation and offers localized support in multiple languages. The company has a strong market presence with over 50 million websites built, positioning itself as a reliable and user-friendly SaaS provider in the website building industry. Technically, the website is well-constructed using Angular framework, served via Amazon Cloudfront CDN, and integrates Google services for analytics and advertising. Security measures such as HTTPS, reCAPTCHA, and cookie consent mechanisms are implemented effectively, although explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates a high level of professionalism, accessibility, and compliance with privacy regulations, making it a trustworthy platform for its users.

G

Glassman-Lassalle Zen-Linie

zen-glassman-lassalle.ch

0

The website zen-glassman-lassalle.ch represents a small-scale spiritual and educational business focused on Zen meditation, retreats, and training in the Glassman-Lassalle tradition, primarily targeting a general European audience with a focus on Switzerland. The site offers information about courses, meditation sessions, and Zen teachings without commercial e-commerce features or extensive contact details beyond a contact form. Technically, the site is built on the Cloudrexx CMS platform and uses older JavaScript libraries such as jQuery 1.6.1, which may pose security risks. The site is moderately optimized for mobile and SEO, with a clear navigation structure and good content relevance. However, it lacks modern security headers and visible privacy or cookie policies, which impacts its privacy compliance and security posture. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences.

N

Nidecker SA

equip.sport

0

Equip Sport is a Switzerland-based company operating a premium sports equipment app that connects users to over 20,000 stations across Europe, enabling convenient access to sports equipment anytime and anywhere. The business targets sports enthusiasts and active individuals, leveraging a platform and mobile app business model. The company is relatively new, founded in 2022, and operates under the parent company Nidecker SA. The website is professionally designed with consistent branding and good content quality, supporting app downloads for iOS and Android platforms. Technically, the website is built on WordPress, utilizing modern technologies such as Google Tag Manager, Mapbox for location services, and Uberall's store finder widget. Hosting is provided by Infomaniak, a reputable Swiss hosting provider. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms compliant with GDPR. It uses reCAPTCHA to mitigate bot activity and integrates Google Analytics and Ads for tracking. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. No vulnerability disclosure or security.txt files are found, indicating an area for enhancement. Overall, Equip Sport presents a trustworthy and professional online presence with a solid technical foundation and compliance posture. Strategic improvements in security policy transparency, accessibility, and explicit contact information would further strengthen its risk profile and user trust.

A

AV WINDOWS & DOORS SOLUTIONS

fepo.ch

0

The website www.fepo.ch represents AV WINDOWS & DOORS SOLUTIONS, a small Swiss company specializing in manufacturing and servicing windows, doors, partition walls, and aluminium facades. The business targets residential and commercial property owners or builders seeking quality and durable building components. The site is professionally designed using Webflow CMS, with a clear navigation structure and good mobile optimization. However, it lacks privacy and cookie policies, which are critical for compliance with GDPR and other regulations. Technically, the website uses modern web technologies including Webflow, Google Fonts, and jQuery. Hosting is via Webflow's CDN, providing moderate performance. The site lacks advanced security headers and explicit incident response or security policies, indicating room for improvement in security posture. No analytics or tracking scripts beyond basic libraries were detected, suggesting minimal user tracking. Security-wise, the site enforces HTTPS and does not expose sensitive data in the HTML. However, the absence of security headers and formal policies reduces its security maturity. No vulnerabilities or suspicious content were found. The domain appears legitimate and consistent with a small regional business, though WHOIS data details were not provided for deeper analysis. Overall, the website is functional and professional but requires enhancements in privacy compliance, security headers, and incident response readiness to improve trust and regulatory adherence.

V

VISIONAPARTMENTS

visionapartments.com

0

VISIONAPARTMENTS is a professional serviced apartment provider offering fully furnished and equipped apartments primarily in European cities. The company targets both individual and business clients, providing flexible short-term and long-term rental options with modern amenities such as Wi-Fi, fitness centers, and 24/7 support. The website is built on modern technologies including Next.js and React, hosted with Cloudflare DNS services, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy and cookie policies are not found, indicating a gap in compliance. Overall, the website is trustworthy and professional but could improve transparency and compliance documentation.