Security Directory

E

Eidgenössische Hochschule für Berufsbildung EHB

ehb.swiss

70

The Eidgenössische Hochschule für Berufsbildung EHB is a Swiss federal higher education institution specializing in vocational education and training. It serves as the national expertise organization for vocational education, offering bachelor and master degree programs, continuing education, research, and consultancy services. The institution targets professionals and students involved in vocational education across Switzerland, positioning itself as a key player in the Swiss education sector. The website is well-structured, multilingual, and professionally designed, reflecting the institution's authoritative market position. Technically, the website is built on Drupal 10, leveraging modern web technologies and privacy-conscious analytics via Matomo hosted on a Swiss domain. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and explicit privacy/cookie policies are recommended. Hosting appears to be managed by a Swiss or government-affiliated provider, consistent with the .swiss domain. From a security perspective, the site enforces HTTPS and employs anti-bot measures on forms, with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit privacy and cookie policies, security headers, and incident response information suggests room for enhancement in compliance and transparency. The WHOIS data is privacy protected by the Swiss Registry, which is typical and justified for official .swiss domains, and the domain appears legitimate and consistent with the institution's profile. Overall, the website presents a secure, professional, and trustworthy digital presence for the Eidgenössische Hochschule für Berufsbildung EHB, with minor recommendations to improve privacy compliance and security posture.

A

adesso Schweiz AG

adesso.ch

68

adesso Schweiz AG is a well-established IT consulting and service provider based in Switzerland, specializing in digital transformation, managed services, and software development tailored to various industries including banking, energy, health, and telecommunications. The company operates under the larger adesso Group umbrella, leveraging nearly two decades of experience particularly in SAP implementations and emerging technologies such as AI and IoT. Their website reflects a mature digital presence with comprehensive service offerings and client success stories, targeting business customers seeking IT modernization and efficiency improvements. Technically, the site employs modern web technologies including Web Components and Piwik PRO analytics, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and relevant security headers, although explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with GDPR, making it a credible digital asset for the company.

S

Schulen kvBL

kvbl.ch

68

Schulen kvBL is a regional educational network based in Basel, Switzerland, offering vocational and commercial education programs including apprenticeships in retail, commercial vocational school, commercial high school, and bridge programs. The institution targets students seeking practical and advanced education in the commercial sector. The website is professionally designed with clear navigation and multiple campus locations detailed, supporting its role as a medium-sized educational provider in the region. Technically, the site uses modern web standards with HTTPS and Google Tag Manager for analytics, though it lacks some advanced security headers and cookie consent mechanisms. Security posture is good with no visible vulnerabilities or exposed sensitive data, but privacy compliance could be improved by adding explicit cookie consent and security policies. WHOIS data aligns well with the website's claims, indicating a legitimate and consistent registration. Overall, the site is trustworthy, safe, and well-suited for its educational purpose.

A

App Developer Group

appdevelopergroup.co

55

App Developer Group is a small technology company specializing in custom software development for ecommerce businesses, primarily focusing on Shopify and related platforms. Their offerings include custom theme development, app creation, and ecommerce website solutions designed to help small businesses thrive. The company showcases multiple ecommerce apps with demos and external links, indicating an active product portfolio and engagement with the ecommerce ecosystem. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries, with integrations for marketing and analytics tools such as Facebook Pixel and Mailchimp. The site is mobile-optimized and demonstrates good design and navigation, although accessibility features are basic. Performance is moderate, and SEO optimization is good based on meta tags and structured content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks visible security headers and formal privacy or cookie policies, which are important for compliance and user trust. No incident response or vulnerability disclosure information is provided, representing an area for improvement. The WHOIS data aligns well with the website content, supporting legitimacy and trustworthiness. Overall, the website is professional and functional with moderate security posture and compliance gaps. Strategic improvements in privacy compliance, security headers, and incident response readiness would enhance trust and reduce risk.

MMGP.com is a well-established Russian-language online forum focused on internet earning, investments, and cryptocurrencies. Founded in 2004, it has grown into one of the largest investment forums with over 400,000 users and millions of posts. The platform offers discussion forums, advertising opportunities, affiliate programs, and monitoring services, targeting investors and internet entrepreneurs primarily in Russia. Technically, the site runs on XenForo forum software, uses Cloudflare DNS, and integrates Google Analytics and advertising scripts. The website is mobile-optimized with good navigation and content relevance. Security posture is moderate with HTTPS enforced and domain transfer lock enabled, but lacks DNSSEC and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data supports the site's legitimacy and long-term presence in the market.

Crypto-control.org is a Russian-language online platform specializing in monitoring currency exchange rates, particularly for cryptocurrencies and fiat currencies. The service provides users with up-to-date information on exchange offers from verified and reliable exchangers, enabling quick and safe currency conversions. The website targets users interested in finding the best exchange rates and operates primarily in the finance and technology sectors. The business is relatively new, founded in 2024, and is hosted with reputable DNS services such as Cloudflare, with domain registration managed by 1API GmbH. The company is based in Dubai, UAE, as indicated by the contact address.

U

Сервис социальной активности UpToLike. Социальные кнопки в один клик.

uptolike.com

57

UpToLike is a Russian-based technology service specializing in social media engagement tools, primarily offering social media buttons and widgets that enable website owners to integrate social sharing features easily. The service has been operational since 2012 and is used by a significant number of websites, indicating a strong market presence in the Russian-speaking web ecosystem. The website is built using AngularJS and integrates third-party analytics and login services, reflecting a moderate level of technical maturity. However, the absence of privacy and cookie policies and limited security headers indicate areas for compliance and security improvement. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening.

The website organise.earth serves as a private and secure communication platform for Extinction Rebellion teams, leveraging the Mattermost technology stack. It is designed to facilitate team collaboration with a focus on privacy and renewable energy hosting. The site has minimal public-facing content, primarily acting as a web application interface rather than a traditional informational website. Technically, it uses modern JavaScript and CSS technologies with a content security policy restricting scripts to trusted sources. Security posture is moderate with HTTPS enabled and some security headers present, but lacks DNSSEC and comprehensive security policies. Privacy compliance is weak due to absence of privacy and cookie policies, and no contact information is publicly available. Overall, the site appears legitimate and consistent with a non-profit activist communication tool but would benefit from enhanced transparency and security documentation.

C

Chesapeaketest

chesapeakefirerescue.com

52

The website 'Chesapeake Fire and Rescue' appears to be a small business focused on the sales and demonstration of Holmatro extrication equipment targeted at first responders and fire departments. The site is built on the Wix platform, indicating a moderate level of digital maturity with standard web technologies and basic mobile optimization. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and ownership transparency. Security posture is weak, with no detected security headers or SSL configuration details, and no privacy or cookie policies are present, which may expose the business to compliance risks. Overall, the website provides minimal business information and lacks contact details, limiting trust and credibility from a user perspective.

Evalanche.cloud is the login portal for the Evalanche marketing automation platform operated by SC-Networks GmbH, a German technology company founded in 2016. The platform targets marketing professionals and businesses seeking advanced marketing automation solutions. The website serves primarily as an access point for registered users rather than a public-facing marketing site. The technical infrastructure is based on standard web technologies with hosting inferred to be on Amazon AWS. The login form includes basic security features such as HTTPS and input protections but lacks visible advanced security headers and DNSSEC is not enabled. Privacy and cookie policies are not present on the login page, limiting compliance visibility. Overall, the domain registration and WHOIS data are consistent and legitimate, supporting the business credibility.

M

moneyland.ch

moneyland.ch

75

moneyland.ch is a well-established Swiss online comparison platform specializing in financial products, insurance, and telecommunications services. It offers independent and free comparison tools targeted at Swiss consumers and businesses, positioning itself as a leading service in the Swiss market. The website features comprehensive content, professional design, and clear navigation, supporting a positive user experience and strong market presence. Technically, the site employs modern JavaScript libraries, Google Tag Manager, OneTrust for cookie consent, and integrates advertising networks responsibly with user consent. Security posture is strong with HTTPS enforcement, security headers, and reCAPTCHA usage, although explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is robust, with clear privacy and cookie policies and a named data protection officer contact. WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, moneyland.ch demonstrates a mature digital infrastructure, good security hygiene, and strong compliance, making it a trustworthy and professional online service.

R

RatesGuru

rates.guru

61

RatesGuru operates as an online exchange analyzer platform specializing in providing users with interactive and real-time analysis of electronic currency exchangers and exchange rates. The platform offers a comprehensive set of services including exchanger reputation monitoring, cashback programs, affiliate partnerships, and trading tools. It targets users involved in cryptocurrency trading and electronic money exchange, positioning itself as a leading service in Europe with a large selection of exchangers and advanced features. The website content is professionally presented with good navigation and mobile optimization, supporting multiple languages.

A

Allchange

allchange.org

64

Allchange.org is a Russian-language online platform specializing in monitoring currency exchangers, including cryptocurrency and fiat currency exchange services. The website provides users with up-to-date exchange rates, user reviews, and ratings for over 400 exchangers, positioning itself as a niche leader in the currency exchange monitoring market. Founded in 2019, the platform targets users seeking reliable and current information on currency exchange services. Technically, the website is built using modern JavaScript frameworks such as Vue.js and Nuxt.js, hosted with Cloudflare DNS services, and demonstrates moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and some advanced security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism or GDPR-specific indicators. Contact information is limited to contact forms and a Telegram support link, with no explicit company emails or phone numbers published. Overall, the website is professional and trustworthy within its niche but could improve in privacy compliance and security practices.

S

SIZ

siz.ch

50

SIZ is a neutral examination organization in Switzerland that certifies ICT user knowledge through diplomas within the Swiss education system. The website presents a professional and consistent brand image, targeting ICT learners and professionals in Switzerland. Technically, the site is built on WordPress using the Divi theme and Yoast SEO plugin, indicating a modern and maintainable infrastructure. The site is accessible, mobile-optimized, and uses HTTPS, but lacks visible privacy and cookie policies, as well as security headers, which are areas for improvement. Security posture is moderate with no critical vulnerabilities detected in the provided data. Overall, the website is trustworthy and credible but would benefit from enhanced privacy compliance and security best practices.

S

SIB Schweizerisches Institut für Betriebsökonomie

sib.ch

71

SIB Schweizerisches Institut für Betriebsökonomie is a Swiss higher education institution specializing in business administration and related diploma and postgraduate courses. It operates multiple campuses in Zürich, Winterthur, and Bern, targeting students and professionals seeking advanced business education. The website reflects a mature digital presence with comprehensive course offerings and clear contact information. Technically, the site leverages modern marketing and analytics tools including HubSpot CMS, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag, ensuring effective user engagement and data collection. Security posture is solid with HTTPS enforcement, reCAPTCHA integration, and error tracking via Sentry, though explicit security headers and a public security policy are absent. Privacy compliance is strong, featuring a detailed privacy policy and cookie consent mechanism aligned with GDPR requirements. Overall, the site is professional, trustworthy, and well-optimized for its educational mission.

H

HWZ Hochschule für Wirtschaft Zürich

fh-hwz.ch

50

HWZ Hochschule für Wirtschaft Zürich is a well-established higher education institution based in Zurich, Switzerland, specializing in business and economics education. The website presents a professional image with a clear focus on educational offerings, practical experience, and networking opportunities. The target audience primarily includes students and professionals seeking business education. The institution maintains a solid market position within the Swiss education sector, supported by a consistent brand presence and comprehensive content.

S

Home | Association romande des employés de commerce

sec-romandie.ch

62

The website www.sec-romandie.ch appears to be a small business site hosted on the Wix platform, primarily in French. The content is minimal and mostly technical, with no visible business descriptions, contact information, or privacy-related policies. The technical infrastructure relies on Wix's standard scripts and polyfills, indicating a basic digital maturity level. Security posture is weak due to lack of visible HTTPS confirmation, absence of security headers, and no incident response or vulnerability disclosure information. Overall, the site lacks critical compliance and trust indicators, which poses a moderate risk for users and visitors.

K

Home | Kaufmännischer Verband Ostschweiz

kvostschweiz.ch

59

The website www.kvostschweiz.ch appears to be a small business site hosted on the Wix platform, targeting a Swiss audience. The content is minimal and primarily technical with no visible business descriptions, contact information, or policies. The technical infrastructure relies on Wix's standard scripts and hosting, indicating a basic digital maturity level. Security posture is weak due to the absence of security headers, privacy policies, and incident response contacts. No vulnerabilities or malicious content were detected, but the lack of transparency and business information limits trust. Overall, the site requires significant improvements in content, security, and compliance to enhance credibility and user trust.

K

Kaufmännischer Verband Luzern

kvluzern.ch

69

The Kaufmännischer Verband Luzern is a well-established non-profit organization based in Switzerland, focused on supporting employees and learners in the commercial and business sectors. With over 150 years of history, it offers a broad range of services including education through its Berufsfachschule and Berufsakademie, consulting, seminars, and networking opportunities. The website reflects a strong market position as a leading regional partner in Lucerne, providing valuable member benefits and career development resources. Technically, the site is built on modern technologies including Craft CMS, uses Google Analytics and Tag Manager for tracking, and implements security best practices such as HTTPS and CSRF protection. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. However, the site lacks explicit security policies and vulnerability disclosure information, which could be improved. Overall, the website is professional, trustworthy, and serves its target audience effectively.

K

Kaufmännischer Verband Bern Solothurn Aargau | Beratungen | Seminare | Mitgliedschaft

kv-verband.ch

63

The website www.kv-verband.ch represents a Swiss-based business or association, likely targeting a German-speaking audience. The site is built using the Wix platform, leveraging standard Wix scripts and polyfills, indicating a moderate level of technical infrastructure. The content is basic and informational, with no advanced interactive features or e-commerce capabilities detected. The website lacks critical privacy and cookie policies, contact information, and security headers, which impacts its compliance and security posture negatively. No signs of WAF or content blocking were detected, allowing full content accessibility. Overall, the site appears legitimate but basic in terms of business presentation and security maturity.

S

Société suisse des employés de commerce

secsuisse.ch

64

The Société suisse des employés de commerce is a longstanding Swiss employee association specializing in labor and training competencies, boasting over 150 years of history. It holds a prominent market position as the oldest active employee association in Switzerland, targeting commerce sector employees and professionals. The website reflects a professional and consistent brand image, with content focused on its core services and audience. Technically, the site is built on TYPO3 CMS, hosted by RTP GmbH, and integrates modern cookie consent management via Cookiebot, ensuring GDPR compliance. The site demonstrates good SEO, accessibility, and mobile optimization, with moderate performance. Security posture is strong, featuring HTTPS, security headers, and no visible vulnerabilities. However, explicit contact information and security policies are not prominently found, suggesting areas for improvement. Overall, the site is trustworthy and professionally maintained, with extensive use of analytics and marketing tools from reputable providers.

F

FOCUS E-Bike & FOCUS-Mobility - Experten für nachhaltige Mobilität

focus-ebike.de

48

The website focus-mobility.de serves as an expert platform dedicated to sustainable mobility, primarily focusing on E-Bikes and related electric mobility solutions. It offers comprehensive news, expert reports, and product testing to inform and guide consumers interested in the evolving transportation landscape. The site targets environmentally conscious individuals and mobility enthusiasts in Germany, positioning itself as a trusted source for mobility-related content and product evaluations. Technically, the website employs modern JavaScript frameworks, likely Vue.js, and integrates multiple third-party services including Google Tag Manager and INFOnline Measurement Manager for analytics and consent management. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and includes a Content Security Policy header, reflecting a good baseline security posture. GDPR compliance is actively managed through consent mechanisms, although explicit privacy policies and security incident response information are not evident in the provided content. No critical vulnerabilities or WAF protections were detected, indicating open and accessible content. Overall, the website presents a professional and trustworthy front for its business domain, with solid technical implementation and moderate privacy compliance. Strategic improvements in explicit privacy documentation, security headers, and incident response transparency would further enhance its security and compliance stature.

FOCUS-Gesundheit is a well-established German healthcare media platform operated under Burda Digital Health. It specializes in publishing annually updated recommendation lists of top doctors, clinics, rehabilitation centers, and health resorts in Germany. The website offers comprehensive health information, expert articles, podcasts, and print magazine distribution targeting patients and the general public seeking reliable healthcare guidance. The business model includes premium profile listings for medical professionals, enhancing visibility and patient engagement. Technically, the website employs modern JavaScript frameworks, likely Vue.js, and integrates multiple tracking and consent management tools to ensure GDPR compliance. Hosting is managed via Amazon AWS infrastructure, providing reliable performance and scalability. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to an excellent user experience. From a security perspective, the site enforces HTTPS with a Content Security Policy and uses a consent management platform for privacy compliance. However, it lacks some security headers and does not publicly disclose a security policy or incident response contacts. No vulnerabilities or WAF blocking were detected, indicating a mature security posture. Overall, the website is professional, trustworthy, and compliant with relevant privacy regulations, though it would benefit from publishing explicit privacy and security policies to enhance transparency and user trust.

B

BurdaVerlag Publishing GmbH

focus-epaper.de

54

The FOCUS E-Paper Plattform is a digital subscription service operated by BurdaVerlag Publishing GmbH, a reputable media company in Germany. The platform provides users with access to digital magazine content via login and subscription management. The website is professionally designed with consistent branding and clear navigation, targeting German-speaking customers interested in digital media subscriptions. The business model centers on subscription-based access to e-paper content, positioning the company as a significant player in the German digital media market. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and FontAwesome Pro icons, with indications of Bootstrap and Symfony frameworks. The domain is managed via MarkMonitor name servers, reflecting professional domain management. The site is mobile-optimized with good user experience, though some SEO and accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, indicating basic security hygiene. However, no explicit security headers were detected in the provided content, and no incident response or security policy information is published. Privacy compliance is partially addressed with a comprehensive privacy policy on a related domain, but no cookie consent mechanism is evident. No vulnerabilities or suspicious patterns were found, and the domain registration is consistent with the business identity. Overall, the website presents a low-risk profile with good business credibility and a solid technical foundation. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance the security posture and privacy compliance, further strengthening user trust and regulatory adherence.

P

Photodune

photodune.net

71

PhotoDune is a well-established online marketplace specializing in royalty-free stock photos and images, operating as part of the larger Envato Market ecosystem. Founded in 2010 and headquartered in Melbourne, Australia, it serves a global audience of photographers, designers, and marketers seeking high-quality visual content. The platform offers millions of images with a straightforward purchase model, positioning itself as a key player in the digital asset e-commerce sector. Technically, the website employs modern web technologies including JavaScript frameworks, Datadog for monitoring, Rollbar for error tracking, and Cookiebot for consent management. It leverages Cloudflare for DNS and CDN services, ensuring fast performance and robust availability. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, PhotoDune enforces HTTPS, uses CSRF tokens, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. While security headers are partially observed, there is room for improvement such as enabling DNSSEC and publishing explicit security policies or vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. Overall, PhotoDune presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing DNS security, publishing incident response contacts, and maintaining ongoing audits of third-party scripts to uphold security and privacy standards.

E

Envato

graphicriver.net

71

GraphicRiver is a well-established online marketplace operated by Envato, specializing in digital design assets such as fonts, logos, icons, and graphics. Founded in 2006, it serves a global community of graphic designers and businesses seeking professional creative resources. The platform is part of the larger Envato ecosystem, which includes subscription services and creative tutorial sites, positioning GraphicRiver as a key player in the digital creative marketplace sector. Technically, the website employs modern web technologies including JavaScript frameworks, Datadog for monitoring, Cookiebot for consent management, and Cloudflare for DNS and CDN services. The site demonstrates excellent performance, mobile optimization, and accessibility features, supported by structured data and comprehensive metadata for SEO. The use of robust domain registration practices and HTTPS ensures a secure and trustworthy user experience. From a security perspective, GraphicRiver exhibits strong practices such as domain locking, HTTPS enforcement, and cookie consent mechanisms aligned with GDPR requirements. However, there is room for improvement by enabling DNSSEC and publishing a security.txt file to enhance vulnerability disclosure transparency. No critical vulnerabilities or security issues were detected in the analysis. Overall, GraphicRiver presents a low-risk profile with high business credibility, excellent content quality, and good privacy compliance. Strategic recommendations include enhancing DNS security, formalizing security policies, and continuous monitoring of third-party scripts to maintain a strong security posture.

E

Envato

videohive.net

71

VideoHive, operated by Envato, is a leading online marketplace specializing in stock video footage, motion graphics templates, and video effects. Established in 2006 and headquartered in Australia, it serves a global audience of creators and businesses seeking high-quality visual assets to enhance video productions. The platform is part of the larger Envato ecosystem, which includes complementary services such as Envato Elements, Tuts+, and Placeit, reinforcing its market position as a comprehensive creative resource hub. Technically, the website employs a modern technology stack including JavaScript frameworks, Turbo (Hotwire), and robust monitoring tools like Datadog and Rollbar. Hosting and DNS services are managed via Cloudflare, ensuring performance and security. The site demonstrates excellent mobile optimization, accessibility, and SEO practices, contributing to a fast and user-friendly experience. From a security perspective, VideoHive enforces HTTPS, integrates Cookiebot for GDPR-compliant cookie consent management, and uses CSRF tokens to protect forms. While explicit security headers are not fully confirmed, the presence of monitoring and error tracking tools indicates a mature security posture. The domain's WHOIS data is consistent with the business identity, showing a long-established registration without privacy masking, which supports trustworthiness. Overall, VideoHive presents a professional, secure, and privacy-conscious platform with strong business credibility and technical maturity. Recommendations include enabling DNSSEC for enhanced DNS security and verifying the implementation of all recommended security headers to further strengthen the security posture.

E

Envato

audiojungle.net

73

AudioJungle, operated by Envato, is a well-established online marketplace specializing in royalty-free music and audio assets. The platform serves a global audience of creators, filmmakers, and businesses seeking professional audio content to enhance multimedia projects. With a domain age dating back to 2006 and a strong brand presence, AudioJungle holds a leading position in the digital media marketplace sector. The business model focuses on facilitating transactions between musicians, sound engineers, and buyers, supported by a comprehensive suite of services and related Envato offerings.

C

Codecanyon

codecanyon.net

71

CodeCanyon is a well-established online marketplace specializing in the sale of plugins, scripts, and code assets for web and mobile development. As a subsidiary of Envato, it holds a strong market position with a large catalog of high-quality, reviewed digital products. The platform targets developers and businesses seeking to accelerate their development projects by purchasing ready-made code components. The business model is based on e-commerce and digital asset distribution, supported by a robust parent company infrastructure. Technically, the website demonstrates a mature digital infrastructure with modern technologies including JavaScript frameworks, Turbo Drive for navigation, and integration with third-party services such as Datadog for monitoring, Rollbar for error tracking, and Cookiebot for consent management. Hosting and DNS services are provided by Cloudflare, ensuring performance and security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS, uses Cloudflare DNS, and employs cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully confirmed, the presence of monitoring and error tracking tools indicates proactive security management. No critical vulnerabilities or exposed sensitive data were detected. However, enabling DNSSEC and publishing a dedicated security policy or security.txt file would enhance the security posture. Overall, CodeCanyon presents a low-risk profile with strong business credibility, excellent content quality, and good privacy compliance. Strategic recommendations include enhancing DNS security, formalizing security policies, and expanding transparency around incident response to further build trust and resilience.

P

Pinterest

pinterest.nz

74

Pinterest is a globally recognized visual discovery and social media platform that enables users to find and share ideas such as recipes, home decor, and style inspiration. It operates primarily as an advertising-driven business model, offering targeted advertising services to businesses while providing a free content discovery platform to users. The website is well-branded, professionally designed, and optimized for a broad general audience. Technically, Pinterest employs modern web technologies including React, WebAssembly, and integrates advanced security and fraud prevention tools such as Google reCAPTCHA, Arkose Labs, and Sardine AI. The site is fast, mobile-optimized, and implements strong security headers and HTTPS encryption, reflecting a mature digital infrastructure. Privacy and cookie policies are comprehensive and GDPR compliant, supporting strong privacy practices. No direct contact information is publicly displayed on the landing page, which is typical for large platforms that centralize support through other channels. Overall, Pinterest demonstrates a high level of business credibility and security maturity, with no significant vulnerabilities or suspicious indicators detected.

D

Datatrans AG

datatrans.ch

61

Datatrans AG is a Swiss-based company specializing in advanced payment solutions tailored for companies demanding high-performance and flexible payment platforms. Their service model emphasizes integration freedom with various financial partners, positioning them as a key player in the payment processing sector within Switzerland and potentially neighboring regions. The website reflects a professional and consistent brand image, targeting business clients seeking reliable payment infrastructure. Technically, the site employs modern JavaScript frameworks such as Vue.js, integrates multiple analytics and marketing tools including Google Analytics, Microsoft Clarity, and Ahrefs, and uses Cookiebot for GDPR-compliant cookie management. The site is well-optimized for mobile and SEO, with good performance metrics and accessibility features. Security-wise, the site enforces HTTPS, uses CSRF protection cookies, and provides a comprehensive cookie consent mechanism, though it lacks explicit security policy or incident response pages. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the site demonstrates a mature digital presence with good privacy compliance and security posture, suitable for its business domain.

W

Worldline

worldline.com

77

Worldline is a leading European payment service provider offering a comprehensive suite of payment processing and financial technology solutions. The company targets financial institutions and businesses requiring innovative payment services, positioning itself as a global leader with a strong European base. Their website reflects a mature enterprise with a professional digital presence, leveraging Adobe Experience Manager and advanced analytics tools to deliver a seamless user experience. The site is well-optimized for mobile and accessibility, with clear navigation and comprehensive content relevant to their business domain. Security posture is strong, with HTTPS enforcement, security headers, and compliance with GDPR through a consent management platform. The domain registration is consistent with the company's long-standing market presence, enhancing trustworthiness. Overall, Worldline demonstrates a high level of digital maturity and business credibility.

A

Allianz Digitale Inklusion Schweiz (ADIS)

adis.ch

57

The Allianz Digitale Inklusion Schweiz (ADIS) is a Swiss non-profit alliance dedicated to promoting digital inclusion and accessibility. Their mission is to remove digital barriers and create an inclusive digital future for all people in Switzerland. The organization operates through a membership model, hosting events such as the national Day of Digital Inclusion and offering educational programs including CAS courses. The website reflects a well-structured, professional presence with clear navigation and comprehensive content focused on their mission and activities. Technically, the website is built on the fuman CMS platform with modern JavaScript libraries such as Flickity and Masonry for UI components. It integrates Google Analytics with a consent mechanism and uses HTTPS exclusively, ensuring secure communications. The site is mobile-optimized and includes accessibility features, aligning with the organization's focus on inclusion. From a security perspective, the site enforces HTTPS and manages cookie consent properly but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or sensitive data exposures were detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's Swiss base. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements could include adding security headers, publishing a security policy, and providing a vulnerability disclosure channel to enhance trust and security posture.

I

International Association of Accessibility Professionals

accessibilityassociation.org

70

The International Association of Accessibility Professionals (IAAP) operates a professional membership and certification platform focused on accessibility education and resources. The website is built on Salesforce Experience Cloud, leveraging modern web technologies such as Lightning Web Components and Salesforce CMS. The platform offers a comprehensive range of services including certification programs, educational content, events, and community engagement for accessibility professionals globally. Technically, the site demonstrates good performance, mobile optimization, and excellent accessibility features, aligning well with its mission. Security posture is strong with HTTPS and strict Content-Security-Policy headers, though improvements can be made in cookie consent and incident response transparency. Overall, the domain appears legitimate despite lack of public WHOIS data, likely due to privacy protection. The site integrates trusted payment processors and analytics tools, supporting a professional and trustworthy user experience.

S

Sizera - Increase conversions and reduce returns

sizera.com

55

Sizera is a technology-driven company offering AI-powered clothing size and fit solutions targeted at fashion retailers. Their platform aims to increase online conversions, reduce product returns, and optimize production processes by leveraging data and artificial intelligence. The website presents a professional and modern interface built with Next.js and React, indicating a contemporary technical infrastructure. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and registration status. Security posture is weak due to missing HTTPS verification, lack of security headers, and absence of privacy and cookie policies. Overall, while the business concept is clear and relevant to the retail sector, the technical and security maturity requires significant improvement to build trust and ensure compliance.

N

Nowy Styl sp. z o.o.

nowystyl.com

74

Nowy Styl sp. z o.o. is a well-established manufacturer specializing in office furniture and ergonomic seating solutions, primarily serving business and organizational clients. The website reflects a professional and consistent brand image, targeting a B2B audience with a focus on quality and design. The company operates in the manufacturing sector, with a strong presence in Poland and Europe. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for consent management, and reCAPTCHA for bot protection, indicating a mature digital infrastructure. The site is mobile-optimized and uses HTTPS, ensuring secure communications. Security posture is solid with encrypted connections and cookie consent mechanisms, though some security headers are not explicitly detected and could be improved. Privacy compliance is strong, with a comprehensive GDPR-compliant privacy policy and an active cookie consent banner. However, the absence of WHOIS registration data raises concerns about domain registration transparency, which slightly impacts trustworthiness. No contact emails or phone numbers are explicitly found on the homepage, which may affect business credibility. Overall, the website is professional and secure but would benefit from enhanced transparency and additional contact information.

F

Login

finative.cloud

50

The website at app.finative.cloud is a login portal for a cloud-based service, likely SaaS, focused on user authentication. The site presents a minimal but functional login interface with language selection and password/email input fields. The business description and detailed company information are not publicly available on this page, limiting insights into market position or business model. The technical infrastructure uses standard web technologies including HTML5, CSS3, and JavaScript, with assets hosted on finative.cloud subdomains. The site is mobile optimized and shows moderate performance but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enforced and secure password input fields, but lacks visible security headers and formal security or privacy policies. No contact or incident response information is provided, and the domain uses WHOIS privacy protection, which is common for SaaS providers but reduces transparency. Overall, the site is functional for its purpose but would benefit from enhanced compliance and security disclosures.

S

Swico

swico.ch

68

Swico is a prominent Swiss business association representing the ICT and online industry, providing services such as membership representation, recycling of electronic devices, and occupational safety solutions. The organization serves a broad audience ranging from startups to international corporations, positioning itself as a key player in Switzerland's digital economy. The website reflects a professional and well-maintained digital presence, with comprehensive content, clear navigation, and active engagement through news, events, and social media channels. Technically, the site employs modern web technologies, including JavaScript frameworks, Google Analytics, and tracking tools, while maintaining good performance and accessibility standards. Security posture is solid with HTTPS enforcement and monitoring tools like Sentry, though explicit security policies and incident response information are not publicly available. Overall, the site demonstrates a high level of trustworthiness and compliance with privacy regulations, including GDPR, supported by a clear cookie consent mechanism and a detailed privacy policy.

T

Tocco AG

tocco.ch

75

Tocco AG is a Swiss company specializing in cloud-based ERP software solutions tailored for education, non-profit organizations, associations, and social institutions. With over 20 years of experience, Tocco offers a comprehensive SaaS platform that integrates functionalities such as eBill, E-Rechnung, newsletter management, and course administration, all hosted and operated within Switzerland to ensure data sovereignty. The company targets Swiss educational institutions, associations, and non-profits seeking efficient administrative and organizational tools. Technically, the website is built on a custom CMS framework with modern JavaScript libraries and integrates Google Analytics and Tag Manager for analytics and marketing purposes. Privacy compliance is well addressed with clear cookie consent mechanisms and a comprehensive privacy policy. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response contacts could be improved. Overall, the website presents a professional, trustworthy, and user-friendly digital presence aligned with the company's market position and business model.

B

Bitcoin-Kurier | News & Bildung zu Bitcoin und Blockchain

bitcoin-kurier.de

57

Bitcoin-Kurier.de is a German-language online media platform focused on delivering news and educational content related to Bitcoin and blockchain technology. The website targets individuals interested in cryptocurrency, providing articles and resources to inform and educate its audience. Technically, the site is built on WordPress CMS, utilizing plugins such as WP Rocket for performance optimization and Rank Math PRO for SEO enhancements. Hosting and DNS are managed via Cloudflare, which provides security and performance benefits. From a security perspective, the website lacks visible security headers and formal security policies, which suggests room for improvement in its security posture. Privacy and cookie policies are not present, indicating potential compliance gaps with GDPR and other privacy regulations. Overall, the site is accessible without WAF or blocking mechanisms, and content is safe for general audiences. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact and incident response information to improve trust and compliance.

G

Grasshopper

grasshopper.com

71

Grasshopper is a well-established virtual phone system provider targeting entrepreneurs and small businesses, offering services such as toll-free, vanity, and local business numbers with features like call forwarding, mobile and desktop apps, and 24/7 support. The company is positioned as a trusted solution with over 150,000 small business customers and operates under the parent company GoTo. Technically, the website is built on modern frameworks including Next.js and React, hosted on AWS infrastructure, and managed via Sitecore CMS, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and domain registration locks, though DNSSEC is not enabled and no explicit security policy or incident response page is found. Privacy compliance is robust with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity.

P

profi dress

profidress.de

57

profi dress is a German-based e-commerce retailer specializing in professional work clothing for sectors such as gastronomy, hotels, spas, retail, and sales. Established since 1979, the company positions itself as a provider of high-quality professional apparel with custom solutions for its clientele. The website is built on the PrestaShop platform, leveraging modern web technologies including Google Tag Manager and Cookiebot for analytics and privacy compliance respectively. Hosting is provided via a CDN (kxcdn.com), ensuring moderate performance and good mobile optimization. Security is enhanced by the Kuratoron Web Application Firewall, providing protection without obstructing user access. However, the site lacks explicit privacy policies, terms of service, and incident response contacts, which are critical for compliance and trust. Overall, the site demonstrates a solid business presence with room for improvement in transparency and security documentation.

C

CLINIC DRESS

clinicdress.de

55

CLINIC DRESS operates a professional e-commerce platform specializing in workwear and professional clothing for the medical, nursing, and cosmetic sectors. The company emphasizes quality, comfort, and over 70 years of experience, targeting healthcare professionals primarily in Germany. The website is built on the Prestashop CMS platform and employs modern web technologies including Google Tag Manager and Cookiebot for analytics and privacy compliance. The presence of Kuratoron WAF indicates a proactive security posture to protect against web threats. However, the absence of explicit privacy policies, terms of service, and contact information limits transparency and user trust. The SSL configuration is robust, ensuring secure data transmission.

S

Stiftung zuwebe

intermezzo-zug.ch

50

Intermezzo is a small, socially-driven crêperie located in Zug, Switzerland, operated as an integration project by Stiftung zuwebe. The business uniquely combines hospitality services with social inclusion by employing individuals with special support needs, guided by professional staff. Their market position is niche, targeting socially conscious customers and the local community. The website reflects this mission with clear content, good design, and comprehensive contact information. Technically, the site uses a modern CMS (MoveCMS), integrates Google Analytics and YouTube for media and tracking, and employs a robust cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and CSRF protections on forms, though some security headers and incident response information are missing. Overall, the site is trustworthy, privacy-conscious, and professionally maintained.

The website okomo.com is currently a parked domain primarily used for domain leasing or sales. It lacks any substantive business content, services, or contact information. The site displays a prominent banner advertising the domain's availability for lease or joint venture, targeting domain investors or buyers. The technical infrastructure is minimal, relying on basic HTML, CSS, and JavaScript with Google Adsense and Google Ad Services scripts for monetization. There is no evidence of a content management system or advanced frameworks. Security posture is weak, with no visible security headers or HTTPS confirmation, and no privacy or cookie consent mechanisms implemented. WHOIS data raises concerns due to a future domain creation date and registration via a drop-catching registrar, indicating low legitimacy and trustworthiness. Overall, the site presents a low-risk profile but lacks business credibility and security maturity.

P

Pinterest

pinterest.com.au

70

Pinterest is a globally recognized technology company operating a leading visual discovery and social media platform. The website au.pinterest.com serves the Australian market segment, offering users access to a wide range of ideas including recipes, home decor, and style inspiration. The platform's business model centers on user-generated content and advertising revenue, positioning it as a major player in the technology and e-commerce sectors. The website demonstrates a high level of digital maturity with modern technologies such as React, advanced anti-bot and fraud prevention scripts, and robust hosting infrastructure on Amazon AWS. Security posture is strong, with HTTPS enforced and a comprehensive Content Security Policy in place, alongside third-party security services. However, the absence of explicit privacy and cookie policies, as well as lack of visible contact information for security incidents, indicates areas for compliance improvement. Overall, the site is professional, trustworthy, and safe for general audiences, reflecting Pinterest's enterprise status and market leadership.

R

Reshot

reshot.com

71

Reshot is a professionally designed online platform offering free icons and vector illustrations with commercial licenses and no attribution required. It targets designers and creatives seeking high-quality design assets for personal and commercial projects. The site is linked to Envato, a well-known creative subscription company, which enhances its market credibility. Technically, the website uses modern JavaScript frameworks, error monitoring via Rollbar, and cookie consent management through Cookiebot, indicating a mature digital infrastructure. The site is fast, mobile-optimized, and SEO-friendly, providing an excellent user experience. Security-wise, HTTPS is enforced and error monitoring is active, but there is a lack of visible security headers and no published security or incident response policies. The absence of WHOIS data is a concern but is mitigated by the professional presentation and Envato affiliation. Overall, the site is trustworthy and well-maintained, with room for improvement in explicit security disclosures and contact transparency.

M

Mixkit

mixkit.co

72

Mixkit is a free resource platform offering high-quality stock video footage, music, sound effects, and Premiere Pro templates targeted at video and content creators. It operates under the parent company Envato, a well-known digital assets marketplace, which strengthens its market position and credibility. The website is professionally designed with excellent content quality and clear navigation, catering to a broad audience of media producers seeking royalty-free assets. Technically, Mixkit employs modern web technologies including Turbo (Hotwire), Rollbar for error monitoring, Cookiebot for consent management, and integrates analytics tools such as Google Analytics and Facebook Pixel. The site is fast, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses multiple security headers, and has robust error monitoring, though it lacks a dedicated security policy or incident response contact. Privacy compliance is strong with explicit cookie consent mechanisms and links to comprehensive privacy and cookie policies hosted by Envato. Overall, Mixkit presents a trustworthy and professional online presence with minimal security or compliance gaps.

E

Envato Tuts+

tutsplus.com

77

Envato Tuts+ is a well-established online education platform founded in 2008, offering creative skills tutorials and courses to a global audience. It operates under the Envato brand, a recognized leader in digital assets and creative marketplaces. The platform targets creative professionals and learners seeking to enhance their skills through high-quality, expert-led content. The business model focuses on providing free and premium educational content, supported by advertising and Envato's broader ecosystem services. Technically, the website employs modern web technologies including JavaScript frameworks, Tailwind CSS, and Cookiebot for privacy compliance. It leverages Cloudflare for DNS and likely CDN services, ensuring fast performance and robust availability. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, Envato Tuts+ demonstrates strong practices such as enforced HTTPS, domain registration protections, and comprehensive cookie consent management. However, DNSSEC is not enabled, and explicit security policies or incident response contacts are not publicly disclosed, representing areas for improvement. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR and privacy regulations. It poses low risk to users and partners, with recommendations to enhance DNS security and transparency around security policies to further strengthen its posture.

D

Diwa Mediamatik

diwa.ch

66

Diwa Mediamatik is a small Swiss technology company specializing in web design, hosting, and media services with over 30 years of experience. Their business model focuses on providing end-to-end internet presence solutions including CMS, SEO consulting, and media production primarily targeting clients in the Aargau region. The website demonstrates a solid technical foundation using modern web technologies and a proprietary CMS named Jasmin. While the site is well-structured, mobile-optimized, and includes a cookie consent mechanism, it lacks explicit security policies and terms of service. Security posture is moderate with room for improvement in headers and incident response transparency. Overall, the domain registration and business information are consistent and trustworthy, supporting a high legitimacy score.