Security Directory

A

Association des Communes de Crans-Montana

cransmontana.ch

58

The Association des Communes de Crans-Montana operates as a local government association serving the communes of Crans-Montana, Icogne, and Lens in Switzerland. The website provides information about various municipal services including emergency services, police, economic promotion, and community activities. It targets residents and local businesses, positioning itself as a central hub for community engagement and public service information. The business model is that of a public sector entity focused on service provision and community support. Technically, the website employs modern web technologies such as Google Fonts, Bootstrap CSS classes, and Google Analytics for visitor tracking. The CMS appears to be Umbraco, inferred from cookie consent scripts. The site is mobile-optimized with good navigation and a professional design, though some SEO and accessibility features could be enhanced. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS (implied by canonical link with http but likely redirects), includes a cookie consent mechanism, and avoids exposing sensitive data. However, no advanced security headers were detected, and there is no published privacy policy or terms of service, which are compliance gaps. Incident response and vulnerability disclosure information are absent, limiting transparency in security matters. Overall, the website is trustworthy and professional, serving its public sector role effectively. The main risks relate to compliance with privacy regulations and enhancing security posture through headers and published policies. Strategic improvements in these areas would strengthen user trust and regulatory adherence.

E

Edmond J. Safra Foundation

edmondjsafra.org

51

The Edmond J. Safra Foundation website represents a well-established philanthropic organization dedicated to supporting charitable projects in science, medicine, religion, education, and general philanthropy. The foundation targets donors, researchers, and philanthropic partners, positioning itself as a reputable non-profit entity with a global outreach. The website is built on WordPress with modern plugins and technologies, providing a professional and responsive user experience. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers and explicit policies could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site reflects a trustworthy and credible foundation, though the lack of WHOIS transparency slightly reduces domain trust. Strategic recommendations include enhancing security headers, publishing incident response information, and adding a security.txt file to improve vulnerability disclosure transparency.

P

Plus que pro

plus-que-pro.fr

63

Plus que pro is a French online platform specializing in providing verified customer reviews to help consumers identify and select trustworthy professional service providers. The website positions itself as a network for qualitative business recommendations, targeting French consumers seeking reliable companies. The platform offers services centered around controlled customer feedback and professional search capabilities, establishing a solid market presence in France. Technically, the website employs modern web technologies including Google Tag Manager and the Didomi Consent Management Platform, ensuring compliance with privacy regulations and enabling effective user tracking and analytics. The site is mobile-optimized with good SEO practices and a professional design, contributing to a positive user experience. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers and explicit incident response or vulnerability disclosure policies. The absence of WHOIS data for the domain is a concern, reducing trust in domain legitimacy, although the website content and business model suggest a legitimate operation. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and domain registration clarity.

O

OSS Directory

ossdirectory.com

62

OSS Directory is a German-language platform serving as a comprehensive directory and informational resource for open source software providers, products, customers, and community-related content. The website is built using modern Angular framework and Material Design components, indicating a mature technical infrastructure. It employs privacy-conscious analytics via Plausible Analytics and demonstrates good mobile optimization and user experience. However, the absence of privacy and cookie policies, lack of visible security headers, and missing WHOIS registration data present concerns regarding compliance and domain legitimacy. Overall, the site is professional and content-rich but would benefit from enhanced security and privacy transparency.

H

Heli GmbH

helikopterflug.ch

69

Heli GmbH operates a specialized e-commerce platform offering helicopter flight experiences, including sightseeing tours, pilot experiences, and VIP taxi flights primarily in Switzerland. The company targets general consumers interested in unique aerial experiences and gifts. The website is built on the Shopify platform, leveraging modern web technologies and third-party marketing and analytics tools to provide a professional and user-friendly experience. The site includes comprehensive privacy and cookie policies with active consent mechanisms, reflecting good compliance with GDPR standards. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although formal security policies and incident response information are absent. Overall, the website is trustworthy, well-maintained, and suitable for its niche market.

F

Fred Fischer

fredfischer.fr

54

Fred Fischer is a freelance web designer and WordPress expert based in Lille, France, offering specialized services including responsive WordPress theme development, plugin creation, SEO optimization, and web accessibility. The website presents a professional portfolio and emphasizes a user-centric approach combining form and function. The business targets clients directly and agencies seeking expert WordPress development and web design services. Technically, the site is built on WordPress with modern frameworks such as Materialize CSS and uses Matomo for privacy-conscious analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security posture is good with HTTPS enforced and minimal plugin use, though security headers and explicit privacy policies are lacking. The absence of WHOIS data limits domain legitimacy verification, which slightly impacts trust. Overall, the website is professional, secure, and well-positioned for its niche market.

T

TheFork

lafourchette.com

66

TheFork is a prominent online restaurant reservation platform primarily serving the French market, offering users the ability to search, select, and book tables at top restaurants with added promotional offers. As a subsidiary of TripAdvisor, it holds a strong market position in hospitality services. The website demonstrates a mature technical infrastructure leveraging modern web technologies such as Next.js, Google Tag Manager, Stripe for payments, and DataDome for bot protection, ensuring a robust and scalable platform. Security posture is strong with HTTPS enforcement, security headers, and bot mitigation, although explicit privacy and security policies are not clearly presented in the accessible content. The absence of WHOIS data transparency slightly impacts trust but is mitigated by the brand's reputation and professional presentation. Overall, the platform is well-positioned with a high-quality user experience and solid technical foundation.

L

Loomly

loomly.com

70

Loomly is a well-established SaaS social media management platform designed to empower marketing teams, agencies, brands, and creators to efficiently plan, schedule, collaborate, and analyze social media content. The platform integrates with major social networks and offers a comprehensive suite of tools including content calendars, approvals, campaign tracking, and analytics. The website is professionally designed, mobile-optimized, and provides rich content resources such as blogs, tutorials, and webinars, positioning Loomly as a trusted player in the social media management market. Technically, the site leverages modern marketing and analytics technologies including HubSpot CMS, Google Tag Manager, Intercom, and Osano for consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response policies are not publicly detailed. WHOIS data is not publicly available, likely due to privacy protection, which is common for SaaS businesses. Overall, Loomly presents a credible, secure, and user-friendly platform with good privacy compliance and marketing transparency.

H

HBG

hbg-helicopteres.aero

49

HBG is a large, family-owned helicopter group established in 1980 in France, operating multiple subsidiary brands and offering a wide range of helicopter services including passenger transport, aerial work, pilot training, mountain rescue, emergency medical services, and maintenance. The company positions itself as a leader in the French helicopter market with a presence on four continents. The website is professionally designed using WordPress with modern plugins and technologies, providing good user experience and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA usage, but lacks explicit security policies and incident response contacts. Privacy compliance is good with visible cookie consent and GDPR-aligned data collection practices. WHOIS data is incomplete and malformed, limiting domain trust verification. Overall, the website and business appear legitimate and professional, but domain registration details should be verified for full trust.

F

Frontify AG

frontify.com

65

Frontify AG operates a sophisticated brand management SaaS platform designed to streamline digital asset management, brand guidelines, and collaboration for marketing teams and agencies globally. The company positions itself as a leader in brand consistency and efficiency, offering integrations and developer tools to enhance brand ecosystems. The website reflects a mature digital presence with modern technologies such as Webflow CMS, Google Tag Manager, Cookiebot for privacy compliance, and Vimeo for media delivery. Security posture is strong with HTTPS, content security policies (though currently report-only), and cookie consent mechanisms integrated. However, the absence of WHOIS registration details introduces a minor trust gap, though this is mitigated by the professional presentation and comprehensive privacy and security policies. Overall, Frontify demonstrates a robust business and technical infrastructure suitable for enterprise clients seeking brand management solutions.

E

Eden: People+Planet

edenprojects.org

59

Eden: People+Planet is a newly established environmental and social advocacy organization, launched in early 2024. The website serves as a platform to promote sustainability initiatives and community engagement. The organization appears to be small and focused on niche advocacy efforts. Technically, the website is built on WordPress using the Divi theme, hosted behind Cloudflare, and employs standard plugins such as Yoast SEO and Cookie Law Info for compliance and SEO. Performance and mobile optimization are moderate to good, with basic accessibility features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy or terms of service policies. Business credibility is moderate due to the lack of explicit contact information and trust signals. Overall, the site is functional and professional but would benefit from improved security and compliance documentation.

R

RUAG International

ruag.com

66

RUAG International is a large, established technology and manufacturing company specializing in aerospace and defense sectors. The company offers key services including aerostructures manufacturing, space technology, and defense technology, positioning itself as a trusted international player with a strong brand presence. The website reflects a professional corporate identity with clear navigation and relevant content targeted at industry professionals and partners. Technically, the site is built on Drupal CMS, uses modern web technologies such as Google Fonts, Matomo analytics, and Google Maps API, and implements cookie consent mechanisms for privacy compliance. Security posture is good with HTTPS enforced and security headers present, though explicit security policies and vulnerability disclosures are absent. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the professional presentation of the website. Overall, RUAG International's digital presence is solid but could benefit from enhanced transparency in privacy and security documentation.

M

mont blanc hélicoptères

mbh.fr

50

Mont Blanc Hélicoptères is a leading French helicopter company specializing in a wide range of aviation services including tourist flights, pilot training, emergency medical services (SAMU), mountain rescue, and helicopter maintenance. The company targets tourists, corporate clients, and aviation service customers, positioning itself as a market leader in France. The website is well-structured, professionally designed, and provides comprehensive information about its services and bases across France and neighboring regions. Technically, the site is built on WordPress with modern plugins and technologies, including SEO optimization and cookie consent mechanisms. Security posture is good with HTTPS and reCAPTCHA in use, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust analysis, but the site shows strong trust indicators such as social media presence and detailed service descriptions. Overall, the site is safe, professional, and suitable for a general audience.

H

Heliswiss International AG

heliswissinternational.com

47

Heliswiss International AG is a Swiss-based specialist company with over 35 years of experience in heavy load helicopter transport and construction flights worldwide. Their services include precision transport of loads up to five tonnes, forestry/logging operations, humanitarian services such as fire fighting and rescue, and various construction-related helicopter operations. The company targets businesses and organizations requiring specialized helicopter heavy load services globally. The website presents a professional and consistent brand image with detailed service descriptions and fleet information, supporting their market position as an established specialist in the transportation sector. Technically, the website is built on the SilverStripe CMS platform, utilizing modern web technologies such as jQuery and Flexslider for interactive content. The site is mobile-optimized with good navigation and SEO practices, although performance is moderate. The presence of a cookie consent banner indicates some level of privacy compliance, but no explicit privacy policy was found. Security headers and SSL configuration details are not evident from the provided data, suggesting room for improvement in security posture. From a security perspective, the website is accessible without WAF or blocking mechanisms, but the absence of WHOIS registration data raises concerns about domain legitimacy. The site does not expose sensitive data or show signs of vulnerabilities in the analyzed content. However, the lack of explicit privacy and security policies, as well as missing security headers, indicates potential compliance gaps. Overall, the site demonstrates a moderate security maturity level with recommendations to enhance security controls and transparency. The overall risk assessment is moderate with a legitimacy score affected by missing WHOIS data. Strategic recommendations include improving domain registration transparency, implementing comprehensive privacy and security policies, enhancing security headers and SSL configurations, and establishing incident response and vulnerability disclosure mechanisms to strengthen trust and compliance.

A

Airport Helicopter AHB AG

airportheli.ch

56

Airport Helicopter AHB AG is a well-established Swiss company specializing in helicopter flights and pilot training since 1993. The company operates multiple locations across Switzerland including Luzern-Beromünster, Basel, Grenchen, and Zürich, offering a wide range of services such as sightseeing flights, VIP and taxi flights, glacier flights, romantic and wedding flights, events, heli-skiing, and comprehensive pilot training programs. Their website reflects a professional and consistent brand image with clear navigation and relevant content targeting aviation enthusiasts and potential pilot trainees. Technically, the website is built on Joomla CMS with modern frontend technologies including Bootstrap, jQuery, and Owl Carousel. It is mobile-optimized and integrates Google Analytics and Tag Manager for user tracking. The site uses HTTPS with a good SSL configuration and implements GDPR-compliant cookie consent mechanisms. However, there is room for improvement in security headers and publishing explicit security policies. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF protection, and cookie consent. No critical vulnerabilities or suspicious content were detected. The WHOIS data aligns well with the business claims, showing a consistent and legitimate registration since 1993. Overall, the site presents a low risk profile with a solid security posture and compliance with privacy regulations. Strategically, the company should consider enhancing its security posture by adding security headers, publishing a security policy, and possibly a vulnerability disclosure policy. Improving accessibility features and expanding transparency around data retention would further strengthen trust and compliance.

Aircraft Solutions is a specialized service provider offering comprehensive maintenance and support services for rotary and fixed-wing aircraft. Their services include maintenance, battery overhauls, parts sourcing, and CAMO management, targeting private owners and businesses worldwide with 24/7 availability. The website is built on WordPress with modern plugins and fonts, providing a professional and responsive user experience. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy policies. No contact emails or phone numbers are publicly listed, which may impact user trust and compliance. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

I

Invoiceberry Limited

invoiceberry.com

64

InvoiceBerry is a UK-based small business SaaS company specializing in online invoicing software tailored for freelancers and small businesses. The platform offers invoice creation, expense tracking, payment management, and integrates with popular payment gateways. The website is professionally designed, mobile-optimized, and provides clear business and contact information, including customer testimonials that reinforce trust. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Cloudfront CDN, with analytics tools like Plausible and Facebook Pixel for user tracking. Security posture is good with HTTPS enforced and secure forms, though no explicit security headers or incident response contacts are published. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. WHOIS data is unavailable, which slightly reduces trust but the overall business presence and content quality support legitimacy.

M

Malix.Studio

malix.studio

57

Malix.Studio is a specialized media production company based in the Jura region of Switzerland, offering professional video production services including studio rental, live streaming, webinars, and virtual studio capabilities. Their business model focuses on providing high-quality, customizable video production environments tailored to the needs of SMEs in the Swiss market. The website demonstrates a solid digital presence with professional design and clear service offerings. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and performance optimization, though minor backend errors and lack of explicit privacy policies indicate areas for improvement. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit policies. Overall, the site is trustworthy and professional, with moderate risk due to minor technical and compliance gaps.

A

Actito

actito.com

67

Actito is a marketing automation and customer activation software provider targeting marketers and businesses seeking to transform customer satisfaction into revenue. The website presents a professional and modern digital presence, leveraging contemporary JavaScript frameworks and multiple marketing and tracking technologies. The technical infrastructure includes tools such as Microsoft Clarity, LinkedIn Insight Tag, and a consent management platform, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by implementing standard security headers and publishing explicit privacy and cookie policies. The absence of WHOIS data for the domain www.actito.com is a notable concern, potentially indicating privacy protection or registry issues, which slightly impacts trustworthiness. Overall, the website is functional, business-focused, and safe for general audiences.

T

Threads of Life

threadsoflife.ca

64

Threads of Life is a Canadian non-profit charity dedicated to supporting individuals and families affected by workplace injury, illness, or death, while also focusing on preventing future workplace tragedies. The organization offers peer support, online workshops, regional gatherings, and awareness programs, powered by a strong volunteer base and national outreach. Their website reflects a professional and consistent brand image, with clear navigation and comprehensive content tailored to their target audience in Canada. Technically, the website is built on WordPress using modern frameworks such as Bootstrap 5, and integrates Google Tag Manager and reCAPTCHA v3 for security and analytics. The site is mobile-optimized, fast-loading, and includes SEO best practices, although some security headers are missing. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. From a security perspective, the site uses HTTPS and secure form handling, but could improve by implementing additional security headers and publishing incident response information. No vulnerabilities or suspicious domains were detected. WHOIS data is unavailable, likely due to privacy protection, which is common and justified for non-profit organizations. Overall, Threads of Life presents a trustworthy and professional online presence with solid technical infrastructure and a good security posture. Enhancements in privacy compliance and security policy transparency would further strengthen their risk profile.

O

Ortto

autopilothq.com

76

Ortto operates as a technology company providing a SaaS platform that integrates customer data, marketing automation, and analytics into a unified solution. The website presents a professional and modern design built using the Framer platform, indicating a moderate level of digital maturity. The technical infrastructure leverages JavaScript and web fonts with a focus on responsive design and user experience. Security posture appears limited based on the absence of visible security headers and explicit security policies, which suggests room for improvement in protecting user data and enhancing trust. Privacy compliance is weak due to the lack of privacy and cookie policies, which could expose the company to regulatory risks. Overall, the website is functional and professional but would benefit from enhanced security and compliance transparency to improve trustworthiness and reduce risk.

C

CIPA IGAB CIFC

cipa-igab.ch

44

CIPA IGAB CIFC is a Swiss non-profit community focused on supporting caregivers (Proches aidants). The website serves as an informational platform with content primarily in French, targeting individuals involved in caregiving. The site uses WordPress with the Divi theme, indicating a moderate level of digital maturity but lacks advanced technical or security features. The absence of privacy, cookie, and terms of service policies suggests limited compliance with data protection regulations. Security posture is minimal, with no evident security headers or incident response information. Overall, the site is accessible and safe but would benefit from enhanced security and compliance measures.

A

Associazioni Cristiane Lavoratori Internazionali SVIZZERA

acli.ch

57

ACLI.CH is a Swiss non-profit association dedicated to supporting Christian international workers through social, cultural, and legal services. The website presents a well-structured platform with clear navigation and relevant content focused on community engagement, events, and patronage services. The organization maintains a consistent brand presence and targets a niche audience within Switzerland. Technically, the site leverages WordPress with Elementor and The7 theme, ensuring a modern and responsive user experience. Security measures include HTTPS enforcement, cookie consent mechanisms, and standard security headers, although explicit security policies and incident response information are absent. Overall, the website demonstrates a solid digital maturity suitable for its non-profit mission, with room for enhanced transparency in security and contact information.

F

fh-ch

fh-ch.ch

49

fh-ch is a Swiss non-profit association representing educators and researchers at Swiss universities of applied sciences. It acts as a national umbrella organization advocating for the rights, working conditions, and educational quality for its members. The website is professionally designed using WordPress, with multilingual support and standard web technologies. While the site is accessible and well-structured, it lacks explicit privacy, cookie, and security policies, which are important for compliance and trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. Overall, the organization appears legitimate and trustworthy with a clear mission and target audience.

F

France Éducation International

lefilplurilingue.org

55

Le fil plurilingue is an educational platform operated under the auspices of France Éducation International, providing resources and support for bilingual French education worldwide. The website targets educators, coordinators, and directors involved in bilingual francophone sections, offering a variety of teaching materials, methodological guidance, and country-specific information. The platform positions itself as a niche resource provider within the education sector, leveraging its affiliation with a reputable French educational institution. Technically, the website is built on Drupal 10, utilizing modern web technologies including jQuery and Google Fonts. It employs Matomo for analytics, indicating a preference for privacy-conscious tracking. The site demonstrates good mobile optimization and a professional design, though accessibility features are basic and SEO optimization is moderate. Hosting details are not explicitly disclosed. From a security perspective, the domain is registered consistently with no privacy protection, and the registrar status clientTransferProhibited adds a layer of domain security. However, the absence of DNSSEC and security headers, along with missing explicit privacy and cookie policies, indicates room for improvement in security posture and compliance. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Overall, the website presents a trustworthy and professional educational resource with moderate technical maturity and some compliance gaps. Strategic improvements in privacy policy publication, cookie consent mechanisms, and security header implementation would enhance its security and compliance standing.

U

Universités de Francophonia | Apprendre de tous, savoir ensemble

universitesdefrancophonia.com

46

Francophonia.com is an educational platform focused on the Francophone academic community, promoting collaborative learning and university networking. The website is built on WordPress using the Divi theme and integrates HubSpot for marketing and analytics. The technical infrastructure is modern but shows moderate performance and basic SEO and accessibility features. Security posture is basic with HTTPS enabled but lacks advanced security headers and visible security policies. The absence of WHOIS registration data for the domain raises concerns about domain legitimacy and trustworthiness. No privacy or cookie policies were detected, indicating potential compliance gaps. Overall, the website serves its educational purpose well but requires improvements in security, privacy compliance, and domain registration transparency.

I

In the pocket

cookiethough.dev

61

Cookie Though is an open source technology project developed by 'In the pocket' that provides an easy-to-use, minimal footprint cookie consent management application designed to help website owners comply with GDPR regulations. The website positions itself as a niche provider focusing on usability and accessibility, targeting developers and site owners who need a compliant cookie banner solution. The business model is based on open source distribution with community engagement via GitHub. Technically, the site uses modern web standards including JavaScript and Google Fonts, with good SEO and accessibility practices. The site is fast and mobile optimized, with no detected CMS or complex frameworks. Security posture is moderate; while HTTPS is implied, no explicit security headers or policies are published, and no incident response or vulnerability disclosure information is available. Overall, the site is trustworthy and professional with a clear focus on privacy compliance but could improve by publishing more explicit security and incident response information.

N

Northern Safety Association

nsa-nt.ca

62

The Northern Safety Association is a Canadian non-profit organization specializing in health and safety training for workers and employers in the Northwest Territories and Nunavut. The website presents a professional and consistent brand image, offering a wide range of in-class and online training courses, including COR® certification and leadership safety programs. The organization targets regional workers and employers, positioning itself as a key provider of safety education in Northern Canada. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Google Analytics for tracking and YouTube for video content. The site is mobile-optimized and uses HTTPS with HSTS for secure communications. However, some security headers are missing, and there is no publicly available privacy policy or terms of service, which are areas for improvement. From a security perspective, the site demonstrates good practices with HTTPS enforcement and cookie consent mechanisms. No vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data due to privacy protection is common and does not raise immediate concerns given the site's professional presentation and consistent content. Overall, the website is trustworthy and well-maintained, though it would benefit from enhanced privacy disclosures and explicit contact information to improve compliance and user trust.

Northern Safety Network Yukon is a specialized organization focused on occupational health and safety training and certification primarily serving Yukon-based organizations and residents. Their offerings include COR® and SECOR® certification programs, asbestos training, and a variety of online and community safety courses. The organization is positioned as a regional leader with recognized certifications endorsed by national safety federations, targeting employers and safety professionals in the construction and industrial sectors. Technically, the website employs modern web technologies such as Bootstrap and jQuery, with hosting of static assets on Amazon S3, providing a mobile-optimized and user-friendly experience. However, some technical improvements are recommended, including enhanced security headers and privacy compliance mechanisms. Security posture is moderate with use of HTTPS implied but lacking visible security headers and cookie consent. The WHOIS data is missing or unavailable, which reduces trustworthiness but the website content and contact information appear professional and legitimate. Overall, the site scores well on business credibility and content quality but has room for improvement in security and privacy compliance.

M

MASH

mashmb.ca

58

MASH is a specialized safety program provider focused on healthcare workers in Manitoba, Canada. The company offers comprehensive safety training, consulting services, and certification programs tailored to the healthcare sector. Positioned as a leading safety program in the region, MASH targets healthcare professionals seeking to improve workplace safety and compliance. The website reflects a professional and consistent brand image with a clear focus on its niche market. Technically, the site leverages modern web technologies including Vue.js, Google Tag Manager, and international telephone input libraries, hosted by Rebel.ca Corp. The site is mobile optimized and performs moderately well, though accessibility features could be enhanced. Security posture is strong with HTTPS enforcement and appropriate domain transfer protections, but DNSSEC is not enabled. Privacy compliance is a notable gap, with no visible privacy or cookie policies and no consent mechanisms, which could expose the business to regulatory risks. Contact information is limited to a contact form without explicit emails or phone numbers, reducing direct communication channels. Overall, the website is trustworthy and professional but would benefit from improved privacy and compliance disclosures.

E

Entrepreneurship Center

entrepreneurship-bern.ch

43

The Entrepreneurship Center at the University of Bern is a specialized educational and outreach institution focused on fostering entrepreneurship and innovation. It offers continuing education programs such as CAS Corporate Strategy and CAS Entrepreneurship, practical start-up training modules in collaboration with Innosuisse, and organizes the STAGE UP business creation competition. The center targets students, researchers, entrepreneurs, and professionals seeking to develop entrepreneurial skills and business acumen. Its strong affiliation with the University of Bern and partnerships with regional academic and private entities position it as a credible and trusted resource in the Swiss entrepreneurship ecosystem. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, WPBakery Page Builder, and GDPR-compliant cookie management. The site is well-optimized for SEO, mobile responsive, and uses structured data for enhanced search visibility. Performance is moderate with good accessibility features, though some improvements in accessibility and security headers could be made. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms, and avoids exposing sensitive data. However, explicit security policies and incident response information are absent, and security headers are not detected. No vulnerabilities or suspicious activities are evident. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates a high level of professionalism, trustworthiness, and compliance, making it a reliable platform for its target audience. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility to further strengthen its posture.

T

Trustmary

trustmary.com

62

Trustmary is a technology company founded in 2018, providing a SaaS platform focused on collecting, analyzing, and showcasing customer feedback to help businesses improve customer experience and build social proof. The company targets businesses across multiple industries and has a strong market presence with over 1800 companies using its services worldwide. The website is professionally designed, mobile-optimized, and offers multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress, uses modern web fonts, and integrates with Google Tag Manager and YouTube for analytics and media embedding. Security posture is adequate with HTTPS enabled and domain status protections, but lacks DNSSEC and published security policies. Privacy compliance is weak due to missing privacy and cookie policies on the homepage. Overall, the website is trustworthy and professional but could improve transparency and security documentation.

R

Rebel Communications

rebelcom.ch

47

Rebel Communications is a small creative agency based in Zurich, Switzerland, specializing in communication services aimed at societal change. The website is built on WordPress using the Divi theme and incorporates Yoast SEO Premium for search engine optimization. The site presents a professional design with good mobile optimization and clear navigation, targeting organizations interested in social impact and creative communication solutions. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, but lacks advanced security headers and explicit privacy policies. No contact emails or phone numbers are explicitly provided in the HTML content, which may affect user trust and compliance. WHOIS data confirms legitimate domain registration consistent with the business claims, enhancing credibility. Overall, the website is functional and professional but would benefit from improved privacy compliance and enhanced security practices.

A

Allerlay Wonesky Media

allerlay.com

47

Allerlay Wonesky Media appears to be a small media or creative agency based in Switzerland, founded around 2019. The website is built on WordPress and uses modern tracking and marketing tools such as Google Tag Manager, Matomo Analytics, and Mautic. The site is accessible with no WAF or security challenges blocking content. However, it lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance score. The domain registration data is consistent and legitimate, with no suspicious patterns detected. Security posture is moderate but could be improved by enabling DNSSEC and adding security headers. Overall, the website presents a professional appearance but requires enhancements in privacy and security transparency.

W

Wir lernen weiter

wir-lernen-weiter.ch

52

Wir lernen weiter is a Swiss non-profit organization dedicated to bridging the digital divide by collecting, refurbishing, and distributing laptops to individuals affected by poverty across Switzerland. The organization maintains a professional online presence with a multilingual WordPress website, comprehensive privacy and cookie policies, and active social media engagement. Their business model focuses on social impact through technology redistribution and community partnerships. Technically, the website leverages modern WordPress plugins and frameworks, ensuring a good user experience and moderate performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the site reflects a trustworthy and credible non-profit entity with good privacy compliance and user engagement features.

E

Currency exchange

eexchanger.co

57

The website eexchanger.co operates as an online currency exchange platform specializing in electronic currencies and cryptocurrencies such as Bitcoin and Bitcoin Cash. It targets individuals and businesses seeking safe and convenient currency exchange services online. The platform's market position appears to be niche with a basic but functional service offering. Technically, the site employs a modern tech stack including Bootstrap, jQuery, and various UI libraries, alongside marketing and tracking tools like Google Tag Manager and Facebook Pixel. Mobile optimization is adequate, though accessibility and SEO are basic. Security posture shows HTTPS usage but lacks visible security headers and explicit security policies, which could be improved. Privacy compliance is weak due to absence of explicit privacy and terms of service pages and no clear cookie consent mechanism. Overall, the site is functional but would benefit from enhanced transparency and security measures.

K

KV Basel AG

kvbasel.schule

58

KV Basel AG is an established vocational education institution based in Basel, Switzerland, with a history spanning over 150 years. The organization focuses on commercial professions, vocational baccalaureate programs, and additional courses aimed at strengthening the skills of kaufmännische Berufe (commercial professionals). The website reflects a professional educational service provider targeting students and professionals seeking vocational training in the Basel region. The business model centers on providing structured vocational education and related services, positioning KV Basel as a key player in the local education sector. Technically, the website is built using modern web technologies including React and Next.js, with integration of Google Tag Manager for analytics. The site demonstrates good mobile optimization, clear navigation, and a professional design. However, some accessibility features could be improved, and no CMS or hosting provider details are explicitly identified. Performance is moderate, with proper meta tags and SEO considerations in place. From a security perspective, the site uses HTTPS, ensuring encrypted communication. However, no explicit security headers were detected in the provided HTML content, and there is no visible privacy or cookie policy, which are important for compliance with data protection regulations such as GDPR. No forms or input fields were found on the homepage, reducing immediate risk of input-based vulnerabilities. The absence of a security.txt file or vulnerability disclosure policy suggests room for improvement in incident response readiness. Overall, KV Basel AG's website is trustworthy and professional, with a strong business credibility score. The lack of WHOIS data limits domain registration insights, but the website content and contact information support legitimacy. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, and enhancing accessibility and compliance features to strengthen the security posture and user trust.

K

KV Luzern Berufsakademie

kvlu.ch

58

KV Luzern Berufsakademie is a Swiss educational institution specializing in professional continuing education, primarily targeting working professionals in the Luzern region. The website serves as a platform to showcase their educational offerings and facilitate consultation appointments. Technically, the site is built on Drupal 10 and integrates multiple modern marketing and analytics tools including Google Analytics, Facebook Pixel, TikTok Pixel, and LinkedIn Insight Tag, managed via Google Tag Manager. The site demonstrates good digital maturity with responsive design and cookie consent mechanisms compliant with GDPR. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not published. Overall, the website is professional, trustworthy, and well-aligned with its business purpose, though it could improve transparency by adding terms of service and vulnerability disclosure information.

R

RELEVANT DIGITAL OY

relevant-digital.com

66

Relevant Digital Oy operates a sophisticated SaaS platform called Relevant Yield, designed for digital ad sellers and publishers worldwide. The platform integrates advanced modules for ad revenue reporting, real-time analytics, and header bidding management, enhanced by an AI assistant to optimize ad sales. The company positions itself as a leader in the digital advertising technology sector, serving a global clientele with modular and scalable solutions. Their website reflects a professional and consistent brand image, supported by client testimonials and industry memberships, indicating strong market credibility. Technically, the website is built on the HubSpot CMS platform, utilizing modern web technologies including Google Analytics 4, Google Tag Manager, and FontAwesome. The site is mobile-optimized and demonstrates good SEO practices, although some technical debt is noted with the use of an outdated jQuery version. Security practices include HTTPS enforcement and consent management for analytics, but lack explicit security headers and published security policies. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data raises concerns about domain legitimacy or privacy protection usage. The lack of explicit privacy and cookie policies, as well as incident response information, suggests areas for compliance improvement. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation. Strategically, the company should prioritize publishing comprehensive privacy and security policies, update legacy libraries, and clarify domain registration details to strengthen trust and compliance. These steps will enhance their security posture and business credibility in a competitive ad tech market.

W

WOT Services Ltd.

mywot.com

72

WOT Services Ltd. operates the website mywot.com, a leading community-driven platform providing browser security extensions and mobile apps to protect users from online threats such as phishing, scams, and malware. The service leverages a large user base of over 140 million members and employs machine learning algorithms to rate website safety, offering both free and premium security features. The website is professionally designed, mobile-optimized, and supports multiple languages, reflecting a mature digital presence. Technically, the site uses modern frameworks and integrates security best practices including HTTPS, CSP, and reCAPTCHA. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance trust and transparency. Overall, the site demonstrates a strong security posture and business credibility with no detected vulnerabilities or suspicious content.

C

Обменный пункт электронных валют

coin-bank.co

50

Coin-bank.co is a Russian-language online electronic currency exchange platform operating since 2016. It offers automated, anonymous, and secure exchange services for a wide range of cryptocurrencies and fiat currencies, targeting primarily Russian-speaking users interested in crypto and electronic payments. The platform supports multiple payment systems and banking options, providing discounts, a partner program, and investment opportunities in the exchange service. Technically, the site is built on WordPress with jQuery and uses HTTPS with CAPTCHA protections on forms, indicating a moderate level of digital maturity. However, it lacks some advanced security headers and cookie consent mechanisms, which are important for compliance and security. The security posture is adequate but could be improved with better header implementation and incident response transparency. Overall, the site is trustworthy with good business credibility, supported by user reviews and partnerships with reputable review and monitoring platforms.

Perfect-change.com is an automated online currency exchange service specializing in cryptocurrencies such as Bitcoin, Litecoin, Ethereum, and stablecoins like Tether (TRC20, ERC20, BEP20). The platform also supports fiat currency exchanges via bank cards and transfers, targeting primarily Russian-speaking users. Founded in 2017, the service emphasizes fast, anonymous, and secure transactions with a flexible discount and partner program to enhance user benefits. The website is built on WordPress, leveraging common web technologies like jQuery and Bootstrap for responsive design and user experience. Hosting is provided by Beget, a known hosting provider, with domain registration through NameCheap, Inc. The domain is well-established with a long expiry date and clientTransferProhibited status, indicating stable ownership. Security measures include SSL encryption and captcha protections on forms, though some advanced security headers and DNSSEC are not implemented. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact information is limited to web forms without direct emails or phone numbers. The site integrates partner and review platforms to build trust and credibility. Overall, the platform presents a professional and functional service with moderate technical and security maturity.

B

BigBanK

bigbank.top

52

BigBanK operates as an electronic currency exchange service primarily targeting Russian-speaking users with English language support. The website offers automated currency exchange services, user account management including registration and login, and wallet management features. The business appears to be a small-sized entity founded in 2022, operating in the finance sector with a focus on electronic and cryptocurrency exchanges. The market position is niche, serving users needing currency exchange services with a digital-first approach. Technically, the website is built on WordPress with a reliance on jQuery libraries and integrates third-party services such as Google Fonts, Yandex Metrika, Google Analytics, and JivoSite for live chat support. The site is mobile-optimized and moderately performant but lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, and does not provide explicit incident response or vulnerability disclosure information. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. Overall, the website is functional and moderately trustworthy but would benefit from enhanced security and privacy practices.

CHANCE - Civil Hub Against orgaNised Crime in Europe is a European civil society network focused on combating organised crime, mafias, and corruption through cooperation among associations, activists, and institutions. Founded in 2019 and promoted by the Libera association, it operates across Europe to promote social justice, education, and awareness. The website reflects a professional non-profit organization with clear advocacy goals and a strong partnership ecosystem. Technically, the site is built on WordPress with Elementor, using modern web technologies and providing a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is well addressed with GDPR-aligned policies and cookie management. Overall, the site is trustworthy and credible, though WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization.

P

PREMIUM EXCHANGER DSO-FZCO-20984

premiumexchanger.com

55

PremiumExchanger.com is a specialized provider of professional e-currency exchanger scripts and automated exchange solutions, serving a niche market of cryptocurrency and e-currency exchange businesses. Established in 2015 and operating from Dubai, UAE, the company has built a reputation with over 250 exchangers on BestChange, offering multilanguage interfaces, security features, and a variety of modules to enhance exchange operations. The website reflects a mature business with a clear focus on software licensing and support services for financial technology providers. Technically, the website is built on WordPress CMS with a modern but somewhat traditional tech stack relying heavily on jQuery libraries and external analytics tools such as Google Analytics and Yandex Metrika. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Hosting and DNS services leverage Cloudflare, although DNSSEC is not enabled, representing a minor security gap. Security posture is reasonably strong from a software perspective, with multiple built-in protections against common web attacks and transaction security measures. However, the website lacks formal published security policies, incident response contacts, and security headers, which are important for trust and compliance. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms, which could pose regulatory risks. Overall, the website is functional, professional, and trustworthy within its niche but would benefit from enhanced privacy compliance and formal security documentation to improve its risk profile and customer confidence.

I

iEXExchanger FZCO

mafincash.com

55

MafinCash operates as a cryptocurrency and P2P electronic money exchange platform, targeting users interested in digital currency trading and electronic money transactions. The business appears to be a niche player in the finance and technology sectors, with a focus on providing exchange services. The website is built using modern frontend technologies such as Angular and Material Design, indicating a moderate level of digital maturity. However, the domain is very recently registered in 2024, which may suggest a new project or rebranding despite the business founding year of 2019. Security posture is limited with no detected security headers or published security policies, and privacy compliance is minimal due to the absence of privacy and cookie policies. Overall, the website is accessible and functional but lacks critical compliance and security documentation.

P

Pinterest

pinterest.com.au

70

Pinterest is a globally recognized technology company operating a leading visual discovery and social media platform. The website au.pinterest.com serves the Australian market segment, offering users access to a wide range of ideas including recipes, home decor, and style inspiration. The platform's business model centers on user-generated content and advertising revenue, positioning it as a major player in the technology and e-commerce sectors. The website demonstrates a high level of digital maturity with modern technologies such as React, advanced anti-bot and fraud prevention scripts, and robust hosting infrastructure on Amazon AWS. Security posture is strong, with HTTPS enforced and a comprehensive Content Security Policy in place, alongside third-party security services. However, the absence of explicit privacy and cookie policies, as well as lack of visible contact information for security incidents, indicates areas for compliance improvement. Overall, the site is professional, trustworthy, and safe for general audiences, reflecting Pinterest's enterprise status and market leadership.

H

Hugi Pro Sport GmbH

hugiprosport.ch

49

Hugi Pro Sport GmbH is a Swiss-based company founded in 2011, serving as the official Swiss general representative for the tennis and squash brand Tecnifibre. The company operates a professional website targeting both end customers and registered dealers, offering an online shop for sports products. The business model combines B2C and B2B e-commerce, focusing on retail distribution within Switzerland. The website is well-branded, consistent, and provides clear contact information, enhancing trust and credibility. Technically, the website is built on Joomla CMS with modern frameworks like Bootstrap 5 and integrates various libraries such as jQuery and Smart Slider 3. It uses Google Analytics for visitor tracking and is mobile-optimized with good SEO practices. Performance is moderate, and accessibility is basic but functional. Security is enforced via HTTPS with anonymized IP tracking in analytics, though some security headers are missing, and no explicit cookie consent mechanism is present. The security posture is solid but could be improved by adding standard security headers and formalizing incident response policies. No vulnerabilities or suspicious activities were detected. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website presents a professional and secure platform for its retail operations. Strategic recommendations include implementing a cookie consent banner to enhance GDPR compliance, adding missing security headers, and publishing a security policy or incident response contact to improve transparency and readiness.

F

Fourteen SA

14fourteen.com

63

14Fourteen is a Swiss-based company specializing in premium tennis apparel and sportswear, emphasizing Swiss quality and Italian design. The website serves as a corporate information portal and links to an e-commerce shop for tennis gear and accessories. The company positions itself in the premium sportswear market targeting tennis players and enthusiasts. Technically, the site is built on the BigCommerce platform using the Stencil framework, with integration of modern web technologies such as Google Fonts and Google Analytics 4. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and published privacy or security policies. No direct contact emails or phone numbers are found on the corporate site, which may impact user trust. Overall, the domain registration data supports the legitimacy and maturity of the business. Strategic improvements include publishing comprehensive privacy and terms of service pages, enhancing security headers, and providing clear contact information to improve trust and compliance.

A

aquiferdist.com

aquiferdist.com

60

The website www.aquiferdist.com presents minimal accessible content, primarily a React application shell with no visible business description, metadata, or contact information. The domain WHOIS data is missing, indicating the domain may be unregistered, expired, or otherwise not properly registered, which raises significant legitimacy concerns. The technical infrastructure includes modern frontend technologies such as React and Google Tag Manager, but lacks essential SEO metadata and security headers. The absence of privacy and cookie policies, contact details, and trust indicators further diminishes the site's credibility and compliance posture. Overall, the site appears incomplete or under development, limiting its utility and trustworthiness.