MalwareTips
0
Trust score
DANGEROUS
Heuristics 0·MT 40
Category tags
malwarecompromised-site#Malware72% MT confidence
Technical red flags (1)
8 of 92 engines flagged

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
8/92
Engines flagged this URL
Domain Age
Registration date unknown
MT Intelligence
Suspicious
High likelihood · 72% confidence
DANGEROUS

Critical risk detected

3 of 92 antivirus engines flag this page as malicious. Multiple independent checks — antivirus engines, browser safety blocklists, and threat databases — flagged this site. Don't enter personal information, deposit money, or download files.

Website Preview

Screenshot of faisst-vorburger.ch
LIVE RENDER
faisst-vorburger.ch

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence
MT Security Analyst
High scam likelihoodengineMT · Guardiantrust40/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain faisst-vorburger.ch was a real architecture firm website registered to W. Faisst & B. Vorburger AG, a Swiss limited company founded in 1992 and specializing in building supervision and renovations in St. Margrethen. However, the company's registration was deleted on 13 May 2024. More critically, our threat intelligence flagged this domain as hosting a compromised WordPress installation that distributed Vidar Stealer malware as part of a Polygon ClickFix campaign in May 2026. Six antivirus engines (ADMINUSLabs, alphaMountain.ai, MalwareURL, Certego, CyRadar, ESET) detected malicious or suspicious activity. The current page content appears to be a rebuilt or restored version of the legitimate architecture site, but the malware history, company deletion, and ongoing detections indicate the domain remains compromised or at high risk of re-compromise.
Full dossier
Analysis complete

Page Content

The page presents as a German-language architecture and construction-supervision firm website with sections on projects, planning, renovations, and new builds. It lists contact details (phone, email, address in St. Margrethen, SG) and claims over 30 years of experience. No overt malware or phishing indicators are visible in the text or layout.

Infrastructure

The domain uses a valid SSL certificate (Let's Encrypt R13, 40 days to expiry) and resolves to IP 80.74.149.42, which has a clean abuse score (0/100) and no reported abuse history. The site loads external resources from legitimate CDNs (Google Fonts, Borlabs cookie consent) and social-media platforms. No suspicious redirects or homoglyph tricks detected.

Domain History

WHOIS data is unavailable, but business-registration records confirm W. Faisst + B. Vorburger Architektur + Bauleitung AG was a legitimate Swiss AG (CHE-106.084.941) founded in 1992. The company's registration was deleted on 13 May 2024 according to Moneyhouse and Swiss commercial-register entries. The domain is not indexed in global traffic rankings.

Web Reputation

Six antivirus engines flagged the domain as malicious or suspicious: ADMINUSLabs and alphaMountain.ai marked it malicious; MalwareURL flagged malware; Certego, CyRadar, and ESET marked it suspicious. Our threat-intelligence feed linked the domain to a compromised WordPress installation distributing Vidar Stealer malware as part of a Polygon ClickFix campaign (May 2026 reports). Browser blocklists remain clean, and our sandbox did not flag the current page. No scam reports, complaints, or positive reviews were found on consumer-review sites or general web searches.

Risk Factors
6
  • Domain was compromised and used to distribute Vidar Stealer malware via a Polygon ClickFix campaign (confirmed by threat-intelligence feed).
  • Six antivirus engines detected malicious or suspicious activity (ADMINUSLabs, alphaMountain.ai, MalwareURL, Certego, CyRadar, ESET).
  • Legitimate company (W. Faisst & B. Vorburger AG) was deleted from Swiss commercial register on 13 May 2024; domain may now be orphaned or under attacker control.
  • No postal address visible on the current page, despite the body text claiming to list contact details.
  • Domain not indexed in global traffic rankings, suggesting low or no legitimate traffic.
  • SSL certificate expires in 40 days; renewal or non-renewal could indicate abandonment or continued malicious use.
Positive Signals
5
  • Legitimate Swiss business registration confirmed (CHE-106.084.941, founded 1992).
  • Valid SSL certificate issued by Let's Encrypt.
  • Hosting IP has clean abuse reputation (0/100 score, no abuse reports).
  • Page content matches expected architecture-firm messaging (projects, services, contact info).
  • No evidence of typosquatting, brand impersonation, or phishing patterns.
AI Recommendation
Do not enter payment details, download files, or submit personal information on this site. The domain has a confirmed history of malware distribution and the legitimate company behind it was deleted from the Swiss registry in 2024. If you need architecture or construction services in Switzerland, verify the business directly through current Swiss commercial-register listings or local referrals.
Scam network detected
Related infrastructure identified

Domain was compromised and used to distribute Vidar Stealer malware. No evidence of a broader scam network or linked malicious domains, but the malware distribution indicates active compromise or attacker control.

Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for faisst-vorburger.ch, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
Registered · Switzerland
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
1 scam report
Key findings
6 headline facts from open-web research
  • Domain hosts (or recently hosted) a WordPress site listed by ThreatFox as compromised and used to distribute Vidar Stealer malware as part of a Polygon ClickFix campaign (May 2026 reports).
  • Company W. Faisst + B. Vorburger Architektur + Bauleitung AG was a registered Swiss AG (limited company) since 1992, specializing in architecture, building supervision, renovations, and new builds in St. Margrethen, SG.
  • Company status changed to deleted on 13 May 2024 according to Moneyhouse.ch commercial register data.
  • Current page content (as observed) presents as a legitimate architecture firm website in German with sections on projects, planning, renovations, new builds, and over 30 years experience; no overt malware indicators visible on main pages.
  • No consumer complaints, scam reports, or reviews found on Trustpilot, Reddit, ScamAdviser, or general web searches for "scam", "betrug", or "complaint".
  • No evidence of typosquatting or impersonation of major brands.
Scam reports (1)
Direct quotes from public scam databases, forums, and news.
  • ThreatFox (abuse.ch)open

    "Compromised WordPress site distributing Vidar Stealer via Polygon ClickFix campaign."

Business registration
Business record found

W. Faisst + B. Vorburger Architektur + Bauleitung AG, founded 1992 (CHE-106.084.941 / related UID CHE-177.058.296), deleted 13.05.2024 per Moneyhouse and commercial register entries. Previously active as architecture and construction supervision firm in St. Margrethen SG.

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research confirmed that W. Faisst + B. Vorburger Architektur + Bauleitung AG was a legitimate Swiss architecture and construction-supervision firm (CHE-106.084.941) founded in 1992 and based in St. Margrethen, SG. However, the company's registration was deleted on 13 May 2024 per Moneyhouse and Swiss commercial-register data. Critically, threat-intelligence sources linked this domain to a compromised WordPress installation that distributed Vidar Stealer malware as part of a Polygon ClickFix campaign (May 2026 reports). No consumer complaints, scam reports, or reviews were found on independent review sites or general web searches for the domain or company name.

Antivirus Engines

Detection matrix · live
8 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

3Malicious5Suspicious56Harmless92Engines
0
of 92
ADMINUSLabs
Malicious· malicious
alphaMountain.ai
Malicious· malicious
MalwareURL
Malicious· malware
Certego
Suspicious· suspicious
CyRadar
Suspicious· suspicious
ESET
Suspicious· suspicious
Gridinsoft
Suspicious· suspicious
SOCRadar
Suspicious· suspicious

8 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
Has a contact email on its own domain
Emails on site's domaininfo@faisst-vorburger.ch
Phone numbers+41 71 747 58 30
Postal addressNot listed
Linked social profiles3
Signal Summary
Contact details look reasonable
  • No postal address visible on the page.
  • Contact email on the site's own domain (info@faisst-vorburger.ch).
  • Phone number listed (+41 71 747 58 30).
  • Links to 3 social profiles.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · R13
ExpiresJul 27, 2026 (40d)
Self-signedNo
Hosting & Technology
HostingMETANET AG, Switzerland
Server locationCH
Web servernginx
Platform / CMSElementor 4.0.3; features: e_font_icon_s

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://faisst-vorburger.ch/
  • 2200https://faisst-vorburger.ch/

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPMETANET AG, Switzerland
Usage typeData Center/Web Hosting/Transit

Avoid this site

Our automated review flagged enough risk that you should treat this site as unverified.

  • Do not interact with faisst-vorburger.ch

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Verify the business through independent channels

    Check the company's social profiles, registry records, and search for recent news or reviews that are not hosted on the site itself.

  • Never use irreversible payment methods

    Crypto, gift cards, wire transfers, and cash apps offer zero buyer protection. Use a credit card or PayPal if you must pay.

  • Share your experience

    If you have additional context, drop a comment below or post on the MalwareTips forum.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

gmpg.orgfonts.googleapis.comal-webdesign.chfacebook.compolicies.google.cominstagram.comwiki.osmfoundation.orgtwitter.comvimeo.comborlabs.io

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags faisst-vorburger.ch as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — faisst-vorburger.ch scored 24/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. faisst-vorburger.ch presents a valid TLSv1.3 certificate issued by Let's Encrypt · R13, expiring in 40 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • 8 out of 92 antivirus engines in our malware network flagged faisst-vorburger.ch as malicious or suspicious (3 outright malicious). Even one detection is a meaningful signal.
  • No. faisst-vorburger.ch is not currently listed on the major browser blocklist feeds that modern browsers use.
  • faisst-vorburger.ch resolves to an IP operated by METANET AG, Switzerland in CH (usage type: Data Center/Web Hosting/Transit). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on June 17, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around faisst-vorburger.ch have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

0
Trust / 100
Final Verdict·faisst-vorburger.ch
DANGEROUS

This Swiss architecture firm's website was compromised and used to distribute Vidar Stealer malware. The company itself was legitimately registered but deleted in May 2024. The domain now shows a rebuilt site, but the malware history and company closure create significant risk.

Do not enter payment details, download files, or submit personal information on this site. The domain has a confirmed history of malware distribution and the legitimate company behind it was deleted from the Swiss registry in 2024. If you need architecture or construction services in Switzerland, verify the business directly through current Swiss commercial-register listings or local referrals.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust25
cashblox.gg
1m ago
Read the review
Dangeroustrust38
vxvault.net
2m ago
Read the review
Dangeroustrust1
download.cdn9mc.com
3m ago
Read the review
Dangeroustrust1
hk.uat.mizuhoscfglobal.com
51m ago
Read the review
Dangeroustrust1
hklogin.uat.mizuhoscfglobal.com
52m ago
Read the review
Dangeroustrust1
voyaimpresionarte.com
55m ago
Read the review
Dangeroustrust31
trafficheap.com
55m ago
Read the review
Dangeroustrust1
pay-heleket.cc
57m ago
Read the review
Dangeroustrust25
trafficheap.cc
57m ago
Read the review
Dangeroustrust70
umch.labtidy.com
2h ago
Read the review
Dangeroustrust1
brandmark.se
2h ago
Read the review
Dangeroustrust39
iptv-eldbert.xyz
2h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.