Real Estate security reports

P

Persimmon Homes

persimmonhomes.com

73

Persimmon Homes is a leading UK home builder established in 1972, operating nationwide with a strong market presence and recognized 5 Star builder status. The company offers a wide range of new homes and supportive buying schemes targeting first-time buyers and families. Their website reflects a mature digital infrastructure using Umbraco CMS, integrated analytics, and marketing tools, with a focus on user experience and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response disclosures could be improved. The absence of WHOIS data is a notable concern but does not detract from the overall legitimacy indicated by the website content and branding. Strategic recommendations include enhancing security headers, publishing security policies, and improving domain transparency.

Haddonstone is a specialist company focused on the design and manufacture of high-quality architectural and garden cast stone products. Their website presents a professional e-commerce platform built on WordPress and WooCommerce, targeting architects, builders, and homeowners interested in premium stonework. The site integrates multiple marketing and analytics tools, including Google Analytics, Facebook Pixel, and CrazyEgg, supported by a robust cookie consent mechanism via Cookiebot. Technically, the website is well-structured with modern technologies and good mobile optimization, although some areas such as explicit privacy policy and contact information are lacking. Security posture is strong with HTTPS and consent management, but could be improved with additional security headers and incident response details. WHOIS data is unavailable, which slightly impacts trust but does not negate the overall legitimacy indicated by the website content and technical setup.

B

Bowditch & Dewey

bowditch.com

62

Bowditch & Dewey is a professional law firm operating primarily in Massachusetts with offices in Boston, Framingham, Plymouth, and Worcester. The firm offers a broad range of legal and financial strategy services tailored to organizations and individuals, focusing on areas such as litigation, estate planning, business succession, and real estate law. Their website reflects a mature digital presence with comprehensive content, client resources, and multiple communication channels, positioning them as a reputable regional legal service provider. Technically, the website is built on WordPress and leverages modern web technologies including jQuery, Google Tag Manager, Google Analytics, and Hotjar for analytics and user experience insights. The site is well-optimized for SEO, accessibility, and mobile responsiveness, indicating a good level of digital maturity. Cookie consent and privacy mechanisms are implemented in compliance with GDPR, enhancing user trust and regulatory adherence. From a security perspective, the site enforces HTTPS and uses reputable third-party services. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data due to privacy protection slightly reduces transparency but is common for professional services. Overall, the security posture is solid with room for improvement in header implementation and form security. The overall risk assessment is low, with the firm demonstrating strong professionalism and compliance. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and ensuring robust form protections. These steps will further strengthen trust and security culture, supporting long-term business resilience.

Magpie Property Management operates as a local estate and letting agency based in St Neots, Cambridgeshire, UK. The company provides property sales, lettings, and management services targeting property buyers, renters, landlords, and property owners in the local area. The website presents a professional appearance with clear branding and relevant content focused on real estate services. However, the domain WHOIS data indicates that the domain 'www.magpieproperty.co.uk' is invalid under Nominet UK naming rules, suggesting possible misconfiguration or use of a subdomain rather than a registered domain. This discrepancy warrants caution regarding domain legitimacy. Technically, the website uses modern web technologies including Bootstrap, Font Awesome 6 Pro, and various JavaScript libraries for UI enhancements. The site includes a cookie consent mechanism compliant with GDPR principles, but lacks explicit privacy policy and terms of service pages. No security headers were detected in the provided data, and no analytics or tracking beyond cookie consent were found. The site appears mobile-optimized with good design and navigation. From a security perspective, the site benefits from cookie consent but lacks visible security headers and formal privacy documentation. The absence of WHOIS registration data and domain registration issues reduce trustworthiness. No vulnerabilities or adult content were detected. Overall, the security posture is moderate but could be improved with better documentation and security best practices. The overall risk assessment suggests the business is legitimate and professional in its operations but should address domain registration clarity and enhance security and privacy compliance to improve trust and reduce potential risks.

F

Frost Meadowcroft

frostmeadowcroft.com

62

Frost Meadowcroft is a well-established commercial property consultancy based in West London, specializing in commercial sales and office lettings. The company positions itself as the largest commercial property agency in West London, with a strong market presence in the western fringe and West End areas. Their key services include commercial agency, valuation, lease advisory, sales and investment, and ESG consulting. The website reflects a professional and consistent brand image, targeting commercial clients seeking office and commercial spaces in West London. Technically, the website is built on WordPress using popular plugins such as Yoast SEO and WPBakery Page Builder, with integrations for Google Analytics and a cookie consent mechanism via CookieYes. The site demonstrates good mobile optimization and SEO practices, although performance is moderate and accessibility features are basic. Hosting and domain registration are consistent with the UK location of the business. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks security headers and DNSSEC, which are recommended for enhanced protection. The cookie consent implementation is comprehensive, supporting GDPR compliance, but no privacy policy or terms of service pages were detected, representing a compliance gap. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, Frost Meadowcroft's website presents a credible and professional digital presence with moderate technical maturity and a good security baseline. Strategic improvements in security headers, privacy documentation, and accessibility would enhance compliance and trustworthiness.

O

Oliver Minton

oliverminton.com

60

Oliver Minton is a well-established real estate agency specializing in village and rural properties in Hertfordshire, UK. With over 26 years of experience and multiple local offices, the company offers a range of services including property sales, lettings, auctions, and mortgage advice. The website reflects a professional and user-friendly digital presence built on WordPress with modern tools such as Elementor and Yoast SEO. The site includes a cookie consent mechanism supporting GDPR compliance but lacks explicit privacy policy and terms of service pages. Security posture is generally good with HTTPS and no visible vulnerabilities, though security headers and incident response information are absent. WHOIS data is unavailable or privacy protected, limiting domain trust verification. Overall, the website is credible and functional, serving its target audience effectively.

Llewellyn & Co is a small, family-owned independent estate and lettings agency specializing in the West London housing market. The company offers a range of services including property lettings, sales, valuations, and landlord support, targeting landlords and tenants in areas such as Hammersmith, Shepherds Bush, and Chiswick. The website reflects a local market focus with a professional but basic online presence, emphasizing personal service and local expertise. Technically, the website is built on ASP.NET WebForms and uses older JavaScript libraries such as jQuery 1.4.2 and Colorbox for UI elements. While functional, the technology stack is outdated, which may pose security and performance challenges. The site includes basic SEO and accessibility features but lacks modern optimizations and mobile responsiveness is limited. From a security perspective, the site shows some positive indicators such as a cookie consent banner and use of HTTPS (implied but not confirmed). However, it lacks important security headers and uses outdated libraries with known vulnerabilities. The WHOIS data is unavailable or invalid, which raises concerns about domain registration legitimacy. No incident response or security policy information is provided. Overall, the website is moderately trustworthy and functional for its business purpose but requires technical and security improvements. The lack of valid WHOIS data and outdated technology stack are key risk factors. Strategic recommendations include updating the technology stack, enhancing security headers, verifying domain registration, and improving privacy compliance to strengthen trust and security posture.

L

Lindsays LLP

lindsays.co.uk

76

Lindsays LLP is a well-established Scottish law firm and estate agency with a history dating back to 1815. The firm offers a comprehensive range of legal services including family law, employment law, commercial law, dispute resolution, residential property, corporate law, and support for charities and rural clients. With multiple offices across Scotland, Lindsays positions itself as a trusted legal partner delivering expertise with a human touch. The website reflects a professional and client-focused business model targeting individuals, families, businesses, and charitable organizations within Scotland. Technically, the website employs modern web technologies such as JavaScript, Bootstrap, Google Tag Manager, and Cloudflare for security and performance. It features advanced cookie consent management and analytics tools including Google Analytics, Microsoft Clarity, and Facebook Pixel, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site enforces HTTPS, uses Cloudflare for DDoS protection, and implements multiple security headers. Cookie consent and privacy policies are comprehensive and GDPR compliant. However, explicit security policy pages and incident response contacts are not found, representing areas for improvement. No vulnerabilities or suspicious content were detected. Overall, Lindsays LLP demonstrates a strong security posture, high business credibility, and excellent content quality. The domain WHOIS data for the www subdomain is unavailable due to Nominet UK naming rules, but this does not detract from the legitimacy of the main domain and business. Strategic recommendations include publishing a dedicated security policy, vulnerability disclosure, and incident response information to enhance trust and compliance.

I

IRS

irsscotland.com

63

IRS Construction is a UK-based company specializing in external wall insulation and building cladding services. Positioned as an industry leader within the UK construction sector, the company targets property developers, owners, and construction professionals seeking specialized cladding and insulation solutions. The website is professionally designed using the Wix platform, featuring clear branding and contact information, including a UK phone number and physical address in Airdrie. Structured data is implemented to enhance search engine visibility and provide business details. Technically, the website leverages Wix's Thunderbolt framework and standard web technologies, offering moderate performance and good mobile optimization. However, the absence of privacy and cookie policies, as well as the lack of security headers, indicates room for improvement in compliance and security practices. The WHOIS lookup failed due to domain naming rules violations, limiting the ability to verify domain registration details and reducing trustworthiness from a domain legitimacy perspective. Overall, the site is safe, professional, and functional but would benefit from enhanced privacy compliance and security hardening.

D

Douglas Land Surveys Ltd

douglas-land-surveys.co.uk

61

Douglas Land Surveys Ltd is a well-established land surveying company based in Dundee, Scotland, with over 25 years of experience. The company offers a comprehensive range of surveying services including topographic surveys, 3D laser scanning, hydrographic surveys, volumetric works, boundary resolution, and title deed preparation. Their client base includes individual property owners and large-scale developments such as wind farms and hydroelectric schemes, primarily serving the Scottish mainland, islands, and parts of northern England and Ireland. The business model focuses on providing professional, reliable, and timely surveying services with a strong emphasis on quality and client satisfaction.

Law Office of John Q Gale LLC is a small, full-service law firm based in Hartford, Connecticut, specializing in a variety of legal areas including administrative law, bankruptcy, business law, personal injury, probate law, real estate, and estate planning. The firm targets individuals and small businesses, offering free half-hour consultations to attract clients. The website presents a professional image with clear navigation, positive customer reviews, and integration of accessibility tools, reflecting a commitment to client service and compliance. Technically, the site is built on the Hibu platform, uses modern JavaScript libraries such as jQuery, and embeds multimedia content like YouTube videos and maps via Mapbox, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy and cookie policies are present but basic, with GDPR compliance not explicitly stated. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and security disclosures.

P

Park Lane Windows

parklanewindows.co.uk

55

Park Lane Windows is a well-established family-run business specializing in the supply and installation of high-quality, energy-efficient windows, doors, conservatories, and home extensions primarily serving Northamptonshire and surrounding counties in the UK. The company holds multiple trust certifications including FENSA registration and Which? Trusted Trader status, reflecting a strong market position and customer trust. Their website effectively showcases their product range and services, targeting homeowners and property owners seeking reliable home improvement solutions. Technically, the website is built on WordPress with Elementor and integrates modern tracking and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, security headers present, and no exposed sensitive data, although the absence of a public security policy and incident response information suggests room for improvement. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a dedicated privacy policy page. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, with moderate tracking and analytics usage. Strategic recommendations include publishing comprehensive privacy and security policies and enhancing accessibility features to further strengthen compliance and user trust.

Stanley Motta Limited is a publicly listed real estate development company based in Jamaica, specializing in commercial office space leasing and property management. The company owns and operates 58 HWT, a major business process outsourcing and technology park in Kingston, offering over 300,000 square feet of commercial office space on prime land. Their business model focuses on triple-net leases denominated in US dollars, targeting investors and commercial tenants in the Caribbean region. Technically, the website is built on WordPress using the Elementor framework, integrating modern web technologies such as jQuery and YouTube API for multimedia content. Google Analytics is employed for visitor tracking, complemented by a GDPR-compliant cookie consent mechanism. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the website uses HTTPS with a valid SSL certificate and employs domain transfer protection. However, it lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the website presents a professional and trustworthy digital presence for Stanley Motta Limited, with a solid security posture and compliance framework. Strategic improvements could include enhancing security headers, publishing a security policy, and expanding accessibility features to further strengthen trust and compliance.

The Wallingford Window Company Ltd is a small UK-based business specializing in the supply and installation of UPVC and aluminium replacement windows, doors, conservatories, and related home improvement products. The company positions itself as a local specialist with expertise and FENSA registration, targeting homeowners and property managers seeking quality home improvement solutions. The website presents a professional design with clear navigation and customer testimonials, supporting its credibility in the market. Technically, the website uses a basic tech stack including jQuery 1.12.4 and is hosted via GoDaddy. The site is mobile optimized and uses HTTPS, but lacks modern security headers and uses an outdated JavaScript library, which could pose security risks. There is no evidence of analytics or tracking services, and privacy and cookie policies are absent, indicating limited privacy compliance. From a security perspective, the site shows moderate posture with HTTPS enabled but missing important security headers and policies. The WHOIS data presents a significant anomaly with a domain creation date in the future, which undermines trust in the domain registration information. No incident response or vulnerability disclosure mechanisms are present. Overall, the website is functional and professional but requires improvements in security practices, privacy compliance, and domain registration transparency to enhance trustworthiness and reduce risk.

G

Villa Rentals Algarve | Luxury Villas with Pools in Quinta do Lago, Dunas Douradas and Vale do Lobo

goldentriangleproperties.com

53

Golden Triangle Properties operates a website offering luxury villa rentals in the Algarve region of Portugal, focusing on premium resort areas such as Quinta do Lago, Vilamour, and Vale do Lobo. The business model centers on vacation rental services targeting tourists seeking high-end accommodations with private pools. The website content is relevant and targeted but lacks comprehensive business and contact information, which limits transparency and trustworthiness. Technically, the website employs modern web technologies including React, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site appears moderately optimized for mobile devices and SEO, though accessibility features are basic. Performance is moderate with asynchronous loading of key scripts. From a security perspective, the site uses HTTPS but lacks visible security headers and published privacy or cookie policies, indicating gaps in compliance and best practices. The absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and privacy disclosures are recommended. Overall, the website presents a professional front for a small luxury villa rental business but requires enhancements in compliance, security posture, and transparency to improve trust and reduce risk.

W

Wilkes-Green + Hill Ltd

wilkesgreenhill.co.uk

59

Wilkes-Green + Hill Ltd is an independent, award-winning estate agency based in Penrith, Cumbria, established in 1996. The company specializes in property sales, lettings, valuations, and landlord/tenant services, targeting local property buyers, sellers, landlords, and tenants. The website reflects a professional and trustworthy business with clear branding, comprehensive service descriptions, and multiple trust indicators including certifications and customer testimonials. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Swiper.js, and Google reCAPTCHA v3, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a credible and professional digital presence for a small real estate business.

J

JP Harris Developments Ltd

jpharris-developments.co.uk

63

JP Harris Developments Ltd is a small, family-owned property renovation specialist based in Reading, UK, offering a range of building services including house extensions, new builds, kitchen and bathroom installations, and loft and garage conversions. The company emphasizes reliability, quality workmanship, and customer satisfaction, supported by positive testimonials and a professional online presence. The website is well-structured, mobile-optimized, and uses modern web technologies and analytics tools, indicating a moderate level of digital maturity. Security measures include HTTPS and CAPTCHA protections on forms, but lack some advanced security headers and published security policies. The WHOIS data for the domain is unavailable due to a naming rules error, which raises concerns about domain registration legitimacy, though the website content itself appears professional and trustworthy. Overall, the site presents a credible business with room for improvement in security transparency and domain registration clarity.

Fairmitre (Shropshire) Windows & Conservatories Ltd is a well-established family-owned business operating since 1982, specializing in manufacturing and installing high-quality conservatories, orangeries, windows, and doors primarily serving the Shropshire region. The company emphasizes personalized service, competitive pricing, and maintains a showroom for customer visits. Their market position is that of a trusted local provider with certifications that enhance credibility. Technically, the website is built on WordPress with modern technologies such as Tailwind CSS and Alpine.js, and includes SEO optimization via Yoast. It employs Google Analytics and Google reCAPTCHA for analytics and security respectively. The site is mobile-optimized and provides a good user experience, though some accessibility features could be improved. From a security standpoint, the site uses HTTPS and reCAPTCHA but lacks important security headers and formal privacy or cookie policies, indicating room for compliance and security posture enhancement. The WHOIS data for the domain is unavailable due to an invalid domain name error, which raises concerns about domain registration legitimacy but does not directly impact the website's operational legitimacy. Overall, the website presents a professional and trustworthy business front with minor technical and compliance gaps. Strategic improvements in security headers, privacy compliance, and domain registration verification are recommended to strengthen trust and security.

P

Powells Rural Property Professionals Limited

powellsrural.co.uk

62

Powells Rural Property Professionals Limited operates as a specialist rural property, land, and development agency based in the United Kingdom. The company offers a comprehensive range of services including estate agency, asset management, planning and development, professional rural services, and land promotion. Their market position is strengthened by multiple industry accreditations such as RICS and NFU Rural Surveyor, reflecting a trusted and professional presence in the rural property sector. The website is well-designed, mobile-optimized, and provides clear navigation and comprehensive content relevant to their target audience of rural landowners and property investors. Technically, the website is built on Silverstripe CMS 4.13 with modern responsive design elements and uses standard web technologies such as Bootstrap and FontAwesome. Performance is moderate with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and explicit security policies are absent. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism. The security posture is generally strong, with no detected vulnerabilities or exposed sensitive data. However, the absence of WHOIS data due to domain registration issues introduces some uncertainty regarding domain legitimacy. Despite this, the professional presentation and trust indicators on the website support a high level of business credibility. Overall, the site represents a secure, professional, and trustworthy digital presence for Powells Rural Agency. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure information, and improving transparency around domain registration to strengthen trust further.

C

Claridge Interiors

claridgeinteriors.co.uk

65

Claridge Interiors is a UK-based small business specializing in interior design and home renovation services, including kitchens, bathrooms, bedrooms, and offices. The company emphasizes a collaborative design-to-build process and leverages over 30 years of experience to deliver high-quality workmanship and customer satisfaction. Their website reflects a professional and consistent brand image with clear contact information and customer testimonials that enhance trust. Technically, the website is built on WordPress using modern technologies such as Bootstrap 4, jQuery, and FontAwesome. It is mobile-optimized and includes SEO best practices. Google Analytics is implemented for user tracking and external link event monitoring. However, some security best practices like security headers and cookie consent mechanisms are missing. From a security perspective, the site uses HTTPS with a good SSL configuration and secure forms. There are no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are present, indicating some level of GDPR compliance, though the absence of a cookie consent banner is a gap. No incident response or security policy information is publicly available. Overall, the website is trustworthy and professionally maintained with a good security posture for a small business. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance compliance and user trust.

A

Anchor Building Services

anchorbuildingserviceslancashire.co.uk

47

Anchor Building Services is a small, local UK business specializing in building repair and treatment services such as damp proofing, woodworm treatment, rot repair, and waterproofing. The company emphasizes its extensive experience and offers guarantees on key services, targeting homeowners and property owners in Blackburn and surrounding Lancashire areas. The website is built on WordPress with common plugins and hosted by a reputable UK provider, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and anti-spam measures but lacks advanced security headers and incident response disclosures. Privacy policies exist but lack active consent mechanisms, indicating partial GDPR compliance. Overall, the website presents a trustworthy and professional image with room for security and privacy improvements.

N

Norgate Builders Ltd

norgatebuilders.co.uk

62

Norgate Builders Ltd is a small, established building and contracting company based in North Walsham, Norfolk, with a long trading history of 120 years. The company offers a wide range of construction services including renovations, extensions, plastering, roofing, barn conversions, and joinery. Their target audience includes residential and commercial property owners in Norfolk and surrounding areas. The website is professionally designed, mobile-optimized, and provides clear contact information and social media presence, enhancing business credibility. Technically, the site uses modern JavaScript libraries such as jQuery and Snowplow analytics, hosted on the Yell.com multiscreensite platform, with good SEO and performance characteristics. Security posture is solid with HTTPS enforced and CAPTCHA-protected contact forms, though some security headers are missing and no explicit security policies are published. The WHOIS data is unavailable due to domain registration errors, which raises concerns about domain legitimacy despite the professional website content. Overall, the site is trustworthy but would benefit from improved domain registration transparency and enhanced security disclosures.

B

Bajotecho

bajotecho.com.mx

63

Bajotecho is a professional real estate agency based in Mexico, specializing in the buying and selling of properties with a focus on personalized service and certified expertise through AMPI. The company offers comprehensive services including professional photography, social media marketing, legal and fiscal advisory, and client support to maximize property value. Their market position is that of a trusted, small-sized agency with a clear emphasis on quality and client trust. Technically, the website is built on a modern Next.js framework with React, ensuring fast performance, mobile optimization, and good accessibility. The site uses HTTPS with strong security headers, indicating a solid security posture. However, there is no visible cookie consent mechanism or published security/incident response policies, which are areas for improvement. Security-wise, the site demonstrates good practices such as secure forms and no exposed sensitive data, but the absence of WHOIS data limits full trust verification of the domain. The privacy policy is comprehensive and GDPR compliant, supporting privacy compliance. Overall, the website is professional and trustworthy but would benefit from enhanced transparency in security and privacy mechanisms. Strategically, Bajotecho should focus on publishing terms of service, cookie consent, and security policies to improve compliance and trust. Verifying and publishing domain registration details would also enhance legitimacy. These steps will strengthen their security posture and business credibility in the competitive real estate market.

S

SIA Madara

madara.lv

48

SIA Madara operates a website focused on providing office and industrial space rental services in Jelgava, Latvia, alongside metal container sales and machine building services. The company targets local businesses and industrial clients seeking large rental spaces and related manufacturing products. The website is professionally designed with clear navigation and multilingual support, primarily in Latvian with English and Russian options. The technical infrastructure employs a variety of JavaScript libraries and frameworks, including jQuery, Bootstrap, and Google Maps API, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, though accessibility features are basic. Security posture is moderate; while HTTPS is presumed, no explicit security headers or incident response policies are evident. Privacy compliance is good, with a clear privacy policy and cookie consent mechanism implemented. Business credibility is supported by clear contact information and a certification page, though the absence of terms of service and incident response contacts are noted. Overall, the website presents a trustworthy and professional front for a small local business with room for security and compliance improvements.

3

3PIĘTRO

3pietro.eu

42

3PIĘTRO is a small real estate agency based in Poland, specializing in property sales, rental management, and home staging services primarily in Sosnowiec and nearby cities. The website presents a professional and content-rich platform with detailed property listings and team member contacts, supported by active social media channels. Technically, the site uses a custom real estate CMS with common web technologies such as jQuery, Bootstrap, and Google Fonts, delivering a moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks important security headers and explicit privacy or cookie policies, which are compliance gaps. WHOIS data is unavailable due to registry privacy, limiting domain trust assessment, but the website content and structure indicate a legitimate local business. Overall, the site scores moderately well in content quality and business credibility but should improve privacy compliance and security best practices.

K

Kancelaria Doradztwa Podatkowego Monika Magda Brzostowska

mmbkancelaria.pl

59

Kancelaria Doradztwa Podatkowego Monika Magda Brzostowska is a boutique tax advisory and accounting firm based in Białystok, Poland, founded in 2022. The company specializes in providing tailored tax consulting, accounting, and legal services primarily to entrepreneurs, influencers, and niche sectors such as IT, real estate development, and medical industries. Their market position is that of a specialized boutique firm with a strong focus on personalized client relationships and ethical advisory practices. The website reflects a professional and trustworthy image with comprehensive service descriptions and client testimonials. Technically, the website is built on WordPress, leveraging modern web technologies including jQuery, Slick Carousel, and Google services for analytics and tag management. The site is hosted by home.pl sp. z o.o., a reputable Polish hosting provider. Performance is moderate with good mobile optimization and SEO practices in place. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. From a security perspective, the site enforces HTTPS and uses reputable plugins for GDPR compliance and contact forms. However, DNSSEC is not enabled, and some security headers are not explicitly present, representing opportunities for improvement. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business profile and location, enhancing trustworthiness. Overall, the website demonstrates a strong digital presence with good content quality, technical implementation, and privacy compliance. Strategic recommendations include enhancing security headers, enabling DNSSEC, and adding explicit security and incident response policies to further strengthen trust and compliance.

N

Nomo

nomoview.pl

54

Nomo is a newly established Polish company specializing in architectural window and glazing solutions that emphasize natural light and harmony with the environment. Their business model focuses on delivering premium fenestration products such as sliding windows, large-format panoramic windows, aluminum facades, interior partitions, winter gardens, and all-glass balustrades. The website reflects a professional and consistent brand image targeting homeowners and architectural clients seeking high-quality, design-oriented solutions. Technically, the site is built on WordPress with modern SEO plugins and JavaScript libraries, hosted by a reputable Polish provider. Security posture is adequate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is clearly presented, supporting business credibility.

O

Pracownia architektury krajobrazu Łódź - eksperci ogrodów 🌿

ogrodniak.pl

59

Ogrodniak.pl is a professional landscape architecture studio based in Łódź, Poland, specializing in designing, creating, and maintaining private and commercial gardens. The website presents a strong market position as a local expert with a comprehensive range of services including garden design, lawn installation, garden care, fertilization, irrigation systems, and use of professional gardening equipment. The business targets individual clients, companies, and property managers, emphasizing quality, sustainability, and attention to detail. Technically, the website is built on modern frameworks such as Next.js and hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS, security headers, and Google reCAPTCHA integration, although explicit privacy and cookie policies are missing, which impacts privacy compliance. Overall, the site is professional, trustworthy, and well-structured, but could improve transparency and compliance documentation.

NICENA.LV is a Latvian online platform specializing in real estate transaction data, listings, and market statistics. It targets users interested in the Latvian property market, including buyers, sellers, renters, and analysts. The platform offers detailed filters for neighborhoods, cities, and regions, and provides interactive statistics and data exports. Some features like property listings and blogs are still under development. The website is built on a modern React and Next.js stack with Material-UI components, ensuring good mobile optimization and user experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, though security headers and incident response policies are not explicitly present. Overall, the site is safe, professional, and compliant with GDPR requirements.

E

Ela Works

elaworks.lv

54

Ela Works is a small architecture and interior design studio based in Riga, Latvia, operating under the brand Le Classy Design. The company offers architectural and interior design services, including online interior design, targeting clients seeking professional design solutions. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS3, and JSON-LD structured data. The technical infrastructure is modern and adequate for a small design studio, with moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and some security-related scripts in place, though it lacks comprehensive security headers and incident response information. Privacy compliance is minimal, with no visible privacy or cookie policies, which is a notable gap. Overall, the website presents a professional image with consistent branding and relevant content, but could improve in privacy and security transparency.

E

Efficax.estate

efficax.estate

46

Efficax.estate operates as a small real estate agency specializing in property sales and valuations in the Alicante province of Spain, particularly in areas such as Torrevieja, La Mata, and Punta Prima. The website targets international property buyers and sellers, offering multilingual support and services including free property tours and expert valuations. The business appears to be established around 2020, consistent with the domain's creation date inferred from structured data. Technically, the website is built on WordPress using Elementor and the Houzez theme, providing a modern and responsive user experience with good SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvements. Overall, the site presents a professional image with clear contact channels via phone and WhatsApp, but would benefit from enhanced privacy and security disclosures to strengthen trust and regulatory compliance.

B

Baumann GmbH

umbaumann.ch

70

Baumann GmbH is a Swiss-based small business specializing in construction project management, renovations, and remodeling services primarily serving private homeowners in the Luzern region. Their website clearly communicates their core competencies including Bauleitungen (construction management), Projektleitungen (project management), and various types of Umbauten (renovations and remodeling). The company positions itself as a reliable partner offering end-to-end services from planning to turnkey handover, supported by a network of skilled craftsmen. The website content is professionally presented in German, targeting local customers seeking quality home improvement solutions. Technically, the website is built on the CONTENS CMS platform and leverages modern JavaScript libraries such as jQuery and Flickity for interactive galleries. It integrates Google Tag Manager for analytics and CookieHub for cookie consent management, indicating a moderate level of digital maturity. The site is mobile-optimized with good SEO practices and a clear navigation structure, enhancing user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security headers are not detected in the provided data, and there is no visible security policy or incident response contact information. No vulnerabilities or suspicious content were found, but improvements in security headers and transparency around security policies would strengthen the security posture. Overall, Baumann GmbH presents a trustworthy and professional online presence suitable for its business scope. The risk level is low with recommendations to enhance security best practices and incident response readiness to further protect customer data and build trust.

A

Acht Grad Ost AG

achtgradost.ch

50

Acht Grad Ost AG is a well-established Swiss engineering and surveying firm with a 75-year history, specializing in geomatics, geoinformation systems, and engineering surveying services. The company operates multiple offices in Switzerland and targets professional clients in engineering, urban planning, and related sectors. Their website reflects a professional and consistent brand image, providing clear contact information and service descriptions. Technically, the site is built on WordPress with modern libraries such as Bootstrap and Leaflet.js, and integrates Google Analytics for user tracking. Security posture is solid with HTTPS enforced, but lacks some advanced security headers and published security policies. Privacy compliance is partially met with a comprehensive privacy policy but no visible cookie consent mechanism. Overall, the website is trustworthy, professional, and well-positioned in its market niche.

I

ImmoScout24

immoscout24.ch

59

ImmoScout24 is a leading Swiss real estate platform offering comprehensive services for buying, renting, and valuating properties. Owned by Scout24 AG, it serves a broad audience in Switzerland with a professional and user-friendly website. The platform integrates mortgage services and property advertising, positioning itself as a one-stop solution for real estate needs. Technically, the website employs modern JavaScript frameworks, CDN delivery, and robust consent management tools, ensuring fast performance and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

B

BTC d.d.

btc.si

48

BTC d.d. is a well-established Slovenian company specializing in real estate management, logistics, and retail operations, notably managing BTC City, one of Europe's largest shopping and business centers. The company targets business partners, tenants, and visitors, offering a broad range of services including property leasing, logistics, and event hosting. The website reflects a mature digital presence with multilingual support and strong SEO practices. Technically, the site is built on WordPress with modern plugins and optimized for performance and mobile use. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, BTC d.d. presents a trustworthy and professional online presence consistent with its business stature.

U

Udruga konzultantskih društava u graditeljstvu

ukdg.hr

45

UKDG is a Croatian non-profit association representing consulting companies in the construction sector. Founded in 2011, it aims to protect and enhance the business interests and reputation of its members by promoting professional standards and ethics. The website reflects a mature organization with clear business objectives, member services, and international affiliation through FIDIC membership. Technically, the site uses a modern stack including Bootstrap, jQuery, and various UI libraries, hosted under Croatian registrar CARNET with consistent domain registration data. Security posture is solid with HTTPS and cookie consent implemented, though it lacks explicit security policies and some security headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

TEGoVA (The European Group of Valuers' Associations) is a well-established European professional organization focused on valuation standards and education within the real estate sector. Founded in 1998, it serves valuation professionals and associations across Europe, providing standards, certifications, and advocacy. The website is built using modern web technologies such as React and Gatsby, delivering a professional and responsive user experience. Security posture is moderate with HTTPS enforced and domain registration protections in place, but lacks advanced security headers and explicit security policies on the site. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is credible and trustworthy but could improve in privacy and security transparency.

Z

Zagreb nekretnine d.o.o.

zane.hr

59

Zane nekretnine is a well-established Croatian real estate company operating since 1998, offering a comprehensive range of services including property brokerage, valuation, consulting, and market analysis. The company targets a general audience seeking real estate services in Croatia and maintains a professional online presence with a clear and consistent brand. The website is hosted on Akamai infrastructure, uses modern JavaScript libraries for UI components, and implements a cookie consent mechanism compliant with GDPR requirements. Security posture is solid with HTTPS enforced and CSRF protection in forms, though there is room for improvement in security headers and explicit security policies. Overall, the website is accessible, professional, and trustworthy, reflecting the company's long-standing market position.

G

Globe Trade Centre

gtcgroup.com

69

Globe Trade Centre (GTC) is a leading real estate investor and developer focused on commercial office and retail properties in Central and Eastern Europe (CEE) and South Eastern Europe (SEE). The company emphasizes sustainable business practices and ESG initiatives, targeting investors, tenants, and partners in the real estate sector. The website reflects a mature digital presence with structured investor relations, portfolio showcases, and news updates. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and is built on the Sitecore CMS platform, offering good mobile optimization and accessibility. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks visible security headers and explicit incident response information. The absence of WHOIS registration data is a notable concern, potentially indicating domain registration issues, though the professional website content suggests legitimacy. Overall, the site scores well on content quality and privacy compliance but should improve transparency on security policies and domain registration verification.

W

WFB Wirtschaftsförderung Bremen GmbH

ueberseestadt-bremen.de

57

The Überseestadt Bremen website represents a major urban development project managed by the WFB Wirtschaftsförderung Bremen GmbH, a public economic development entity in Bremen, Germany. The site provides comprehensive information about the project, including infrastructure, real estate, business opportunities, cultural events, and community engagement. It targets businesses, residents, and visitors interested in the evolving district. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Matomo analytics, with a responsive design and good accessibility features. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though security headers and cookie consent mechanisms could be improved. The domain registration aligns with the public nature of the project, and no suspicious patterns were detected. Overall, the site is professional, trustworthy, and well-maintained, supporting the project's goals effectively.

P

Pevně Spolu

pevnespolu.cz

45

Pevně Spolu is a Czech-based corporate group website associated with RADKA Group, focusing on recruitment and corporate services primarily in real estate and energy sectors. The site targets job seekers and partners, offering open positions and a CV submission form. The business model revolves around employment and corporate group services, positioning itself as a medium-sized regional player with several subsidiaries under the RADKA brand. Technically, the website is built on WordPress CMS, utilizing Gravity Forms for data collection and CookieHub for cookie consent management. It employs modern web technologies including jQuery and Google Fonts, and integrates Plausible Analytics for privacy-conscious visitor tracking. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good level of digital maturity. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure information. The absence of WHOIS registration data is a notable concern, impacting domain trustworthiness despite the professional presentation and corporate affiliations. Overall, Pevně Spolu presents a professional and compliant web presence with room for improvement in transparency and security documentation. Strategic enhancements in security headers, incident response visibility, and WHOIS data transparency would strengthen its risk posture and trustworthiness.

T

The Chartered Institute of Building

ciob.org

67

The Chartered Institute of Building (CIOB) is a well-established professional body founded in 1834, dedicated to advancing the science, ethics, and practice of construction management and leadership globally. The organization offers membership services, professional development courses, events, and industry support, positioning itself as a leading authority in the built environment sector. The website reflects a mature digital presence with a clear focus on education, member support, and industry engagement. Technically, the site is built on Drupal 10, leveraging modern web technologies and Google Tag Manager for analytics and marketing. It demonstrates good mobile optimization, accessibility compliance (AA certified), and a professional design that supports user engagement and navigation. The presence of multiple certifications such as Cyber Essentials and Disability Confident further underscores its commitment to security and inclusivity. From a security perspective, the site enforces HTTPS and employs recognized certifications, though explicit security headers could be more visible. Privacy compliance is robust, with clear cookie and privacy policies and consent mechanisms in place. However, no explicit incident response or vulnerability disclosure information is provided, which could be improved. Overall, CIOB's website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure policies, and providing clearer incident response contacts to further strengthen trust and security posture.

C

CIOB Jobs

ciobjobs.com

65

CIOB Jobs is a professionally maintained online job board and career resource platform affiliated with the Chartered Institute of Building. It serves the construction and building industry by providing job listings, career advice, training courses, and CPD resources. The website targets construction professionals and recruiters, positioning itself as an authoritative niche platform with a medium-sized operational scale and a founding date of 2009. The business model revolves around job advertising and career support services within the UK and global construction sectors. Technically, the site is built on WordPress with WooCommerce and uses modern tracking and analytics tools such as Google Analytics, Hotjar, and Google Tag Manager. Hosting and DNS are managed via Cloudflare, ensuring reliable infrastructure and domain security. The site demonstrates good SEO, mobile optimization, and accessibility standards. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, CIOB Jobs presents a trustworthy and professional digital presence with room for enhanced security and privacy practices.

B

Bouwen met Staal

brandveiligmetstaal.nl

38

Brandveiligmetstaal.nl is a specialized Dutch digital information platform dedicated to fire safety in steel constructions. It provides comprehensive resources, including practical design tools, publications, and expert support, primarily targeting construction professionals such as architects and engineers. The website is supported by recognized industry partners, enhancing its credibility and market position within the niche of fire-safe steel construction. Technically, the site employs a modern but standard web technology stack including Bootstrap, jQuery, and Font Awesome, ensuring a responsive and user-friendly experience. However, there is room for improvement in security practices, particularly in implementing security headers and privacy compliance mechanisms. The security posture is moderate with HTTPS usage but lacks advanced protections. Overall, the site is professional, trustworthy, and content-rich, but would benefit from enhanced privacy and security policies to align with best practices and regulatory requirements.

C

Construction Management

constructionmanagermagazine.com

64

Construction Management is a well-established UK-based construction industry magazine affiliated with the Chartered Institute of Building. It provides comprehensive news, technical articles, CPD modules, job listings, podcasts, and digital editions targeted at construction professionals and industry stakeholders. The website is professionally designed with excellent content quality and consistent branding, positioning it as a trusted media source in the construction sector. The business model relies on advertising, subscriptions, and content services, supported by a mature digital infrastructure.

C

Construction Management

constructionmanagement.co.uk

64

Construction Management is a professional UK-based construction industry magazine affiliated with the Chartered Institute of Building (CIOB). It provides construction news, technical articles, CPD modules, job listings, and digital editions targeting construction professionals and stakeholders. The website is published by Atom Publishing and holds a strong market position as the official CIOB magazine. The content is rich, relevant, and professionally presented, catering to a medium-sized audience within the construction and real estate sectors. The business model is primarily media and advertising-based with subscription options.

B

BTC d.d.

misijazeleno.si

48

BTC d.d. is a large Slovenian company specializing in sustainable urban development, real estate management, logistics, and innovation ecosystems. The company positions itself as a leader in sustainability with a strong focus on green energy, environmental protection, and social responsibility. Their website reflects a mature digital presence with comprehensive content, professional design, and clear navigation aimed at business partners, visitors, and the local community. Technically, the site is built on WordPress with modern plugins and SEO tools, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. Privacy compliance is well addressed with visible cookie consent and privacy policies. Overall, BTC d.d. demonstrates high business credibility and trustworthiness supported by multiple awards and certifications.

M

Mobimo Management AG

aeschbachquartier.ch

61

The website www.aeschbachquartier.ch represents the Aeschbachquartier Aarau, a mixed-use urban development project managed by Mobimo Management AG, a reputable Swiss real estate company. The site offers detailed information about residential, commercial, and community spaces, targeting residents, businesses, and visitors in Aarau. The business model centers on real estate development and management, with a medium-sized market presence in Switzerland. Technically, the website is built on Drupal 10 with Bootstrap 5, featuring embedded Vimeo videos and Matomo analytics configured to respect DoNotTrack settings. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is good with HTTPS enforced and some security headers present, though improvements are recommended in cookie consent and explicit security policies. No critical vulnerabilities or suspicious content were detected. Privacy compliance is adequate with a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Contact information is clear, though no direct email addresses are published. Overall, the site is professional, trustworthy, and aligned with the parent company Mobimo Management AG.

S

Saentys

saentys.com

60

Saentys is a specialized creative consultancy agency focused on the real estate destination sector, providing services such as placemaking, leasing, tenant engagement, investment, and corporate solutions. The company positions itself as a leading agency helping real estate assets stand out in competitive markets. The website is professionally designed using WordPress with modern SEO and tracking tools, reflecting a mature digital presence. Security posture is adequate with HTTPS and CAPTCHA protections, though improvements in security headers and published policies are recommended. Overall, the site is trustworthy and well-maintained, supporting the company's business credibility.

B

BOA arhitektid

boa.ee

47

BOA arhitektid is an established Estonian architecture firm specializing in architecture and main design services. Founded in 2011, the company presents a professional online presence showcasing a portfolio of architectural projects and competitions. The website is built on WordPress using the Divi theme, enhanced with Yoast SEO for search optimization. The technical infrastructure includes modern web technologies such as jQuery and Google Fonts, with hosting likely provided by Zone Media OÜ, an Estonian registrar and hosting provider. The site implements HTTPS and a cookie consent mechanism via CookieYes, reflecting a basic level of privacy compliance. However, explicit privacy policies and terms of service are not found, which could be improved for better compliance and user trust. Security posture is moderate with HTTPS enabled but lacks visible security headers and incident response contacts. Overall, the website is professional, well-structured, and suitable for its target audience of clients seeking architectural services.