Security Directory

R

Raiffeisen Schweiz Genossenschaft

raiffeisen.ch

75

Raiffeisen Schweiz Genossenschaft is the second largest Swiss banking group, specializing in retail and corporate banking services. Founded in 1899, it offers a broad range of financial products including mortgages, investment services, insurance, and e-banking solutions. The website targets both private and business customers, providing comprehensive information and digital services. Technically, the site is built on Adobe Experience Manager with modern JavaScript frameworks and is optimized for mobile and accessibility. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site reflects a mature, trustworthy financial institution with a professional online presence.

The website www.koelliker-saibene.ch is a small personal or hobbyist site operated by Annemarie Koelliker and Roberto Saibene, showcasing travel photography and accompanying Tonbildshows (audio-visual presentations) from various countries. The site targets travel enthusiasts and photography lovers, offering galleries and photo books. Technically, the site is built on the Jimdo Creator platform, leveraging Jimdo's hosting and CDN infrastructure. It uses HTTPS and includes a cookie consent mechanism, but lacks advanced security headers and formal security or privacy policies. No contact emails or phone numbers are provided, limiting direct communication. The site is accessible without WAF or blocking mechanisms and contains no adult or questionable content. Overall, the site is functional and professionally presented for its niche but could improve in security and compliance documentation.

O

OSTWIND

ostwind.ch

56

OSTWIND is a regional public transport tariff association serving multiple Swiss cantons and Liechtenstein, uniting 30 transport companies under a unified zonal fare system. The website provides comprehensive information on ticketing, subscriptions, customer service, and travel tips, targeting public transport users in the region. The digital infrastructure employs modern web technologies including web components and embedded video content, with Google Tag Manager for analytics and marketing. The site is well-designed, mobile-optimized, and accessible, offering a positive user experience. Security posture is good with HTTPS enforced, but could be improved by adding standard security headers and publishing explicit security policies. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service pages detected. WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, OSTWIND’s website is professional and trustworthy, serving its audience effectively with room for security and compliance enhancements.

S

Surbana Jurong

surbanajurong.com

64

SJ Group is a global enterprise specializing in urban development, infrastructure, and managed services, owned by Temasek. The company offers a comprehensive portfolio of services including advisory, planning, design, construction, operations, and integrated solutions such as security and digital technology services. Their market position is strong with a presence in 40 countries and subsidiaries like SMEC, Atelier Ten, and Robert Bird Group. The website reflects a professional and consistent brand image with excellent content quality and SEO optimization. Technically, the website is built on WordPress with modern JavaScript libraries and integrations including HubSpot Analytics, Google Tag Manager, and Weglot for multilingual support. The site is mobile optimized, accessible, and performs moderately well. Security posture is good with HTTPS enforced and secure forms, though some security headers could be improved. Privacy compliance is adequate with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the security posture is strong with no visible vulnerabilities or exposed sensitive data. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common for enterprises. The website is trustworthy, professional, and safe for general audiences. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing incident response information.

Golf Lipperswil AG operates a well-established 4-star superior 27-hole golf course located in the canton of Thurgau, Switzerland. The website presents a comprehensive overview of the club's offerings including golf facilities, academy programs, restaurant services, and membership options. The business targets golf enthusiasts and visitors seeking quality golfing and hospitality experiences. The site is built on TYPO3 CMS, featuring modern web technologies and a cookie consent mechanism, reflecting a moderate to good level of digital maturity. Security posture is solid with HTTPS enforced and session management for members, though security headers and incident response policies are absent. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, user-friendly, and trustworthy, with no signs of malicious content or blocking mechanisms.

G

Golfclub Engelberg-Titlis

golfclub-engelberg.ch

68

Golfclub Engelberg-Titlis operates a well-established 18-hole golf course located in Engelberg, Switzerland, offering a blend of sport and nature with a mild mountain climate. The club targets golf enthusiasts including guests, members, juniors, and seniors, providing services such as golf lessons, tournaments, a pro shop, and seasonal restaurant facilities. The website reflects a strong community focus and regional market position, supported by a GEO certification that underscores environmental and operational standards. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies with good SEO and mobile optimization. Security posture is robust with HTTPS, security headers, and secure login forms, though explicit security policies and incident response contacts are absent. Privacy compliance is addressed through a cookie consent mechanism and a privacy information page, indicating GDPR awareness. Overall, the site is professional, trustworthy, and content-rich, supporting the club's business credibility and member engagement.

V

Verrückt Auf Morgen - Ideen Für Mehr Nachhaltigkeit

verrueckt-auf-morgen.de

52

The website 'Verrückt Auf Morgen' is a German-language platform focused on sustainability, climate protection, nature conservation, and environmental education. It aims to educate visitors about projects in biosphere reserves and encourage the implementation of sustainable ideas. The site appears to be a small-scale initiative founded around 2022, with content updated as recently as 2025. The target audience is the general public interested in environmental topics. Technically, the website is built on WordPress using the Elementor page builder, featuring custom fonts and responsive design. The site includes appropriate meta tags and structured data for SEO but lacks advanced analytics or advertising integrations. Performance is moderate, and mobile optimization is good. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There are no visible vulnerabilities or exposed sensitive data, but the absence of privacy and cookie policies indicates compliance gaps with GDPR. No incident response or security contact information is provided. Overall, the website is safe and professional but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and providing clear contact information for security and data protection matters.

Ring Publishing is a content experience platform developed by Ringier Axel Springer Polska, a leading media and technology company in Poland. The platform offers modular SaaS solutions focused on content management, personalization, delivery, and AI-powered editorial assistance. With over 20 years of experience and a client base including major media brands, Ring Publishing positions itself as a global industry leader in media technology solutions. The website reflects a professional and modern digital presence with strong branding and client trust signals. Technically, the platform leverages modern JavaScript frameworks, cloud-native SaaS architecture, and integrates marketing and analytics tools such as Google Analytics, Hotjar, and Salesmanago. The company is a certified AWS partner, underscoring its commitment to cloud security and scalability. Security posture is good with HTTPS and domain transfer protections, though improvements are recommended in security headers and explicit policy disclosures. Overall, the website is well-structured, mobile-optimized, and provides a positive user experience, though explicit privacy and terms of service documents are missing. Contact is primarily via forms and physical office addresses, with no direct emails or phone numbers published.

The website pulsembed.eu currently presents minimal content, consisting only of an empty HTML body with some deferred JavaScript files and no visible text or metadata. The lack of privacy policies, contact information, or business descriptions suggests the site is either under construction or serves as a placeholder. The domain is registered through cyber_Folks S.A., a known registrar, but no direct business information is available to confirm legitimacy or operational status. Technically, the site uses JavaScript but lacks SEO, accessibility, and security best practices. No security headers or SSL details are present in the provided data, indicating potential security weaknesses. Overall, the site’s security posture is weak due to lack of visible content and security features, and the business credibility is low given the absence of identifying information.

V

Værsågod AS

vrs.gd

60

Værsågod AS is a small Norwegian digital agency specializing in the development of modern, accessible, and visually engaging websites. Founded in 2012, the company offers front-end and back-end development, creative coding, CMS solutions, and ongoing support and maintenance. Their client portfolio includes reputable organizations such as Snøhetta, Oslo-Filharmonien, and Bane NOR, positioning them as a trusted boutique agency in the Norwegian market. The website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the site employs modern web technologies, including HTTPS, CDNs, and optimized media delivery, ensuring fast performance and good mobile responsiveness. However, the absence of explicit privacy and cookie policies indicates a compliance gap that should be addressed. Security posture is solid with HTTPS and no visible vulnerabilities, but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the domain appears legitimate despite the lack of WHOIS data, likely due to registry privacy policies. The site is safe for general audiences and demonstrates high professionalism and trustworthiness.

V

Vestre

vestre.com

73

Vestre is a well-established Norwegian manufacturer specializing in sustainable outdoor furniture with a strong focus on Scandinavian design for public spaces such as cities and parks. The company holds a leading position in its niche market, targeting municipalities, urban planners, and architects. Their website reflects a professional and consistent brand image, supported by a modern technical infrastructure including Craft CMS, Google Tag Manager, and Cookiebot for privacy compliance. Security measures such as HTTPS, CSRF tokens, and Google reCAPTCHA are implemented, indicating a mature security posture. However, some improvements are recommended, including enabling DNSSEC and publishing explicit security policies. Overall, the website demonstrates good digital maturity and compliance with GDPR, with extensive use of analytics and marketing tools to support business growth.

V

VegTech Norge

vegtech.no

59

VegTech Norge is a leading Nordic supplier specializing in green roofs, sedum roofs, and vegetation solutions. Founded in 2022, the company offers a comprehensive range of products and services including green roofing systems, vegetation for terrain and water environments, facade greening, and consulting. Their market position is strong within the Nordic region, supported by partnerships and participation in industry events. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the site runs on WordPress with modern frameworks and integrates Cookiebot for GDPR-compliant cookie management. Security posture is good with HTTPS and secure forms, though it lacks explicit security headers and published security policies. Contact information is clearly presented with multiple channels including email, phone, and social media. Overall, VegTech Norge demonstrates a credible and trustworthy business with room for improvement in privacy and security transparency.

Wesp is a Norwegian company specializing in the representation and distribution of outdoor and indoor furniture from six distinct producers. Their market position is niche-focused, targeting both large and small projects in public and private sectors. The website reflects a professional business model with clear service offerings including benches, planters, tables, and bicycle parking solutions. The company is a part of Wallax AS and has been operating since 2015, supported by a domain age consistent with this timeline. Technically, the website is built on WordPress using the Enfold theme and Avia framework, incorporating modern web technologies such as Google Analytics, Facebook Pixel, and Hotjar for analytics and marketing. The site is mobile-optimized with good SEO practices including structured data and meta tags. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA on forms, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic but present, with a GDPR-compliant privacy policy and cookie consent mechanism. Overall, Wesp's website demonstrates a solid digital presence with good business credibility and moderate security posture. Strategic improvements in security headers, incident response policies, and enhanced privacy transparency would further strengthen their risk profile and trustworthiness.

R

Regnskogfondet

regnskogfondet.no

61

Regnskogfondet is a Norwegian non-profit organization dedicated to rainforest conservation and securing the rights of indigenous peoples and local communities. The website presents a professional and well-structured digital presence, targeting Norwegian and international supporters interested in environmental and social justice causes. The organization leverages modern web technologies including Craft CMS and integrates multiple third-party marketing and analytics tools to optimize user engagement and fundraising efforts. Privacy compliance is robust, with a comprehensive cookie consent mechanism aligned with GDPR requirements. Security posture is good, with HTTPS enforced and CSRF protections in place, though some HTTP security headers could be improved. The absence of WHOIS data is due to registry policies and does not detract from the site's legitimacy. Overall, the website reflects a trustworthy and credible non-profit entity with a clear mission and effective digital infrastructure.

P

Phineas Harper

turncoats.world

58

Phineas Harper's website is a professionally designed Squarespace site promoting a series of cultural debate events called Turncoats, focusing on architecture, urbanism, and social issues. The site targets a niche audience interested in public discourse and cultural critique, primarily in the UK. Technically, the site uses modern web technologies and is hosted on Squarespace, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and Google reCAPTCHA Enterprise integration, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is legitimate and trustworthy but could improve compliance and security practices.

O

Open City

open-city.org.uk

60

Open City is a UK-based non-profit organization dedicated to making architecture and built heritage more open, accessible, and equitable. Founded in 2009, it offers a variety of services including public events, tours, educational courses, films, podcasts, and a shop. The organization targets a broad audience interested in architecture, culture, and education, positioning itself as a key player in the cultural and educational non-profit sector in the UK. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as JavaScript, YUI libraries, and integrations with Google Tag Manager and Mailchimp for analytics and marketing. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Accessibility features are basic but present. From a security perspective, the site uses HTTPS with a valid SSL certificate but lacks advanced security headers such as HSTS, CSP, and X-Frame-Options, which are recommended to enhance protection. No privacy or cookie policies are published, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is available. Overall, the website is professional and trustworthy with a strong business credibility score. However, improvements in privacy compliance and security hardening are advised to reduce risk and enhance user trust.

L

London On The Inside Ltd

londontheinside.com

44

London On The Inside Ltd operates a leading independent digital magazine focused on curating the best events, lifestyle, food, and culture in London. Established in 2012, the company targets London residents and visitors seeking curated content and insider perks. The business model centers on digital publishing, advertising, and a membership program called Insiders, providing exclusive content and benefits. The website demonstrates a strong market position as a trusted source for London-centric lifestyle content.

S

SproutVideo

sproutvideo.com

75

SproutVideo is a well-established video hosting and live streaming platform targeting businesses and enterprises. Founded in 2010, it offers a comprehensive suite of video marketing, analytics, and privacy tools designed to help companies securely share and analyze video content. The platform is trusted by Fortune 500 companies and thousands of small and medium-sized organizations, positioning itself as a reliable and enterprise-ready solution in the video hosting market. The website reflects a mature digital presence with professional design, clear navigation, and extensive marketing and analytics integrations. Technically, SproutVideo leverages modern web technologies including HTML5, JavaScript, and CSS3, supported by AWS infrastructure and Cloudfront CDN for performance and scalability. The site integrates multiple analytics and tracking services such as Google Analytics, Facebook Pixel, TikTok Analytics, LinkedIn Insight Tag, and Microsoft Clarity, indicating a sophisticated approach to user engagement and marketing optimization. Mobile optimization and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with a strong SSL configuration and uses domain transfer protection. However, it lacks DNSSEC and explicit security headers, and does not publish a dedicated security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms, aligning with GDPR requirements. Overall, SproutVideo demonstrates a strong business credibility and technical maturity with a high level of professionalism and trustworthiness. Strategic recommendations include enhancing DNS security with DNSSEC, implementing security headers, and publishing security and vulnerability disclosure policies to further strengthen the security posture and transparency.

The website www.answerdash.com currently displays a Squarespace 'Website Expired' placeholder page, indicating that the domain is not hosting any active business content. The absence of WHOIS data further confirms that the domain is either unregistered or expired. Consequently, no business information, contact details, or security policies are available for analysis. The technical infrastructure is limited to Squarespace hosting and basic JavaScript libraries used by the placeholder page. Security posture is poor due to lack of HTTPS and security headers, and privacy compliance is non-existent. Overall, the website is inaccessible for meaningful evaluation and presents a high risk of being inactive or abandoned.

T

Ten4

ten4design.co.uk

72

Ten4 is a UK-based digital agency specializing in research, strategy, design, and development services for ambitious organizations. The company serves a diverse client base including prestigious institutions such as Royal Museums Greenwich, BAFTA, Channel 4, and University College London, positioning itself as a reputable player in the digital services market. Their offerings encompass UX/UI design, API integrations, content management, and secure hosting, reflecting a comprehensive digital service portfolio. The website demonstrates a high level of professionalism with rich multimedia content and clear navigation, targeting organizations seeking digital transformation and growth.

L

Loxton Walk

loxtonwalk.com

47

Loxton Walk is a newly developed commercial real estate destination located in Marylebone, London, offering flexible retail and restaurant spaces across multiple units. The website presents a professional and modern digital presence, leveraging contemporary web technologies such as SvelteKit and Google Maps API to enhance user experience. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy or registration status. The site lacks critical compliance documents such as privacy and cookie policies, and no direct contact information is provided, which may impact user trust and regulatory compliance. Security posture is moderate with HTTPS implied but no explicit security headers detected. Overall, the site appears to be in a development or pre-launch phase, requiring improvements in transparency and security to fully establish credibility.

D

Derwent London

networkw1.london

60

The website represents a commercial real estate property called Network located at 10 Howland Street in Fitzrovia, London, managed by Derwent London. It offers flexible office workspace across multiple floors with a focus on modern and sustainable design. The site targets businesses seeking premium office space in a central London location. Technically, the website is built using modern frameworks such as Next.js and React, indicating a contemporary digital infrastructure with moderate performance and good mobile optimization. However, some accessibility features appear basic and security headers are not detected, which could be improved. The security posture is moderate due to the presence of HTTPS (assumed) but lack of visible security headers and no published security or privacy policies. Cookie consent is implemented, but no privacy policy or terms of service are found, which impacts compliance and trust. Overall, the site is professional and relevant to its business domain but would benefit from enhanced security and compliance documentation.

R

Royal Institute of British Architects

architecture.com

73

The Royal Institute of British Architects (RIBA) is a leading professional body and membership organization dedicated to advancing architecture. The website serves architects, students, and related professionals by providing education, resources, awards, and advocacy. The site is well-branded, professionally designed, and offers comprehensive content relevant to its audience. Technically, it uses modern JavaScript frameworks, Umbraco CMS, and integrates multiple analytics and tracking tools with proper cookie consent mechanisms. Security posture is good with HTTPS enforced and secure forms, though some security headers and explicit policies could be improved. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website is trustworthy, professional, and compliant with privacy regulations.

B

Baumeister

baumeister.de

48

The website www.baumeister.de represents a German-language site branded as 'Baumeister'. The content and metadata suggest it is related to construction or a similar sector, though explicit business descriptions are not present in the provided data. The site uses WordPress CMS with Astra theme and incorporates SEO and performance optimization plugins such as Yoast SEO and WP Rocket. A cookie consent mechanism is implemented via BorlabsCookie, indicating some level of privacy compliance awareness. However, no explicit privacy policy, terms of service, or contact information are found in the analyzed content, which limits transparency and user trust. Technically, the site is moderately optimized for performance and mobile responsiveness but lacks visible security headers and detailed security policies. The domain WHOIS data shows consistent DNS name servers aligned with German hosting providers, supporting legitimacy, though registrant details are minimal. Overall, the site is functional and professional but would benefit from enhanced privacy disclosures and security practices.

S

SPAZIO

spaziomilano.org

52

SPAZIO is a small architecture gallery and bookstore based in Milan, Italy, serving as an independent platform for critical reflection and discussion on architecture, urban design, and related spatial disciplines. The website showcases a rich archive of exhibitions and cultural events dating back to 2017, positioning itself as a niche cultural institution with a focus on thoughtful engagement and storytelling. Technically, the site is built on the Cargo Collective platform, utilizing modern web fonts and Google Tag Manager for analytics, with good mobile optimization and a professional design. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security practices.

H

Haus der Architektur

hda-graz.at

50

Haus der Architektur (HDA) is a cultural and educational institution based in Graz, Austria, dedicated to promoting architectural culture through exhibitions, lectures, workshops, and networking. The website serves as a comprehensive platform for event information, cooperation projects, and architectural documentation, targeting architects, students, and the general public interested in architecture. The institution holds a strong regional position with partnerships involving government and cultural bodies. Technically, the website is built on the Plone CMS platform, utilizing modern JavaScript libraries and frameworks, and is secured with HTTPS and appropriate security headers. However, it lacks visible privacy and cookie policies, which impacts its compliance posture. Overall, the site is professional, content-rich, and trustworthy, with moderate user tracking via Google Analytics.

L

L'Ordre des architectes

ordredesarchitectes.be

44

L'Ordre des architectes is the official professional association representing architects in the francophone and germanophone regions of Belgium. The website serves as a comprehensive resource for architects, trainees, and the public, offering directories, news, job listings, and architectural project showcases. The organization holds a strong market position as the authoritative body for architectural practice in Belgium. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and utilizes libraries such as Swiper.js and Redactor editor. The site is hosted by OVH, a reputable provider, and demonstrates good mobile optimization and SEO practices. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible security headers and formal security policies. Overall, the site is professional, trustworthy, and content-rich, though it could improve privacy policy visibility and security disclosures.

H

Heureka Group a.s.

produktroku.sk

58

ProduktRoku.sk is a Slovak independent shopping advisory website operated by Heureka Group a.s., focusing on announcing the most popular products of the year 2024 across multiple categories based on consumer preferences. The site serves Slovak internet consumers by providing product rankings and insights to aid purchasing decisions. The business model revolves around e-commerce product popularity and consumer guidance, positioning itself as a trusted source in the Slovak retail market. Technically, the website employs modern JavaScript technologies, Google Analytics, Google Tag Manager, and a GDPR-compliant consent management platform (Didomi). The site is mobile-optimized with good SEO and basic accessibility features. Security posture is strong with HTTPS enforced and consent mechanisms in place, though additional security headers and published security policies could enhance trust. Overall, the website is professional, trustworthy, and compliant with GDPR, though it lacks direct contact information and terms of service pages. The domain registration aligns well with the business history and branding, indicating legitimacy.

4

4evac

4evac.com

46

4evac presents itself as a provider of advanced voice evacuation and alarm control solutions compliant with EN54-16 and EN54-4 standards, targeting commercial and industrial safety projects. The website is professionally designed using the Wix platform, featuring relevant business content and a clear focus on voice alarm technology. However, the absence of WHOIS registration data for the domain www.4evac.com raises concerns about domain legitimacy and ownership, which impacts overall trust. Technically, the site uses modern web technologies and polyfills to ensure compatibility and performance, but lacks visible security headers and privacy compliance documentation. The security posture is moderate with HTTPS usage and some script hardening, but could be improved with better policy disclosures and contact information. Overall, the site is accessible and safe, but the domain registration ambiguity and missing compliance policies suggest caution and further verification.

C

Carmody Groarke

carmodygroarke.com

68

Carmody Groarke is a London-based architecture practice established in 2006, specializing in cultural, heritage, and innovative architectural projects. The website serves as a professional portfolio showcasing their key projects, publications, and news updates, targeting clients and stakeholders in the architecture and real estate sectors. The firm positions itself as an established player with a focus on research, innovation, and urban heritage. Technically, the website is built using modern web technologies including React and Next.js, with content managed via Sanity CMS. The site demonstrates good mobile optimization and user experience, though some SEO and accessibility features could be enhanced. Performance is moderate with a well-structured layout and clear navigation. From a security perspective, the site uses HTTPS with a valid SSL certificate but lacks DNSSEC and security headers, which are recommended to improve security posture. No explicit security policies or incident response information is provided, indicating room for improvement in transparency and compliance. Overall, the website is professional and trustworthy with no signs of malicious content or blocking mechanisms. Privacy and cookie policies are present but basic, and no contact emails or phone numbers are explicitly listed on the homepage. Strategic recommendations include enhancing security headers, adding detailed security and incident response policies, and improving privacy compliance disclosures.

C

Caruso St John Architects

carusostjohn.com

54

Caruso St John Architects is an internationally recognized architecture firm specializing in well-crafted architectural projects, renovations, and exhibition designs. The firm has a strong market position with numerous awards, lectures, and publications highlighting their expertise and influence in the architecture sector. Their website reflects a professional and consistent brand image targeting clients and stakeholders interested in high-quality architectural services. The business operates primarily in the real estate and architectural design industry, based in the United Kingdom, with a domain age consistent with a mature and established practice. Technically, the website employs standard web technologies such as HTML5, CSS3, and JavaScript, hosted by GoDaddy.com, LLC. The site is moderately performant with good mobile optimization and accessibility features. However, there is room for improvement in security configurations, including enabling DNSSEC and implementing security headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, and no incident response or vulnerability disclosure information is provided. The security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. No critical vulnerabilities or exposed sensitive data were detected. The website content is safe for general audiences, with no adult or questionable content. Overall, the site demonstrates high professionalism and trustworthiness but would benefit from enhanced privacy and security practices to align with best practices and regulatory requirements. Strategic recommendations include implementing comprehensive privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear incident response and vulnerability disclosure channels to strengthen trust and compliance.

The website adamarchitecture.com currently serves a security challenge page that blocks direct access to its main content. This challenge includes a CAPTCHA and a JavaScript-based proof-of-work mechanism, indicating the presence of a Web Application Firewall (WAF) or similar security protection. Due to this blocking, no substantive business content, contact information, or policies are accessible for analysis. The domain is mature, registered since 2008 with Tucows Domains Inc., and has domain transfer protections enabled, suggesting legitimate domain management. However, DNSSEC is not enabled, and no security headers or HTTPS enforcement details are visible in the provided data. The website's technical infrastructure includes modern JavaScript features and uses AWS Cloudfront CDN for content delivery. Overall, the site’s security posture is limited by the lack of visible security headers and policies, and the content quality is poor due to the blocking mechanism. Privacy compliance and business credibility cannot be assessed due to lack of accessible information.

A

ACME

acme.ac

70

ACME is a London-based architecture and design firm established in 2007, specializing in contemporary architecture, urban planning, interior design, and product design. The company serves private, corporate, and public clients and has a portfolio of notable projects such as Liverpool Street Station and developments in Berlin and Earls Court. The website is professionally designed and hosted on Shopify, leveraging modern web technologies and integrations such as Vimeo for video content and Google Analytics for tracking. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with cookie consent and GDPR-aligned privacy policy. Overall, the business presents a credible and trustworthy online presence.

W

Wright & Wright Architects LLP

wrightandwright.co.uk

68

Wright & Wright Architects LLP is a London-based award-winning architectural practice specializing in sustainable, contextual, and innovative design primarily for the culture and education sectors. Their portfolio includes Passivhaus-certified projects and a strong commitment to carbon reduction and energy efficiency. The website reflects a professional and well-established firm with a clear focus on quality and sustainability. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Vimeo video integration, Google Tag Manager, and Typekit fonts. It is well-optimized for performance, mobile responsiveness, and accessibility, providing a seamless user experience. The presence of cookie consent management and privacy policies indicates good digital maturity and compliance with privacy regulations. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a public security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS lookup failed due to querying a subdomain rather than the domain itself, but the website's professionalism and trust indicators suggest legitimacy. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and improving accessibility features to further strengthen security posture and user trust.

W

Walters & Cohen Architects

waltersandcohen.com

65

Walters & Cohen Architects is a London-based architectural practice specializing in education, community, and cultural projects. The firm is recognized for its award-winning portfolio and serves clients primarily in the education sector. The website reflects a professional and consistent brand image with a clear focus on showcasing their projects and expertise. The target audience includes educational institutions and community organizations seeking architectural services. Technically, the website employs modern web technologies including Google Analytics and Google Tag Manager for tracking, and uses a CDN for asset delivery. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some technical improvements could be made, such as implementing security headers and expanding accessibility features. From a security perspective, the site uses HTTPS and has a cookie consent mechanism indicating basic privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data is a concern and lowers the domain trustworthiness score, though the active and professional nature of the website suggests legitimacy. No explicit contact or security incident response information is provided, which could be improved. Overall, the website presents a solid digital presence for a small architectural firm with room for enhancements in security posture and transparency. Strategic recommendations include improving WHOIS transparency, adding security headers, and providing clearer contact and privacy information to strengthen trust and compliance.

J

Jamie Fobert Architects

jamiefobertarchitects.com

47

Jamie Fobert Architects is a reputable architectural firm specializing in innovative design across residential, retail, and arts sectors. The company has a strong market presence with a portfolio of completed and ongoing projects internationally, including high-profile cultural and retail spaces. The website serves as a professional portfolio showcasing their work and expertise. Technically, the website is built on WordPress with Yoast SEO for optimization and uses modern JavaScript libraries for interactive elements. Google Analytics is implemented for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security transparency. Overall, the domain is well-established and trustworthy, supporting the firm's credibility.

H

Hawkins\Brown

hawkinsbrown.com

51

Hawkins\Brown is a UK-based architecture firm focused on societal impact and human-centered design. The website presents a professional and modern digital presence with rich content including conversations, projects, and thought leadership. The firm holds a B Corp certification, indicating commitment to social and environmental performance. Technically, the site is built on WordPress with modern JavaScript and analytics integrations, optimized for performance and accessibility. Security posture is good with HTTPS enforced and secure forms, though explicit security policies and incident response details are absent. The lack of WHOIS data for the domain is a notable anomaly, reducing trust slightly despite the professional site content. Overall, the website reflects a mature business with strong branding and digital maturity.

D

David Chipperfield Architects

davidchipperfield.com

63

David Chipperfield Architects is a well-established international architectural practice founded in 1985, with offices in multiple global cities. The company provides architectural design and related cultural and research services, targeting clients interested in high-quality architectural projects. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content about projects and news. Technically, the site uses modern web standards, is mobile optimized, and employs privacy-focused analytics. Security posture is good with HTTPS and domain protection measures, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the website is trustworthy and professionally managed, supporting the company's market position as a leading architectural firm.

Eric Parry Architects Ltd is a well-established architectural practice founded in 2000, with studios in London and Singapore. The company specializes in sustainable and creative architectural design, serving clients in commercial, cultural, healthcare, and hospitality sectors. Their website reflects a professional and consistent brand image, showcasing a portfolio of projects and providing clear contact information. The business targets clients seeking high-quality architectural services and maintains a reputable market position with an international presence. Technically, the website is built on WordPress with modern JavaScript libraries such as Glide.js and LazySizes, offering good mobile optimization and user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and published security policies. Overall, the website is trustworthy, compliant with GDPR, and free from suspicious content or vulnerabilities.

D

Derwent London

derwentlondon.com

67

Derwent London is a prominent British property investment and development company headquartered in London, recognized as the largest London office-focused Real Estate Investment Trust (REIT) and a constituent of the FTSE 250 Index. The company manages a substantial portfolio of commercial real estate valued at £5.2 billion as of mid-2025, focusing on long-term value creation through property regeneration. Their services include office and retail space leasing, flexible furnished workspaces, and community-focused DL/Members lounges. The website reflects a mature digital presence with comprehensive content targeting investors, tenants, and partners. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and cookie consent management, ensuring compliance with privacy regulations such as GDPR. The site is mobile-optimized, accessible, and SEO-friendly, although no CMS or hosting provider details are explicitly identified. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms with granular controls. However, no explicit security headers were detected in the HTML source, and there is no published security policy or vulnerability disclosure program. The absence of WHOIS data limits domain trust verification, but the professional presentation and multiple industry certifications support legitimacy. Overall, Derwent London’s website demonstrates strong business credibility and privacy compliance, with room for improvement in security best practices and transparency. The domain’s WHOIS data absence warrants monitoring but does not currently undermine the site’s trustworthiness.

DRMA AS is a Norwegian architecture and planning firm established in 2006, specializing in community-focused architectural design, planning, placemaking, and landscape architecture. The company positions itself as a local expert with a global outlook, demonstrated by participation in international exhibitions and collaborations. Their website showcases multimedia content highlighting their projects and approach, targeting clients interested in innovative and community-driven architectural solutions. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and Mapbox GL JS for mapping features. The site is mobile-optimized with good design quality and user experience, though some accessibility and SEO optimizations could be improved. No CMS or hosting provider details were identified. From a security perspective, the site uses HTTPS with good SSL configuration but lacks security headers and formal privacy or cookie policies, which are important for GDPR compliance and user trust. No forms or analytics scripts were detected, indicating minimal data collection and tracking. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, DRMA's website is professional and trustworthy but would benefit from enhanced privacy compliance, security headers, and accessibility improvements to strengthen its security posture and regulatory adherence.

L

Lundhagem

lundhagem.no

57

Lundhagem is a small, award-winning architecture and urban design practice based in Oslo, Norway. The website presents a professional image focused on showcasing their design work and company identity. The business targets clients seeking architectural and urban design services, positioning itself as a specialized and reputable firm in its sector. The website uses modern web technologies such as Nuxt.js and Imgix for image optimization, indicating a moderate level of digital maturity. However, the site lacks visible contact information, privacy policies, and security headers, which impacts its overall security posture and compliance stance. No WHOIS data is publicly available, suggesting privacy protection for the domain registration, which is typical for small professional firms. Overall, the website is functional and professional but could improve in security and compliance transparency.

A

Arkitektur- og designhøgskolen i Oslo (AHO)

aho.no

72

Arkitektur- og designhøgskolen i Oslo (AHO) is a leading international scientific college specializing in education and research in architecture, design, and landscape architecture. The institution targets students, researchers, and professionals in these fields, offering a range of study programs and fostering collaboration with industry and public sectors. The website reflects a well-established educational entity with a strong market position in Norway and internationally. Technically, the site is built on the Vortex CMS platform, hosted on infrastructure associated with the University of Oslo, and employs modern web technologies with good mobile optimization and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. Privacy compliance is well addressed with comprehensive policies and GDPR adherence. Overall, the site is professional, trustworthy, and content-rich, supporting the institution's credibility and reputation.

N

Norske arkitekters landsforbund

arkitektur.no

67

Arkitektur.no is a well-established Norwegian architecture media portal operated by Norske arkitekters landsforbund. It provides comprehensive news, project showcases, opinion pieces, and job listings targeted at architects and design professionals in Norway. The website demonstrates a strong market position within the Norwegian architecture sector, supported by consistent branding and professional content. Technically, the site employs modern web technologies including Vue.js, hCaptcha for form security, and integrates advertising via Adnuntius. The site is mobile-optimized, accessible, and SEO-friendly, ensuring a positive user experience. Security posture is solid with HTTPS enforcement and CAPTCHA protection, although explicit security policies and incident response contacts are absent. Overall, the site is trustworthy, compliant with GDPR, and maintains good privacy practices.

Transborder Studio is a small architecture practice founded in 2013, specializing in architecture, urbanism, and interior design with a focus on sustainable and cultural projects. The website serves as a portfolio showcasing key projects primarily located in Norway and Venice. The business targets clients interested in green living and cultural spaces, positioning itself as a niche player in the architecture sector. Technically, the website uses modern web standards with HTML5, CSS3, and JavaScript, and images are delivered via the imgix CDN. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, and no contact information or incident response details are provided, which impacts trust and compliance. Overall, the site is professional and functional but could improve in transparency and security best practices.

S

Snøhetta

snohetta.com

58

Snøhetta is a globally recognized transdisciplinary architecture and design firm focused on creating meaningful places that connect societies and the environment. Their website showcases a broad portfolio of projects across architecture, landscape, interior, product, and brand experience disciplines, targeting clients and partners in the design and real estate sectors. The digital infrastructure is modern, leveraging lazy loading, video loops, and a likely Craft CMS backend, hosted on a CDN for performance. Security posture is moderate with HTTPS and CSRF tokens present but lacking explicit security headers and formal privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the professional content and social media presence support legitimacy. Overall, the site is well-designed and user-friendly but would benefit from enhanced privacy compliance and security transparency.

N

Norges teknisk-naturvitenskapelige universitet

ntnu.no

64

NTNU (Norges teknisk-naturvitenskapelige universitet) is Norway's leading technical and natural sciences university with campuses in Trondheim, Gjøvik, and Ålesund. The institution serves approximately 40,000 students and holds primary responsibility for higher technology education in Norway. The website reflects a mature digital presence with comprehensive educational content, research information, and student life resources. It is built on a modern technology stack including Liferay CMS, Bootstrap, and various analytics tools, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response details are not publicly disclosed. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site demonstrates high professionalism, trustworthiness, and alignment with the institution's mission.

B

Dein City-Guide & Stadt-Magazin mit Aktivitäten für Basel | BaselLive

basellive.ch

57

BaselLive.ch is a local media platform serving as a city guide and lifestyle magazine for Basel, Switzerland. It provides curated content including event listings, cultural stories, shopping guides, and culinary tips targeting residents and visitors interested in exploring Basel. The platform leverages social media channels and newsletters to engage its audience and promote city activities. Technically, the website uses modern web technologies with JavaScript modules, CSS, and integrates advertising via AdButler and analytics through Plausible and Google Tag Manager. The site is mobile-optimized and presents a professional design with clear navigation. Security-wise, the site enforces HTTPS and uses asynchronous script loading but lacks explicit security headers and formal privacy or cookie policies. No contact emails or phone numbers are explicitly provided, and no vulnerability disclosure or incident response information is found. Overall, the website is safe, trustworthy, and well-positioned as a local media outlet but would benefit from enhanced privacy compliance and security transparency.

R

Ringier Magazine AG

boleromagazin.ch

63

Bolero is a Swiss online magazine operated by Ringier Magazine AG, focusing on fashion, culture, beauty, and premium lifestyle content targeted primarily at women with style. The website is professionally designed with consistent branding and good content quality, serving as a reputable media outlet within the Swiss market. The technical infrastructure leverages modern web technologies including Ring Publishing CMS, Google Tag Manager, and OneTrust for cookie compliance, ensuring a moderate to good performance and user experience across devices. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are not publicly available. Overall, the website demonstrates a solid digital maturity with good SEO and advertising transparency. The domain registration is privacy protected but consistent with the brand's legitimacy. No adult or questionable content is present, making it safe for general audiences.

K

Konnektiv Kollektiv GmbH

konnektiv.de

44

Konnektiv Kollektiv GmbH is a Berlin-based agency specializing in sustainable and ethical digital transformation primarily in the public sector and international development contexts. Their services include developing privacy-friendly open-source software, consulting on digital sovereignty, and providing training and moderation on inclusive digital transformation. The company collaborates globally with NGOs, foundations, local innovators, and government institutions, focusing on Africa, Asia, and Latin America. Technically, the website is built on WordPress with modern plugins and themes, hosted via Schlund Technologies, and uses Matomo analytics with privacy-conscious settings. Security posture is good with HTTPS and no visible vulnerabilities, though security headers and formal policies could be improved. Privacy compliance is partial with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, reflecting a credible small non-profit entity.