Security Directory

M

Marc Morro

marcmorro.com

61

Marc Morro is a professional furniture designer based in Barcelona, specializing in creative and commissioned/custom furniture design. The website serves as a portfolio showcasing various furniture projects and collections, targeting individuals and galleries interested in unique designer furniture. The site is built using modern web technologies such as SvelteKit, ensuring a fast, mobile-optimized, and accessible user experience. However, the absence of WHOIS data raises concerns about the domain's registration legitimacy, which impacts overall trust. Security posture is moderate with HTTPS implied but lacking security headers and formal privacy or cookie policies. Contact information is clearly provided, enhancing business credibility.

Tiro Typeworks is a specialized digital type foundry founded by John Hudson and Ross Mills, focusing on creating custom fonts for multilingual publishing and computing. The company operates a professional and well-structured website showcasing a broad catalog of fonts, articles, and licensing information. Their market position is that of a niche player with international reach, serving publishers, typographers, and scholars. The business model revolves around font licensing and custom font creation, targeting a specialized audience in the technology and publishing sectors. Technically, the website is built on Craft CMS and employs modern web technologies including JavaScript, CSS, and HTML5. It uses Cloudflare Turnstile captcha for form security and Fathom Analytics for privacy-conscious visitor tracking. The site is mobile-optimized, SEO-friendly, and performs well with fast loading times and good accessibility features. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, but lacks explicit security headers such as CSP or HSTS. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a comprehensive privacy policy, though no cookie consent mechanism was found. Contact information is limited to a subscription form, with no direct emails or phone numbers publicly listed. Overall, the website is trustworthy and professional, though the absence of WHOIS data for the domain reduces domain registration transparency and slightly impacts trust. Strategic improvements include adding security headers, publishing security and incident response policies, and implementing cookie consent to enhance privacy compliance.

exljbris.com is the official website of exljbris Font Foundry, owned by Jos Buivenga, specializing in font design and distribution. The site offers a portfolio of proprietary fonts including free and commercial options, targeting graphic designers and typographers. The business operates as a small niche foundry with a long-established domain since 2007, indicating stable market presence. Technically, the website uses legacy font replacement technologies such as Cufon and SIFR, alongside JavaScript libraries like Prototype.js and Scriptaculous. Hosting is provided via Argewebhosting, with moderate performance and basic mobile optimization. SEO and accessibility features are minimal, reflecting a dated technical infrastructure. Security posture is basic with no DNSSEC, no visible security headers, and mixed content loading (http and https). The domain is protected against unauthorized transfers but lacks modern security enhancements. Privacy compliance is weak, with no privacy or cookie policies and moderate user tracking via StatCounter and Google Analytics without clear disclosures. Overall, the website is functional and moderately trustworthy but requires modernization in security, privacy compliance, and technical implementation to improve user trust and regulatory adherence.

H

HvD Fonts

hvdfonts.com

64

HvD Fonts is a specialized type foundry offering high-quality original retail fonts and custom font solutions. The company targets designers and businesses seeking professional typography products. Their website reflects a niche market position with a clear business model focused on font licensing and custom typeface design. The digital infrastructure employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Analytics and Tag Manager for performance and marketing insights. The site is well-structured, mobile-optimized, and SEO-friendly, providing a professional user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

V

Visualio s.r.o.

visualio.space

46

Visualio s.r.o. is a Czech-based creative studio specializing in brand design, web development, and advertising campaigns. Established in 2015, the company serves businesses seeking to build successful brands, demonstrated by a strong portfolio and client testimonials from reputable companies. The website is professionally designed, multilingual, and optimized for modern devices, reflecting a mature digital presence. Technically, the site employs modern JavaScript frameworks like Alpine.js, integrates Google Analytics, Tag Manager, reCAPTCHA, and Smartlook for analytics and security. Security posture is solid with HTTPS and bot protection, though lacks some advanced security headers and published policies. Privacy compliance is a notable gap, with no visible privacy or cookie policies or consent mechanisms. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, Visualio presents a trustworthy and professional digital footprint with room for improvement in privacy and security transparency.

D

Datamart Inc.

komito.net

57

Komito Analytics is an open-source enhancement tool designed to augment popular web analytics software, providing advanced visitor behavior metrics and integration support. The company behind it, Datamart Inc., is a small technology firm based in the United States, founded in 2017. The website presents a professional and consistent brand image, emphasizing transparency and community engagement through open-source code availability and partner collaborations. Technically, the site leverages modern web standards, Cloudflare hosting, and offers multiple integration methods including Google Tag Manager, WordPress plugin, and NPM package. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements such as enabling DNSSEC and publishing explicit security policies are recommended. Privacy compliance is basic, lacking explicit privacy and cookie policies, which should be addressed to enhance user trust and regulatory adherence. Overall, the website is trustworthy, well-structured, and serves a niche market of analytics professionals and digital marketers.

W

Wine Industry Network

winesalessymposium.com

56

The Wine Sales Symposium website represents a well-established annual event focused on providing wineries with expert insights and strategies to increase sales and profitability. The event is produced by the Wine Industry Network, a recognized entity in the wine industry, and targets professionals such as winery owners, marketing executives, and sales professionals. The site offers comprehensive event details, sponsor information, and registration options, positioning itself as a premier industry gathering. Technically, the site is built on WordPress with modern plugins and tracking tools, hosted with Cloudflare DNS and GoDaddy registrar. While the site uses HTTPS and standard security practices, it lacks visible security headers and a cookie consent mechanism, which are areas for improvement. Overall, the website is professional, content-rich, and trustworthy, with moderate tracking and marketing integrations.

W

Wine Industry Careers

wineindustrycareers.com

68

Wine Industry Careers operates as a specialized online job board dedicated to connecting talent and employers within the wine industry. The platform offers job listings, company profiles, candidate profiles, educational resources, and industry news, targeting professionals and businesses in the wine sector. The website is professionally designed with clear navigation and a consistent brand presence, supporting a niche market position. Technically, the site leverages modern web technologies including Bootstrap, Google reCAPTCHA, Stripe for payments, and CDN hosting via Amazon Cloudfront, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and domain registration locks in place, but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and credible but would benefit from enhanced privacy and security measures.

W

Waiting Room Press

waitingroom.press

45

Waiting Room Press is a small UK-based creative publishing business specializing in artistic calendars, zines, and printed media with botanical and brutalist themes. The company operates an e-commerce website built on the Cargo Collective platform, offering direct sales of its unique print products worldwide. The website demonstrates good content quality and a consistent brand presence, targeting art enthusiasts and collectors. Technically, the site uses modern web technologies including JavaScript and jQuery, with Stripe integrated for payment processing. However, there are gaps in privacy compliance and security best practices, such as the absence of privacy and cookie policies and missing security headers. The domain registration is consistent and transparent, supporting the legitimacy of the business. Overall, the website is functional and professional but would benefit from enhanced security and compliance measures.

Big Cartel is a specialized e-commerce platform designed to empower artists and small businesses to create and manage online stores with ease. The company offers a tiered pricing model starting with a free plan, targeting a niche market of creative entrepreneurs. The website demonstrates a strong market position within the e-commerce sector by providing customizable templates, product management tools, and integrated payment options tailored for small-scale sellers. Technically, the site leverages modern web technologies such as React and Next.js, ensuring fast performance, mobile responsiveness, and good SEO practices. Security is robust with HTTPS enforcement and comprehensive security headers, although there is room for improvement in public security policy disclosures and incident response visibility. Overall, the site is professional, trustworthy, and well-optimized for its target audience, though the lack of publicly available WHOIS data introduces some uncertainty regarding domain registration details.

RRQ88 operates as an online gambling affiliate site focused on promoting slot games and related services primarily targeting the Indonesian market. The website claims to be a leading and trusted source for slot gaming links and live RTP updates, positioning itself as a top player in the local gambling affiliate niche. The business model revolves around providing access and information to slot game players, leveraging affiliate marketing and VIP access offerings. The site content and branding are basic but moderately consistent, with a strong emphasis on gambling-related keywords and user reviews indicating high engagement.

The website matteovenet.org is a personal portfolio site for an individual named Matteo Venet, primarily showcasing visual projects or artworks. The site is built on WordPress and uses standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is basic but functional, with HTTPS enabled and a moderate performance profile. However, the site lacks key compliance and security features such as privacy and cookie policies, security headers, and contact information. No analytics or tracking tools are present, indicating minimal user data collection. The domain registration is consistent with the website content and shows no suspicious patterns, supporting legitimacy. Overall, the site is suitable for general audiences with safe content but would benefit from improved security and compliance measures.

P

Projector Media

projector.media

55

Projector Media is a small creative and digital media agency specializing in branding, multi-page publications, and periodicals. The website showcases a portfolio of projects, targeting creative professionals and businesses seeking media services. The technical infrastructure is based on the Readymag platform, leveraging custom fonts and a CDN for content delivery. The site is mobile optimized and provides a visually rich user experience, although SEO and accessibility features are basic. Security posture is limited, with no detected security headers or explicit policies, and WHOIS data is privacy protected, which is common for small agencies. Overall, the site is professional but could improve in privacy compliance and security best practices.

1

100 Beste Plakate e. V.

100-beste-plakate.de

43

100 Beste Plakate e. V. is a German non-profit organization that organizes an annual competition showcasing the 100 best posters of the year. The website serves as a platform to present competition winners, exhibitions, and related publications. It targets design professionals, artists, cultural institutions, and the general public interested in graphic design and poster art. The organization maintains a recognized position in the cultural and media sector in Germany with international outreach through exhibitions. Technically, the website is built on WordPress using a custom theme, with modern HTML5, CSS3, and JavaScript technologies. The site is moderately performant, mobile-optimized, and SEO-friendly, though accessibility features are basic. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS but lacks advanced security headers and formal security policies. No vulnerabilities or exposed sensitive data were found in the provided content. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is minimal, with no direct emails or phone numbers visible, which may impact user trust. Overall, the website is professionally designed and trustworthy for its cultural purpose, but improvements in security policies, privacy mechanisms, and contact transparency would enhance its risk posture and user confidence.

Alex Dujet Type System Corp is a specialized graphic and type design studio based in Geneva, Switzerland, founded in 2015. The company focuses on visual communication, editorial, and type design services, and co-founded the Extraset Swiss Type Foundry. The website serves as a portfolio showcasing extensive design projects, exhibitions, and collaborations with notable design entities. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, jQuery, and Google Analytics, hosted by Infomaniak Network SA. While the site is functional and professionally designed, it lacks privacy and cookie policies, and DNSSEC is not enabled on the domain. The domain WHOIS data shows a future creation date, which is inconsistent with the business history and may require verification. Security headers are not detected, and no incident response or vulnerability disclosure information is provided. Overall, the website is moderately secure and credible but would benefit from improved privacy compliance and enhanced security configurations.

E

East Side Studio

eastsidestudiolondon.co.uk

66

East Side Studio is a small UK-based e-commerce business specializing in affordable modern art prints, supporting independent artists with framed and unframed options and global shipping. The website is built on the Shopify platform, leveraging a modern tech stack with integrations for marketing, analytics, and user engagement tools. The technical infrastructure is solid with good mobile optimization and performance, though some accessibility features could be improved. Security posture is good with HTTPS and some anti-copy protections, but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

D

DWX Developer World

dotnet-developer-conference.de

56

DWX Developer World is a well-established media and event organization specializing in the .NET developer community, hosting the annual .NET Developer Conference (DDC) in Cologne. The company offers a comprehensive program of workshops, sessions, and networking opportunities targeting professional developers focused on Microsoft technologies. Their market position is strong within the German-speaking developer ecosystem, supported by a professional website and clear branding. Technically, the website employs modern web technologies including Google Tag Manager, Usercentrics for consent management, and responsive design, ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and consent mechanisms in place, though explicit security headers could be improved. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR requirements.

G

GitNation

c3fest.com

62

C3 Fest is a contemporary software engineering and design festival organized by GitNation, targeting developers, QA professionals, and UX researchers globally. The event focuses on career advancement, networking, and showcasing innovative tech ideas with a strong lineup of industry-leading speakers. The website demonstrates a high level of professionalism with excellent content quality, mobile optimization, and user experience. Technically, it leverages modern JavaScript frameworks, Cloudflare DNS, and integrates multiple marketing and analytics tools, ensuring good performance and scalability. Security posture is solid with HTTPS enforcement and domain transfer protection, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to improve trust and regulatory adherence. Overall, the site is trustworthy and well-positioned in the tech event market, but could enhance transparency and security documentation.

G

GitHub, Inc.

gh.io

65

GitHub, Inc. operates one of the world's leading developer platforms, providing a collaborative environment for millions of developers and businesses globally. The platform offers a comprehensive suite of tools including code hosting, code review, CI/CD automation, security scanning, and AI-powered coding assistance. As a Microsoft subsidiary, GitHub holds a strong market position with enterprise-grade services and a vast open source community. The website reflects a mature digital presence with excellent content quality, clear navigation, and professional branding. Technically, GitHub's website leverages modern web technologies such as React and Turbo, hosted on AWS infrastructure with Contentful CMS integration. The site demonstrates fast performance, mobile optimization, and good accessibility standards. Security practices are robust, with HTTPS enforced, multiple security headers, and secure form handling. Minor improvements such as enabling DNSSEC could further enhance DNS security. The security posture is strong, supported by certifications like ISO 27001 and SOC 2, and a clear incident response framework with dedicated security contact channels. Privacy compliance is well addressed with comprehensive policies and consent mechanisms. No critical vulnerabilities or suspicious indicators were found during analysis. Overall, GitHub's website and domain registration details confirm a legitimate, enterprise-grade platform with high trustworthiness. Strategic recommendations include enabling DNSSEC, continuous dependency auditing, and enhanced transparency on data retention to maintain leadership in security and compliance.

European Architectural Supply, Inc. is a specialized supplier of high-performance European windows and doors, focusing on energy-efficient building projects such as Passive House and Net Zero Energy constructions. The company has been operating since 2003 and positions itself as a premier North American provider with a strong emphasis on custom craftsmanship and collaboration with architects and contractors. Their product offerings include custom wood, aluminum, and uPVC windows and doors with advanced energy performance features. Technically, the website uses basic HTML, CSS, and JavaScript with an outdated jQuery version and Google Analytics for tracking. The site is hosted behind Cloudflare DNS but lacks modern security headers and cookie consent mechanisms. Performance and mobile optimization are basic, and SEO is minimally addressed through meta keywords and descriptions. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and visible security policies. No privacy or cookie policies are present, and no incident response or vulnerability disclosure information is provided. The WHOIS data indicates a legitimate, long-standing domain registration consistent with the business claims, enhancing trustworthiness. Overall, the website is functional and professional but would benefit from improved privacy compliance, updated technical stack, and enhanced security practices to better protect users and align with modern standards.

R

Rockwool A/S

rockwool.com

61

Rockwool A/S is a well-established enterprise specializing in stone wool insulation products, a critical component in fire-resilient and energy-efficient buildings. Founded in 1909 and headquartered in Denmark, the company targets construction professionals and end users seeking high-quality insulation solutions. The website reflects a mature digital presence with comprehensive content, consistent branding, and clear business messaging. Technically, the site employs modern web technologies including JavaScript frameworks, marketing automation via Marketo, and cookie management through Cookiebot, ensuring a responsive and performant user experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and a public security policy page suggests room for improvement. The lack of WHOIS data for the domain introduces some uncertainty, but the overall professionalism and trust indicators mitigate this concern. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and compliance.

4

475 High Performance Building Supply

475.supply

68

475 High Performance Building Supply operates a professional e-commerce platform specializing in high quality building envelope solutions. The company combines product sales with educational resources and training to support building professionals and contractors. Their market position is niche but well established within the construction and building supply industry. The website is built on Shopify, leveraging modern web technologies and optimized for performance and accessibility. Security posture is strong with HTTPS, security headers, and secure forms, though no explicit security policy or incident response page was found. Privacy compliance is good with clear privacy and cookie policies and GDPR indicators. Overall, the site presents a trustworthy and professional digital presence with moderate business credibility and technical maturity.

The website www.ny.gov is the official online portal for the State of New York government, intended to provide residents and visitors with access to government information and public services. However, the current accessible content is limited to a Cloudflare Turnstile human verification challenge page, preventing full content analysis. The site leverages Cloudflare for security and performance, indicating a mature technical infrastructure focused on protecting against automated abuse. Due to the WAF challenge, no direct contact information, privacy policies, or business details are accessible, limiting the ability to fully assess compliance and security posture. The WHOIS data is incomplete, lacking registrar and nameserver information, but the .gov TLD and branding strongly suggest legitimacy as a government entity. Overall, the site demonstrates a high-security posture through access controls but requires bypassing the WAF to conduct a comprehensive evaluation.

S

Spreadshirt

spreadshirt.com

65

Spreadshirt operates a global print-on-demand e-commerce platform specializing in custom apparel, accessories, and home products. The website offers users the ability to create personalized products or shop from a wide range of designs. It targets a broad audience interested in unique, customizable merchandise and serves both individual consumers and corporate clients through its Pro services. The platform is well-established with a consistent brand presence and a comprehensive online help center to support customers. Technically, the website employs modern JavaScript frameworks and libraries such as Glide.js for UI components and OneTrust for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with integrations for analytics and marketing tools like Adobe AppMeasurement and Trustpilot. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The absence of WHOIS registration data for the domain is a notable anomaly, potentially due to privacy protection or alternative domain registration, which slightly impacts trustworthiness. Overall, Spreadshirt's website is professional, secure, and privacy-compliant, with strong business credibility. Strategic improvements in security transparency and domain registration clarity would enhance trust and compliance posture.

R

Reimagine Buildings Collective

reimaginebuildings.com

70

The Reimagine Buildings Collective is a specialized online community platform that connects builders, designers, and changemakers focused on creating healthy, climate-ready buildings. The platform offers peer-to-peer learning, collaborative cohorts called Reimagine Labs, and a rich repository of member stories and testimonials. It targets professionals dedicated to sustainable building practices and aims to foster connection, clarity, and confidence among its members. Technically, the website leverages modern web technologies including HTML5, CSS3, JavaScript, and video streaming via Cloudflare, hosted on the Mighty Networks platform. Analytics and tracking are implemented through Google Analytics, Bing UET, and TrackJS, indicating a moderate level of user behavior monitoring. Security posture is generally good with HTTPS enforced and CSRF protections, but lacks some recommended security headers and visible privacy or cookie policies, which are areas for improvement. The domain WHOIS data for the subdomain is unavailable, which is typical for subdomains, and does not detract from the legitimacy of the platform. Overall, the website is professional, trustworthy, and well-positioned within its niche, though it would benefit from enhanced privacy disclosures and security headers to improve compliance and security posture.

Macquarie Bank Limited operates a comprehensive Australian banking website offering a wide range of personal and business financial services including everyday banking, home loans, investing, and private banking. The site is well-branded and professionally designed, targeting Australian banking customers with clear navigation and extensive product information. The business is positioned as a large, established financial institution under the Macquarie Group umbrella. Technically, the website leverages Adobe Experience Manager CMS and integrates multiple modern analytics and marketing tools such as Google Tag Manager, Crazy Egg, and Facebook Pixel, indicating a mature digital infrastructure. The site is mobile-optimized and accessible with good SEO practices. Security posture is strong with HTTPS enforced and promotion of multi-factor authentication, though explicit security headers and policies could be more visible. WHOIS data is privacy protected, which is typical for financial institutions, but limits transparency. Overall, the website is trustworthy, professional, and secure with minor areas for improvement in security disclosures and contact information visibility.

E

eBay Inc.

ebay.com

71

eBay Inc. operates a leading global e-commerce platform facilitating consumer-to-consumer and business-to-consumer sales worldwide. Founded in 1995, it has established a strong market position with a multibillion-dollar business and operations in approximately 30 countries. The website offers a wide range of products including electronics, cars, fashion, collectibles, and more, targeting a broad audience of consumers and businesses. The business model centers on providing an online marketplace where buyers can shop for free while sellers pay listing and transaction fees. Technically, the website employs modern web technologies such as Marko.js, lazy loading, and extensive JavaScript for dynamic content and performance optimization. The site is well-optimized for mobile devices, accessible, and SEO-friendly. Security is robust with HTTPS enforced, multiple security headers, and client-side error monitoring. Privacy compliance is strong, featuring comprehensive privacy and cookie policies with GDPR adherence and a consent mechanism. The security posture is mature, with no evident vulnerabilities or exposed sensitive data. However, explicit security policies, incident response details, and vulnerability disclosure programs are not publicly documented on the site. The WHOIS data is unavailable due to registry restrictions, which is unusual but likely a privacy measure rather than a red flag. Overall, the site demonstrates high professionalism, trustworthiness, and operational maturity. Strategic recommendations include publishing detailed security and incident response policies, establishing a vulnerability disclosure program, and enhancing transparency around data protection officers and certifications to further strengthen trust and compliance.

W

Wyss Sebastian

wyssseb.ch

45

Wyss Sebastian's website is a personal WordPress blog hosted on a standard WordPress platform using the Twenty Twenty-Five theme. The site currently contains minimal content, with no published blog posts or business-related information. The technical infrastructure is modern and secure, utilizing HTTPS and standard WordPress technologies, but lacks advanced SEO, accessibility, and security headers. There are no privacy or cookie policies, nor any contact or incident response information, which limits compliance and trustworthiness. Overall, the site is safe and suitable for general audiences but lacks professional business features and security maturity.

M

Megi Zumstein

megizumstein.ch

51

Megi Zumstein is a graphic designer based in Luzern, Switzerland, presenting a professional portfolio website showcasing various cultural and artistic projects. The website targets a general audience interested in graphic design and cultural collaborations, positioning itself as a niche individual professional service provider. The site features modern frontend technologies such as Alpine.js and SVG graphics, with a responsive design and good navigation clarity. However, it lacks comprehensive privacy and cookie policies, contact information, and security headers, which are important for compliance and trust. Technically, the website is built with modern web standards, uses HTTPS, and loads efficiently, but it could benefit from improved accessibility features and security best practices such as implementing security headers. No analytics or tracking scripts were detected, indicating minimal user tracking and good privacy from that perspective. From a security standpoint, the site has a good SSL configuration but lacks security headers and formal policies related to privacy and incident response. The domain uses privacy protection for WHOIS data, which is reasonable for a small business or individual professional. No suspicious patterns or vulnerabilities were identified in the content or technical setup. Overall, the website is professional and functional but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve trust and regulatory adherence.

The website lychkovskiy.com serves as a professional portfolio for Mikhail Lychkovskiy, a contemporary designer and poster artist. The site showcases a comprehensive gallery of poster artworks, emphasizing typographic treatment and a blend of national graphic styles. The business operates primarily as an independent artist, targeting design enthusiasts and art collectors, with sales facilitated through external shop links. The domain is relatively new, registered in 2022, aligning with the artist's career timeline. Technically, the website is built on the Adobe Portfolio platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, and Adobe Typekit fonts. Google Tag Manager is employed for analytics and tracking purposes. The site demonstrates good mobile optimization and user experience, with clear navigation and professional design quality. However, accessibility features are basic, and SEO optimization is moderate. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections in place. However, DNSSEC is not enabled, and no security headers were detected, indicating room for improvement in security hardening. Privacy compliance is lacking, with no privacy or cookie policies found, and no GDPR compliance indicators present. Contact information is limited to a single email address, with no phone numbers or physical addresses provided. Overall, the website presents a trustworthy and professional portfolio for an independent artist but would benefit from enhanced privacy policies, security headers, and clearer compliance documentation to improve its security posture and regulatory adherence.

Alex Dujet Type System Corp is a specialized graphic and type design studio based in Geneva, Switzerland, founded in 2015. The company focuses on visual communication, editorial, and type design, collaborating with a network of design professionals and co-founding the Swiss type foundry Extraset. The website serves as a portfolio showcasing extensive design projects and exhibitions, targeting graphic designers and related professionals. Technically, the site is built with standard web technologies including HTML5, CSS3, JavaScript, and jQuery, hosted on Infomaniak servers. While the site is content-rich and professionally designed, it lacks modern privacy and security compliance features such as privacy and cookie policies, security headers, and DNSSEC. The domain registration is consistent with the business claims, supporting legitimacy. Overall, the website demonstrates good business credibility but has room for improvement in security and privacy compliance.

N

Neo Neo

neoneo.ch

51

Neo Neo is a Swiss-based graphic design studio specializing in creative services including graphic design, type design, curating, and publishing. The website serves as a comprehensive portfolio showcasing projects from 2010 through 2024, highlighting a strong presence in cultural and artistic sectors. The business targets a general audience interested in high-quality graphic design and cultural projects. Technically, the website is built on WordPress with Yoast SEO plugin, indicating a moderate level of digital maturity and SEO awareness. The site is mobile optimized and presents a professional design with clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

P

Paul Jochum

pauljochum.com

59

Paul Jochum's website serves as a professional portfolio showcasing his expertise in designing and developing visual identities for brands, institutions, and cultural projects. The site emphasizes a blend of graphic design, web design, and development to deliver cohesive branding systems with a focus on clarity and narrative. The business operates as a small-scale creative professional targeting niche clients in the cultural and institutional sectors. Technically, the website is built using the Framer platform, leveraging modern JavaScript and SVG technologies, with moderate performance and good mobile optimization. However, the site lacks advanced accessibility features and comprehensive SEO optimizations. Security posture is weak due to missing HTTPS verification, absence of security headers, and no visible privacy or cookie policies, which poses compliance and trust challenges. The WHOIS data is unavailable, raising concerns about domain registration legitimacy, although the website content appears professional and consistent. Overall, the site is functional and visually appealing but requires improvements in security, privacy compliance, and domain transparency to enhance trust and reduce risk.

L

linyouting

linyouting.com

51

The website linyouting.com serves as a personal portfolio for Youting Lin, a multidisciplinary designer specializing in graphic design and motion graphics. The site showcases various creative projects and visual works, targeting a general audience interested in design and multimedia art. The business model is primarily portfolio-based, aimed at personal branding and showcasing creative skills. The market position is niche, focusing on creative professionals and potential clients in the design industry. Technically, the site is built on the Cargo Collective platform, utilizing standard web technologies such as HTML5, CSS3, JavaScript, and jQuery. The site is hosted on Cargo's infrastructure with assets served from freight.cargo.site and static.cargo.site. The site is mobile optimized with good design quality and user experience, though some SEO and accessibility features are basic. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protection enabled. However, DNSSEC is not enabled, and no security headers are detected in the HTML content, which are areas for improvement. There are no published privacy, cookie, or terms of service policies, nor any incident response or security contact information, indicating limited compliance and transparency. Overall, the site is a well-designed personal portfolio with moderate technical maturity and security posture. The lack of privacy and security policies, as well as contact information, reduces trust and compliance scores. Strategic improvements in these areas would enhance the site's professionalism and security stance.

L

Lynn Oh

lynnsohn.com

50

Lynn Oh's website is a professionally designed portfolio showcasing her multidisciplinary graphic design expertise, including identity, typography, and motion graphics. The site highlights collaborations with prestigious agencies and clients such as Instagram, COLLINS, Pentagram, Apple, and Nike, positioning her as an established creative professional in the media industry. The business model is focused on personal branding and freelance/contract design services targeting creative industry professionals and potential clients. Technically, the website is built on the Cargo Collective platform using modern web standards including HTML5, CSS3, and JavaScript, with custom fonts loaded from WebType. The site is mobile optimized and performs moderately well, though accessibility and SEO optimizations are basic. Hosting and domain registration are consistent and reputable, with HTTPS enabled and domain transfer protections in place. From a security perspective, the site benefits from HTTPS and domain transfer lock but lacks DNSSEC and security headers, which are recommended for enhanced protection. There are no privacy or cookie policies, nor vulnerability disclosure mechanisms, indicating gaps in compliance and security transparency. No analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the website is safe, professional, and trustworthy with excellent content quality and business credibility. However, improvements in privacy compliance, security headers, and disclosure policies would strengthen its security posture and regulatory adherence.

D

DR.ME

dr-me.com

53

DR.ME is a well-established creative design studio based in Manchester, UK, founded in 2010. The company specializes in innovative and experimental design services including graphic design, art direction, photography, illustration, collage, and video production. They serve a diverse client base in music, fashion, art, and culture sectors and have earned industry recognition such as the D&AD Yellow Pencil award. The website reflects a professional portfolio showcasing their work and client list, positioning them as a respected player in the creative media industry. Technically, the site is built on the Cargo Collective platform using modern web technologies and is mobile optimized with moderate performance. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks advanced security headers and formal privacy or cookie policies. Overall, the site is safe, professional, and trustworthy but could improve compliance and security transparency.

L

Lamm & Kirch GbR

lamm-kirch.com

46

Lamm & Kirch GbR is a small, established graphic design studio founded in 2012, specializing in cultural sector projects including book design, visual identities, and exhibitions. Operating from Leipzig and Berlin, the studio collaborates with a network of professionals to deliver comprehensive design services. Their website reflects a professional and well-curated portfolio, demonstrating their market position as a reputable design studio with international recognition and multiple awards. Technically, the website uses standard web technologies with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is strong with a detailed GDPR-compliant privacy policy, though cookie consent mechanisms are absent. Overall, the website is trustworthy, professional, and safe for general audiences.

S

Studio Tillack Knöll

studiotillackknoell.com

48

Studio Tillack Knöll is a small, specialized design practice based in Stuttgart, Germany, focusing on visual communication, spatial design, and graphic design services. Their portfolio includes exhibitions, wayfinding systems, book design, branding, and digital experiences for clients in architecture, art, science, commerce, cultural institutions, and NGOs. The website presents a professional and well-structured portfolio with recent activity and project showcases, indicating an active and reputable studio with international recognition. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and SEO enhancements via Yoast SEO. The site is mobile-optimized and performs moderately well, though accessibility features are basic. Hosting is inferred to be with GoDaddy.com, LLC, consistent with the domain registrar data. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and DNSSEC. Privacy compliance is weak due to the absence of privacy and cookie policies and no consent mechanisms. Contact information is primarily via a contact form and physical address; no direct emails or phone numbers are publicly listed. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security headers to strengthen its security posture and regulatory adherence.

J

Johnson / Kingston

johnsonkingston.ch

47

Johnson / Kingston is a Swiss design studio founded in 2012, specializing in contemporary graphic design with a strong focus on the intersection of design and technology. Their services include digital publishing, typeface development, custom workflows, and identity design for cultural and educational institutions. The studio has received international recognition, including multiple Swiss Design Awards, and maintains a professional online portfolio showcasing their work and teaching activities. Technically, the website uses modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and Swiper.js, delivering a fast and visually rich user experience optimized for mobile devices. Security-wise, the site lacks visible security headers and privacy/cookie policies, which are areas for improvement, but it does not collect user data or use tracking scripts, reducing risk exposure. The domain registration data is consistent with the business claims, indicating legitimacy and trustworthiness.

M

Marinus Klinksik

marinusklinksik.de

49

Marinus Klinksik is a Hamburg-based multidisciplinary graphic and type designer with a professional online portfolio hosted on the Cargo Collective platform. The website showcases a strong focus on typography, editorial, web, and motion design, complemented by the launch of a type foundry called Why.Foundry in early 2024. The site is well-structured, visually professional, and targets clients and collaborators in the creative design industry. Technically, the website employs modern web standards, including HTTPS, security headers, and Google Analytics with IP anonymization, hosted on a reputable platform. Security posture is solid with no visible vulnerabilities, though cookie consent mechanisms and explicit security policies could be improved. Overall, the website presents a trustworthy and professional digital presence for a small creative business.

R

Raffinerie AG für Gestaltung

raffinerie.com

47

Raffinerie AG für Gestaltung is a well-established design agency based in Zürich, Switzerland, specializing in branding, digital, and editorial design services. The company has a strong portfolio featuring notable clients such as Helsana, Greenpeace, and Zürcher Kantonalbank, positioning itself as a reputable player in the media and creative design sector. The website reflects a professional and consistent brand image, targeting businesses and organizations seeking high-quality design solutions. Technically, the website is built on modern web technologies including HTML5, CSS3, JavaScript, and Alpine.js, hosted on infrastructure associated with Metanet AG. It is optimized for mobile devices and demonstrates good performance and accessibility standards. The use of Google Tag Manager and Vimeo embeds indicates a mature digital marketing and content delivery approach. From a security perspective, the site employs HTTPS with a valid SSL certificate and has domain transfer protections in place. However, it lacks DNSSEC and security headers, which are recommended to enhance security posture. Privacy compliance is basic, with a cookie policy present but no active consent mechanism or detailed GDPR compliance indicators. No incident response or security policy pages were found. Overall, the website is trustworthy and professionally maintained, with minor improvements recommended in security headers and privacy compliance to strengthen its security and regulatory posture.

F

Fons Hickmann M23

m23.de

38

Fons Hickmann M23 is a Berlin-based design studio specializing in complex communication systems and graphic design projects. The website showcases a professional portfolio with diverse projects including posters, campaigns, animations, and editorial designs, targeting cultural institutions and design professionals. The business is well-established with a domain age dating back to 2002, indicating a mature presence in the design industry. Technically, the website is built on WordPress with modern JavaScript libraries such as Flickity and Plyr, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers which could enhance protection. Privacy compliance is weak due to absence of privacy and cookie policies, representing a compliance risk. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and content-rich but would benefit from improved privacy and security practices.

Eilean Friis-Lund's website serves as a personal graphic design portfolio showcasing a gallery of images. The site targets individuals or businesses interested in graphic design services or artistic inspiration. The business model appears to be a personal brand portfolio aimed at attracting clients or commissions within a niche market. The website is small-scale with basic content quality and consistent branding. Technically, the site is built with standard HTML5, CSS3, and JavaScript without any detected frameworks or CMS. It features a responsive design optimized for mobile devices and moderate performance. However, there is a lack of advanced SEO and accessibility features, and no hosting or platform details are evident. From a security perspective, the site lacks essential security headers and published policies such as privacy or cookie policies. The absence of HTTPS information and incident response contacts indicates a low security posture. No vulnerabilities or tracking technologies were detected, but improvements are needed to enhance compliance and trust. Overall, the website presents a moderate risk profile primarily due to missing privacy and security policies and limited business information. Strategic recommendations include implementing security headers, publishing privacy and cookie policies, enforcing HTTPS, and adding incident response contacts to improve trust and compliance.

E

Eddy Terki

eddyterki.fr

38

Eddy Terki's website is a professional portfolio showcasing a graphic design atelier based in France, specializing in editorial design, visual identity, signage, and website creation. The site is built on Drupal 8 and hosted by OVH, reflecting a moderate level of technical maturity. The content is rich and well-structured, targeting clients and collaborators in the creative and educational sectors. However, the site lacks critical privacy and cookie policies, which impacts GDPR compliance and overall privacy posture. Security measures such as HTTP security headers are absent, and no explicit contact information or incident response channels are provided, which could affect trust and responsiveness. Overall, the domain registration data aligns well with the website content, indicating legitimacy and consistency.

Studio Dumbar/DEPT® is an established creative agency specializing in bespoke visual identities, motion design, sound, and creative coding. The company has a strong market position with a portfolio of high-profile projects and a consistent, professional brand presence. The website reflects a modern, well-designed digital presence leveraging advanced JavaScript libraries for smooth user experience and animations. However, the site lacks explicit privacy and terms of service documentation, which are important for compliance and user trust. The technical infrastructure is solid with HTTPS enabled and use of reputable third-party libraries, but security headers and DNSSEC are missing, representing areas for improvement. Overall, the security posture is moderate with room for enhancement in policy transparency and technical safeguards.

C

Chloé Pannatier

chloepannatier.ch

55

Chloé Pannatier's website is a professional graphic design portfolio showcasing a wide range of projects including poster designs, visual identities, and artworks for various clients and exhibitions. The site targets clients and collaborators in the creative industry, emphasizing detailed project descriptions and high-quality visuals. Technically, the site is built on WordPress with modern web technologies, featuring lazy loading and responsive design, providing a good user experience across devices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with no visible privacy or cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

Bento is a technology company offering a comprehensive email marketing and CRM platform tailored for small businesses. Founded in 2019, Bento provides an all-in-one solution that includes marketing automation, transactional email services, AI-powered CRM features, and spam protection. The company positions itself as a user-friendly and developer-friendly platform with strong deliverability and enterprise-grade security, evidenced by its SOC 2 Type II compliance. The website reflects a modern, professional brand with clear messaging and a focus on ease of use and integration capabilities. Technically, Bento's website is built using modern web technologies including React and Next.js, hosted with Cloudflare DNS and leveraging cloud media services. The site is fast, mobile-optimized, and accessible, with good SEO practices and structured data enhancing search visibility. Security best practices are observed with HTTPS enforcement, security headers, and domain registration protections, although DNSSEC is not enabled. Privacy compliance is an area for improvement as no explicit privacy or cookie policies are present. From a security perspective, Bento demonstrates a mature posture with SOC 2 Type II certification and features like Spam Shield to maintain email list hygiene. No vulnerabilities or exposed sensitive data were detected in the analysis. However, the absence of published security policies, incident response contacts, and vulnerability disclosure mechanisms suggests room for enhancing transparency and readiness. Overall, Bento presents a trustworthy and professional online presence with strong technical and security foundations. To further improve, the company should address privacy compliance gaps, publish comprehensive policies, and enhance contact options to build greater user trust and regulatory adherence.

N

Netzwerk hdw nrw

hdw-nrw.de

59

Netzwerk hdw nrw operates as a regional educational network focused on higher education didactics in Nordrhein-Westfalen, Germany. The website offers a variety of workshops, coaching, certificates, and working groups aimed at academic professionals such as lecturers, deans, and scientific staff. Their market position is that of a specialized provider for professional development in university teaching within the NRW region. Technically, the site uses a custom CMS with standard web technologies including jQuery and CSS, and it is moderately optimized for mobile devices. Security posture is adequate with HTTPS usage but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and content-rich, serving its target audience effectively.

H

Hochschule Bielefeld

fh-bielefeld.de

61

Hochschule Bielefeld (HSBI) is a German university of applied sciences providing education, research, and transfer services primarily to students, academic staff, and regional partners. The website offers comprehensive information about study programs, research projects, transfer activities, continuing education, and international services. The institution holds a solid regional market position as a medium-sized educational entity in Germany. Technically, the website is built on a custom CMS with jQuery and standard web technologies, featuring good mobile optimization and SEO practices. Security posture is strong with HTTPS and multiple security headers, though some improvements are recommended in privacy compliance and incident response transparency. Overall, the site is professional, trustworthy, and well-structured, serving its target audience effectively.

J

Just Another Foundry GmbH

remix-tools.com

51

Just Another Foundry GmbH operates the Font Remix Tools website, providing specialized plug-ins for font editing software FontLab and Glyphs. The company targets professional font designers and typographers, offering tools that enhance font design workflows such as glyph harmonization and small caps generation. The business is well-established with a domain age since 2007 and maintains a niche market position supported by testimonials from recognized font designers. Technically, the website uses standard web technologies with a moderate performance profile and good mobile optimization. Security posture is moderate with no advanced security headers or DNSSEC enabled, and privacy compliance is partial with a comprehensive privacy policy but no cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional, trustworthy, and focused on its target audience.