Security Directory

R

Rifonsa AG

safran-zunft.ch

50

Safran Zunft is a traditional yet modern restaurant located in the heart of Basel, Switzerland, operated by Rifonsa AG. The business offers a blend of traditional ambiance with innovative cuisine focusing on local and seasonal products. It caters to a diverse clientele including local residents, tourists, and corporate clients, providing services such as restaurant dining, event hosting, catering, and home delivery. The website reflects a well-established hospitality business with multiple certifications and a strong local presence. Technically, the website is built on WordPress using modern tools such as WPBakery Page Builder, Google Tag Manager, and Mailchimp for marketing automation. It employs HTTPS with good SSL configuration and uses lazy loading for images to optimize performance. The site is mobile optimized and SEO friendly with structured data implemented via JSON-LD. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, security headers are not explicitly present and there is no visible security policy or vulnerability disclosure page, which could be improved. The WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular audits of third-party scripts to further strengthen security posture.

O

Optimize AG

eventlokale.ch

62

eventlokale.ch is a well-established Swiss event portal operated by Optimize AG, offering a comprehensive marketplace for event locations, service providers, and event-related job listings. The platform targets event planners and individuals in Switzerland, positioning itself as the largest event portal in the country. The website provides rich content including editorial articles, event ideas, and the Swiss Location Award information, enhancing its market presence and user engagement. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with integrations of Google Analytics, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site is mobile-optimized and features good SEO practices, although accessibility could be improved. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks visible privacy and cookie policies, which are critical for GDPR compliance. No contact emails or phone numbers were found, which may impact user trust and compliance. Overall, the site is professional and trustworthy but should address privacy compliance and contact transparency to enhance its security posture and user confidence.

B

Building

building.co.uk

62

Building.co.uk is a leading UK-based online magazine and resource portal for construction professionals, offering news, CPD modules, events, and industry data. The website is well-established with a professional design, consistent branding, and a comprehensive content offering targeted at construction industry stakeholders. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Amazon CloudFront CDN, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and standard security best practices observed, although explicit security policies and vulnerability disclosure mechanisms are not publicly available. Overall, the site presents a trustworthy and authoritative presence in its sector, though WHOIS data for the exact domain is unavailable due to domain naming rules, indicating the domain is likely a subdomain or alias under a registered parent domain.

HanmiGlobal Co., Ltd. is a large Korean construction and project management company with a global footprint, specializing in advanced technology and strategic construction services. The company has executed over 3,200 projects worldwide and offers a broad range of services including project management, development, supervision, and energy infrastructure consulting. Their market position is strong, reflected by a world ranking of 7 in ENR 2025 and a diversified portfolio of subsidiaries and partners. Technically, the website employs a moderate modern tech stack including jQuery, Swiper.js, GSAP, and Google Analytics, with good mobile optimization and a professional design. However, some outdated libraries and missing security headers indicate areas for improvement. The site uses HTTPS but lacks DNSSEC and explicit security policies. Security posture is moderate with good practices like HTTPS and reCAPTCHA on forms, but the absence of security headers, outdated libraries, and missing privacy and cookie policies reduce compliance and security maturity. No incident response or vulnerability disclosure information is published. Overall, the website is professional and trustworthy but would benefit from enhanced security measures, privacy compliance, and updated technical components to improve risk posture and user trust.

W

Walker Sime

walkersime.co.uk

61

Walker Sime is a UK-based multi-disciplinary construction consultancy established in 2000, offering professional services such as quantity surveying and project management. The company positions itself as a trusted and well-liked consultancy within its niche, targeting clients who require expert construction consultancy services. The website reflects a professional business model with consistent branding and good content quality, supporting its market position. Technically, the website is built on WordPress using modern technologies including WPBakery Page Builder, Google Analytics, and LinkedIn Insight tags, indicating a moderate level of digital maturity. The site is mobile-optimized and SEO-friendly, though accessibility features could be improved. Security posture is generally good with HTTPS enforced and use of reCAPTCHA, but lacks some security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

O

Otak

otak.com

55

Otak, Inc. is a professional integrated design and project delivery firm specializing in architecture, engineering, environmental consulting, planning, and project management services. The company emphasizes sustainability, integrity, and community engagement as core values, serving government agencies, developers, and communities primarily in the United States. Their market position is that of a medium-sized, reputable firm with a strong focus on delivering community-centric projects and sustainable solutions. Technically, the website is built on WordPress with a modern technology stack including Google Analytics, Google Tag Manager, and various performance and SEO optimization plugins. The site is well-optimized for mobile devices, features good accessibility, and demonstrates excellent SEO practices. The infrastructure appears robust with fast loading times and a professional design. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers, a published security policy, and incident response contact information. The absence of WHOIS domain registration data raises some concerns about domain transparency, although the website content and social media presence support its legitimacy. Overall, Otak presents a professional and trustworthy online presence with minor gaps in security transparency and domain registration information. Strategic improvements in security policy publication and domain WHOIS transparency would enhance trust and compliance.

Architecture for Communities Los Angeles (ACLA) is a small non-profit organization dedicated to inspiring and empowering communities in Los Angeles through architecture education, events, and engagement. Their website serves as a hub for promoting community events, student exhibitions, scholarships, and sustainability initiatives. The organization targets students, architects, and community members interested in architecture and social impact within the Los Angeles region. The site reflects a consistent brand and professional presentation aligned with their mission. Technically, the website is built on WordPress with WooCommerce for donations and event registrations, leveraging common libraries such as jQuery, RoyalSlider, and Slick Carousel. Hosting is provided by InMotion Hosting, and the site uses HTTPS with a good SSL configuration. SEO and mobile optimization are well addressed, though accessibility features are basic. Analytics are implemented via Google Analytics and Jetpack Stats, but the Google Analytics plugin is not fully configured. From a security perspective, the site enforces HTTPS and uses domain transfer protections. However, it lacks DNSSEC and important security headers like Content-Security-Policy. No cookie consent mechanism is present, which may impact GDPR compliance. Payment processing is handled securely via Authorize.Net CIM. No incident response or security policy is published, and no vulnerability disclosure or security.txt file is found. Overall, the website is safe, professional, and trustworthy with a moderate security posture. Recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, completing analytics configuration, and publishing security policies to enhance compliance and trust.

A

ARVHA

femmes-archi.org

40

The website www.femmes-archi.org represents ARVHA, a non-profit association dedicated to promoting women architects through the French Prize for Women Architects and related events. The site serves as a platform to showcase award winners, organize conferences, and provide media content supporting gender parity in architecture. The target audience includes women architects, architecture professionals, and supporters of diversity in the field. The business model is centered on event organization and awareness campaigns, supported by institutional and private sponsors. Technically, the website is built on WordPress 5.5.17 using the Enfold theme and several plugins such as LayerSlider and Video Popup. It employs Google Analytics and Google Tag Manager for tracking and uses Google Fonts for typography. The site is mobile-optimized with a moderate performance profile and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, it lacks visible security headers and a published privacy policy, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the professional presentation and active social media presence support trustworthiness. Overall, the website is a well-maintained, professional platform serving a niche non-profit mission. Strategic recommendations include publishing a comprehensive privacy policy, enhancing security headers, updating WordPress and plugins regularly, and providing clear contact information for security and business inquiries to strengthen compliance and trust.

I

Inigo

inigo.com

66

Inigo is a specialized UK-based estate agency focusing on the sale and marketing of historic and architecturally significant homes. The company targets discerning buyers and sellers interested in authentic British homes with rich stories and heritage. Their market position is niche but well-defined, supported by professional branding and trust indicators such as accreditation by The Property Ombudsman and Trading Standards. The website offers comprehensive property listings, editorial content, and customer engagement tools such as newsletters and property alerts. Technically, the website is built on modern frameworks including Next.js and React, with integrations for analytics (Google Analytics) and marketing automation (Klaviyo). The site is mobile-optimized and demonstrates good SEO and accessibility practices, though some improvements in security headers and incident response transparency are recommended. The SSL configuration is excellent, ensuring secure communications. From a security perspective, the site enforces HTTPS and provides cookie consent mechanisms aligned with GDPR requirements. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness. No security.txt or incident response information is published, which could be improved to enhance security posture and customer trust. Overall, Inigo presents a professional and trustworthy online presence for its real estate business, but domain registration opacity and minor security best practice gaps suggest areas for improvement. Strategic recommendations include verifying domain registration details, implementing security headers, publishing security policies, and enhancing incident response readiness.

T

The Quality Assurance Agency for Higher Education

qaa.ac.uk

72

The Quality Assurance Agency for Higher Education (QAA) is a UK-based independent charity and the expert quality body for tertiary education. It provides impartial regulatory and collaborative quality assurance and enhancement services across the UK and internationally. The organization is trusted by governments, funding bodies, and higher education providers, offering services such as membership, accreditation, training, and sector resources. The website reflects a mature, professional entity with a clear focus on education quality and standards. Technically, the website is built on the Sitefinity CMS platform, leveraging modern analytics tools including Google Analytics and Microsoft Clarity, and employs Google Tag Manager for marketing and tracking. The site is mobile-optimized, accessible, and well-structured with comprehensive navigation and content. Security certifications such as ISO 27001 and Cyber Essentials are prominently displayed, indicating a strong commitment to information security. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. However, explicit security headers and a public security policy or incident response contact are not found, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website and organization present a low-risk profile with high trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy and incident response details, and implementing a vulnerability disclosure program to further strengthen security and transparency.

G

Goldsmiths College

goldsmithscca.art

46

Goldsmiths Centre for Contemporary Art (Goldsmiths CCA) is an educational and cultural institution affiliated with Goldsmiths College in London, UK. The organization focuses on contemporary art exhibitions, events, residencies, and engagement programs targeting artists, students, and the general public interested in art. The website reflects a well-established institution with a clear mission to foster creativity and debate in the arts sector. The domain registration aligns with the institution's identity and geographic location, supporting its legitimacy. Technically, the website is built on WordPress with a custom theme and integrates modern technologies such as Google Analytics, Google Tag Manager, and Shopify Buy Button SDK for e-commerce capabilities. The site demonstrates good mobile optimization, SEO practices, and moderate performance. However, some accessibility features are basic, and there is room for improvement in security headers and DNS security. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There are no visible incident response or security policies published, which could be improved to enhance trust and compliance. Privacy compliance is basic, with a privacy policy and cookie consent mechanism present but no explicit GDPR compliance statements. Analytics usage is moderate, with user tracking via multiple services. Overall, the website is professional, trustworthy, and serves its educational and cultural mission effectively. Strategic recommendations include enhancing DNS security, implementing security headers, publishing security policies, and improving privacy compliance to strengthen the security posture and user trust.

S

Stage de rugby Stade Rochelais

stages-staderochelais.com

58

The website 'Stages Stade Rochelais' offers rugby training camps associated with the Stade Rochelais rugby club, targeting rugby players and enthusiasts primarily in France. The business operates a niche sports training service with a focus on rugby camps. The website is built on the Wix platform, utilizing modern web technologies including Google Analytics and Tag Manager for tracking. The site is professionally designed, mobile-optimized, and provides structured business information including a physical address. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Security posture is adequate with HTTPS enforced but lacks explicit security headers and privacy compliance mechanisms such as a privacy policy or cookie consent banner. Overall, the site presents a moderate risk profile with recommendations to improve privacy compliance and domain registration transparency.

Z

Zahnärztliche Mitteilungen

zm-online.de

69

zm-online.de is a German-language news portal specializing in dental medicine and healthcare news. It serves dental professionals and stakeholders with up-to-date articles, continuing education, job listings, and market information. The site is powered by TYPO3 CMS and integrates modern web technologies including Google Analytics and Traffective advertising. The website demonstrates a good level of technical maturity with mobile optimization, SEO best practices, and privacy consent mechanisms in place. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

A

AGROLA AG

agrola.ch

53

AGROLA AG is a Swiss energy and mobility company providing a broad range of products and services including heating oil, wood pellets, electricity, electromobility charging solutions, and solar energy systems. The company targets both residential and commercial customers within Switzerland, positioning itself as a reliable regional partner in energy and mobility sectors. The website reflects a mature digital presence with clear navigation, professional design, and multilingual support (German and French). Technically, the site employs modern web technologies such as Bootstrap, Google Tag Manager, Google Analytics, and Facebook Pixel, indicating a moderate to advanced digital infrastructure. Security posture is generally good with HTTPS enforced and secure form handling, though the absence of explicit security headers and incident response information suggests room for improvement. Privacy compliance is partially met with a comprehensive privacy policy available, but lacks a visible cookie consent mechanism. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

I

Imbach Logistik AG

imbach-logistik.ch

71

Imbach Logistik AG is a Swiss-based logistics and transport company specializing in cargo, bottle, and event logistics. The company operates with approximately 340 employees and a fleet of 70 trucks, emphasizing innovative and sustainable transport solutions. It is part of the Galliker Group, which enhances its market position and operational capabilities. The website reflects a professional and modern digital presence, with clear service offerings and strong branding consistency. Technical infrastructure includes modern web technologies such as Google Tag Manager, Google Analytics, and a cookie consent framework, supporting compliance and user experience. Security posture is good with HTTPS enforced and privacy mechanisms in place, though some security headers and explicit security policies are missing. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and trustworthiness.

O

Online Now! GmbH

online-now.de

10

Online Now! GmbH is a specialized digital agency based in Berlin, Germany, focusing on TYPO3 CMS development, responsive web design, and social media integration. The company positions itself as a certified TYPO3 integrator with a strong portfolio of reference projects, offering end-to-end services including consulting, design, programming, hosting, and support. Their target audience primarily consists of businesses and organizations seeking professional web solutions with a focus on usability and mobile optimization. Technically, the website is built on TYPO3 CMS with PHP and JavaScript technologies, incorporating modern libraries such as jQuery and bxSlider for UI components. The site demonstrates good mobile responsiveness, accessibility, and SEO practices. Analytics are implemented via Google Analytics and Matomo, with privacy-conscious configurations such as IP anonymization and cookie consent mechanisms. From a security perspective, the site uses HTTPS with a strong SSL configuration and employs cookie consent banners to comply with GDPR. However, explicit HTTP security headers and a published security policy or incident response contacts are absent, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website and domain exhibit a high level of professionalism, trustworthiness, and compliance with privacy regulations. The domain registration is consistent with the business, though registrant details are protected per DENIC policy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen trust and security posture.

D

Designers’ Saturday

designerssaturday.no

63

Designers’ Saturday is a Norwegian event organization specializing in showcasing design news in furniture, textiles, lighting, flooring, interior, and furnishing products. Positioned as Norway's only dedicated design exhibition platform, it targets design professionals, exhibitors, and enthusiasts primarily in Oslo and the surrounding region. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as htmx, Google Tag Manager, and AWS S3 for media hosting, and is built on Craft CMS. The site is well-optimized for mobile and SEO, with clear navigation and rich multimedia content. From a security perspective, the website employs HTTPS with strong SSL configuration and includes security best practices such as CSRF tokens in forms. However, it lacks explicit cookie consent mechanisms and published security or incident response policies, which are areas for improvement. The absence of WHOIS data due to privacy protection is common for event organizations but reduces transparency. Overall, the site demonstrates a high level of professionalism and trustworthiness with moderate privacy compliance. Strategically, the organization should focus on enhancing privacy compliance by implementing cookie consent banners, publishing terms of service, and providing clear security incident contact channels. These steps will strengthen user trust and regulatory adherence. The technical infrastructure is robust, but ongoing audits of third-party scripts and security policies are recommended to maintain a strong security posture.

I

Input interior

inputinterior.no

59

Input interior is a leading independent interior furnishing group in the Nordic region, specializing in tailored solutions for offices, hospitality, education, and healthcare sectors. The company operates multiple showrooms and maintains a strong digital presence with comprehensive content and social media engagement. Their website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is solid with HTTPS, cookie consent management, and reCAPTCHA integration, though some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, Input interior presents a trustworthy and credible business front with strong market positioning in the Nordic interior furnishing industry.

N

Norfax AS

norfax.no

53

Norfax AS is a well-established Norwegian manufacturer specializing in the production and delivery of outdoor shelters (leskur) and furniture for both public and private sectors. With a founding date of 1946 and product delivery since 1984, Norfax positions itself as a quality-focused provider offering customized solutions tailored to client projects. The company maintains a strong digital presence with comprehensive contact information, social media engagement, and clear privacy and cookie policies, reflecting a mature business approach. Technically, the website employs modern JavaScript frameworks, analytics tools, and security best practices, ensuring a reliable and user-friendly experience. Security posture is robust with HTTPS enforcement and security headers, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, Norfax demonstrates a high level of professionalism, trustworthiness, and compliance, making it a credible and secure business entity online.

AB Hyllteknik is a well-established Swedish manufacturer specializing in strong and flexible shelving and sken systems since 1957. The company serves B2B customers primarily in the Nordic region, including offices, schools, libraries, and furniture resellers. Their product portfolio includes office furniture, library shelving, school cloakroom furniture, and related interior systems. The website reflects a mature business with a consistent brand presence and a clear market position as a leader in their niche. Technically, the site uses a modern tech stack with popular JavaScript libraries, CDN hosting, and standard analytics tools, providing a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS and CSRF protections, though improvements are recommended in DNSSEC deployment and security headers. Privacy compliance is basic with cookie usage disclosed but lacking a formal privacy policy and consent mechanism. Overall, the domain registration data supports the legitimacy and trustworthiness of the business, with a domain age consistent with the company's long history.

L

LAUFEN

laufen.no

62

LAUFEN is a company specializing in high-quality Swiss bathroom products and design solutions, targeting consumers and professionals interested in premium bathroom furnishings. The website reflects a medium-sized retail business with a consistent and professional brand presence, offering a wide range of bathroom products including toilets, sinks, showers, and furniture. Technically, the site is built on the Liferay CMS platform, utilizing modern web technologies and standard analytics tools such as Google Analytics and Google Tag Manager. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website enforces HTTPS and includes cookie consent mechanisms, but lacks explicit privacy policy and terms of service pages, as well as contact information for security incidents or data protection officers. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the site itself appears trustworthy and professional. Overall, the website scores well in content quality and security posture but should improve privacy compliance and business credibility transparency.

K

KEIM Commercial

keim.com

56

KEIM Commercial is a well-established manufacturer and distributor of mineral silicate paints and stains, serving commercial and residential markets with a focus on sustainable, long-lasting, and breathable coatings. The company has a strong market position in the niche of mineral coatings, supported by detailed product information, technical data, and a comprehensive sales team presence. The website is built on a modern WordPress platform with WooCommerce and Elementor, indicating a mature digital infrastructure. Security posture is good with HTTPS and clientTransferProhibited domain status, though improvements like DNSSEC and security.txt publication are recommended. Privacy compliance is lacking due to missing privacy and cookie policies. Overall, the site is professional, trustworthy, and well-structured, supporting KEIM's business credibility.

S

Steve Edge Design Ltd.

steve-edgeshop.com

46

Steve Edge Design Ltd. operates the Steve Edge Shop, an e-commerce platform specializing in artist-created merchandise such as posters, books, and badges. The business targets art enthusiasts and collectors, offering unique design products with personal significance. The website is built on WordPress with WooCommerce, leveraging modern web technologies and tracking tools like Google Analytics and Tag Manager. The site is mobile-optimized and provides clear navigation and professional design, supporting a positive user experience. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the site's professional appearance and active social media presence. Security posture is moderate with HTTPS enabled but lacks important security headers and cookie consent mechanisms, indicating room for improvement in compliance and protection. Overall, the site presents a trustworthy retail front but should address domain registration transparency and enhance security and privacy compliance to strengthen its credibility and user trust.

A

Avoxa - Mediengruppe Deutscher Apotheker GmbH

aponet.de

11

aponet.de is a comprehensive German health portal operated by Avoxa - Mediengruppe Deutscher Apotheker GmbH, serving as the official information platform for pharmacists and health consumers in Germany. The site offers a wide range of health news, pharmacy services, podcasts, and digital health tools, positioning itself as a trusted and authoritative source in the healthcare media sector. The business model centers on content provision supported by advertising and informational services tailored to the healthcare community and general public. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies including JavaScript, CSS, and integrated consent management platforms such as Sourcepoint and ContentPass. Hosting is inferred to be with Deutsche Telekom, ensuring reliable infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS, employs GDPR-compliant consent mechanisms, and integrates reputable advertising and tracking services. While explicit security headers are not fully confirmed, the overall posture is strong with no evident vulnerabilities or exposed sensitive data. However, the site could improve by publishing explicit security policies and incident response contacts. Overall, aponet.de presents a low-risk profile with high business credibility, excellent content quality, and solid technical implementation. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure information, and expanding transparency around incident response to further strengthen trust and compliance.

O

Optix

optixdev.com

10

Optix is a technology company specializing in coworking and flexible office management software. Their platform offers a mobile-first, white-labeled app solution designed to enhance community engagement and streamline workspace operations. Positioned as a modern workplace operating system, Optix integrates with thousands of third-party applications to provide a comprehensive management experience. The website reflects a mature, professional business with clear branding and customer testimonials, targeting coworking space operators and flexible office managers. Technically, the website employs modern web technologies including AngularJS, HubSpot marketing tools, Intercom for customer engagement, and analytics services such as Google Analytics and FullStory. The site is mobile-optimized, SEO-friendly, and uses HTTPS with good security practices, although some security headers are not explicitly detected. Privacy and cookie policies are present and indicate GDPR compliance. From a security perspective, the site demonstrates a solid posture with encrypted communications and secure form handling. However, the absence of explicit security policies, incident response information, and vulnerability disclosure mechanisms suggests room for improvement in transparency and readiness. The WHOIS data for the provided domain www.optixdev.com is missing, which raises questions about domain registration status; however, the main operational domain appears to be optixapp.com, associated with ShareDesk Global Inc., lending credibility. Overall, the website is professional, secure, and compliant with privacy standards, serving a clear business purpose. The main risk lies in the domain registration inconsistency, which should be clarified to strengthen trust. Strategic recommendations include enhancing security headers, publishing security policies, and ensuring domain registration transparency.

W

Whois Corp.

whois.co.kr

11

Whois Corp., operating the website whois.co.kr, is a leading South Korean domain registration and business IT solutions provider established in 1998. The company offers a comprehensive suite of services including domain registration, email solutions, cloud hosting, SSL certificates, groupware, and website creation. The website reflects a mature digital presence with professional design, clear navigation, and extensive service offerings targeting businesses and enterprises in South Korea. The company maintains strong trust signals such as ISMS certification and KISA privacy excellence, and serves major Korean corporations as clients. Technically, the website employs modern JavaScript libraries like jQuery, Owl Carousel, and Google Analytics for tracking and user experience enhancement. Hosting appears to be managed internally by Whois Corp., with moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and domain status set to clientTransferProhibited, though DNSSEC is not implemented. Privacy compliance is adequate with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, the security posture is robust with no evident vulnerabilities or exposed sensitive data. The WHOIS data is consistent and transparent, reinforcing the legitimacy of the domain and business. The website is fully accessible without WAF or blocking mechanisms, supporting a high trustworthiness rating. Strategic recommendations include implementing DNSSEC, enhancing security headers, and adding cookie consent to improve privacy compliance. This analysis concludes that Whois Corp. operates a professional, secure, and credible online presence suitable for its business domain and customer base.

CaixaForum is a cultural initiative operated by the Fundación Bancaria Caixa d'Estalvis i Pensions de Barcelona, "la Caixa", providing a wide range of cultural activities including exhibitions, workshops, and family events across multiple centers in Spain. The website reflects a well-established non-profit organization with a clear mission to promote culture to the general public. The digital infrastructure is built on the Liferay CMS platform, leveraging modern web technologies and third-party services such as Google Analytics and ReadSpeaker for accessibility and analytics. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms in place. Security posture is good with HTTPS enforced and domain registration showing strong legitimacy, although some improvements in security headers and incident response transparency are recommended. Overall, the website is professional, trustworthy, and well-positioned within its cultural sector.

P

Paul Mellon Centre

paul-mellon-centre.ac.uk

73

The Paul Mellon Centre is a UK-based non-profit educational charity dedicated to supporting original research into the history of British art and architecture across all periods. The organization offers key services including research support, publishing, events, conferences, grants, and fellowships, targeting academics, researchers, and students interested in British art history. The website reflects a professional and consistent brand image with good content quality and clear navigation, supporting its mission effectively. Technically, the site employs modern web technologies including JavaScript libraries, Google Analytics, and Cookiebot for privacy compliance, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of visible security headers and lack of published security policies suggest room for improvement. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the site is trustworthy, safe, and compliant with GDPR, but could enhance transparency by publishing contact and security-related policies.

G

Goldsmiths, University of London

gold.ac.uk

59

Goldsmiths, University of London is a well-established higher education institution specializing in creative, cultural, and social disciplines. The website reflects a strong market position as a leading university in South East London, offering degree programs, research opportunities, and community engagement. The target audience includes prospective and current students, academics, and researchers. The business model focuses on education and research services with a large institutional size and a history dating back to 1904. Technically, the website employs a modern technology stack including multiple analytics and advertising pixels managed through Google Tag Manager, and uses TerminalFour CMS. The site is mobile-optimized, accessible, and SEO-friendly, with good performance. Cookie consent and privacy mechanisms are robust, reflecting GDPR compliance. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and a public security policy or incident response page suggests room for improvement. The WHOIS data is unavailable or privacy protected, which is common for UK academic domains and justified in this context. Overall, the website is professional, trustworthy, and secure with minor recommendations to enhance security transparency and header implementation. The risk level is low, and the site effectively supports the university's digital presence and business objectives.

C

Cornell University

cornell.edu

67

Cornell University is a prestigious Ivy League private research university offering comprehensive undergraduate, graduate, and professional education across multiple campuses including Ithaca, New York City, and Doha, Qatar. The institution is well-positioned in the education sector with a strong reputation for research and public engagement. The website reflects this stature with rich content, multimedia, and clear navigation targeting students, faculty, alumni, and the general public. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, and integrates analytics and tag management tools to optimize user experience and data collection. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers and published security policies could enhance protection. Privacy compliance is robust with clear privacy and cookie policies and GDPR considerations. Overall, the site demonstrates high professionalism and trustworthiness consistent with a leading educational institution.

C

Cardiff University

cardiff.ac.uk

64

Cardiff University is a leading higher education institution in Wales, recognized for research excellence and comprehensive academic offerings. The website reflects a mature digital presence with strong branding, clear navigation, and extensive content targeting prospective students, researchers, and partners. Technically, the site leverages modern CDN and analytics technologies, ensuring fast performance and good mobile responsiveness. Security posture is solid with HTTPS, cookie consent, and privacy policies in place, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates high professionalism and trustworthiness consistent with a major university.

H

Hallett Independent Limited

hallettindependent.com

52

Hallett Independent Limited is a specialist insurance brokerage firm focused on private clients and art insurance. The company operates independently from large global insurers, providing expert advice and tailored risk management services to a niche market including artists, art dealers, museums, and private collectors. Their market position is that of a trusted, small-scale expert broker with a strong emphasis on professionalism and client care. The website reflects this with high-quality content, clear navigation, and consistent branding. Technically, the site is built on WordPress with modern libraries and integrations such as Google Analytics and reCAPTCHA, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and Cyber Essentials certification displayed, though some improvements like security headers and cookie consent are recommended. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the overall business credibility remains high due to regulatory compliance and professional presentation.

M

Margaret Howell

margarethowell.co.uk

75

Margaret Howell is a well-established British fashion brand specializing in contemporary design for men and women since 1970. The company operates a professional e-commerce website hosted on the Shopify platform, targeting fashion consumers primarily in the UK and internationally. The website showcases their collections and provides a seamless online shopping experience. Technically, the site leverages modern web technologies including Shopify Liquid, TailwindCSS, and integrates marketing and security services such as Klaviyo, Forter, and Global-e. The site is well-optimized for mobile devices and includes essential SEO and accessibility features. Security posture is strong with HTTPS enforced, security headers present, and cookie consent mechanisms implemented, reflecting compliance with GDPR and privacy regulations. However, WHOIS data is unavailable due to querying the www subdomain rather than the base domain, which slightly impacts domain trust analysis. Overall, the website is professional, secure, and trustworthy, with room for improvement in publishing explicit security policies and contact information.

T

The Modern House

themodernhouse.com

76

The Modern House is a well-established UK-based estate agency specializing in the sale of architecturally significant and design-led homes. Founded in 2000, it has carved a niche in the luxury real estate market with a strong editorial and curated approach to property listings. The website reflects a mature digital presence with excellent design, clear navigation, and mobile optimization, targeting affluent buyers and sellers interested in contemporary and period homes across the UK. Technically, the website leverages modern web technologies including React and Next.js, hosted likely on Vercel, with Cloudflare DNS services. Performance and SEO optimizations are well implemented, and the site integrates marketing and analytics tools such as Google Analytics and Klaviyo for user engagement and tracking. Privacy and cookie policies are comprehensive and include consent mechanisms, indicating good compliance with GDPR requirements. From a security perspective, the site enforces HTTPS, employs standard security headers, and avoids exposing sensitive data. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the business claims, showing a long-standing domain registration without privacy protection, enhancing trustworthiness. Overall, The Modern House website demonstrates a strong business and technical foundation with good security hygiene and privacy compliance. Strategic improvements could include publishing a formal security policy, incident response details, and vulnerability disclosure information to further enhance trust and transparency.

G

Grimshaw

grimshaw.global

60

Grimshaw is an internationally recognized architecture and design firm focused on innovative and sustainable solutions. Their website showcases a comprehensive portfolio of projects across multiple sectors including aviation, infrastructure, education, and residential design. The firm emphasizes its commitment to net zero carbon ready buildings and socially and environmentally regenerative architecture, positioning itself as a leader in sustainable design. Technically, the website employs a modern technology stack with various JavaScript libraries for enhanced user experience, multimedia integration, and responsive design. The site is well-optimized for mobile devices and provides rich content including videos and detailed project descriptions. Security-wise, the site uses HTTPS and modern libraries but lacks explicit security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. WHOIS data is limited due to TLD restrictions, but the website's professional presentation and consistent branding support its legitimacy. Overall, Grimshaw's digital presence reflects a mature, credible business with strong sustainability credentials and a global market position.

A

Arquine

arquine.com

49

Arquine is an established international architecture and design magazine primarily serving Spanish-speaking audiences, founded in 1999. The website operates on a WordPress CMS platform with WooCommerce integration, hosted on DigitalOcean infrastructure. It employs modern web technologies including Google Fonts, Google Analytics, TikTok and Facebook tracking pixels, and Google Tag Manager, indicating a mature digital marketing and analytics setup. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of visible privacy and cookie policies, which could expose the organization to regulatory risks. No direct contact or incident response information is provided, limiting transparency and user trust. Overall, the site is professional and content-rich but would benefit from improved privacy and security practices.

M

MasterCraft Boat Company

mastercraft.com

77

MasterCraft Boat Company is a leading manufacturer and marketer of premium performance inboard wakesurfing, wakeboarding, and ski boats. The company holds a strong market position as an innovator with numerous patents and awards, targeting watersports enthusiasts and boat buyers. Their business model includes direct sales supported by a dealer network and a comprehensive digital presence. The website reflects a mature digital infrastructure with modern technologies such as Google Analytics, Facebook Pixel, Microsoft Application Insights, and reCAPTCHA for security. The site is well-optimized for mobile and accessibility, featuring a professional design and clear navigation. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response contacts could be improved. Overall, the domain appears legitimate despite missing WHOIS data, supported by trust signals including NASDAQ listing and ISO certifications. Strategic recommendations include enhancing security header transparency, publishing vulnerability disclosure information, and improving incident response visibility.

S

ShareDesk Global Inc.

optixapp.com

65

Optix, operated by ShareDesk Global Inc., is a specialized SaaS provider offering automation-first coworking and flexible workspace management software. The platform emphasizes end-to-end automation, including booking, invoicing, CRM, and branded mobile apps, targeting coworking operators and community managers seeking to streamline workflows and accelerate growth. The website presents a professional, well-branded, and content-rich experience with strong trust signals such as customer testimonials and industry awards. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, including HubSpot, Google Analytics, and Facebook Pixel. Security posture is solid with HTTPS and some security plugins, though explicit security headers and policies are not evident. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a visible cookie consent mechanism. WHOIS data for the domain is missing, which raises concerns about domain registration transparency, though the website content and branding suggest a legitimate business. Overall, the site is mature, professional, and well-optimized but would benefit from enhanced transparency and security disclosures.

A

Autopromotec

autopromotec.com

58

Autopromotec is an established international biennial exhibition focused on automotive equipment and aftermarket products, primarily targeting industry professionals and exhibitors. The event is held in Bologna, Italy, and serves as a key networking and showcase platform within the automotive aftermarket sector. The website presents professional branding and relevant event information, indicating a mature business presence in the transportation industry. Technically, the site employs a modern tech stack including jQuery, Cookiebot for consent management, Google Analytics, and Facebook Pixel for tracking and marketing purposes. The site is mobile-optimized with good SEO practices but lacks some advanced accessibility features and security headers. Security posture is generally good with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit privacy policies are areas for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional appearance of the website. Overall, the site is safe, trustworthy, and well-suited for its business purpose but would benefit from enhanced transparency and security hardening.

H

Holidu Hosts GmbH

bookiply.com

76

Bookiply is a vacation rental management platform focused on helping hosts maximize bookings and reduce administrative workload. It operates primarily in Europe and is part of the Holidu Group, a recognized entity in the hospitality sector. The website offers a comprehensive suite of services including property listing, channel management, and personal support for hosts. The company targets vacation rental owners and agencies, providing an all-in-one solution to increase visibility and revenue. Technically, the website is built using modern web technologies such as React and Next.js, hosted on AWS in Ireland, and integrates multiple analytics and marketing tools including Google Analytics, Hotjar, and Facebook Pixel. The site is well-optimized for performance, mobile responsiveness, and SEO, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not publicly disclosed, which could be improved. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is mitigated by the professional presentation and detailed imprint. Overall, Bookiply presents a trustworthy and professional online presence with strong compliance and technical maturity. Strategic improvements in transparency around security policies and incident response would enhance its security posture and trustworthiness further.

A

Astre

astre.fr

61

Astre is a well-established European logistics and transportation network headquartered in France, providing tailored transportation, logistics, and palletized shipment solutions through its extensive member company network. The website reflects a professional and consistent brand image, targeting businesses requiring scalable and environmentally responsible supply chain services across Europe. Technically, the site is built on WordPress with modern JavaScript libraries and Google Analytics integration, offering good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and vulnerability disclosures are not published. Privacy compliance is moderate with a cookie consent mechanism but lacks a clearly accessible privacy policy. Overall, the domain WHOIS data is privacy protected, which is typical for .fr domains, and the website content aligns with legitimate business operations.

L

Leyendecker HolzLand GmbH & Co. KG

leyendecker.de

51

Leyendecker HolzLand GmbH & Co. KG is a well-established wood specialist retailer and wholesaler based in Trier, Germany, with a history dating back to 1860. The company offers a broad range of wood products including flooring, doors, garden furniture, and wood-based materials, serving craftsmen, businesses, and end consumers primarily in the Rheinland-Pfalz, Saarland, and Luxembourg regions. Their market position is strong regionally, supported by a large physical exhibition and an online shop. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and consent management tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS, CSP headers, and privacy compliance mechanisms in place, though lacking a dedicated security policy or incident response information. Overall, the site is professional, trustworthy, and compliant with GDPR, with clear contact information and social media presence.

D

DigiShop GmbH

weltholz.de

59

Weltholz is a German-based wood import company specializing in high-quality timber and exclusive wood products for wholesale and retail customers. The website presents a professional and well-structured platform targeting B2B clients such as large and wood dealers. It offers a comprehensive product catalog, marketing support, and online tools like a terrace planner. Technically, the site uses a custom ColdFusion backend with modern frontend libraries including jQuery, Bootstrap, and Slick Slider, integrated with HubSpot and Google Analytics for marketing and analytics. The security posture is solid with HTTPS and cookie consent mechanisms, though security headers are not explicitly detected and could be improved. Privacy compliance is strong with clear policies and consent management. Overall, the site is trustworthy, well-branded, and professionally maintained.

G

Groupe Pole

groupe-pole.com

56

Groupe Pole operates as a network of specialized transporters focusing on pallet distribution and logistics across France and Europe. Established in 2009, the company leverages a collaborative business model to optimize delivery efficiency and environmental impact. Their market position is supported by a sizable network of 64 members and significant annual transport volumes. Technically, the website is built on Joomla! CMS with standard web technologies including jQuery, Bootstrap, and Google services, hosted by OVH sas. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers, and does not provide privacy or cookie policies, which are critical for GDPR compliance. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

M

musicdirectory.ch

musicdirectory.ch

47

musicdirectory.ch is a specialized online platform operated by Helvetiarockt, targeting women, inter-, trans-, non-binary, and agender individuals in the Swiss music industry. It serves as a directory and community hub offering listings of people, projects, and events to foster networking and visibility within this niche market. The website is professionally designed with consistent branding and clear navigation, supporting multiple languages to cater to a diverse Swiss audience. Technically, it is built on WordPress with common plugins for forms, multilingual support, and performance optimization, and it integrates Google Analytics and Tag Manager for user tracking. Security-wise, the site uses HTTPS and some best practices like password strength meters and honeypots in forms but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy and security measures.

A

advertising.com

advertising.com

64

Advertising.com is a mature technology company specializing in programmatic advertising solutions, offering a suite of services including DSP, SSP, engagement platforms, and search solutions. The company targets businesses with large user bases seeking to enhance user engagement and revenue through tailored advertising technologies. The recent acquisition of Underdog Media expands their access to premium publisher inventory, strengthening their market position. Technically, the website is built on WordPress with modern analytics tools such as Google Analytics and Microsoft Clarity, hosted likely on AWS infrastructure. The site is well-designed, mobile-optimized, and SEO-friendly, providing a good user experience. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks DNSSEC and explicit security headers, which are recommended for improvement. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism detected. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

K

KaktusApps

kaktusapp.com

10

KaktusApps is a specialized eCommerce development company focused on providing a suite of innovative apps designed to enhance online store performance, increase sales, and improve customer engagement. Their offerings primarily target Shopify merchants but also extend to other eCommerce platforms. The company has established a solid market position with multiple apps available on the Shopify app store, supported by positive customer ratings and testimonials. Technically, the website is built using modern web technologies including Webflow CMS, Cloudflare DNS, and integrates marketing and analytics tools such as Google Tag Manager and Crisp Chat. The site is mobile optimized and demonstrates good performance and SEO practices. Security-wise, the domain is well protected with registrar locks and HTTPS is enforced, though DNSSEC is not enabled. However, the site lacks explicit privacy and cookie policies, and no direct contact information is provided, which are areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

Rumahweb Indonesia is a well-established web hosting and domain registration provider based in Indonesia, serving primarily small to medium businesses and individuals. Founded in 2002, the company offers a comprehensive suite of services including shared hosting, cloud hosting, VPS, dedicated servers, email hosting, SSL certificates, and website creation tools. Their market position is strong locally, supported by over 155,000 customers and multiple industry certifications such as ISO 27001. The website reflects a professional and modern digital presence built on WordPress with Elementor, demonstrating technical maturity and good user experience. Security posture is robust with HTTPS, security partnerships, and anti-DDoS measures, though explicit cookie consent mechanisms and incident response contacts could be improved. The absence of WHOIS data for the domain is unusual but does not detract significantly from the overall trustworthiness given the extensive business and trust signals present. Strategic recommendations include enhancing privacy compliance and publishing vulnerability disclosure information to further strengthen security and compliance posture.

A

axapharm ag

diabetes-care.ch

51

The website www.diabetes-care.ch represents axapharm ag's Healthpro brand, specializing in diabetes care products such as blood glucose meters, test strips, lancets, and related accessories. The company positions itself as a niche healthcare provider offering modern, user-friendly devices with features supporting effective diabetes management. The site targets individuals managing diabetes and healthcare professionals seeking reliable measurement tools. Technically, the website is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and Google Analytics for user insights. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS with a valid SSL certificate and anonymizes IPs in Google Analytics, but lacks some security headers and displays minor PHP notices, which could expose information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Contact information is comprehensive and transparent, enhancing business credibility. Overall, the site is trustworthy and professionally maintained but would benefit from addressing minor security and privacy gaps.