Security Directory

V

Vasser AS

vasser.no

53

Vasser AS is a Norwegian design and technology company specializing in delivering bespoke digital solutions and design services that strengthen brand presence. The company positions itself as a small but powerful design agency focused on quality, creativity, and functionality, serving a diverse clientele including businesses in technology, energy, healthcare, and design sectors. Their service portfolio includes web design, UX/UI design, development, publishing solutions, and digital design manuals. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in Norwegian. Technically, the site leverages modern technologies such as Craft CMS, Tailwind CSS, GSAP animations, Swiper.js, and integrates analytics tools like Google Analytics, Microsoft Clarity, and Plausible Analytics. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit cookie consent mechanisms are areas for improvement. WHOIS data is not publicly available due to registry policies, but the website content and business information indicate legitimacy. Overall, the site demonstrates a mature digital presence with strong business credibility and good technical implementation.

S

SproutVideo

sproutvideo.com

75

SproutVideo is a well-established video hosting and live streaming platform targeting businesses and enterprises. Founded in 2010, it offers a comprehensive suite of video marketing, analytics, and privacy tools designed to help companies securely share and analyze video content. The platform is trusted by Fortune 500 companies and thousands of small and medium-sized organizations, positioning itself as a reliable and enterprise-ready solution in the video hosting market. The website reflects a mature digital presence with professional design, clear navigation, and extensive marketing and analytics integrations. Technically, SproutVideo leverages modern web technologies including HTML5, JavaScript, and CSS3, supported by AWS infrastructure and Cloudfront CDN for performance and scalability. The site integrates multiple analytics and tracking services such as Google Analytics, Facebook Pixel, TikTok Analytics, LinkedIn Insight Tag, and Microsoft Clarity, indicating a sophisticated approach to user engagement and marketing optimization. Mobile optimization and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site enforces HTTPS with a strong SSL configuration and uses domain transfer protection. However, it lacks DNSSEC and explicit security headers, and does not publish a dedicated security policy or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is supported by clear privacy and cookie policies with consent mechanisms, aligning with GDPR requirements. Overall, SproutVideo demonstrates a strong business credibility and technical maturity with a high level of professionalism and trustworthiness. Strategic recommendations include enhancing DNS security with DNSSEC, implementing security headers, and publishing security and vulnerability disclosure policies to further strengthen the security posture and transparency.

B

Building Design

bdonline.co.uk

67

Building Design (bdonline.co.uk) is a well-established UK-based architecture news and intelligence platform targeting architects and construction professionals. It provides comprehensive news, opinion, CPD content, event information, and job listings, positioning itself as a key media resource in the architecture sector. The website is professionally designed with excellent content quality and clear navigation, supported by modern web technologies including Google Analytics, Google Tag Manager, and AWS Cloudfront CDN. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with a comprehensive privacy and cookie policy linked to the parent company UBM. WHOIS data for the queried domain 'www.bdonline.co.uk' is unavailable due to invalid query format; however, the website's legitimacy is supported by its professional presentation and association with UBM. Overall, the site demonstrates a mature digital presence with moderate to high security and privacy standards.

T

The Architect’s Newspaper

archpaper.com

64

The Architect’s Newspaper is a well-established media publication focused on architecture and design in the United States, serving professionals and enthusiasts with authoritative news, analysis, and industry events. The website demonstrates a mature digital presence with a comprehensive content offering, including news articles, job listings, event information, and product libraries. It leverages a WordPress CMS with modern web technologies and integrates multiple third-party analytics and advertising services to support its business model. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Privacy compliance is addressed with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data for the domain is missing or inaccessible, which is unusual for a commercial site but does not appear to impact the legitimacy of the business. Overall, the site is professional, trustworthy, and well-positioned in its niche.

N

native.

native.fm

63

native. is a UK-based company focused on powering campus culture by organizing and promoting student events such as live talks, virtual events, and club nights. Their platform aims to enhance university life for students across the UK by providing engaging cultural content and event experiences. The company maintains a niche position within the UK education and media sectors, targeting university students and campus communities. Technically, the website is built using modern web technologies including React, Next.js, and Material-UI, with integrated analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be improved. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security headers and incident response information. Privacy and cookie policies are present and GDPR compliant at a basic level. Overall, the website is professional, trustworthy, and well-aligned with its business goals, though there is room for enhancement in security transparency and contact information completeness.

M

MACK

mackbooks.co.uk

63

MACK is a UK-based global publisher specializing in award-winning books on art, photography, and critical studies. The company operates an e-commerce platform built on Shopify, offering a curated selection of books, special editions, and collections targeting art enthusiasts, academics, and collectors. The website demonstrates a consistent brand presence with professional design and clear navigation, supported by active social media channels. Technically, the site leverages modern web technologies including Shopify's platform, jQuery, Facebook Pixel, and Google Analytics, ensuring a robust digital infrastructure with moderate performance and good mobile optimization. Security measures include HTTPS with DNSSEC enabled and form protection via hCaptcha, though additional security headers and published policies could enhance the security posture. Privacy compliance is currently weak due to the absence of explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and established entity.

H

Haus der Architektur

hda-graz.at

50

Haus der Architektur (HDA) is a cultural and educational institution based in Graz, Austria, dedicated to promoting architectural culture through exhibitions, lectures, workshops, and networking. The website serves as a comprehensive platform for event information, cooperation projects, and architectural documentation, targeting architects, students, and the general public interested in architecture. The institution holds a strong regional position with partnerships involving government and cultural bodies. Technically, the website is built on the Plone CMS platform, utilizing modern JavaScript libraries and frameworks, and is secured with HTTPS and appropriate security headers. However, it lacks visible privacy and cookie policies, which impacts its compliance posture. Overall, the site is professional, content-rich, and trustworthy, with moderate user tracking via Google Analytics.

V

Vlaams Architectuurinstituut vzw

vai.be

70

The Vlaams Architectuurinstituut (VAi) is a prominent non-profit cultural institution serving as the primary reference point for architectural culture in Flanders and Brussels. It offers a comprehensive range of services including information dissemination, research, advice, exhibitions, and publications aimed at architects, designers, researchers, and the general public interested in architecture. The organization positions itself as a meeting place and knowledge hub to promote well-designed living environments. Technically, the website is built on modern JavaScript frameworks such as Alpine.js, employs advanced image optimization via Imgix, and integrates Google Analytics and Tag Manager for analytics. The site is mobile-optimized, fast-loading, and SEO-friendly, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and avoids exposing sensitive data, though it could improve by adding explicit security headers like CSP and X-Frame-Options. Overall, the website is professional, trustworthy, and compliant with GDPR, with clear contact information and active social media presence. The WHOIS data is restricted by the registry, but the domain appears legitimate and consistent with the organization's profile. Strategic recommendations include enhancing security headers and maintaining regular audits of third-party scripts to sustain a strong security posture.

S

Slovenská technická univerzita v Bratislave (STU)

stuba.sk

61

Slovenská technická univerzita v Bratislave (STU) is a leading technical university in Slovakia, providing comprehensive higher education, research, and innovation services. The website serves a broad audience including prospective and current students, staff, alumni, and partners, offering detailed information on faculties, study programs, research activities, and cooperation opportunities. The university maintains a strong market position as a key educational institution in the region. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics with consent mechanisms, Bootstrap framework, and optimized fonts, ensuring a good user experience across devices. Security posture is solid with HTTPS enforced and privacy-conscious analytics implementation, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-structured, reflecting the university's credibility and commitment to compliance.

H

Heureka Group a.s.

produktroku.sk

58

ProduktRoku.sk is a Slovak independent shopping advisory website operated by Heureka Group a.s., focusing on announcing the most popular products of the year 2024 across multiple categories based on consumer preferences. The site serves Slovak internet consumers by providing product rankings and insights to aid purchasing decisions. The business model revolves around e-commerce product popularity and consumer guidance, positioning itself as a trusted source in the Slovak retail market. Technically, the website employs modern JavaScript technologies, Google Analytics, Google Tag Manager, and a GDPR-compliant consent management platform (Didomi). The site is mobile-optimized with good SEO and basic accessibility features. Security posture is strong with HTTPS enforced and consent mechanisms in place, though additional security headers and published security policies could enhance trust. Overall, the website is professional, trustworthy, and compliant with GDPR, though it lacks direct contact information and terms of service pages. The domain registration aligns well with the business history and branding, indicating legitimacy.

C

CAF America

cafamerica.org

54

CAF America is a well-established non-profit organization specializing in global grantmaking and philanthropic services. The organization assists corporations, foundations, individuals, and financial advisors to facilitate international giving with compliance and risk mitigation. Their market position is strong, supported by over 30 years of experience and a comprehensive suite of donor services including donor advised funds, legacy giving, and grant management. The website reflects a professional and trustworthy brand with clear messaging and a focus on global impact. Technically, the site is built on WordPress with modern plugins and tracking tools, demonstrating a mature digital infrastructure. Security posture is good with HTTPS, content security policies, and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the site is accessible, well-structured, and compliant with privacy regulations, making it a reliable platform for its target audience. Strategic recommendations include enhancing security headers, publishing a formal security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

E

Elevate

elevate.ca

63

Elevate is a Canadian impact-driven non-profit organization founded in 2015 that unites innovators to address society's greatest challenges. The organization positions itself as a leader in fostering innovation and social change within Canada, primarily targeting innovators and leaders of change. The website is built on WordPress and employs a modern technology stack including Google Analytics, Microsoft Clarity, PostHog, and various marketing and tracking tools, indicating a mature digital infrastructure. The site is well-structured with SEO optimizations and uses structured data to enhance search visibility. Security posture is generally good with HTTPS enabled and some security best practices observed, though there is room for improvement in security headers and published policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies and consent mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and compliance documentation.

Dow Jones Architects is a specialized architectural firm with a focus on sectors such as art & culture, heritage, worship, residential, and education. The company has a well-established market presence supported by a domain registered since 2001, reflecting business longevity. Their portfolio includes notable projects like the Embassy of Switzerland in London and Maggie's Cardiff, indicating a reputable position in their niche. Technically, the website employs standard libraries such as jQuery and integrates Google Analytics and Tag Manager for tracking, but lacks advanced CMS or frameworks. The site is moderately optimized for performance and mobile use but lacks comprehensive SEO and accessibility features. Security posture is basic with no DNSSEC enabled and absence of security headers, and no visible privacy or cookie policies, which impacts compliance and user trust. Overall, the website is functional but would benefit from enhanced security, privacy compliance, and richer content to improve professionalism and user confidence.

C

Caro Communications

carocommunications.com

61

Caro Communications is a well-established London-based communications agency specializing in architecture and design PR. The company has a strong market position within its niche, offering services that connect cultural and design communities. The website reflects a professional brand image with consistent messaging and a clear focus on its target audience of design professionals and lifestyle brands. The business model centers on providing PR and communications services tailored to the architecture and design sectors. Technically, the website is built on WordPress with modern SEO and analytics tools such as Yoast SEO and Google Analytics. The hosting appears to be managed via GoDaddy, inferred from the nameservers. The site demonstrates good mobile optimization and moderate performance, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, indicating awareness of privacy regulations like GDPR. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy with a long registration history and consistent registration details. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements in security headers, DNSSEC, and publishing security policies would enhance the security posture and trustworthiness further.

C

Chris Dyson Architects

chrisdyson.co.uk

51

Chris Dyson Architects is a small, award-winning architecture firm based in London, specializing in diverse projects ranging from private commissions to public buildings and urban planning across Europe and Asia. The firm emphasizes context-driven design, historic building restoration, and innovative modern architecture. Their website showcases a professional portfolio and maintains a consistent brand image, targeting clients seeking architectural services. Technically, the website is built on WordPress with common plugins and integrates Google Analytics for user tracking. The site is mobile-optimized with good SEO practices but lacks some accessibility features and cookie consent mechanisms. Security posture is solid with HTTPS and secure forms, though security headers and incident response information are absent. WHOIS data is unavailable due to domain naming issues, but the website is active and legitimate. Overall, the site reflects a credible and professional business presence with room for security and privacy improvements.

A

Alison Brooks Architects Ltd

alisonbrooksarchitects.com

73

Alison Brooks Architects Ltd is a well-established and highly awarded architectural design practice based in London, UK, founded in 2004. The company offers a broad range of architectural services including masterplanning, residential, commercial, cultural, and furniture design. The website reflects a mature digital presence with comprehensive project showcases, news updates, and active engagement in international events and exhibitions. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted by Mythic Beasts, and demonstrates good mobile optimization and accessibility. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website projects a professional and trustworthy image consistent with a medium-sized architectural firm with international recognition.

A

AKT II

akt-uk.com

60

AKT II is a globally recognized interdisciplinary engineering design firm specializing in structural, civil, infrastructure, façade, bioclimatic, geotechnical, and transport engineering. The company operates multiple offices worldwide, including a recent expansion into Toronto, and is part of the Tyréns Group. Their website reflects a mature, professional business with a strong market position in the built environment sector, emphasizing sustainability through B Corporation certification. Technically, the website is built on WordPress with modern tracking and analytics tools such as Google Analytics, Google Tag Manager, and Hotjar, providing moderate user tracking and good performance. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit incident response policies suggests room for improvement. The WHOIS data is missing or unavailable, which is unusual for a professional entity and slightly reduces domain trustworthiness. Overall, the website is professional, trustworthy, and well-optimized for its audience.

A

ACME

acme.ac

70

ACME is a London-based architecture and design firm established in 2007, specializing in contemporary architecture, urban planning, interior design, and product design. The company serves private, corporate, and public clients and has a portfolio of notable projects such as Liverpool Street Station and developments in Berlin and Earls Court. The website is professionally designed and hosted on Shopify, leveraging modern web technologies and integrations such as Vimeo for video content and Google Analytics for tracking. The site demonstrates good digital maturity with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforced and clientTransferProhibited domain status, though there is room for improvement in DNSSEC and security headers. Privacy compliance is well addressed with cookie consent and GDPR-aligned privacy policy. Overall, the business presents a credible and trustworthy online presence.

W

Walters & Cohen Architects

waltersandcohen.com

65

Walters & Cohen Architects is a London-based architectural practice specializing in education, community, and cultural projects. The firm is recognized for its award-winning portfolio and serves clients primarily in the education sector. The website reflects a professional and consistent brand image with a clear focus on showcasing their projects and expertise. The target audience includes educational institutions and community organizations seeking architectural services. Technically, the website employs modern web technologies including Google Analytics and Google Tag Manager for tracking, and uses a CDN for asset delivery. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some technical improvements could be made, such as implementing security headers and expanding accessibility features. From a security perspective, the site uses HTTPS and has a cookie consent mechanism indicating basic privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data is a concern and lowers the domain trustworthiness score, though the active and professional nature of the website suggests legitimacy. No explicit contact or security incident response information is provided, which could be improved. Overall, the website presents a solid digital presence for a small architectural firm with room for enhancements in security posture and transparency. Strategic recommendations include improving WHOIS transparency, adding security headers, and providing clearer contact and privacy information to strengthen trust and compliance.

M

Metropolitan Workshop

metwork.co.uk

47

Metropolitan Workshop is a well-established architectural and urban planning practice founded in 2005, with offices in London and Dublin. The company offers professional services in architecture, urbanism, and design, targeting clients interested in these sectors. Their website reflects a professional and consistent brand image, with clear navigation and relevant content tailored to their audience. The business operates primarily within the real estate sector and maintains a small company size with a focused market position. Technically, the website is built on WordPress and leverages modern web technologies including Google Analytics, Google Tag Manager, Vimeo embeds, and Google Maps API. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Hosting is provided by GoDaddy, consistent with the domain registrar information. From a security perspective, the website uses HTTPS with an excellent SSL configuration but lacks several recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with a privacy and cookie policy present but no explicit cookie consent mechanism. Contact information is comprehensive, but no dedicated security policy or incident response details are available. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic improvements in security headers, privacy consent mechanisms, and incident response transparency would enhance the security posture and compliance standing.

M

Maccreanor Lavington

maccreanorlavington.com

61

Maccreanor Lavington is a professional architecture and urbanism firm operating from London and Rotterdam, offering design and planning services. The website presents a well-structured portfolio of projects and clear contact information, targeting clients and professionals in the real estate and urban development sectors. The firm positions itself as an established medium-sized business with a consistent brand and professional online presence. Technically, the website is built on WordPress with modern libraries and CDN hosting, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and anonymized analytics, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy. Overall, the site is professional, trustworthy, and well-maintained.

M

Morris+Company

morrisand.company

56

Morris+Company is a professional architecture and design firm with a strong portfolio covering housing, workplace, community, education, healthcare, placemaking, tall buildings, interiors, re-use, hospitality, and mission-critical projects. The firm operates primarily in the UK and Europe, with offices in London and Copenhagen, targeting clients seeking sustainable and innovative architectural solutions. The website reflects a medium-sized, established company with consistent branding and a professional online presence. Technically, the website employs modern web technologies including jQuery, SimpleBar, Google Analytics, Google Tag Manager, and Google Maps API. Hosting of media assets on Amazon S3 indicates a scalable infrastructure. The site is mobile-optimized with good design quality and navigation, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and privacy compliance elements such as privacy and cookie policies. No vulnerability disclosures or incident response contacts are provided. WHOIS data is unavailable due to privacy protection, which is common and likely justified for this business type. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

J

Jamie Fobert Architects

jamiefobertarchitects.com

47

Jamie Fobert Architects is a reputable architectural firm specializing in innovative design across residential, retail, and arts sectors. The company has a strong market presence with a portfolio of completed and ongoing projects internationally, including high-profile cultural and retail spaces. The website serves as a professional portfolio showcasing their work and expertise. Technically, the website is built on WordPress with Yoast SEO for optimization and uses modern JavaScript libraries for interactive elements. Google Analytics is implemented for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security transparency. Overall, the domain is well-established and trustworthy, supporting the firm's credibility.

A

Allies and Morrison

alliesandmorrison.com

71

Allies and Morrison is a London-based architectural and urbanist practice focused on designing beautiful buildings and shaping enduring places with attention to detail and context uniqueness. The firm serves clients interested in architecture, urban planning, and sustainable development, positioning itself as a reputable medium-sized player in the real estate and design sector. Their website showcases a comprehensive portfolio of projects, research, and talks, reflecting a mature and professional business model. Technically, the website employs modern web technologies including Google Analytics with IP anonymization, Imgix for image delivery, and JavaScript ES6, ensuring fast performance and excellent mobile optimization. The site is well-structured with good SEO and accessibility features, although no CMS or hosting provider details are explicitly identified. From a security perspective, the site uses HTTPS with a good SSL configuration and secure form handling for newsletter subscriptions. However, it lacks explicit security headers and a cookie consent mechanism, which are recommended for enhanced security and GDPR compliance. No vulnerability disclosures or incident response contacts are published, representing an area for improvement. Overall, the website is professional, trustworthy, and safe for general audiences. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's credibility given the quality of content and contact transparency. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and improving WHOIS transparency to strengthen trust and compliance.

F

Foster + Partners

fosterandpartners.com

68

Foster + Partners is a globally recognized architecture and design firm specializing in sustainable architecture, urbanism, engineering, and design services. Founded in 1967 by Norman Foster, the company positions itself as a leader in innovative and sustainable building solutions. The website reflects a professional and modern digital presence, leveraging advanced web technologies such as Angular, Google Analytics, Hotjar, and CookiePro for user experience and compliance. The site is well-structured, mobile-optimized, and provides a seamless user experience with clear branding and relevant content focused on their core services. From a technical perspective, the website employs modern frameworks and tracking tools, indicating a mature digital infrastructure. Hosting appears to be on Microsoft Azure, and the site uses HTTPS with good SSL configuration. However, some security best practices such as explicit security headers and published security policies are missing. The cookie consent mechanism is implemented, but no explicit privacy policy or terms of service pages were detected in the provided content. Security posture is generally good with HTTPS and consent management, but the absence of WHOIS data and lack of published security or incident response policies reduce overall trust slightly. No vulnerabilities or exposed sensitive data were detected. The website does not appear to be blocked or protected by a WAF, allowing full content access. Overall, the website is professional and trustworthy from a business and technical standpoint, but improvements in transparency regarding privacy, security policies, and domain registration information are recommended to enhance credibility and compliance.

D

Derwent London

derwentlondon.com

67

Derwent London is a prominent British property investment and development company headquartered in London, recognized as the largest London office-focused Real Estate Investment Trust (REIT) and a constituent of the FTSE 250 Index. The company manages a substantial portfolio of commercial real estate valued at £5.2 billion as of mid-2025, focusing on long-term value creation through property regeneration. Their services include office and retail space leasing, flexible furnished workspaces, and community-focused DL/Members lounges. The website reflects a mature digital presence with comprehensive content targeting investors, tenants, and partners. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, and cookie consent management, ensuring compliance with privacy regulations such as GDPR. The site is mobile-optimized, accessible, and SEO-friendly, although no CMS or hosting provider details are explicitly identified. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms with granular controls. However, no explicit security headers were detected in the HTML source, and there is no published security policy or vulnerability disclosure program. The absence of WHOIS data limits domain trust verification, but the professional presentation and multiple industry certifications support legitimacy. Overall, Derwent London’s website demonstrates strong business credibility and privacy compliance, with room for improvement in security best practices and transparency. The domain’s WHOIS data absence warrants monitoring but does not currently undermine the site’s trustworthiness.

A

Atelier Ten

atelierten.com

67

Atelier Ten is a professional environmental design consultancy and building services engineering firm focused on sustainable building solutions. The company is positioned as a member of the Surbana Jurong Group, indicating a strong market presence and backing by a large parent company. Their services span a wide range of environmental and engineering disciplines, targeting architects, developers, and sustainability professionals. The website reflects a mature digital presence with comprehensive service descriptions and multiple office locations worldwide. Technically, the website is built on WordPress and integrates modern technologies such as Google Analytics, Google Tag Manager, and Sentry for error tracking. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers are missing. HTTPS is properly configured, ensuring secure communications. From a security perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Privacy and cookie policies are present and indicate GDPR compliance, but incident response and vulnerability disclosure information are lacking. Overall, the website is professional and trustworthy in content and design, but the domain registration inconsistency warrants further investigation. Strategic improvements in security headers and incident response transparency would enhance the security posture and trustworthiness.

R

Robly Ltd.

robly.com

68

Robly Ltd. is a well-established company specializing in email marketing automation solutions targeted primarily at small and medium-sized businesses. The company offers a comprehensive suite of services including proprietary technologies like OpenGen and Robly AI, along with features such as landing page builders, email templates, A/B testing, and integrations with popular platforms like Shopify and WordPress. The website demonstrates strong market positioning supported by numerous customer testimonials and industry awards, reflecting a reputable and trusted brand in the email marketing space. Technically, the website employs a modern technology stack with extensive use of analytics and marketing tools, hosted on AWS infrastructure, and built with responsive design principles to ensure good user experience across devices. Security posture is solid with HTTPS enforced and domain transfer protections in place, though there is room for improvement by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks a cookie consent mechanism despite extensive tracking technologies. Overall, the website is professional, trustworthy, and well-optimized, with minor gaps in privacy and security transparency that should be addressed to enhance compliance and user trust.

L

LPO Arkitekter

lpo.no

60

LPO Arkitekter is Norway's largest independent architectural firm specializing in architecture for cities, places, buildings, and spaces with a strong focus on innovation, sustainability, and inclusive design processes. The company positions itself as a leader in the Norwegian architectural market, serving a broad audience including municipalities, developers, and the general public interested in urban development. Their business model centers on delivering comprehensive architectural and urban planning services with an emphasis on human-centric solutions. Technically, the website employs modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Plausible Analytics for tracking, alongside lazy loading for performance optimization. The site is mobile-optimized and features good SEO practices, although some accessibility features could be enhanced. The infrastructure appears stable and professionally maintained, with no signs of outdated or vulnerable libraries. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several security headers and does not provide a visible cookie consent mechanism or detailed privacy and security policies, which are important for GDPR compliance. The WHOIS data is not publicly available due to Norid's policies, but the domain and website content align with a legitimate and professional business entity. Overall, the website presents a strong business credibility and technical foundation but would benefit from improved privacy compliance and security best practices to enhance trust and regulatory adherence.

N

Norske landskapsarkitekters forening (NLA)

landskapsarkitektur.no

61

Norske landskapsarkitekters forening (NLA) is a well-established Norwegian professional association for landscape architects, founded in 1929. The website serves as the official platform for disseminating news, events, project showcases, and member services to professionals and the public interested in landscape architecture in Norway. The association holds a recognized position within its niche, providing valuable resources and fostering community engagement. Technically, the website employs a modern technology stack including jQuery, Leaflet.js for mapping, Materialize CSS framework, and Google Analytics for user tracking. Security measures such as HTTPS and Google reCAPTCHA are implemented, though some security headers are missing. Privacy compliance is basic with a cookie policy present but no explicit consent mechanism. Overall, the site is professional, trustworthy, and well-maintained.

N

Nasjonalmuseet

nasjonalmuseet.no

74

Nasjonalmuseet is Norway's largest national museum dedicated to art, architecture, and design, offering extensive collections from antiquity to modern times. The institution serves a broad audience including the general public, families, researchers, and art enthusiasts, operating primarily as a government-funded cultural entity. The website reflects a professional and comprehensive digital presence with clear navigation, multilingual support, and a strong emphasis on privacy and user consent. Technically, the site leverages modern frameworks such as Vue.js, is hosted on Microsoft Azure, and integrates multiple analytics and marketing tools while maintaining GDPR compliance through a detailed cookie consent mechanism. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates a mature digital infrastructure suitable for a large government cultural institution, with good privacy and security practices, and a high level of trustworthiness.

D

Design og arkitektur Norge (DOGA)

doga.no

55

Design og arkitektur Norge (DOGA) is a Norwegian non-profit foundation dedicated to promoting sustainable value creation and innovation through design and architecture in both the private and public sectors. The organization offers innovation programs, awards, courses, and tools aimed at fostering design-driven innovation and urban development. The website reflects a well-established entity with government ties, targeting Norwegian businesses and public institutions interested in design and architecture innovation. Technically, the website is hosted on Microsoft Azure, built with ASP.NET technologies, and employs modern tools such as Cloudflare for performance and security, Google Tag Manager and Analytics for tracking, and Cookie Information for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is robust with detailed cookie policies and consent mechanisms. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with relevant regulations.

M

Montebelo

montebelo.org

53

Montebelo is a small creative studio and textile agency operating internationally with bases in Porto, A Coruña, Paris, and Stuttgart. The company focuses on graphic design, visual communication, and sustainable supply chain solutions within the textile industry. The website is hosted on the Cargo.site platform and employs modern web technologies including Google Analytics and Tag Manager for visitor tracking. The site is well-designed with good mobile optimization and clear navigation, presenting professional content relevant to its niche market. However, the website lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact information, which may impact user trust and compliance with privacy regulations. Security-wise, the site uses HTTPS but lacks visible security headers, suggesting room for improvement in hardening the web presence. WHOIS data is unavailable due to query failure or privacy protection, which is common for small agencies but reduces transparency. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures.

V

Verein Hauptstadtregion Schweiz

hauptstadtregion.ch

41

The Verein Hauptstadtregion Schweiz is a regional non-profit association uniting five Swiss cantons and multiple municipalities to strengthen the capital region as an innovative living and economic space. The website presents a clear focus on seven key thematic areas including political center development, healthcare, smart infrastructure, food and nutrition clusters, economic and spatial development, transport, and bilingualism. The site is built on TYPO3 CMS with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. Social media presence on Twitter and LinkedIn supports outreach and transparency. Security posture is solid with HTTPS and anonymized analytics, though some security best practices like security headers and incident response contacts could be improved. Overall, the site is professional, trustworthy, and well-structured for its target audience of regional stakeholders and citizens.

N

NaturDienst Bieri

naturdienst.ch

37

NaturDienst Bieri is a small, locally focused nature conservation and biodiversity consulting firm founded in 2022 by Markus Bieri in Richenthal, Switzerland. The company offers services including biodiversity promotion consulting, nature excursions, sensitization courses, and educational programs. The website is professionally designed using WordPress with the Divi theme and includes structured data for SEO. It provides clear contact information and promotes upcoming events and offerings related to nature conservation. Technically, the site uses modern web technologies and integrates Google Analytics and Tag Manager for user tracking. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, accessible, and well-aligned with the business's stated mission and services.

Ostschweizer Gästekarte GmbH operates a regional guest card service called 'Oskar' that provides tourists in Eastern Switzerland with access to free public transportation on the Ostwind network and discounts or free entry to various leisure activities. The company partners with local accommodations to issue these cards, targeting travelers seeking convenient and cost-effective regional travel and experiences. The website is professionally designed with a clear focus on user experience, offering multilingual support (German and English) and interactive features such as hotel booking forms and image sliders showcasing regional attractions. The business maintains a consistent brand presence and provides comprehensive legal and privacy documentation, reflecting a mature approach to compliance and customer trust.

A

Aargau Verkehr AG (AVA)

aargauverkehr.ch

61

Aargau Verkehr AG (AVA) is a regional public transportation company operating in the Aargau region of Switzerland. The company provides transit schedules, operational updates, and ticketing services primarily targeting local commuters and travelers. The website is professionally designed using Joomla CMS with Helix Ultimate framework and integrates modern web technologies such as Bootstrap and jQuery. It features a cookie consent mechanism compliant with GDPR and uses Google Analytics for traffic analysis. Security posture is good with HTTPS enforced and CSRF protections in place, though additional security headers could enhance protection. No critical vulnerabilities or suspicious content were detected. Overall, the website reflects a credible and established transportation service provider with a solid digital presence.

W

Work Life Aargau

worklifeaargau.ch

9

Work Life Aargau is a regional employment and lifestyle platform focused on the canton of Aargau in Switzerland. It serves as a portal connecting job seekers with employers, providing job listings, employer profiles, career advice, and lifestyle content to promote the region as an attractive place to live and work. The website is supported by regional government and partner institutions, reflecting a strong local market position in public sector employment promotion. Technically, the website employs modern web technologies including React and Material-UI components, integrates multiple third-party analytics and advertising services such as Google Analytics, Facebook Pixel, and Adform, and uses HTTPS to secure communications. The design is professional and mobile-optimized, offering a good user experience with clear navigation and relevant content sections. From a security perspective, the site benefits from HTTPS and asynchronous loading of tracking scripts but lacks visible security headers and formal security policies such as incident response or vulnerability disclosure. Privacy compliance is weak due to the absence of explicit privacy and cookie policies or consent mechanisms, which poses compliance risks under GDPR. Overall, the website is legitimate and trustworthy with a strong regional government backing but should improve privacy transparency and security policy disclosures to enhance compliance and user trust.

A

Aargau Tourismus AG

aargautourismus.ch

48

Aargau Tourismus AG operates as the regional tourism authority for the canton of Aargau in Switzerland, providing comprehensive tourism information, event promotion, and services such as meeting location facilitation and an online shop for vouchers. The website targets tourists, cultural enthusiasts, families, and event attendees, positioning itself as a trusted regional tourism hub with strong partnerships and certifications like Swisstainable. Technically, the site employs modern tracking and analytics tools including Google Analytics and Facebook Pixel, uses Bootstrap and jQuery UI for UI components, and is likely powered by the ZMS CMS platform. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security policies and incident response information. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

P

ProKilowatt

prokw.ch

71

ProKilowatt is a Swiss government-backed program managed by the Office fédéral de l’énergie (OFEN) aimed at promoting electrical efficiency among businesses and households. The program offers financial contributions up to 30% of investment costs to encourage replacement of energy-intensive electrical systems with more efficient technologies. The website is professionally designed, well-structured, and provides comprehensive information including FAQs, application procedures, and upcoming events. Technically, the site is built on WordPress with Elementor and uses modern SEO and privacy compliance tools such as Yoast SEO and Complianz GDPR plugin. Security posture is strong with HTTPS enforced and security headers present, though explicit security policies and incident response contacts are not found. Overall, the site is trustworthy, compliant, and serves as an authoritative resource for energy efficiency initiatives in Switzerland.

Jugend im Berggebiet is a Swiss non-profit initiative under the Schweizerische Arbeitsgemeinschaft für die Berggebiete (SAB) focused on promoting youth-friendly mountain villages. The website serves as an informational and community platform to support youth engagement and counteract depopulation in mountain regions. It offers a label program, organizes youth forums, and provides media and agenda information relevant to its target audience of youth and municipalities in Swiss mountain areas. Technically, the site is built on WordPress with a professional theme and multilingual support, integrating common social media and analytics tools. Security posture is adequate with HTTPS and no visible vulnerabilities, though it lacks some security headers and formal security policies. Privacy compliance is partial, with a privacy policy linked via the SAB parent site but no cookie consent mechanism. Overall, the site is trustworthy, well-branded, and professionally maintained, serving a niche non-profit community purpose.

E

euforia

euforia.org

66

euforia is a Switzerland-based innovative, youth-driven non-profit organization focused on empowering changemakers and organizations through transformative trainings in leadership, teambuilding, and change management. The organization has a recognized presence with awards from Ashoka, UNESCO, and the World Economic Forum, positioning it as a reputable entity in the non-profit educational sector. Their business model centers on non-formal education and creating safe spaces for transformational leadership development across multiple continents. Technically, the website is built on Squarespace, leveraging modern web technologies and third-party marketing and analytics tools such as HubSpot, Google Analytics, and Facebook Pixel. The site is well-optimized for mobile and SEO, with good performance and accessibility standards. Security posture is strong with HTTPS and HSTS enabled, though additional security headers could enhance protection. Privacy compliance is robust with clear cookie and privacy policies aligned with GDPR. Overall, the website demonstrates a professional, trustworthy, and secure digital presence suitable for its mission and audience.

K

Kommune 360°

kommune360.de

54

Kommune 360° is a German non-profit initiative focused on fostering cooperative and integrated planning and management to support successful child development within municipalities. The organization operates a professional website offering resources such as a Change-Guide, a Fellow-Program, podcasts, festivals, and newsletters targeted at municipal employees and stakeholders involved in child and youth welfare planning. The website is well-branded, consistent, and supported by partner organizations including Auridis Stiftung, DKJS, and PHINEO. Technically, the site is built on WordPress with modern plugins and frameworks, including Bootstrap and Mai Engine, and employs both Google Analytics and Matomo for analytics. The site is GDPR compliant with a comprehensive privacy policy and a cookie consent mechanism with opt-in functionality. Security posture is good with HTTPS enforced, though security headers are not detected and could be improved. No critical vulnerabilities or exposed sensitive data were found. Overall, the site demonstrates a mature digital presence suitable for its non-profit mission.

O

okaj zürich

okaj.ch

47

okaj zürich is a well-established non-profit umbrella organization dedicated to coordinating and supporting open, associative, and church-based child and youth work in the canton of Zürich, Switzerland. With a history spanning 100 years, it serves approximately 600 member organizations and operates under a mandate from the canton government. The website effectively communicates its mission, projects, and events, targeting professionals in youth work, government officials, and member organizations. The organization emphasizes education, networking, and advocacy through various projects and publications.

C

Campus Demokratie

campusdemokratie.ch

52

Campus Demokratie is a Swiss non-profit organization dedicated to promoting political education and participation nationwide to strengthen democracy. The website serves as a national platform offering resources, events, and projects focused on democratic engagement. It targets politically interested citizens and educational institutions within Switzerland. The organization appears well-established since 2017 with a clear mission and active social media presence. Technically, the website is built on WordPress using modern libraries such as jQuery and Foundation, optimized for mobile devices and SEO with Yoast plugin. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though it lacks some security headers and a cookie consent mechanism. Privacy compliance is partially met with a comprehensive privacy policy but no explicit cookie banner. Overall, the site is professional, trustworthy, and content-rich, supporting its role as a key educational resource in Swiss democracy.

G

Gemeinde Hasliberg

hasliberg.ch

54

Gemeinde Hasliberg is the official municipal government website serving the Hasliberg region in Switzerland. It provides local administrative information, community services, tourism details, event announcements, and educational resources. The site targets residents and visitors, offering comprehensive local content in German. The business model is that of a government entity focused on public service and community engagement. Technically, the website is built on the concrete5 CMS platform, utilizing common JavaScript libraries and Google services such as Analytics and reCAPTCHA to enhance functionality and security. The site is mobile optimized and presents a professional design with clear navigation. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though it lacks some advanced security headers and explicit incident response policies. Privacy compliance is partially met with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy, legitimate, and well-maintained, reflecting its role as a government portal.

I

INOS – Innovationsförderung für Ostschweizer KMU

inos.swiss

45

INOS is a Swiss innovation support organization focused on fostering innovation in small and medium-sized enterprises (SMEs) in Eastern Switzerland. Affiliated with the University of St. Gallen, INOS offers professional innovation coaching and platforms for cross-company networking and resource pooling. The website is well-structured, primarily in German, and targets regional SMEs seeking innovation support. Technically, the site is built on WordPress with modern plugins like Elementor and Yoast SEO, indicating a mature digital infrastructure. However, the domain is currently expired but pending renewal, which poses a risk to service continuity. Security posture is moderate with HTTPS enabled but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but requires improvements in security and privacy transparency.

B

Basel Area Business & Innovation

baselarea.swiss

55

Basel Area Business & Innovation is a well-established non-profit organization founded in 2015, dedicated to fostering innovation and business success in the Basel Area of Switzerland. The organization supports companies, startups, and institutions by providing consulting services, facilitating connections, managing accelerator programs, and hosting events. Their market position is strong as a regional innovation and investment promotion agency, targeting a diverse audience interested in life sciences, technology, and business growth. The website reflects a mature digital presence with professional design, multilingual support, and comprehensive content. Technically, the site is built on WordPress with modern plugins and tracking tools, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC and some security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness.

The Architectural Association, Inc. operates a well-established educational website serving as the primary online portal for its architecture school based in London. The site provides comprehensive information about academic programmes ranging from foundation courses to PhD levels, public lectures, events, and publications. It targets students, architects, researchers, and the general public interested in architecture education and cultural programming. The institution holds a reputable market position as an independent and historic architecture school with a global reach. Technically, the website employs a modern technology stack including React, Google Analytics, Hotjar, and Bootstrap, ensuring a responsive and user-friendly experience. The site is served over HTTPS with asynchronous loading of scripts, contributing to moderate performance and good mobile optimization. However, some accessibility features could be enhanced, and security headers are not explicitly present. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and no visible exposure of sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, though no explicit security or incident response policies are published. The absence of WHOIS data is attributed to privacy protection, which is reasonable for this type of institution. Overall, the site maintains a high trust level with clear contact information and charity registration disclosures. The overall risk profile is low, with recommendations focusing on improving security headers, publishing incident response contacts, and enhancing accessibility compliance. These steps would further strengthen the site's security posture and user trust.

M

MētisPresses

metispresses.ch

59

MētisPresses is a Swiss-based publishing company specializing in academic and cultural publications, offering both printed and digital books. The website targets French-speaking academics, researchers, and cultural enthusiasts, positioning itself as a niche publisher with a focus on sociological and historical content. The business model revolves around online sales of books and collections, supported by a professional and consistent brand presence. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates payment solutions like Stripe and PayPal, indicating a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and some basic security headers but lacks comprehensive policies such as privacy and cookie policies, and does not provide a vulnerability disclosure or security contact. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance is weak due to missing policies. Overall, the website is trustworthy and professional but could improve its compliance and security posture.