Security Directory

4

47Design Werbeagentur

47design.de

64

47Design Werbeagentur is a small, full-service advertising agency based in Krefeld, Germany, specializing in web design, media design, SEO, and marketing services. The company targets local businesses and startups, offering tailored marketing solutions including social media management and corporate design. Their website demonstrates a professional digital presence with modern WordPress infrastructure and a focus on clear communication and user experience. Technically, the site uses popular plugins such as Elementor and Slider Revolution, with GDPR-compliant cookie consent implemented via Borlabs Cookie. Security posture is solid with HTTPS and no visible vulnerabilities, though additional security headers and policies could enhance protection. Overall, the website is well-structured, trustworthy, and compliant with privacy regulations, though explicit privacy and terms of service pages were not found in the provided content.

P

Perinfo

perinfo.eu

56

Perinfo is a French company specializing in software solutions for passenger transport professionals and public transport authorities, with over 36 years of experience. Their offerings include integrated management software for interurban, urban, and technical maintenance activities, complemented by consulting, training, and support services. The company positions itself as a trusted partner in the transportation sector, targeting transport operators and public entities. Technically, the website is built on WordPress with Bootstrap and jQuery frameworks, incorporating modern tools such as Slider Revolution and Google Analytics for performance and user tracking. The site is moderately optimized for performance and mobile devices, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and uses standard analytics scripts but lacks visible security headers and cookie consent mechanisms, indicating room for improvement in compliance and security posture. The absence of public WHOIS data is consistent with EURid privacy policies for .eu domains and does not raise immediate concerns. Overall, the website reflects a professional and credible business with a solid digital presence, though enhancements in security headers and privacy compliance would strengthen its trustworthiness and regulatory adherence.

E

eKomi Holding GmbH

ekomi.it

62

eKomi Holding GmbH operates a global SaaS platform specializing in the collection and management of authentic customer reviews and feedback, primarily targeting e-commerce businesses. The company leverages partnerships with major search engines like Google to enhance clients' online reputation, SEO, and conversion rates. Their platform is widely adopted, serving over 15,000 companies across 26 countries, indicating a strong market position and international reach. The website reflects a mature digital presence with comprehensive content, multilingual support, and professional branding. Technically, the site is built on WordPress with modern web technologies including Bootstrap and Typekit fonts, complemented by third-party integrations such as Google Analytics, Intercom, and Yieldify for marketing and user engagement. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. Cookie consent mechanisms are robust, supporting GDPR compliance. From a security perspective, the website enforces HTTPS and employs secure forms with validation. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident and could be implemented to strengthen defenses. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact suggests room for improvement in transparency and preparedness. Overall, eKomi presents a trustworthy and professional online presence with strong business credibility and compliance posture. Strategic enhancements in security headers, incident response documentation, and accessibility would further solidify their position and reduce risk exposure.

S

Synapse

synapse-developpement.fr

61

Synapse Développement is a French technology company specializing in AI consulting, deployment, and training services. With over 20 years of experience, they position themselves as pioneers in AI solutions tailored to business needs, focusing on knowledge capital valorization. Their website showcases multiple AI-driven products and services such as Dearbot, Cordial, Semantics, and AI training programs, targeting enterprises seeking to leverage AI for operational performance improvements. The company uses a modern WordPress-based infrastructure with Elementor and Yoast SEO plugins, supported by OVH hosting. The site is well-structured, mobile-optimized, and integrates Google Analytics and Tag Manager for tracking. Security posture is solid with HTTPS enabled, but lacks some security headers and visible privacy/cookie policies, indicating room for compliance improvements. No contact emails or phone numbers are explicitly listed, relying on contact forms for communication. Overall, the domain registration data is consistent and legitimate, supporting the company's credibility. Strategic recommendations include enhancing privacy compliance, adding security headers, and publishing incident response and vulnerability disclosure information.

A

Acquia

acquia.net

71

Acquia is a leading enterprise technology company specializing in cloud-based digital experience platforms. Their website presents a professional and comprehensive platform for content management, community engagement, and commerce solutions, targeting large organizations and enterprises. The company leverages modern web technologies including Drupal 10 CMS, Google Tag Manager, and Visual Website Optimizer to deliver a robust and optimized user experience. The site is well-structured, mobile-optimized, and supports multiple languages, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and use of security best practices, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and trust signals indicate legitimacy. Overall, Acquia's website demonstrates a high level of digital maturity and business credibility.

E

Equus Software

equusoft.com

69

Equus Software is a technology company specializing in cloud-based global mobility solutions designed to support international talent and workforce mobility programs. Their website reflects a professional B2B SaaS business model targeting organizations managing global workforce mobility. The company appears to have been founded in 2016, with a medium-sized operational scale. The website is built on WordPress using the Astra theme and integrates multiple marketing and analytics tools such as HubSpot, Google Analytics, and LinkedIn Insight Tag, indicating a mature digital marketing strategy. Technically, the website demonstrates good implementation with HTTPS enabled, cookie consent mechanisms integrated with Google Consent Mode, and a responsive design optimized for mobile devices. However, there is room for improvement in security headers and explicit privacy and terms of service documentation. The absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding are consistent and professional. From a security perspective, the site employs standard best practices like HTTPS and cookie consent but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website presents a moderate security posture with recommendations to enhance transparency and compliance. The overall risk assessment suggests the site is generally trustworthy but would benefit from improved domain registration transparency, comprehensive privacy documentation, and enhanced security headers. Strategic recommendations include publishing clear privacy and terms policies, adding security.txt files, and improving contact information visibility to strengthen trust and compliance.

B

BoltBee

boltbee.de

42

BoltBee is a small-sized German company specializing in e-commerce ERP integration services, providing solutions that enable seamless data exchange between online shops and merchandise management systems. The website is built on WordPress using Elementor and incorporates modern SEO and cookie consent technologies, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks published privacy policies, terms of service, and explicit contact information, which are important for compliance and trust. Overall, the website is professional and functional but could improve in privacy compliance and transparency to enhance user trust and regulatory adherence.

A

AutoFrame-FM

kia.md

42

AutoFrame-FM operates as the official distributor of KIA automobiles in Moldova, providing a comprehensive online platform for vehicle sales, service bookings, and customer engagement. The website targets consumers in Moldova interested in KIA vehicles, offering detailed model information, pricing, and promotional offers. The business is positioned as a key player in the Moldovan automotive retail sector with a medium-sized operation founded in 2021. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and various JavaScript libraries. It employs SEO best practices and is optimized for mobile devices, delivering a good user experience. Hosting is provided by a Moldovan hosting provider, consistent with the business location. Analytics tools such as Google Analytics and Ahrefs are used for performance and marketing insights. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks visible security headers and formal security policies. There is no evidence of privacy or cookie policies, which impacts compliance with GDPR and related regulations. Contact information is primarily via web forms, with no explicit emails or phone numbers displayed. No incident response or vulnerability disclosure mechanisms are present. Overall, the website is professional and functional with moderate security posture and compliance gaps. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance trust and regulatory adherence.

S

SIS Marchés

sis-marches.com

64

SIS Marchés is a French specialist software provider focused on public procurement management, operating as a subsidiary of the Ach@t Solutions group. The company offers a modular, collaborative software suite designed to streamline and secure public purchasing processes for buyers and suppliers. Their market position is strong within the French public sector, supported by over 450 clients and a broad user base. The website reflects a professional and consistent brand image, targeting public sector buyers and private suppliers with a comprehensive digital solution portfolio. Technically, the site is built on Drupal 8 with modern frontend libraries and integrates multiple marketing and analytics tools, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are lacking. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional business presence. Overall, the website and business appear credible and well-established, but domain registration transparency should be improved.

S

Studio gazoline

studiogazoline.com

57

Studio Gazoline is a well-established communication agency based in Montpellier, France, with over 20 years of experience in digital marketing, website creation, SEO, and graphic design. The company targets businesses seeking comprehensive communication and digital marketing services, primarily in the Montpellier region and nearby cities. Their service portfolio includes communication strategy, SEO, web development using popular CMS and frameworks, webmarketing, and visual communication. The website reflects a professional and consistent brand image with strong trust indicators such as client logos and certifications. Technically, the website is built on Drupal 7 and leverages modern JavaScript libraries and frameworks including jQuery, Bootstrap, and Accordion-js. It integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, indicating a mature digital marketing infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and includes reCAPTCHA for form protection and a GDPR-compliant cookie consent mechanism. However, it lacks explicit security headers and published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, Studio Gazoline presents a strong digital presence with good technical and marketing capabilities. The main risk area is the lack of WHOIS transparency and some missing security best practices. Addressing these gaps would enhance trust and security posture significantly.

V

Vouch Concierge

vouchconcierge.com

70

Vouch Concierge operates a professional website offering a comprehensive front-to-back-end operations ecosystem for hotels, targeting small to enterprise-sized hospitality businesses. Their solutions include self check-in systems, virtual assistants, guest experience platforms, and operational automation, positioning them as an innovative technology provider in the hospitality sector. The website is built on WordPress with modern page builders and includes multilingual support, indicating a mature digital presence. Security posture is generally good with HTTPS and no exposed sensitive data, but lacks explicit privacy and cookie policies, which are critical for compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the professional site and client logos mitigate some risk. Overall, the site demonstrates good business credibility and technical implementation but requires improvements in privacy compliance and domain registration transparency.

A

Ach@t Solutions

achatsolutions.com

65

Ach@t Solutions is a leading French software publisher specializing in public procurement and transport management solutions. The group serves a large client base including public sector entities and private partners, supported by six expert subsidiaries. Their digital offerings include innovative software and a dematerialization portal (AW Solutions) aimed at optimizing buyer-supplier relationships in the public sector. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on Drupal 8 with modern libraries and frameworks, ensuring good performance and accessibility. Security posture is moderate with cookie consent implemented but lacks explicit security headers and published security policies. WHOIS data is missing, which raises concerns about domain registration transparency, though the overall business credibility remains high due to detailed company information and certifications. Recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to improve trust.

M

MADE IN CIMA s.r.l.

madeincima.it

57

MADE IN CIMA s.r.l. is a small Italian digital agency specializing in responsive web design, digital communication strategies, ecommerce, SEO, social media, and consultancy services. The company targets businesses seeking tailored digital solutions, primarily in Italy, with a strong regional presence in Trento and Torino. Their portfolio includes luxury hospitality and cultural clients, indicating a reputable market position. Technically, the website is built on WordPress with modern plugins and analytics tools such as Matomo and Google Analytics, demonstrating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some HTTP security headers could be improved. Privacy compliance is well addressed with comprehensive privacy and cookie policies. Overall, the website reflects a trustworthy and professional business with good digital maturity.

M

Marlene®

marlene.it

50

Marlene® is a well-established brand specializing in the promotion and marketing of South Tyrolean apples, emphasizing quality, sustainability, and culinary inspiration. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern web technologies and a CMS platform (Consisto.CMS), with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks some security headers and explicit privacy and cookie policies. Analytics usage is moderate with Google Analytics and Tag Manager implemented, but privacy compliance could be improved. Overall, the website is trustworthy and serves its business purpose effectively.

L

Loacker

loacker.it

71

Loacker is a well-established confectionery brand operating a professional e-commerce platform targeting consumers in Italy and beyond. The website offers a wide range of products including classic wafers and gift packages, leveraging BigCommerce as its platform. The technical infrastructure is modern, utilizing trusted third-party services such as Google Analytics, Trustpilot, and Cookiebot for analytics, reviews, and compliance. The site demonstrates good digital maturity with responsive design and SEO optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

M

mouvement

mouvement.net

54

Mouvement.net is a French cultural magazine established since 1993, focusing on interdisciplinary arts including dance, theater, visual arts, cinema, music, and literature. The website serves a French-speaking audience interested in cultural content and offers subscription services alongside editorial articles and event coverage. Technically, the site employs modern JavaScript libraries such as jQuery and ScrollReveal, uses Google Tag Manager for analytics, and appears mobile-optimized with a good user experience. However, the absence of WHOIS data raises questions about domain registration legitimacy, although the active and professional nature of the site suggests a legitimate operation. Security posture is moderate with HTTPS usage but lacks visible security headers and cookie consent mechanisms, indicating room for improvement in compliance and security best practices.

A

Artribune srl

artribune.com

68

Artribune srl operates a well-established Italian digital media platform focused on contemporary art and culture since 2011. The website offers a rich array of editorial content, including news, interviews, event calendars, podcasts, and a freepress magazine distributed nationally. Its target audience includes art enthusiasts, professionals, and cultural consumers interested in diverse creative fields such as architecture, design, music, and literature. The business model combines digital publishing, newsletter subscriptions, and event promotion, positioning Artribune as a key player in Italy's cultural media landscape. Technically, the website is built on WordPress with WooCommerce and Gravity Forms, integrating modern advertising and analytics technologies such as Google Tag Manager, Google Analytics, and multiple ad networks. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Security posture is adequate with HTTPS and consent management in place, but lacks advanced security headers and explicit vulnerability disclosure mechanisms. The absence of WHOIS data for the domain www.artribune.com is a notable anomaly, reducing domain trustworthiness despite the professional and consistent web presence. No blocking or WAF challenges were detected, allowing full content access. Privacy and cookie policies are not explicitly found in the provided content, indicating room for compliance improvement. Overall, Artribune presents a credible and professional digital media presence with strong content quality and business credibility. Strategic enhancements in security headers, privacy disclosures, and domain registration transparency would further strengthen its trust and compliance posture.

Campus Nantes Terre Atlantique is a public educational institution specializing in agricultural education and training, serving the Nantes region and surrounding areas including Saint-Herblain, Guérande, and Nozay. The institution offers a variety of educational pathways including general and technological schooling, professional training, apprenticeships, and adult continuing education. The website reflects a well-structured and regionally focused educational campus with a clear mission to support agricultural career development.

A

Acquia

acquiadam.com

72

Acquia is a recognized enterprise technology company specializing in digital experience management solutions, including digital asset management and content management. The analyzed website is a Salesforce Experience Cloud community portal dedicated to Acquia's Digital Asset Management product, targeting developers, marketers, and enterprise customers. The site integrates multiple payment gateways and analytics services, reflecting a mature technical infrastructure. Security posture is strong with HTTPS and strict Content-Security-Policy headers, though additional security headers could enhance protection. Privacy and cookie policies are not detected in the provided content, indicating room for compliance improvement. Overall, the site presents a professional and trustworthy digital presence aligned with Acquia's business model.

B

Biscuits, Gâteaux et Panifications de France

biscuitsgateauxpanifications.fr

34

Biscuits, Gâteaux et Panifications de France is a French industry syndicate representing companies involved in biscuits, cakes, and bakery products. The organization focuses on promoting the diversity of products, valorizing métiers and savoir-faire, and enhancing the French gourmet heritage. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. It integrates modern technologies such as Google Analytics and Mapbox for enhanced user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and explicit security policies are absent. The absence of WHOIS data limits domain trust verification, but the website's professional content and social media presence support its legitimacy. Overall, the site is a credible and well-maintained digital presence for the syndicate.

P

Postradali.com

postradali.com

45

Postradali.com is a Bulgarian website dedicated to providing information, comparison, and support services for victims of road traffic accidents and their families. The platform aggregates offers from associations, NGOs, and lawyers to help users find legal assistance and claim compensation. The site is focused on the Bulgarian market and is presented in Bulgarian language. Technically, the website is built on WordPress with several plugins for forms, ratings, and filtering. It uses Google Analytics and Adsense for tracking and monetization. However, the site lacks HTTPS, which is a critical security shortcoming. There is no visible security policy or incident response information, and contact details are limited to a web form. The domain is registered since 2015 with consistent data and local hosting, indicating legitimacy. Overall, the website serves a niche audience with relevant content but requires significant security improvements.

V

Vzemi Credit

vzemicredit.com

44

VzemiCredit.com is a Bulgarian online platform specializing in fast loan comparison and referral services. Established in 2016, it aggregates offers from multiple financial companies to provide users with quick access to credit options. The website targets Bulgarian consumers seeking rapid online loans without the need for guarantors or complex procedures. The business model is primarily affiliate-based, earning commissions from partner loan companies such as Credissimo, Smile Credit, and CrediNet. The platform positions itself as a convenient and time-saving tool for loan seekers in Bulgaria.

И

Ипотечен и жилищен кредит

ipotechen.com

43

Ipotechen.com is a Bulgarian online platform specializing in mortgage and housing loan information, offering users access to multiple financial institutions including banks and non-bank lenders. The site provides detailed guidance on loan types, required documentation, and application procedures, targeting individuals seeking property financing in Bulgaria. The platform supports lead generation by enabling users to apply for loans via a single request sent to multiple companies, enhancing user convenience and market reach. Technically, the website is built on WordPress with Visual Composer, leveraging Google Fonts, Google Analytics, and Google Adsense for content presentation, analytics, and monetization respectively. The hosting is provided by superhosting.bg, with domain registration dating back to 2014, indicating a mature and stable presence. Security-wise, the site uses HTTPS and has domain transfer protection, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Privacy compliance is partially addressed with a privacy policy page, but no cookie consent mechanism is evident. Overall, the site presents a professional and functional digital presence with moderate security and privacy posture.

K

Kabelna.com - Доставчици|Пакети|Интернет|Телевизия|Домашен телефон

kabelna.com

44

Kabelna.com is a Bulgarian telecommunications comparison website established in 2013, offering users a comprehensive platform to find and compare providers and packages for cable, satellite, digital television, internet, and home phone services. The site targets consumers in Bulgaria seeking detailed information and filtering options by price, channel count, internet speed, and location. Technically, the site is built on WordPress with common plugins for SEO, live chat, and UI enhancements, hosted on SuperHosting.bg. It uses HTTPS and integrates Google services for analytics and advertising. Security posture is moderate with room for improvement, notably the lack of DNSSEC, security headers, and outdated WordPress version. Privacy compliance is weak due to missing explicit privacy and cookie policies. Overall, the site is functional and relevant but would benefit from enhanced security and compliance measures.

J

JMP - Jazz Music Promotion

suedtiroljazzfestival.com

50

The Südtirol Jazzfestival Alto Adige is a well-established cultural event organized by JMP - Jazz Music Promotion, focusing on international jazz performances in the South Tyrol region of Italy. The festival has a strong regional presence with international recognition, targeting jazz enthusiasts and cultural tourists. The website supports multiple languages and provides comprehensive information about the festival, tickets, news, and media galleries. Technically, the site uses a modern tech stack including jQuery, Foundation framework, and lightbox plugins, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and privacy-conscious Google Analytics implementation, though improvements in DNSSEC and security headers are recommended. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. Overall, the website is professional, trustworthy, and serves its business purpose effectively.

M

Mandai Park Holdings Pte. Ltd.

mandai.com

71

Mandai Wildlife Reserve is a prominent wildlife and nature destination in Singapore, operated by Mandai Park Holdings Pte. Ltd., a subsidiary of Temasek Holdings. The organization manages multiple wildlife parks and offers diverse services including ticketing, memberships, educational programs, event venues, and accommodations. The website reflects a strong market position with a focus on family and wildlife enthusiasts, supported by comprehensive content and consistent branding. Technically, the site is built on Adobe Experience Manager with modern analytics and marketing tools integrated, providing a good user experience with mobile optimization and accessibility considerations. Security posture is strong with HTTPS, security headers, and secure forms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security transparency and vulnerability disclosure mechanisms.

T

The Smurfs' Society

thesmurfssociety.com

61

The Smurfs' Society is a niche Web3 project focused on delivering an immersive, fully on-chain NFT and gaming experience centered around the Smurfs brand. The platform targets Web3 enthusiasts and NFT collectors, offering a custom marketplace, gaming utilities, and community engagement. The website is professionally designed using modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure, and integrates analytics and cookie consent mechanisms to ensure compliance and performance. Security posture is strong with HTTPS enforcement and standard security headers, though improvements like DNSSEC and a formal security policy could enhance trust further. Overall, the project presents a credible and well-executed Web3 business with a clear market position and consistent branding.

R

Rockjumper Birding Tours

rockjumperbirding.com

63

Rockjumper Birding Tours operates a specialized bird-watching adventure tour business targeting nature enthusiasts and bird watchers worldwide. The company positions itself as a niche leader offering global bird safaris and adventure travel experiences. The website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Trustpilot integration, reflecting a moderate level of digital maturity. The site is well-structured, mobile-optimized, and professionally designed, providing a good user experience and relevant content for its audience. Security posture is adequate with HTTPS and DigiCert SSL certification, but lacks some advanced security headers and explicit privacy policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and trust signals suggest a legitimate business presence. Overall, the site is functional and trustworthy but would benefit from enhanced security and compliance documentation.

C

Cley Spy

cleyspy.co.uk

58

Cley Spy is a small UK-based retailer specializing in the sale of premium binoculars, telescopes, and outdoor equipment. The company targets outdoor enthusiasts and nature observers, offering both new and used products from well-known brands such as Swarovski, Leica, and Zeiss. The website serves as both an online store and a point of information for customers interested in quality optical gear. Technically, the site is built on WordPress with WooCommerce, integrating Google Analytics and Google Tag Manager for tracking, and Cookiebot for cookie consent management. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features are basic. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms, but lacks some advanced security headers and a published security policy or vulnerability disclosure mechanism. The domain WHOIS data is unavailable due to a registration error indicating the domain name violates Nominet UK naming rules, which raises concerns about domain legitimacy despite the professional website content. Overall, the site is functional and professional but would benefit from improved transparency and domain registration clarity.

B

Birding Ecotours

birdingecotours.com

63

Birding Ecotours is a specialized tour operator offering small group and custom birding adventures worldwide. The company targets birding enthusiasts and eco-tourists with a comprehensive portfolio of tours categorized by destination, date, and style. The website is professionally designed using WordPress with modern plugins and SEO optimizations, providing an excellent user experience and clear navigation. Technical infrastructure includes Google Analytics, Google Tag Manager, and Smart Slider 3 for rich media presentation. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though no explicit security policy or incident response information is published. The absence of WHOIS data raises some concerns about domain legitimacy, but the professional web presence and content quality suggest a legitimate business. Contact is primarily via web forms, with no direct emails or phone numbers publicly listed. Overall, the site is secure, privacy-conscious, and well-structured, but domain registration verification is recommended.

O

OrdiPat

ordipat.fr

55

OrdiPat is a specialized French company providing domain name management, secure hosting, and IT solutions with a focus on intellectual property systems. The company leverages over 40 years of experience and offers a range of services including premium domain management, software products like Lola, and domain monitoring tools such as Typochecker. Their market position is that of a niche, trusted provider with multiple industry accreditations and partnerships. Technically, the website is built on WordPress with modern plugins and SEO optimizations, offering a good user experience and mobile responsiveness. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and explicit policies could be improved. Privacy compliance is strong with GDPR-aligned cookie consent and privacy policies. The absence of WHOIS data slightly impacts trust but the overall business credibility remains high due to professional presentation and accreditations.

I

Institut F2I

institut-f2i.fr

59

Institut F2I is a private educational institution based in France specializing in post-baccalaureate education in information technology, digital technologies, and commerce. Founded in 2012, it offers courses from BAC to BAC+5 levels, including initial and alternating (work-study) programs. The institution targets students and professionals seeking specialized education in these sectors. The website reflects a focused educational business model with consistent branding and relevant content tailored to its audience. Technically, the website is built on WordPress CMS using modern libraries such as Bootstrap, jQuery, and Swiper, hosted by OVH. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside reCAPTCHA for bot protection. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security-wise, the website uses HTTPS with a good SSL configuration and some best practices like reCAPTCHA; however, it lacks security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies despite the presence of cookie consent SDK. Overall, the website is professional and credible but requires improvements in privacy disclosures and security hardening to enhance trust and compliance.

C

CENTRALNIC CANADA INC

roulette-en-ligne.ca

47

The website roulette-en-ligne.ca is a French-language Canadian online casino review platform specializing in roulette games. It provides detailed casino reviews, bonus offers, and game listings targeted at Canadian players interested in online gambling. The business operates primarily as an affiliate marketing site, promoting various reputable online casinos. The domain is registered in Canada with a consistent registrant and appropriate domain age, supporting its legitimacy. Technically, the site is built on WordPress and uses common web technologies such as jQuery, Bootstrap, and various JavaScript libraries for UI and analytics. Hosting is behind Cloudflare DNS, ensuring reliable delivery, though no active WAF challenge is detected. The site is moderately optimized for mobile and SEO, with good navigation and content quality. From a security perspective, the site uses HTTPS and includes tracking via Google Analytics and Yandex Metrika but lacks visible security headers and explicit privacy or cookie policies. No contact information or incident response details are provided, which reduces trust and compliance posture. There are no detected vulnerabilities or exposed sensitive data, but improvements in security headers and privacy compliance are recommended. Overall, the site is functional and professional but would benefit from enhanced privacy disclosures, security hardening, and transparent contact information to improve trust and compliance with data protection regulations.

TAKT Fest is a cultural festival and traditional singer-songwriter competition based in Novi Sad, Serbia. The website provides detailed information about the event's program segments including music, theater, standup, circus, movies, and creative workshops. The festival targets artists and cultural enthusiasts, positioning itself as a niche event with international participation. The domain is registered since 2020 and is consistent with the festival's recent editions. Technically, the site uses Joomla CMS with common web technologies such as jQuery, Bootstrap, and Font Awesome, and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and has a good design and user experience. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is available via a form and social media links. Overall, the site is trustworthy and professional but could improve compliance and security practices.

N

Nová síť z.s.

artinres.cz

53

ART-IN-RES is a Czech-based online portal dedicated to connecting artists with providers of artistic residencies, facilitating creative stays essential for artistic project development. The platform targets artists primarily in the Czech Republic but also internationally, offering listings of residencies, open calls, and news updates. The business operates under Nová síť z.s., a Czech non-profit organization, and maintains a professional web presence with clear branding and consistent content quality. Technically, the website is built on WordPress using the Elementor page builder and Astra theme, integrating plugins for event management, GDPR compliance, and analytics. The site is mobile-optimized, SEO-friendly, and employs HTTPS with a cookie consent mechanism, reflecting a mature digital infrastructure suitable for its niche audience. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and detailed security policies. No vulnerabilities or WAF blocks were detected, indicating a secure baseline posture. Privacy compliance is evident through GDPR-aligned cookie and privacy policies. However, contact information is limited to a newsletter subscription form, with no direct emails or phone numbers provided. Overall, ART-IN-RES presents a trustworthy, well-maintained platform with a clear focus on artistic residencies. Strategic improvements in security headers, incident response transparency, and expanded contact options could enhance trust and compliance further.

В

Вокс Попули ООД

selectra.bg

41

Selectra Bulgaria, operating under the legal entity Вокс Попули ООД, is a prominent Bulgarian branch of the European Selectra group, specializing in providing comparison portals for utilities, telecommunications, and financial services. Since its establishment in 2013, it has positioned itself as a market leader in Bulgaria by offering free, user-friendly platforms that empower consumers to make informed decisions. The company operates multiple niche websites covering internet, mobile, electricity, loans, forex brokers, security services, and legal assistance, reflecting a diversified portfolio tailored to Bulgarian consumers. Technically, the website is built on WordPress CMS with a Bootstrap framework and integrates common web technologies such as jQuery and Google Analytics. Hosting is provided by a reputable Bulgarian hosting provider, SuperHosting.BG, as indicated by the nameservers. The site demonstrates moderate performance and good mobile optimization, although accessibility and SEO could be improved. The presence of Google Analytics and Tag Manager indicates moderate user tracking. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance and user trust. No vulnerability disclosures or incident response information are provided, indicating potential gaps in security transparency. The WHOIS data is redacted due to GDPR, which is standard and justified for this business type. Overall, the domain appears legitimate and consistent with the business claims. The overall risk assessment suggests a stable and credible business with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and maintaining up-to-date software to mitigate vulnerabilities.

K

Kolowratovy sady s.r.o.

kolowratovysady.cz

47

Kolowratovy sady s.r.o. is a Czech-based medium-sized company specializing in the cultivation and sale of fruit such as apples, pears, cherries, and potatoes, along with the production of apple juice, cider, lemonade, honey, and mead. The company operates a retail store located in Velké Dvorce near Přimda and holds certifications including SISPO and GLOBALG.A.P, indicating adherence to quality and safety standards. The website reflects a well-established regional producer with a strong local presence and a clear business model focused on both wholesale and retail markets. Technically, the website is built on Joomla CMS with Bootstrap and jQuery frameworks, featuring responsive design and moderate performance. It integrates Google Analytics and Tag Manager for user tracking and marketing insights. The site implements GDPR-compliant cookie consent with an opt-out mechanism and obfuscates email addresses to reduce spam risks. However, there is room for improvement in security headers and explicit security policies. From a security perspective, the site uses HTTPS with good SSL configuration and follows basic best practices such as cookie consent and email obfuscation. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business history and shows no suspicious patterns, supporting the legitimacy of the domain and company. Overall, the website presents a professional and trustworthy digital presence with good privacy compliance and business credibility. Strategic improvements in security headers and incident response transparency could further enhance the security posture and user trust.

IN SITU is a well-established European cultural platform focused on artistic creation in public spaces, led by Lieux publics in Marseille, France. The platform supports emerging artists and fosters collaboration across more than 20 countries, with a history dating back to 2003. The website reflects a professional and content-rich presence, targeting artists, programmers, and cultural professionals interested in public space art. Technically, the site uses modern JavaScript libraries, integrates accessibility tools, and employs Google Analytics and Tag Manager for tracking. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy compliance mechanisms. WHOIS data is unavailable due to a malformed request, which slightly reduces domain trustworthiness. Overall, the platform demonstrates a strong cultural mission with moderate technical maturity and room for improvement in privacy and security transparency.

Z

Zupimages

zupimages.net

60

Zupimages is a French-based free image hosting service established since 2009, offering users a simple and fast platform to upload and share images securely via HTTPS. The service supports multi-image uploads and provides instant links for sharing. It is supported primarily through advertising networks and targets a general audience seeking free image hosting solutions. The website demonstrates moderate digital maturity with a mix of legacy and modern technologies, including jQuery 1.10.2 and various ad and tracking services. While the site implements GDPR consent mechanisms and provides transparency on incident handling, it lacks a formal privacy policy page and security headers, which are important for compliance and security posture. The absence of WHOIS data for the domain is a notable anomaly that impacts trustworthiness, although the website content and service appear legitimate and professional. Overall, the security posture is moderate with room for improvement in updating libraries, enhancing security headers, and publishing comprehensive privacy and security policies.

L

LWS

lws-hosting.com

48

LWS operates a professional and content-rich blog focused on web hosting, domain registration, VPS, dedicated servers, and WordPress hosting services. The company has a strong market presence in France with over 20 years of experience, offering accessible and quality hosting solutions. The blog serves as an educational and marketing platform targeting website creators, small to medium businesses, and e-commerce users. Technically, the website is built on WordPress with modern technologies including Google Analytics, Google Tag Manager, and caching plugins. The site is mobile-optimized and provides a good user experience with clear navigation and multimedia content such as videos. Performance is moderate with room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published privacy or security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the subdomain is not available, which is expected, and the main domain is presumed legitimate based on branding and business presence. Overall, the website is trustworthy and professional, but could enhance compliance and security transparency by publishing privacy policies, terms of service, and security incident response information.

Protected Planet is a globally recognized platform managed by UNEP-WCMC and IUCN, providing comprehensive and up-to-date data on protected areas and other effective area-based conservation measures. The website serves governments, NGOs, landowners, and communities by aggregating and disseminating critical conservation data, supported by an API and regular updates. Its market position is strong as a leading global resource in environmental conservation data. Technically, the website employs modern web technologies including Ruby on Rails, Mapbox GL JS for mapping, and analytics tools such as Google Analytics and Hotjar. The site is mobile-optimized with good SEO and accessibility basics, though some improvements could be made in accessibility and performance tuning. From a security perspective, the site enforces HTTPS, uses Content Security Policy, and includes CSRF tokens, reflecting a solid security posture. However, it lacks some recommended security headers and does not publicly disclose security policies or incident response contacts, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and content-rich with a high level of business credibility. The main risks relate to privacy compliance gaps and limited contact information. Strategic recommendations include publishing comprehensive privacy and security policies, expanding contact options, and enhancing security headers to further strengthen the security posture.

E

ECOLEX

ecolex.org

67

ECOLEX is a joint initiative by FAO, IUCN, and UNEP providing a comprehensive global environmental law information service. It offers searchable access to treaties, legislation, judicial decisions, and literature in multiple languages, targeting governments, NGOs, academia, and the public. The website is professionally designed with consistent branding and a strong trust foundation based on its reputable partners. Technically, the site uses a classic web stack including jQuery and Bootstrap, with Google Analytics for user tracking. While the site is mobile-optimized and performs moderately well, it uses an outdated jQuery version and lacks some security headers, which could pose risks. Privacy and cookie policies are present with consent mechanisms, but GDPR compliance could be improved. WHOIS data is incomplete, limiting domain trust verification, but the website's content and affiliations strongly support legitimacy.

I

International Union for Conservation of Nature and Natural Resources

iucnredlist.org

63

The IUCN Red List website represents a globally recognized non-profit organization dedicated to assessing and communicating the conservation status of species worldwide. It serves a diverse audience including researchers, conservationists, policymakers, and the general public. The site offers comprehensive data and resources to support biodiversity conservation efforts and policy development. The organization has a strong market position as the authoritative source for species threat assessments, supported by a broad partnership network and a long history dating back to 1964. Technically, the website employs modern web technologies including HTTPS, JavaScript, and Google Analytics, ensuring good performance, mobile optimization, and accessibility. The infrastructure appears robust with no signs of blocking or WAF interference, and the site uses secure forms with CSRF protection. However, explicit security headers and a cookie consent mechanism could be improved. From a security perspective, the site demonstrates a strong posture with HTTPS enforcement and secure data handling practices. No vulnerabilities or exposed sensitive data were detected. Privacy policies are comprehensive and GDPR compliant, though a visible cookie consent banner is absent. WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. Overall, the website is professional, trustworthy, and well-maintained, with high content quality and clear business credibility. Strategic recommendations include enhancing security header implementation, adding a cookie consent mechanism, publishing a vulnerability disclosure policy, and providing incident response contact details to further strengthen trust and compliance.

G

Gravitec.net

gravitec.net

57

Gravitec.net is a technology company specializing in automated web push notification services designed to enhance customer engagement, increase website traffic, and improve user retention. Established in 2016, the company has positioned itself as a market leader with over 40,000 websites and 15,000 companies leveraging its platform. Key services include AI-powered notification content generation, campaign automation, detailed analytics, and seamless integrations with popular platforms such as WooCommerce, Shopify, and WordPress. The technical infrastructure of Gravitec.net is robust, utilizing a modern tech stack with extensive use of JavaScript-based analytics and marketing tools including Google Analytics, Mixpanel, Microsoft Clarity, Hotjar, and Visual Website Optimizer. The website demonstrates excellent performance, mobile optimization, and accessibility, reflecting a mature digital presence. Security best practices are observed with HTTPS enforcement, security headers, and CAPTCHA-protected forms, although a dedicated security policy page and incident response contacts are not currently published. From a security perspective, Gravitec.net maintains a strong posture with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. The domain registration data is consistent with the business claims, supporting the legitimacy and trustworthiness of the entity. Overall, Gravitec.net presents a professional, secure, and user-friendly platform with a strong market position in the web push notification space. Strategic recommendations include enhancing transparency with a dedicated security policy, publishing vulnerability disclosure information, and continuous monitoring of third-party scripts to maintain security integrity.

Z

Zoo Duisburg

delfinarium-zoo-duisburg.de

52

The Delfinarium website is an official informational platform for the Zoo Duisburg's dolphinarium, providing educational content about dolphins, their care, and related zoological information. The site targets general visitors and animal enthusiasts, positioning itself as a regional zoological attraction with a focus on dolphin care and education. The business operates as a non-profit entity within the hospitality and non-profit sectors in Germany. Technically, the website is built on TYPO3 CMS with Bootstrap 5 for responsive design, integrating modern tools such as Google Analytics for visitor tracking and Usercentrics for cookie consent management. The site demonstrates good mobile optimization and basic accessibility features, with a moderate performance profile. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS and incorporates consent management, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected, though improvements in security headers and formal security documentation are recommended to enhance the security posture. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with clear contact phone information and social media presence. The absence of email contacts and terms of service pages are minor gaps. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to strengthen trust and compliance.

DERTICKETSERVICE.DE GmbH & Co. KG is a well-established regional ticketing service provider in North Rhine-Westphalia, Germany, with over 35 years of experience. Operating three main brands—kölnticket, bonnticket, and westticket—the company serves a broad spectrum of clients ranging from small venues to large arenas, managing more than 35,000 events annually. Their business model focuses on comprehensive ticketing solutions, project management, and contact center services tailored to the event industry in the region. Technically, the website is built on TYPO3 CMS with a Bootstrap framework, ensuring a modern and responsive design. The site incorporates standard web technologies including FontAwesome icons and Google Analytics with IP anonymization, alongside a cookie consent mechanism compliant with GDPR opt-out requirements. Hosting is inferred to be with NetCologne, consistent with the regional focus. Performance and SEO are moderate to good, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and uses cookie consent scripts to manage user privacy. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content and business claims, indicating legitimacy and consistency. Overall, the website presents a professional and trustworthy digital presence with good business credibility and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance the security posture and user trust.

T

TFGpl sp. z o.o.

ebutik.pl

70

eButik.pl is a well-established Polish online boutique specializing in women's fashion, offering a broad range of clothing categories including plus size and seasonal collections. The company, TFGpl sp. z o.o., has been operating since 2003, positioning itself as a trusted retailer with a focus on quality, style, and affordability. The website demonstrates strong digital maturity with a modern e-commerce platform (IdoSell Shop), comprehensive privacy and cookie policies, and integration of advanced marketing and analytics tools such as Google Analytics, Facebook Pixel, and TrustMate reviews. Security posture is robust with HTTPS enforced and privacy compliance evident, though some security headers could be improved. Overall, the site provides an excellent user experience with mobile optimization and clear navigation, supported by credible business information and positive customer feedback.

D

Decathlon spółka z ograniczoną odpowiedzialnością

decathlonkariera.pl

58

Decathlonkariera.pl is the official career website for Decathlon Poland, a large retail company specializing in sports equipment and apparel. The site targets job seekers passionate about sports, offering information about current job openings, company values, and employee benefits. The business is well-established with a domain age consistent with its market presence since 2013. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its audience. Technically, the site is built on WordPress and uses common analytics and marketing tools such as Google Analytics, Google Tag Manager, and Facebook SDK. Hosting is provided by OVH SAS, a reputable provider. Performance is moderate with good mobile optimization. However, some security best practices like DNSSEC and security headers are missing, and there is no visible cookie consent mechanism, which could impact privacy compliance. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries in the provided content. The absence of security headers and incident response information suggests room for improvement. Privacy compliance is partially met with a privacy policy linked on the main Decathlon domain, but cookie consent and GDPR explicit indicators are lacking. Overall, the website is trustworthy and professional, serving its business purpose effectively. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance standing.

C

Clickonometrics

clickonometrics.pl

50

Clickonometrics operates as an advertising technology platform specializing in ad server solutions and campaign management tools for publishers, advertisers, and ad networks. Founded in 2016 and based in Poland, the company offers services including RTB, SSP, DSP, and various advertising pricing models such as CPC, CPA, CPS, and CPM. The website presents a professional and consistent brand image targeting a niche market within the online advertising ecosystem. Technically, the website employs a modern but straightforward technology stack including Bootstrap, jQuery, Google Fonts, and Google Analytics for tracking. The site is mobile-optimized and structured with clear navigation, though accessibility features are basic. Hosting and domain registration are managed through OVH sas, a reputable provider, with domain status flags enhancing domain security. However, no CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS and has domain-level protections but lacks visible security headers and explicit incident response or security policies. Privacy compliance is minimal, with a basic privacy policy located on a separate opt-out page and no cookie consent mechanism despite the use of tracking scripts. Contact information is not provided on the landing page, limiting transparency. Overall, the website is functional and professional but would benefit from enhanced security practices, improved privacy compliance, and more transparent business contact information to strengthen trust and regulatory adherence.

C

Ceneo - porównaj ceny i opinie - RTV, AGD, smartfony, laptopy

ceneo.pl

67

Ceneo.pl is a leading Polish price comparison and product review platform specializing in consumer electronics, home appliances, and various retail categories. The website offers users the ability to find products, compare prices across multiple online shops, and read reviews to make informed purchasing decisions. It targets Polish consumers and operates as a large-scale e-commerce service provider in Poland. Technically, the site employs modern JavaScript frameworks such as RequireJS and Preact, integrates with Google Analytics and Microsoft Application Insights for tracking and performance monitoring, and uses Google Tag Manager for marketing and analytics management. The site is well-structured with good SEO practices and mobile optimization. Security-wise, the site enforces HTTPS and uses anti-forgery tokens and CAPTCHA v3 for form protection, though explicit security headers are not evident in the HTML content. Privacy and cookie policies are not clearly found in the provided content, indicating room for improvement in compliance transparency. WHOIS data for the domain is not publicly available, which is typical for commercial Polish domains but limits direct verification of registrant details. Overall, Ceneo.pl presents a professional, trustworthy, and technically mature e-commerce platform with moderate privacy compliance and good security posture.