Security Directory

R

Resilient Cities Network

resilientcitiesnetwork.org

77

Resilient Cities Network is a globally recognized non-profit organization dedicated to fostering urban resilience by connecting cities worldwide. Their platform facilitates collaboration, knowledge sharing, and capacity building among city governments and resilience professionals to address urban challenges and promote safe, equitable urban environments. The organization operates primarily through a membership and network model, targeting city officials and stakeholders interested in sustainability and resilience. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies including jQuery, Google Analytics, and Google Tag Manager. Hosting and DNS services are managed via Cloudflare, ensuring reliable performance and security. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and employs reCAPTCHA on forms, but lacks DNSSEC and explicit security policies or vulnerability disclosure mechanisms. Security headers are partially implemented, and no critical vulnerabilities were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a professional, trustworthy digital presence with a solid security posture suitable for a non-profit organization. Recommendations include enabling DNSSEC, publishing a security policy, and enhancing HTTP security headers to further strengthen security and trust.

R

Red Española de Ciudades por el Clima

redciudadesclima.es

34

The Red Española de Ciudades por el Clima website serves as an official platform for a Spanish government-affiliated network focused on local climate change policies. It provides resources, news, projects, and events to support municipalities in their climate action efforts. The site is well-branded, professionally designed, and targets local governments and stakeholders interested in environmental policy. Technically, it is built on Drupal 8 with common web libraries and includes modern UI components like Swiper.js and cookie consent management. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible advanced security headers and incident response information. The site is fully accessible without WAF or blocking mechanisms, indicating good operational status. Overall, the website is trustworthy and credible, though WHOIS data is unavailable due to query restrictions, which is common for .es domains. Strategic improvements in security headers and incident response disclosures are recommended.

The website represents the Association des Courses Hippiques de Laval Mayenne, a regional horse racing society organizing numerous annual events and providing related hospitality and professional services. The site is professionally designed with clear navigation and relevant content targeting horse racing enthusiasts, professionals, and local visitors. The technical infrastructure is based on the E-majine CMS platform, utilizing common web technologies such as jQuery and FontAwesome, with Google Analytics for visitor tracking. Security posture is moderate with HTTPS implied but lacking explicit security headers and detailed security policies. Privacy compliance is basic with a cookie consent banner and a privacy/legal mentions page in French. The absence of WHOIS data is a notable concern for domain legitimacy verification, though the website content and contact information suggest a legitimate local business. Overall, the site is functional, informative, and trustworthy for its intended audience.

L

Lecture en Tête

festivalpremierroman.fr

58

The Festival du Premier Roman et des Littératures Contemporaines is a well-established cultural event organized by the association Lecture en Tête, based in Laval, France. The website serves as an information hub for festival programming, guest authors, school meetings, and media archives. It targets literature enthusiasts and the local cultural community, operating as a small non-profit entity with a history dating back to 2008. The site reflects a consistent brand identity aligned with the association's mission. Technically, the website is built on Drupal 9 with Bootstrap 3.4.1, integrating Google Analytics for audience measurement with a clear cookie consent mechanism and opt-out functionality. The site is hosted by IONOS SE, a reputable provider, and demonstrates moderate performance with good mobile optimization. Accessibility and SEO are basic but functional. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or suspicious content were detected. WHOIS data confirms domain legitimacy and consistency with the festival's operational timeline. Overall, the website is professional, trustworthy, and compliant with GDPR requirements regarding cookies and privacy. Strategic improvements could focus on enhancing security headers, accessibility, and publishing explicit security policies to strengthen trust and compliance further.

A

Atmosphères 53

atmospheres53.org

53

Atmosphères 53 is a small non-profit cultural association based in Mayenne, France, dedicated to cinema programming, cultural mediation, and organizing film festivals and educational cinema activities. The website serves as a regional hub for cinema-related events, schedules, and cultural projects, targeting a general audience interested in film and culture within the Mayenne region. The business model focuses on cultural promotion rather than commercial sales, positioning itself as a key regional player in cinema culture. Technically, the website is built on WordPress with common plugins such as Yoast SEO and WP Rocket, leveraging jQuery and bxSlider for interactive elements. The site is mobile-optimized and uses HTTPS with Google Analytics and Tag Manager for visitor tracking. Security posture is good with HTTPS enforced, but lacks explicit security headers and a cookie consent mechanism, which are recommended for GDPR compliance. WHOIS data is unavailable due to privacy protection, which is reasonable for this type of organization. Overall, the website is professional, trustworthy, and well-maintained, though improvements in privacy compliance and security headers would enhance its posture.

A

Agorabox - la gestion évènementielle tout-en-un pour professionnels

agoraevent.fr

39

Agorabox is a French technology company specializing in event management software solutions tailored for professionals in the event industry. With over 20 years of experience, the company offers a suite of modular SaaS products including AgoraManager, AgoraEvent, AgoraMeetin, and AgoraSites, designed to streamline event organization, guest interaction, and online reservations. The website reflects a professional market position with clear branding and a focus on ease of use and productivity for event organizers and space managers. Technically, the site is built on WordPress using the Divi theme, enhanced with SEO and multilingual capabilities, and hosted by OVH. It employs Google Analytics and Google Ads for marketing and tracking, with a GDPR-compliant cookie consent mechanism in place. Security posture is solid with HTTPS enabled and no exposed sensitive data, though some security headers and policies could be improved. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. The site is accessible, well-structured, and targets a general professional audience without any adult or questionable content.

The website kraucher.cz represents a small-scale business operated by Marek Kraucher, specializing in web design and internet marketing services primarily targeting local or regional clients in the Czech Republic. The site is built on WordPress 4.9.28 and uses legacy technologies such as jQuery 1.3.2 and the Yoast SEO plugin, indicating a need for modernization. The business appears stable with a domain age since 2009, consistent with a long-term presence in the market. Technically, the website employs basic SEO and analytics tools, including Google Analytics, but lacks modern security practices such as updated libraries and security headers. The site is accessible without any WAF or security challenges, but the absence of privacy and cookie policies and the use of outdated scripts present compliance and security risks. From a security perspective, the site has HTTPS enabled but lacks critical security headers and uses outdated JavaScript libraries, which could expose it to vulnerabilities. There is no evidence of incident response or security policies, and no GDPR compliance mechanisms are visible. Contact information is clearly provided, enhancing business credibility. Overall, the website scores moderately on content quality and business credibility but falls short on privacy compliance and security posture. Strategic improvements in updating technology, implementing security best practices, and adding privacy policies would significantly enhance the site's trustworthiness and compliance.

I

Iskra PIO d.o.o.

iskra-pio.si

45

Iskra PIO d.o.o. is a well-established Slovenian manufacturing company specializing in clean room solutions, operator and product protection, decontamination, laboratory equipment, and related engineering services. With over 30 years of experience and ISO 9001 and 14001 certifications, the company serves pharmaceutical, healthcare, and industrial sectors with a strong market presence. The website is professionally designed using Drupal 8, featuring modern analytics and privacy compliance mechanisms such as GDPR-aligned cookie consent and privacy policies. Security posture is strong with HTTPS enforcement and use of reCAPTCHA, though additional security headers and a formal security policy could enhance protection. Contact information is clearly provided, and the site includes client logos and certifications that build trust. No blocking or WAF challenges were detected, allowing full content access and analysis.

P

Paletton.com by Petr Staníček

paletton.com

50

Paletton.com is a specialized online tool focused on color scheme design, serving a broad audience from professional designers to beginners and students. The website offers interactive color wheels, palette generation, and color vision simulations, positioning itself as a niche but well-established player in the design technology space. The business model appears to be primarily free access with optional donations and affiliate promotions. Technically, the site uses a modern JavaScript stack with jQuery, RequireJS, and integrates Google Analytics and Tag Manager for tracking, alongside OneTrust for cookie consent management. Hosting is provided by Bluehost Inc., with a domain age consistent with the site's history. Security posture is adequate with HTTPS and domain transfer protections, but could be improved with DNSSEC and additional security headers. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Contact information is limited to an email address, with no phone or physical address found. Overall, the site is professional, trustworthy, and well-maintained, with good content quality and user experience.

W

Wait But Why

waitbutwhy.com

63

Wait But Why is a well-established, popular long-form blog known for its stick-figure illustrated articles covering a wide range of topics including technology, science, society, and politics. Founded in 2013, it has built a strong niche audience and monetizes through book sales and an official merchandise store. The website demonstrates a mature digital presence with good SEO practices and active community engagement via comments and social media. Technically, the site runs on WordPress with common plugins like Yoast SEO and integrates analytics and social media scripts. Hosting and DNS are managed via Cloudflare and GoDaddy respectively, with HTTPS enabled and standard domain protections in place. Security posture is moderate with room for improvement in DNSSEC adoption and security headers. Privacy compliance is basic, with a privacy policy likely present but no visible cookie consent mechanism. Overall, the site is professional, trustworthy, and safe for general audiences.

T

.týždeň - iný pohľad na spoločnosť

tyzden.sk

58

The website tyzden.sk is a well-established Slovak media outlet founded in 2004, offering a broad range of content including news, opinion articles, podcasts, videos, and subscription services. It targets a general audience interested in Slovak and international societal topics. The business model relies on advertising and subscriptions, supported by a professional and consistent brand presence. Technically, the site uses modern web technologies such as Google Fonts, Google Tag Manager, Google Analytics, Facebook Pixel, and OneSignal for push notifications, alongside ad networks like Adocean and Protag CDN. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS enforced and consent mechanisms for cookies, but lacks explicit security headers and published security policies. No critical vulnerabilities or WAF blocking were detected. The domain WHOIS data confirms legitimacy with consistent registration details and appropriate domain age. Overall, the site is professional and trustworthy but could improve privacy disclosures and security best practices.

I

Inštitút pre dobre spravovanú spoločnosť (SGI)

odkazprestarostu.sk

53

Odkazprestarostu.sk is a Slovak non-profit civic engagement platform established in 2010, operated by the Inštitút pre dobre spravovanú spoločnosť (SGI). It enables citizens to report local problems and track their resolution in cooperation with local governments, promoting transparency and public service improvement. The platform has a strong presence in Slovakia with over 100,000 resolved reports and is supported by the European Social Fund. Technically, the website uses a custom CMS with modern JavaScript libraries including jQuery, Bootstrap, and AngularJS, and integrates social media SDKs and analytics tools such as Google Analytics and Mixpanel. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security-wise, the site enforces HTTPS with excellent SSL configuration but lacks some security headers and explicit cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found. Overall, the website is trustworthy, professionally maintained, and serves an important civic function in Slovakia.

N

N Press s.r.o.

dennikn.sk

64

Denník N is a well-established independent Slovak news media company founded in 2014, offering a broad range of journalistic content including articles, podcasts, and subscription services. The website demonstrates a mature digital presence with a modern tech stack including WordPress CMS, Vue.js framework, and integration with multiple analytics and advertising platforms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with clear privacy and cookie policies and GDPR adherence. The business model is subscription-driven supplemented by advertising and merchandise sales. Overall, the site is professional, trustworthy, and well-positioned in the Slovak media market.

O

Odyzeo Services

odyzeo.com

58

Odyzeo Services operates as a small UX/UI design and development studio based in Slovakia, focusing on helping companies achieve their vision through design, prototyping, testing, and algorithmic solutions. The website presents a professional image with consistent branding and clear service offerings targeted at businesses seeking digital design and development expertise. The technical infrastructure includes modern tracking tools such as Google Analytics and Lead Forensics, with a custom CMS (ZeoCMS) powering the site. The site is mobile-optimized and uses reCAPTCHA to secure its contact form, indicating attention to user experience and basic security. However, the absence of visible security headers and privacy/cookie policies suggests room for improvement in compliance and security transparency. The WHOIS data is unavailable, which raises concerns about domain registration legitimacy, although the active and professional website mitigates some risk. Overall, the site scores moderately on security and privacy, with recommendations to enhance policy disclosures and security headers to improve trust and compliance.

A

Aj Ty v IT o.z.

ajtyvit.sk

40

Aj Ty v IT is a Slovak non-profit organization dedicated to empowering girls and women by providing education, motivation, and community support in the field of information technology. The organization offers workshops, courses, motivational events, and mentorship programs targeting various age groups including school girls, adult women, and educators. Their market position is strong within Slovakia as a recognized entity promoting women in IT. Technically, the website is built on WordPress with Elementor, leveraging modern analytics and tracking tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Hotjar. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and vulnerability disclosure. Overall, the website is professional, trustworthy, and compliant with GDPR regulations.

C

Cinema Storck

cinemastorck.be

54

Cinema Storck is a small, Belgium-based cinema venue focused on providing film screenings, weekly programs, and cultural film events. The website is built on Drupal 9 and integrates modern web technologies including Google Analytics and a cookie consent mechanism, reflecting a moderate level of digital maturity. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its target audience of general cinema enthusiasts. Security posture is good with HTTPS enabled and cookie consent implemented, though some security headers could be improved. Privacy compliance is strong with accessible privacy and cookie policies. Overall, the business appears legitimate and well-positioned locally with strong cultural partnerships.

Galerija Kapelica is a small, niche art gallery website primarily focused on presenting cultural and artistic exhibitions through an interactive Adobe Flash experience. The website's market position is local and specialized, targeting general audiences interested in art and culture. The business model appears non-commercial or cultural with no visible e-commerce or transactional services. Technically, the site relies on outdated Flash technology, which severely limits accessibility and performance on modern devices. The site lacks mobile optimization, accessibility features, and modern SEO practices. Security posture is weak, with no HTTPS enforcement, no security headers, and no visible privacy or cookie policies despite using Google Analytics for tracking. The domain is old and registered with a reputable registrar, indicating legitimacy, but the technical and security aspects require significant modernization. Overall, the site presents a low trustworthiness profile and poor user experience.

S

Spinkids.cz

spinkids.cz

47

Spinkids.cz is a Czech Republic-based e-commerce retailer specializing in creative and interactive children's toys, including popular brands such as Tlapková patrola, Bakugan, Rubik, Batman, and Harry Potter. The website targets parents and children seeking branded toys with fast delivery services. The business is relatively new, founded in 2023, and operates on the PrestaShop platform with a moderate digital maturity level. The site employs multiple analytics and marketing tools including Google Analytics, Matomo, Microsoft Clarity, and CJ.com affiliate tracking, indicating a focus on data-driven marketing and customer insights. Security posture is adequate with HTTPS enforced and tokenized forms, but lacks explicit security headers and published privacy or cookie policies, which are critical for GDPR compliance and user trust. No contact emails or phone numbers are directly available, which may impact customer support perception. Overall, the site is professionally designed, mobile-optimized, and safe for general audiences, but improvements in privacy compliance and security best practices are recommended.

P

Pricemania Academy

ecommerce-katalog.sk

42

Pricemania Academy operates the ecommerce-katalog.sk website, a Slovak-language online catalog of verified e-commerce suppliers and service providers. The site targets e-commerce businesses seeking trusted partners and offers detailed service descriptions, references, and benefits. The business model is a niche directory with a focus on quality and trust, leveraging over a decade of experience in online business. Technically, the site uses modern JavaScript libraries, Google Analytics, and Google reCAPTCHA for form security, indicating moderate digital maturity. However, there is no visible privacy or cookie policy, and security headers are not detected, which are areas for improvement. Overall, the security posture is moderate with basic protections in place but lacking advanced security policies. The domain registration is consistent and legitimate, supporting the trustworthiness of the site. Strategic recommendations include adding comprehensive privacy and cookie policies, enhancing security headers, and publishing incident response contacts to improve compliance and trust.

P

Pricemania s.r.o.

pricemania.cz

46

Pricemania.cz is a well-established Czech price comparison platform operated by Pricemania s.r.o., providing consumers with access to millions of product offers from hundreds of online stores. The website offers services including price comparison, e-shop quality verification, and advertising programs, positioning itself as a trusted intermediary in the Czech e-commerce market. The platform targets general consumers seeking to find the best prices and reliable sellers. Technically, the website employs modern web technologies such as Google Analytics, Google Tag Manager, and Bootstrap, with mobile optimization and moderate performance. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is basic with visible cookie and privacy policies, but no explicit security or incident response policies are found. WHOIS data is privacy protected, which is common but reduces transparency. Overall, the site is professional, trustworthy, and safe for general audiences.

M

Mucha Foundation

muchafoundation.org

45

The Mucha Foundation is a well-established non-profit organization dedicated to preserving and promoting the legacy of Alphonse Mucha, a renowned Czech Art Nouveau artist. The foundation operates a comprehensive website offering access to its extensive art collection, educational timelines, exhibitions, and news updates. It targets art enthusiasts, cultural institutions, and the general public interested in Mucha's work and Art Nouveau. The foundation's market position is that of a leading authority and custodian of Mucha's legacy, supported by a consistent brand presence and active social media engagement. Technically, the website employs a custom or proprietary CMS with a technology stack including jQuery, Nivo Slider, Google Analytics, and social media SDKs. The site is hosted under the domain registered with IONOS SE since 2000, indicating a mature digital presence. Performance is moderate with basic mobile optimization and accessibility features. SEO practices are good, with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS and has domain transfer protections in place. However, it lacks DNSSEC and modern security headers, and it uses an outdated jQuery version that could pose vulnerabilities. Privacy compliance is strong, with clear privacy and cookie policies and GDPR adherence. No explicit incident response or security policy pages are found. The site does not expose sensitive data and uses secure forms with validation. Overall, the website is professional, trustworthy, and content-rich, with minor technical and security improvements recommended. The risk level is low, but upgrading libraries, enabling DNSSEC, and adding security headers would enhance the security posture and compliance further.

A

ADAM VELKOOBCHOD, s.r.o.

adam-velkoobchod.cz

45

ADAM VELKOOBCHOD, s.r.o. is a Czech Republic-based company specializing in wholesale and retail distribution of food, alcoholic beverages, non-alcoholic drinks, tobacco products, confectionery, and small drugstore items. The company primarily serves the Moravian region with a network of retail stores and a delivery system. Their website reflects a mature business with a clear market position in regional retail and wholesale sectors, supported by partnerships with numerous well-known suppliers and brands. The company maintains an active social media presence and offers customer engagement through newsletters and promotions. Technically, the website is built on WordPress using Bootstrap and jQuery, with additional plugins for contact forms and responsive image galleries. The site is HTTPS secured and includes cookie consent mechanisms compliant with GDPR. Performance and mobile optimization are good, though accessibility features are basic. Analytics are implemented via Google Analytics, and marketing tools include Facebook SDK for retargeting. From a security perspective, the site uses HTTPS but lacks advanced security headers and explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data reduces domain trustworthiness, but the website content and business operations appear legitimate and professional. Overall, the website presents a solid business presence with good technical implementation and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the security posture and user trust.

F

FLOSMAN a.s.

flosman.cz

39

FLOSMAN a.s. is a Czech Republic-based medium-sized company specializing in wholesale food distribution and operating its own retail network including brands like Flop and Potraviny CZ. Established in 2000, it serves southern, western, and central Czech regions as well as Vysočina and southern Moravia. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, it is built on WordPress with a range of plugins and uses Google Analytics and Tag Manager for tracking. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned in its market niche.

Z

Zoologická zahrada a botanický park Ostrava, p.o.

zooostrava.cz

42

Zoo Ostrava is a large, well-established zoological garden and botanical park located in the Czech Republic, serving as a major regional attraction and educational resource. The website provides comprehensive information about the zoo's animal exhibitions, botanical collections, educational programs, events, and conservation efforts. It targets families, schools, and nature enthusiasts, offering online ticket sales and an e-shop for donations and supplies. The domain age and WHOIS data confirm the legitimacy and consistency of the business presence online. Technically, the website uses a modern tech stack including jQuery, bxSlider, FancyBox, Google Tag Manager, Google Analytics, Facebook SDK, and reCAPTCHA. The site is hosted by a reputable provider and uses HTTPS, ensuring secure communication. The design is professional, mobile-optimized, and offers good navigation and content relevance. However, it lacks explicit privacy and cookie policies and does not implement a cookie consent mechanism, which are compliance gaps. From a security perspective, the site employs HTTPS and reCAPTCHA, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The site uses tracking and advertising services such as Google Analytics and DoubleClick, with moderate user tracking levels but limited transparency regarding data retention and privacy compliance. Overall, Zoo Ostrava's website is trustworthy, content-rich, and professionally maintained, but would benefit from enhanced privacy compliance and security header implementation to improve user trust and regulatory adherence.

V

VÍTKOVICE ARÉNA, a.s.

arena-vitkovice.cz

47

VÍTKOVICE ARÉNA, a.s. operates as a key regional manager of multifunctional sports and event venues in Ostrava, Czech Republic. The company manages several prominent facilities including Ostravar Aréna, Městský stadion, Atletická hala, Multifunkční hala, Areál Bazaly, and also provides hospitality services through Hotel Puls. Their market position is significant within the regional sports and event hosting sector, targeting event organizers, sports clubs, and the general public. The business model centers on facility management and event hosting, supported by a medium-sized organizational structure with a history dating back to 1999. Technically, the website is built on a modern WordPress platform utilizing Elementor and JetEngine plugins, hosted by vas-hosting.com. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Google Analytics is used for visitor tracking, though no cookie consent mechanism is present. The site is accessible, well-structured, and professionally designed, reflecting a mature digital presence. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a dedicated security or incident response policy page. GDPR compliance is indicated via a dedicated GDPR page, but cookie consent and other privacy mechanisms could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the website and business present a low-risk profile with strong legitimacy and professional standards. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

S

Statutární město Havířov

havirov-city.cz

49

Statutární město Havířov operates an official municipal website providing comprehensive information and services to its residents and visitors. The site covers a wide range of topics including city history, administration, social services, culture, education, and urban planning. It serves as a central hub for city news, public notices, and access to municipal resources. The website targets local citizens and stakeholders, positioning itself as the authoritative source for city-related information. Technically, the website is built on Drupal 10 CMS, leveraging modern web technologies such as Google Analytics for visitor tracking and Klaro for cookie consent management. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting appears stable with a reputable registrar and nameserver provider. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent mechanisms compliant with GDPR. However, no explicit security headers were detected, and no vulnerability disclosure or incident response information is publicly available. The site does not expose sensitive data and uses anonymized IP tracking in analytics, indicating a reasonable security posture. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively supports the city’s communication and service delivery objectives. Strategic improvements in security headers and transparency around security policies could further enhance its security maturity and user trust.

L

Le Sens Du Web

lesensduweb.com

44

Le Sens Du Web is a small, local web design and development service provider based in Ardèche, France, founded in 2014. The company offers a range of services including custom website creation, graphic design, responsive design, SEO optimization, content writing, and translation services. Additionally, it provides automated receipt mailing services for associations. The website demonstrates a professional and consistent brand presence with a clear focus on serving local businesses and associations seeking to enhance their online presence. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as jQuery and Google Analytics, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled and reCAPTCHA v3 protecting the contact form, but lacks DNSSEC and security headers, and no explicit security or privacy policies are published. Overall, the site is trustworthy and functional but could improve compliance and security practices.

威

威聯通科技股份有限公司(QNAP Systems, Inc.)

qnap.com.tw

73

QNAP Systems, Inc. is a well-established technology company specializing in NAS (Network Attached Storage), networking, and smart video solutions. The company targets both individual and enterprise customers, offering a range of products including NAS/DAS storage devices, networking hardware, and cloud storage services such as myQNAPcloud Storage and Cloud NAS. The website is professionally designed with consistent branding and is primarily presented in Traditional Chinese, indicating a focus on the Taiwan market alongside international reach. The business model centers on technology product sales and cloud service offerings, positioning QNAP as an expert in its niche.

A

A world for us

aworldforus.com

57

A World For Us is a French company established since 2009, specializing in digital solutions for the professional training sector. Their portfolio includes a comprehensive ecosystem of integrated software products such as Digiforma, Digiformag, and certification management tools, serving over 5500 clients and a growing community. The company positions itself as a leader in digital transformation for training organizations, offering tools that simplify administrative, compliance, and e-learning processes. The website reflects a mature digital presence with professional branding, multilingual support, and active community engagement.

Digiformag is a French online magazine specializing in professional training, targeting training organizations and professionals in the education sector. It offers news, articles, and a community platform called OF Connect, positioning itself as a reference source in its niche. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with Elementor and uses modern tools such as Yoast SEO, WP Rocket, and various analytics and tracking services including Google Analytics, Hotjar, and Facebook Pixel. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policies or incident response contacts. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, although the website content and branding suggest a legitimate business. Overall, Digiformag demonstrates a solid business and technical foundation with room for improvement in security transparency and domain registration clarity.

A

Affluences

affluences.com

62

Affluences is a specialized platform founded in 2015 that provides real-time attendance monitoring, waiting time communication, and booking services primarily for cultural, recreational, and public institutions such as museums, libraries, and swimming pools. The company targets both general users seeking to optimize their visits and professionals managing institutional presence. The website demonstrates a mature technical infrastructure built on Angular with integration of analytics tools like Google Analytics and Microsoft Clarity, hosted under a reputable registrar OVH with DNS managed by Cloudflare. Security posture is strong with HTTPS enforced and domain protection statuses, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with clear cookie consent mechanisms and GDPR-aligned policies. Overall, the platform presents a professional, trustworthy, and user-friendly digital presence.

P

PushOwl

pushowl.com

67

PushOwl is a SaaS company providing an omnichannel marketing platform for Shopify merchants, integrating email, SMS, and push notifications to help e-commerce stores increase sales and customer engagement. The website is professionally designed using Webflow and integrates multiple modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. The technical infrastructure reflects a mature digital presence with good mobile optimization and accessibility. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and compliance. Security posture is moderate with HTTPS usage but missing explicit security headers and vulnerability disclosure information. Overall, the website is trustworthy and well-positioned in the e-commerce marketing sector but would benefit from enhanced compliance and security disclosures.

S

SENSORIUM

sensorium.is

58

SENSORIUM operates a WordPress-based website focused on promoting cultural festivals, specifically the Sensorium Festival editions from 2021 through 2024. The site targets a general audience interested in cultural events and provides event dates and links to detailed festival pages. The business appears to be a small-scale cultural event promoter founded in 2016, with consistent branding and a professional web presence. Technically, the site uses WordPress with common plugins such as Yoast SEO and WP Dark Mode, hosted by websupport.sk, and includes Google Analytics for visitor tracking. The website is moderately optimized for performance and mobile use, with good SEO practices and basic accessibility features. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure information is present. Overall, the domain registration data aligns well with the website content and business age, indicating legitimacy. The site is safe for general audiences with no adult or explicit content detected.

N

Nadační fond IOCB Tech

nf-iocbtech.cz

51

Nadační fond IOCB Tech is a Czech non-profit foundation established in 2022 focused on supporting scientific research, popularization of science, and technology transfer. The foundation aims to enhance the development of science and its practical applications, targeting scientists, researchers, students, and the general public interested in science. The website reflects a professional and consistent brand presence with clear communication of its mission and activities. Technically, the website employs modern JavaScript libraries such as Google Analytics, Google Tag Manager, and ScrollMagic, with responsive design elements likely based on Bootstrap. Hosting and domain registration are consistent with the Czech Republic location. The site performs moderately well with good mobile optimization and basic accessibility features, though SEO and accessibility could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance. No forms or sensitive data collection points were detected, reducing immediate risk exposure. Social media integration is present but tracking practices are moderate and could benefit from enhanced transparency. Overall, the website is trustworthy and professionally maintained but would benefit from adding privacy and cookie policies, security headers, and incident response information to improve compliance and security posture. These improvements would enhance user trust and regulatory adherence.

Č

Česká centra

czechcentres.cz

55

Česká centra is the official governmental organization responsible for promoting Czech culture worldwide through a network of cultural centers abroad. The website serves as a comprehensive portal for information about their international branches, cultural events, projects, and media resources. It targets international audiences interested in Czech culture, including partners, media, and the general public. The organization holds a strong market position as the official cultural representation of the Czech Republic abroad. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Facebook Pixel, Vimeo for video content, and Algolia for search functionality. The CMS appears to be Statamic, and the site is well-optimized for mobile devices with good SEO and accessibility features. Performance is moderate with asynchronous loading of scripts to enhance user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating good privacy compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible and could be improved. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is notable but likely due to registry policies for government domains. Overall, the site demonstrates a strong security posture with room for minor improvements. The overall risk assessment is low, with the website appearing trustworthy, professional, and compliant with GDPR. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility. The site is a reliable digital asset for the Czech government's cultural diplomacy efforts.

I

International Visegrad Fund

visegradfund.org

65

The International Visegrad Fund is a well-established non-profit organization dedicated to fostering sustainable regional cooperation in Central Europe. It provides funding through grants, scholarships, fellowships, and artist residencies, supporting over 5,000 projects historically. The website reflects a professional and consistent brand image with a clear focus on its mission and services, targeting individuals and organizations involved in regional development, culture, and academia. The organization has a strong market position as a key regional fund with a 25-year history. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery, Select2, and Owl Carousel. It integrates Google Analytics and Facebook Pixel for analytics and marketing purposes. The site is mobile-optimized with good SEO practices and moderate performance. However, some accessibility features could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration and secure form handling. It lacks some security headers and explicit incident response or vulnerability disclosure policies, which are recommended for enhanced security posture. Privacy compliance is mostly addressed with a comprehensive privacy policy, but the absence of a cookie consent mechanism is a notable gap. Overall, the website presents a trustworthy and professional digital presence for the International Visegrad Fund, with minor improvements suggested in privacy compliance and security best practices to further strengthen its posture.

N

Nadace BLÍŽKSOBĚ

blizksobe.cz

48

Nadace BLÍŽKSOBĚ is a Czech non-profit foundation dedicated to supporting organizations and individuals that enhance social quality of life, focusing on education, democracy, and civil society. The website presents a professional and consistent brand image with clear mission statements and support for known social initiatives such as Člověk v tísni. Technically, the site is built on WordPress with Bootstrap and uses modern web technologies including Google Analytics and reCAPTCHA for security. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and anti-bot measures, but lacks advanced security headers and published security policies. The absence of privacy and cookie policies is a compliance gap given GDPR relevance. WHOIS data is unavailable, which limits domain trust verification and reduces overall credibility. No signs of WAF or content blocking were detected, and the site content is safe for general audiences.

S

S2 STUDIO s.r.o.

s2studio.cz

10

S2 STUDIO s.r.o. is a Czech-based internet studio established in 2003, specializing in web design, online marketing, graphic design, and advertising production. The company offers a comprehensive suite of services including e-shops, custom software development, and strategic online marketing, targeting businesses seeking integrated digital solutions. Their market position is supported by recognized certifications such as Google Partner and ISO 9001, and memberships in professional associations, indicating a reputable and established presence in the Czech Republic. Technically, the website employs a modern tech stack with popular JavaScript libraries and analytics tools, ensuring good performance and user experience across devices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though improvements in security headers and explicit incident response policies are recommended. Overall, the website is professional, trustworthy, and compliant with GDPR, though the absence of WHOIS data limits domain registration trust assessment. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and improving accessibility compliance to further strengthen their security and compliance posture.

L

LAKUTOTO

journallactionregionale.com

60

LAKUTOTO operates as an online gambling platform specializing in toto and togel services, offering access to multiple trusted toto sites and Bandar Toto Macau with attractive bonuses. The website targets online lottery players seeking secure and rewarding gambling experiences. Technically, the site is built on the Squarespace CMS platform, leveraging common marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. The infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and cookie consent mechanisms, which impacts privacy compliance. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is consistent and legitimate, supporting the business claims. However, the use of suspicious external domains for login and registration links raises some concerns. Strategic improvements in security policies, privacy compliance, and transparency are recommended to enhance trust and regulatory adherence.

W

WP Bullet

wp-bullet.com

60

WP Bullet is a specialized WordPress performance optimization company founded in 2016, offering plugins, services, and guides to improve website speed, stability, and search engine rankings. The company targets site owners, agencies, and corporations seeking to enhance their WordPress and WooCommerce sites' performance and revenue. Their market position is supported by detailed case studies and strong client testimonials, reflecting a niche expertise in WordPress optimization. Technically, the website is built on WordPress 6.8.3, uses modern JavaScript libraries like jQuery 3.7.1, and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized, fast loading, and well-structured with good SEO practices. Hosting details are not explicit but DNS is managed via Cloudflare. Security posture is moderate with HTTPS enabled and domain transfer/update protections in place. However, the absence of DNSSEC, security headers, and published privacy or cookie policies indicates room for improvement. No incident response or vulnerability disclosure mechanisms are evident. Overall, WP Bullet presents a professional and trustworthy online presence with strong business credibility but should enhance privacy compliance and security best practices to reduce risk and improve user trust.

S

Simple et Solaire

simple-et-solaire.com

47

Simple et Solaire is a French company specializing in the sale and support of autonomous solar energy kits and equipment, targeting individuals, professionals, NGOs, and communities both in France and internationally. Established since 2008, the company offers a range of photovoltaic kits, batteries, solar lamps, and related services including technical advice, training, and after-sales support. Their market position is that of a trusted expert in solar autonomy, with a particular focus on solutions for isolated sites and the African market. Technically, the website is built on the PrestaShop CMS platform, utilizing jQuery and Google Analytics for tracking. The site is moderately optimized for performance and mobile use, with good SEO practices and clear navigation. However, some modern security best practices such as security headers and cookie consent mechanisms are missing, which could impact compliance and security posture. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data for the domain is a concern, as it limits verification of domain legitimacy and registration details. Overall, the website presents a professional and trustworthy front for a small energy sector business, but improvements in security policies, privacy compliance, and domain registration transparency are recommended to enhance trust and reduce risk.

P

Partner & Co

semence-biologique.fr

39

SemBio, operated by Partner & Co, is a French e-commerce business specializing in the sale of certified organic seeds and seed mixtures for agricultural use. The website targets French-speaking agricultural professionals and organic farmers, offering a range of products including pure seeds and specialized blends for various farming sectors. The company positions itself as a niche supplier within the organic agriculture retail market in France. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO best practices. It integrates marketing and analytics tools such as Google Analytics, Google Tag Manager, and Sendinblue for newsletter and marketing automation. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and uses security headers, reflecting a good security posture. However, it lacks a publicly available security policy or incident response contact information. The domain WHOIS data is privacy protected, which is common and justified for this business type. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with room for improvement in security transparency and accessibility.

A

Aqua-Techniques

aqua-techniques.fr

59

Aqua-Techniques is a French retailer specializing in ecological water treatment and filtration solutions, distributing exclusive brands such as Doulton, British Berkefeld, and Sprite Showers. The company targets environmentally conscious consumers seeking water purification products for domestic use. Their website is built on the Oxatis e-commerce platform with AngularJS frontend, integrating modern marketing and analytics tools like Google Tag Manager and Google Analytics. The site is well-structured, mobile-optimized, and provides clear contact information including a dedicated phone number and contact page. Security posture is adequate with HTTPS and secure payment indicators, though some security headers and explicit policies could be improved. WHOIS data is unavailable, limiting domain legitimacy verification, but the website content and business presentation appear professional and trustworthy. Overall, Aqua-Techniques demonstrates a solid digital presence with room for enhanced security and compliance transparency.

F

Festival de Sevilla

festivalcinesevilla.eu

57

Festival de Sevilla is a well-established European film festival based in Sevilla, Spain, with a strong cultural and media focus. The website serves as a comprehensive platform for festival information, programming, news, and educational initiatives, targeting film enthusiasts, professionals, and the general public. The festival enjoys solid institutional support from government and cultural organizations, enhancing its credibility and market position. Technically, the website is built on Drupal 8, leveraging modern web technologies such as Google Analytics for tracking, AddToAny for social sharing, and lazy loading for performance optimization. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. From a security perspective, the site implements basic privacy compliance with cookie consent and IP anonymization in analytics. However, it lacks advanced security headers, a published security policy, and vulnerability disclosure mechanisms. No blocking or WAF challenges were detected, and no suspicious content was found, indicating a generally secure posture but with room for improvement. Overall, the website is professional, trustworthy, and well-maintained, supporting the festival's mission and audience engagement effectively.

Φ

Φεστιβάλ Κινηματογράφου Θεσσαλονίκης

filmfestival.gr

72

The website www.filmfestival.gr is the official digital presence of the Thessaloniki International Film Festival, a prominent cultural institution in Greece. It provides comprehensive information about the festival's organization, film screenings, professional activities, museum, archives, and an e-shop. The site targets film enthusiasts, industry professionals, and the general public interested in cinema and cultural events. The business model is non-profit, focusing on cultural promotion and film industry support. The website is well-branded, consistent, and rich in relevant content, reflecting a medium-sized organization with a strong market position in the media sector in Greece. Technically, the site is built on Joomla CMS with Bootstrap 3 and uses modern JavaScript libraries like Swiper.js and jQuery. It integrates Google Analytics, Facebook SDK, and Google Adsense for analytics and advertising. The site is mobile-optimized, accessible, and SEO-friendly, with good performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No vulnerabilities or suspicious activities were detected. Overall, the website demonstrates a mature digital infrastructure with good privacy compliance, including GDPR-aligned privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. The WHOIS data aligns with the website's claims, supporting legitimacy. No adult or questionable content is present, making it safe for general audiences. Strategic recommendations include enhancing security headers, adding a vulnerability disclosure policy, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

F

Filmfestival Oostende

filmfestivaloostende.be

61

Filmfestival Oostende is a well-established cultural media organization focused on hosting an annual film festival and promoting arthouse cinema in Oostende, Belgium. The website serves as a comprehensive portal for festival information, news, partner engagement, and ticketing. It targets film enthusiasts, industry professionals, and the general cultural audience. The organization maintains a strong regional presence with partnerships and sponsorships from notable cultural and commercial entities. Technically, the website is built on Drupal 9, leveraging modern JavaScript libraries and analytics tools such as Google Analytics, Hotjar, and Facebook Pixel, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, the site uses HTTPS and cookie consent mechanisms, but could improve by implementing additional security headers and publishing explicit security policies. The absence of WHOIS data limits domain trust analysis, but the overall professionalism and transparency of the site support its legitimacy. Strategic recommendations include enhancing security headers, increasing transparency on incident response, and continuous monitoring of third-party scripts.

Č

Česká filmová a televizní akademie, z.s.

filmovaakademie.cz

51

Česká filmová a televizní akademie (ČFTA) is a prominent Czech non-profit organization dedicated to promoting Czech film and television culture. It organizes the prestigious Český lev awards and provides online access to awarded and nominated films, targeting film professionals, students, and enthusiasts. The website reflects a well-structured and professionally maintained platform with consistent branding and relevant content. Technically, the site employs established JavaScript libraries such as jQuery and integrates Google Analytics and Tag Manager for visitor tracking. While the site is mobile-optimized and SEO-friendly, some technologies like jQuery are outdated, which could pose security risks. Security posture is moderate with HTTPS enabled and cookie consent mechanisms in place, but lacks visible security headers and published incident response policies. The absence of WHOIS data limits domain trust assessment, though the website content and business information appear legitimate and professional. Overall, the site is safe for general audiences and maintains good privacy compliance with comprehensive policies.

Cecoforma is a Belgium-based event and communication business with over 30 years of experience, offering expert services in event organization and communication management. The company targets a general audience including corporate clients and organizations seeking professional event support. Their market position is solid within the regional Belgian market, supported by certifications such as ISO 9001 and ISO 20121, and memberships in recognized industry bodies. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site uses modern web technologies including Google Analytics and a Craft CMS-based SEO plugin, with good mobile optimization and accessibility. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements are recommended in DNSSEC and security headers. No critical vulnerabilities or suspicious content were detected. Overall, the website and domain registration data align well, indicating a trustworthy and credible business presence online.

T

Ticketware SE

cinemaware.eu

39

Ticketware SE operates a specialized ticket sales software platform targeting cultural institutions such as cinemas, theaters, museums, and cultural centers primarily in Slovakia and the Czech Republic. The company offers an integrated solution for online ticket sales, seat reservations, ticket printing, and entry control, serving over 450 clients with monthly sales exceeding one million tickets. The website reflects a professional business presence with clear branding and relevant content tailored to its target audience. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, Facebook SDK, and Google reCAPTCHA v3 for bot protection. The site is mobile optimized and uses HTTPS with a good SSL configuration. However, it lacks some security headers and explicit privacy and cookie policies, which are important for compliance and user trust. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CAPTCHA integration but misses formal security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data aligns well with the website’s business claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security policy transparency to improve user trust and regulatory adherence.

M

Město Kutná Hora

kutnahora.cz

64

Město Kutná Hora operates an official municipal information portal serving citizens, entrepreneurs, and tourists. The website provides comprehensive information about city administration, cultural events, tourism, and local services. It holds a strong market position as the authoritative source for Kutná Hora city information, leveraging official branding and UNESCO heritage association. The portal supports multiple languages and integrates social media channels to enhance engagement. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and various JavaScript libraries for UI components and analytics. The CMS identified is Marwel, a specialized platform. The site is mobile optimized with good SEO and accessibility features, though some improvements in security headers and incident response transparency are recommended. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with GDPR-aligned cookie management and privacy policy presence. Overall, the website is a trustworthy, well-maintained municipal portal with moderate technical sophistication and good user experience. The absence of WHOIS data slightly reduces domain trust but does not detract from the legitimacy of the site. Strategic improvements in security policy publication and header implementation would enhance the security posture further.