Security Directory

Svaz účetních České republiky, z. s. is a well-established professional association founded in 1990 that serves accounting professionals, auditors, and tax advisors in the Czech Republic. The organization provides certification programs, publishes specialized accounting journals, and offers educational seminars and online professional systems. Their website reflects a professional and consistent brand presence with clear contact information and a comprehensive offering of services tailored to finance professionals and non-profit organizations. Technically, the site employs modern web technologies including Google Fonts, jQuery, Foundation framework, and integrates Google Analytics and Facebook Pixel for tracking. Security measures include HTTPS enforcement and use of Google reCAPTCHA on login forms, though security headers are not detected and could be improved. Privacy compliance is addressed with a clear privacy policy and cookie consent mechanism, indicating GDPR awareness. However, WHOIS data is unavailable, which reduces domain registration trustworthiness, though the website content and business information appear legitimate. Overall, the site scores well on content quality, technical implementation, security posture, privacy compliance, and business credibility, making it a reliable resource for its target audience.

The website www.yourcareer.gov.au appears to be a government-related portal focused on career services in Australia. However, the provided HTML content is minimal and primarily consists of a loading spinner with no substantive content accessible, indicating that the site is likely protected by a Web Application Firewall or similar security mechanism that blocks full content retrieval. The technical infrastructure includes modern JavaScript modules and tracking via Google Analytics and Google Tag Manager, but lacks visible security headers or privacy policies in the accessible content. The WHOIS data is unavailable due to registrar and auDA restrictions, which is typical for Australian government domains, supporting the legitimacy of the site. Overall, the site’s security posture is weak based on the accessible data, with critical gaps in privacy compliance and contact information. Strategic recommendations include improving content accessibility, implementing comprehensive privacy and cookie policies, and enhancing security headers and HTTPS enforcement.

W

Workforce Australia

workforceaustralia.gov.au

68

Workforce Australia is a government-operated employment services platform designed to assist Australian individuals in finding jobs and accessing employment-related programs. The website offers a variety of services including job search, training programs, career transition assistance, and employer services for job advertising and candidate sourcing. It serves as a national portal under the Australian Government, targeting job seekers and businesses across Australia. Technically, the website employs modern web technologies such as Vue.js and the Mint Framework, hosted on Microsoft Azure infrastructure. It integrates Google Analytics and Google Tag Manager for user analytics and tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although explicit privacy and cookie policies are not clearly presented in the analyzed content. From a security perspective, the site uses HTTPS and does not expose sensitive data in its HTML content. However, it lacks visible security headers and explicit security policies or incident response contacts. The WHOIS data is limited due to Australian domain administration policies but aligns with expectations for a government domain, indicating legitimacy. Overall, Workforce Australia presents a professional and trustworthy government service platform with a solid technical foundation. Enhancements in privacy transparency, security header implementation, and contact information visibility would further strengthen its security posture and user trust.

Sdružení účetních a daňových poradců, z.s. is a Czech non-profit association founded in 1991, providing educational seminars, online training, and publications for accounting and tax advisory professionals. The website presents a professional and consistent brand image, targeting Czech accounting professionals with membership benefits and educational content. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, and Google reCAPTCHA, with good mobile optimization and secure HTTPS connections. Security posture is solid with secure login forms and HTTPS, but lacks some security headers and cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration transparency, though the website content and professional presentation support legitimacy. Overall, the site is well-structured, trustworthy, and serves its niche audience effectively.

T

The Fast Mode

thefastmode.com

71

The Fast Mode is an independent research and media company specializing in telecommunications news, analysis, and industry insights. Founded in 2013, it serves a professional audience including telecom operators, technology providers, and industry analysts. The website offers breaking news, expert opinions, white papers, and event coverage, supported by advertising and newsletter subscriptions. Technically, the site is built on Joomla CMS with modern JavaScript libraries and integrates Google Analytics, AddThis, and OneSignal for analytics and marketing. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS and CSRF protections, though it lacks some security headers and explicit incident response contacts. Privacy and cookie policies are present but lack explicit consent mechanisms. WHOIS data is unavailable, which reduces domain trustworthiness, but the website's professional content and social presence support legitimacy. Overall, the site is well-maintained, content-rich, and trustworthy for its target audience.

P

Pulse 2.0 LLC

pulse2.com

52

Pulse 2.0 LLC operates a specialized online media platform delivering business news, profiles, and deal flow coverage primarily focused on finance sectors such as venture capital, private equity, asset management, and mergers and acquisitions. Established in 2002, the website serves business professionals and investors seeking timely and relevant industry insights. The platform leverages WordPress CMS with modern web technologies including Bootstrap and jQuery, supported by Google Tag Manager and Google Analytics for marketing and analytics purposes. The site demonstrates good content quality, professional design, and clear navigation, optimized for mobile devices. From a security perspective, the website enforces HTTPS and employs domain registration locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit security or incident response policies are published. Privacy compliance is basic, with a privacy policy present but lacking cookie consent mechanisms despite the use of tracking scripts. Contact information is limited to a web form and social media channels, with no direct emails or phone numbers disclosed. Overall, Pulse 2.0 presents a credible and professional business news service with moderate technical maturity and security posture. The absence of advanced privacy controls and security disclosures suggests room for improvement in compliance and transparency. The domain's long history and consistent registration details support the legitimacy of the business. Strategic recommendations include enabling DNSSEC, implementing cookie consent to comply with privacy regulations, publishing a security policy and incident response contacts, and conducting regular security audits of third-party scripts to enhance trust and security culture.

R

Radical Apps

usedust.com

53

Usedust.com is the official website for Dust, a secure messaging app developed by Radical Apps. The site promotes a suite of privacy-focused digital tools including encrypted messaging, private web search, and identity theft protection. The business targets privacy-conscious users seeking secure communication solutions. The website is built on WordPress and hosted on AWS infrastructure, leveraging modern web technologies and multimedia content to engage visitors. While the site is professionally designed and mobile-optimized, it lacks some advanced privacy compliance features such as a cookie policy and explicit GDPR indicators. Security posture is moderate with HTTPS enforced but missing DNSSEC and security headers. The domain registration is consistent and legitimate, with no privacy protection used, indicating transparency. Overall, the website presents a credible business with room for improvement in privacy and security practices.

B

Built by Buffalo Limited

builtbybuffalo.com

60

Built by Buffalo Limited is a boutique web design and branding agency based in Brighton, UK, established in 2006. The company specializes in creating visually appealing and user-friendly websites and brands for clients worldwide. Their market position is that of a reputable small agency known for quality and client satisfaction, offering services including web design, development, e-commerce solutions, and content management systems. The website reflects a professional and consistent brand image with strong client testimonials and partner endorsements from Shopify and Mailchimp. Technically, the website uses modern web technologies such as HTML5, CSS3, JavaScript with MooTools and Raphaël.js, and integrates Google Analytics and Tag Manager for tracking. Hosting and DNS services are provided via Cloudflare, although DNSSEC is not enabled. The site is mobile optimized with good SEO and accessibility basics. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and DNSSEC is absent. Privacy compliance is basic with a privacy policy page but no cookie consent mechanism. Overall, the website is professional and trustworthy but could improve security and privacy practices.

R

Revy Apps

revy.io

61

Revy Apps is a small Canadian-based company specializing in developing premium Shopify applications aimed at helping merchants grow their online stores. Their product portfolio includes apps such as Unlimited Bundles & Discounts and Unlimited Smart UpSell Offers, targeting Shopify store owners seeking to increase sales through automated and easy-to-use tools. The company has been operational since 2017 and serves thousands of merchants globally, positioning itself as a niche player in the e-commerce app market. Technically, the website employs a modern technology stack including Bootstrap for responsive design, jQuery, and several UI libraries like Owl Carousel and Slick Carousel. It integrates Google Analytics and Helpscout Beacon for analytics and customer support, respectively. The site is hosted behind Cloudflare DNS, ensuring reliable performance and security, although DNSSEC is not enabled. The website is mobile-optimized with good SEO practices and a clean, professional design. From a security perspective, the site enforces HTTPS and has domain status protections to prevent unauthorized changes. However, it lacks several security headers and does not implement a cookie consent mechanism, which may impact privacy compliance. No explicit security policies or incident response contacts are published, and no vulnerability disclosure program is evident. The WHOIS data is consistent with the business claims, showing a legitimate registration with no privacy protection, enhancing trust. Overall, Revy.io presents a trustworthy and professional online presence with a solid business model and technical foundation. To improve, the company should enhance privacy compliance by adding cookie consent, implement security headers, and publish security policies. These steps will strengthen their security posture and regulatory adherence, supporting continued growth and customer trust.

C

Centre des Congrès Océanice

oceanice-congres.com

65

The website www.oceanice-congres.com represents the Centre des Congrès Océanice, a modern congress and event center located in Nice, France. It offers modular event spaces, accessibility features, and an eco-responsible approach to hosting events. The site targets event organizers, businesses, associations, and public entities seeking professional venues in the region. The business model focuses on venue rental and associated event services, positioning itself as a new and environmentally conscious player in the hospitality sector of Nice. Technically, the website is built on WordPress 6.6.2 with a variety of plugins including Yoast SEO for optimization, Iris Map for mapping features, and Sentry for error tracking. It uses modern web technologies such as jQuery and MapLibre GL JS. The site is well-optimized for SEO and mobile devices, with good accessibility features. Performance is moderate, with room for improvement in loading speed and technical enhancements. From a security perspective, the site uses HTTPS with a good SSL configuration and employs Sentry for monitoring. However, it lacks explicit security headers and formal privacy and cookie policies, which are important for compliance and user trust. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, although the website content itself appears professional and legitimate. Overall, the website presents a solid business presence with good technical implementation and security posture but requires improvements in privacy compliance and domain registration transparency to enhance trust and regulatory adherence.

O

ONdrugDelivery

ondrugdelivery.com

67

ONdrugDelivery is a well-established B2B publication specializing in the global drug delivery industry, providing high-quality, focused content including expert views, interviews, and industry news. The website targets pharma and biopharma professionals worldwide and maintains a strong market position as a trusted source of industry intelligence. Technically, the site is built on WordPress with a moderate performance profile, leveraging common plugins for SEO, advertising, and cookie compliance. The infrastructure includes Cloudflare DNS and GoDaddy as registrar, with SSL properly configured. Security posture is solid with HTTPS enforced and domain locking, though DNSSEC is not enabled and some advanced security headers are missing. Privacy compliance is good, with clear privacy and cookie policies and consent mechanisms in place. No direct contact information or incident response details are publicly available, which could be improved. Overall, the site is professional, trustworthy, and safe for general audiences.

O

Olife Energy, a.s.

olife-energy.com

51

Olife Energy, a.s. is a Czech-based company specializing in the development and production of intelligent electric vehicle (EV) charging stations and comprehensive energy solutions. Established in 2014, the company offers a wide range of AC and DC charging stations with power outputs from 3.7 kW up to 400 kW, catering to various customer needs including wall-mounted and stand-mounted options. Their business model integrates hardware manufacturing with intelligent software and cloud services, positioning them as a niche regional player with a focus on quality and customization. The website reflects a professional and consistent brand image, targeting EV owners, businesses, and energy solution customers primarily in the Czech Republic and surrounding regions. Technically, the website is built using modern web technologies including Angular 11 and Bootstrap 4.6, with integration of popular analytics tools such as Google Analytics and Google Tag Manager. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Hosting appears to be managed through Forpsi, a Czech hosting provider, consistent with the company’s local presence. Performance is moderate with room for improvement in SEO and accessibility features. From a security perspective, the site uses HTTPS (implied by external scripts loaded via HTTPS) but lacks visible advanced security headers and DNSSEC is not enabled, which are areas for enhancement. Privacy compliance is strong with clear GDPR and cookie policies and an opt-in consent mechanism. Contact information is transparent and includes multiple channels. However, no explicit security policy or incident response contacts are published, which could be improved to enhance trust and readiness. Overall, Olife Energy’s website demonstrates a solid business and technical foundation with good privacy practices but moderate security posture. Strategic improvements in security headers, DNSSEC, and incident response transparency would strengthen their security maturity and trustworthiness.

T

Telit

telit-cinterion.com

71

Telit is a global IoT solutions provider specializing in cellular modules, connectivity services, edge AI, and custom IoT solutions. The company targets businesses and enterprises seeking to accelerate digital transformation through IoT technologies. Their market position is strong with a broad portfolio and platform offerings that support various industries including technology, energy, and transportation. The website demonstrates a mature digital presence with professional design, comprehensive content, and active social media engagement. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses advanced tools such as Yoast SEO, Smart Slider 3, and Google Analytics. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not published. The WHOIS data is unavailable, which raises some concerns about domain registration transparency. However, the website's professional content, social media presence, and security practices support its legitimacy. Overall, the site presents a trustworthy and authoritative front for Telit's IoT business. Strategic recommendations include publishing detailed security and incident response policies, enhancing direct contact information availability, and verifying domain registration details to improve trust and compliance.

U

UltaHost

ultahost.com

76

UltaHost is a technology company specializing in web hosting and domain registration services, targeting individuals and businesses seeking reliable and fast hosting solutions. Founded in 2019 and based in Delaware, USA, UltaHost positions itself as a leader in fast hosting with a broad portfolio including shared, VPS, dedicated, and specialized hosting services. The company leverages AI-powered tools to enhance customer experience and domain management. Technically, the website employs modern web technologies such as jQuery, Bootstrap 5, and integrates analytics and marketing tools like Google Analytics, Hotjar, and Tidio Chat. The infrastructure uses Cloudflare DNS for performance and security. Security posture is solid with HTTPS enforcement and client transfer protection on the domain, though improvements are possible by enabling DNSSEC and adding security headers. Privacy compliance is addressed with cookie consent and policies, but incident response and vulnerability disclosure information are absent. Overall, UltaHost demonstrates a professional and trustworthy online presence with good business credibility and technical maturity.

A

Alexion Pharmaceuticals, Inc.

ultomiris.com

70

Alexion Pharmaceuticals, Inc. operates the ultomiris.com website as an official patient resource for ULTOMIRIS®, a prescription drug treating rare diseases such as NMOSD, gMG, aHUS, and PNH. The site provides comprehensive patient education, safety information, and personalized support programs, positioning Alexion as a specialized leader in rare disease pharmaceuticals. The website is well-branded, professionally designed, and targets patients and caregivers seeking treatment information and support. Technically, the site leverages modern frameworks like Bootstrap and Sitecore CMS, integrates analytics and advertising tools responsibly with consent mechanisms, and is hosted on AWS infrastructure. Security posture is solid with HTTPS and domain protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear policies and cookie consent management. Overall, the site reflects a mature digital presence aligned with healthcare industry standards.

R

RATP Dev Australia

ratpdevaustralia.com.au

66

RATP Dev Australia is a regional branch of the global RATP Dev group, specializing in the operation and maintenance of urban and intercity transportation systems. The company leverages the extensive experience of its parent, RATP Group, a major public transport operator with over a century of history. The website presents a professional image with detailed references to global operations, emphasizing expertise in automated metro systems and various transit modes. Technically, the site is built on Drupal 10 and integrates modern analytics tools with privacy-conscious configurations. Security posture is generally good with HTTPS and cookie consent implemented, though there is room for improvement in security headers and transparency of policies. WHOIS data is incomplete, which slightly impacts trust but does not detract from the overall legitimacy indicated by the website content and branding.

R

RATP Dev

ratpdev.it

53

RATP Dev Italy is a subsidiary of the global RATP Dev group, specializing in operating and maintaining urban and intercity transportation systems across multiple continents. The company offers a wide range of transportation services including bus, tramway, rail, metro, sightseeing, mobility on demand, paratransit, and cable car operations. The website reflects a mature enterprise with a consistent brand and professional content targeting transportation authorities and the general public. Technically, the site is built on Drupal 10 with integration of Google Analytics, Matomo, and Google Maps API, indicating a modern digital infrastructure with moderate performance and good mobile optimization. Security posture is moderate with some privacy-conscious configurations in analytics but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

RATP Dev

ratpdevusa.com

64

RATP Dev USA operates as a regional branch of the global RATP Dev group, providing urban and intercity transportation services across multiple continents. The company offers a wide range of transit solutions including bus, tramway, paratransit, metro, rail, cable cars, and sightseeing services. Their market position is strong as one of the largest multi-modal urban public transit operators with over 120 subsidiaries in 17 countries. The website reflects a professional and consistent brand image targeting transit agencies and passengers. Technically, the website is built on Drupal 10 CMS and leverages modern web technologies including Google Analytics, Matomo for analytics, and Google Maps API for geolocation features. The site is moderately performant, mobile-optimized, and has good SEO and accessibility basics. However, some security best practices such as security headers are missing, and no explicit security or incident response policies are published. Security posture is adequate with HTTPS enabled and privacy-conscious analytics configurations, but the lack of WHOIS data and absence of privacy policy and contact information reduce trust. No signs of malware or phishing were detected. Overall, the site is safe and business-focused but would benefit from improved transparency and security disclosures. The risk assessment indicates moderate risk primarily due to missing WHOIS data and incomplete privacy and security disclosures. Strategic recommendations include publishing privacy and security policies, adding security headers, providing clear contact information, and establishing a vulnerability disclosure process.

P

Paperton AB

paperton.com

51

Paperton AB is a Swedish company specializing in digital publishing solutions for magazines and newspapers, offering apps for iPhone, iPad, Android, and web platforms. Established in 2009, it serves publishers and readers by providing a platform to access digital magazines. The website reflects a niche media technology provider with a professional online presence and consistent branding. Technically, the site uses common web technologies such as jQuery, Bootstrap, and Google services for analytics and advertising, hosted on AWS infrastructure. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers, and no visible privacy or cookie policies, indicating compliance gaps. The domain registration is consistent and trustworthy, with no privacy protection or suspicious WHOIS patterns. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

S

Slovenská biblická spoločnosť

bibliaprenepocujucich.sk

53

The website 'Biblia pre nepočujúcich' is a non-profit project managed by the Slovenská biblická spoločnosť, providing biblical stories in Slovak sign language targeted at the deaf community in Slovakia. The project is educational and religious in nature, relying on donations for continuation. The site features video content, a sign language dictionary, and is designed with accessibility in mind, though some accessibility features could be improved. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, JW Player for video playback, and integrates Google Tag Manager, Google Analytics, and Facebook Pixel for tracking and analytics. The site is mobile optimized and has good SEO practices, but lacks some advanced accessibility features and security headers. From a security perspective, the site uses HTTPS and includes a CSRF token, but does not expose security headers such as Content-Security-Policy or X-Frame-Options. No privacy or cookie policies are present, which is a compliance gap. No contact information for security incidents or data protection officers is provided. The domain uses privacy protection in WHOIS, which is justified for this non-profit. No vulnerabilities or suspicious patterns were detected. Overall, the website is functional, professional, and safe for general audiences, but improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and security posture.

A

ADRA Connections

adraconnections.org

55

ADRA Connections is a small US-based non-profit organization affiliated with the Adventist Development and Relief Agency (ADRA). It focuses on organizing volunteer service trips and providing scholarships to student volunteers, targeting individuals and groups interested in faith-based humanitarian service. The website is built on Squarespace and integrates social media and video content to engage its audience. While the site uses HTTPS and includes tracking tools like Google Analytics and Facebook Pixel, it lacks comprehensive privacy and cookie policies and has minimal security headers, indicating room for improvement in privacy compliance and security hardening. The WHOIS data is privacy protected, which is common for non-profits, and no suspicious patterns were detected. Overall, the website presents a professional and trustworthy image with good content quality and business credibility but should enhance its privacy and security posture.

The website www.databaze-strategie.cz serves as the official national portal for strategic and conceptual documents in the Czech Republic, operated under the auspices of the Ministry for Regional Development (Ministerstvo pro místní rozvoj ČR) and supported by the National Network of Healthy Cities of the Czech Republic. It provides a comprehensive database of strategic documents at international, national, regional, and local levels, targeting public administration entities, municipalities, and professionals involved in strategic planning. The platform acts as a key tool for cohesion policy and strategic governance in the country. Technically, the site employs a modern JavaScript stack including jQuery, jQuery UI, Select2, and integrates analytics via Google Analytics and Matomo. It uses HTTPS and includes cookie consent mechanisms compliant with GDPR. The site is moderately optimized for performance and mobile use, with basic accessibility features. However, no CMS or hosting provider details are evident, and some security headers are missing. From a security perspective, the site demonstrates good baseline practices such as HTTPS and cookie consent but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS registration data is a concern, reducing trustworthiness despite the official nature of the content. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is a reliable government resource with good content quality and moderate technical maturity. Strategic recommendations include improving security headers, publishing security and incident response policies, enhancing mobile and accessibility compliance, and verifying domain registration details to strengthen trust and compliance.

I

Integsoft, Inc.

integrationeye.com

60

Integration Eye is a modular software product developed by Integsoft, Inc., focused on API monitoring, logging, and security. The product targets businesses and developers requiring robust API management and security solutions. The website presents detailed product features, modular architecture, and transparent pricing, positioning itself as a niche provider in the technology sector. The company emphasizes on-premise and private cloud deployment options, catering to customers with strict data privacy requirements. Technically, the website leverages a modern technology stack including Java, Mule Runtime, XML configurations, and popular web libraries such as jQuery and FontAwesome. It integrates analytics and marketing tools like Google Analytics and Hotjar, indicating a mature digital presence. The site is well-structured, mobile-optimized, and provides comprehensive documentation and demos, reflecting good digital maturity. From a security perspective, the site uses HTTPS and implements CSRF tokens and cookie consent mechanisms, demonstrating basic security hygiene. However, the absence of explicit security headers and a published security policy or incident response contact reduces its security posture. The missing WHOIS domain registration data is a significant concern, potentially impacting trust and legitimacy. Overall, the website is professional and content-rich but requires improvements in domain registration transparency and enhanced security practices to strengthen trust and compliance.

A

Association of MBAs

associationofmbas.com

64

The Association of MBAs (AMBA) operates as a leading global accreditation and membership organization specializing in MBA and postgraduate management education. It serves business schools, students, graduates, and partners worldwide, providing accreditation services, hosting events, and offering networking and insights. The website reflects a mature, professional organization with a strong market position in the education sector. Technically, the site uses modern web technologies including React and Google Analytics, hosted on DigitalOcean with CDN support, delivering a responsive and well-structured user experience. Security posture is adequate with HTTPS and domain protection measures, though lacking advanced security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy or terms of service policies. Overall, the site is trustworthy and professional but could improve transparency and security documentation to enhance compliance and user trust.

A

AMBA & BGA

amba-bga.com

66

AMBA & BGA is a well-established international accreditation and membership organization focused on postgraduate business education. With over 50 years of experience, it serves business schools, students, and graduates globally by providing accreditation services, hosting events, and fostering a quality assurance network. The website demonstrates a mature digital presence with modern technologies such as React and DigitalOcean hosting, complemented by Google Analytics and Tag Manager for analytics and marketing. Security posture is strong with HTTPS, registrar locks, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

L

Louvre-Lens

louvrelens.fr

60

Louvre-Lens is an official French museum branch presenting cultural exhibitions, events, and visitor services. The website serves as a comprehensive portal for museum information, programming, and ticketing, targeting a broad public audience including families, tourists, and cultural enthusiasts. The site is built on WordPress with modern plugins and analytics tools, demonstrating a mature digital infrastructure. Security posture is good with HTTPS, cookie consent, and anonymized analytics, though explicit security headers and incident response contacts are not published. The absence of WHOIS data reduces domain registration trust but the website content and branding strongly indicate legitimacy. Overall, the site is professional, user-friendly, and compliant with GDPR requirements.

L

Lens Lievin Tourisme

groupes-lenslievin.fr

57

Lens Lievin Tourisme operates the website groupes-lenstourisme.fr as a local tourism office focused on organizing group visits and school outings in the Lens-Liévin area of France. The website provides information and resources to facilitate group tourism activities, positioning itself as a key local hospitality service provider. The business is relatively new, with domain registration in 2024, and targets groups such as schools and friends planning visits. Technically, the website is built on WordPress and uses common tools like Google Analytics and Rank Math SEO, indicating a moderate level of digital maturity. The site is hosted by OVH, a reputable provider, and employs HTTPS for secure communications. However, there is room for improvement in security posture, including the implementation of security headers and visible privacy and cookie policies. No forms or direct contact information were found in the analyzed content, which may impact user engagement and trust. Overall, the website is professional and relevant to its audience but would benefit from enhanced privacy compliance and security best practices.

Via Transportation operates a sophisticated digital platform that transforms public transit and shared mobility through software and operational services. The company targets a broad audience including cities, transit authorities, operators, educational institutions, corporations, and healthcare providers. Their market position is strong, supported by strategic partnerships with industry leaders such as Waymo and Citymapper. The website reflects a mature enterprise with comprehensive service offerings including microtransit, paratransit, planning and scheduling, and consulting services. Technically, the site is built on HubSpot CMS with modern marketing and analytics integrations, providing a responsive and accessible user experience. Security posture is solid with HTTPS enforcement, reCAPTCHA Enterprise usage, and domain locking, though DNSSEC is not enabled. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

R

RATP Dev

ratpdev.com

66

RATP Dev is a global operator specializing in the operation and maintenance of urban and interurban transportation networks across five continents. The company offers a wide range of services including metro, tramway, bus, train, sightseeing, demand-responsive transport, and specialized services for persons with reduced mobility. The website reflects a mature enterprise with a strong international presence and multiple subsidiaries. Technically, the site is built on Drupal 10, uses modern analytics and mapping technologies, and implements cookie consent mechanisms, indicating a reasonable level of digital maturity. Security posture is good with HTTPS and some privacy measures, but lacks explicit security policies and vulnerability disclosure mechanisms. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, though the website content and branding align with the known RATP Group. Overall, the site is professional and trustworthy but would benefit from enhanced transparency in privacy and security disclosures.

Solirispro.com is a professionally designed pharmaceutical website dedicated to providing healthcare professionals in the United States with comprehensive information about Soliris (eculizumab), a complement inhibitor drug approved by the FDA for multiple rare diseases. The site emphasizes safety information, prescribing details, and REMS program enrollment, reflecting a strong focus on regulatory compliance and patient safety. The business is positioned as a leader in its niche with extensive clinical trial data and long-term market presence. Technically, the site uses modern web technologies including jQuery, Google Analytics, and Google Tag Manager, hosted likely on AWS infrastructure. While the site is mobile-optimized and well-structured, it lacks some advanced SEO and accessibility features. Security posture is solid with HTTPS and no visible vulnerabilities, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the site projects high business credibility and trustworthiness with minor areas for technical and compliance enhancement.

A

Alexion Pharmaceuticals, Inc.

alexiononesource.com

69

Alexion Pharmaceuticals, Inc. operates the OneSource platform to provide personalized support and education for patients undergoing treatment with Alexion therapies. The website serves as a resource hub offering treatment information, prescribing details, and access to patient education managers. It targets patients and healthcare professionals within the United States, reflecting a specialized healthcare service model. The platform is well-branded and consistent with the parent company's identity, emphasizing trust and professionalism. Technically, the website leverages a modern technology stack including Sitecore CMS, AWS hosting, Google Analytics, Facebook Pixel, and Salesforce marketing tools. It employs HTTPS with strong domain control and uses cookies responsibly with a clear consent mechanism. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, anti-CSRF tokens, and domain status protections. However, it lacks explicit security policies, vulnerability disclosure information, and some recommended security headers like Content-Security-Policy. No vulnerabilities or suspicious activities were detected. The WHOIS data aligns well with the business profile, supporting legitimacy. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements include enabling DNSSEC, enhancing security headers, and publishing security and incident response policies to further strengthen trust and compliance.

S

Sdružení vlastníků obecních, soukromých a církevních lesů v ČR

svol.cz

48

Sdružení vlastníků obecních, soukromých a církevních lesů v ČR (SVOL) is a well-established Czech non-profit association founded in 2002, representing municipal, private, and church forest owners. The organization focuses on advocacy, education, and support services for forest owners, holding a significant market position covering 46% of non-state forest area in the Czech Republic. Their website provides comprehensive information, news updates, and resources tailored to their target audience of forest owners and forestry professionals. Technically, the site is built on Joomla CMS with modern JavaScript libraries and integrates Google Analytics and Tag Manager for user tracking, complemented by a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and well-aligned with the organization's mission and audience.

F

Futura DDB

futuraddb.com

56

Futura DDB is a well-established integrated advertising agency based in Slovenia, offering a comprehensive suite of marketing services that blend digital and traditional approaches. Their market position is strong, supported by a notable client portfolio including major brands such as McDonald's Slovenija and Merkur, and multiple industry awards like the Agency of the Year title awarded 14 times. Their key services include branding, digital product development, communications, gaming and e-sport marketing, and media planning. The website reflects a professional and modern digital presence with excellent design quality and user experience, optimized for mobile devices and enriched with multimedia content.

F

Futura DDB

futura.si

55

Futura DDB is a professional integrated advertising agency based in Slovenia, offering a comprehensive range of marketing services including branding, digital product development, communications, gaming and e-sport marketing, and media planning. The company positions itself as a market leader with multiple industry awards, targeting businesses seeking integrated digital and traditional marketing solutions. The website reflects a mature digital presence with modern technologies such as Alpine.js, Livewire, and Google Analytics integrated for performance and user tracking. The site is well-optimized for mobile and desktop users, providing a seamless user experience with clear navigation and professional design. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place; however, the absence of security headers and WHOIS registration data introduces some risk factors. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and security policies.

A

APA POLSKA sp. z o. o. sp. komandytowa

apartiteq.pl

39

APA POLSKA operates the website apartiteq.pl, specializing in flexible and innovative systems for hanging pictures, wall decorations, and exhibition displays. The company targets a diverse audience including schools, businesses, residential customers, galleries, museums, and public spaces. Their product portfolio includes hanging systems, exhibition systems, signage, and sales support materials. The website is professionally designed with clear navigation and comprehensive product categorization, reflecting a solid market position in Poland.

S

SECTRON s.r.o.

gsmkey.cz

55

SECTRON s.r.o. operates the GSM KEY website offering GSM SMART KEY controllers that enable users to control garage doors, gates, and other devices via mobile phones. The company targets households, small businesses, and larger enterprises such as hotels and parking garages, providing both hardware and cloud-based management services. The website is professionally designed, mobile-optimized, and integrates modern marketing and analytics tools, reflecting a moderate level of digital maturity. However, the absence of WHOIS data and lack of published privacy and security policies indicate areas for improvement in transparency and compliance. Security posture is generally good with HTTPS and cookie consent mechanisms in place, but could benefit from enhanced security headers and incident response disclosures. Overall, the site is trustworthy and business-focused, but would gain from improved privacy compliance and domain registration transparency.

S

SECTRON s.r.o.

sectron.pl

47

SECTRON s.r.o. is a Czech-based company specializing in wireless technologies, including M2M and IoT solutions, with over 29 years of market presence. The company manufactures antennas, cable adapters, and distributes industrial modems, routers, and modules. Their business model combines manufacturing with authorized distribution and e-commerce sales across multiple countries. The website reflects a professional and consistent brand image targeting industrial and technology sectors, including electromobility and smart city applications. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, and Google Analytics, with a responsive design optimized for mobile devices. SEO and content structure are well implemented, though some accessibility features could be improved. Security practices include HTTPS usage and cookie consent mechanisms, but lack visible security headers and published security policies. The security posture is moderate, with no critical vulnerabilities detected in the provided data. Privacy compliance is evident through GDPR-aligned cookie and privacy policies. However, the absence of WHOIS data reduces transparency and trust slightly, though this is common for domains with privacy protection in the .pl registry. Overall, the website is professional, trustworthy, and business-focused, with recommendations to enhance security headers and publish incident response information to improve security maturity and trustworthiness.

R

Premium HD Porn Videos and Sex Movies | Redtube Premium

redtubepremium.com

47

RedtubePremium.com is a defunct adult entertainment website that previously offered premium HD pornographic videos. The current website content indicates that the domain is no longer available and redirects users to Spicevids, a partner adult content platform. The site uses Google Analytics and Google Tag Manager for tracking but lacks privacy, cookie, or terms of service policies. WHOIS data is missing, suggesting the domain is unregistered or expired, which undermines the legitimacy and trustworthiness of the site. Technically, the site has basic mobile optimization and SEO but lacks security headers and visible HTTPS confirmation in the provided data. Overall, the site is accessible but minimal and primarily serves as a redirect to a partner site.

P

PharOS

pharosgr.gr

48

PharOS is a privately owned pharmaceutical company based in Greece, specializing in the development, manufacturing, and supply of generic and value-added pharmaceutical products. The company boasts a significant global footprint with over 104 products and marketing authorizations in more than 116 countries, positioning itself as a key player in the pharmaceutical industry. The website reflects a professional and consistent brand image, targeting healthcare professionals and global markets. Technically, the site is built on WordPress, utilizing common libraries such as jQuery and Google Analytics, with moderate performance and good mobile optimization. Security measures include HTTPS and reCAPTCHA integration, though additional security headers and explicit privacy policies are lacking. Overall, the site is safe, trustworthy, and well-structured but would benefit from enhanced privacy compliance and security documentation.

G

GENAQ

genaq.com

57

GENAQ is a medium-sized Spanish company specializing in manufacturing atmospheric water generators that extract potable water from air. The company positions itself as an innovative and sustainable solution provider addressing global water scarcity challenges. Their website is professionally designed, multilingual, and optimized for SEO, reflecting a mature digital presence. Technically, the site uses WordPress with modern frameworks and plugins, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms, though some enhancements like DNSSEC and security headers could improve it further. No critical vulnerabilities or suspicious content were detected. Overall, GENAQ demonstrates strong business credibility and trustworthiness with multiple certifications and customer testimonials.

Etanomics Service GmbH is a German-based energy consulting company specializing in energy efficiency, energy management, and decarbonization services. Founded in 2012, the company has established itself as a leading service provider with over 1000 projects, focusing on helping businesses reduce energy consumption, lower costs, and minimize their carbon footprint. Their service portfolio includes energy audits, feasibility studies, ISO 50001 energy management systems, and funding advisory, targeting companies seeking sustainable and economically viable energy solutions. Technically, the website employs a moderate technology stack including jQuery, Modernizr, Google Analytics, and LinkedIn Insight tags. The site is well-structured with good SEO and mobile optimization, though it lacks advanced CMS indicators and some modern security headers. Performance is moderate, and the site uses HTTPS with anonymized IP tracking for privacy. From a security perspective, the site shows good baseline practices such as HTTPS and cookie consent mechanisms, but lacks explicit security policies, incident response contacts, and DNSSEC. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company’s founding date and no privacy protection, enhancing trustworthiness. Overall, Etanomics.com presents a professional and trustworthy digital presence with solid business credibility and compliance with GDPR. Recommendations include enhancing security headers, enabling DNSSEC, updating legacy libraries, and publishing formal security and incident response policies to further strengthen their security posture and trust.

A

aqotec GmbH

aqotec.com

65

aqotec GmbH is an Austrian company operating in the energy sector, likely providing technology or energy-related services. The company has a mature domain registered since 2009, indicating an established presence. The website is built on WordPress with common plugins such as RevSlider and WPRocket, and uses Google Analytics for visitor tracking. However, the site lacks explicit privacy, cookie, and terms of service policies, and does not provide clear contact information, which impacts its privacy compliance and user trust. Security posture is moderate with HTTPS enabled and domain status protections, but lacks DNSSEC and security headers. Overall, the website is functional but could improve in privacy compliance and security best practices.

ISOPLUS is a European manufacturer specializing in pre-insulated piping systems that support the energy transition across Europe. The company serves sectors including district heating and cooling, bioenergy, agriculture, solar heating, industry, and carbon capture and storage (CCS). With a presence in over 30 countries and multiple production sites, ISOPLUS offers a comprehensive product portfolio and extensive service support, positioning itself as a key player in sustainable energy infrastructure. Technically, the website is built on TYPO3 CMS and employs modern web technologies including Bootstrap, Google Analytics, and Google Tag Manager. The site is well-optimized for mobile devices, features clear navigation, and implements cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with good accessibility and SEO practices. From a security perspective, the site enforces HTTPS and uses cookie consent to manage tracking. However, explicit security headers are not detected in the HTML, and no public security or incident response policies are published. The WHOIS data is unavailable due to privacy protection, which is justified for a business of this scale. No critical vulnerabilities or exposed sensitive data were found in the site content. Overall, ISOPLUS presents a professional and trustworthy online presence with strong business credibility and compliance posture. Strategic improvements in security header implementation and transparency around security policies could further enhance trust and security maturity.

G

GRITEC GmbH

gritec.com

53

GRITEC GmbH is a well-established German company specializing in technical buildings and metal components for infrastructure sectors such as energy, transport, and telecommunications. With over 60 years of experience and a recent brand relaunch from Betonbau to GRITEC, the company positions itself as a full-service provider offering products like walk-in concrete stations, compact substations, and metal components including doors and ventilation systems. Their business model focuses on manufacturing combined with technical services including planning, testing, logistics, and assembly, targeting infrastructure clients requiring customized technical building solutions. The website reflects a mature digital presence with multilingual support and professional design.

I

ISSA CZECH s.r.o.

cloverbooks.cz

56

Jazyková škola Cloverleaf Ostrava is a well-established language school operating since 1993, offering a broad range of language courses including English, Cambridge exam preparation, e-learning, and corporate training. The school targets a diverse audience including individuals, children, youth, and corporate clients, positioning itself as the largest language school in the Ostrava region. The website is professionally designed, mobile-optimized, and provides comprehensive information about courses, contact details, and policies. Technically, the site uses modern frameworks like Bootstrap and integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Seznam Retargeting. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit incident response or security policy pages are found. The absence of WHOIS data for the domain reduces trustworthiness slightly, but the overall business credibility remains high due to transparent contact information and professional presentation.

N

Národní kulturní památka Vyšehrad

praha-vysehrad.cz

49

Národní kulturní památka Vyšehrad operates as a national cultural monument in Prague, providing visitors with guided tours, cultural events, educational programs, and venue rental services. The website reflects a well-established institution supported by the City of Prague, targeting tourists, local visitors, and educational groups. The business model centers on cultural heritage preservation combined with revenue from ticket sales and merchandise. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, and Google Maps API, likely built on a Ruby on Rails framework, hosted by Active24. The site is mobile optimized with good navigation and content quality. Security posture is moderate with CSRF protections and HTTPS usage implied, but lacks explicit security headers and comprehensive security policies. Privacy compliance is basic with a GDPR-aligned privacy policy but no cookie consent mechanism. Overall, the domain registration data supports the legitimacy and trustworthiness of the site.

Quantcom is a Czech telecommunications company specializing in providing high-quality connectivity solutions for professional clients. Their services include internet, data, voice, security, cloud, and infrastructure leasing. They operate their own international optical backbone network and metropolitan networks, serving a broad range of business customers from SMEs to multinational corporations and state institutions. The company emphasizes reliability, speed, and personalized service with 24/7 support and SLA guarantees. The website reflects a mature digital presence with modern technologies and comprehensive content tailored to business clients. Technically, the website is built using Gatsby, React, and Tailwind CSS, leveraging modern web development frameworks for performance and responsiveness. It integrates multiple analytics and marketing tools such as Google Analytics, Hotjar, Facebook Pixel, and Adform for tracking and retargeting, combined with a robust cookie consent mechanism via Cookiebot. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS and CAPTCHA on forms, but lacks visible security headers and published security policies or incident response information. No vulnerability disclosure or security.txt files are found. The absence of WHOIS data limits domain legitimacy assessment, but the professional site content and contact details support a trustworthy business profile. Overall, Quantcom presents a solid business and technical profile with room for improvement in security transparency and domain registration clarity. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain registration details to strengthen trust and compliance.

N

Nadace Jedličkova ústavu

kolobezkaden.cz

43

Koloběžka DEN is a Czech family-oriented sports event organized by the non-profit Nadace Jedličkova ústavu. The website serves as an informational and promotional platform for the annual event held in Prague, featuring race details, schedules, galleries, and partner information. The event targets families and sports enthusiasts, emphasizing community engagement and local participation. The site is well-branded and supported by multiple reputable partners, enhancing its credibility. Technically, the website is built on WordPress with a modern but somewhat dated tech stack including Bootstrap 3 and jQuery. It uses common plugins for mobile navigation, image lightboxes, and slideshows. The site is hosted likely by WEDOS, a Czech hosting provider, and uses HTTPS with a good SSL configuration. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. From a security perspective, the site has HTTPS enabled but lacks important security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present. Google Analytics and Tag Manager are used for tracking without visible consent mechanisms, indicating privacy compliance gaps. No forms are present on the homepage, reducing attack surface but also limiting direct data collection. Overall, the website is functional and trustworthy for its purpose but should improve privacy compliance and security best practices to enhance user trust and regulatory adherence.

F

FYZIOMEDIS s. r. o.

fyziomedis.cz

45

FYZIOMEDIS s. r. o. is a healthcare service provider based in Ostrava Poruba, Czech Republic, specializing in rehabilitation, physiotherapy, and neurology. The company offers comprehensive care including post-operative and post-injury treatment, urological and gynecological physiotherapy, neurological examinations, neurosonography, and infusion day care. Their target audience primarily consists of patients seeking specialized medical rehabilitation and neurological services locally. The website presents a professional and consistent brand image with clear contact information and social media presence, supporting their market position as a local specialized healthcare provider. Technically, the website employs modern web technologies such as Bootstrap and jQuery, with Google Analytics for visitor tracking and a cookie consent mechanism indicating awareness of privacy regulations. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, the absence of a CMS or hosting provider information limits deeper infrastructure insights. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, but lacks visible security headers and a published privacy policy or security incident response information. The WHOIS data for the domain is unavailable, which reduces transparency and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and privacy documentation are recommended. Overall, FYZIOMEDIS presents a credible and professional online presence suitable for its healthcare services, but should enhance transparency and security compliance to strengthen trust and regulatory adherence.

I

I love Hummus, s.r.o

ilovehummus.cz

53

I love Hummus, s.r.o is a Czech-based small enterprise specializing in the production and distribution of natural chickpea-sesame spreads (hummus) and related food products. Established in 2011, the company has developed a strong local market presence with over 600 retail outlets and partnerships with major chains such as Tesco and Makro. The business emphasizes natural ingredients, vegan and gluten-free products, and has expanded its portfolio under the Beavia brand to include fermented foods. Technically, the website employs modern web technologies including Bootstrap, jQuery, and tracking tools like Google Analytics and Adform, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced, but lacks some security headers and visible privacy compliance mechanisms. The absence of WHOIS data reduces domain trustworthiness, though the website content and business information appear professional and credible. Overall, the site is well-designed and functional but would benefit from enhanced privacy and security disclosures.