Security Directory

S

Stadt Wuppertal

wuppertal.de

63

The website www.wuppertal.de serves as the official digital presence of the city government of Wuppertal, Germany. It provides comprehensive information and services related to citizen services, culture, education, economy, tourism, politics, and administration. The site targets residents, tourists, businesses, and cultural enthusiasts, positioning itself as a central hub for municipal information and interaction. The business model is that of a public sector entity delivering government services and information digitally. Technically, the website is built on the Sitepark CMS platform, leveraging modern web technologies including responsive design, SVG icons, and privacy-focused analytics via Matomo. Hosting and DNS are managed through Cloudflare, ensuring performance and security benefits. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and employs DNSSEC, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and minimal user tracking. However, explicit security policies and incident response contacts are not prominently available, which could be improved. Overall, the website reflects a mature digital infrastructure appropriate for a large municipal government entity. It balances user experience, privacy, and security effectively, supporting its role as a trusted source of official information and services.

I

InPost sp. z o.o.

inpost.pl

71

InPost sp. z o.o. operates a comprehensive parcel delivery and logistics platform primarily serving individual customers and businesses in Poland. The company is a market leader in parcel lockers (Paczkomat®) and courier services, offering a wide range of shipping options including international shipments and fulfillment services. The website reflects a mature digital presence with a professional design, clear navigation, and mobile optimization. Technically, the site uses Drupal CMS, integrates Google Tag Manager and Didomi for consent management, and employs modern JavaScript frameworks. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data confirms domain legitimacy and long-term operation since 2006. Overall, the website is trustworthy, compliant with GDPR, and provides a positive user experience.

U

Réducteur de lien / Minimiseur d'URL [Raccourcir un lien]

urlz.fr

9

URLz.fr is a French-language URL shortening service established in 2011, providing users with a free tool to reduce long URLs for easier sharing on social media platforms. The website monetizes through multiple advertising networks and integrates a consent management platform to comply with GDPR requirements. The technical infrastructure includes Cloudflare DNS, OVH hosting, and various third-party ad and tracking scripts, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and CAPTCHA protections, but lacks explicit security headers and formal security policies. Privacy compliance is basic, with no dedicated privacy or terms of service pages found. Overall, the site is functional and moderately trustworthy but would benefit from enhanced transparency and security hardening.

P

Pulsor Agency

pulsor.agency

58

Pulsor Agency is a specialized digital agency focused on creating world-class, data-driven landing pages tailored for unique projects. The website presents a professional and modern design, emphasizing high perceived value and client testimonials to establish credibility. The agency targets businesses or individuals seeking premium landing page solutions, positioning itself as a premium service provider in the technology sector. Technically, the site leverages Webflow CMS, GSAP animations, and Swiper.js for interactive content, hosted likely on Webflow's infrastructure, delivering fast performance and good mobile optimization. Security posture is moderate; HTTPS is implied but no explicit security headers were detected, and no privacy or cookie policies are present, which is a compliance gap. The WHOIS data is unavailable or malformed, limiting domain trust analysis and reducing overall legitimacy score. Tracking is implemented via Humblytics, but no consent mechanism is evident. Overall, the site is professional and functional but would benefit from enhanced transparency and security practices.

This website is a Cloudflare Access login portal for NerdWallet's staging environment, designed to provide secure authentication for authorized users via Okta SSO. The page itself contains minimal content, primarily focused on user login and identity verification, with no public-facing business information or marketing content. The technical infrastructure leverages Cloudflare's security platform and Okta's identity management, indicating a mature approach to access control and user authentication. However, the lack of publicly accessible content, privacy policies, or contact information limits the ability to fully assess the business or compliance posture from this page alone. Security is strong due to enforced HTTPS and integration with trusted identity providers, but the page is effectively blocked to unauthorized users, restricting content visibility and SEO benefits.

V

Visicod

visicod.com

60

Visicod is a French digital communication agency specializing in bespoke website creation, SEO and SEA services, and personalized client support. Established since 2008, it serves artisans, small and medium enterprises across France with a focus on clear, effective digital solutions. The website demonstrates a professional and modern digital presence with strong client testimonials and transparent service offerings. Technically, the site uses modern web technologies, includes cookie consent mechanisms, and integrates Google Analytics for performance tracking. Security posture is good with HTTPS and privacy compliance, though some security headers could be improved. WHOIS data is unavailable, likely due to privacy protection or recent registration, but the website content and structure indicate a legitimate and trustworthy business. Overall, Visicod presents a credible and professional digital agency profile with room for minor technical security enhancements.

P

Pilsner Urquell

pilsner-urquell.cz

46

Pilsner Urquell is a historic and well-established beer brand originating from the Czech Republic, with a founding year of 1842. The website serves as a marketing and informational platform targeting adult consumers, enforcing strict age verification to comply with legal requirements for alcohol promotion. The brand maintains a consistent and professional online presence with clear branding and user engagement features such as cookie consent and analytics tracking. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and Facebook Pixel, ensuring effective marketing and user behavior analysis. The website is secured with HTTPS and includes mechanisms to protect underage users from accessing restricted content. However, the absence of WHOIS data and lack of explicit security and incident response policies represent gaps in transparency and security posture. Overall, the site is professionally designed and functional, but could improve in areas of security documentation and contact availability.

The website carsat-sudest.fr is a regional portal for CNAV, the French national social security organization responsible for retirement insurance for salaried workers. The domain is legitimately registered to CNAV since 2010, reflecting a well-established government entity. However, the website content is currently inaccessible, presenting only a 400 Bad Request error page citing an 'Unknown locale' issue. This prevents any meaningful user interaction or access to services. The site lacks privacy, cookie, or terms of service policies, and no contact information or external links are present in the provided HTML content. Technically, the site uses basic HTML, CSS, and JavaScript but shows no evidence of modern frameworks, CMS, or security headers. The meta robots tag forbids indexing, further limiting visibility.

W

WEBHOUSE, s.r.o.

brandyszamek.cz

47

Zámek Brandýs nad Labem is a cultural heritage site and tourist attraction located in the Czech Republic, showcasing Renaissance architecture and historical significance related to the Habsburg dynasty. The website serves as an informational and promotional platform offering details on tours, events, weddings, and ticketing. The business operates primarily in the hospitality and government sectors, targeting tourists and visitors interested in history and culture. The domain is well-established since 2008, supporting the site's credibility. Technically, the website uses a CMS platform called Vismo, with standard web technologies including HTML5, CSS, and JavaScript. It incorporates Google Translate for multilingual support but lacks advanced performance optimizations and accessibility features. The site is moderately optimized for mobile devices and SEO, with a clear navigation structure and good content quality. From a security perspective, the site uses HTTPS (implied by canonical URLs), but no explicit security headers were detected. There are no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies exist but are basic and lack active consent mechanisms. Contact information is comprehensive, enhancing trustworthiness. No incident response or security policy pages were found. Overall, the website is safe, professional, and trustworthy, with a moderate security posture and good business credibility. Recommendations include enhancing security headers, implementing cookie consent, and improving privacy disclosures to align with best practices and GDPR compliance.

NOVA Performance Paragliders is a well-established manufacturer specializing in innovative performance paragliders since 1989. The company holds a strong market position in the transportation and outdoor sports manufacturing sector, offering a wide range of certified paragliding equipment including gliders, harnesses, parachutes, and accessories. Their website reflects a professional and consistent brand image with comprehensive product information and certifications, targeting paragliding enthusiasts and pilots globally. Technically, the website is built on TYPO3 CMS with modern frontend technologies such as JavaScript and SVG graphics. It demonstrates good mobile optimization, SEO practices, and a cookie consent mechanism, indicating a mature digital presence. However, some security best practices like HTTP security headers and explicit incident response contacts are not evident. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks visible security headers and detailed security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is privacy protected, which is common and justified for this business type, though it limits transparency. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR. The risk level is low, but improvements in security headers and incident response transparency are recommended to enhance security posture and trust further.

Deník N operates as a reputable Czech news media outlet providing fast and reliable news updates across various categories including politics, economy, culture, and sports. The website demonstrates a solid market position within the Czech Republic's media landscape, targeting a general audience interested in current affairs. Technically, the site leverages modern web technologies such as React and integrates privacy and advertising SDKs to manage user consent and deliver personalized content. The presence of HTTPS and security headers indicates a good security posture, although explicit security policies and incident response contacts are not publicly available. Privacy compliance is partially addressed through a cookie consent mechanism, but the absence of a clear privacy policy and terms of service reduces overall compliance confidence. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in privacy transparency and security documentation.

M

Mega Fitness

mega-fitness.eu

54

Mega Fitness is a small fitness club located in Prague, Czech Republic, offering personal training, nutrition planning, and body diagnostics. The business operates in a local market with a family-friendly atmosphere and provides a fully equipped gym facility. The website is built on the Squarespace platform, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance documentation. Contact information is clearly presented, supporting business credibility. Overall, the website reflects a legitimate and professional small business with room for improvement in privacy and security practices.

W

wowyup

wowyup.agency

45

The website wowyup.agency represents a small digital agency offering services such as digital marketing, product photography, and web presentations. The site is minimalistic with limited content and lacks detailed business or contact information, which constrains its market positioning and trust signals. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, jQuery, Bootstrap, and some animation libraries like Velocity.js and PhotoSwipe for galleries. However, the site lacks advanced SEO, accessibility, and performance optimizations. Security posture is weak due to absence of visible security headers and no evidence of HTTPS enforcement from the provided data. Privacy and cookie policies are missing, and no contact or incident response information is available, which impacts compliance and user trust. WHOIS data is privacy protected by Identity Digital, which is common for small agencies but limits transparency. Overall, the site is functional but basic, with room for significant improvements in security, compliance, and business credibility.

G

Groupe JVS

groupe-jvs.fr

48

Groupe JVS is a French software publishing group specializing in IT solutions for public sector organizations, particularly local and territorial collectivities. With over 40 years of experience, the group operates through five subsidiaries offering tailored software and digital services to facilitate the digital transformation of public services. Their market position is solid within the French public sector, supported by a network of 14 regional agencies and a portfolio of innovative solutions aimed at improving citizen engagement and administrative efficiency. Technically, the website is built on Drupal CMS and integrates modern analytics and marketing tools such as Matomo and HubSpot. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some improvements in accessibility and security headers could be made. The presence of cookie consent mechanisms and a comprehensive privacy policy indicates a mature approach to privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a notable concern, reducing the overall trust score despite the professional appearance and business legitimacy of the site. Overall, Groupe JVS presents a professional and credible digital presence with room for improvement in security transparency and WHOIS data availability. Strategic recommendations include enhancing security headers, publishing a security policy, and monitoring domain registration details to ensure ongoing trustworthiness.

M

MerchantPro

merchantpro.com

66

MerchantPro is a SaaS eCommerce platform provider offering a comprehensive suite of tools for merchants to create, manage, and grow online shops and marketplaces. With over 15 years of experience and more than 5000 merchants worldwide, the company positions itself as a stable and scalable solution for businesses of all sizes. The website reflects a professional and modern digital presence, emphasizing performance, security, and customer support. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and LinkedIn Insight for analytics and marketing, with responsive design and good SEO practices. Security posture is solid with HTTPS and secure cookie settings, though explicit security headers and incident response information are lacking. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trustworthiness. Privacy and cookie policies are comprehensive and GDPR compliant, but no direct company contact emails or phone numbers are provided, relying instead on contact forms and social media channels.

L

LadyGeekGeek Web Design

ladygeekgeek.com

34

LadyGeekGeek Web Design is a small freelance web design business based in Holywood and Belfast, Northern Ireland, specializing in bespoke, accessible, and responsive WordPress websites. The company has a strong market position serving local and international clients, including notable organizations such as Queen's University Belfast and Belfast Film Festival. The website showcases a professional portfolio and detailed service offerings, emphasizing user experience and content strategy. Technically, the site is built on WordPress, hosted by BigWetFish, and optimized for performance, mobile responsiveness, and accessibility. Security posture is good with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and security headers are missing. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

L

L'aéronef

aeronef.fr

59

L'aéronef is a non-profit cultural association based in Lille, France, specializing in organizing concerts and music-related cultural projects. Established in 2016, it holds a reputable position in the regional cultural scene, supported by partnerships with governmental and cultural institutions. The website serves as a platform for event promotion and ticketing, targeting a general audience interested in music and culture. Technically, the site is built on Drupal 11, employs Matomo for analytics, and uses modern web technologies ensuring good performance and mobile optimization. Security posture is solid with HTTPS and token-based ticketing, though explicit security policies and cookie consent mechanisms are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security transparency and privacy mechanisms are recommended.

T

TPF Consultores

tpf.pt

51

TPF Consultores is a well-established Portuguese consulting company specializing in project design and supervision, primarily in the energy and transportation sectors. With over 45 years of experience and a significant workforce, the company positions itself as a leader in infrastructure consulting and project management. Their website reflects a professional and consistent brand image, targeting business and public sector clients internationally. Technically, the website employs modern web technologies and tracking tools, including Google Analytics and reCAPTCHA, indicating a moderate level of digital maturity. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policies and some recommended security headers, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the business claims, supporting the site's legitimacy. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and improving contact information visibility to strengthen trust and compliance.

Libuše Dlabola Pražáková is an artist based in Semily, Czech Republic, showcasing her paintings and art cycles through a professionally designed portfolio website. The site targets art enthusiasts and potential collectors, providing a clear presentation of her work and contact details for inquiries. The business model is focused on promotion and potential sales of artwork, with a niche local/regional market position. Technically, the website uses Materialize CSS framework, Google Fonts, and Material Icons, delivering a responsive and visually appealing experience. The site performs moderately well with good mobile optimization and basic accessibility features. However, there is no detected CMS or hosting provider information, and no advanced technical frameworks are used. From a security perspective, the site lacks important security headers and privacy-related policies, which lowers its security posture. The absence of WHOIS data for the domain is a concern, reducing trustworthiness despite the legitimate content and contact information. No forms or tracking scripts are present, minimizing data collection risks but also indicating limited user engagement features. Overall, the website is a good quality artist portfolio with moderate technical maturity and low security compliance. Strategic improvements in security headers, privacy policies, and domain registration transparency are recommended to enhance trust and compliance.

S

Sharp Type

sharptype.co

67

Sharp Type is a specialized global digital type foundry offering custom and retail typefaces for various design applications including print, digital, and environmental design. The company targets designers, brands, and publications seeking high-quality and multiscript font solutions. The website demonstrates a mature technical infrastructure built on modern frameworks such as Next.js and React, hosted on Vercel, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security and incident response policies are not published. Privacy compliance is well addressed with clear privacy and cookie policies including consent mechanisms. Overall, the website presents a professional and trustworthy digital presence with a high level of content quality and user experience.

K

KOMETA

kometa.xyz

64

KOMETA is an independent type design studio specializing in progressive retail and custom typefaces. Founded in 2022, the company operates a professionally designed website showcasing their retail font collections and bespoke typography services. The target audience includes designers, studios, and brands seeking unique and expressive fonts. The business model focuses on retail font sales and custom typography projects, positioning KOMETA as a niche player in the type foundry market. Technically, the website is built using modern frameworks such as Nuxt.js and is hosted via Cloudflare, ensuring good performance and mobile optimization. Security posture is adequate with HTTPS enabled and domain registrar protections, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in privacy and security transparency.

C

Cargo

cargocollective.com

61

Cargo is a technology company operating a site builder platform tailored for designers and artists. The platform focuses on enabling creatives to showcase their work and connect with potential clients and peers. The business operates in a niche market segment with a clear target audience and offers key services including site building tools, templates, and a community network. The website is professionally designed with good content relevance and user experience, although it lacks explicit privacy and cookie policies. Technically, the site uses modern JavaScript frameworks, including React, and is hosted on Amazon AWS infrastructure. Analytics and advertising tools such as Google Tag Manager and Reddit Ads Pixel are integrated, indicating moderate user tracking. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks DNSSEC and security headers. Overall, the site is legitimate and functional but could improve compliance and security transparency.

Z

Zlatá Firma

zlatafirma.eu

58

Zlatá Firma is a Slovak business award platform recognizing top-rated companies based on customer reviews aggregated from reliable sources such as Google Maps and Facebook. The platform promotes these companies by listing them and allowing them to use the Zlatá Firma logo and marketing packages. The website is professionally designed, mobile-optimized, and provides clear navigation and content relevant to its target audience of Slovak businesses and customers. Technically, the site uses modern JavaScript and Google Tag Manager for analytics and marketing, with HTTPS enforced ensuring secure communications. However, it lacks some security headers and cookie consent mechanisms, which are recommended for enhanced privacy compliance. The WHOIS data is privacy protected by EURid, which is typical for EU domains, and no suspicious patterns were detected, supporting the legitimacy of the domain. Overall, the site presents a moderate to good security posture with room for improvement in privacy and security best practices.

A

ara shoes

ara-shoes.sk

49

ara shoes operates an official e-commerce platform specializing in premium women's footwear and accessories in the Czech Republic. The website showcases a well-structured product catalog with clear branding and a focus on quality and customer convenience, including free shipping and in-store pickup options. Technically, the site is built on PrestaShop with modern frontend technologies and includes structured data for SEO benefits. Security measures include HTTPS and Google reCAPTCHA integration, although some security headers are missing. Privacy compliance is addressed through a cookie consent banner and a basic cookie policy page. However, the absence of WHOIS data and explicit contact information limits full trust assessment. Overall, the site presents a professional and functional online retail experience with moderate technical and security maturity.

L

Lee Cooper

leecooper.com

64

Lee Cooper is a historic British denim brand with a legacy dating back to 1908. The website presents the brand's heritage and identity but is hosted on the Wix platform with minimal content and lacks critical business and security information. The technical infrastructure relies on Wix's CMS and standard web technologies but includes suspicious external scripts from unknown domains, raising potential security concerns. The absence of WHOIS registration data for the domain www.leecooper.com is a significant red flag, suggesting possible domain registration issues or privacy obfuscation. Security posture is basic with no advanced headers or policies detected, and privacy compliance is lacking due to missing privacy and cookie policies. Overall, the site appears functional for brand marketing but requires improvements in security, compliance, and legitimacy transparency.

C

CAPRICE

capriceshoes.com

63

CAPRICE is an established international footwear retail brand operating an e-commerce platform targeting primarily women and men interested in fashionable shoes and accessories. The website is built on a modern e-commerce platform (Salesforce Commerce Cloud) and supports multiple country and language versions, indicating a mature digital presence. The site offers a wide range of products including seasonal collections and innovative footwear technologies. Technically, the site uses modern JavaScript libraries, tag management, and A/B testing tools, providing a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and domain registration protections, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is basic with a cookie consent banner but lacks visible privacy and terms of service pages. Overall, the site is professional and trustworthy with moderate tracking and analytics in place.

T

Tamaris

tamaris.com

61

Tamaris.com is the official online shop for the Tamaris brand, specializing in women's shoes, handbags, and jewellery. The website targets fashion-conscious women primarily in Finland and other European markets. It operates on a mature e-commerce platform (Salesforce Commerce Cloud) with a comprehensive product catalog and user-friendly navigation. The site integrates multiple marketing and analytics tools to enhance customer engagement and conversion. Security measures such as HTTPS, clientTransferProhibited domain status, and cookie consent mechanisms are in place, though DNSSEC is not enabled, representing a minor security gap. The domain's WHOIS data confirms a long-standing and legitimate presence since 1999, reinforcing trust in the brand.

S

Sempleo Corporate

sempleo.com

67

Sempleo Corporate is a French web agency specializing in affordable turnkey website creation services primarily targeting small municipalities, associations, and small businesses. Founded in 1995, the company offers subscription-based web packages starting at 15€/month, emphasizing simplicity, all-inclusive support, and French-based solutions. The website is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses modern web technologies including Bootstrap, Firebase, and Matomo analytics, with a strong focus on privacy compliance through explicit cookie consent mechanisms. Security posture is solid with HTTPS and secure forms, though lacking explicit security policies or incident response contacts. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the overall business content and trust indicators suggest a legitimate operation. Strategic recommendations include enhancing security headers, publishing incident response information, and improving domain registration transparency.

D

Danscentrum Sverige

danscentrum.se

7

Danscentrum Sverige is a specialized expert organization focused on the professional dance sector in Sweden. The organization engages in national and international projects, collaborations, and networks to improve working conditions, infrastructure, and understanding of the art form. The website is built on the Wix platform, utilizing Wix's Thunderbolt framework and standard polyfills for compatibility. The technical infrastructure is moderate in performance and mobile optimization, but lacks advanced SEO and accessibility features. Security posture is weak due to missing security headers, absence of privacy and cookie policies, and no visible contact information for security incidents. The domain WHOIS data is unavailable, which raises concerns about domain registration legitimacy. Overall, the website presents professional content but requires improvements in security, privacy compliance, and business credibility to enhance trust and compliance.

The website etreassociazione.it is currently inaccessible beyond a security challenge page that performs browser integrity checks and automatic redirects. The domain is registered since 2009 with DNSSEC enabled, indicating a legitimate registration. However, the website content is minimal and outdated, referencing legacy CMS versions Joomla 1.5 and WordPress 2.5, which are known to have multiple security vulnerabilities. No business, contact, or policy information is visible, limiting the ability to assess the company's operations or compliance posture. The presence of a BitNinja.IO security check suggests some level of protection against attacks, but the lack of updated software and visible policies is a concern. Overall, the website's technical infrastructure appears dated and the user experience is poor due to the blocking mechanism.

P

Performing Arts Forum

performingartsforum.ie

38

Performing Arts Forum is a well-established non-profit organization dedicated to strengthening and advocating for the performing arts community in Ireland. With a history dating back to the late 1990s, it serves over 300 members including theatre, dance, opera production companies, venues, festivals, and individual artists. The organization offers a comprehensive range of services including advocacy, resource provision, job and opportunity listings, networking events, and a Green Arts initiative focused on sustainability. The website reflects a professional and consistent brand image, targeting performing arts professionals and organizations in Ireland.

N

Nedeo : sondages d'anime et jeux vidéo

nedeo.fr

48

Nedeo.fr is a French niche website dedicated to community polls and rankings focused on anime and video games. It offers users the ability to vote and debate on popular characters and topics within these entertainment sectors. The site targets fans of anime and gaming, providing real-time updated rankings and interactive content. Technically, the site uses modern web technologies including HTML5, CSS3, JavaScript, Ionicons, Swiper.js, and the Bulma CSS framework, with backend indications of Laravel Livewire usage. Hosting is provided by o2switch, a French hosting provider, and the site is served over HTTPS with basic security measures such as CSRF tokens and reCAPTCHA integration. However, the site lacks explicit privacy and cookie policies, contact information, and security headers, which are important for GDPR compliance and user trust. The WHOIS data shows the domain is registered since 2018 with a reputable registrar and consistent hosting, indicating legitimacy. Overall, the site is functional and well-designed for its niche but would benefit from enhanced privacy, security, and compliance features.

S

SUEZ

suez.fr

63

SUEZ is a well-established enterprise operating in France, specializing in water and waste management services with a focus on circular economy solutions. The website presents a professional and consistent brand image, targeting clients in France seeking resilient and innovative environmental services. The company appears to have a strong market position within the energy and environmental sectors. Technically, the website uses modern web standards with good mobile optimization and SEO practices, though some accessibility features could be improved. Security posture is moderate, with no explicit security headers or policies detected, and the absence of WHOIS data slightly reduces trustworthiness. Privacy compliance indicators such as privacy and cookie policies are not evident, which is a gap for GDPR compliance. Overall, the site is safe and suitable for a general audience, with no adult or questionable content detected.

I

Imago Numeris

imago-numeris.fr

56

Imago Numeris is a small French technology company specializing in website conception, realization, and SEO referencing services primarily targeted at municipalities and local communes. Established since 2005, the company emphasizes accessibility and multi-device compatibility in its offerings, aiming to provide tailored web solutions that meet the evolving needs of internet users across various devices. The website content reflects a professional and consistent branding approach with clear business information such as the SIRET registration number, enhancing credibility. Technically, the website employs standard web technologies including HTML5, CSS, JavaScript, and Bootstrap framework for responsive design. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation. However, there is no evidence of advanced CMS usage or modern hosting details. Performance is moderate with basic SEO and accessibility features implemented. From a security perspective, the site lacks visible HTTPS/SSL confirmation and security headers, which lowers its security posture. No privacy or cookie policies are present, and no incident response or security contact information is provided. The absence of WHOIS data limits domain trust verification, although the displayed business registration details support legitimacy. No tracking or analytics scripts were detected, indicating minimal user data collection. Overall, the website is functional and professional but requires improvements in security best practices, privacy compliance, and transparency to enhance trustworthiness and regulatory adherence.

C

Citopia

citopia.fr

52

Citopia is a French company specializing in digital solutions tailored for local governments and municipalities, focusing on citizen relationship management and digital transformation. The company offers a suite of products including citizen request management, communication tools, portals, mobile applications, and appointment management, positioning itself as a niche provider within the government technology sector. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience. Technically, the website is built on Drupal CMS, uses Matomo for analytics, and integrates a cookie consent management platform (tarteaucitron.io). The site demonstrates good technical implementation with modern web standards, responsive design, and SEO optimization. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and uses consent mechanisms for cookies, but lacks explicit security headers and dedicated security or incident response policies. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data is privacy-protected, which is common and justified for this business type. Overall, the security posture is good but could be improved with additional headers and documented policies. The overall risk assessment is low, with a trustworthy and professional online presence. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

The website centrefrance.com is currently inaccessible due to a Cloudflare security challenge page requiring human verification via Turnstile captcha. This prevents access to any substantive content, metadata, or business information. The domain is registered with OVH sas since 1997, indicating a mature and legitimate domain. However, no business details, contact information, or policies are accessible for analysis. The technical infrastructure includes Cloudflare WAF protection, which is a positive security measure but limits content visibility. Due to the blocked content, a full security and compliance assessment cannot be performed, resulting in a low overall AI score.

P

Phishen Impossible Initiative

phishen-impossible.at

52

Phishen Impossible is a well-established Austrian initiative focused on educating the public about phishing and cybercrime prevention. Supported by government entities such as the Austrian Federal Ministry of the Interior and major corporations like Österreichische Post and A1 Telekom Austria, it provides comprehensive educational content including videos, phishing rules, news updates, quizzes, and contact resources. The website is professionally designed, mobile-optimized, and offers clear navigation in German, targeting a broad audience of internet users in Austria. Technically, the site uses modern web technologies including jQuery and Matomo analytics, hosted on PSA Services infrastructure. Security posture is strong with HTTPS enforced and a cookie consent mechanism in place, although explicit security headers and incident response contacts are not present. Privacy compliance is well addressed with a detailed privacy policy and cookie management. Overall, the site is trustworthy, safe, and serves as a valuable resource for phishing awareness.

I

Iron Velvet

ironvelvet.studio

57

Iron Velvet is a small multidisciplinary digital studio focused on crafting innovative digital experiences. The website presents a professional and modern design using the Astro framework, targeting businesses seeking creative digital services. The content is relevant and well-structured, though limited in explicit business details such as company founding year or location. Technically, the site uses modern technologies and is mobile optimized with moderate performance. Security posture is basic with HTTPS implied but lacks explicit security headers and policies. Privacy and cookie policies are absent, and no direct contact emails or phone numbers are provided, only a contact form. WHOIS data is incomplete and malformed, reducing domain trustworthiness, but the website content itself appears legitimate and professional.

N

NH Hotels & Resorts

nh-hotels.net

76

NH Hotels & Resorts operates a large international hotel chain with over 350 properties across 36 countries, targeting leisure and business travelers. The website serves as a comprehensive online booking platform offering hotel reservations, loyalty programs, and travel inspiration. The brand is part of the Minor Hotels group, indicating a strong market position in the hospitality sector. Technically, the website employs modern web technologies including Google reCAPTCHA, Akamai service workers, and third-party analytics tools, ensuring a performant and secure user experience. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not published. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. The absence of WHOIS data is a concern but likely due to privacy protection; however, the website's professional presentation and affiliation with a known hotel group support its legitimacy. Overall, the site demonstrates a mature digital presence with good security and privacy practices, suitable for its enterprise hospitality business model.

F

Fort Wayne Zoo

fwzoo.com

56

Fort Wayne Zoo is a well-established regional zoo located in Indiana, positioning itself as a leading summer family attraction. The website reflects a professional and engaging platform offering detailed information on admissions, events, memberships, education, and conservation efforts. The zoo targets families and local visitors with a focus on animal education and community engagement. Technically, the site is built on WordPress with modern marketing and analytics integrations, including Google Tag Manager, Facebook Pixel, and TikTok Pixel, indicating a mature digital marketing strategy. Security posture is solid with HTTPS and reCAPTCHA usage, though improvements are recommended in DNS security and HTTP security headers. Privacy compliance is basic, with privacy and terms policies present but lacking cookie consent mechanisms. Overall, the site is trustworthy, well-branded, and provides a positive user experience.

C

Chances for Nature

chancesfornature.org

49

Chances for Nature is a small non-profit organization established in 2011, dedicated to supporting people and protecting nature through environmental and social initiatives. The website is built on WordPress using the Divi theme, reflecting a moderate level of digital maturity with good design and mobile optimization. The technical infrastructure is standard for a non-profit, with HTTPS enabled and basic cookie consent mechanisms in place. However, there is room for improvement in security practices, such as enabling DNSSEC and implementing security headers. The absence of explicit privacy policies, terms of service, and contact information reduces transparency and may affect user trust. Overall, the website is functional and professional but would benefit from enhanced compliance and security documentation.

F

Fort Wayne Zoo

kidszoo.org

56

Fort Wayne Zoo is a well-established non-profit zoo attraction located in Indiana, positioning itself as a top summer destination for families and children. The website offers comprehensive information about zoo admissions, memberships, events, educational programs, and volunteer opportunities, reflecting a strong community and family-oriented business model. The organization leverages partnerships for ticketing and seasonal events to enhance visitor engagement. Technically, the website is built on WordPress with a modern tech stack including Google Tag Manager, TikTok and Facebook pixels, and WPBakery Page Builder, indicating a mature digital infrastructure. The site is mobile-optimized and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS and reCAPTCHA integration, though improvements are recommended in DNS security and HTTP security headers. Privacy compliance is basic, lacking explicit cookie consent mechanisms and GDPR indicators. Overall, the site is professional, trustworthy, and safe for general audiences.

The website at https://www.imuse-beziersmediterranee.fr//login.php presents extremely limited content, consisting solely of a JavaScript file inclusion and a popup script invocation. There is no visible textual content, metadata, or business information available on the page. The WHOIS lookup failed to retrieve any registration data, indicating the domain may be unregistered, privacy protected, or otherwise not publicly listed. This lack of information severely limits the ability to assess the business or technical maturity of the site. The minimal content and absence of security headers or HTTPS strongly suggest the site is either blocked by a web application firewall or is a placeholder page with no active service.

Fanatics.com is a leading enterprise-level e-commerce platform specializing in officially licensed sports apparel, fan gear, and collectibles. The website targets sports fans across major leagues such as NFL, MLB, NBA, NHL, Soccer, and College sports, offering a wide range of merchandise including jerseys, hats, and collectibles. The site demonstrates strong branding consistency and excellent content quality, positioning itself as a trusted retailer in the sports merchandise market. Technically, the website employs modern web technologies including JavaScript, CSS, and third-party analytics and tracking tools such as Pinterest and Verint SDKs. The site is mobile optimized and performs moderately well, though accessibility features are basic. Security posture is good with HTTPS enforced and error logging implemented, but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of explicit privacy and cookie policies in the analyzed content. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for large e-commerce enterprises. Overall, Fanatics.com is a professional and trustworthy sports merchandise retailer with room for improvement in privacy transparency and security best practices.

S

ShopRunner

shoprunner.com

72

ShopRunner operates as an e-commerce platform providing membership-based shopping benefits across a wide range of product categories. The website targets online shoppers seeking deals and fast shipping options. The platform leverages modern web technologies including React and JavaScript frameworks, with integration of Google Tag Manager and Facebook Pixel for analytics and marketing. The site demonstrates good design quality and user experience with clear navigation and mobile optimization. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit cookie consent mechanisms. The absence of WHOIS data reduces trust slightly but the professional branding and presence of privacy and terms policies support legitimacy. Overall, the site is functional and business credible but could improve in transparency and security best practices.

C

Celebration Tours

westbrew.com

60

Celebration Tours is a small, established tour operator specializing in escorted group motor coach tours primarily departing from the Birmingham, Alabama area. The company offers extended tours and day trips with a focus on customer safety, comfort, and enjoyable travel experiences. The website is built using GoDaddy Website Builder and hosted with Cloudflare DNS services, reflecting a moderate level of technical maturity. The site is mobile optimized and provides clear navigation and relevant content about upcoming tours for 2026. Security posture is adequate with HTTPS enabled and domain registration protections in place, but lacks advanced security headers and published security policies. Privacy compliance is limited, with no privacy policy or terms of service pages found, though a cookie consent banner is present. Contact information is minimal, limited to a phone number, with no email or physical address disclosed. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

C

Connex Marketing GmbH

connexgroup.net

55

Connex Marketing GmbH operates as a specialist provider of sales promotion, customer loyalty, and employee motivation solutions primarily targeting businesses in the German-speaking market, particularly Austria. Their offerings include voucher solutions, promotion systems, loyalty programs, and data generation services. The company maintains a professional online presence with consistent branding and clear navigation, supported by social media channels and integrated marketing tools. Technically, the website employs modern web technologies such as Bootstrap, Google Tag Manager, and Cookiebot for consent management, ensuring a moderate to good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS registration data raises concerns about domain legitimacy, but the website content and business information appear credible and professional. Overall, the site is safe for general audiences and compliant with GDPR requirements through detailed cookie consent mechanisms.

C

card complete Service Bank AG

cardcomplete.at

66

card complete Service Bank AG is a leading Austrian financial services provider specializing in credit and prepaid card solutions for private and corporate customers. The company offers a comprehensive suite of payment products including card issuance, acceptance devices, and processing systems, positioning itself as a full-service payment solutions provider in Austria. The website reflects a mature digital presence with clear branding, extensive customer support options, and a focus on secure and convenient payment management through their complete Control app and customer portal. Technically, the website employs modern JavaScript libraries and integrates third-party services such as Google Tag Manager and Cookiebot for analytics and consent management. The site is mobile-optimized, accessible, and uses HTTPS to secure communications. However, explicit security headers are not evident in the HTML, and no public security policy or vulnerability disclosure program is found, indicating areas for security maturity improvement. From a security posture perspective, the site demonstrates good practices including secure login portals and cookie consent mechanisms, but lacks published incident response contacts and security certifications. The absence of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the professional presentation and business information consistency. Overall, card complete presents a trustworthy and professional online presence suitable for its financial services market, with recommendations to enhance security headers, publish security policies, and improve WHOIS transparency to further strengthen trust and compliance.

L

Lidl Polska

lidl.pl

57

Lidl Polska operates as a major retail supermarket chain in Poland, offering daily deals and a broad product range to general consumers. The website reflects a professional retail business with consistent branding and a focus on customer engagement through promotions and online shopping capabilities. Technically, the site employs modern JavaScript libraries, including YouTube iframe API for media content, OneTrust for cookie consent management, and Kameleoon for A/B testing, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and cookie consent mechanisms, but lacks visible advanced security headers or a published security policy, suggesting room for improvement in security transparency and incident response readiness. Overall, the domain and website align with a reputable enterprise retail brand, with no signs of blocking or WAF interference, supporting a high legitimacy score and a moderate to good security posture.

Z

Ziaja

ziaja.pl

66

Ziaja.com is the official online store for Ziaja, a Polish skincare and cosmetics brand established in 2000. The website serves as an e-commerce platform targeting general consumers interested in skincare products. The site is built using modern web technologies including Vue.js and Vue Storefront, hosted by OVH sas, a reputable hosting provider. The technical infrastructure reflects a moderate level of digital maturity with good mobile optimization and user experience. However, the site lacks visible privacy and cookie policies, and no explicit security headers were detected, indicating room for improvement in security posture. The domain registration data is consistent with the business's claimed history, enhancing trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security measures.