Security Directory

A

Asya Nasirli / Uppergrounds

uppergrounds.com

58

Uppergrounds.com is a professional graphic design portfolio website representing Asya Nasirli, a multidisciplinary creative specializing in branding, art direction, and storytelling. The site showcases a curated portfolio of design projects and targets clients seeking creative services. The business operates as a small independent entity with a focus on visual presence and creative storytelling. Technically, the website is built on the Readymag platform, utilizing modern web technologies including HTML5, CSS3, JavaScript, and HLS.js for video playback. The site is mobile-optimized and includes embedded videos and images with a clean, professional design. Security-wise, the website uses HTTPS but lacks advanced security headers and DNSSEC, indicating room for improvement. Privacy compliance is minimal, with no visible privacy or cookie policies, which could pose regulatory risks. Overall, the site is safe, trustworthy, and professionally presented but would benefit from enhanced security and compliance measures.

N

Nadační fond Eduzměna

eduzmena.cz

42

Eduzměna is a Czech non-profit endowment fund dedicated to systemic education reform, focusing on regional pilot projects to improve school support and teaching quality. The organization collaborates with public institutions and private donors to create sustainable education models. The website is professionally designed, content-rich, and targets donors, educators, and public stakeholders. Technically, the site uses modern analytics and marketing tools, is mobile-optimized, and employs HTTPS, but lacks some security headers and a published privacy policy. The absence of WHOIS data reduces domain trust slightly, but the overall presentation and contact transparency support legitimacy. Recommendations include adding privacy and security policies and improving accessibility.

L

Lepor s.r.o.

fotoradosti.cz

43

FotoRadosti, operated by Lepor s.r.o., is a Czech Republic based e-commerce business specializing in digital photo printing and personalized photo gifts such as photo books, calendars, and canvases. Established in 2012, the company targets general consumers seeking quality photo printing services at competitive prices. The website is professionally designed with clear navigation and good mobile optimization, supporting multiple languages including Czech, English, and Slovak. The technical infrastructure includes modern JavaScript frameworks, Facebook SDK integration for marketing, and Sentry for error monitoring, hosted on websupport.cz servers. Security posture is solid with HTTPS enforced and no exposed sensitive data, though the absence of security headers and incident response policies indicates room for improvement. Privacy compliance is partially met with comprehensive GDPR and terms of service documents available, but lacks a cookie consent mechanism. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and stability.

V

Vlaams Audiovisueel Fonds

vaf.be

51

The Vlaams Audiovisueel Fonds (VAF) is a government-affiliated organization dedicated to supporting the professional audiovisual and games sector in Flanders, Belgium. The website clearly communicates its mission to provide financial subsidies, training, coaching, and public film culture support. It serves as a key regional institution with a strong market position in the media sector, targeting professionals and creators in audiovisual and gaming industries. The site is well-branded, consistent, and professionally designed, reflecting its official status and credibility. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and performs well, providing a positive user experience. The presence of cookie consent mechanisms and comprehensive privacy policies indicates a mature approach to privacy compliance. From a security perspective, the site uses HTTPS and has no visible vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and a published security or incident response policy, which are recommended for enhanced security posture. WHOIS data is privacy protected, which is justified given the organization's nature, but limits domain registration transparency. Overall, the VAF website is a trustworthy, professional, and well-maintained digital presence for a government-supported media fund. It effectively balances user experience, privacy compliance, and security, though it could improve by publishing security policies and implementing additional security headers.

A

Aller Service

allerservice.dk

72

Aller Service is a Danish media subscription service specializing in providing subscriptions to Allers weekly magazines and other publications in both print and digital formats. The company targets Danish-speaking magazine readers and operates under the parent company Aller Media. The website is professionally designed with a clear focus on subscription services, offering a user-friendly experience optimized for mobile devices. The technical infrastructure leverages modern web technologies including Nuxt.js, Tailwind CSS, and is hosted on Microsoft Azure, indicating a mature digital presence. Security measures such as HTTPS, security headers, and cookie consent mechanisms are implemented, reflecting a good security posture. However, the absence of a public security policy and vulnerability disclosure limits transparency. Overall, the website is trustworthy and compliant with GDPR, with no signs of malicious activity or adult content.

T

Tamda Express

tamdaexpress.eu

59

Tamda Express operates as a multilingual e-commerce platform specializing in grocery and food delivery services, primarily targeting Vietnamese-speaking customers in the Czech Republic. The website offers a broad product range including fresh, frozen, grocery, beverages, and personal care items, positioning itself as a niche regional online retailer with home delivery capabilities. The business model focuses on direct-to-consumer sales through an online storefront with multi-language support to cater to its target demographic. Technically, the website is built on the CS-Cart CMS platform, utilizing modern web technologies such as JavaScript, CSS, and HTML5. It integrates GDPR compliance tools like Klaro for cookie consent and uses Foxentry for address verification, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and does not provide explicit security policies or incident response contacts. No critical vulnerabilities or WAF protections were detected, suggesting a stable but improvable security posture. The absence of privacy and terms of service documents represents a compliance gap. Overall, Tamda Express presents a moderately professional and trustworthy online presence with room for improvement in privacy compliance and security best practices. Strategic enhancements in security headers, policy transparency, and incident response readiness would strengthen its risk posture and customer trust.

S

Outlook

seine-eure.com

5

The website at seine-eure.com presents a Microsoft Outlook Web Access (OWA) login portal, indicating it is primarily used for email access rather than as a public-facing business site. The domain is long-established, registered since 1999, but the website content lacks any business branding, descriptive content, or contact information. The site is minimalistic, focusing solely on user authentication for Outlook services. Technically, the site uses standard HTML, CSS, and JavaScript consistent with Microsoft OWA implementations, but lacks modern SEO, accessibility, and mobile optimization features. Security-wise, the site uses a POST form with autocomplete disabled, but no visible security headers or advanced protections are present in the HTML content. No privacy, cookie, or terms of service policies are found, and no contact or incident response information is provided, limiting compliance and trust indicators. Overall, the site appears to be a functional webmail login portal with limited public business information or security transparency.

D

Denník N

mnt.sk

55

Denník N operates a Slovak news media website providing fast, real-time news updates across politics, economy, culture, and sports. The platform targets a general audience interested in current affairs in Slovakia and internationally. The website uses modern web technologies including React and integrates analytics and advertising tools such as Google Tag Manager and Gemius. Security posture is strong with HTTPS and security headers implemented, though explicit privacy and terms policies are not found on the analyzed page. WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the site presents professional content with good user experience and moderate technical performance.

R

Radiostudio.be

radiostudio.be

43

Radiostudio.be is a specialized Belgian company focused on the rental and sale of radio broadcast equipment and software, including mobile studios and consultancy services. They hold exclusive partnerships with notable brands such as mAirlist and Lawo, serving a diverse client base including major broadcasters and European institutions. The website presents a professional image with good content quality and consistent branding, targeting media professionals and broadcasters primarily in Belgium. Technically, the site uses basic modern web technologies like HTML5, CSS3, JavaScript, and integrates Facebook social plugins, but lacks advanced CMS or frameworks. Mobile optimization and accessibility are basic but functional. Security posture is moderate with some best practices like HTTPS assumed but lacks critical security headers, privacy policies, and incident response information. No WAF or blocking mechanisms were detected, and the domain WHOIS data is consistent and supports legitimacy. Overall, the site is functional and credible but requires improvements in privacy compliance and security hardening.

P

Petr Staníček

pixy.cz

43

The website pixy.cz is a well-established personal and professional homepage of Petr Staníček, a seasoned web architect, UX designer, frontend developer, and author based in the Czech Republic. The site showcases his extensive experience, portfolio, publications, and personal projects, targeting potential clients and collaborators interested in web design and development services. The business model is primarily freelance and consulting, supported by a strong personal brand and a long domain history dating back to 2002. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript frameworks such as React, Redux, Vue, and Angular, and backend technologies like PHP and Nette. The site is well-structured, mobile-optimized, and uses minimal tracking via plausible.io, reflecting a privacy-conscious approach. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or forms, reducing attack vectors. However, it lacks explicit security headers, privacy and cookie policies, and incident response information, which are areas for improvement to enhance compliance and security posture. Overall, the website is professional, trustworthy, and content-rich, with a high business credibility score. The main risks relate to privacy compliance and security best practices, which if addressed, would further strengthen the site's standing and user trust.

S

SASU CIRCE CONSEILS

circe-conseils.fr

53

Circé Conseils is a small French communication studio specializing in project guidance, brand identity creation, communication strategy, and website development. The company positions itself as a boutique service provider offering personalized and impactful communication solutions to professionals and businesses. The website is built using modern technologies such as Nuxt.js and Vue.js, hosted on Netlify, and demonstrates good mobile optimization and user experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. The domain registration is consistent with the business information, indicating legitimacy. Overall, the website reflects a professional and trustworthy business with a clear market niche.

S

SOARE SEKT SLOVAKIA, s.r.o.

nassad.sk

53

SOARE SEKT SLOVAKIA, s.r.o. operates the website nassad.sk, promoting and selling traditional fruit wines under the brand 'Náš sad'. The company targets adult consumers in Slovakia, emphasizing quality and traditional production methods. The website presents a professional and consistent brand image with clear product descriptions and retail availability through major chains and online partners. Technically, the site uses modern web technologies including Google Tag Manager and Google Fonts, with good mobile optimization and SEO practices. Security measures include an age verification popup and cookie consent mechanisms, though explicit security headers and incident response contacts are absent. Privacy policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and well-maintained, suitable for its business purpose.

R

ROZBUBLAJ ZÁBAVU | ROBBY BUBBLE

robbybubble.sk

53

Robby Bubble is a Slovak-based brand specializing in non-alcoholic sparkling beverages designed for children’s parties and family celebrations. The website presents a colorful, well-structured digital presence built on modern web technologies such as Vue.js and Nuxt.js, hosted by Active24 with DNSSEC enabled, indicating a secure and reliable infrastructure. The brand emphasizes fun, fruit-flavored bubbly drinks that appeal to children and families, positioning itself as a popular choice in its regional market. However, the website lacks explicit privacy and terms of service policies, which are critical for compliance and user trust. Security practices are generally good, with HTTPS enforced and security headers present, but there is room for improvement in privacy compliance and incident response readiness.

L

Le Théâtre du Tiroir des affabulation

theatre-du-tiroir.com

60

Le Théâtre du Tiroir is a small French cultural non-profit organization specializing in theatrical performances, concerts, conferences, and community educational events. The website presents a rich schedule of events from August to December 2025, focusing on social, political, and cultural themes such as peace, human rights, and historical memory. The organization targets a broad audience interested in culture and social issues, operating primarily in the Laval region of France. Technically, the website is built on WordPress with a modern block editor, uses HTTPS, and shows good mobile optimization and content quality. However, it lacks formal privacy, cookie, and terms of service policies, which impacts compliance and trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. WHOIS data is unavailable, which reduces domain trust but the website content and presentation suggest a legitimate cultural entity. Overall, the site is functional and content-rich but could improve in privacy compliance and security best practices.

T

topalkohol.cz

topalkohol.cz

57

Topalkohol.cz is a Czech Republic-based e-commerce retailer specializing in the sale of quality alcoholic beverages including rum, whisky, bourbon, gin, vodka, brandy, and related products. The website positions itself as one of the largest online alcohol retailers in the Czech market, offering a wide product range with fast and secure delivery services. The target audience is mature consumers seeking premium alcoholic products online. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern JavaScript libraries, Google Analytics, Facebook SDK, and various advertising and tracking tools with a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and CSRF protections in place, though some security headers could be improved. The absence of WHOIS data limits domain trust assessment but the website content and business presence appear professional and credible. Overall, the site demonstrates a mature digital infrastructure suitable for its retail business model.

A

Akinu.cz

akinu.cz

57

Akinu.cz is a Czech Republic-based e-commerce retailer specializing in pet supplies and premium pet food, serving pet owners primarily in the Czech market. The website offers a broad range of products for dogs, cats, rodents, birds, and aquatic pets, supported by a loyalty program and customer support channels. The business positions itself as an experienced player with 30 years in the industry, focusing on quality and customer satisfaction. Technically, the website is built on the Shoptet e-commerce platform, utilizing a variety of modern marketing and analytics tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The site is mobile-optimized with good SEO and accessibility basics, though some technical debt is noted with the use of an outdated jQuery version. Performance is moderate, with a well-structured navigation system. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms aligned with GDPR. However, explicit security headers are not fully implemented, and some JavaScript libraries are outdated, which could pose risks. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain raises concerns about domain registration transparency and legitimacy, though the website content and business indicators suggest a legitimate operation. Overall, Akinu.cz presents a professional and trustworthy online retail presence with room for improvement in security hardening and domain registration transparency. Strategic recommendations include updating technical components, enhancing security headers, and publishing clear incident response and vulnerability disclosure policies.

L

Luberia

luberia-communication.fr

46

Luberia Communication is a small French web agency specializing in custom website and e-commerce development, domain registration, hosting, and SEO services primarily serving the Vaucluse region. The website is professionally designed using WordPress with modern technologies and SEO optimizations, targeting local businesses and individuals seeking tailored web solutions. The technical infrastructure is mature with use of popular plugins and Google Analytics for tracking. Security posture is good with HTTPS and some best practices, though some security headers and policies are missing. The absence of WHOIS data raises concerns about domain legitimacy, but the website content and branding are consistent and trustworthy. Privacy and cookie policies are not found, indicating compliance gaps. Overall, the site is functional and professional but would benefit from improved transparency and security documentation.

B

Boucles de la Mayenne - Crédit Mutuel | Course cycliste Pro Series

bouclesdelamayenne.fr

56

The website www.bouclesdelamayenne.fr represents a professional cycling event known as Boucles de la Mayenne - Crédit Mutuel, part of the UCI Pro Series calendar. It targets cycling enthusiasts and partners, offering event promotion and media broadcasting services. The site is built on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. The absence of WHOIS data from the AFNIC server raises concerns about domain registration transparency, although the website content and branding appear legitimate. Overall, the site is functional and professional but would benefit from enhanced security practices and privacy compliance to improve trust and regulatory adherence.

The website fetedujeu53.fr represents the 'Fête du Jeu 53', a cultural event organized by a collective of local associations in Laval, France. The event focuses on various types of games and community engagement, supported by municipal funding and local partners. The website provides event information, a blog, and partner details, targeting a general audience interested in gaming and cultural activities. Technically, the site is built on WordPress using modern plugins and themes, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and some security headers, but lacks advanced headers and visible incident response contacts. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration data supports the legitimacy and stability of the organization.

M

Monext

payline.com

71

Monext is a French payment solutions provider offering a comprehensive suite of services including online, in-store, and omnichannel payment processing, as well as card issuance and acquisition services. The company targets businesses across various sectors such as retail, travel, events, and mobility, positioning itself as a reliable and customer-centric partner in the European payment ecosystem. The website reflects a mature digital presence with professional design, detailed product offerings, and customer success stories that reinforce its market position. Technically, the website is built on modern frameworks like Next.js and React, leveraging Prismic CMS for content management. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although accessibility could be improved further. Performance is moderate, with efficient use of resources and lazy loading of images. From a security perspective, the site enforces HTTPS and includes several important security headers, indicating a strong baseline security posture. However, explicit security policies, incident response plans, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. Privacy compliance is well addressed with comprehensive privacy and cookie policies and a consent mechanism. Overall, the website and business appear legitimate and professional, though the absence of WHOIS data and direct contact information slightly reduce trust signals. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and providing clearer contact channels to improve user trust and compliance.

K

Roundcube Webmail :: Welcome to Roundcube Webmail

klubk4.org

49

The website mail.kersnikova.org/roundcube hosts a Roundcube Webmail client interface, providing users with web-based email access. It is a technical service platform rather than a commercial business site, targeting users who require email access for the kersnikova.org domain. The site is minimalistic, focusing solely on login functionality without additional business or marketing content. The technical infrastructure is based on well-known open-source technologies including Roundcube 1.6.6, jQuery, jQuery UI, and Bootstrap, indicating a standard modern webmail deployment. The site is mobile optimized and uses secure form practices such as CSRF tokens and autocomplete off for password fields. However, no explicit security headers or privacy policies are present in the HTML content, which limits the security posture and privacy compliance. The WHOIS data for the domain is unavailable due to a malformed query response, which reduces confidence in domain legitimacy and registration transparency. Overall, the site serves its functional purpose but lacks business transparency and comprehensive security controls.

P

Paletton.com by Petr Staníček

paletton.com

50

Paletton.com is a specialized online tool focused on color scheme design, serving a broad audience from professional designers to beginners and students. The website offers interactive color wheels, palette generation, and color vision simulations, positioning itself as a niche but well-established player in the design technology space. The business model appears to be primarily free access with optional donations and affiliate promotions. Technically, the site uses a modern JavaScript stack with jQuery, RequireJS, and integrates Google Analytics and Tag Manager for tracking, alongside OneTrust for cookie consent management. Hosting is provided by Bluehost Inc., with a domain age consistent with the site's history. Security posture is adequate with HTTPS and domain transfer protections, but could be improved with DNSSEC and additional security headers. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms. Contact information is limited to an email address, with no phone or physical address found. Overall, the site is professional, trustworthy, and well-maintained, with good content quality and user experience.

D

Dominik Reichl

keepass.info

48

KeePass is a well-established free and open source password manager developed by Dominik Reichl. It offers secure password storage using strong encryption algorithms and is recognized in the security community for its transparency and reliability. The website serves as the official source for downloads, news, and support information, targeting general users who require secure password management solutions. The business model is based on free software distribution with optional donations and monetization through Google AdSense advertising. Technically, the website uses basic web technologies including JavaScript and Google AdSense scripts. The site is functional with moderate performance and basic mobile optimization. SEO and accessibility are adequate but could be improved. No CMS or advanced frameworks are detected. The WHOIS data is privacy protected, which is reasonable given the security focus of the project. From a security perspective, the site promotes strong cryptographic standards and open source transparency, which are key strengths. However, explicit security headers and incident response contacts are not evident, and cookie consent mechanisms are missing despite ad network usage. No vulnerabilities or suspicious content were detected. Overall, the security posture is good but could benefit from enhanced security best practices. The overall risk assessment is low with a trustworthy reputation in the open source security community. Strategic recommendations include improving security headers, adding explicit incident response information, and implementing cookie consent to enhance privacy compliance and user trust.

B

Blizzard Entertainment

worldofwarcraft.com

75

World of Warcraft's official website, hosted under the Blizzard Entertainment domain, serves as a comprehensive portal for one of the most popular MMORPGs globally. The site targets gamers and fans of fantasy online games, offering game information, updates, and community engagement. As part of the Activision Blizzard group, it benefits from strong brand recognition and a large enterprise infrastructure. The website is professionally designed with excellent content quality and clear navigation, optimized for both desktop and mobile users. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent management, indicating a mature digital infrastructure. Performance is fast, and SEO and accessibility practices are well implemented. However, explicit security headers are not visibly present in the HTML, and no public security policy or incident response information is found, which could be improved. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. Privacy compliance is good, with comprehensive privacy and cookie policies and GDPR compliance indicators. Business credibility is high due to clear branding, association with Blizzard Entertainment, and professional presentation. WHOIS data is unavailable due to the domain being a subdomain of blizzard.com, which is typical for large enterprises and privacy protected domains. Overall, the website presents a low risk profile with strong trust indicators, though it could enhance transparency by publishing security policies and vulnerability disclosure information.

The website eu.shop.battle.net is the official e-commerce platform for Blizzard Entertainment, a leading global gaming company and subsidiary of Activision Blizzard. It offers digital game licenses, in-game content, and merchandise targeting gamers worldwide. The site demonstrates a mature digital infrastructure with modern web technologies, CDN usage, and strong performance optimizations. Security posture is robust, featuring HTTPS, comprehensive security headers, and cookie consent mechanisms aligned with GDPR compliance. While WHOIS data for the subdomain is unavailable, this is consistent with corporate subdomain management practices and does not detract from the site's legitimacy. Overall, the platform is professional, secure, and trustworthy, serving a large enterprise audience effectively.

B

Blizzard Entertainment

blizzard.com

74

Blizzard Entertainment is a globally recognized video game developer and publisher, known for iconic franchises such as Warcraft, Diablo, StarCraft, and Overwatch. The company operates as a major player in the digital entertainment industry, targeting gamers worldwide with high-quality gaming experiences. Their website reflects a mature digital presence with professional design, comprehensive privacy and cookie policies, and integration of modern marketing and analytics technologies. The technical infrastructure leverages cloud-based content delivery and advanced tracking tools, ensuring fast performance and good user experience across devices. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, Blizzard's website demonstrates a high level of professionalism and trustworthiness, consistent with its enterprise status and market position.

Z

Zvláštne.sk

zvlastne.sk

9

Zvláštne.sk is a Slovak language media website specializing in reviews related to geek culture, including films, series, comics, PC games, and standup comedy. The site targets Slovak-speaking enthusiasts of geek culture and operates as a small niche content publisher. The business model revolves around content creation and publishing without visible e-commerce or subscription services. The website uses WordPress CMS with common plugins such as Yoast SEO and EWWW Image Optimizer, indicating a moderate level of technical maturity. Google Analytics is integrated for visitor tracking, but no explicit cookie consent mechanism or privacy policy is present, which may pose compliance risks. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and incident response contacts. Overall, the site is safe for general audiences and professionally presented, but improvements in privacy compliance and security practices are recommended.

Galerija Kapelica is a small, niche art gallery website primarily focused on presenting cultural and artistic exhibitions through an interactive Adobe Flash experience. The website's market position is local and specialized, targeting general audiences interested in art and culture. The business model appears non-commercial or cultural with no visible e-commerce or transactional services. Technically, the site relies on outdated Flash technology, which severely limits accessibility and performance on modern devices. The site lacks mobile optimization, accessibility features, and modern SEO practices. Security posture is weak, with no HTTPS enforcement, no security headers, and no visible privacy or cookie policies despite using Google Analytics for tracking. The domain is old and registered with a reputable registrar, indicating legitimacy, but the technical and security aspects require significant modernization. Overall, the site presents a low trustworthiness profile and poor user experience.

M

Mgr. Marek Sivčo

mareksivco.sk

56

The website mareksivco.sk represents the personal and professional portfolio of Mgr. Marek Sivčo, a Slovak teacher, web developer, poet, and podcaster. The site highlights his extensive experience in web development, teaching engagements, creative works, and supported projects. It targets individuals interested in IT education, Slovak geek culture, and creative arts. The business model is centered on personal branding and educational content delivery, with a niche market position in Slovakia and the broader Slovak-speaking community. Technically, the website employs a modern tech stack including PHP, WordPress, JavaScript, and various Adobe creative tools. Hosting is provided by Websupport, with DNSSEC enabled and HTTPS properly configured, indicating a secure and reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No analytics or tracking scripts are present, reflecting a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and DNSSEC but lacks security headers and formal security policies. No vulnerability disclosure or incident response information is provided, and no privacy or cookie policies are found, which are notable compliance gaps. The absence of forms reduces attack surface but also limits user interaction. Overall, the website is professional, trustworthy, and content-rich, with strong business credibility but room for improvement in privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing a vulnerability disclosure policy to enhance trust and compliance.

S

Soare sekt a.s.

nassad.cz

50

Náš sad is a Czech-based producer and retailer of traditional fruit wines, operating under the company Soare sekt a.s. The website presents a professional and well-structured digital presence focused on promoting their fruit wine products, targeting adult consumers in the Czech Republic. The business model includes manufacturing and distribution through multiple retail chains and online sales. The website content is rich, localized in Czech, and includes detailed product descriptions and legal compliance information such as age verification and privacy policies. Technically, the site uses modern web technologies including Google Tag Manager and Google Fonts, with good mobile optimization and SEO practices. Security posture is moderate with age verification and cookie consent implemented, but lacks visible advanced security headers or explicit security policies. WHOIS data is unavailable, limiting domain trust assessment, but the website's contact information and content suggest legitimacy. Overall, the site scores well on content quality, privacy compliance, and business credibility, with room for improvement in security best practices and technical enhancements.

S

SUEZ

toutsurmoneau.fr

68

The website www.toutsurmoneau.fr is a professionally maintained portal operated by SUEZ, a major player in the water and energy sector in France. It provides comprehensive information about water services in local communes, customer account management, contract subscription, and support services. The site targets residents and customers seeking water-related services and information. Technically, the website employs modern technologies including React, Cloudflare Turnstile captcha, Cookiebot for consent management, and integrates analytics and monitoring tools such as Google Tag Manager and New Relic. The site is hosted likely behind Cloudflare, ensuring good performance and security. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, explicit security policies and incident response contacts are not published, and no vulnerability disclosure or security.txt file is found. Overall, the site is trustworthy, secure, and professionally operated, reflecting the reputation of SUEZ.

S

Statik

statik.be

52

Statik is a medium-sized digital agency based in Leuven, Belgium, specializing in sustainable business strategies, web development, digital products, and online marketing. The company positions itself as a force for good, targeting impact organizations and businesses preparing for a sustainable future. Their client portfolio includes reputable institutions and organizations, reinforcing their market credibility. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site uses modern JavaScript frameworks, SVG graphics, and integrates analytics tools such as Piwik PRO and Google Tag Manager, indicating a well-rounded digital infrastructure. Security-wise, the site enforces HTTPS and includes privacy and cookie policies with consent mechanisms, though it lacks some advanced security headers and explicit incident response information. Overall, the domain appears legitimate despite the absence of detailed WHOIS data, likely due to privacy protection. The site demonstrates good privacy compliance and business credibility, with room for security enhancements.

P

PENNY Market Česká republika

penny.cz

67

PENNY Market Česká republika operates as a major retail supermarket chain in the Czech Republic, providing grocery and household products to a broad consumer base. The website serves as a digital storefront and information portal, featuring store locations, promotions, and company information. It is part of the REWE Group, a large European retail conglomerate, which supports its market position and brand recognition. The site targets general consumers in the Czech market with a focus on retail grocery shopping. Technically, the website employs modern frontend technologies such as Vue.js and uses Google Fonts and Material Icons for UI consistency. The site is mobile-optimized and demonstrates moderate performance with good SEO and accessibility basics. Security best practices are observed with HTTPS enforcement and standard security headers, though some advanced security disclosures and policies are absent. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Contact information is clearly provided, enhancing business credibility. However, the lack of WHOIS transparency due to privacy protection limits domain registration visibility. Overall, the website presents a professional, trustworthy, and secure digital presence for PENNY Market in the Czech Republic. Strategic improvements could include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

Centrum experimentálního divadla, p.o. is a public cultural institution based in Brno, Czech Republic, dedicated to fostering professional and experimental live theater arts. It operates several theaters including Divadlo Husa na provázku, HaDivadlo, and Terén, and publishes a quarterly magazine called CEDIT. The institution is supported financially by the city of Brno and the Ministry of Culture of the Czech Republic, positioning it as a key player in the regional cultural landscape. The website reflects this mission with rich content about performances, projects, and educational activities targeting a general audience interested in experimental theater and culture. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript with jQuery, and Mapbox GL JS for interactive maps. It features a responsive design with good mobile optimization and basic accessibility features. The site includes a cookie consent mechanism and uses Google Analytics for traffic analysis, indicating moderate digital maturity. However, the absence of a privacy policy and terms of service pages represents a compliance gap. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and does not provide incident response or vulnerability disclosure information. The WHOIS data for the domain is unavailable, which limits the ability to verify domain legitimacy and age, slightly reducing trustworthiness. Nonetheless, the presence of official city support logos and consistent branding enhances credibility. Overall, the website is professionally designed and functional, serving its cultural mission effectively. Strategic improvements in privacy compliance, security headers, and domain registration transparency would enhance trust and security posture, supporting long-term institutional credibility and user confidence.

L

Lopesan Hotel Group

lopesan.com

66

Lopesan Hotel Group operates a well-established hospitality business focused on providing hotel and resort accommodations primarily in Spain. The website serves as the official online presence for the group, offering booking capabilities and showcasing their unique destinations and services. The company has a strong market position with a domain age of over 25 years, indicating stability and trustworthiness. Technically, the website leverages modern web technologies including React and Liferay CMS, ensuring a robust and scalable platform. The site is mobile optimized and performs moderately well, with good SEO practices in place. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partially addressed with a cookie consent mechanism but lacks explicit privacy and terms of service documentation. Overall, the website is professional, trustworthy, and suitable for its target audience of travelers and tourists.

B

Bouvet

bouvet.se

48

Bouvet is a Scandinavian publicly listed IT consultancy specializing in system development, business development, and design, with a strong focus on healthcare, public sector, and energy sectors. The company emphasizes creating digital solutions that contribute to societal benefits such as stable energy supply, efficient public services, and improved public health in Sweden. The website reflects a mature digital presence with comprehensive content, professional design, and clear navigation, targeting business and public sector clients. Technically, the site uses modern web technologies including Google Fonts, YouTube embeds, Matomo analytics, and LinkedIn Insight tags, hosted likely behind Cloudflare CDN, and built on the Enonic CMS platform. Security posture is strong with HTTPS enforced, cookie consent mechanisms, and ISO 27001 certification, though some security headers could be improved and incident response contacts are not publicly detailed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained, supporting Bouvet's market position as a leading IT consultancy in Scandinavia.

A

A World For Us

skills.hr

72

Skills.hr is a French marketplace platform specializing in professional training programs, aggregating over 120,000 offers from more than 5,500 providers. It serves professionals and individuals seeking to enhance their skills and advance their careers. The platform emphasizes transparency by providing detailed program data, including satisfaction ratings and testimonials, and offers clear financing options. The website is part of a broader ecosystem including related projects such as Skills Mag and Digiforma, enhancing its market presence. Technically, the website leverages modern web technologies including Phoenix LiveView, JavaScript, and integrates security measures like hCaptcha and Google Tag Manager. Hosting is provided via Amazon AWS, ensuring reliable infrastructure. The site demonstrates good SEO practices and mobile optimization, though accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, Skills.hr presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in security transparency and accessibility would further enhance its posture and user trust.

D

Outil de veille sur la formation dédié aux OF - Digiforma Veille

digiforma-veille.com

57

Digiforma Veille operates a specialized monitoring tool dedicated to training organizations, focusing on providing relevant information and updates in the education sector. The website is built on WordPress with Elementor, integrating modern technologies such as Google Tag Manager, Cookiebot for cookie consent, and reCAPTCHA for bot protection. The site demonstrates good design quality, mobile optimization, and SEO practices, making it accessible and user-friendly for its target audience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Security measures are adequate with HTTPS and bot protection, but the lack of explicit privacy policies and contact information limits compliance and user trust. Overall, the site is safe and professional but would benefit from enhanced transparency and security documentation.

R

Rocher Blanc

rocher-blanc.mc

59

Rocher Blanc Monaco is a specialized digital communication agency operating in Monaco, focusing on services such as website creation, digital marketing (SEO, SEA, social media management), and visual identity development. As a member of the Inforca group, it targets small and medium enterprises seeking tailored digital solutions. The website reflects a professional and modern digital presence with clear service offerings and strong branding consistency. Technically, the site employs modern JavaScript libraries, uses HTTPS, and integrates analytics and consent management tools effectively. Security measures include the use of hCaptcha on contact forms and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, well-structured, and compliant with GDPR requirements, making it a credible digital agency in its market niche.

A

Aller Media AS

aller.no

10

Aller Media AS is a leading Norwegian media and service conglomerate with a strong digital presence and a broad portfolio of digital sites. The company focuses on delivering quality content and unique services daily to inform, entertain, and inspire its audience. Their business model revolves around digital media publishing, subscription services, and advertising, targeting a general Norwegian audience. The website is professionally designed using Drupal 10 CMS, with good mobile optimization and clear navigation, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and does not expose sensitive data in the HTML content. However, there is a lack of explicit security headers and no visible cookie consent mechanism, which are areas for improvement. No vulnerability disclosure or incident response information is published, which could enhance trust and compliance. The WHOIS data aligns well with the website's business claims, indicating legitimacy and consistency. Overall, the website scores well on content quality, business credibility, and technical implementation but could improve its security posture and privacy compliance. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and establishing vulnerability disclosure channels to strengthen security and compliance.

H

HS Media

hsmedia.no

8

HS Media is a Norwegian small business specializing in contextual marketing across print, digital, and social media channels. The company aims to place advertising in contexts where the target audience is most receptive, focusing on Norwegian markets. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. The site presents professional content with good design and navigation but lacks comprehensive privacy and security disclosures. Security posture is moderate with no detected WAF or blocking mechanisms, but the absence of security headers and policies indicates room for improvement. Overall, the domain registration is privacy protected, which is common for small businesses, and no suspicious indicators were found. Strategic recommendations include enhancing privacy compliance, adding contact and security information, and improving security headers and SSL configurations.

N

Nux s.r.o.

nux.cz

69

Nux s.r.o. is a Czech technology company specializing in web development, online office solutions, and comprehensive internet consulting services. Established in 2004, the company has a solid market presence in the Czech Republic, targeting businesses and organizations seeking tailored digital solutions. Their offerings include custom software development, e-learning platforms, client portals, e-commerce solutions, and communication tools such as Mattermost and Jitsi. The website reflects a professional and consistent brand image with clear service descriptions and client references. Technically, the website employs modern technologies including Tailwind CSS, Google Tag Manager, and Google reCAPTCHA, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be enhanced. The CMS used is a proprietary or custom system (cms1.nux.cz), and the site is served over HTTPS with a good SSL configuration. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate automated abuse. However, explicit security headers are not evident, and there is no published security policy or incident response contact information. Cookie consent is implemented, supporting GDPR compliance, but no explicit privacy policy or terms of service were found on the main page. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's history. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, enhancing accessibility, and implementing additional security headers to strengthen the security posture.

D

Display

display.cz

41

Display is a small non-profit association based in Prague, Czech Republic, focused on research and collective practice in cultural and educational domains. The website presents a well-structured platform showcasing events, projects, and publications, targeting a general audience interested in cultural research and collective activities. The organization appears established with a domain age since 2000 and active social media presence, enhancing its market position within its niche. Technically, the website is built on GravCMS, a modern flat-file CMS, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and SEO practices, although performance is moderate. The use of Mailchimp for newsletter subscriptions shows integration with common marketing tools. However, there is a lack of visible advanced analytics or tracking services, suggesting minimal user tracking. From a security perspective, the site uses HTTPS and secure form handling but lacks visible security headers and published security policies. No privacy or cookie policies are found, representing compliance gaps with GDPR and related regulations. The WHOIS data is consistent and supports the legitimacy of the domain and organization. No WAF or blocking mechanisms are detected, and no vulnerabilities are apparent from the provided data. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency to improve its risk posture and user trust.

Zavod Kersnikova is a Slovenian cultural institution dedicated to contemporary research-based art, operating through its gallery Kapelica and laboratories Rampa and BioTehna. The website serves as an information hub for events, news, and artistic activities, targeting artists, researchers, and the cultural community. The institution is well-established with a domain age since 2011, reflecting its ongoing presence in the cultural sector. Technically, the website is built on modern JavaScript frameworks such as Nuxt.js and uses external libraries like FontAwesome and Google Fonts. It incorporates a cookie consent mechanism and complies with GDPR regulations, demonstrating attention to privacy and user rights. However, some mixed content issues and lack of security headers indicate areas for improvement in security posture. Overall, the website is professional, user-friendly, and trustworthy, though it could benefit from enhanced security practices and explicit policy documentation.

C

Culture for Future

cultureforfuture.cz

54

Culture for Future is a recently established non-profit platform based in the Czech Republic, dedicated to supporting artists and creatives in addressing climate change through their work. The website content is primarily in Czech and focuses on ecological and cultural themes, targeting artists and environmentally conscious individuals. The platform appears to be in its early stages, with a domain registered in December 2023. Technically, the website uses modern web technologies including Bootstrap and Google Tag Manager for analytics. However, there is a lack of comprehensive privacy and cookie policies, and no explicit contact information or security policies are present. The security posture is basic, with no detected security headers and limited compliance indicators. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices.

F

Friedrich-Ebert-Stiftung

fes.de

62

The Friedrich-Ebert-Stiftung (FES) is a well-established non-profit foundation based in Germany, dedicated to promoting social democracy through political education, international cooperation, scientific research, and scholarship programs. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. The target audience includes individuals interested in social democratic values and political education. Technically, the site is built on TYPO3 CMS and incorporates modern web technologies such as Matomo analytics and Lottie animations, ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in publishing explicit security policies and headers. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

G

GoDaddy Operating Company, LLC

cea.tech

11

The website is a domain sales landing page for the domain cea.tech, operated by GoDaddy Operating Company, LLC, a leading global domain registrar and marketplace. The platform offers multiple purchasing options including buy now, lease to own, and making an offer, targeting businesses and individuals seeking premium domain names. The site leverages modern web technologies such as React and Next.js, hosted on GoDaddy infrastructure, providing a fast and responsive user experience. Security is robust with HTTPS enforced, security headers present, and secure payment assurances. Privacy and cookie policies are available through GoDaddy's main site, indicating compliance with GDPR and other regulations. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity.

F6S Network Limited operates a technology platform focused on supporting startups and entrepreneurs by providing access to funding, acceleration programs, job listings, and networking opportunities. The company holds a registered trademark and appears to be an established player in the startup ecosystem, targeting founders, investors, and accelerators. However, the website content is currently inaccessible due to a bot detection interstitial page, which limits direct content analysis and user experience evaluation. Technically, the site uses JavaScript and minimal inline CSS but lacks visible modern frameworks or CMS indicators in the provided HTML snippet. The absence of metadata such as Open Graph or JSON-LD structured data and no detected analytics or advertising scripts suggests limited digital maturity or that these elements are blocked by the WAF. The site does link to comprehensive privacy, cookie, terms, and data security policies, indicating some level of compliance awareness. From a security perspective, the site is protected by a generic WAF or bot detection mechanism, which blocks automated access and may help mitigate abuse. However, no security headers or SSL configuration details were visible in the provided data, and the WHOIS information is unavailable, reducing transparency. The lack of visible contact phone numbers or physical addresses further limits trust signals. Overall, the site presents moderate business credibility but suffers from accessibility and transparency issues due to security blocking and missing WHOIS data. Strategic recommendations include improving security header implementation, enhancing transparency with WHOIS data or verified registrant info, and ensuring the site is accessible to legitimate users while maintaining robust bot protection.

F

forgemedia LLC

forgemedia.io

61

forgemedia LLC is a small US-based digital agency specializing in WordPress plugin development and actionable content creation. Founded in 2016 by two brothers, Brian and Brett Jackson, the company focuses on performance-driven solutions such as the Perfmatters and Novashare plugins. Their market position is niche but well-defined, targeting WordPress users and businesses seeking to improve site performance and content effectiveness. The website reflects a professional and consistent brand image with clear messaging and good user experience. Technically, the site is built on WordPress using the GeneratePress theme and leverages performance optimization plugins. Hosting is provided by Kinsta, a reputable managed WordPress host. The site demonstrates good performance and mobile optimization, with modern technologies and SEO best practices in place. Analytics are handled via Fathom Analytics, indicating a privacy-conscious approach to user tracking. From a security perspective, the site uses HTTPS with a valid SSL configuration and has domain transfer protections enabled. However, DNSSEC is not enabled, and no explicit security headers or incident response policies are publicly available. Privacy compliance is partial, with a privacy policy and terms of service present but lacking cookie consent mechanisms and GDPR explicit indicators. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the website is trustworthy and professional with a solid technical foundation. Strategic improvements in security headers, DNSSEC, and privacy compliance would enhance the security posture and regulatory adherence. The business shows credible legitimacy with consistent WHOIS data and a mature domain age.

Le Biau Germe is a small French collective of organic and traditional seed producers, operating an e-commerce platform focused on selling biological, reproducible, and traditional seeds to both individuals and professionals. The website presents a consistent brand image with good content quality and clear business focus on organic agriculture. Technically, the site uses modern CSS frameworks like Tailwind CSS and is hosted by Infomaniak Network SA, a reputable hosting provider. The site is mobile optimized and SEO friendly with proper metadata and Open Graph tags. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, which is a compliance gap. No contact emails or phone numbers are explicitly found, limiting direct communication channels. Overall, the domain registration data supports legitimacy with a long-standing registration since 2002.