Security Directory

T

HOME | TTTKU Film

theyretryingtokillus.com

52

The website www.theyretryingtokillus.com appears to be a minimal Wix-built site with very limited content and no visible business or contact information. The domain WHOIS data indicates that the domain is not registered or has expired, which raises significant concerns about the legitimacy and trustworthiness of the site. Technically, the site uses Wix platform technologies and includes a Facebook tracking pixel, but lacks advanced security headers and privacy compliance mechanisms. The absence of privacy policies, cookie consent, and contact details further diminishes its credibility. Overall, the site presents a poor security posture and minimal business presence, making it unsuitable for trust or engagement.

M

Multi

multi.coop

56

Multi is a small French company established in 2021, operating under the domain multi.coop. The website presents minimal content primarily focused on technical aspects and branding with limited business description. The technical infrastructure leverages modern frontend technologies such as Nuxt.js, Buefy, and Bulma CSS, indicating a contemporary web development approach. However, the site lacks comprehensive SEO, accessibility, and user engagement features. Security posture is basic with HTTPS enabled but missing critical security headers and policies. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which limits user trust and compliance with data protection regulations. Overall, the website is accessible without WAF or blocking mechanisms, but the content and security maturity are at an early stage.

S

Sulu GmbH

sulu.io

47

Sulu GmbH operates a leading open-source PHP CMS platform built on the Symfony framework, targeting enterprise projects and developers. The company offers a robust content management system with multisite and multilingual capabilities, supported by professional consulting, training, and development services. The website reflects a mature business with consistent branding and a clear value proposition for developers, marketers, agencies, and content teams. Technically, the site is well-implemented with modern technologies, fast performance, and good mobile optimization. Security posture is solid with HTTPS and secure domain registration, though improvements are recommended in security headers and published policies. Overall, the site is professional, trustworthy, and well-positioned in the technology CMS market.

E

E-commerce + Print on Demand

tpopsite.com

69

TPOP is a French-based e-commerce platform specializing in print-on-demand services with a strong emphasis on eco-friendly and local production. The platform enables entrepreneurs and small to medium-sized businesses to quickly create online stores without upfront inventory costs, integrating easily with popular marketplaces and CMS platforms like Shopify, Etsy, and WooCommerce. The website demonstrates a mature digital presence with multilingual support, rich multimedia content, and a user-friendly interface designed for rapid store setup and product customization. Technically, the site employs modern web technologies including Bootstrap, Weglot for translations, and analytics tools such as Google Analytics and Gleap for user feedback. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit HTTP security headers are not evident in the provided data. The absence of WHOIS registration details is a notable gap, reducing domain trustworthiness, but the presence of customer testimonials, Trustpilot ratings, and active social media accounts support the legitimacy of the business. Overall, TPOP presents as a professional and trustworthy e-commerce solution with room for improvement in transparency of security policies and contact information.

ARTE is a well-established European cultural media broadcaster providing a wide range of documentaries, films, and cultural programming aimed at a general European audience. The website reflects a mature digital presence with a modern tech stack based on React and Next.js, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforcement and modern security headers, although there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, making it a reliable source for cultural content.

B

Bureau of Reclamation

usbr.gov

69

The Bureau of Reclamation is a longstanding U.S. government agency under the Department of the Interior, responsible for managing water and power resources primarily in the Western United States. The website serves as a comprehensive portal for information on dams, powerplants, water projects, environmental resources, and public recreation. It targets government entities, water resource managers, researchers, and the general public. The agency operates with an enterprise-level scale and maintains a strong market position as the primary federal water management authority in its region. Technically, the website employs a modern technology stack including HTML5, CSS3, JavaScript, jQuery, and analytics tools such as Google Tag Manager and DigitalGov Universal-Federated-Analytics. The site is mobile-optimized, accessible, and well-structured with clear navigation and good SEO practices. Hosting appears to be government-managed, ensuring reliability and compliance with federal standards. From a security perspective, the site enforces HTTPS and publishes a vulnerability disclosure policy, indicating a proactive security posture. However, explicit security headers are not clearly present, and there is no cookie consent mechanism, which could be improved for privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy as a government entity with consistent registration information. Overall, the website is professional, trustworthy, and provides valuable public services. Strategic improvements in privacy compliance and security header implementation would enhance its security posture and regulatory adherence.

K

kbin.pub

kbin.pub

45

kbin.pub is a minimal content website primarily serving as an advertising and content aggregation platform. The site leverages Google advertising and analytics technologies but lacks substantive business information, contact details, or clear branding. The technical infrastructure is basic, with standard HTML, CSS, and JavaScript, and no detected CMS or advanced frameworks. Security posture is limited, with HTTPS enabled but no security headers or cookie consent mechanisms present. The WHOIS data is unavailable or redacted, indicating privacy protection, which reduces transparency and trust. Overall, the site appears to be a small-scale advertising portal with limited user engagement features and minimal content.

K

KnpUniversity

symfonycasts.com

64

SymfonyCasts is a specialized online educational platform offering video tutorials focused on PHP and the Symfony framework. Established since 2008, it operates under KnpUniversity and targets developers seeking structured learning paths with over 125 video tutorial courses. The platform uses a subscription-based business model and is recognized as an official and trusted source for Symfony learning. Technically, the website employs modern web technologies including JavaScript, CSS, and Stripe for payments, hosted on SymfonyCloud, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is good with clear privacy and terms of service pages, but lacks a cookie consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. Overall, the site is professional, trustworthy, and safe for general audiences.

P

PULSARDEV SRL

quasar.dev

51

Quasar Framework is a mature, enterprise-ready cross-platform VueJS framework developed and maintained by PULSARDEV SRL since 2015. It offers a comprehensive suite of VueJS components and tooling to build high-performance web, mobile, and desktop applications from a single codebase. The website demonstrates strong community engagement, extensive documentation, and active sponsorship support, positioning Quasar as a leading solution in the VueJS ecosystem. Technically, the site employs modern technologies including VueJS, Vite, and Webpack, with excellent performance and mobile optimization. Security posture is robust with HTTPS enforcement and standard security headers, though explicit security policies and incident response contacts are not published. Privacy compliance is well addressed via an Iubenda-managed privacy and cookie policy with GDPR adherence. Overall, the site is professional, trustworthy, and well-structured, serving its developer audience effectively.

F

Facebook, Inc.

react.dev

57

React.dev is the official website for React, a leading JavaScript library for building web and native user interfaces, maintained by Meta Platforms, Inc. The site provides comprehensive documentation, learning resources, and community engagement tools targeting web developers and software engineers globally. It positions React as a foundational technology in modern frontend development with strong industry adoption and ecosystem support. The website demonstrates a mature technical infrastructure leveraging React and Next.js frameworks, optimized for performance, accessibility, and SEO. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy and cookie policies are absent. Overall, the site reflects a professional and trustworthy digital presence aligned with Meta's standards.

O

OVHcloud

ovh.co.uk

72

OVHcloud is a prominent European cloud computing and web hosting provider offering a broad portfolio of infrastructure and platform services including dedicated servers, VPS, bare metal servers, and cloud storage. The company targets businesses and developers seeking scalable and secure cloud solutions, positioning itself as a competitive player in the global cloud market. The website demonstrates a mature digital presence with multiple language versions and comprehensive service offerings. Technically, the site employs modern web technologies, custom analytics, and error monitoring tools, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement and certifications such as ISO 27001 and SecNumCloud, although explicit security headers and incident response details are not fully visible. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand recognition and content quality. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure policies, and improving transparency on data retention. Overall, OVHcloud's website reflects a professional, secure, and business-focused cloud service provider with room for incremental security and compliance improvements.

The website www.zaragozaciudad.net serves as an official municipal blog platform for the Ayuntamiento de Zaragoza, targeting local citizens with community engagement and information about city neighborhoods and municipal services. The site provides a directory of citizen blogs categorized by topics and neighborhoods, supporting local communication and participation. The business model is public sector focused, providing a platform for citizen interaction and municipal transparency. The website content is primarily in Spanish and reflects a government entity's communication channel. Technically, the website uses XHTML 1.0 and CSS 2.0 with JavaScript enhancements and integrates Google Analytics and Google Tag Manager for visitor tracking. The design is basic and somewhat dated, with limited mobile optimization and accessibility features. No modern CMS or advanced frameworks are detected. Performance is moderate, and SEO is basic with meta tags present but no advanced structured data or Open Graph tags. From a security perspective, the site uses HTTPS as inferred from script sources but lacks explicit security headers such as CSP or HSTS. No privacy or cookie policies are present, indicating GDPR compliance gaps. The WHOIS data is missing or unavailable, which is inconsistent with the active municipal content and raises concerns about domain legitimacy. No incident response or vulnerability disclosure information is published, and no security best practices beyond basic HTTPS are observed. Overall, the website is functional and serves its public sector purpose but has notable gaps in privacy compliance, security posture, and domain registration transparency. Strategic improvements in security headers, privacy policies, and WHOIS registration clarity are recommended to enhance trust and compliance.

I

inPHARM, spol. s r.o.

inpharm.cz

51

InPHARM, spol. s r.o. is a well-established Czech pharmaceutical company specializing in innovative pharmaceutical products and supplements, including liposomal Vitamin C and collagen injections. With over 30 years of market presence, it serves healthcare professionals and patients seeking advanced therapeutic solutions. The company maintains a professional online presence with clear contact information and product offerings, including an e-commerce platform. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, and AOS animations, ensuring good mobile optimization and user experience. Security posture is adequate with HTTPS and cookie consent implemented, though lacking explicit security headers and published security policies. Overall, the domain registration data aligns well with the company's claims, supporting legitimacy and trustworthiness.

S

Storck România

merci-ciocolata.ro

62

The merci-ciocolata.ro website represents the official Romanian portal for the merci chocolate brand, part of the international Storck group. It provides product information, brand messaging, and options for personalized merci products. The site targets Romanian consumers interested in premium chocolate products and serves as a marketing and informational platform rather than direct e-commerce. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes Piwik PRO analytics with a GDPR-compliant cookie consent mechanism. The website is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital presence. Security-wise, the site enforces HTTPS and uses cookie consent but lacks explicit security headers and published security policies, which could be improved. WHOIS data is privacy protected as per ROTLD policy, which is typical for Romanian domains, and the domain aligns with the brand's legitimacy. Overall, the site is professional, trustworthy, and safe for general audiences.

S

Storck Nederland B.V.

toffifee.nl

64

The website www.toffifee.nl is the official Dutch site for the Toffifee confectionery brand, owned by Storck Nederland B.V. It serves as a marketing and consumer engagement platform showcasing product information, recipes, and brand history. The site targets general consumers in the Netherlands with a focus on retail confectionery products. Technically, the site is built on TYPO3 CMS and uses modern JavaScript libraries such as RequireJS, jQuery, and Lodash, with a moderate performance profile and good mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site is professional, trustworthy, and well-branded, with no signs of malicious or suspicious activity.

The website jeromemettling.com currently presents a security challenge page that blocks direct access to its content, indicating the presence of a Web Application Firewall or similar security mechanism. The visible content is minimal and primarily technical, showing a redirect countdown and browser integrity checks. The site appears to be running very outdated CMS versions (Joomla 1.5 and WordPress 2.5), which are known to have multiple security vulnerabilities. The WHOIS data is suspicious, showing a domain creation date in the future (2025), no registrant information, and no DNSSEC enabled, which raises concerns about the domain's legitimacy. No privacy, cookie, or terms of service policies are present, and no contact or business information is available on the site. Overall, the site lacks professional content and trust indicators, and the security posture is weak due to outdated software and missing security headers.

Terciel is a digital platform associated with Terrena, a major French agricultural cooperative. The website serves primarily as a login portal for members to access their dashboards and related services. The platform is built on Drupal 10 and incorporates performance monitoring tools such as Boomerang. The site is designed with basic but consistent branding and provides clear contact information via phone for user support. However, it lacks visible privacy, cookie, or terms of service policies on the login page, which are important for compliance and user trust. From a technical perspective, the website uses modern CMS technology and includes some performance monitoring scripts. The site appears to be moderately optimized for mobile devices and accessibility but could benefit from enhanced SEO and accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers are detected, and no vulnerability disclosures or incident response information is provided. The WHOIS data for the domain is not publicly available, indicating privacy protection, which is common and justified for cooperative businesses. No suspicious patterns or legitimacy concerns are identified. Overall, the site is functional and trustworthy for its intended audience but would benefit from improved privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, providing incident response contacts, and enhancing accessibility and SEO to improve user experience and compliance.

V

Vilmorin & Cie

vilmorincie.com

54

Vilmorin & Cie is a French international seed company affiliated with the Limagrain group, specializing in seed production and genetics. The company recently exited the stock market following a simplified public offer by Limagrain, indicating a strategic consolidation. Their website provides corporate information, financial publications, and press releases targeting agricultural professionals and investors. Technically, the site is built on modern web technologies including the Remix React framework, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is mostly addressed with a comprehensive privacy policy, but cookie consent mechanisms are lacking. Overall, the website reflects a professional and credible business presence with room for enhanced security and privacy features.

S

Studo GmbH

studoflow.com

78

Studo GmbH is a European software company specializing in digital solutions for higher education institutions. Their flagship product, Studo Flow, is a SaaS platform designed to help universities digitize and simplify administrative processes through modular, configurable software components. The company targets small and emerging higher education institutions, offering a user-friendly and integrable platform that supports various administrative needs. Their market position is strong as a pioneer in European higher education SaaS solutions, supported by EU and Austrian funding agencies. Technically, the website is well-constructed with modern web technologies, including Cloudflare DNS and CDN services, and uses Piwik PRO for privacy-conscious analytics. The site is mobile-optimized, fast-loading, and SEO-friendly, reflecting a mature digital infrastructure. However, some security best practices such as DNSSEC and explicit security headers could be improved. From a security perspective, the company demonstrates a solid posture with HTTPS enforcement, GDPR compliance, and support for modern authorization frameworks like OAuth, SAML, and LDAP. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit incident response contacts are areas for enhancement. Overall, the website and company present a trustworthy and professional image with a high level of business credibility and technical maturity. Strategic improvements in security headers, DNSSEC, and privacy mechanisms would further strengthen their security and compliance stance.

SVČ Lužánky is a well-established educational and leisure center based in Brno, Czech Republic, offering a wide range of activities including clubs, courses, camps, and events targeted primarily at children, youth, families, and schools. The organization operates as a non-profit entity focused on providing quality extracurricular and educational experiences. The website reflects a professional and modern digital presence, built using Next.js and React technologies, optimized for mobile devices and accessibility. It features comprehensive content, clear navigation, and integration with social media platforms, enhancing user engagement and outreach. Security posture is solid with HTTPS enforced and secure form handling, though there is room for improvement in implementing security headers and cookie consent mechanisms. The absence of WHOIS data limits domain trust assessment, but the overall site professionalism and transparency in contact information support legitimacy. Strategic recommendations include enhancing security headers, adding explicit cookie consent, and publishing incident response policies to strengthen trust and compliance.

O

Okultura: Eseje o magických aspektech moderních dějin a soudobého umění

okultura.cz

54

Okultura.cz is a small-scale cultural media website focused on publishing essays about magical aspects of modern history and contemporary art. The website appears to be a content publication platform with a niche audience interested in culture and art. The domain is well-established, registered since 2002, which supports the legitimacy of the site. Technically, the site uses WordPress as its CMS and integrates Google Analytics for visitor tracking. However, the site lacks visible privacy, cookie, and terms of service policies, and no contact information is provided on the homepage. Security posture is weak with no HTTPS enforcement or security headers detected in the provided HTML snippet. Overall, the site has basic content quality and technical implementation but falls short in privacy compliance and security best practices.

Radio Čas s.r.o. is a well-established regional radio broadcaster in the Czech Republic, founded in 1998 and operating primarily in the Moravia and Silesia regions. The company offers radio broadcasting, online streaming, podcasts, event ticket sales, and promotional competitions. The website reflects a professional and modern digital presence built on WordPress, with a focus on user experience and content delivery. The technical infrastructure includes modern JavaScript libraries and performance optimizations, hosted likely by Active24, a reputable provider. Security posture is solid with HTTPS and no visible vulnerabilities, though improvements are needed in security headers and privacy compliance. Contact information is clearly presented, and social media integration is active. Overall, the site is trustworthy and professionally managed, but lacks explicit privacy and cookie policies, which are important for GDPR compliance.

Pražský Patriot s.r.o. operates an established Czech-language online news portal focused on Prague's local news, politics, culture, transport, and community events. The website serves residents and interested parties in Prague, providing timely news articles, event calendars, and newsletters. It maintains a consistent brand presence and leverages official news agency content, enhancing its credibility in the local media market. Technically, the site employs modern web technologies including JavaScript, Google Analytics, Google Adsense, and Gemius tracking, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, though it lacks some advanced security headers and explicit incident response information. Privacy and cookie policies are present and indicate GDPR compliance. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear professional and legitimate. Overall, the site is a reliable local media source with moderate technical and security maturity.

The website casopiskvalitnizivot.cz is currently a parked domain with minimal content, primarily displaying a message that the domain is for sale. There is no active business presence, no contact information, and no privacy or cookie policies. The technical infrastructure is basic, relying on standard JavaScript and XMLHttpRequest calls to third-party ad and tracking domains. No CMS or advanced frameworks are detected. Security posture is weak due to lack of HTTPS information and absence of security headers or policies. Overall, the site lacks professionalism and trust indicators, making it unsuitable for business or user engagement in its current state.

The website suenee.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, which prevents access to any substantive content. The domain is registered since 2009 and uses Cloudflare for DNS and security services. Due to the block, no business information, contact details, or policies are available for analysis. The technical infrastructure relies on Cloudflare's security and CDN services, but no CMS or other technologies are detectable from the blocked page. The security posture cannot be fully assessed, but the presence of a WAF indicates some level of protection. However, the lack of accessible content and policies results in a low overall trust and compliance score. Strategic recommendations include resolving the WAF block to allow content access, publishing privacy and cookie policies, and providing clear contact and security information.

A

Arammagnus s.r.o.

arammagnus.cz

59

Arammagnus s.r.o. operates an e-commerce website specializing in magical gifts, spiritual, and esoteric products such as oils, candles, incense, herbs, powders, runes, and ritual statues. The company targets customers interested in spiritual and magical goods primarily in the Czech Republic. The website is well-structured with clear navigation and product categorization, offering a good user experience and professional design. Technically, the site uses a custom e-commerce platform likely provided by ByznysWeb.cz, with modern web technologies including lazy loading and responsive design. Security posture is adequate with HTTPS and some security headers, but lacks advanced protections and published security policies. Privacy compliance is basic with a cookie consent mechanism but no dedicated privacy or terms pages. WHOIS data is missing, which raises concerns about domain registration transparency but does not directly impact the current operational status. Overall, the site is functional, safe, and serves a niche market effectively.

G

GORILLA CAFÉ

gorilla-cafe.cz

56

Gorilla Café is a small hospitality business based in the Czech Republic, specializing in serving high-quality specialty coffee and tea with an emphasis on exotic blends sourced from Uganda and sustainable fair trade practices. The café positions itself as a calm oasis for customers seeking a relaxing environment and cultural experiences such as travel talks. The business model focuses on onsite café services, event hosting, and promoting sustainability through donations to conservation efforts. Technically, the website is built on the Webnode platform and utilizes AWS Cloudfront CDN for content delivery. The site is moderately optimized for performance and mobile devices, with a clean design and clear navigation. However, it lacks advanced security headers and comprehensive privacy documentation, which are areas for improvement. Google Tag Manager is used for analytics, indicating moderate user tracking. From a security perspective, the site enforces HTTPS and implements a cookie consent banner, but it lacks visible security headers and a privacy policy, which impacts its compliance posture. The absence of WHOIS data reduces trust in domain legitimacy, although the website content and business information appear professional and trustworthy. Overall, the website scores moderately well in content quality and business credibility but should address privacy and security gaps to enhance trust and compliance. Verifying domain registration details and adding comprehensive privacy and security policies are recommended to improve the site's security posture and user confidence.

P

Padlet

padlet.com

70

Padlet is a well-established SaaS company founded in 2004, specializing in visual collaboration tools for creative work and education. The platform serves a large global user base of 40 million, targeting educators, students, and creative professionals. Their business model is freemium with tiered subscription plans for individuals, teams, classrooms, and schools. The website reflects a mature market position with strong branding and user engagement through social media and positive reviews on multiple platforms. Technically, Padlet employs modern web technologies including Vue.js and Cloudflare services for DNS and CDN. The site is well optimized for performance, mobile responsiveness, and accessibility. Analytics are implemented via RudderStack, indicating a moderate level of user tracking. The website is professionally designed with clear navigation and comprehensive content. From a security perspective, Padlet enforces HTTPS, uses security headers, and maintains a clientTransferProhibited domain status, indicating good domain security practices. However, DNSSEC is not enabled, and there is no visible vulnerability disclosure or security.txt file. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks an explicit cookie consent mechanism. Contact information for security incidents or data protection officers is not publicly available. Overall, Padlet presents a high level of business credibility and technical maturity with minor gaps in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, implementing cookie consent, publishing vulnerability disclosure information, and providing clearer contact channels for security and privacy matters.

B

Bioracer Official Store

bioracer.com

60

Bioracer is a premium sportswear company specializing in custom bike clothing and accessories, targeting cyclists, triathletes, and athletes across multiple sports disciplines including skating and skiing. The company emphasizes performance, aerodynamics, and comfort, leveraging real-world racing data and wind tunnel testing. Their market position is strong within the niche of high-performance sports apparel, supported by endorsements and medals from professional athletes. The website is multilingual, professionally designed, and integrates e-commerce capabilities with a dedicated webshop and design-your-own apparel service. Technically, the website is built on WordPress using modern themes and plugins, with integrations for marketing and analytics tools such as HubSpot, Mailchimp, Google Tag Manager, and Facebook Pixel. The site demonstrates good performance, mobile optimization, and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and policies could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional digital presence with comprehensive content and strong branding. The lack of WHOIS data for the subdomain is expected and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.

V

Vendée U Pays de la Loire

vendee-u.com

55

Vendée U Pays de la Loire is a regional French cycling team competing in Division Nationale 1, focusing on sports promotion and fan engagement. The website is professionally designed using the Wix platform, featuring modern JavaScript technologies and polyfills to ensure compatibility across browsers. The site provides relevant content about the team, news, and programs, targeting cycling enthusiasts and regional supporters. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the site itself appears legitimate and consistent with the business identity. Security posture is moderate with HTTPS implied and use of Sentry for error monitoring, but lacks explicit security headers and privacy policies. Overall, the site is functional and professional but would benefit from enhanced transparency and security practices.

R

Region-Tour.cz, s.r.o.

region-adrspach.cz

54

The website www.region-adrspach.cz serves as a regional tourism portal focused on the Adršpach and Broumovsko areas in the Czech Republic. It provides comprehensive tourist information, accommodation booking options, and recommendations for trips and activities. The business operates under Region-Tour.cz, s.r.o., a small hospitality sector entity targeting tourists interested in this region. The site is built on the Webnode CMS platform and leverages modern marketing and analytics tools such as Google Analytics, Google Tag Manager, Mailchimp, and Sumo. The technical infrastructure includes CDN usage for performance optimization. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but lacks important security headers and visible privacy policies, which are compliance gaps. The absence of WHOIS data reduces transparency and trustworthiness, though the website content and structure appear professional and relevant. Overall, the site is functional and serves its business purpose but requires improvements in privacy compliance and security best practices.

K

Koloběh Říčany, příspěvková organizace

kolobeh-ricany.cz

48

Koloběh Říčany is a small, local non-profit organization affiliated with the city of Říčany, Czech Republic. It operates a charitable shop, intergenerational meeting center, and organizes cultural and volunteer activities primarily targeting seniors and the local community. The website reflects a community-focused mission with clear contact information and social media presence. Technically, the site uses a proprietary CMS (vismo), integrates Google Analytics and reCAPTCHA, and implements cookie consent mechanisms, indicating a moderate level of digital maturity. Security posture is good with HTTPS and form protections, though additional security headers and explicit security policies could enhance it. Overall, the site is trustworthy, well-structured, and compliant with GDPR requirements.

M

Musicus agency s.r.o.

botoxmusic.cz

43

Botoxmusic.cz represents a Czech multi-genre music band named Botox, active since 2018. The website serves as a digital hub for the band’s activities including concert announcements, music streaming links, and merchandise sales via an e-shop. The band targets a general audience interested in music and live performances, maintaining a consistent brand presence across social media platforms and partner collaborations. The business model revolves around live events, digital music distribution, and merchandise sales, positioning the band as a small but active player in the Czech music scene. Technically, the website is built using HTML5, CSS3, JavaScript, and AngularJS framework, with multimedia integration such as YouTube video embeds and a swiper slider for featured content. The site is mobile optimized with good navigation and content relevance, though some modern accessibility features could be improved. No CMS or hosting provider details were detected. Performance is moderate with no critical technical issues observed. From a security perspective, the site uses HTTPS but lacks visible security headers and privacy/cookie policies, indicating room for compliance and security posture enhancement. No WHOIS data was found, which reduces domain trustworthiness, but the website content and contact information appear legitimate and professional. No tracking or analytics scripts were detected, suggesting minimal user tracking. Overall, the website is functional and professional for its purpose but would benefit from improved privacy compliance, security headers, and domain registration transparency to enhance trust and security posture.

H

Houba - punkrock since 1995.

houba.info

58

Houba.info is the official website of the Czech punk rock band Houba, active since 1995. The site provides comprehensive information about the band including news updates, concert schedules, discography, media galleries, and contact details. The website targets punk rock fans primarily in the Czech Republic and serves as a hub for band promotion and fan engagement. The business model revolves around music promotion, event announcements, and merchandise sales through a linked eshop. Technically, the site runs on a custom PHP5 CMS (Tapointa PHP5 MUSIC CMS) with JavaScript libraries such as jQuery and SoundManager2 for media playback. It integrates external APIs like Google Maps and SoundCloud SDK for enhanced user experience. The site is mobile optimized and has good SEO practices but lacks some accessibility features.

C

Conséquences

consequences-france.org

36

Conséquences is a French non-profit organization established in 2022, dedicated to raising awareness about the cascading effects of climate change on local communities and daily life in France. The organization collaborates with experts, media, and field actors to document and communicate these impacts. The website is built on WordPress using the Avada theme and includes modern plugins such as Smart Slider 3 and a cookie consent mechanism, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and incident response disclosures. Overall, the website is professional and trustworthy, though it would benefit from publishing privacy and terms of service policies and enhancing security configurations.

C

Cirad

cirad.fr

62

Cirad is a prominent French public research organization specializing in agronomic research and international cooperation for sustainable development in tropical and Mediterranean regions. The website reflects a well-established institution with a clear mission, extensive research themes, and active engagement in global projects and partnerships. The digital infrastructure is modern, leveraging eZ Platform CMS, and integrates analytics tools such as Matomo and Google Analytics with privacy-conscious configurations. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is noted but does not detract significantly from the site's legitimacy given its government affiliation and professional presentation. Overall, the site is trustworthy, informative, and well-structured, serving a diverse audience including researchers, students, and institutional partners.

Parkovacilistek.cz is a Czech Republic based website operated by Erika, a.s. and parent company GLOBDATA a.s., providing mobile parking payment solutions across numerous Czech cities. The platform offers services including SMS parking payments, mobile applications ParkSimply and SEJF, and virtual parking tickets, targeting motorists seeking convenient parking payment methods. The website demonstrates a moderate level of digital maturity with ASP.NET backend, jQuery frontend, and basic SEO and accessibility features. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is legitimate, well-established, and trusted within its niche but would benefit from enhanced privacy and security measures.

U

Univerza Alma Mater Europaea

almamater.si

44

Univerza Alma Mater Europaea is a Slovenian international university established in 2012, offering a wide range of academic programs including undergraduate, graduate, doctoral, specialist, and lifelong learning courses. The institution targets students and academic professionals seeking career-oriented education aligned with future job market demands. The website reflects a mature digital presence with multilingual support and comprehensive academic and institutional information. Technically, the site employs modern web technologies such as Google Tag Manager, Hotjar, Facebook Pixel, and Swiper.js, ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS enforced and privacy-conscious analytics configurations, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website is professional, trustworthy, and well-aligned with the university's mission and audience.

D

Dominik Martini

dmartini.cz

58

Dominik Martini operates a specialized e-commerce service business focused on the Shoptet platform, offering custom e-shop modifications, add-ons, and performance improvements. The company holds a certified partnership with Shoptet and maintains a strong reputation supported by over 346 verified customer reviews with perfect ratings. The website is professionally designed, mobile-optimized, and provides clear contact information, reinforcing its credibility in the Czech e-commerce market. Technically, the site employs modern web technologies including jQuery, Slick Carousel, AOS animations, and integrates analytics tools such as Microsoft Clarity and Google Analytics. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and privacy policies are absent, representing areas for improvement. Overall, the business demonstrates a mature digital presence with a focus on customer satisfaction and technical excellence.

L

Lidová konzervatoř a Múzická škola, p. o.

lkms.cz

58

Lidová konzervatoř a Múzická škola Ostrava is a public educational institution offering serious artistic education in music, visual arts, drama, dance, and artistic therapies. It serves both professional aspirants and hobbyists, operating under the auspices of the Statutární město Ostrava. The website reflects a well-structured, content-rich platform targeting students and the general public interested in cultural education. Technically, the site uses modern web technologies including JavaScript, SVG, and Google Tag Manager, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are absent. The lack of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given its public affiliation. Overall, the site is professional, trustworthy, and serves its educational mission effectively.

N

Nákupní centrum Géčko

geckoostrava.cz

46

Nákupní centrum Géčko is a regional shopping center located in Ostrava, Czech Republic, established in 2017. It offers a variety of retail shops, services, family-friendly activities, and hosts events to engage the local community. The website reflects a well-maintained digital presence with clear branding and consistent messaging. The business partners with notable entities such as Hypermarket Globus and Retail Park Poruba, enhancing its market position. Technically, the website uses modern JavaScript libraries, CDN hosting, and integrates social media and marketing tools effectively. Privacy and cookie compliance are well implemented with granular user consent mechanisms. Security posture is good with HTTPS and CSRF protections, though some security headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration is consistent with the business history and location. Overall, the website demonstrates a mature digital infrastructure supporting a medium-sized retail business with a strong community focus.

S

Storck

werthers-original.fr

58

Werther’s Original France is a regional website representing the well-known confectionery brand Werther’s Original, owned by Storck. The site offers product information and brand storytelling focused on caramel candies, targeting French-speaking consumers. The website is professionally designed with consistent branding and good content quality, reflecting a mature and established business in the retail confectionery sector. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and uses Piwik PRO for analytics, implementing GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers could be improved. Overall, the site demonstrates a good balance of business credibility, privacy compliance, and user experience.

S

Storck

werthers-original.es

62

Werther’s Original España is a regional brand website operated under the parent company Storck, focusing on marketing and presenting their caramel confectionery products to the Spanish market. The site offers product information, brand history, and recipe ideas, targeting general consumers interested in quality caramel sweets. The website is built on TYPO3 CMS with modern JavaScript libraries and includes internationalization support via hreflang tags for multiple countries. Privacy compliance is well addressed with a cookie consent banner and a comprehensive privacy policy. However, direct contact information and explicit security policies are not published, which could be improved. The WHOIS data is unavailable due to query restrictions, but the domain and website content align with the brand's legitimacy. Overall, the site demonstrates good technical maturity and business credibility with moderate security posture.

S

Storck

werthers-original.co.uk

65

Werther’s Original is a well-established confectionery brand owned by Storck, specializing in caramel and toffee products. The website serves as a brand and product showcase with rich multimedia content, product catalogs, recipes, and brand storytelling aimed at a general consumer audience in the UK. The business model focuses on retail and brand marketing within the confectionery sector, supported by a large parent company with multiple related brands. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes Piwik PRO analytics with GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Security posture is moderate; while HTTPS is implied, explicit security headers are not detected, and no dedicated security or incident response policies are published. WHOIS data is unavailable due to domain registration errors, which slightly reduces trust but does not undermine the legitimacy of the brand given the strong corporate backing. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though improvements in security transparency and WHOIS clarity are recommended.

W

Werther's Original

werthers-original.ca

62

Werther's Original is a well-established confectionery brand specializing in classic caramel treats, operating under the parent company Storck. The website targets a general audience in Canada, offering a variety of caramel products and related content such as recipes and commercials. The brand maintains consistent and professional digital branding with a focus on retail confectionery. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and integrates analytics and advertising tools like Piwik PRO and StackAdapt. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are absent. The lack of WHOIS data for the domain is a notable anomaly that slightly reduces trust but does not outweigh the overall legitimacy indicated by the brand association and website content. Strategic recommendations include improving security headers, publishing incident response information, and monitoring domain registration details to enhance trust and compliance.

L

Limagrain

limagrain.com

70

Limagrain is a large French cooperative agricultural and agro-food group headquartered in Auvergne, France, with operations in 53 countries. The group specializes in the selection, production, and commercialization of high-value seeds for large-scale and vegetable crops, alongside unique agro-food supply chains that valorize the production of its 1,300 cooperative farmers. The website reflects a mature and professional business with a strong cooperative identity and a focus on sustainability and innovation. Technically, the website uses modern JavaScript frameworks, Google Tag Manager for analytics, and accessibility tools to ensure compliance and user experience. Security posture is good with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies and incident response contacts. The absence of WHOIS registration data reduces trust slightly but is offset by the professional presentation and social media presence. Overall, the site is well-designed, accessible, and informative, serving a broad audience including agricultural professionals and job seekers.

I

InVivo

invivo-group.com

66

InVivo is a major French agricultural cooperative group with a strong European presence, focused on driving the agricultural and food transition towards sustainability and resilience. The company operates across multiple sectors including agriculture, international commodity trading, agro-food production, and retail, serving farmers, cooperatives, and consumers. The website reflects a mature digital presence built on Drupal CMS, with good mobile optimization and SEO practices. Social media integration is robust, supporting brand engagement. Security posture is generally good with HTTPS and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, though the professional website content and branding mitigate some risk. Overall, the site is trustworthy and professional but would benefit from enhanced transparency on privacy and security policies.

E

Eric A. and Kathryn S. Meyer

meyerweb.com

45

meyerweb.com is a well-established personal and professional website belonging to Eric A. Meyer, a recognized expert in CSS and web development, and his wife Kathryn, a doctor of nursing. The site primarily serves as a blog and resource hub for web developers and CSS enthusiasts, featuring detailed technical articles, tools, and personal writings. The business model is centered on content sharing and community engagement, targeting a niche audience of web professionals and learners. The site has a consistent brand identity and a strong reputation within its niche, supported by a domain age of over two decades. Technically, the site uses a combination of hand-authored HTML and WordPress for the blog section, with some static site generation for book content. The technology stack is modern and standards-compliant, with good mobile optimization and accessibility features. However, performance is moderate and could benefit from further optimization. SEO practices are good, with proper meta tags and structured navigation. From a security perspective, the site benefits from a long-standing domain with clientTransferProhibited status, indicating protection against unauthorized transfers. However, there is no evidence of DNSSEC, security headers, or explicit SSL configuration details, which suggests room for improvement. The absence of privacy and cookie policies is a compliance gap, especially for GDPR. No contact or incident response information is provided, limiting transparency in security matters. Overall, meyerweb.com is a trustworthy and authoritative site with excellent content quality and business credibility. The main risks relate to privacy compliance and security best practices, which if addressed, would enhance the site's security posture and user trust. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and providing clear contact and vulnerability disclosure information.

P

Pinterest

pinterest.com.mx

74

Pinterest is a globally recognized technology company specializing in visual discovery and social media services. The platform enables users to find and share ideas related to recipes, home decor, fashion, and more, targeting a broad general audience. The Mexican localized site (mx.pinterest.com) reflects the company's commitment to regional markets with tailored content and language support. Pinterest operates primarily on an advertising and e-commerce integrated business model, leveraging its large user base and visual content to connect users with products and services. Technically, the website employs a modern tech stack including React, JavaScript, and WebAssembly, hosted on Amazon AWS infrastructure. It integrates multiple third-party services for fonts, analytics, advertising, and security, such as Google Fonts, Amazon Advertising, Facebook Pixel, and Arkose Labs for bot mitigation. The site demonstrates excellent performance, mobile optimization, and accessibility standards, ensuring a smooth user experience. From a security perspective, Pinterest enforces HTTPS with strong SSL configurations and implements comprehensive security headers including a strict Content Security Policy. The use of reCAPTCHA and Arkose Labs indicates proactive measures against automated abuse. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature privacy posture. No critical vulnerabilities or suspicious indicators were detected in the analyzed content. Overall, Pinterest's Mexican site exhibits a high level of professionalism, security, and compliance, supporting its position as a trusted and established platform. The absence of WHOIS data for the subdomain is typical and does not detract from legitimacy, as it is managed under the main pinterest.com domain. Strategic recommendations include maintaining regular security audits, enhancing transparency around vulnerability disclosures, and continuing to optimize privacy compliance.

V

Vorwerk & Co. KG

cookidoo.mx

65

Cookidoo® is the official recipe platform for Thermomix® users in Mexico, operated by Vorwerk & Co. KG. It offers a comprehensive digital recipe library, personalized cooking suggestions, and meal planning tools, positioning itself as a leader in culinary content for Thermomix® appliances. The platform is well-branded, professionally designed, and optimized for mobile and accessibility, providing an excellent user experience. Technically, the site employs modern web technologies including Algolia for search, Snowplow for analytics, and OneTrust for consent management, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced, consent-based tracking, and no visible vulnerabilities, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is trustworthy, compliant with privacy regulations, and serves its target audience effectively.