Security Directory

K

KPMG Česká republika, s.r.o.

danovky.cz

65

The website danovky.cz serves as a professional information portal providing tax, legal, and accounting updates primarily for Czech Republic businesses and professionals. It is operated by KPMG Česká republika, a subsidiary of the global KPMG network, reflecting a strong market position in the finance and consulting sector. The site offers regularly updated articles, podcasts, newsletters, and event invitations, supporting KPMG's advisory services and thought leadership. Technically, the website employs modern JavaScript frameworks, consent management tools, and analytics services such as Google Analytics and Google Tag Manager. It is hosted by REG-ZONER, with a custom or proprietary CMS. The site is mobile-optimized with good SEO and basic accessibility features, delivering moderate performance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with comprehensive policies and GDPR-aligned consent management. Overall, the website presents a low-risk profile with professional content and infrastructure. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to further strengthen trust and resilience.

E

Enel Cuore Onlus

enelcuore.it

74

Enel Cuore Onlus is a non-profit organization affiliated with the Enel Group, dedicated to supporting social welfare initiatives across Italy. The website clearly communicates its mission to promote social well-being through funding and supporting non-profit projects focused on education, social inclusion, health, and autonomy. The organization leverages its strong brand association with Enel, enhancing its credibility and market position within the energy and non-profit sectors. Technically, the website is built on Adobe Experience Manager, utilizing modern web technologies including Adobe DTM for tag management and AblePlayer for accessible media playback. The site demonstrates good performance, mobile optimization, and accessibility compliance, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs standard security best practices, although some HTTP security headers could be enhanced. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, the website presents a professional, trustworthy, and well-maintained digital presence that effectively supports the organization's mission. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and maintaining compliance documentation to further strengthen security and trust.

F

Fondazione Centro Studi Enel

enelfoundation.org

71

Enel Foundation is a non-profit organization dedicated to advancing knowledge and education in the clean energy sector. It operates as a knowledge platform focusing on capacity-building, research, and fostering partnerships to support the energy transition. The foundation is linked to the Enel Group, a major player in the energy industry, which strengthens its market position and credibility. The website presents a professional and well-structured digital presence, leveraging Adobe Experience Manager and Adobe marketing technologies to deliver content and manage user experience effectively. Privacy and cookie policies are clearly implemented, reflecting compliance with GDPR standards. Security posture is solid with HTTPS enforced and consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. Overall, the foundation's website demonstrates a mature digital infrastructure and a trustworthy business profile suitable for its sector and audience.

Agentura Bora operates the website pronajemchalup.net, a specialized online catalog offering rental listings for cottages, chalets, and pensions primarily in the Czech Republic, with a focus on southern Bohemia and mountain regions such as Šumava and Krkonoše. The business targets families and tourists seeking vacation accommodations, providing a searchable database with photos, pricing, and booking forms. The company has a long-standing presence since 2004, reinforcing its market credibility in the regional hospitality sector. Technically, the website is built on a custom stack using basic HTML, CSS, and JavaScript, with integration of third-party analytics and retargeting scripts. However, it lacks modern security features such as HTTPS, DNSSEC, and security headers, which exposes it to potential risks. The site is not mobile optimized and has limited accessibility features, indicating room for technical modernization. From a security and compliance perspective, the site does not provide privacy or cookie policies, nor GDPR compliance statements or a data protection officer contact. The absence of HTTPS and security headers further weakens its security posture. Contact information is available via phone and a contact form, but no company email addresses are published. The site does maintain a terms of service page. Overall, while the business model and content quality are solid for its niche, the website requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user safety.

E

e Penziony CZ

e-penziony.cz

53

e-penziony.cz is a Czech hospitality platform offering a comprehensive database of over 4,000 pensions and private apartments primarily in the Czech Republic. The site targets travelers seeking affordable, commission-free accommodation directly from owners, as well as property owners wishing to register their listings. Technically, the website uses a custom-built infrastructure with standard web technologies including jQuery, Google Analytics, and MapLibre for mapping. It is hosted behind Cloudflare DNS, ensuring reliable performance and security. However, the use of an outdated jQuery version and absence of privacy and cookie policies indicate areas for improvement in security and compliance. The site is accessible without WAF blocking and shows consistent WHOIS data supporting its legitimacy. Overall, the platform is a well-established niche player in Czech hospitality with moderate digital maturity and some compliance gaps.

P

Paris Wine Company

pariswinecompany.com

65

Paris Wine Company is a specialized wine exporter based in Paris, founded in 2012. The company focuses on curating a network of environmentally conscious French wine producers and connecting them with distributors worldwide. Their market position is niche, targeting professional distributors and wine enthusiasts interested in traditional and biodynamic wines. The website is built on WordPress with modern performance optimizations and complies with GDPR through a comprehensive cookie consent mechanism. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and policies could be improved. Overall, the site is professional, trustworthy, and well-maintained, supporting the company's business goals effectively.

A

Anaïs Guégan

spectre-visible.com

55

Spectre visible is a personal portfolio website for the artist Anaïs Guégan, showcasing photographic or artistic works themed around visible spectrums and colors. The site targets a general audience interested in art and photography, operating as a small-scale personal branding platform. The website is built on WordPress, hosted by OVH sas, and uses modern web technologies including jQuery and FontAwesome. It features a clean design with good navigation and mobile optimization, although accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protections in place, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is legitimate and professionally presented but would benefit from enhanced privacy compliance and security hardening.

The website territoires-emplois.org represents a collaborative initiative by ADEME and Réseau Action Climat France to provide a specialized tool (TETE) for estimating job creation through ecological transition policies at various territorial levels in France. The site offers the tool as a downloadable Excel file accompanied by guides and training resources, targeting local authorities, associations, and other stakeholders involved in climate-energy planning. The business model is primarily non-commercial, focusing on free tool distribution with optional paid training. Technically, the site is built on WordPress, using standard web technologies and hosted by OVH. While the site is accessible and professionally designed with good content relevance and navigation, it lacks explicit privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Tracking is implemented via Google Analytics and Tag Manager with moderate user tracking. Overall, the domain registration is consistent and legitimate, supporting the site's credibility.

C

Collectif pour une Transition Citoyenne

fete-des-possibles.org

50

The website fete-des-possibles.org represents a French non-profit initiative called 'La Fête des Possibles' organized by the Collectif pour une Transition Citoyenne. It serves as a platform to promote and coordinate hundreds of civic events focused on sustainability, social solidarity, and citizen engagement across France and Belgium. The site offers event listings, resources for organizers, and a newsletter subscription, supported by a network of partners including European institutions and foundations. Technically, the site is built on WordPress, hosted by OVH, and employs modern tools such as Matomo for privacy-conscious analytics and Complianz for GDPR-compliant cookie consent management. The website demonstrates good design quality, clear navigation, and mobile optimization, though accessibility could be further enhanced. Security posture is solid with HTTPS enforced and no visible vulnerabilities, but lacks explicit security policies or incident response information. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations, making it a reliable resource for its target audience.

R

Réseau TEPOS (animated by réseau Cler)

tepos.fr

54

The website tepos.fr represents the TEPOS network, a French energy transition network animated by the larger association réseau Cler. It serves over 150 local actors including municipalities and project leaders engaged in positive energy transition initiatives. The site provides news, events, resources, and a newsletter subscription to support and coordinate these actors. The business model focuses on network facilitation and knowledge sharing within the energy sector in France. Technically, the site is built on WordPress, uses modern JavaScript libraries like Vue.js and Axios, and is hosted by OVH, a reputable provider. The site is well-structured, mobile-optimized, and includes SEO best practices. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though it lacks explicit security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, making it a reliable resource for its target audience.

E

Eolise

eolise.fr

52

Eolise is a French independent company specializing in the development of local wind and photovoltaic energy projects primarily in the Poitou region. Founded in 2016, it operates with a small team of 12 employees possessing complementary skills in energy, environment, agriculture, and communication. The company emphasizes local partnerships and sustainable development, positioning itself as a regional leader in renewable energy project development. The website reflects a professional and consistent brand image with clear information about projects, team, and local engagement. Technically, the website is built on WordPress and hosted by OVH, utilizing modern web technologies including HTML5, CSS3, JavaScript, and libraries such as Modernizr and Axios. It incorporates Google Analytics for visitor tracking with a GDPR-compliant cookie consent mechanism. The site is mobile-optimized and demonstrates good SEO and accessibility basics, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS with an excellent SSL configuration and includes cookie consent for privacy compliance. However, it lacks published formal security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the company's history and no privacy protection masking, indicating legitimacy. Overall, the website presents a trustworthy and professional digital presence with moderate to good technical and security posture. Strategic improvements could include publishing detailed security and incident response policies, enhancing accessibility, and adding terms of service to strengthen compliance and user trust.

C

Collectif Transition Citoyenne

suivi-pacte-transition.org

57

The website suivi-pacte-transition.org is a French non-profit project focused on monitoring and evaluating local government policies related to environmental and social transition based on the Pacte pour la Transition. It provides tools, reports, and interactive maps to engage citizens and collectives in assessing municipal progress. The project is supported by recognized partners such as Collectif Transition Citoyenne, Réseau Action Climat, and Alternatiba, positioning it as a niche but credible player in the environmental non-profit sector. Technically, the site is built on WordPress with modern front-end technologies including Vue.js, Axios, Leaflet for mapping, and Tailwind CSS for styling. It is hosted by OVH sas, a reputable provider, and uses HTTPS with a valid SSL certificate. Performance and mobile optimization are good, though accessibility is basic. SEO is well addressed with proper meta tags and Open Graph data. From a security perspective, the site uses HTTPS and domain protections like clientDeleteProhibited status but lacks DNSSEC and visible security headers, which are recommended for enhanced security. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Google Analytics is used for tracking without a visible consent mechanism, which may pose privacy concerns. Overall, the website is professional and trustworthy with good content quality and business credibility but would benefit from improved privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing vulnerability disclosure information.

Odoo S.A. operates a comprehensive open source business application platform that integrates ERP, CRM, eCommerce, accounting, inventory, and other business management tools. With a large global user base of 15 million, Odoo positions itself as a leading provider of flexible and customizable business software solutions. The company offers both a free Community edition and a paid Enterprise edition, catering to a wide range of business sizes and industries. Technically, the website is built on the Odoo framework, leveraging modern web technologies and providing excellent mobile optimization and accessibility. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit incident response contacts and vulnerability disclosure pages are not found. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. The absence of WHOIS data is unusual but does not detract significantly from the overall legitimacy given the strong brand presence and professional website. Strategic recommendations include publishing incident response details and vulnerability disclosure information to enhance trust and security transparency.

S

SEOPress

seopress.org

71

SEOPress is a well-established provider of WordPress SEO plugins and related SEO tools, targeting a broad audience including bloggers, small businesses, developers, agencies, and SEO experts. The company offers a freemium business model with free and premium versions of their SEO plugin, along with add-ons such as SEOPress Insights for off-site SEO tracking. Their market position is strong, supported by over 350,000 active installs and numerous positive reviews, and they maintain a professional online presence with comprehensive resources and integrations. Technically, the website is built on WordPress using modern technologies including Bootstrap 5, jQuery, and various plugins like Gravity Forms and Easy Digital Downloads. Hosting is provided by o2switch, a reputable French hosting provider. The site demonstrates excellent performance, mobile optimization, and SEO best practices, including rich metadata and structured data. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. While explicit security headers are not fully visible in the HTML, the site shows no signs of exposed sensitive data or vulnerabilities. However, the absence of a published security policy or incident response contact is noted as an area for improvement. Overall, the website presents a low risk profile with strong business credibility and technical maturity. The lack of WHOIS data due to privacy protection is common for commercial software vendors and does not detract from the site's legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and adding a vulnerability disclosure channel to further strengthen trust and compliance.

WP channel is a specialized business focused on providing expert services and content related to WordPress and WooCommerce platforms. Established in 2009 and based in France, it targets WordPress users, developers, and businesses seeking professional guidance and solutions. The website presents a professional design with good content relevance and user experience, catering well to its niche audience. Technically, the site is built on WordPress CMS, hosted by Scaleway SAS, and uses Cloudflare DNS services, indicating a modern and reliable infrastructure. Performance and mobile optimization are adequate, though there is room for improvement in accessibility and SEO features. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the site is legitimate and trustworthy but would benefit from improvements in privacy compliance and security best practices.

M

Media Experience

mediaexperience.com

54

Media Experience is a niche educational website focused on teaching technology enthusiasts how to build and automate smart homes and home media systems. The site offers comprehensive guides, tutorials, and free courses primarily targeting smart home builders and HTPC enthusiasts. The business operates as a content resource with a long-established domain since 2003, positioning itself as a trusted source in the smart home technology niche. Technically, the website is built on WordPress using the Genesis Framework, optimized with SEO plugins like Yoast, and hosted on WPEngine. It employs Google Analytics for user tracking and enforces HTTPS for secure connections. However, it lacks advanced security headers and cookie consent mechanisms, indicating room for improvement in privacy compliance and security posture. The absence of direct contact information and security policies suggests limited transparency in incident response and security governance. Overall, the website is professional, content-rich, and technically sound but could enhance its security and privacy compliance to strengthen trust and regulatory adherence.

T

The Pi Hut

thepihut.com

71

The Pi Hut is a well-established UK-based e-commerce retailer specializing in Raspberry Pi and maker products, operating since 2012. It serves a broad audience of technology enthusiasts, educators, and hobbyists with a comprehensive product range including official Raspberry Pi hardware, micro:bit, Arduino, and home automation accessories. The company positions itself as a leading Raspberry Pi superstore with strong market presence and customer trust, supported by extensive positive reviews and official reseller status. Technically, the website is built on the Shopify platform, leveraging modern JavaScript libraries, analytics, and marketing tools. It demonstrates excellent design quality, mobile optimization, and SEO practices. The infrastructure is robust with fast performance and good accessibility features. Security is well-managed with HTTPS, bot protection via hCaptcha, and no visible vulnerabilities, though DNSSEC is not enabled and explicit security policies are not published. The security posture is solid but could be enhanced by publishing privacy and cookie policies with consent mechanisms and adding explicit incident response contacts. The site uses extensive tracking and advertising pixels, indicating a moderate to extensive user tracking level, which may require improved transparency for privacy compliance. Overall, The Pi Hut presents a professional, trustworthy, and technically mature online presence with minor gaps in privacy compliance. Strategic improvements in privacy policy visibility and DNS security would further strengthen its security and compliance posture.

V

VIF Cycling Team

vifcyclingteam.cz

54

The website www.vifcyclingteam.cz appears to represent a cycling team or related sports entity, hosted on the Wix platform. The site content is minimal and primarily technical, with no visible business descriptions, contact information, or privacy and cookie policies. The technical infrastructure relies on Wix's standard scripts and polyfills, indicating a basic digital maturity level. Security posture is limited, with no detected security headers and no visible incident response or data protection information. The absence of WHOIS data suggests privacy protection or registry issues, which reduces trustworthiness. Overall, the site is accessible without WAF or blocking mechanisms but lacks comprehensive business and security information, resulting in a low risk assessment but with recommendations for improvement.

P

Provide Support, LLC

providesupport.com

52

Provide Support, LLC is a technology company specializing in live chat and customer support software solutions for websites. Established in 2004 and based in New York, USA, the company offers a SaaS model with a comprehensive live chat widget, cross-platform agent applications, and integrations with popular platforms such as WordPress, Shopify, and Joomla. Their market position is solid with over 10,000 sites using their service and a reputation for reliable, easy-to-integrate customer service tools. The website reflects a professional and consistent brand image with excellent content quality and user experience. Technically, the website employs modern web technologies including Bootstrap, Google Fonts, and Google Tag Manager, ensuring good performance and mobile optimization. The presence of multi-language support and detailed integration options indicates a mature digital infrastructure. Security-wise, the site enforces HTTPS, encrypts chat data, and implements cookie consent mechanisms, although it lacks a dedicated security policy or incident response page. No critical vulnerabilities or suspicious content were detected. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations such as GDPR. The business credibility is reinforced by clear contact information, customer testimonials, and a transparent pricing and refund policy. Strategic recommendations include publishing explicit security and incident response policies and enhancing security headers to further strengthen the security posture.

G

GRDF

grdf.fr

70

GRDF is the leading natural gas distribution company in France, operating as a public service entity under the ENGIE group. The website reflects a mature digital presence with comprehensive information targeting individuals, businesses, and public sector clients. The site uses modern web technologies including Liferay CMS, Bootstrap, and integrates Google services for analytics and maps. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy and cookie policies are present and GDPR compliant, with a named Data Protection Officer contact. WHOIS data is not publicly available due to AFNIC policies for .fr domains, but the domain and website content align with a legitimate and established business. Overall, the site is professional, trustworthy, and well-maintained.

C

COGITERRA

emploi-environnement.com

69

Emploi-Environnement is a specialized French job board and recruitment platform focusing on the environmental and sustainable development sectors. It offers job listings, candidate CV registration, recruitment services, and career resources tailored to professionals and organizations in this niche. The platform targets job seekers and recruiters primarily in France and francophone countries, positioning itself as a key player in environmental employment services since 2002 under the company COGITERRA. Technically, the website employs a traditional web stack with jQuery, JavaScript, CSS, and HTML5, complemented by modern analytics tools such as Google Analytics 4 and WebTag Echobox. The site is mobile responsive with good SEO practices and a moderate performance profile. However, no CMS or hosting provider details are explicitly detected. The site implements cookie consent mechanisms and privacy policies consistent with GDPR requirements. From a security perspective, the site enforces HTTPS and includes cookie consent banners but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or sensitive data exposures are evident in the HTML content. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and CNIL registration number suggest a legitimate business operation. Overall, Emploi-Environnement presents a professional and trustworthy platform for environmental job seekers and recruiters, with room for improvement in security transparency and domain registration verification. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain WHOIS information to strengthen trust and compliance.

The website webdomus.net currently presents a security challenge page that blocks direct access to its content, indicating the presence of a Web Application Firewall or similar security mechanism. The domain is long-established, registered since 1999 with Server Plan Srl, which also appears to be the hosting provider. The visible content is minimal and outdated, referencing Joomla 1.5 and WordPress 2.5 CMS versions, both of which are obsolete and pose significant security risks. No privacy, cookie, or terms of service policies are present, nor is there any contact information or business details available on the page. The site includes a security check powered by BitNinja, suggesting some level of security awareness but also indicating potential exposure to threats that require mitigation. Overall, the website's digital maturity is low, with poor content quality and minimal technical sophistication.

C

CyberGhost

cyberghostvpn.com

58

CyberGhost VPN is a well-established VPN service provider offering fast, secure, and private VPN solutions across multiple platforms including desktop, mobile, and smart TVs. The company targets consumers and businesses seeking enhanced online privacy and security. Their business model is subscription-based, with a strong market position supported by a comprehensive privacy policy and a 45-day money-back guarantee. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience. From a technical perspective, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and integrates third-party libraries like Font Awesome and Usercentrics for cookie consent management. The site is mobile-optimized, fast-loading, and SEO-friendly. Security headers and HTTPS enforcement indicate a strong security posture, although explicit security policies and incident response information are not publicly detailed. The security posture is robust with no detected vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data and direct company contact information slightly reduces trustworthiness. Privacy compliance is well addressed with a clear privacy policy and cookie consent mechanism, aligning with GDPR requirements. Overall, CyberGhost VPN presents a professional and trustworthy online presence with strong technical and security foundations. Strategic improvements include publishing detailed security policies, incident response contacts, and enhancing transparency around business registration and certifications.

R

renault

renew.auto

71

The website fr.renew.auto/dispatch.html serves as a dispatch landing page for Renault's Renew used car platform, facilitating redirection to country-specific subdomains. Renault, a well-established automotive manufacturer, leverages a modern React-based web infrastructure with integrations such as Google Tag Manager, Google Analytics, and OneTrust for cookie consent management. The site demonstrates good technical maturity with HTTPS enforcement, service worker usage for PWA capabilities, and structured data for SEO. Security posture is solid with secure cookies and reCAPTCHA integration, though improvements like CSP headers and explicit security policies could enhance defenses. Privacy compliance is evident through comprehensive legal and cookie policies, aligning with GDPR requirements. Overall, the site is professional, trustworthy, and well-branded, targeting general consumers interested in used Renault vehicles across multiple European countries.

M

mobilize

mobilize.es

66

Mobilize is a brand focused on providing electric mobility services in Spain, including 100% electric vehicles, charging solutions, and flexible mobility options such as rentals and subscriptions. The website is professionally designed, mobile-optimized, and leverages modern web technologies including React and CDN hosting by Renault Group. Privacy compliance is strong with integrated cookie consent mechanisms and clear privacy policies. Security posture is good with HTTPS, security headers, and no visible vulnerabilities, though explicit security and incident response policies are not published. WHOIS data for the domain is unavailable due to .es domain query restrictions, limiting full domain trust assessment. Overall, Mobilize presents a credible and professional digital presence aligned with Renault Group's branding.

R

Renault Group

renault.com

75

Renault Group is a major multinational automobile manufacturer headquartered in France, offering a wide range of automotive products and services. The website serves as the official corporate portal, providing information on the group's activities, brands, sustainability efforts, investor relations, and career opportunities. The site targets a broad audience including consumers, investors, job seekers, and industry stakeholders. Technically, the website is built using modern web technologies such as React and Next.js, with integrations for analytics and cookie consent management, ensuring a fast, mobile-optimized, and accessible user experience. Security-wise, the site employs HTTPS and standard security headers, with a cookie consent mechanism indicating compliance with privacy regulations. However, the absence of WHOIS data and explicit security or incident response policies represents a gap in transparency. Overall, the website is professional, trustworthy, and well-maintained, but could improve by publishing detailed security policies and clarifying domain registration details.

Y

Yann Rolland

yannrolland.com

45

Yann Rolland operates as a freelance consultant specializing in digital advice, design, and development, primarily serving clients in the energy transition, environmental, and social sectors. The website presents a professional portfolio showcasing a wide range of projects for reputable organizations, indicating a strong niche market position in France. The business model is focused on freelance digital services with a clear emphasis on sustainable and socially impactful projects. Technically, the website is built with standard web technologies including HTML5, CSS, JavaScript, and jQuery, hosted on o2switch.net. The site is mobile-optimized with moderate performance and basic accessibility features. SEO is basic but sufficient for the site's purpose. Analytics are implemented via Google Analytics, but no cookie consent mechanism or privacy policies are present, indicating room for compliance improvement. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, DNSSEC is not enabled and no security headers are detected, which are recommended enhancements. No forms or sensitive data collection points are present, reducing attack surface. The absence of privacy and cookie policies and vulnerability disclosure mechanisms are notable compliance gaps. Overall, the website is professional and trustworthy with a solid business credibility score. The main risks relate to privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and establishing a vulnerability disclosure process to enhance security posture and regulatory compliance.

Thibaut Caroli is a freelance digital designer and front-end developer specializing in website conception, design, and development, primarily serving environmental protection and climate change awareness associations. The website serves as a professional portfolio showcasing projects and providing contact information. The business model is focused on freelance services with a niche market position in non-profit environmental sectors. The technical infrastructure is based on WordPress CMS with custom themes, leveraging standard web technologies such as HTML5, CSS3, JavaScript, jQuery, and FontAwesome. Hosting is provided by IONOS SE, a reputable registrar and hosting provider. The website demonstrates good design quality, mobile optimization, and user experience, though accessibility and SEO optimizations are basic. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced security and privacy measures.

P

Profesionalni.info

profesionalni.info

60

Profesionalni.info is a Czech Republic based small business specializing in custom web development, digital marketing, and graphic design services. Led by Radek Ahne with over 25 years of experience, the company offers a broad portfolio including website creation, SEO optimization, AI technology integration, and e-commerce solutions. The website demonstrates a mature digital presence with a professional design, clear navigation, and comprehensive service descriptions. Technically, the site uses modern web technologies such as Bootstrap, PHP, JavaScript libraries, Google reCAPTCHA, and Google Tag Manager, ensuring a secure and user-friendly experience. Security posture is solid with HTTPS and anti-bot measures, though improvements could be made by adding security headers and explicit privacy policies. Overall, the business shows strong credibility with detailed contact information, client references, and social media presence. The WHOIS data is unavailable, likely due to privacy protection, but the website content and structure support legitimacy. Strategic recommendations include enhancing privacy compliance and security headers to further strengthen trust and compliance.

Č

České modelky s.r.o.

feetmodels.eu

57

České modelky s.r.o. operates a specialized website feetmodels.eu offering professional advertising and product photography services focused on feet modeling for e-commerce clients, primarily in the footwear and foot care product sectors. Established since 2006, the company targets e-shops and businesses requiring high-quality visual content to enhance product presentation. The website also supports a community of feet models and offers opportunities for paid modeling work, including remote selfie photography. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google Analytics, hosted by a reputable Czech provider, ensuring a responsive and user-friendly experience. Security measures include HTTPS, Google reCAPTCHA, and a comprehensive cookie consent mechanism, although advanced security headers and incident response policies are not explicitly published. Overall, the site demonstrates a solid security posture with room for improvement in transparency and security best practices. The domain registration aligns with the business claims, enhancing trustworthiness. The website content is safe for general audiences, with no adult or explicit material detected.

E

Enel Group

enel.com

72

Enel Group is a large multinational energy company operating in over 30 countries, focusing on sustainable and innovative energy solutions. The company offers a broad range of services including energy production, distribution, and renewable energy technologies. Their market position is strong, supported by a consistent brand and a comprehensive digital presence. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies and Adobe Analytics for data insights. The site is well-optimized for SEO, accessibility, and mobile devices, providing a professional user experience. Security posture is good with HTTPS and secure form mechanisms, though some security headers are not explicitly detected and could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the website reflects a mature digital infrastructure aligned with the company's business goals and market stature.

D

Danubius Expert Zrt.

booked4.us

64

booked4.us is a Hungarian-developed online appointment booking system operated by Danubius Expert Zrt., established in 2013. The platform offers a customizable, automated booking solution tailored for various industries including fitness, healthcare, coaching, beauty, massage, education, and veterinary services. It supports features such as 24/7 booking management, personalized notifications, online payments, and calendar synchronization. The website demonstrates a mature digital presence with modern technologies, mobile optimization, and comprehensive content including FAQs, customer testimonials, and demo calendars. Security posture is strong with HTTPS, GDPR compliance, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The domain registration data aligns well with the business identity, enhancing trustworthiness.

H

Historic Hotels of Europe

historichotelsofeurope.com

60

Historic Hotels of Europe operates a niche hospitality website focused on promoting and facilitating bookings for historic hotels across Europe. The business targets culturally interested travelers seeking unique accommodations in historic houses. The website is built on WordPress using the Elementor page builder, hosted by a reputable Irish hosting provider, and has been operational since 2003, indicating a mature digital presence. Technically, the site employs modern web technologies and includes cookie consent mechanisms via Cookiebot, reflecting basic privacy compliance. However, the absence of visible privacy policies, terms of service, and contact information limits full compliance and user trust. Security posture is moderate with HTTPS enabled but lacks advanced security headers and incident response details. Overall, the site is professionally designed with good SEO and mobile optimization but would benefit from enhanced transparency and security practices.

S

Storck

toffifee.cz

61

The website www.toffifee.cz represents the Toffifee confectionery brand, a product line under the larger Storck company. It targets a general audience with family-friendly content promoting its unique chocolate and caramel treats. The site is built on TYPO3 CMS and uses modern JavaScript libraries to deliver a responsive and visually appealing user experience. Privacy compliance is addressed with a cookie consent banner and a linked privacy policy in Czech. However, the absence of WHOIS data limits transparency and trust assessment. Security posture is moderate with no detected security headers and unknown SSL configuration. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is professional and trustworthy but could improve transparency and security practices.

S

Storck

merci-cokolada.cz

63

The website www.merci-cokolada.cz represents the official Czech Republic presence of the merci chocolate brand, owned by Storck. It provides detailed product information, brand promotion, and downloadable content for consumers. The site targets a general audience interested in confectionery products and offers a user-friendly experience with clear navigation and mobile optimization. The technical infrastructure is based on TYPO3 CMS with modern JavaScript frameworks and includes Piwik PRO for analytics, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and published security policies are absent. The lack of WHOIS data limits domain trust assessment but the branding and content strongly suggest legitimacy. Overall, the site is professional, compliant with GDPR, and well-positioned in the retail confectionery market.

S

STORCK SVERIGE AB

storck.se

60

STORCK SVERIGE AB operates the website storck.se as its Swedish corporate presence, showcasing its confectionery brands such as Riesen, merci, Toffifee, and Werther's Original. The website targets Swedish consumers and business partners, providing product information, company vision, career opportunities, and consumer service. The site is built on TYPO3 CMS with a modern JavaScript stack and includes cookie consent mechanisms aligned with GDPR requirements. However, no direct contact emails or phone numbers are visible on the homepage, and WHOIS data for the domain www.storck.se is not found, suggesting it is a subdomain or alias rather than a separately registered domain.

S

Storck Croatia d. o. o.

storck.hr

61

Storck Croatia d. o. o. is a medium-sized confectionery manufacturer operating in Croatia, part of the global Storck group. The website serves as an official corporate and brand presence, showcasing well-known confectionery brands such as merci, Toffifee, and Werther's Original. The site targets general consumers and provides information about products, company vision, and services. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries, delivering a responsive and user-friendly experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though security headers and explicit incident response policies are absent. Privacy compliance is strong with a comprehensive privacy policy and cookie consent banner. Overall, the website is professional, trustworthy, and aligned with the business's market position.

S

STORCK B.V.B.A.

storck.be

63

STORCK B.V.B.A. operates as a confectionery company with a strong international presence and a localized Belgian website. The site provides detailed brand and corporate information, targeting French-speaking Belgian consumers. The company emphasizes sustainability, career opportunities, and consumer services. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries and modules, and is optimized for mobile devices with a good user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. WHOIS data is restricted, limiting domain transparency but the website content and branding suggest legitimacy. Overall, the site is professional, compliant with GDPR, and trustworthy for general users.

S

Storck Italia S.R.L.

storck.it

67

Storck Italia S.R.L. operates a corporate website presenting its confectionery business in Italy. The site provides detailed information about the company, its brands, quality standards, career opportunities, and consumer services. The website targets general consumers and potential employees, positioning itself as a reputable medium-sized confectionery manufacturer and retailer. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes multi-language support for international visitors. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and incident response information, which could be improved. Overall, the domain registration data aligns well with the business claims, supporting the site's legitimacy.

S

Storck Ibérica, S.L.U.

storck.es

61

Storck Ibérica, S.L.U. operates as a confectionery company with a corporate website targeting general consumers interested in confectionery products. The company presents multiple well-known confectionery brands and maintains a consistent and professional online presence. The website is built on TYPO3 CMS and uses modern JavaScript libraries, indicating a moderate level of digital maturity. The site is mobile optimized and includes GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is restricted due to registry policies, but the website content and branding strongly indicate legitimacy. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

S

STORCK S.P.R.L.

storck.fr

61

Storck France operates as a regional branch of the established confectionery manufacturer STORCK S.P.R.L., offering a portfolio of well-known brands such as Werther's Original, Toffifee, and Knoppers. The website targets French consumers and business partners, providing corporate information, brand details, and consumer service contact options. The company positions itself as a reputable player in the confectionery retail and manufacturing sector with a strong brand presence. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries including RequireJS, Lodash, and jQuery. It demonstrates good mobile optimization and SEO practices, with a moderate performance profile. The site uses HTTPS exclusively and implements cookie consent mechanisms aligned with GDPR requirements, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and cookie consent but lacks explicit security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits domain ownership verification but does not detract from the site's professional presentation and trust signals. Overall, the website presents a low-risk profile with good compliance and technical maturity. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and security posture.

S

STORCK ADRIA, d.o.o.

storck.si

60

STORCK ADRIA, d.o.o. operates as the Slovenian subsidiary of the global confectionery company Storck, offering well-known brands such as merci, Toffifee, and Knoppers. The website serves as a corporate and consumer-facing platform providing brand information, news, and career opportunities, targeting Slovenian consumers and business partners. The company maintains a consistent brand presence with a medium-sized business profile founded in 2003. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and employs HTTPS with cookie consent mechanisms, reflecting a moderate to good digital maturity level. Security posture is adequate with room for improvement in security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it lacks direct contact details and vulnerability disclosure information.

S

Storck BV

storck.nl

65

Storck BV is a well-established confectionery company operating in the Netherlands, offering popular brands such as merci, Knoppers, Werther's Original, and Toffifee. The website serves as a corporate and consumer portal providing brand information, company vision, career opportunities, and consumer services. The company maintains a strong market position with a focus on quality and sustainability. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries, ensuring good performance and mobile optimization. Privacy compliance is well addressed with GDPR-aligned policies and a cookie consent mechanism. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and incident response information could be improved. Overall, the site reflects a professional and trustworthy business presence.

S

STORCK SLOVENSKO, s.r.o.

storck.sk

62

STORCK SLOVENSKO, s.r.o. operates as a Slovak subsidiary of the international Storck group, specializing in manufacturing and retailing confectionery products. The website serves as a corporate and consumer information portal, showcasing brands like merci, Toffifee, and Knoppers, and providing career and consumer service information. The site targets general consumers and potential employees within Slovakia and related markets. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

S

Storck Sp. z o.o.

storck.pl

61

Storck Polska operates as a subsidiary of the global Storck confectionery company, focusing on manufacturing and distributing well-known confectionery brands in Poland. The website provides comprehensive information about the company, its brands, career opportunities, and corporate news, targeting consumers, potential employees, and business partners within Poland. The digital infrastructure is built on TYPO3 CMS with modern JavaScript libraries, ensuring a responsive and accessible user experience. Privacy and cookie policies are implemented in compliance with GDPR, enhancing user trust. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers and incident response information could be improved. The absence of WHOIS data limits domain registration transparency but does not detract from the professional presentation and legitimacy of the site.

S

Storck (Schweiz) GmbH

storck.ch

66

Storck (Schweiz) GmbH operates a professional and well-structured website focused on confectionery products and brand promotion in Switzerland. The company presents multiple well-known brands and provides comprehensive information about product quality, corporate values, and career opportunities. The website is built on TYPO3 CMS and uses modern JavaScript libraries, ensuring a good technical foundation and user experience. Privacy and cookie policies are implemented with a consent mechanism, reflecting compliance with GDPR requirements. However, explicit contact emails and phone numbers are not directly listed, relying instead on contact forms. Security posture is generally good with HTTPS and cookie consent, but lacks visible security headers and explicit security policies or incident response information. WHOIS data aligns well with the website content, confirming legitimacy and trustworthiness. Overall, the site is professional, secure, and compliant, suitable for its target audience.

S

Storck Hungária KFT.

storck.hu

63

Storck Hungária KFT. operates as the Hungarian distributor and brand representative for the international Storck confectionery group. The website provides product information, corporate details, and career opportunities primarily targeting Hungarian consumers and business partners. The site is built on TYPO3 CMS with a modern JavaScript stack, ensuring good performance and mobile optimization. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response contacts are absent. Overall, the website reflects a professional and trustworthy corporate presence.

S

STORCK GES.M.B.H.

storck.at

66

STORCK GES.M.B.H. operates the www.storck.at website as the Austrian corporate presence of the Storck confectionery brand. The site provides comprehensive information about the company, its brands, career opportunities, and consumer services. The website is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, it is built on TYPO3 CMS and uses modern JavaScript libraries, ensuring good performance and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response contacts are not published. The absence of WHOIS data from NIC.AT limits domain registration trust assessment but does not detract from the site's professional appearance and content quality. Overall, the site is a trustworthy corporate resource for consumers and job seekers in Austria.

S

STORCK CANADA INC.

storck.ca

57

Storck Canada Inc. operates a professional corporate website presenting its confectionery business, brand portfolio, quality standards, career opportunities, and contact information primarily via a contact form. The website is built on TYPO3 CMS and uses modern JavaScript libraries and Piwik PRO analytics, reflecting a mature digital infrastructure. Privacy and cookie policies are clearly presented and GDPR compliant, enhancing user trust. However, the absence of WHOIS data for the domain www.storck.ca raises concerns about domain registration transparency and trustworthiness. No direct company contact emails or phone numbers are published, and no explicit security or incident response policies are available, which could be improved to strengthen security posture and user confidence.