Security Directory

T

Telenet

telenet.be

78

Telenet is a major Belgian telecommunications provider offering a range of residential and business services including high-speed internet, mobile telephony, and digital TV. The website is professionally designed, well-branded, and targets both residential customers and businesses in Belgium. The technical infrastructure leverages modern web technologies such as Adobe Experience Manager CMS, Adobe DTM for tag management, Dynatrace for performance monitoring, and OneTrust for cookie consent management, indicating a mature digital presence. Security posture is solid with HTTPS enforced and privacy compliance mechanisms in place, although explicit security headers and incident response information are not evident. The absence of WHOIS data reduces transparency but is consistent with .be domain privacy policies. Overall, the website is trustworthy and professionally maintained, with room for improvement in explicit security disclosures and contact information availability.

E

EVENT media s.r.o.

neonrun.cz

44

Neon Run, operated by EVENT media s.r.o., is a well-established Czech event organizer specializing in themed night running events such as the Mizuno Neon Run. The company has been active since 2014 and maintains a professional online presence with clear event information, partner listings, and registration links. Their target audience includes runners and sports enthusiasts primarily in the Czech Republic. Technically, the website uses modern web technologies including Google Tag Manager, Facebook Pixel, and a cookie consent mechanism, hosted on VAS Hosting. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, HTTPS is enforced and cookie consent is implemented, but the absence of explicit security headers and incident response policies suggests room for improvement. Overall, the website is trustworthy and compliant with GDPR, though it lacks a visible terms of service and vulnerability disclosure policy.

E

EVENT media s.r.o.

winter-run.cz

44

WinterRUN is a Czech Republic-based event organizer specializing in winter running races held across multiple cities. The company operates a well-structured website providing race schedules, registration links, results, galleries, and news updates. The business targets runners and sports enthusiasts, leveraging partnerships with notable sponsors and media outlets to strengthen its market position. Founded in 2014, WinterRUN maintains a medium-sized operation with consistent branding and a professional online presence. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Facebook Pixel for analytics and marketing. Hosting is provided by VAS Hosting, with a moderate performance profile and good mobile optimization. The site includes cookie consent mechanisms compliant with GDPR, although some security headers are missing, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS and implements cookie consent with express consent. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies and incident response contacts suggests an opportunity to enhance trust and compliance. The WHOIS data aligns well with the business information, supporting legitimacy. Overall, WinterRUN presents a trustworthy and professional digital footprint with good content quality and business credibility. Strategic improvements in security headers and incident response transparency would further strengthen its security posture and user trust.

The website at yfdpco2.com presents minimal accessible content, primarily consisting of hidden tracking pixels and an embedded iframe from an external domain. There is no visible business information, contact details, or user-facing content, which severely limits the ability to assess the business or its offerings. The domain WHOIS data is suspicious due to a future creation date (March 2025), which is inconsistent with the current timeline and raises concerns about the legitimacy or accuracy of the registration data. The site lacks fundamental privacy and cookie policies, security headers, and DNSSEC, indicating a low maturity level in security and compliance. Overall, the site appears to be a placeholder or ad-serving page rather than a fully developed business website.

E

European Commission - Employment, Social Affairs and Inclusion

pesnetwork.eu

72

The European Network of Public Employment Services (PES Network) is an official initiative under the European Commission's Employment, Social Affairs and Inclusion domain. It serves as a collaborative platform for public employment services across EU member states and associated countries, aiming to improve labor market efficiency and support EU employment policies. The website is professionally designed using Drupal 10 and the European Commission's design system, ensuring accessibility, mobile optimization, and clear navigation. Security posture is strong with HTTPS, cookie consent, and no exposed vulnerabilities detected. However, WHOIS data is unavailable due to EURid privacy policies, which is typical for EU institutional domains. Overall, the site demonstrates high trustworthiness and professionalism, serving a broad European governmental and public audience.

Synerjob is a non-profit organization established in 2007 to foster collaboration between regional employment agencies in Belgium, including ACTIRIS, ADG, Bruxelles Formation, Forem, and VDAB. The website serves as an informational portal providing multilingual content about the association's mission, members, documents, events, and statistics. The business model focuses on regional labor market synergy and information sharing among government entities. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript with jQuery and Bootstrap, and integrates Google Tag Manager for analytics. The site is moderately optimized for mobile and accessibility with basic SEO practices. Security posture is moderate with no explicit security headers detected and no visible HTTPS status in the provided data, though Google Tag Manager scripts load over HTTPS. Privacy compliance is basic, with a cookie consent banner present but no privacy policy or terms of service found. No contact information or forms are present on the homepage HTML. The domain WHOIS data is consistent with the organization's founding date and business purpose, registered with a reputable registrar since 2007, supporting legitimacy. Overall, the website is professional and safe for general audiences but could improve in privacy transparency and security best practices.

B

Vercel Security Checkpoint

bsnsports.com

52

The website bsnsports.com is currently inaccessible beyond a Vercel Security Checkpoint page that verifies the visitor's browser. This indicates the presence of a Web Application Firewall (WAF) or security mechanism blocking direct access to the site's actual content. Due to this, no business-related content, contact information, or policies are available for review. The domain itself is long-established, registered since 1997 with GoDaddy.com, LLC, suggesting legitimacy and maturity. However, the lack of accessible content severely limits the ability to assess the company's market position, services, or compliance posture. Technically, the site is hosted on Vercel, using JavaScript and SVG for the checkpoint interface, but no further technology or CMS details are available. Security posture cannot be fully evaluated, but the presence of a security checkpoint suggests some level of protection is in place. Overall, the site scores very low on content quality and privacy compliance due to the blocked state, and strategic recommendations focus on enabling legitimate access and publishing essential policies.

Q

Queer Communications GmbH

queer.de

53

Queer Communications GmbH operates queer.de, a well-established German online magazine serving the LGBTI community with news, culture, entertainment, and event information. The website targets the queer community and allies, providing diverse content including interviews, TV tips, podcasts, and galleries. The business model relies on advertising, affiliate marketing, and newsletter subscriptions, positioning queer.de as a niche media leader in Germany. Technically, the site employs standard web technologies with a focus on responsive design and GDPR-compliant cookie management. Hosting appears to be with Your-Server.de, and analytics are handled via Piwik (Matomo), reflecting a moderate digital maturity. Security posture is solid with HTTPS and content security policies, though additional headers could enhance protection. No critical vulnerabilities or adult content were detected, and privacy compliance is well addressed. Overall, queer.de presents a professional, trustworthy, and user-friendly platform with room for incremental security and compliance improvements.

R

remspace

remspace.cz

52

remspace.cz is a professional Czech online magazine and communication platform focused on the real estate and construction sectors. It provides industry news, articles, and organizes conferences and discussion events, targeting professionals and stakeholders in urban planning, development, and real estate markets. The website is well-branded, content-rich, and maintains a consistent presence with partners and social media channels. Technically, the site is built on WordPress with modern performance optimizations and uses Google Tag Manager for analytics. Security posture is good with HTTPS and cookie consent mechanisms, though some HTTP security headers are missing. WHOIS data is unavailable, which slightly impacts trust but the overall professional presentation supports legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant.

E

ENOÉ, créateur d'énergie

enoe-energie.fr

66

Enoé is a French renewable energy producer specializing in green and local energy solutions. The company manages the entire value chain from design to maintenance, positioning itself as a key player in the energy transition sector in France. Their website reflects a professional and consistent brand image with a focus on sustainability and expertise in renewable energy production. The digital infrastructure is based on WordPress with SEO optimization via the All in One SEO plugin, and integrates marketing and analytics tools primarily from HubSpot and social media platforms. Security posture is moderate with HTTPS usage but lacks visible security headers and explicit privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and structured data support legitimacy. Overall, the site is well-designed and user-friendly but would benefit from enhanced security and privacy compliance measures.

H

Helexia Agri

helexia-agri.com

45

Helexia Agri is a French company specializing in the development, construction, and operation of photovoltaic agricultural hangars and roof renovations. Established since 2006, it serves farmers across France by offering new hangars or roof renovations in exchange for the exploitation of their roofs for solar energy production. The company is positioned as a specialist in agricultural photovoltaic infrastructure with a medium-sized footprint and affiliation to the Helexia Group. The website is professionally designed using WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and WHOIS transparency are lacking. Overall, the site is trustworthy and business credible but would benefit from improved transparency in domain registration and privacy policies.

B

BayWa r.e.

baywa-re.fr

68

BayWa r.e. is a well-established international renewable energy company specializing in solar, wind, bioenergy, and energy trading. The company operates globally with a strong presence in France, offering comprehensive services from project development to operation and maintenance. Their website reflects a professional and consistent brand image, targeting businesses and stakeholders in the energy sector. The business model focuses on renewable energy solutions and energy trading, positioning BayWa r.e. as a key player in the sustainable energy market. Technically, the website is built on modern frameworks such as Nuxt.js and Tailwind CSS, ensuring good performance, mobile optimization, and accessibility. The use of Google Tag Manager and CookieFirst indicates a mature approach to analytics and privacy compliance. Security measures including HTTPS and security headers are properly implemented, contributing to a strong security posture. While the WHOIS data is not publicly available, likely due to privacy protection, the website's professionalism and comprehensive policies suggest legitimacy. However, the absence of a public security policy or incident response page indicates areas for improvement. Overall, the site is secure, compliant with GDPR, and trustworthy, with recommendations to enhance transparency around security and incident handling.

S

Solutions 30

solutions30.com

68

Solutions 30 is a technology solutions provider established in 2009, offering services related to new technologies. The website is built on WordPress using the Divi theme and hosted with AWS DNS services. The digital infrastructure is moderately optimized with basic mobile responsiveness and SEO features. Security posture is average, with HTTPS enabled but lacking advanced security headers and policies. No explicit privacy or cookie policies were found, indicating potential compliance gaps. Overall, the website presents a professional but basic online presence with room for improvement in privacy, security, and contact transparency.

S

Sunforwatt

sunforwatt.com

62

Sunforwatt is a French photovoltaic energy solutions provider specializing in serving agricultural, industrial, and tertiary sectors. Established since 2008, the company offers comprehensive services from technical and financial studies to installation, compliance, commissioning, and ongoing maintenance of photovoltaic systems. Their market position is that of an experienced niche player with a growing footprint in renewable energy projects for businesses. Technically, the website is built on Webflow with modern front-end technologies and integrates Google Tag Manager for analytics. The site is well designed, mobile-optimized, and provides clear navigation and relevant content. Security posture is moderate; HTTPS is implied but no explicit security headers were detected, and the contact form relies on a third-party service without visible advanced protections. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which impacts overall trust. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is professional and trustworthy in content but requires improvements in security and compliance transparency.

Sémaphore Communication is a small French communication agency based in Melle, affiliated with the cooperative SCOP Oxalis. Founded in 2009, it offers comprehensive communication services including graphic design, web projects, strategic consulting, training, and multimedia production. The agency targets local businesses, associations, and collectives seeking tailored communication solutions. The website reflects a professional and consistent brand image with clear service descriptions and team presentation. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript libraries including jQuery, GSAP, ScrollMagic, and Barba.js for animations and page transitions. It is hosted by O2Switch, a reputable French hosting provider. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. SEO optimization is minimal but present. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers, privacy and cookie policies, and incident response information. The contact form is present but commented out, limiting user interaction. The use of Crisp chat provides live communication but also introduces tracking. Overall, the security posture is moderate but could be improved with better compliance and security practices. The domain registration data aligns well with the business claims, showing consistency and legitimacy. No WAF or blocking mechanisms are detected, and the site content is fully accessible and safe for general audiences.

T

Tugaleres.com

tugaleres.com

61

Tugaleres.com is a French technology blog primarily focused on Linux distributions, open source software, and gaming on Linux. The site provides news, tutorials, and community content targeting Linux enthusiasts and French-speaking technology users. It operates on the WordPress platform hosted by WordPress.com, leveraging modern plugins such as Jetpack and ActivityPub for enhanced functionality and social integration. The website demonstrates good content quality, consistent branding, and clear navigation, making it accessible and user-friendly. Security-wise, the site enforces HTTPS, employs standard security headers, and benefits from domain registration protections, although it lacks explicit security policies or incident response information. Privacy compliance is addressed with a cookie policy and consent mechanism, but terms of service and detailed privacy policies could be improved. Overall, the site is trustworthy, well-maintained, and serves a niche audience effectively.

W

WS Interactive

ws-interactive.net

59

WS Interactive is a small, established web agency based in Toulouse, France, with 25 years of experience providing tailored web development, mobile app creation, SEO, UX/UI design, and digital marketing services. The company targets businesses seeking professional digital solutions and positions itself as a high-quality service provider in the local market. Technically, the website is built on WordPress with modern JavaScript libraries and includes analytics and optimization tools, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses CAPTCHA on contact forms, and implements cookie consent with Google Consent Mode, but lacks explicit security policies and incident response information. The absence of WHOIS domain registration data reduces trust in domain legitimacy, though the website content and branding are professional and consistent. Overall, the site scores well on content quality, technical implementation, and security posture, with room for improvement in business credibility and transparency.

S

SPIP

spip.net

52

SPIP is an established open source publishing system designed for collaborative and multilingual web content management. Founded in 2001, it serves a broad audience of web authors, developers, and institutions seeking a free and community-driven CMS solution. The website provides comprehensive documentation and community resources, reflecting a mature and active project. Technically, the site uses SPIP CMS version 4.4.6 with modern web technologies including JavaScript, CSS, SVG, and MathJax for math rendering. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers are not detected and privacy policies are absent, indicating room for improvement in compliance and security transparency. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the site's open source nature and community presence. Overall, the site is professional, trustworthy, and well-maintained, but could enhance privacy and security disclosures.

A

L'Agenda du Libre

agendadulibre.org

54

L'Agenda du Libre is a community-focused platform dedicated to aggregating and promoting events related to free and libre software, arts, data, hardware, and commons. It serves a niche audience interested in open source and libre culture, providing a comprehensive calendar of events, organization listings, and news updates. The website is closely associated with the April organization and related libre initiatives, reinforcing its position within the free software community. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and Turbolinks, offering a mobile-responsive and user-friendly experience. However, there is a lack of explicit privacy, cookie, and terms of service policies, which impacts compliance and user trust. Security posture is moderate with no visible security headers or incident response information, and WHOIS data is unavailable, limiting domain trust verification. Overall, the site is functional and relevant for its target audience but would benefit from enhanced security and privacy transparency.

C

CAn7

can7.fr

51

CAn7 is a French student association affiliated with INP-ENSEEIHT, specializing in providing sound and lighting services for a variety of events including school galas, concerts, and conferences. The organization has over 20 years of experience and serves primarily the student and local community event market. The website reflects a small, non-profit entity with a clear focus on event technical support. Technically, the website uses standard web technologies including HTML5, CSS3, and jQuery, hosted by OVH, a reputable provider. The site is moderately optimized for mobile devices and offers a good user experience with clear navigation and relevant content. Security posture is moderate; while no critical vulnerabilities or exposed data are evident, the absence of security headers and unclear SSL status suggest room for improvement. Privacy compliance is lacking as no privacy or cookie policies are present. Overall, the site is trustworthy but would benefit from enhanced security and compliance measures.

T

TVn7

tvn7.fr

47

TVn7 is a well-established student video association based at ENSEEIHT in Toulouse, France, founded in 1992. The organization provides a variety of video production services including event coverage, multi-camera live broadcasts, and promotional clips primarily targeting the academic community and local organizations. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its audience. Technically, the site uses standard web technologies with good mobile optimization and SEO practices, though it lacks advanced frameworks or CMS indications. Security posture is moderate with HTTPS implied but missing explicit security headers and cookie consent mechanisms. The absence of WHOIS data limits domain trust analysis, but the presence of partner logos, testimonials, and active social media accounts supports legitimacy. Overall, the site is safe, trustworthy, and serves its niche effectively.

M

MyMGLife

mymglife.com

65

MyMGLife operates as a niche e-commerce fundraising platform dedicated to supporting research for Myasthenia Gravis, a rare neuromuscular disease. The website leverages the Shopify platform to sell branded merchandise, with proceeds directed towards a non-profit organization focused on this cause. The site targets individuals interested in supporting medical research and awareness efforts related to Myasthenia Gravis. The business model is straightforward, combining retail sales with charitable fundraising, positioning itself as a specialized player within the non-profit e-commerce space. Technically, the website is built on a modern and robust infrastructure using Shopify's e-commerce platform, ensuring reliable hosting, secure payment processing (including Shopify Pay, Apple Pay, and PayPal), and responsive design optimized for mobile devices. The site employs standard web technologies such as JavaScript, CSS, and HTML5, with good SEO and accessibility practices evident. Performance is generally fast, benefiting from Shopify's CDN and optimized assets. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes essential security headers. Payment integrations are secure, and no exposed sensitive data or vulnerable libraries were detected. However, the absence of explicit privacy and cookie policies, GDPR compliance indicators, and contact information for security incidents or abuse reduces the overall security posture and compliance maturity. Overall, the website presents a professional and trustworthy front for its fundraising mission but would benefit from enhanced transparency and compliance documentation. The lack of WHOIS data introduces some uncertainty regarding domain legitimacy, though the Shopify platform usage and secure infrastructure mitigate this risk. Strategic improvements in privacy, cookie consent, and incident response disclosures would strengthen trust and regulatory compliance.

C

Centrum realitního vzdělávání - JUDr. Tomáš Philippi

realitni.info

63

Centrum realitního vzdělávání, operated by JUDr. Tomáš Philippi, is a specialized Czech Republic-based education and legal consultancy business focused on real estate brokerage training and certification. The website offers preparatory courses, exams, online testing, and legal documentation services, positioning itself as an authoritative niche provider with strong legal expertise backing. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript without modern frameworks or CMS, resulting in moderate performance and basic mobile optimization. Security posture is average with no visible advanced security headers or policies, and privacy compliance is lacking due to missing privacy and cookie policies. The WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and contact information support legitimacy. Overall, the site is professional and trustworthy for its target audience but would benefit from enhanced security and compliance measures.

D

Del Monte

delmontefscashback.com

47

The website delmontefscashback.com serves as a dedicated platform for the Del Monte Foodservice Cash Back Program, offering customers an incentive-based rebate system to encourage purchases of Del Monte branded products. The platform provides account creation, login functionality, and submission of proof of purchase for cash back rewards. The target audience primarily consists of foodservice operators and businesses engaged in purchasing Del Monte products. The business model revolves around customer engagement and brand promotion through rebate incentives. From a technical perspective, the website employs standard web technologies including JavaScript, CSS, and Google Fonts, but lacks evidence of a content management system or advanced frameworks. The site demonstrates basic mobile optimization and moderate performance but shows room for improvement in SEO and accessibility. Hosting and domain registration are managed via GoDaddy, with domain protections enabled but no DNSSEC. Security posture is moderate; while the domain is protected against unauthorized changes, the site lacks visible security headers, DNSSEC, and cookie consent mechanisms. No HTTPS enforcement details were provided, and no advanced bot protection or analytics tracking was detected. Privacy and terms of service links exist but appear basic without comprehensive GDPR compliance indicators. No contact or incident response information is available, limiting transparency. Overall, the website presents a functional but basic promotional platform with moderate trustworthiness. Strategic improvements in security headers, privacy compliance, contact transparency, and technical modernization would enhance the platform's credibility and user trust.

S

Somfy

somfy.sk

63

Somfy Slovakia operates as a regional branch of the global Somfy Group, specializing in home automation products including motors for blinds, shutters, awnings, gates, and smart home solutions such as alarms, cameras, heating, and lighting control. The website targets Slovak consumers and businesses interested in smart home technology, offering a comprehensive product catalog and support services. The company is well-established, founded in 1969, and maintains a strong market presence with consistent branding and professional digital assets. Technically, the website employs modern web technologies, is mobile optimized, and integrates tracking and analytics tools responsibly. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response information are not publicly disclosed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained.

F

Fondation SOMFY

fondation-somfy.com

66

Fondation SOMFY is a corporate foundation linked to Groupe SOMFY, dedicated to supporting social and environmental initiatives primarily in France and internationally. The foundation focuses on promoting healthy and sustainable housing, social integration, and environmental preservation through financial and human sponsorship. The website reflects a well-established non-profit entity with consistent branding and a clear mission. Technically, the site uses a mix of JavaScript libraries including jQuery and TagCommander for analytics and tracking, and it is hosted securely with HTTPS and cookie consent mechanisms in place. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and external links strongly indicate legitimacy. Security posture is good with no visible vulnerabilities, but the site lacks explicit security policies or incident response information. Overall, the website is professional, user-friendly, and compliant with privacy regulations, serving its target audience effectively.

A

AiVision, s.r.o.

ai-shop.cz

46

AiVision, s.r.o. operates the website www.ai-shop.cz offering advanced e-shop solutions with ERP system integrations such as Pohoda, Helios, Money, Cezar, Premier, and SAP. The company targets small to medium-sized businesses seeking customizable e-commerce platforms with B2B and B2C capabilities. With over 20 years of experience and more than 1100 satisfied clients, AiVision positions itself as a reliable technology provider in the Czech Republic's e-commerce sector. The website showcases a modern, responsive design with comprehensive content, client references, and integration options, reflecting a mature digital presence. Technically, the site employs a modern tech stack including jQuery, Bootstrap, Google Tag Manager, and reCAPTCHA, ensuring good performance and security basics. However, explicit security headers and incident response policies are not published, indicating areas for improvement. The site is GDPR compliant with a clear privacy and cookie policy, and contact information is readily available. WHOIS data is missing or privacy protected, which slightly reduces trustworthiness but does not negate the evident business legitimacy. Overall, the website demonstrates a strong business and technical foundation with moderate security posture and good privacy compliance.

H

Hochschule Darmstadt

h-da.de

10

Hochschule Darmstadt (h_da) is a well-established German university of applied sciences focused on education, research, and transfer in technology, society, and art. The website serves as a comprehensive portal for students, staff, and partners, offering detailed information about academic programs, research initiatives, campus development, and services. The institution maintains a strong regional and international presence, including partnerships such as the European University of Technology (EUT+). Technically, the website is built on TYPO3 CMS, a robust open-source content management system, and employs Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Performance is moderate, with modern web technologies and responsive design. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and formal security policies such as vulnerability disclosure or incident response contacts. Privacy compliance is partial, with no explicit privacy or cookie policies detected on the main page. The WHOIS data is minimal but consistent with the institution's identity, supporting legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic improvements in privacy transparency and security policy publication would enhance compliance and user trust.

H

HALLENKUNST | MARKTHALLE CHEMNITZ

hallenkunst.de

7

The website www.hallenkunst.de is a Wix-hosted site with minimal content and no visible privacy, cookie, or terms of service policies. The business focus is unclear due to lack of descriptive content, but the presence of art-related media suggests an art or gallery-related business. The technical infrastructure relies on Wix technologies and standard web technologies such as JavaScript, CSS, and HTML5. Mobile optimization is good, but overall content quality and SEO are basic. Security posture is moderate with HTTPS enabled but lacking security headers and incident response information. No contact information or compliance indicators are present, which limits trust and business credibility. Overall, the site is accessible without WAF or security challenges and contains no adult or explicit content.

Pau Agglomération operates an official government website serving the city of Pau and its surrounding agglomeration in France. The site provides comprehensive information on daily life, urban planning, social services, culture, environment, and more, targeting residents and visitors. It is positioned as a key local government communication and service platform. Technically, the website is built on Drupal 10, employs Matomo for analytics, and uses modern web technologies ensuring good performance, mobile optimization, and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with privacy and cookie policies and consent mechanisms. However, explicit contact emails and phone numbers are not directly visible, and no terms of service or vulnerability disclosure pages were found. Overall, the website is professional, trustworthy, and well-maintained, reflecting a mature digital presence for a government entity.

D

Diverto

diverto.tv

67

Diverto is a French media platform specializing in entertainment news, focusing on television, streaming platforms, and pop culture. The website provides TV program schedules and news related to streaming services, targeting a general audience interested in media and entertainment. The platform positions itself as a niche media outlet within the French market, offering curated content relevant to TV and streaming enthusiasts. Technically, Diverto employs a modern web stack including JavaScript frameworks like Stimulus and Symfony UX Live Component, along with Tailwind CSS for styling. It integrates multiple third-party services for analytics, advertising, and consent management, demonstrating a mature digital infrastructure. Security-wise, the website enforces HTTPS and uses a consent management platform (Didomi) to comply with privacy regulations. However, explicit security headers and incident response policies are not clearly published, and WHOIS data is unavailable, which slightly impacts trust. Overall, Diverto presents a professional and functional media website with good privacy compliance but could improve transparency and security documentation.

U

Université de technologie de Compiègne

utc.fr

57

Université de technologie de Compiègne (UTC) is a well-established French technological university focused on higher education, research, and innovation. The website reflects a professional and consistent brand image, targeting students, researchers, and industry partners. It offers comprehensive educational services and fosters technological advancement. The digital infrastructure is based on WordPress with modern frameworks and good mobile optimization, ensuring a positive user experience. Security posture is solid with HTTPS and security headers, though explicit security policies and incident response contacts are not publicly visible. Overall, the domain and website appear legitimate and trustworthy, consistent with an educational institution of its stature.

B

BISTROOO

bistrooo.cz

45

Bistrooo is a small hospitality business based in Příbram, Czech Republic, offering breakfast, soups, hot meals, and daily menus. The website presents a clear business focus on local food service with reservation capabilities and business hours. The technical infrastructure is built on the Webnode CMS platform, leveraging AWS Cloudfront CDN and Google Tag Manager for analytics. The site is accessible, mobile-optimized, and has a good user experience, though it lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing security headers and privacy compliance elements. The absence of WHOIS data limits domain legitimacy verification, which impacts trustworthiness. Overall, the site is functional and professional but requires improvements in privacy compliance and security best practices.

B

Brdský běžecký pohár

brdskypohar.cz

44

The website 'Brdský běžecký pohár' serves as a regional platform dedicated to organizing and promoting running events and athletic competitions primarily in the Příbram area of the Czech Republic. It offers detailed information about upcoming races, results, photo galleries, and registration options, targeting runners, athletes, and local sports enthusiasts. The business model revolves around event organization, community engagement, and race facilitation, positioning itself as a key regional sports event organizer. Technically, the website employs a modern tech stack including HTML5, CSS, JavaScript with jQuery and Bootstrap 5 frameworks, and integrates Google Analytics for visitor tracking. The site is hosted under a Czech registrar with appropriate DNS settings and uses HTTPS for secure communication. Mobile optimization and user experience are good, though accessibility and SEO could be improved. From a security perspective, the site benefits from HTTPS but lacks visible security headers and a formal privacy or cookie policy, which are important for GDPR compliance. No vulnerability disclosure or incident response information is provided. The use of Google Analytics without a cookie consent mechanism indicates potential privacy compliance gaps. Overall, the website is functional, content-rich, and trustworthy for its intended audience but would benefit from enhanced privacy compliance, improved security headers, and formal policies to strengthen its security posture and regulatory adherence.

J

Jérémie Bottollier Curtet

bottweb.fr

56

Jérémie Bottollier Curtet operates as a freelance web and mobile application developer based in Haute-Savoie, France. The business specializes in creating custom digital solutions including websites (One Page, Vitrine, E-commerce, and bespoke), web and mobile applications, SaaS and Micro-SaaS platforms, site redesign, maintenance, and training services. The company targets local businesses, startups, and independent professionals primarily in the Rhône-Alpes region. The website demonstrates a professional market position with clear service offerings and a strong local focus. Technically, the website is built on WordPress using Elementor, enhanced with modern web technologies and analytics tools such as Google Tag Manager and Hotjar. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS, employs security headers, and includes cookie consent mechanisms, indicating a good security posture. However, the absence of explicit security policies, incident response contacts, and vulnerability disclosure mechanisms suggests areas for improvement. The WHOIS data is missing, which slightly impacts domain trustworthiness but does not detract significantly from the overall legitimacy. Overall, the website and business present a low-risk profile with professional digital presence and sound security practices. Strategic recommendations include enhancing transparency with dedicated security and privacy policy pages, implementing vulnerability disclosure, and maintaining regular security audits to sustain trust and compliance.

A

Audi Česká republika

audi.cz

58

Audi Česká republika operates as the official regional website for the Audi brand in the Czech Republic, providing comprehensive information about Audi's vehicle models, electric vehicles, financing options, servicing, and promotional offers. The site targets consumers interested in premium automotive products and services, supporting Audi's market position as a leading luxury car manufacturer. The website demonstrates a high level of digital maturity, utilizing modern web technologies such as Next.js and Google Tag Manager, and incorporates cookie consent management via OneTrust. Security posture is generally strong with HTTPS enforced, though some security headers and explicit privacy policies are not detected in the provided content. The absence of WHOIS data limits domain registration trust verification, but the website's branding and content strongly indicate legitimacy. Overall, the site offers a professional, user-friendly experience with rich multimedia content and clear navigation.

W

Windcoop SCIC SA

wind.coop

52

Windcoop SCIC SA is a French maritime cooperative based in Lorient specializing in low-carbon cargo transport using sail-powered container ships. The company operates an innovative business model focused on sustainability and cooperative ownership, targeting individuals, businesses, and communities interested in ethical and ecological maritime transport. Their flagship project is a 90-meter sail cargo ship designed to reduce CO2 emissions by 60% compared to conventional vessels, with operations planned between Marseille and Madagascar starting in 2027. The website reflects a professional and modern digital presence built on WordPress, featuring comprehensive content, multimedia, and clear calls to action for investment and membership. Technical infrastructure includes Matomo analytics and Google Tag Manager, with a strong emphasis on privacy and cookie consent compliance. Security posture is good with HTTPS and domain transfer protections, though improvements such as DNSSEC and explicit security policies are recommended. Overall, Windcoop presents a credible, transparent, and innovative player in the sustainable transportation sector.

éthi'Kdo is a French e-commerce platform specializing in eco-responsible gift cards that promote ethical gifting for individuals, businesses, and employee committees. The website presents a well-structured and professionally designed interface with a focus on sustainability and social responsibility. The technical infrastructure leverages modern JavaScript, CSS, and HTML5 technologies, integrating third-party services such as Sentry for error monitoring, Google Analytics for user behavior tracking with IP anonymization, and Crisp Chat for customer support. Security posture is strong with HTTPS enforced and appropriate security headers in place, though explicit privacy and cookie policies are absent, indicating room for compliance improvement. Overall, the website demonstrates a high level of business credibility and technical maturity, with no detected vulnerabilities or suspicious activity.

Mobicoop.fr is a French-based free and commission-free carpooling platform established in 2017. The website offers a service aimed at facilitating daily and occasional ride sharing as a common good, targeting a general audience interested in sustainable and economical transportation options. The platform positions itself as a niche player in the transportation sector, emphasizing openness and community values. Technically, the website is hosted by OVH and uses HTTPS with a moderate performance profile. It employs Matomo analytics with a consent-based tracking mechanism, reflecting a privacy-conscious approach. The site uses modern web fonts and icons but does not appear to rely on a major CMS or framework. Mobile optimization and SEO are adequately addressed, though accessibility features are basic. From a security perspective, the site benefits from HTTPS and respects user consent for analytics. However, it lacks explicit security headers and formal security policies such as a privacy policy, terms of service, or vulnerability disclosure. No contact information or incident response channels are clearly provided, which could be improved to enhance trust and compliance. Overall, Mobicoop.fr presents a trustworthy and professional online presence for its business model but would benefit from enhanced transparency in privacy and security policies, as well as improved contact and incident response information to strengthen its security posture and compliance with regulations.

N

NEONUS, s.r.o.

neonus.sk

69

NEONUS, s.r.o. is a Slovak digital agency specializing in custom web development, e-commerce, B2B online shops, design, and data synchronization services. The company targets businesses seeking tailored digital solutions and technical support for their online presence. With over 15 years of experience and more than 500 projects completed, NEONUS holds a solid regional market position. The website reflects a professional and consistent brand image with comprehensive service offerings and client references. Technically, the website employs modern web technologies including GSAP for animations, Google Tag Manager and Analytics for tracking, and Tawk.to for live chat support. The site is built likely on WordPress with WooCommerce integration, optimized for mobile devices, and demonstrates good SEO and accessibility practices. Performance is moderate, with room for improvement in accessibility and loading speed. From a security perspective, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and secures user data collection via forms with CAPTCHA. However, it lacks a publicly available security policy, incident response contacts, and vulnerability disclosure information. Security headers are not explicitly detected, suggesting potential areas for enhancement. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. The risk profile is low, but strategic improvements in security transparency and technical optimizations are recommended to further strengthen the security posture and user trust.

H

HZ Vinařství s.r.o.

valtickepodzemi.cz

49

Valtické Podzemí is a hospitality and wine tourism business based in the Czech Republic, specializing in historic wine cellar tours, wine tastings, and cultural events. The company operates a unique project connecting 13 historic wine cellars dating back to the 13th century, offering individual visits, group programs, and private events. The business holds a prestigious award, CHAMPION TOP VINAŘSKÝ CÍL ČR, underscoring its quality and reputation in the local market. The website is professionally designed, mobile-optimized, and rich in relevant content targeting wine enthusiasts, tourists, and corporate clients. Technically, the website is built on WordPress with modern JavaScript libraries such as Swiper.js and AOS for animations. It employs performance optimization tools like WP Rocket and SEO enhancements via Yoast SEO. The site uses Google Tag Manager and Microsoft Clarity for analytics and tracking, with a GDPR-compliant cookie consent mechanism in place. Social media integration and partner links further enhance its digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks explicit security policy and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, but the presence of clear contact information and business details supports legitimacy. Overall, the site demonstrates a strong security posture with room for improvement in transparency and formal security documentation. Strategically, the business should focus on publishing a security policy, establishing incident response contacts, and enhancing domain registration transparency to improve trust. Continued monitoring of third-party scripts and regular security audits will help maintain a robust security posture. The website's excellent content quality and user experience position it well for growth in the wine tourism sector.

H

Hudební agentura Arte per tutti

artepertutti.cz

59

Hudební agentura Arte per tutti is a small Czech music agency specializing in live music performances for weddings, concerts, corporate events, and other celebrations. Founded in 2017 by Jitka Břízová, who also acts as manager and violinist, the agency emphasizes quality, originality, and personalized service. Their offerings include tailored musical ensembles and guaranteed substitutes for musicians in case of illness. The website presents a professional image with testimonials and clear contact information, targeting clients seeking live music experiences in the Czech Republic. Technically, the website is built on the Webnode CMS platform, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and uses Amazon Cloudfront CDN for content delivery. It integrates Google Tag Manager and Facebook SDK for analytics and marketing. The site is mobile-optimized and features a cookie consent mechanism, though it lacks some advanced security headers and a published privacy policy. From a security perspective, the site uses HTTPS with a good SSL configuration but does not implement common security headers like Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data and privacy policy reduces trustworthiness. There is no visible incident response or vulnerability disclosure information. Overall, the website is functional, professional, and safe for general audiences, but improvements in transparency, security headers, and domain registration verification are recommended to enhance trust and compliance.

R

RIKI.TO SUSHI

riki-to-sushi.com

57

RIKI.TO SUSHI is a small hospitality business based in the Czech Republic specializing in sushi lessons, catering, and professional sushi training. The company holds prestigious awards such as the WORLD SUSHI SKILL INSTITUTE TOKYO and advisory titles from the Japanese Sushi Association, positioning it as a recognized expert in its niche market. The website is built on the Wix platform, leveraging Wix's proprietary technologies and hosting services. While the site presents professional content and clear contact information, it lacks key compliance documents such as privacy and terms of service pages. Security posture is adequate with HTTPS enabled and error monitoring via Sentry, but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the site is functional and trustworthy but would benefit from enhanced privacy compliance and domain registration transparency.

C

Catering Brno Slunečnice

cateringbrnoslunecnice.cz

49

Catering Brno Slunečnice is a small hospitality business specializing in comprehensive catering services for events such as weddings, corporate parties, and family celebrations in Brno and surrounding areas. The company operates under the Slunečnice Food network with multiple related venues, emphasizing quality and customer service. The website is professionally designed using the Webnode CMS platform, leveraging modern CDN and analytics technologies to deliver content efficiently. However, the absence of privacy and cookie policies and lack of visible contact information limit its compliance and trustworthiness. The security posture is generally good with HTTPS enforced, but missing security headers and incident response details are areas for improvement. The domain WHOIS data is unavailable, which raises concerns about registration transparency and business legitimacy. Overall, the site is safe, well-structured, and suitable for its target audience but requires enhancements in privacy compliance and business transparency to improve trust and security.

T

Tangible design festival

tangible-festival.org

44

The Tangible design festival website represents a cultural event based in Marseille, France, dedicated to various forms of design expression. The festival is scheduled for October 2025 and features exhibitions, workshops, and meetings across multiple local venues. The business model centers on event organization and cultural promotion within the local design community, targeting a general audience interested in contemporary design and art. Technically, the website is built with modern web standards including HTML, CSS, and JavaScript, and uses HTTPS with hosting provided by OVH sas. The site includes minimal external dependencies, notably the Umami analytics platform for visitor tracking. The site is mobile optimized and accessible with good SEO practices, but lacks advanced frameworks or CMS platforms. From a security perspective, the site benefits from HTTPS and domain status protections but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies are present, and no contact or incident response information is provided, indicating gaps in compliance and user trust features. The WHOIS data shows a suspicious future domain creation date, which undermines domain legitimacy and trustworthiness. Overall, the website is functional and professionally designed for its purpose but requires improvements in privacy compliance, security hardening, and transparency to enhance trust and regulatory adherence.

G

GEISTER MEDIZINTECHNIK GMBH

gbluelabel.de

41

GEISTER MEDIZINTECHNIK GMBH is a well-established German company specializing in the manufacture and supply of premium surgical instruments under the G BLUE LABEL™ brand. With a heritage spanning approximately 100 years, the company targets medical professionals and institutions requiring high-quality, innovative surgical tools. Their business model is primarily B2B, focusing on product excellence and custom solutions to meet surgical needs. The website reflects a professional and consistent brand image, supporting their market position as a premium instrument provider. Technically, the website employs modern JavaScript frameworks such as Vue.js and Axios, alongside jQuery and FontAwesome for UI elements. The site is mobile-optimized with good navigation and SEO practices, though performance is moderate. The CMS appears custom-built with PHP components. Analytics are implemented via Google Analytics and Tag Manager, indicating moderate user tracking. From a security perspective, the site uses HTTPS and includes verification meta tags for Google and Facebook, but lacks visible security headers and explicit cookie consent mechanisms. No sensitive data exposure or vulnerabilities were detected in the content. The WHOIS data is minimal but consistent with the business, showing no suspicious patterns. However, contact information is not explicitly provided on the main page, which could impact user trust. Overall, the website is professional and trustworthy with room for improvement in privacy compliance and security best practices. Strategic enhancements in cookie consent, security headers, and contact transparency would strengthen their security posture and user confidence.

BeSignal is a specialized software provider offering whistleblowing reporting platforms tailored to meet the requirements of the European Whistleblowing Directive and data protection standards. Founded in 2021 and based in France, the company targets organizations in both the corporate and public sectors, including schools, to streamline whistleblowing report management and resolution. Their business model is primarily SaaS, delivering compliance-focused solutions with multi-language support and a professional online presence. Technically, the website leverages modern JavaScript frameworks such as Vue.js, integrates HubSpot for marketing and analytics, and employs Cookiebot for cookie consent management. The hosting is provided by OVH sas, a reputable European hosting provider. Security-wise, the site enforces HTTPS and has domain protections against unauthorized transfers or deletions, but lacks DNSSEC and some security headers. No explicit privacy policy or terms of service were found, which is a compliance gap. Overall, the website is professional and functional with moderate security posture and good business credibility.

B

BussinesMC

ulicenarodni.cz

45

The website www.ulicenarodni.cz serves as a local informational portal focused on the Národní street area in Prague 1, providing visitors and locals with details about hotels, restaurants, bars, cultural venues, theaters, and clubs. The site targets tourists and residents interested in cultural and hospitality services, positioning itself as a niche guide for this specific locality. The business model appears to be promotional and informational, likely monetized through partnerships and advertising. The site is operated by BussinesMC, a small entity with no publicly disclosed parent or subsidiaries. Technically, the website employs a traditional web stack with HTML5, CSS3, JavaScript, jQuery, and Bootstrap, supplemented by third-party analytics and marketing tools such as Google Analytics, Facebook Pixel, and SmartLook. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is adequate with GDPR-aligned cookie consent and a basic privacy policy. Overall, the website is trustworthy and professionally maintained, though it could benefit from enhanced security practices and more transparent business contact information.

B

b2match

b2match.com

68

b2match is a technology-driven SaaS company specializing in event management platforms focused on networking and matchmaking for in-person, virtual, and hybrid events. The platform offers a comprehensive suite of tools including registration, ticketing, agenda management, AI-powered matchmaking, mobile apps, and analytics, positioning itself as a trusted solution for event professionals globally. The website demonstrates a mature digital presence with modern technologies such as Next.js, React, and integration of major analytics and advertising platforms. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly available. Overall, the website and business exhibit high professionalism and trustworthiness, though WHOIS data is privacy-protected, which is common for SaaS providers. Strategic recommendations include enhancing security header implementation and publishing security policies to further improve trust and compliance.

T

TAZ Verlags- und Vertriebs GmbH

taz.de

66

TAZ Verlags- und Vertriebs GmbH operates taz.de, a well-established German left-leaning independent news media website founded in 1992. The site offers critical journalism including analyses, commentaries, interviews, and reportages, targeting a general audience interested in progressive news. The business model combines subscription services and advertising revenue, supported by a cooperative structure. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks like Alpine.js, Cash DOM, and uses Google Publisher Tag for advertising and Matomo for analytics. Mobile optimization and accessibility are well implemented, providing a good user experience. Security posture is strong with HTTPS enforced and consent mechanisms for cookies, though explicit security headers could be confirmed. Privacy compliance is robust with clear privacy and cookie policies in German, aligned with GDPR requirements. WHOIS data is consistent with the business claims, showing legitimate domain registration and hosting in Berlin. Overall, the site is professional, trustworthy, and secure, with no critical vulnerabilities detected.