Security Directory

E

entado GmbH

campuscore.eu

40

entado GmbH is a specialized software company focused on providing digital solutions for university administration, including campus, doctoral candidate, and applicant management systems. With over a decade of experience in the education sector and extensive expertise in complex administrative software, entado positions itself as a reliable partner for educational institutions seeking digital transformation. The company targets universities, private colleges, and non-university educational institutions primarily in Germany. The website reflects a professional and consistent brand image with detailed product offerings and customer testimonials that enhance trust. Technically, the site uses modern web technologies such as Vue.js and Twind CSS, indicating a contemporary digital infrastructure. However, some areas such as security headers and cookie consent mechanisms are lacking, which could be improved to enhance compliance and security posture. Overall, the website is well-structured, mobile-optimized, and provides relevant content for its target audience.

N

naviti GmbH

naviti.ch

10

naviti GmbH is a Swiss-based small technology company specializing in web design, webshop development, and custom software solutions primarily targeting private clients, SMEs, industries, foundations, and associations within the region of Kanton Aargau. Their business model focuses on affordable, customized digital solutions using their proprietary CMS platform navitiCms, complemented by training, support, and hosting coordination services. The company positions itself as a regional web agency emphasizing transparency, customer involvement, and modern technology.

T

Terumo Blood and Cell Technologies

terumobct.com

66

Terumo Blood and Cell Technologies is a global healthcare company specializing in blood and cell-based therapy solutions. Their offerings include automated blood collection and processing systems, therapeutic apheresis devices, cell therapy manufacturing technologies, and related software and services. The company positions itself as a leader in the healthcare technology sector, serving hospitals, blood centers, and cell therapy manufacturers worldwide. The website reflects a mature digital presence built on Adobe Experience Manager, with modern web technologies and integration of analytics tools like Google Tag Manager. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and incident response details could be improved. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. The absence of WHOIS registration data is a concern but is mitigated by the professional nature of the website and its association with Terumo Corporation. Overall, the site is professional, trustworthy, and well-targeted to its healthcare audience.

O

Opper

qiota.com

60

Opper is a specialized software development company founded in 1989, focusing on media and print management solutions tailored for IT, marketing, and sales services. Their flagship offering is a modular web application designed to help publishers and media companies engage audiences and monetize digital content effectively. The company positions itself as a niche provider with a strong emphasis on paywall solutions, user management, and content monetization tools such as e-wallets and data analytics. The website reflects a professional and consistent brand image targeting B2B clients in the media sector primarily in France. Technically, the website is built using the Hugo static site generator, leveraging modern web technologies including SVG graphics and JavaScript for interactivity. The site is well-optimized for performance and mobile responsiveness, with good SEO practices evident in meta tags and structured content. However, there is no evidence of advanced frameworks or CMS beyond Hugo, and no visible analytics or tracking scripts in the provided HTML. From a security perspective, the site enforces HTTPS and uses secure cookie handling mechanisms. However, there is a lack of explicit security headers and no published security or incident response policies, which could be improved to enhance trust and compliance. The absence of WHOIS data for the domain raises some concerns about domain registration legitimacy, although the website content and contact information appear credible and professional. Overall, the website presents a solid business offering with good technical implementation and moderate security posture. The main risk lies in the missing WHOIS data which should be investigated further. Strategic recommendations include enhancing security headers, publishing clear security policies, and verifying domain registration details to improve trustworthiness and compliance.

F

France Télévisions

france.tv

61

France TV is the official public broadcasting platform of France Télévisions, offering a comprehensive range of video content including live TV, replay, documentaries, series, cinema, news, sports, and children's programming. The website targets a general audience in France and serves as a central hub for multiple French public TV channels. Technically, the site uses modern web technologies such as React with Next.js, integrates analytics via Piano Analytics, and employs privacy SDKs, indicating a mature digital infrastructure. Security-wise, the site uses HTTPS and asynchronous script loading but lacks visible security headers and explicit security policies, suggesting room for improvement in security posture. Privacy compliance is limited as no explicit privacy or cookie policies were found in the provided content. Overall, the site is professional, trustworthy, and content-rich, consistent with a major public media entity in France.

N

Nakladatelství Akademie múzických umění v Praze

namu.cz

46

Nakladatelství Akademie múzických umění v Praze (NAMU) is a specialized publishing house affiliated with the Academy of Performing Arts in Prague, focusing on academic and artistic publications in film, music, theatre, dance, and related disciplines. The website serves as an online catalog and sales platform, targeting academics, students, and professionals in the performing arts sector. The business operates with a clear niche focus and maintains a consistent brand presence with professional content and social media engagement. Technically, the website uses standard web technologies (HTML5, CSS, JavaScript) with a moderate performance profile and good mobile optimization. However, it lacks advanced frameworks or CMS indications and does not show evidence of modern security headers or advanced analytics/tracking tools. The cookie consent mechanism is implemented, supporting GDPR compliance. From a security perspective, the site enforces HTTPS and provides basic privacy compliance but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected, but improvements in security headers and formal policies are recommended to enhance trust and compliance. Overall, NAMU presents a trustworthy, professional online presence with room for technical and security enhancements to better align with best practices and regulatory requirements.

D

Divadlo DISK

divadlodisk.cz

63

Divadlo DISK is a well-established theatre institution based in Prague, Czech Republic, with a history dating back to 1945. It offers theatrical performances, cultural events, and collaborates with academic and research institutions. The website reflects a professional cultural organization with clear contact information, active social media presence, and a focus on audience engagement through newsletters and event promotions. Technically, the site uses modern web technologies including JavaScript libraries like jQuery and Fancybox, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and accessible, with a cookie consent mechanism in place, though it lacks a published privacy policy and terms of service, which are important for compliance. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but could be improved by adding security headers and formal security policies. Overall, the website is trustworthy and serves its audience effectively, but should address compliance gaps to enhance privacy and security transparency.

PagesJaunes is a leading French online local business directory platform owned by Solocal. It provides consumers access to millions of local professionals with enriched information such as hours, reviews, and services. The platform supports business profile management and advertising services, positioning itself as a key player in the French local search market. Technically, the website is built with modern JavaScript frameworks and integrates advanced analytics and consent management tools, hosted on Google Cloud Platform. Security posture is strong with HTTPS enforced and GDPR compliance mechanisms in place, though explicit security policies and vulnerability disclosure channels are not publicly visible. Overall, the site is professional, trustworthy, and well-optimized for user experience and mobile devices.

F

France Télévisions

francetv.fr

61

France TV is the official streaming platform for France Télévisions, the French public national television broadcaster. The website offers live TV streaming, replay services, video on demand, podcasts, and articles covering a wide range of programming including documentaries, series, news, and children's content. It serves a broad general audience in France and is a key player in the French media landscape. Technically, the site is built using modern web technologies such as Next.js and React, with good mobile optimization and accessibility features. The platform uses analytics tools like Piano Analytics and integrates privacy management SDKs. Security-wise, the site enforces HTTPS and uses privacy-related scripts but lacks explicit security headers and published security policies. No WHOIS data is available, likely due to privacy protection, but the domain is consistent with a legitimate public media entity. Overall, the site is professional, content-rich, and trustworthy, though it could improve transparency around privacy and security policies.

M

Marie Claire

marieclaire.fr

63

Marie Claire is a well-established French women's fashion and beauty magazine offering a wide range of content including fashion news, beauty tips, lifestyle articles, and subscription services. The website targets a female audience interested in fashion and beauty, maintaining a strong brand presence in the media sector. Technically, the site employs modern JavaScript libraries, consent management tools, and integrates multiple marketing and analytics services, reflecting a mature digital infrastructure. Security-wise, the site enforces HTTPS, uses security headers, and implements consent mechanisms, though it lacks explicit security policy and incident response disclosures. The absence of WHOIS data is a minor concern but does not detract significantly from the site's legitimacy given its professional presentation and brand recognition. Overall, the site is secure, privacy-conscious, and professionally maintained, suitable for its audience and business model.

RFI (Radio France Internationale) is an established international news broadcaster providing comprehensive news coverage from France, Europe, Africa, and worldwide. The website offers political, cultural, sporting news, and live streaming services targeting a general audience. The brand is well recognized with consistent branding and multiple official social media presences. Technically, the website employs modern web standards, including responsive design, consent management via Didomi, and robust SEO practices. Security posture is strong with HTTPS enforced and standard security headers present, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, though WHOIS data is privacy protected, which is typical for media entities. Strategic recommendations include publishing explicit security and incident response policies and enhancing transparency around data protection roles.

Cdiscount is a major French e-commerce platform offering a wide range of products including furniture, electronics, home improvement, garden, and sports goods. The website targets French consumers looking for affordable prices and convenient online shopping experiences. It provides services such as secure payment options, installment plans, free delivery over certain amounts, and a loyalty program. The platform also offers mobile plans and travel booking services, indicating a diversified e-commerce ecosystem. Technically, the website employs modern web technologies including React and jQuery, with a responsive design optimized for mobile and desktop users. The presence of JSON-LD structured data and comprehensive meta tags supports good SEO practices. Performance is moderate with extensive use of JavaScript and external resources. Accessibility features and SEO optimizations are well implemented. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes security headers such as Content Security Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. However, explicit security policies and incident response contacts are not prominently published, which could be improved to enhance transparency and trust. Overall, the website is professional, trustworthy, and compliant with GDPR, featuring clear privacy and cookie policies with consent mechanisms. The lack of WHOIS data reduces domain registration transparency but does not significantly impact the site's legitimacy given its established market presence. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to further strengthen security posture and user trust.

F

Ferrero Hazelnut Company

ferrerohazelnutcompany.com

69

Ferrero Hazelnut Company is a division of the Ferrero Group focused on the entire hazelnut value chain, from cultivation to processing, emphasizing sustainability and quality. The company operates globally with agribusiness development programs and a commitment to responsible sourcing. The website reflects a professional corporate presence with detailed information about their mission, programs, and sustainability efforts. Technically, the site is built on Drupal CMS, uses modern web technologies, and integrates Google Tag Manager for analytics. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers are not detected and privacy compliance could be improved. WHOIS data is unavailable, which raises some concerns about domain registration transparency but does not negate the apparent legitimacy given the strong brand association. Overall, the site is trustworthy, professional, and well-maintained, serving as an effective corporate communication platform.

T

Toyota Financial Services Czech s.r.o.

toyotafinance.cz

65

Toyota Financial Services Czech s.r.o. is a specialized financial services provider focused on branded vehicle financing for Toyota and Lexus in the Czech Republic. The company offers a range of financial products including loans for new and used cars, operational leasing, and insurance services tailored for both private individuals and businesses. With over 25 years of market experience and strong partnerships with Toyota and Lexus dealer networks, the company holds a solid position in the automotive finance sector within the region. The website reflects a professional and consistent brand image, providing clear and accessible information to its target audience. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics and marketing, and a proprietary CMS platform (Edee.one). The site is mobile-optimized, accessible, and SEO-friendly with structured data enhancing search engine visibility. Performance is moderate with no critical errors detected. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with GDPR requirements. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no public security policy or incident response information is provided. The WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for financial institutions. Overall, the security posture is solid but could be improved by adding explicit security headers and incident response details. The overall risk assessment is low with recommendations to enhance security transparency and header implementation. The website is trustworthy, professionally maintained, and compliant with relevant privacy regulations, making it a reliable platform for its users.

G

GEISTER MEDIZINTECHNIK GMBH

geister.com

54

GEISTER MEDIZINTECHNIK GMBH is a German-based manufacturer specializing in premium reusable surgical instruments, including titanium instruments and various clamps for cardiovascular and thoracic surgery. The company emphasizes German craftsmanship, precision, and sustainability, targeting medical professionals and OEM partners globally. Their website reflects a mature digital presence with multilingual support and detailed product highlights. Technically, the site uses modern JavaScript frameworks such as Vue.js and integrates Google Tag Manager for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and incident response information suggests room for improvement. The WHOIS data is notably missing, which raises some concerns about domain registration transparency but does not directly contradict the professional business presence. Overall, the website is trustworthy and well-maintained but would benefit from enhanced security disclosures and contact transparency.

A

Abbott Laboratories

abbott.com

76

Abbott Laboratories is a well-established multinational healthcare corporation founded in 1888, specializing in innovative medical devices and health care solutions across multiple sectors including cardiovascular health, diabetes management, diagnostics, nutrition, and medicines. The website reflects a mature digital presence with comprehensive content targeting consumers, healthcare professionals, investors, and job seekers. The company maintains strong branding consistency and trust indicators such as verified social media profiles and structured data markup. Technically, the website leverages modern web technologies including Adobe Experience Manager CMS, New Relic monitoring, Adobe Launch tag management, and TrustArc consent management, indicating a high level of digital maturity. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance metrics. From a security perspective, the site enforces HTTPS and implements consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance appears robust with clear privacy and cookie policies. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. The absence of WHOIS data is noted but likely due to privacy protection and does not detract from the legitimacy of the site. Strategic recommendations include enhancing security headers, publishing security policies, and establishing a vulnerability disclosure program to further strengthen trust and security posture.

S

Stanford Health Care

stanfordhealthcare.org

63

Stanford Health Care is a leading academic medical center and healthcare provider based in the United States, delivering comprehensive medical services including cancer treatment, heart disease care, brain disorder treatment, primary and specialty care, and clinical trials. The website reflects a mature digital presence with a focus on patient engagement through services like the MyHealth portal and video visits. The organization maintains a strong market position in the Bay Area healthcare sector with consistent branding and professional content. Technically, the website is built on Adobe Experience Manager and hosted on Amazon AWS infrastructure, leveraging modern web technologies and analytics tools such as Google Analytics, Google Tag Manager, Adobe Launch, and Qualtrics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. From a security perspective, the site enforces HTTPS and employs domain registration protections. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing. There is no visible vulnerability disclosure or security policy page, which could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professional, and secure with minor areas for improvement in security hardening and transparency. The risk profile is low, and the site effectively supports the business objectives of Stanford Health Care.

K

KHSB

khsb-berlin.de

60

KHSB is an educational institution based in Germany, providing higher education services primarily targeting students and the academic community. The website is built on TYPO3 CMS and demonstrates a moderate level of digital maturity with modern technologies and a responsive design. The presence of Cookiebot for cookie consent and Matomo for analytics reflects a commitment to privacy and GDPR compliance, although explicit privacy and terms of service pages are not detected in the provided content. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but could be improved with additional security headers and published policies. Overall, the website is professional and trustworthy, serving its educational purpose effectively.

I

Internationale Psychoanalytische Universität Berlin

ipu-berlin.de

51

The Internationale Psychoanalytische Universität Berlin (IPU) is a private, state-recognized university specializing in psychoanalytic psychology and psychotherapy education. Founded in 2009, it offers unique bachelor and master programs with a strong psychoanalytic focus, supported by interdisciplinary research and international partnerships. The website reflects a mature academic institution with comprehensive content, clear navigation, and professional branding. Technically, the site is built on TYPO3 CMS, uses modern web technologies, and integrates Google Analytics and Tag Manager for analytics. Security practices include HTTPS, CSRF protection, and a robust cookie consent mechanism, though some security headers and explicit incident response policies are absent. Overall, the domain and website are consistent with the institution's identity and demonstrate a high level of trustworthiness and compliance with GDPR.

H

Humboldt-Universität zu Berlin

hu-berlin.de

70

Humboldt-Universität zu Berlin is a prominent German university offering a wide range of academic programs and research initiatives. The website reflects its role as a leading educational institution with a strong emphasis on interdisciplinary research and social cohesion. It targets students, researchers, academic staff, and the general public interested in academic content. The university maintains a large-scale presence with consistent branding and professional content quality. Technically, the website is built on the Plone CMS platform, utilizing modern JavaScript libraries such as jQuery and bxSlider for interactive elements. It employs Matomo analytics with user consent mechanisms, indicating a mature approach to privacy. The site is hosted likely within academic networks in Germany, ensuring reliability and performance rated as moderate to good. Mobile optimization and accessibility features are well implemented. From a security perspective, the site enforces HTTPS and uses script integrity attributes, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. Business credibility is high, supported by certifications and trust signals. Overall, the website is professional, secure, and compliant, with minor recommendations to enhance security headers and publish vulnerability disclosure information to further strengthen trust and security posture.

H

Hochschule für Technik und Wirtschaft Berlin

htw-berlin.de

63

HTW Berlin is a prominent University of Applied Sciences located in Germany, offering a wide range of Bachelor, Master, and MBA programs across multiple disciplines including engineering, business, design, and health. The institution is well-ranked nationally and provides extensive research and continuing education services. The website reflects a mature digital presence with clear navigation, multilingual support, and active engagement with its target audiences such as prospective students, current students, alumni, and industry partners. Technically, the site uses modern web standards, integrates Matomo analytics with user consent, and maintains good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved and explicit security policies are not published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

H

Hochschule für Musik Hanns Eisler Berlin

hfm-berlin.de

42

Hochschule für Musik Hanns Eisler Berlin is a well-established public music university founded in 1950, recognized as one of Europe's leading music institutions. The website provides comprehensive information about its academic offerings, ensembles, events, and student services, targeting prospective and current students, faculty, and music professionals. Technically, the site is built on TYPO3 CMS and hosted by Hetzner, featuring a well-structured, accessible, and mobile-optimized design. Security posture is solid with HTTPS enabled and secure form handling, but lacks visible security headers and formal privacy or cookie policies. No incident response or vulnerability disclosure mechanisms are evident, which could be improved to enhance trust and compliance. Overall, the site is professional, trustworthy, and content-rich, but would benefit from enhanced privacy and security transparency.

E

Evangelische Hochschule Berlin

eh-berlin.de

67

The Evangelische Hochschule Berlin (EHB) is a specialized higher education institution based in Germany, focusing on practical degree programs in social work, health, nursing, and education. The website serves as an information portal for prospective and current students, offering detailed navigation through academic programs, research, international opportunities, and continuing education. The institution positions itself as a medium-sized university of applied sciences with a clear focus on social and health sectors. Technically, the website is built on the TYPO3 CMS platform, utilizing modern web standards such as HTML5, CSS, and JavaScript. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. The absence of advanced analytics or tracking scripts suggests a privacy-conscious approach or limited digital marketing. From a security perspective, the site lacks visible security headers and explicit security or privacy policies, which lowers its security posture. No blocking mechanisms or WAF challenges were detected, indicating open accessibility. The WHOIS data is minimal, with generic DNS servers and no detailed registrant information, which slightly impacts trust but is not uncommon for educational institutions. Overall, the website is professional and functional but would benefit from enhanced transparency in privacy and security policies, improved security headers, and clearer contact information to strengthen trust and compliance.

The website represents a small German software provider specializing in solutions for Studentenwerke, offering products such as inventory management, dormitory management, accounting, and cash register systems. The business positions itself as the leading provider in its niche within Germany. The technical infrastructure is basic, relying on legacy HTML standards and a CMS named 'web to date 8.0'. There is no evidence of modern SEO, accessibility, or mobile optimization. Security posture is weak due to lack of HTTPS and security headers, and no visible privacy or cookie consent mechanisms. Contact information and incident response details are absent, limiting trust and compliance. Overall, the site is functional but outdated and lacking in security and privacy best practices.

The website metz.fr serves as the official digital portal for the Ville de Metz, providing residents and visitors with comprehensive information about city services, events, public policies, and cultural activities. It holds a strong market position as the authoritative source for municipal information in Metz, France. The site targets a broad audience including local citizens, tourists, and stakeholders interested in city governance and community engagement. Key services include news updates, event calendars, administrative procedures, and social support information. Technically, the website employs modern JavaScript libraries such as Swiper.js for UI components, Matomo for privacy-conscious analytics, and Google Custom Search for site search functionality. The cookie consent mechanism is implemented using tarteaucitron.js with high privacy settings, reflecting good compliance with GDPR. The site is mobile-optimized and presents a professional design with clear navigation, although accessibility features are basic. From a security perspective, the site enforces HTTPS and uses privacy-respecting analytics without setting cookies by default. However, no explicit security headers were detected in the HTML content, and there is no published security policy or incident response contact information. No vulnerabilities or exposed sensitive data were found. Overall, the security posture is good but could be improved by adding security headers and formalizing security policies. The overall risk assessment is low, with the site demonstrating strong legitimacy, consistent branding, and compliance with privacy regulations. Strategic recommendations include enhancing security transparency, improving accessibility, and publishing incident response and vulnerability disclosure information to further strengthen trust and security culture.

D

DK

d-k.io

62

DK is a French company specializing in carbon measurement and management solutions tailored for the communication, media, and advertising sectors. Their platform offers harmonized and standardized carbon footprint measurement tools, including an API for automated calculations, targeting advertisers, agencies, publishers, and media companies. The company positions itself as a market reference in France with notable media clients and a strong emphasis on sustainability and environmental impact reduction. Technically, the website is well-built with modern technologies such as Matomo analytics and Google Tag Manager, hosted by OVH SAS. It demonstrates excellent mobile optimization, accessibility, and SEO practices. However, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, but the absence of security headers and incident response information are areas for improvement. Overall, the website is professional, trustworthy, and content-rich, reflecting a credible business with a clear mission. The domain registration data aligns well with the business claims, enhancing legitimacy. Privacy compliance and security transparency could be strengthened to improve user trust and regulatory adherence.

S

Spyne

spyne.ai

65

Spyne is a technology company specializing in AI-powered photography and editing software tailored for automotive dealerships. Their platform offers end-to-end solutions including virtual studios, 360-degree vehicle spins, video tours, and conversational AI to enhance dealership merchandising and customer engagement. The company is positioned as a trusted provider with a global footprint, serving over 3200 dealerships across 40+ countries and processing over 10 million cars. Technically, the website is built on modern frameworks like Next.js and integrates multiple analytics and marketing tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and no exposed sensitive data, though improvements in security headers and published policies are recommended. Overall, Spyne presents a professional and credible business with strong market presence and technological sophistication.

B

BoursoBank (ex-Boursorama Banque)

boursobank.com

70

BoursoBank, formerly known as Boursorama Banque, is a French online bank positioned as the least expensive bank for 17 years, offering a range of financial services including free bank cards, mortgage loans, life insurance, stock market services, and savings products. The website is professionally designed, mobile-optimized, and compliant with GDPR regulations, featuring a comprehensive cookie consent mechanism. Technically, the site uses modern JavaScript frameworks and fonts, ensuring a good user experience and accessibility. However, the absence of WHOIS registration data raises concerns about domain legitimacy and registration status, which should be further investigated. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit incident response information. Overall, the site presents a trustworthy and professional banking service with room for improvement in transparency and security disclosures.

Y

YOURLS Contributors

yourls.org

67

YOURLS is an established open-source project providing a self-hosted URL shortening solution. It targets developers and organizations seeking full control over their URL shortening services. The website reflects a mature project with a consistent brand and strong community support, including sponsorship transparency. Technically, the site is built using modern static site generation technology (Docusaurus) and leverages Cloudflare for DNS and analytics, ensuring good performance and mobile optimization. Security posture is generally good with HTTPS enforced and domain transfer protections, but lacks explicit security headers and published privacy or cookie policies, which are areas for improvement. Overall, the site is trustworthy and professional, though it would benefit from enhanced privacy compliance and clearer contact information.

Kinder Finland is a regional website representing the Kinder brand, a well-known confectionery brand owned by Ferrero. The site targets parents and families with children, offering product information, brand storytelling, sustainability initiatives, and interactive applications such as Applaydu. The website is professionally designed with consistent branding and good content quality, supporting the brand's market position in the retail confectionery sector. Technically, the site is built on Drupal CMS with modern JavaScript libraries and is mobile optimized, though some accessibility and security header improvements are recommended. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but explicit security headers and privacy policy pages are lacking. The WHOIS data for the domain is missing, which reduces trust slightly, but the website content and linked Ferrero domains strongly indicate legitimacy. Overall, the site is a credible and professional digital presence for Kinder in Finland.

I

Instagram

tictac.com

80

Instagram is a globally recognized social media platform owned by Meta Platforms, Inc., providing photo and video sharing services to a broad audience. The website analyzed is the official login page, designed with modern web technologies and optimized for performance and mobile use. The platform maintains a strong security posture with HTTPS enforcement and comprehensive security headers, ensuring user data protection during login. While privacy and cookie policies are not directly visible on the login page, the overall compliance posture is good given Instagram's global presence and regulatory adherence. The domain's WHOIS data is privacy protected, which is typical for large enterprises, and does not detract from the site's legitimacy. Overall, Instagram's website demonstrates high professionalism, security, and trustworthiness.

C

C & K člen skupiny AUTO UH a.s.

ckauto.cz

43

C & K člen skupiny AUTO UH a.s. operates as an authorized automotive dealership and service provider specializing in Toyota, Lexus, Subaru, and CFMOTO brands. The company serves customers primarily in the Czech Republic with physical locations in Brno and Uherské Hradiště. Their business model focuses on new and used vehicle sales, vehicle servicing, and financing solutions, positioning them as a reputable regional player within the automotive retail sector. The website reflects a professional and consistent brand image aligned with their market presence. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager, Google Analytics, Facebook Pixel, and Seznam Analytics, indicating a mature digital marketing infrastructure. The site is mobile-optimized with good navigation and content quality, though some accessibility features could be enhanced. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, demonstrating compliance with privacy regulations such as GDPR. However, the absence of explicit security headers and incident response information suggests room for improvement in security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. The main limitation is the lack of WHOIS data, which restricts domain legitimacy verification. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further strengthen trust and compliance.

The website www.canalplusbrandsolutions.fr is currently inaccessible due to a security or WAF challenge, presenting an 'Access Denied' message with minimal content. This prevents a full assessment of the business, compliance, and security posture. The visible content is limited to a branded logo and a message indicating request processing, with no privacy, cookie, or contact information available. The technical footprint is minimal, with only a single external domain serving static assets. No analytics, advertising, or tracking scripts are detected, and no forms or user input mechanisms are present. The site appears to be mobile responsive at a basic level but lacks SEO and accessibility features. The domain is privacy protected in WHOIS, consistent with a media brand's typical privacy practices, but detailed registrant information is unavailable. Overall, the site scores low on content quality, security posture, and privacy compliance due to the blocking mechanism.

B

Boursorama

boursorama.com

69

Boursorama is a prominent French online bank and financial information provider, offering a wide range of services including online banking, stock market data, and financial news. The website presents a professional and well-structured interface targeting investors and banking customers primarily in France. Technically, the site uses modern web standards with good mobile optimization and SEO practices, although explicit CMS or hosting details are not evident. Security posture is moderate due to lack of visible security headers and missing WHOIS data, which raises some concerns about domain registration transparency. Privacy compliance appears weak as no privacy or cookie policies were detected in the provided content. Overall, the site is functional and trustworthy from a business perspective but would benefit from enhanced transparency and security measures.

V

Veepee|ad

veepee-ad.com

58

Veepee|ad is a newly established retail media advertising company launched in 2023 as part of the Veepee group, a pioneer in event sales on the internet in Europe. The company offers a comprehensive suite of retail media solutions including display, search, CRM, social retail, programmatic advertising via Veepee|ad Connect, and couponing services. Their platform targets a large member base of 28 million active users, positioning them as a leading retail media actor in Europe. The website is professionally designed using HubSpot CMS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy and cookie policies are present and GDPR compliant, supporting trust and compliance. Contact information is primarily via contact forms and a physical address, with no direct emails or phone numbers publicly listed. Overall, the site demonstrates a mature digital presence suitable for a large enterprise in the retail media sector.

E

ExLibris - Library software and management systems

exlibrisgroup.com

74

Ex Libris is an established enterprise specializing in library software and management systems, serving libraries and educational institutions globally. The company is positioned as a key player in the technology sector for library solutions, offering products that enhance education, research, collaboration, and productivity. The website reflects a mature digital presence with professional design, structured data, and SEO optimization. The technical infrastructure is based on WordPress CMS with integration of multiple marketing and analytics tools, indicating a modern and data-driven approach. Security posture is adequate with HTTPS enabled and domain registration protections, though improvements can be made in security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy and terms of service documentation. Overall, the website and domain data indicate a trustworthy and credible business with room for enhanced transparency and security practices.

S

Slovenské múzeum máp

muzeummap.sk

45

Slovenské múzeum máp is a specialized experiential museum in Slovakia dedicated to the history and modern practice of cartography. The museum offers interactive exhibits, educational activities, a flight simulator experience, and a retail shop selling maps, books, and related fashion items. It targets tourists, families, students, and map enthusiasts, positioning itself as a unique cultural attraction in Slovakia. The website is professionally designed using WordPress with modern plugins and themes, providing good user experience and mobile optimization. However, it lacks formal privacy and cookie policies, and no explicit security or incident response policies are published. The site uses HTTPS and Google Analytics for tracking, but security headers are missing, which could be improved to enhance security posture. Overall, the website is trustworthy and functional but would benefit from enhanced privacy compliance and security best practices.

S

STORMWARE s.r.o.

fakturace-zdarma.cz

55

STORMWARE s.r.o. operates the website fakturace-zdarma.cz, offering free invoicing solutions through their POHODA Start accounting software and mPOHODA mobile invoicing app. The company targets small businesses and freelancers primarily in the Czech Republic, providing both offline and online invoicing capabilities with integration between desktop and mobile platforms. The website is professionally designed, with clear navigation and relevant content focused on their software offerings. Technically, the site uses standard web technologies including JavaScript, jQuery, and Google Tag Manager, with a cookie consent mechanism that supports GDPR compliance. Security posture is moderate, with no explicit security headers detected and use of an outdated jQuery version, but no critical vulnerabilities are evident from the content. WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective but the website content and company information suggest a legitimate business presence.

M

MPOHODA

mpohoda.sk

63

mPohoda is a well-established Slovak company providing comprehensive accounting and economic software solutions tailored for small and medium-sized enterprises. The website reflects a professional and consistent brand image, targeting SMEs primarily in Slovakia. Their key services include accounting, payroll, invoicing, and business analytics, positioning them as a leading software provider in their regional market. The technical infrastructure is modern, leveraging Tailwind CSS and JavaScript, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contact could enhance trust further. Overall, the website is compliant with GDPR and cookie regulations, providing clear privacy and cookie policies. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

ARTIN, spol. s r.o.

artin.cz

74

ARTIN, spol. s r.o. is a well-established software development company based in the Czech Republic with over 25 years of experience. The company specializes in custom software development, team augmentation, consulting, and AI implementation, targeting businesses seeking tailored software solutions and AI integration. Their people-first approach and long-term client relationships position them as a trusted partner in the technology sector. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content. Technically, the site uses modern web technologies including Google Tag Manager and Solidpixels CMS, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and secure forms, though explicit security headers and policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, ARTIN demonstrates a high level of business credibility and digital maturity, making it a reliable and professional software partner.

Státní fond audiovize is the official Czech government fund dedicated to supporting audiovisual projects including film, television, animation, and video games. The website serves as a portal for funding calls, official meeting minutes, and important documents related to the audiovisual sector in the Czech Republic. It targets audiovisual professionals and stakeholders seeking government support and information. The domain is well-established since 2012 and hosted on Czech servers, reinforcing its legitimacy. Technically, the website uses standard HTML5, CSS3, and JavaScript with a clean and professional design. It is mobile-optimized and provides a good user experience with clear navigation. However, it lacks advanced frameworks or CMS indications and does not include analytics or tracking technologies, reflecting a minimalistic and privacy-conscious approach. From a security perspective, the site uses HTTPS and does not expose sensitive data or forms collecting personal information. However, it lacks visible security headers and published privacy or cookie policies, which are important for compliance and trust. No incident response or vulnerability disclosure information is provided, which could be improved to enhance security posture. Overall, the website is trustworthy and professional but could benefit from enhanced privacy compliance and security best practices. There are no signs of malicious content or adult material, making it safe for general audiences.

R

Příční

rezidencepricni.cz

55

The website www.rezidencepricni.cz presents a residential real estate project located in Brno, Czech Republic, offering modern apartments inspired by historical architectural styles. The site targets potential home buyers seeking urban living with quality amenities such as parking, balconies, and shared gardens. The business model focuses on property sales with a local market position emphasizing architectural quality and location convenience. Technically, the website employs modern JavaScript libraries including Three.js and Panolens.js for interactive content, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and formal privacy or terms of service pages. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces domain trustworthiness. Overall, the site is professional and functional, with moderate risk and room for improvement in compliance and security transparency.

S

Stellar Media & Consulting

stellaliberty.com

58

Stella Liberty operates as a niche adult service provider specializing in dominatrix and fetish services in the Portland, OR and Vancouver, WA areas. The business offers specialized services including rope bondage, corporal punishment, foot fetish, roleplay, and submissive training, targeting an adult-only audience. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and privacy compliance documentation. The absence of WHOIS registration data raises concerns about domain legitimacy, although the active and professional website presence suggests a legitimate business. Overall, the site requires improvements in privacy compliance, security best practices, and domain registration transparency to enhance trust and reduce risk.

SubmissiveCuckolds.com is an adult entertainment website specializing in cuckolding fetish videos with a femdom touch. The site operates on a subscription-based model offering exclusive adult video content targeted at mature audiences interested in niche fetish genres. The website has been active since 2009, indicating a stable presence in its niche market. The content is explicit and designed for adults only, with no visible age verification mechanisms on the main page. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and video.js for media playback. Google Analytics and Google Tag Manager are employed for user tracking, but there is no visible cookie consent mechanism, which may raise privacy compliance concerns. Security posture is basic with no advanced security headers detected and DNSSEC not enabled on the domain. The WHOIS data shows consistent domain registration with a long history and no privacy protection, supporting legitimacy. However, the absence of contact information and security policies reduces business credibility. Overall, the site functions adequately for its purpose but lacks several modern security and privacy best practices.

Orgasmabuse.com is an adult entertainment website specializing in forced orgasm content, offering exclusive videos and daily free content to adult enthusiasts. The site targets a niche adult audience and operates on a subscription or content access business model. The domain is mature, registered since 2013, and hosted by Hosting Concepts B.V., indicating a stable operational history. Technically, the site uses standard web technologies such as JavaScript, CSS, and HTML5, with cookie consent managed by Cookiebot and analytics via Google Tag Manager. However, the site lacks advanced SEO optimization and accessibility features, and the design quality is basic. From a security perspective, the website uses HTTPS but lacks DNSSEC and important security headers, which reduces its security posture. No privacy policy, terms of service, or contact information are published, limiting transparency and compliance with privacy regulations such as GDPR. The site employs external ad networks and tracking services, which may impact user privacy. Overall, the security score is moderate but could be improved significantly by implementing standard security headers and publishing comprehensive policies. The content is explicitly adult and NSFW, with clear age verification and warnings, making it suitable only for adults. There is no evidence of WAF or blocking mechanisms, allowing full content access for analysis. The domain registration data is consistent with the business type, though registrant details are minimal. Strategic recommendations include enhancing security headers, publishing privacy and security policies, improving SEO and accessibility, and adding clear contact and incident response information to build trust and compliance.

HumiliationPOV.com is a niche adult entertainment website specializing in fetish content such as small penis humiliation, femdom POV, financial domination, and related adult themes. The site operates primarily on a subscription and affiliate marketing business model, targeting an adults-only audience interested in specific fetish content. The website content is accessible without any WAF or security challenges, but it uses outdated technologies such as Flash and lacks modern security practices like HTTPS and security headers. Privacy compliance is minimal, with no visible cookie consent mechanisms despite handling user subscriptions. WHOIS data is unavailable, indicating possible privacy protection or recent domain registration, which reduces transparency and trustworthiness. Overall, the site serves a specialized adult market but has significant technical and security shortcomings.

American Mean Girls operates as an adult entertainment website offering adult video clips with an option for users to purchase individual clips using Bitcoin. The site targets an adult-only audience and includes explicit age warnings to restrict underage access. The business model revolves around content sales and an affiliate program facilitated through a third-party payment processor, Verotel. The website's market position is niche within the adult entertainment sector, with a small scale operation dating back to 2013 as per site content. Technically, the website employs basic web technologies including Google Analytics and Google Tag Manager for tracking and analytics. The site lacks modern CMS identification and shows basic design and mobile optimization. There is no evidence of HTTPS or advanced security headers, which raises concerns about secure data transmission and user privacy. The absence of privacy and cookie policies further indicates low compliance with data protection standards. From a security perspective, the site does not demonstrate adherence to best practices such as HTTPS enforcement, security headers, or incident response contact points. The missing WHOIS registration data is a critical red flag, undermining domain legitimacy and trustworthiness. The site’s reliance on Bitcoin payments and lack of transparent business contact information further complicate trust assessments. Overall, the website presents significant risks related to security, privacy compliance, and legitimacy. Strategic improvements in security infrastructure, transparent policies, and domain registration clarity are essential to enhance trust and reduce operational risks.

T

The English Mansion

theenglishmansion.com

7

The English Mansion operates as a niche adult content membership website specializing in femdom BDSM videos and related fetish content. It targets an adults-only audience with explicit content and enforces age verification for UK subscribers. The site claims over 20 years of operation and positions itself as a leader in its niche, offering daily updated HD videos and VR content. Technically, the site uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. However, there is no evidence of a modern CMS or advanced frameworks. Security posture is weak, lacking HTTPS enforcement and security headers, and no privacy or cookie policies are present. The absence of WHOIS registration data and contact information reduces business credibility and trust. Overall, the site is functional but requires significant improvements in security, privacy compliance, and transparency to enhance trust and user safety.

B

Bizarre Design

kinkymistresses.com

7

Kinky Mistresses is an adult entertainment website specializing in BDSM and Femdom video content. The site offers membership-based access to explicit adult videos featuring various fetish and domination themes. The business operates in a niche market segment targeting adults interested in BDSM and Femdom genres. The website content is explicit and includes an age verification warning to restrict access to adults only. Technically, the site uses standard web technologies including JavaScript and CSS, with Google Analytics and Google Tag Manager for visitor tracking. The site lacks advanced CMS or frameworks and shows basic mobile optimization and accessibility features. Security posture is moderate but limited by the absence of visible security headers and lack of published privacy or cookie policies. WHOIS data is unavailable, which reduces transparency and trustworthiness. Overall, the site functions as a small-scale adult content membership platform with basic technical and security implementations.

F

Femdom Empire

femdomempire.com

9

Femdom Empire is a niche adult entertainment website specializing in femdom fetish videos. Established in 2011, it operates a subscription-based business model offering weekly updates and access to exclusive video content. The site targets an adult audience interested in hardcore dominatrix and fetish video content. Technically, the website uses a custom CMS with a variety of JavaScript libraries including jQuery, Fancybox, and Flexslider to provide a multimedia-rich user experience. Hosting is provided by MojoHost, and the domain is registered with GoDaddy, reflecting a stable and consistent digital infrastructure. Security posture is moderate with HTTPS usage and age verification mechanisms, but lacks advanced security headers and explicit incident response policies. Privacy compliance is basic with a privacy policy present but no explicit cookie policy. Overall, the site is professionally designed with good navigation and content relevance but could improve in security and privacy transparency. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing detailed security and incident response policies, and improving privacy and cookie consent mechanisms.