Security Directory

A

AFM-Téléthon

afm-telethon.fr

65

AFM-Téléthon is a prominent French non-profit organization dedicated to combating rare diseases through fundraising, research support, and patient assistance. The website reflects a mature digital presence with comprehensive content targeting families affected by rare diseases, donors, researchers, and healthcare professionals. It offers donation mechanisms, educational resources, and extensive information about its activities and subsidiaries. Technically, the site is built on Drupal CMS, employs modern analytics and consent management tools, and demonstrates good mobile optimization and accessibility. Security posture is solid with HTTPS and consent mechanisms, though explicit security policies and headers could be enhanced. The absence of WHOIS data is unusual but does not detract significantly from the site's legitimacy given the strong branding and external references. Overall, the site is professional, trustworthy, and well-aligned with its mission.

O

onestar press

onestarpress.com

58

Onestar Press is a niche e-commerce business specializing in the sale of artists' books, prints, and multiples, operating since 2000. The website is professionally designed using Shopify and React technologies, providing a good user experience with clear navigation and mobile optimization. The business targets collectors and enthusiasts of contemporary art publications, offering a curated selection of unique and special edition works. Despite the professional presentation, the WHOIS data for the domain is missing, indicating either a recent registration or privacy protection, which conflicts with the claimed business history. The website includes comprehensive legal pages and contact information, supporting business credibility. Technically, the site uses modern frameworks and is hosted on Shopify, ensuring reliable infrastructure and moderate performance.

F

Freie Universität Berlin

fu-berlin.de

50

Freie Universität Berlin is a leading German excellence university established in 1948, offering over 150 academic programs across twelve faculties and three central institutes. The website serves a diverse audience including students, researchers, staff, and international partners, providing comprehensive information on study programs, research, international cooperation, and campus services. The site is well-structured, professionally designed, and supports accessibility and mobile optimization. Technically, it is built on a Ruby on Rails framework with Infopark CMS Fiona, leveraging modern web standards and security best practices such as HTTPS and security headers. However, it lacks a visible cookie consent mechanism and explicit security or incident response policies, which are areas for improvement. Overall, the website demonstrates a strong security posture with no detected vulnerabilities or suspicious content, reflecting the institution's credibility and trustworthiness.

D

Duacode

duacode.com

10

Duacode is a Spanish technology company specializing in custom software development and UX/UI design services. Their website presents a professional image with a clear focus on user experience and tailored software solutions. The company targets businesses and organizations seeking specialized digital products and interfaces. The website demonstrates a mature digital presence with modern technologies such as Cookiebot for consent management and Google Tag Manager for analytics. Social media integration and client area access further indicate a business-oriented approach. However, the lack of WHOIS data raises concerns about domain registration legitimacy, which should be addressed to improve trust. Technically, the website is well-structured, mobile-optimized, and uses modern fonts and JavaScript libraries. Performance is moderate with good SEO and accessibility features. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. No vulnerabilities or sensitive data exposures were detected. Overall, the security posture is solid but could be enhanced by adding security headers and incident response information. Privacy compliance is strong with clear policies and consent mechanisms. The business credibility is good, supported by clear contact information and professional content. The domain registration inconsistency is the main risk factor. Strategic recommendations include verifying and publishing domain registration details, implementing security headers, and providing a security policy or incident response contacts to strengthen trust and compliance.

S

SolarPower Europe

solarpowereurope.org

10

SolarPower Europe is a leading European solar industry association focused on advocacy, market insights, and fostering collaboration across the solar PV value chain. The organization provides comprehensive reports, campaigns, and events to support the energy transition towards renewables, storage, and grid flexibility. Their website demonstrates a mature digital presence with modern technologies such as Nuxt.js, Google Analytics, and YouTube integration, delivering a rich user experience optimized for mobile and desktop users. Security posture is solid with HTTPS and no visible vulnerabilities, although some security headers and explicit security policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data limits domain trust verification, but the professional content and transparency support legitimacy. Overall, the website is a trustworthy and authoritative source for solar energy information and industry engagement.

G

Global Solar Council

globalsolarcouncil.org

10

The Global Solar Council is a non-profit organization serving as the global voice for the solar energy industry, representing associations and corporations worldwide. Their website demonstrates a strong market position as an advocacy and capacity-building entity within the renewable energy sector, particularly solar PV and battery storage. The site is professionally designed, mobile-optimized, and rich in relevant content including news, resources, events, and membership information. Technically, the website employs modern web technologies, integrates reputable analytics and marketing tools, and is hosted on a reliable platform with HTTPS enforced. Security posture is solid with cookie consent mechanisms aligned with GDPR and other privacy regulations, though explicit security policies and incident response contacts are absent. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is justified for this type of organization. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

R

Raketsport

raketsport.cz

45

Raketsport.cz is a specialized retailer and distributor of racket sports equipment, operating primarily in the Czech and Slovak markets. The company positions itself as an exclusive distributor for several well-known brands such as Tecnifibre, Victor, and Pro Kennex. The website reflects a professional and consistent brand image with clear business contact information and a focus on serving players of all ages and skill levels. The business model centers on B2B and retail distribution of sports equipment, supported by a dedicated team of representatives. Technically, the website employs a modern frontend stack including Bootstrap 4 and jQuery, hosted on Czech hosting infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, it lacks advanced SEO and accessibility features, and no CMS or backend platform is explicitly detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable inputs. However, it lacks published privacy and cookie policies, security headers, and vulnerability disclosure mechanisms, which are important for compliance and trust. No tracking or analytics scripts were detected, indicating minimal user tracking. The WHOIS data is consistent and transparent, supporting the legitimacy of the domain and business. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices to improve its risk posture and user trust.

P

Palais de Tokyo

palaisdetokyo.com

60

Palais de Tokyo is a prominent cultural institution based in Paris, France, dedicated to contemporary art. It is recognized as the largest center for contemporary art in Europe, offering exhibitions, performances, educational workshops, and a retail boutique. The website reflects a mature digital presence with a modern tech stack including Nuxt.js and Vue.js, and incorporates privacy compliance tools such as tarteaucitron for cookie consent and Sibforms for newsletter subscriptions. The site is well-designed, mobile-optimized, and provides clear navigation and rich content relevant to its audience. Security posture is solid with HTTPS enforced and domain transfer protections, though some improvements like enabling DNSSEC and publishing a security policy could enhance trust further. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving a general audience interested in art and culture.

A

Apaperbook

apaperbook.com

43

A Paper Book (apaperbook.com) is a niche publishing project focused on cataloging artistic paintings on red-brown steel freight wagons. The website presents a single product with descriptive content and a link to an external shop. The business operates in a specialized art publishing market with a small scale and limited digital footprint. Technically, the site is built with basic HTML, CSS, and JavaScript, hosted on a provider associated with the registrar NameWeb BVBA. The site lacks advanced CMS or frameworks and shows basic mobile optimization and SEO. Security posture is minimal with no detected security headers or privacy policies, and no forms or data collection mechanisms are present. The domain is well-registered and consistent with the business timeline, indicating legitimacy. Overall, the site is functional but lacks comprehensive compliance and security features.

The website www.pau.fr serves as the official digital portal for Pau Agglomération, a French municipal government entity. It provides comprehensive information and services related to daily life, urban planning, culture, social services, and community engagement for residents and visitors. The site is built on Drupal 10 and integrates Matomo analytics for privacy-conscious user tracking. The design is professional, mobile-optimized, and accessible, reflecting a mature digital presence for a government organization. Security posture is good with HTTPS and some security best practices observed, though explicit security policies and incident response information are not publicly visible. The absence of WHOIS data is a notable anomaly that warrants further verification but does not detract from the site's apparent legitimacy based on content and branding.

B

Bureau DGC

bureaudgc.com

46

Bureau DGC is a small Paris-based graphic design studio founded in 2016, specializing in book design, visual identity, spatial design, website, and digital media. The company targets artists, publishers, architects, urbanists, and brands, positioning itself as a niche creative agency with a professional portfolio showcasing diverse projects. The website reflects a consistent brand identity and provides clear contact information, though it lacks social media presence and phone contact details. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with Google Analytics and Google Tag Manager for tracking. The site is hosted by OVH sas, a reputable provider. Mobile optimization is good, but accessibility and SEO optimizations are basic. No CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing security posture. There are no visible privacy or cookie policies, nor incident response contacts, indicating compliance gaps especially regarding GDPR. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is professional and functional but would benefit from improved security practices and privacy compliance measures to enhance trust and regulatory adherence.

O

Onestar Press

bookmachine.info

51

Book Machine is a niche website focused on typography and publishing resources, powered by Onestar Press. It offers downloadable font and typography PDFs, targeting designers and publishing professionals. The website is hosted on the Cargo Collective platform and uses modern web technologies including HTTPS and YouTube embeds. However, it lacks comprehensive privacy, cookie, and terms of service policies, which impacts its compliance posture. Security headers are absent, though no critical vulnerabilities were detected. The WHOIS data is privacy protected, which is common for small businesses, and the domain appears legitimate based on website content and contact information. Overall, the site is functional but could improve in privacy compliance and security best practices.

R

rozumne.sk

rozumne.sk

29

The analyzed content corresponds to an internal Chrome browser error page (chrome-error://chromewebdata/) indicating that no actual website content is accessible at the provided URL or domain. This page is a static offline error page with embedded Chromium scripts, including the well-known offline dinosaur game. There is no business-related content, metadata, or contact information available. The page lacks privacy, cookie, or terms of service policies, and no security or incident response information is present. The technical infrastructure is minimal and specific to Chromium's offline error handling, with no hosting or CMS details. Security posture is basic due to the nature of the page, with no HTTPS or security headers applicable. Overall, this is not a public-facing website but a browser-generated error page, thus limiting any meaningful business or security analysis.

E

EdgeNext

edgenext.com

51

EdgeNext is a technology company specializing in cloud services, content delivery networks (CDN), security, and edge computing solutions tailored for emerging markets. The company positions itself as a leading provider with a strong global network and partnerships with major industry players. Their website demonstrates a mature digital presence with comprehensive product offerings and a focus on AI-powered edge solutions. Technically, the site uses modern JavaScript frameworks, integrates HubSpot marketing and analytics tools, and is optimized for performance and mobile devices. Security-wise, the site enforces HTTPS and advertises security features but lacks publicly disclosed incident response or vulnerability disclosure policies. The absence of WHOIS data is a notable anomaly that impacts domain trustworthiness. Overall, the website is professional, secure, and business-focused, suitable for enterprise clients seeking edge and CDN services.

Z

ZOL

zol.fr

49

ZOL is a French digital agency specializing in custom web and mobile solutions, agile project management, consulting, UX/UI design, and data-driven digital transformation. Established since 2005 with a domain registered in 2008, the agency serves a diverse clientele including startups, SMEs, large groups, and communication agencies. Their market position is solid, supported by a portfolio of notable clients and a strong emphasis on bespoke digital craftsmanship. Technically, the website employs modern technologies such as PHP, Symfony, React, Docker, and integrates analytics tools like Google Tag Manager and Matomo. Hosting is provided by OVH, a reputable provider. The site is well-optimized for mobile and SEO, with a professional design and clear navigation, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website presents a professional and trustworthy digital presence with room for improvement in privacy policy publication and security best practices. Strategic enhancements in these areas would strengthen compliance and security posture.

R

RightCapital

rightcapital.com

53

RightCapital is a financial planning software company offering an easy-to-use SaaS platform designed to simplify financial planning, enhance client engagement, and help financial advisors scale their practices efficiently. The company targets financial advisors and planners, providing advanced planning features, risk assessment tools, and workflow automation. The website is professionally designed, mobile-optimized, and demonstrates strong branding consistency. The technical infrastructure leverages modern web technologies including React and Gatsby, ensuring fast performance and good SEO. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not publicly disclosed. The absence of WHOIS data limits domain trust verification, but the overall digital presence and content quality indicate a legitimate and professional business. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance trust and compliance.

B

Bitfortune

bitfortune.com

57

Bitfortune is an established online crypto casino and sportsbook platform, founded in 2012, offering over 1,200 games including slots, live casino, and sports betting. The platform targets crypto gamblers and sports bettors, providing VIP rewards, promotions, and an affiliate program to enhance user engagement. The website demonstrates a consistent brand presence and a professional design tailored for adult users interested in crypto gambling. Technically, Bitfortune employs modern web technologies such as React and integrates multiple analytics and marketing tools including Google Tag Manager, Hotjar, and Microsoft Clarity. Hosting and DNS services are provided via Cloudflare, ensuring good performance and baseline security. However, DNSSEC is not enabled, and security headers are not visibly implemented, representing areas for security enhancement. Privacy compliance is weak, with no explicit privacy or cookie policies detected, which may pose regulatory risks. The domain registration is consistent and long-standing, supporting the legitimacy of the business. Overall, Bitfortune presents a moderate risk profile with opportunities to improve privacy compliance and security posture.

T

The Coding Machine

thecodingmachine.com

66

The Coding Machine is a French-based technology company specializing in custom web and mobile application development, serving entrepreneurs, startups, and large enterprises. Established in 2004, it has a mature market presence and offers a comprehensive suite of services including technical conception, UX/UI design, development, maintenance, audits, and generative AI solutions. The company emphasizes adherence to deadlines and budgets, positioning itself as a reliable partner in digital transformation projects. Technically, the website is built on WordPress with a modern tech stack including Laravel, Symfony, React, Vue.js, and various No Code and blockchain technologies, hosted on Amazon AWS. The site is well-optimized for SEO and mobile, with good performance and accessibility standards. Security posture is solid with HTTPS, domain locks, and CAPTCHA-protected forms, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with clear GDPR-aligned policies and cookie consent mechanisms. Overall, the website reflects a professional, trustworthy, and technically competent organization with a strong digital presence.

I

IQVIA Digital

meddatagroup.com

73

IQVIA Digital is a leading healthcare marketing solutions provider specializing in delivering personalized, data-driven omnichannel engagement for pharma companies, agencies, partners, and publishers. As a subsidiary of IQVIA, it leverages advanced clinical and behavioral data to empower healthcare marketers to create meaningful customer experiences that drive better outcomes. The company positions itself as a trusted partner in the healthcare marketing ecosystem with integrated platforms and analytics capabilities. Technically, the website is built on the HubSpot CMS platform, utilizing modern web technologies including Google Tag Manager for analytics, Brightcove for video content, and Swiper for interactive carousels. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms. From a security perspective, the site enforces HTTPS and uses secure forms via HubSpot. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly configured, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is notably missing or unavailable, which slightly reduces trustworthiness but does not outweigh the professional presentation and clear business legitimacy. Overall, IQVIA Digital demonstrates a strong business and technical profile with good security hygiene and privacy compliance. The main risk lies in the lack of WHOIS transparency, which should be investigated further to ensure domain registration legitimacy and continuity.

T

Thrill

thrill.com

59

Thrill.com operates as an online crypto casino and sports betting platform, offering a variety of casino games, premium slots, and crash games with seamless cryptocurrency transactions. The platform targets adult users interested in gambling and crypto-based betting, positioning itself as a future-forward service in the online gaming industry. The website is professionally designed with a modern UI, leveraging technologies such as SvelteKit and Cloudflare for hosting and security. However, the site lacks visible privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security measures include HTTPS and Cloudflare WAF protection, but there is room for improvement in security headers and incident response transparency. Overall, the site demonstrates moderate technical maturity and business credibility but requires enhancements in privacy compliance and security posture to strengthen trust and regulatory adherence.

P

ppwork | employee management system

ppwork.cz

42

The website ppwork.cz presents a specialized employee management system tailored for personnel agencies, primarily targeting the Czech Republic market. The platform offers comprehensive workforce management features including attendance tracking, payroll calculation, and administrative support. The business model is SaaS-based, focusing on small to medium-sized personnel agencies, with customization options for client-specific needs. The website content is professional and well-structured, providing clear information about the system's capabilities and benefits. Technically, the website employs a modern front-end stack including Bootstrap, jQuery, and various JavaScript libraries for animations and UI enhancements. The site is mobile-optimized and demonstrates good design quality and user experience. However, there is no evidence of advanced SEO or accessibility features, and no CMS or hosting provider information is discernible. Performance is moderate, with no major issues detected. From a security perspective, the site lacks visible security headers and published security policies. The absence of HTTPS verification data and WHOIS information raises concerns about domain legitimacy and security posture. No privacy or cookie policies are present, indicating potential compliance gaps with GDPR or other data protection regulations. Contact information is minimal, limited to a single email address, with no phone or physical address provided. Overall, the website is functional and business-focused but would benefit from enhanced security measures, transparency in domain registration, and improved privacy compliance. Strategic recommendations include implementing HTTPS with strong SSL, publishing privacy and cookie policies, adding security headers, and providing clearer contact and incident response information to build trust and compliance.

S

SOMFY Group

somfy-group.com

68

SOMFY Group is a global leader in home and building automation, specializing in motorization and control solutions for openings and closures. The company operates in over 59 countries and emphasizes sustainability and digital innovation. Their website reflects a mature digital presence with comprehensive corporate content, including annual reports and sustainability initiatives. Technically, the site uses modern frameworks like Bootstrap and integrates multiple analytics and tracking tools, hosted likely via Akamai CDN. Security posture is good with HTTPS enforced and a dedicated cybersecurity reporting channel, though explicit security headers are not detected. Privacy compliance is strong with clear cookie consent and privacy policies in French, aligned with GDPR. The domain WHOIS data is unavailable, which slightly reduces trust but the overall site professionalism and content quality support legitimacy.

S

SOMFY

somfy-connect.com

61

SOMFY Connect is a digital platform focused on enabling users to activate and manage connected smart home products, primarily through the TaHoma app ecosystem. The website serves as a portal for downloading apps and accessing smart home systems, targeting end consumers interested in home automation. The brand is established and professional, with a clear focus on IoT and smart home technology. Technically, the site uses a mix of JavaScript libraries including jQuery and TagCommander for tracking and performance monitoring, hosted on a secure HTTPS platform. However, the site lacks visible privacy and cookie policies, which impacts compliance and user trust. Security posture is generally good with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and updated libraries. The WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional site presence. Overall, the site is functional and moderately mature but requires improvements in privacy compliance and domain legitimacy verification.

S

SOMFY, SPOL. S R.O.

somfypro.cz

66

Somfy PRO CZ&SK is a professional B2B web portal serving Somfy brand resellers, manufacturers, and distributors in the Czech and Slovak markets. The portal provides comprehensive product catalogs, technical specifications, pricing, manuals, and training information, positioning itself as a key resource for Somfy's professional partners. The website reflects a medium-sized manufacturing business with a consistent brand presence and a focus on B2B engagement. Technically, the site is built on the Liferay CMS platform, utilizing modern JavaScript libraries such as jQuery and YUI, and implements responsive design for mobile users. The infrastructure supports good performance and SEO practices, although some accessibility features could be enhanced. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks visible advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data due to privacy protection slightly reduces trust but does not detract significantly from the overall legitimacy of the business. Overall, Somfy PRO CZ&SK presents a trustworthy, professional, and well-maintained digital presence suitable for its B2B audience. Strategic improvements in security headers, incident response transparency, and direct contact information visibility would further enhance its security posture and business credibility.

I

ij-t.cz

zabavne.online

46

Zábavně.online is a Czech Republic-based web application platform specializing in creating interactive educational games using QR codes and GPS navigation. The platform targets schools, families, and corporate teams, offering tools to build custom routes, questions, and competitions to engage users in a fun and informative manner. The business operates as a small entity with a clear focus on educational technology and marketing engagement. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, and popular libraries like Modernizr and Owl Carousel, delivering a moderately performant and mobile-optimized experience. Security posture is moderate with HTTPS assumed but lacking explicit security headers and published privacy or cookie policies, which are critical for compliance and trust. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

The website razed.com is currently inaccessible due to a Cloudflare security challenge page that blocks access to any actual content. The domain is long-registered since 2004 with a stable registration status, indicating legitimacy. However, no business information, contact details, or policies are visible on the page. The technical infrastructure includes Cloudflare's Turnstile captcha for bot mitigation, but no further technologies or CMS are detectable. The security posture cannot be fully assessed due to the lack of accessible content, but the use of Cloudflare suggests a baseline security layer. Overall, the site cannot be properly evaluated for content quality, privacy compliance, or business credibility due to the blocking mechanism.

J

JUDr. Tomáš Philippi

t-p.cz

57

JUDr. Tomáš Philippi operates a specialized legal practice in the Czech Republic focusing on real estate, civil, commercial, family, and copyright law. The firm is well-established since 2006 and holds a reputable position in the market, notably through contributions to real estate legislation and education. The website serves as a professional portal presenting the firm's services, contact information, and related real estate educational resources. Technically, the website is basic but functional, with minimal modern enhancements and limited mobile optimization. Security posture is weak due to lack of HTTPS enforcement and missing security headers, and there are no published privacy or cookie policies, indicating compliance gaps. Overall, the site is trustworthy but would benefit from improved security and privacy practices.

S

Home | The SPSRF

stiffperson.org

58

The website stiffperson.org serves as a support group platform dedicated to Stiff Person Syndrome, a rare neurological disorder. It provides informational resources and community support primarily targeting patients, their families, and caregivers. The site is built on the Wix platform, leveraging Wix's hosting and content management system, which offers moderate performance and good mobile optimization. However, the content quality and design are basic, reflecting a small non-profit organization's typical digital presence. From a security perspective, the site uses HTTPS but lacks advanced security headers and formal privacy or cookie policies, which are important for compliance and user trust. No contact information or incident response details are provided, limiting transparency and responsiveness to security or privacy concerns. The site employs minimal tracking via Metricool analytics, indicating a low level of user tracking. Overall, the domain WHOIS data is unavailable or privacy protected, which is common for small non-profits but limits trust verification. The website content and structure do not raise suspicion and align with a legitimate support group. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance the site's trustworthiness and security posture.

N

National Infusion Center Association

infusioncenter.org

63

The National Infusion Center Association (NICA) is a well-established nonprofit trade association founded in 2007, dedicated to representing non-hospital infusion providers and outpatient care settings. The organization focuses on advocacy, standards development, education, and membership services to support community-based infusion centers across the United States. Their website reflects a professional and comprehensive digital presence with detailed information about their mission, team, and services, positioning them as a leading voice in infusion therapy advocacy. Technically, the website is built on WordPress using the Betheme theme, incorporating modern technologies such as Google Tag Manager, HubSpot, and various analytics and marketing tools. The site is mobile-optimized and SEO-friendly, with good performance and accessibility features. Hosting appears to be managed via GoDaddy, consistent with the domain registrar information. From a security perspective, the site enforces HTTPS and employs domain locking statuses to protect domain integrity. However, it lacks DNSSEC, advanced security headers, and a published security.txt file, which are areas for improvement. Privacy compliance is basic, with no explicit privacy or cookie policies detected, and no consent mechanisms for cookies, which could pose compliance risks. Overall, the website is trustworthy, professional, and serves its target audience effectively. Strategic improvements in privacy compliance and security hardening would enhance its risk posture and user trust.

M

MEDEN

meden-eu.org

60

MEDEN is a European scientific network focused on neuromyelitis optica spectrum disorders and related neurological conditions. The website serves as an informational and collaborative platform for clinicians and researchers in this niche healthcare field. The site is built on the Wix platform, leveraging Wix Thunderbolt and standard web technologies, providing a moderate level of performance and mobile optimization. Security posture is generally good with HTTPS enforced and no obvious vulnerabilities, but lacks visible security policies and contact information for incident response. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy within its specialized domain but could improve transparency and compliance aspects.

Chicago MS Alliance is a specialized non-profit organization focused on uniting multiple sclerosis (MS) specialists to improve access, equity, and outcomes through collaboration, education, and advocacy for neuroimmunologic conditions. The website presents a professional and consistent brand image, targeting healthcare professionals and specialists in the neuroimmunology field. The business model centers on alliance-building and educational initiatives rather than commercial transactions. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Typekit fonts and Google Fonts, with a moderate performance profile and good mobile optimization. The site uses HTTPS with HSTS enabled, indicating a strong baseline security posture. However, there is room for improvement in security headers and privacy compliance features. Security-wise, the site enforces HTTPS and HSTS, with no visible vulnerabilities or exposed sensitive data. The lack of privacy and cookie policies, as well as absence of contact information for security incidents, represents compliance and operational gaps. The WHOIS data is unavailable, likely due to privacy protection, which is reasonable for this type of organization. Overall, the website is trustworthy and professionally presented but would benefit from enhanced privacy compliance and clearer contact information to improve user trust and regulatory adherence.

F

Fundación CAMINEMOS.mx

caminemos.mx

43

Fundación CAMINEMOS.mx is a Mexican non-profit organization dedicated to supporting individuals affected by demyelinating diseases such as Multiple Sclerosis and Neuromyelitis Optica. The website serves as an educational and community platform offering verified medical information, events, and a directory of specialists and resources. The organization targets Spanish-speaking patients, caregivers, and medical professionals, positioning itself as a trusted source within its niche healthcare segment. Technically, the website uses a modern but basic tech stack including Bootstrap and jQuery, with Google Fonts and Google Analytics integrated. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate; HTTPS is implied but no advanced security headers or policies are detected, and privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is limited to an email and a contact form, with no phone or physical address disclosed. Overall, the site is professional and trustworthy but could improve in security and privacy compliance.

The Brain Health Center of the Rockies is a small non-profit organization focused on brain health education, community engagement, and support for patients with neurological conditions such as Multiple Sclerosis and Neuromyelitis Optica. Their website is professionally designed using Squarespace, featuring event information, educational resources, and connections to healthcare providers. The technical infrastructure is modern and mobile-optimized, leveraging common web technologies and APIs. Security posture is adequate with HTTPS enforced, but lacks important security headers and privacy compliance documentation, which are areas for improvement. The domain WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the website is trustworthy and serves its community well but should enhance privacy and security transparency.

Librezo is a French digital artisan collective specializing in providing self-hosting solutions and free software services to organizations and individuals seeking data sovereignty and privacy. The company emphasizes ecological and resilient digital infrastructures, offering tailored support and maintenance for client servers. Their market position is niche but well-defined, focusing on privacy-conscious and open-source oriented clients. Technically, the website is built with standard web technologies, hosted on ScaleWay, and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS and domain protections, though improvements in security headers and incident response transparency are recommended. Overall, the website is professional, trustworthy, and aligns well with the business claims, with no blocking or WAF interference detected.

Energiequelle SAS is a French company specializing in the development, construction, and management of renewable energy projects, including wind, solar photovoltaic, repowering, and energy storage. Founded in 2002 and a subsidiary of the German Energiequelle GmbH since 2010, the company operates internationally with a strong presence in France. Their website reflects a professional and comprehensive presentation of their services, projects, and corporate information, targeting investors, partners, and stakeholders in the renewable energy sector. Technically, the website is built on the Neos CMS platform using modern web technologies such as PHP, JavaScript, and various libraries for UI components. The site is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism compliant with GDPR. However, some security headers are not explicitly detected, and no dedicated security or incident response policies are published. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent controls. No vulnerabilities or exposed sensitive data were found in the HTML content. The absence of WHOIS data reduces transparency but does not indicate malicious intent. Overall, the security posture is solid but could be improved by publishing explicit security policies and adding security headers. The overall risk assessment is low, with recommendations to enhance security headers, publish incident response information, and consider a security.txt file for vulnerability disclosures. The website is trustworthy, professionally maintained, and compliant with privacy regulations, making it a reliable source for business and technical information about Energiequelle SAS.

E

Energiequelle Oy

energiequelle.fi

50

Energiequelle Oy is a well-established renewable energy company founded in 1997, operating internationally with a strong presence in Finland and other European countries. The company specializes in the development, construction, and operation of renewable energy projects including wind power, solar power, energy storage, hydrogen, and P2X solutions. Their market position is strong as a leading player in the European renewable energy sector, employing over 600 professionals and having completed more than 850 power plants. The website reflects a professional and comprehensive digital presence with clear business information and international reach. Technically, the website is built on the Neos CMS platform using modern web technologies such as PHP, JavaScript, and various UI libraries. It is mobile-optimized, accessible, and SEO-friendly, with a cookie consent mechanism that complies with GDPR requirements. The site uses HTTPS with good SSL configuration, though explicit security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. From a security perspective, the site demonstrates good practices including encrypted communications and user consent management. However, it lacks publicly available security policies or incident response contacts, which could enhance trust and preparedness. The WHOIS data aligns well with the company’s stated history and location, supporting legitimacy. Overall, Energiequelle Oy’s website is a secure, professional, and trustworthy platform that effectively supports its business objectives in the renewable energy market. Strategic improvements in security transparency and policy publication would further strengthen its security posture and stakeholder confidence.

P

PROFIBUS Nutzerorganisation e.V. (PNO)

profibus.de

62

PROFIBUS Nutzerorganisation e.V. (PNO) is a leading industrial association based in Germany focused on the development, standardization, and dissemination of industrial communication and automation technologies including PROFIBUS, PROFINET, IO-Link, and others. The organization serves a global community of members and experts, providing certification, training, and technology services to support industrial production sectors. The website reflects a mature digital presence with comprehensive content and professional design. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and implements privacy-conscious analytics and cookie consent mechanisms. Security posture is strong with HTTPS and privacy features, though additional security headers and a security.txt file would enhance trust. Overall, the domain and website present a credible, professional, and trustworthy industrial association with a clear focus on technology standards and community support.

Z

Zlatý Anděl

zlatyandel.cz

52

Zlatý Anděl is a Czech Republic-based shopping center offering a variety of retail shops, restaurants, and office spaces. The website is professionally designed with clear navigation and mobile optimization, targeting local shoppers and business tenants. The technical infrastructure includes modern JavaScript frameworks, cookie consent management, and Google Tag Manager for analytics. Security posture is strong with HTTPS and cookie consent but could be improved by adding security headers and visible contact information. The absence of WHOIS data reduces domain trustworthiness, though the website's professional appearance and social media presence support legitimacy. Overall, the site is low risk but would benefit from enhanced transparency and security disclosures.

TeamIn is a Czech Republic-based software solution focused on providing a team information system tailored for small businesses. The platform facilitates project management, workflow control, and performance tracking, aiming to simplify communication and task management within small firms. The website presents a clear business focus with professional content and consistent branding, targeting small companies needing efficient project and workflow management tools. Technically, the website is built using standard web technologies including HTML, CSS, and JavaScript, with Google Analytics integrated for visitor tracking. The site shows moderate performance and basic mobile optimization but lacks advanced frameworks or CMS detection. Security measures appear minimal, with no visible HTTPS enforcement or security headers, and no privacy or cookie policies published, indicating gaps in compliance and security best practices. From a security perspective, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. The lack of privacy and cookie policies further impacts GDPR compliance. While the site content is safe and business-appropriate, the security posture is weak, and improvements are needed to enhance trust and protect user data. Overall, the site is functional and informative but requires significant enhancements in security, privacy compliance, and domain legitimacy to improve its risk profile and business credibility.

M

Masarykova univerzita

muniss.cz

63

The website muniss.cz represents the Meziuniverzitní studentská soutěž (MUNISS), an inter-university student competition organized by Masaryk University and supported by the statutory city of Brno. It targets students from Masaryk University, Brno University of Technology, and Mendel University to collaborate on innovative projects aimed at city development. The site is professionally designed, mobile-optimized, and uses modern web technologies including Matomo analytics and a cookie consent mechanism. The domain is well-established since 2010 and aligns with the educational and civic mission presented. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are missing. Overall, the site is trustworthy and serves its educational purpose effectively.

I

ITOPF

itopf.org

71

ITOPF is a globally recognized non-profit organization specializing in promoting effective spill response for oil, chemicals, and hazardous substances. The organization serves industry and government entities worldwide, providing expert advice, contingency planning, training, and claims analysis related to accidental ship-source pollution. ITOPF maintains a strong market position as a primary source of technical information and support in the environmental protection sector. Technically, the website is built on the TYPO3 CMS platform, leveraging modern JavaScript libraries and frameworks such as FancyApps UI Carousel and Google Analytics with Tag Manager for tracking and consent management. The site demonstrates good performance, mobile optimization, and accessibility standards, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs consent-based analytics tracking. However, it lacks explicit security headers and a published security policy or incident response contacts, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, ITOPF's website is professional, trustworthy, and well-maintained, with comprehensive content and clear navigation. The absence of WHOIS data limits domain registration analysis, but the organization's legitimacy is supported by consistent branding, detailed service offerings, and active content updates. Strategic recommendations include implementing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and security.

The website vida.co.uk is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, metadata, or business information. The domain was registered recently in November 2022 through Stenning Limited t/a Client Domain Management, indicating a relatively new presence. Due to the WAF block, no privacy policies, contact information, or business descriptions are available for analysis. The technical infrastructure includes Cloudflare protection but no visible CMS or analytics tools. Security posture cannot be fully assessed given the lack of accessible content. Overall, the site appears to be in an initial or protected state, limiting the ability to evaluate its business credibility or compliance.

The website 'DATAPLÁN' serves as a strategic management and sustainable development portal for municipalities and regions within the Czech Republic, operated under the National Network of Healthy Cities (Národní síť Zdravých měst ČR). It provides tools and data to support public administration and community planning, focusing on sectors such as energy and transport. The platform targets local government officials and regional authorities, positioning itself as a national resource for strategic development. Technically, the site employs modern web technologies including jQuery, Font Awesome, and Google Analytics, and is built on the ActionApps TOOLKIT CMS. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is adequate with HTTPS enabled and secure login forms, but lacks important security headers and privacy compliance mechanisms such as cookie consent and privacy policy pages. WHOIS data is unavailable due to privacy restrictions, but the website branding and content indicate legitimacy as a government-affiliated platform. Overall, the site is professional and functional but could improve in privacy compliance and security hardening.

U

Ultahost

ultahoststatus.com

53

Ultahost Status is a dedicated status monitoring website for Ultahost's server infrastructure, providing real-time updates and historical incident reports to its customers. The site is relatively new, consistent with the domain registration date in 2024, and targets Ultahost users who require transparency about service availability and outages. The business model focuses on enhancing customer communication and trust through timely incident reporting. Technically, the website employs modern web technologies such as Vue.js and is hosted with Cloudflare DNS services. The site is moderately optimized for performance and mobile responsiveness but lacks advanced SEO and accessibility features. The absence of DNSSEC and security headers indicates room for improvement in security hardening. From a security perspective, the site uses HTTPS, ensuring encrypted communications, but lacks explicit security policies, vulnerability disclosures, and contact channels for incident response. No privacy or cookie policies are present, which may affect compliance with data protection regulations. The site does not employ tracking or advertising technologies, minimizing privacy risks. Overall, the website is functional and serves its purpose as a status page but requires enhancements in privacy, security policies, and contact transparency to improve trust and compliance. Strategic improvements in security headers, DNSSEC, and policy disclosures are recommended to elevate the site's security posture and regulatory adherence.

T

tech&fest

tech-fest.fr

65

Tech&Fest is a well-established technology and innovation festival based in Grenoble, France, targeting a broad audience including researchers, entrepreneurs, students, and professionals. The event focuses on themes such as economic and digital sovereignty, sustainability, and technological advancements. The website is professionally designed, mobile-optimized, and provides comprehensive event information, partner details, and multimedia content. Technically, the site leverages modern JavaScript frameworks (React), integrates multiple analytics and marketing tools, and is hosted on a reliable platform with good performance and security configurations. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, although a dedicated security policy and incident response information are absent. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

L

Les Echos Le Parisien Événements

go-entrepreneurs.com

55

GO Entrepreneurs is a prominent French event organizer specializing in entrepreneurship-focused conferences and salons, primarily targeting creators, startups, and business leaders. The website reflects a professional and well-branded presence, showcasing upcoming events in Paris and Lyon for 2026. The business is positioned as a leader in the French entrepreneurial event market, operated under the umbrella of Les Echos Le Parisien Événements, a reputable media and events company. The site offers partnership opportunities and multimedia content such as podcasts, enhancing its engagement with the entrepreneurial community. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and Didomi for GDPR-compliant consent management. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security measures include HTTPS enforcement and bot protection via Google reCAPTCHA, though some security headers are not explicitly detected. From a security and compliance perspective, the site demonstrates good GDPR adherence with clear privacy and cookie policies and a consent mechanism. However, the absence of a published security policy or incident response contact and the lack of WHOIS domain registration data introduce some concerns regarding transparency and domain legitimacy. Despite this, the professional content and strong branding mitigate some risks. Overall, the website is a credible and professional platform for entrepreneurial events in France, with recommendations to enhance security transparency and verify domain registration details to strengthen trust and compliance further.

B

bokyo.net

bokyo.net

66

bokyo.net is a small e-commerce business specializing in contemporary art, offering limited edition artworks, posters, and prints primarily targeting art enthusiasts and collectors. The website is professionally designed using the Shopify platform with a Retina theme, providing a good user experience and mobile optimization. The technical infrastructure leverages Shopify's hosting and CDN services, ensuring moderate performance and modern web standards. Security posture is generally good with HTTPS enforced and domain transfer protection enabled, though DNSSEC is not enabled and some security headers are not explicitly present. Privacy compliance is limited as no explicit privacy or cookie policies were found, which should be addressed to improve trust and regulatory adherence. Overall, the website is legitimate, consistent with its domain registration data, and presents a trustworthy online storefront for niche art products.

E

ergo.cz

ergo.cz

50

Ergo.cz is a Czech online magazine focused on lifestyle, health, productivity, technology, and related topics. The website offers a variety of articles targeting a general Czech-speaking audience interested in ergonomic living, work efficiency, and health trends. The business model centers on content publishing supported by advertising revenue, primarily through Google Adsense. The site is relatively new, with domain registration in late 2024, and presents itself as a niche media outlet with consistent branding and good content quality. Technically, the website employs standard web technologies including JavaScript, CSS, and uses Matomo for analytics alongside Google Adsense for monetization. Hosting is provided by vas-hosting.com, and the site is served over HTTPS with a moderate performance profile. Mobile optimization and SEO practices are good, though accessibility features are basic. No CMS is explicitly detected. From a security perspective, the site benefits from HTTPS but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There is no visible cookie consent mechanism despite the use of tracking and advertising scripts, which may pose GDPR compliance risks. No incident response or security policy information is published, and no vulnerability disclosure or security.txt files are found. Overall, the security posture is moderate but could be improved. The website content is safe for general audiences with no adult or explicit material detected. Contact information is limited to a contact form with no direct emails or phone numbers publicly listed. WHOIS data is consistent and legitimate, showing recent registration aligned with the website's launch. No suspicious domains or patterns are detected. Strategic recommendations include implementing a cookie consent banner, adding security headers, publishing security and incident response policies, and enhancing GDPR compliance measures to improve trust and legal standing.

U

Ubytování Kytín

ubytovanikytin.cz

55

Ubytování Kytín is a small hospitality business offering four new rooms with private bathrooms located next to a local brewery in Kytín, Czech Republic. The website targets tourists, cyclists, and visitors interested in craft beer and local tourism. The business model focuses on accommodation rental with a local appeal. Technically, the website is built on the Wix platform using Wix Thunderbolt framework, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and some script-based hardening, but lacks explicit security headers and privacy policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust. Overall, the site is functional and professional but would benefit from improved privacy compliance and contact transparency.

S

Studdio

studdio.com

52

Studdio is a French communication agency specializing in comprehensive marketing services including website creation, SEO, social media management, graphic design, logo creation, printing, and signage. The company offers subscription-based communication solutions with monthly fees over 24 to 48 months, targeting businesses seeking efficient and budget-controlled marketing support. The website is professionally designed, mobile-optimized, and provides clear navigation and service descriptions, positioning Studdio as a small but operationally focused agency in the French market. Technically, the website employs modern web technologies such as Google Tag Manager for analytics, Google Fonts for typography, and SVG icons for graphics. The site is served over HTTPS with good SSL configuration, though no explicit security headers were detected. Performance is moderate, with good mobile optimization and basic accessibility features. Privacy and cookie policies are present and indicate GDPR compliance, though no explicit incident response or security policy pages were found. From a security perspective, the website shows a solid baseline with HTTPS and no exposed sensitive data. However, the absence of WHOIS registration data for the domain www.studdio.com is a notable concern, as it raises questions about domain legitimacy and registration consistency. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the HTML content. The site lacks explicit security best practices such as security headers and incident response contacts. Overall, Studdio presents a professional and trustworthy front for its communication services, but the missing WHOIS data and limited security disclosures suggest areas for improvement in transparency and security posture. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to strengthen trust and compliance.