Security Directory

S

Résolu

soyezresolu.org

56

Résolu is a French non-profit project focused on promoting ethical and free digital tools for organizations within the Social and Solidarity Economy sector. The website serves as an educational manual providing guides and fiches to help collectives adopt libre software aligned with their values of solidarity and sharing. Supported by reputable organizations such as Framasoft and Fondation Free, the project is positioned as a niche resource advocating for digital sovereignty and ethical collaboration. Technically, the website is a static site generated with MkDocs and the Material theme, delivering good design quality and mobile optimization. The site uses modern web standards but lacks advanced security headers and DNSSEC, which could enhance its security posture. Analytics are implemented via Matomo, but no cookie consent mechanism or privacy policy is present, indicating gaps in privacy compliance. From a security perspective, the site benefits from HTTPS and domain transfer protection but would benefit from enabling DNSSEC and adding security headers. No forms or user data collection reduce attack surface, but the absence of privacy and cookie policies is a compliance risk. The domain registration is consistent and legitimate, matching the project timeline and content. Overall, the website is a well-structured, trustworthy resource with good content quality and moderate technical maturity. Strategic improvements in privacy compliance and security hardening are recommended to enhance trust and regulatory adherence.

S

StrefaWydruku.pl (Grupa Weblider)

strefawydruku.pl

41

StrefaWydruku.pl is a Polish online printing company specializing in affordable digital and offset printing services. Their offerings include a wide range of printed materials such as flyers, posters, invitations, business stationery, and promotional gadgets. The company operates primarily in Poland with a focus on small to medium-sized business clients and individuals seeking quality printing solutions. The website is well-structured, professionally designed, and integrates multiple related domains to cover various product niches. Technically, the site uses standard web technologies including jQuery and Google Analytics, though some components like jQuery are outdated and pose potential security risks. Security posture is moderate with HTTPS usage and captcha-protected forms but lacks advanced security headers and updated libraries. Privacy compliance is basic with a cookie policy and consent banner present, but no explicit comprehensive privacy or security policies beyond cookie usage. WHOIS data is unavailable due to .pl registry policies, which slightly reduces trust but the website's contact information and business presentation are consistent and professional.

L

Lasatys | Dopravní značení

lasatys.cz

55

The website www.lasatys.cz is a small business site built on the Wix platform. The content is minimal and primarily technical, with no visible business descriptions, contact information, or policies. The site lacks privacy and cookie policies, terms of service, and any security or incident response information. Technically, it uses standard Wix scripts and polyfills but lacks advanced SEO, accessibility, and security headers. The domain WHOIS data is unavailable, indicating privacy protection or unregistered status, which reduces trustworthiness. Overall, the site appears accessible without WAF or security challenges but has low content and business credibility.

S

Statutární město Plzeň

plzen.eu

69

Statutární město Plzeň operates an official municipal website providing comprehensive information and services to residents, businesses, and tourists. The site offers city news, administrative procedures, cultural and social event information, and public service resources. It serves as a central digital hub for the city of Plzeň in the Czech Republic, reflecting a strong government presence and commitment to transparency and citizen engagement. The website is well-branded, consistent, and professionally maintained, with clear navigation and relevant content for its target audience. Technically, the site uses modern web technologies including JavaScript frameworks, Google Tag Manager, Microsoft Clarity, and cookie consent mechanisms, ensuring a good user experience and compliance with privacy regulations. Security posture is strong, supported by HTTPS, security headers, and ISO 27001 certification, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, the website demonstrates a mature digital infrastructure suitable for a large municipal government entity.

F

Form Sparrow | Build Forms Fast. Collect Data Instantly.

formsparrow.com

65

Form Sparrow is a technology-focused SaaS platform specializing in fast and easy web form building and data collection. The website presents a professional and clean interface targeting developers and businesses seeking no-code form management solutions. The platform positions itself as a hassle-free alternative for form management with API integration capabilities. Technically, the website uses modern JavaScript frameworks such as React and integrates Google Analytics and Google Tag Manager for user tracking. The domain is registered since 2019, consistent with the startup nature of the business. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers which are recommended for enhanced protection. Privacy and cookie policies are not found, indicating a compliance gap. Contact information is not explicitly provided on the homepage, which may affect user trust and support accessibility. Overall, the website is functional and professional but would benefit from improved privacy compliance and security best practices.

P

PROFIBUS Nutzerorganisation e.V.

profibus.com

66

PROFIBUS & PROFINET International (PI) is a globally recognized industry association specializing in the development and promotion of industrial communication standards such as PROFIBUS, PROFINET, IO-Link, and others. The organization supports a large community of over 1,800 member companies and more than 10,000 certified experts worldwide, offering comprehensive training, certification, consulting, and software services. PI's market position is strong, serving as a key driver for interoperability and innovation in industrial automation. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and frameworks, including Bootstrap and Matomo analytics for privacy-conscious user tracking. The site is well-optimized for mobile and accessibility, with good SEO practices and a professional design that supports a positive user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit HTTP security headers. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is notable but does not detract from the site's legitimacy given the organization's established reputation and comprehensive content. Overall, the website demonstrates a mature digital presence with strong business credibility and good privacy compliance. Strategic recommendations include enhancing HTTP security headers, increasing visibility of incident response contacts, and maintaining regular security audits to ensure ongoing protection.

L

Le Dauphiné Libéré

ledauphine.com

71

Le Dauphiné Libéré is a well-established regional French news media organization delivering comprehensive local and national news coverage primarily for several southeastern French departments. The website offers a rich mix of articles, videos, podcasts, and digital newspaper editions, supported by a subscription and advertising business model. The site targets a broad general audience within its regional scope and maintains a strong brand presence consistent with its parent company, EBRA Group. Technically, the website employs modern web technologies including Google Tag Manager, Didomi for consent management, and reCAPTCHA for form security, ensuring a robust digital infrastructure. Security posture is solid with HTTPS enforcement and consent mechanisms, though explicit security headers could be improved. Privacy compliance is strong, with clear GDPR adherence and a dedicated Data Protection Officer contact. The absence of publicly available WHOIS data is a notable transparency gap but does not detract significantly from the site's legitimacy given the professional content and branding. Overall, the website represents a credible, secure, and user-friendly digital news platform with room for minor security enhancements.

C

Citeo

citeo.com

64

Citeo is a French eco-organization specializing in the Extended Producer Responsibility (REP) for household packaging and graphic papers. It plays a key role in promoting recycling and environmental sustainability for producers and businesses in France. The website is professionally designed, primarily in French, and targets businesses involved in packaging and paper production. Technically, the site uses modern frameworks such as Nuxt.js and integrates multiple analytics and tracking tools with a clear cookie consent mechanism, reflecting a mature digital infrastructure. Security posture is good with HTTPS and security headers in place, though explicit security policies and incident response contacts are not published. The absence of WHOIS data for the domain reduces trustworthiness slightly, but the overall professional presentation and compliance with privacy regulations indicate a legitimate and established organization.

W

WOM Marketing

wommarketing.es

47

WOM Marketing is a small digital marketing agency based in Málaga, Spain, specializing in online marketing services such as SEO, advertising, social media management, and web development. The website is built on WordPress using the Divi theme and incorporates modern web technologies including lazy loading scripts and Google Fonts to enhance performance and user experience. While the website demonstrates good design quality and clear navigation, it lacks critical privacy and cookie policies, which are essential for GDPR compliance and user trust. Security posture is moderate with HTTPS enabled but missing key security headers and incident response information. Overall, the domain registration data aligns well with the business claims, indicating legitimacy. Strategic improvements in privacy compliance and security transparency are recommended to enhance trust and regulatory adherence.

P

Watch The Best Premium HD Porn Videos | Pornhub Premium home

pornhubpremium.com

68

Pornhub Premium operates as a leading subscription-based adult entertainment platform offering high-definition, ad-free pornographic videos featuring popular performers. The website targets adult audiences exclusively and employs age verification modals and explicit disclaimers to ensure compliance with legal requirements. Technically, the site uses modern web technologies including Vue.js and jQuery, with a focus on performance and mobile optimization. Privacy and cookie consent mechanisms are robust, reflecting good GDPR compliance practices. However, the absence of publicly available WHOIS data and lack of explicit security policies or incident response contacts present transparency and trust challenges. Overall, the platform demonstrates a mature digital infrastructure but could improve in security communication and registrant transparency.

P

Pornhub

pornhub.org

65

Pornhub is a globally recognized adult entertainment platform offering free and premium pornographic video content. It operates a large-scale video streaming service with extensive user-generated and studio content, supported by advertising and premium subscriptions. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks, third-party ad networks, and comprehensive cookie consent mechanisms. Security posture is strong with HTTPS enforcement, age verification modals, and privacy policies aligned with GDPR standards. However, WHOIS data is unavailable, likely due to privacy protections, which is common in this industry. Overall, the site is professionally managed with a high level of trust and compliance for adult content delivery.

P

Pornhub

pornhub.com

65

Pornhub is a leading adult entertainment website offering free and premium pornographic video content globally. It operates a large-scale platform with extensive multimedia streaming capabilities and a broad user base. The site employs modern web technologies and integrates major advertising networks to monetize its services. Privacy and cookie policies are comprehensive and include user consent mechanisms, reflecting compliance with data protection regulations such as GDPR. The site features age verification and RTA ratings to restrict access to adult content appropriately. However, WHOIS data is unavailable, limiting transparency about domain ownership. No direct company contact or security incident response information is publicly visible, which could be improved to enhance trust and compliance. Overall, the website demonstrates a mature technical infrastructure and a strong market position in the adult media sector.

R

RedTube

redtube.com.br

58

RedTube is a large-scale adult entertainment platform specializing in free pornographic video streaming, targeting Portuguese-speaking audiences. The site offers a broad catalog of adult content, including videos, categories, live cams, and user interaction features such as playlists and watch later. It operates on an advertising-supported business model, leveraging major ad networks like TrafficJunky. Technically, the site employs modern JavaScript libraries, lazy loading, and streaming technologies to deliver content efficiently across desktop and mobile platforms. The presence of age verification modals and cookie consent mechanisms demonstrates compliance with regulatory requirements such as GDPR. Security posture is adequate with HTTPS enforced and some best practices in place, though improvements in security headers and vulnerability disclosure are recommended. Overall, the site is professionally designed and functional, with extensive tracking and advertising integrations typical for the adult media industry.

R

Redtube

redtube.com

65

Redtube is a prominent adult entertainment website offering free streaming of pornographic videos, including high-definition and virtual reality content. It targets an adult audience with a broad range of categories, pornstars, and channels, supported primarily through advertising revenue. The platform demonstrates a mature digital presence with comprehensive privacy and cookie policies, age verification mechanisms, and integration of major ad networks and analytics tools. Technically, the site uses modern JavaScript libraries and asynchronous loading techniques to optimize user experience across devices. Security posture is adequate with HTTPS enforcement and cookie consent, though lacks explicit security policy disclosures and detailed incident response contacts. The absence of WHOIS data reduces domain transparency but is common in this industry. Overall, Redtube maintains a strong market position as a leading free adult video streaming service with good technical and privacy compliance, balanced by some gaps in business credibility and security transparency.

D

Danesco Trading Ltd.

k2s.cc

61

Keep2Share is an established online file hosting and sharing platform founded in 2012, offering users fast downloads, video streaming, and cloud storage services. The business operates on a freemium model, providing both free and premium account options to its general internet user base. The website is built using modern web technologies including React and integrates popular analytics and tracking tools such as Google Analytics and Yandex Metrica. Hosting and DNS services are managed via Cloudflare, ensuring reliable performance and security. The site demonstrates a good level of technical maturity with responsive design and basic accessibility features. Security measures include HTTPS enforcement, reCAPTCHA integration, and domain locking, although DNSSEC is not enabled and explicit security policies are not published. Privacy compliance is partial, with privacy and terms policies present but lacking cookie consent mechanisms. Overall, the site is safe for general audiences and maintains moderate trustworthiness, though improvements in security transparency and privacy compliance are recommended.

F

Framasoft

framapad.org

55

Framasoft is a French non-profit organization dedicated to promoting digital autonomy and popular education through free and open-source software projects such as Framapad, a collaborative real-time text editor. The organization operates on a donation-based model, emphasizing ethical hosting and user data protection. The website reflects a mature digital presence with multilingual support, clear navigation, and a strong community focus. Technically, the site uses modern frameworks like Vue.js and hosts Etherpad-lite software, ensuring a responsive and performant user experience. Security posture is solid with HTTPS and domain transfer protections, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is good, with clear terms of use and a privacy policy, but lacks a cookie consent mechanism despite minimal tracking. Overall, the site is trustworthy, professional, and aligned with its mission of digital emancipation.

F

Fédération France Greeters

greeters.fr

42

Fédération France Greeters operates a community-driven platform connecting visitors with local volunteers who provide free guided walks across various French cities. The organization is positioned as a niche player in the tourism sector, emphasizing authentic local experiences. The website is built on WordPress using the Divi theme and incorporates SEO best practices via Yoast SEO, reflecting a moderate level of digital maturity. Hosting is provided by OVH, a reputable provider, and the site uses HTTPS with good SSL configuration. However, the absence of explicit privacy and cookie policies, as well as lack of security headers, indicates areas for improvement in compliance and security. Social media integration is strong, enhancing trust and outreach. Overall, the security posture is adequate but could benefit from enhanced headers and formal incident response information.

C

COMPAGNIE DE SERVICES

domainedemarie.com

60

Domaine de Marie is a French wine estate operating a 23-hectare vineyard in the Luberon region, offering wine production, direct-to-consumer sales, hospitality, and oenotourism services. The website is built on the Shopify platform, featuring a professional design, product catalog, and e-commerce capabilities including payment integration and GDPR cookie consent. Social media presence is established on Facebook and Instagram, supporting brand visibility. Technically, the site uses modern web technologies and Shopify's infrastructure, providing a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced and hCaptcha protecting forms, but lacks DNSSEC and explicit security headers. Privacy compliance is partial due to missing explicit privacy and terms of service pages. Overall, the domain registration data aligns well with the business claims, supporting legitimacy.

A

AUMOVIO SE

continental-mobility-services.com

66

AUMOVIO SE is a German-based technology company specializing in advanced automotive and mobility solutions, including software-defined mobility, electric mobility, vehicle electrical/electronic architectures, safety systems, driver assistance, user experience, and cybersecurity. The company targets automotive manufacturers and industry partners, positioning itself as a medium-sized enterprise with a comprehensive portfolio of services and solutions. The website reflects a professional corporate presence with consistent branding and a clear navigation structure, although the accessed page is a 404 error page indicating missing content at the requested URL. Technically, the website leverages modern web technologies such as Adobe Helix CMS, Google Tag Manager, and LinkedIn Insight Tag for analytics and marketing. The site is mobile optimized and uses SVG graphics for logos and icons. Performance is moderate with basic SEO and accessibility features. Security posture is good with HTTPS enforced, but lacks explicit security headers and incident response information on the site. No critical vulnerabilities or security issues were detected in the analyzed content. Privacy and cookie policies are present and appear comprehensive, indicating GDPR compliance. However, no terms of service or vulnerability disclosure policies were found. Social media presence is active on Facebook, LinkedIn, and YouTube, enhancing trust and engagement. Overall, the website demonstrates a solid business credibility and technical foundation, though improvements in security transparency and content completeness are recommended to enhance user trust and compliance.

S

SKP RAPID Plzeň, z. s.

fwcczech.cz

43

The website fwcczech.cz serves as the official online presence for the Footbike World Championship 2024 held in Czechia. It provides comprehensive event information, historical context, results, videos, and partner promotion, targeting footbike sport enthusiasts and participants. The site is bilingual (Czech and English) and emphasizes community engagement through social media links and partner showcases. The business model revolves around event organization and promotion within a niche sports market in the Czech Republic. Technically, the site is built on WordPress using the GeneratePress theme and related plugins, hosted by a Czech hosting provider, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced, but lacks advanced security headers and formal security policies. Privacy compliance is minimal, with a basic privacy policy present but no cookie consent mechanism or GDPR details. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional and trustworthy for its purpose but could improve in privacy and security practices.

C

COCON-TONERY PRAHA

cocon.cz

58

The website www.cocon.cz is hosted on the Wix platform and uses standard Wix technologies and scripts. The site content is minimal and lacks detailed business descriptions, contact information, and privacy or cookie policies. The absence of WHOIS data suggests privacy protection or domain registration issues, which limits the ability to fully verify the legitimacy and history of the domain. Technically, the site uses HTTPS but lacks advanced security headers and compliance indicators. Overall, the site appears to be a small-scale or early-stage web presence with limited digital maturity and security posture.

Martin Bugner operates a personal portfolio website showcasing expertise in WordPress web development, custom themes, branding, ecommerce, and application design. The business targets individuals and small businesses seeking fast, custom WordPress websites. The website is built on WordPress 6.8.3 using the GeneratePress theme, hosted on cesky-hosting.eu, and optimized for mobile devices with a clean, professional design. The technical infrastructure is modern and stable, though performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR indicators. Contact information is clearly provided, enhancing business credibility. Overall, the website is a good representation of a small personal web development business with room for improvement in privacy and security practices.

The website krosovykolobeh.cz is a niche sports event platform focused on organizing and promoting cross-country footbike (krosový koloběh) races and community rides primarily in the Czech Republic. It hosts a series of events under the XC Footbike CUP 2025 brand, providing detailed schedules, registration information, and equipment rental options. The site targets enthusiasts of footbiking and outdoor sports, offering a community hub for this specialized activity. Technically, the site is built using the WEDOS WebSite builder platform, leveraging standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and Google Maps API for location services. Hosting is provided by WEDOS, a Czech hosting provider. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features and comprehensive meta-data. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, indicating gaps in compliance and security best practices. No analytics or tracking scripts were detected, suggesting minimal user tracking. The WHOIS data presents a suspicious future domain creation date, which raises questions about registration legitimacy, though the website content appears genuine and detailed. Overall, the site is functional and informative for its niche audience but requires improvements in privacy compliance, security posture, and domain registration transparency to enhance trust and professionalism.

S

SUMMIT TRADE DISTRIBUTION s.r.o.

summit-trade.sk

60

SUMMIT TRADE DISTRIBUTION s.r.o. operates a professional e-commerce platform specializing in premium outdoor equipment and apparel for activities such as skialpinism, climbing, freeride, and trekking. The company holds official distributor status for several renowned outdoor brands, positioning itself as a trusted retailer in Slovakia and the Czech Republic. Their business model combines retail sales with educational content and events under the Summit Academy brand, enhancing customer engagement and brand loyalty. The website is well-branded, content-rich, and targets outdoor enthusiasts seeking quality gear and knowledge. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Typekit fonts, likely built on a custom or proprietary CMS with PHP-based Nette framework elements. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Performance is moderate, with room for optimization. Security is robust with HTTPS enforced, CSRF protection on forms, and cookie consent mechanisms in place, though some security headers could be improved. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and user consent management. However, no explicit security policy or incident response contacts are published, which could enhance trust and preparedness. Overall, the domain registration data aligns with the business claims, indicating a legitimate and established company. Strategically, the company should focus on enhancing security headers, publishing a formal security policy, and improving incident response visibility. Continued investment in technical performance and privacy transparency will further solidify their market position and customer trust.

T

TopGis, s.r.o.

gisonline.cz

60

TopGis, s.r.o. operates the GisOnline.cz platform, a sophisticated GIS mapping application tailored for municipalities, cities, investors, and corporate clients in the Czech Republic. The platform offers comprehensive services including digital technical maps, cadastral data visualization, asset inventory management, and smart city IoT sensor integration. The company positions itself as a leading GIS solution provider with a focus on precision mapping and innovative 3D visualization technologies. Technically, the website employs modern JavaScript frameworks, Google Tag Manager for analytics, and a cookie consent mechanism ensuring basic privacy compliance. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, though improvements are recommended in security headers and formal security policies. The absence of WHOIS data is a notable gap, impacting domain trust assessment. Overall, the site is professional, content-rich, and well-structured, serving a specialized technology niche with clear business credibility.

The website regioforum.eu is a regional cooperation platform focused on fostering cross-border partnerships between local governments, NGOs, and other entities in the Euroregion Śląsk Cieszyński area spanning Poland and the Czech Republic. It serves as an information hub for EU co-financed projects and provides resources such as partnership databases and crisis communication models. The site is bilingual and targets local government officials and regional cooperation stakeholders. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, Google Tag Manager for analytics, and CookieScript for consent management. The site is moderately optimized for mobile and accessibility but lacks advanced SEO and security headers. Security posture is adequate with HTTPS and cookie consent but could be improved by adding explicit security policies and incident response contacts. No contact emails, phone numbers, or social media links are present, which limits direct communication channels. Overall, the domain registration is consistent with the website's regional focus and business purpose, enhancing trustworthiness. The site is safe with no adult or questionable content detected.

S

SH ČMS – Sbor dobrovolných hasičů Morávka

sdhmoravka.cz

55

SDH Morávka is a volunteer fire brigade organization based in the Czech Republic, providing firefighting, rescue, and civil protection services to the local community. The website serves as an information hub for community members, other fire brigades, and interested parties, offering news, event details, and safety information. The organization is supported by local government and foundations, reflecting a trusted community role. Technically, the website is built on WordPress using modern plugins and themes, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal incident response information. Privacy compliance is limited due to missing privacy and cookie policies and absence of consent mechanisms. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve transparency and compliance aspects.

D

Destinační management turistické oblasti Beskydy-Valašsko o.p.s

beskydyportal.cz

54

The website www.beskydyportal.cz serves as a comprehensive tourism portal for the Beskydy and Valašsko regions in the Czech Republic. It offers extensive information on local attractions, accommodation options, events, cycling and hiking routes, and multimedia content to support tourism activities. The portal targets families, couples, and individual tourists seeking regional travel experiences. The business operates as a regional destination management organization, supported by Czech Ministry for Regional Development funding, and maintains partnerships with official tourism entities. Technically, the site employs a modern web stack including Bootstrap, jQuery, Google Maps API, Mapy.cz API, and Leaflet.js for interactive maps. It integrates social media SDKs and tracking pixels such as Facebook Pixel and uses Google reCAPTCHA for form security. The site is mobile-optimized with responsive design and includes cookie consent mechanisms, although it lacks explicit privacy and terms of service pages. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. However, it lacks visible security headers and does not publish a privacy policy or incident response contacts, which are important for GDPR compliance and user trust. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data limits domain legitimacy verification, but the presence of official logos and consistent branding supports trustworthiness. Overall, the site is a well-structured, content-rich tourism portal with good technical implementation and moderate security posture. To enhance trust and compliance, it should publish privacy and terms policies, implement security headers, and provide clearer contact information. Domain registration details should be verified to ensure legitimacy and reduce risk.

Z

ZX2C4

wireguard.com

61

WireGuard is a modern, high-performance VPN protocol and software project focused on simplicity, security, and speed. The project is led by Jason A. Donenfeld and hosted under the ZX2C4 organization, with strong emphasis on cryptographic soundness and minimal attack surface. The website provides comprehensive technical information, installation guides, and community resources, positioning WireGuard as a leading VPN solution in the technology sector. The digital infrastructure uses modern web technologies and analytics tools, delivering a fast and accessible user experience. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and privacy compliance documentation. The absence of WHOIS registration data is unusual but does not detract significantly from the overall trustworthiness given the project's transparency and community presence. Strategic recommendations include publishing privacy and cookie policies, enhancing security headers, and adding a security.txt file to improve vulnerability disclosure processes.

K

KlaukeGear

klaukegear.eu

52

KlaukeGear operates an e-commerce platform specializing in branded merchandise and promotional products, targeting businesses and individuals seeking textile items, giveaways, and accessories under the Klauke brand. The website is built on the Shopware 6 platform, offering a product catalog with shopping cart and user account features. The business appears to be a small retail operation with a consistent brand presentation and moderate market positioning in the promotional merchandise niche. Technically, the site uses modern e-commerce technology but lacks advanced SEO and accessibility features. Security posture is adequate with HTTPS and CSRF protections but lacks comprehensive security headers and explicit security policies. Privacy compliance is basic with a privacy policy present but no cookie policy or GDPR explicit indicators. Overall, the site is functional and professional but could improve in security and compliance maturity.

S

Scramble Ireland

scrambleireland.com

65

Scramble Ireland operates as a specialized e-commerce retailer focused on Brazilian Jiu-Jitsu and grappling apparel and equipment, serving primarily the Irish market. The company offers a range of products including rashguards, shorts, kimonos, belts, and related accessories. Positioned as Ireland's leading BJJ and grappling store, it leverages the Square Online platform for its digital storefront, integrating payment and shipping functionalities seamlessly. The website demonstrates a professional design with good user experience and mobile optimization, supporting both in-store pickup and shipping options. Technically, the site employs modern web technologies including Vue.js and integrates third-party services such as Cookiebot for cookie consent management, Snowplow for analytics, and Sentry for error monitoring. Hosting is managed via Square's CDN infrastructure, ensuring reliable performance. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response information are absent. From a security and compliance perspective, the site implements GDPR-compliant cookie consent mechanisms but lacks a dedicated privacy policy and terms of service pages, which are critical for full compliance and user trust. The absence of WHOIS registration data raises concerns about domain legitimacy, although the professional site presence and integration with reputable payment partners mitigate some risk. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, Scramble Ireland presents a credible and professionally managed online retail presence with room for improvement in privacy documentation and domain registration transparency. Strategic enhancements in compliance documentation and security disclosures would strengthen trust and regulatory adherence.

S

SCRAMBLE AUSTRALIA

scramblestuff.com.au

63

SCRAMBLE AUSTRALIA operates a professional e-commerce website specializing in high-quality martial arts training apparel, including gis, rashguards, shorts, and casual wear, targeting martial arts practitioners in Australia and New Zealand. The website is built on the Shopify platform, leveraging modern web technologies and providing a responsive, well-structured user experience. The business maintains a consistent brand presence across social media channels and offers clear policies for privacy, refunds, and shipping, indicating a mature e-commerce operation. Technically, the site benefits from Shopify's secure hosting and payment infrastructure, with HTTPS enforced and security headers implemented, contributing to a strong security posture. However, explicit security policies and incident response contacts are not published, representing an area for improvement. Overall, the domain registration data is privacy-protected but consistent with a legitimate small business. The website content is safe for general audiences and free from adult or explicit material.

S

Semperit

semperit.com

64

Semperit is a well-established Austrian tyre brand operating under the Continental group, offering a wide range of tyres for cars, SUVs, vans, trucks, and buses suitable for all weather and road conditions globally. The website demonstrates a professional and consistent brand presence with comprehensive product information, multimedia content, and legal documentation, reflecting a mature digital presence. Technically, the site leverages Adobe Experience Manager CMS, integrates dynamic media, and employs modern tracking and consent management tools, indicating a robust digital infrastructure. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and a public security policy suggests room for improvement. The missing WHOIS data for the domain is a notable anomaly that slightly impacts trust but does not detract from the overall legitimacy given the brand's reputation and content quality. Overall, the site is well-designed, user-friendly, and compliant with privacy regulations, making it a trustworthy platform for its target audience.

G

Global Assistance a.s.

na1220.cz

56

The website www.na1220.cz represents the Klub nebeských andělů, a project initiated in 2010 by Global Assistance a.s., Aeroklub ČR, and Letecká amatérská asociace ČR. The project focuses on integrating sport pilots into a voluntary traffic reporting network, enhancing public perception of amateur pilots, and coordinating safety in air and ground operations. The site targets the Czech aviation community and provides news, event information, and contact details for engagement. Technically, the site uses a modern CMS (Solidpixels), employs HTTPS with valid SSL, and includes cookie consent mechanisms aligned with GDPR. However, WHOIS data for the domain is unavailable, which impacts domain trustworthiness. Security headers are missing, and no explicit security or incident response policies are published on the site. Overall, the site is well-structured, content-rich, and professionally presented, but could improve in transparency and security best practices.

K

Krajská hospodářská komora Zlínského kraje

khkzk.cz

43

Krajská hospodářská komora Zlínského kraje is a regional business chamber representing entrepreneurs and business entities in the Zlín region of the Czech Republic. The organization provides a variety of services including business representation, education, networking events, export support, and certification services. The website is professionally designed with clear navigation and content relevant to its target audience of regional businesses and entrepreneurs. Technically, the site uses modern web technologies including JavaScript, CSS frameworks, and Google Tag Manager for analytics and marketing. The site is mobile optimized and includes GDPR-compliant privacy and cookie policies with user consent mechanisms. Security posture is moderate with no detected security headers and unknown SSL configuration, suggesting room for improvement. The absence of WHOIS data reduces domain trustworthiness, but the presence of reputable partners and active social media channels supports legitimacy. Overall, the site is a credible regional business resource with good content quality and privacy compliance but could enhance security and transparency.

The website www.enspryng.com represents Genentech's pharmaceutical product ENSPRYNG®, a treatment for Neuromyelitis Optica Spectrum Disorder (NMOSD). The site provides detailed patient-focused information, healthcare professional resources, and access to medication guides and prescribing information. The business is positioned as an established biotechnology company with a specialty drug offering, targeting patients and clinicians. Technically, the site is built on Adobe Experience Manager with modern web technologies, including consent management and analytics tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security headers and policies are not fully documented. The absence of WHOIS registration data is a concern for domain legitimacy, but the site content and branding align with a reputable pharmaceutical entity. Overall, the site is professional, secure, and compliant with privacy norms, though improvements in transparency of security and privacy policies are recommended.

D

drivewithvia.com

drivewithvia.com

43

The website apply.drivewithvia.com appears to be a subdomain related to Via, a transportation or driving service. However, the site content is inaccessible, showing only a loading spinner with no actual content loaded. The WHOIS query for the subdomain returned no registration data, indicating the domain is either unregistered or the subdomain is not publicly registered. The technical infrastructure includes Google Tag Manager scripts and Salesforce URLs, suggesting integration with enterprise platforms, but no CMS or hosting details are visible. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. Overall, the site is likely blocked or protected by a WAF or security mechanism, limiting content accessibility and analysis.

C

Citymapper Limited

citymapper.com

47

Citymapper Limited operates a leading urban mobility platform offering a comprehensive transport app available on iPhone, Android, and web. The service integrates multiple transport modes including public transit, cycle hire, ferries, and on-demand cabs, targeting urban commuters seeking efficient multi-modal journey planning. The company is well-established with a domain age of over 19 years and a strong market presence in transportation technology. Technically, the website employs modern web technologies, including JavaScript, Typekit fonts, and a privacy SDK, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is basic with no explicit privacy or cookie policies found in the provided content. Overall, the site is professional, trustworthy, and safe for general audiences.

The website superbthemes.com is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any substantive content, including business descriptions, contact information, or policies. The domain is registered with NameCheap since 2018 and uses Cloudflare for DNS and security services. Due to the blocking, no detailed content or business information could be extracted or analyzed. The security posture appears to include Cloudflare's WAF protection, but no further security headers or policies are visible. Overall, the site cannot be fully assessed in its current state, limiting the ability to provide a comprehensive risk or business analysis.

R

Robustel ANZ

robustelanz.com.au

51

Robustel ANZ operates as the master distributor for Robustel Industrial IoT Routers, Gateways, and Modems within the Australia and New Zealand markets. The company focuses on providing industrial-grade IoT connectivity solutions to businesses and enterprises in these regions. The website reflects a professional business presence with a clear focus on technology products related to IoT infrastructure. The market position is that of a specialized distributor serving a niche industrial technology sector. Technically, the website is built on WordPress using the Divi theme and WooCommerce plugin, indicating a modern and flexible digital infrastructure. The site is hosted on Australian servers, aligning with its regional market focus. Security posture is adequate with HTTPS enabled and domain registration protections in place; however, there is room for improvement in security headers and compliance documentation. Privacy and cookie policies are notably absent, which impacts compliance and user trust. Overall, the website is functional and professional but would benefit from enhanced privacy, security, and compliance features to strengthen its risk posture and trustworthiness.

Z

Zoho

maillist-manage.com

62

Zoho Campaigns provides online email and social marketing software aimed at businesses and marketers seeking to run compliant and effective campaigns. The website content focuses on explaining the email sending domains used by Zoho Campaigns and emphasizes compliance with anti-spam laws. The technical infrastructure relies on Zoho's proprietary scripts and content delivery networks, with moderate performance and basic mobile optimization. Security posture is moderate with some best practices like abuse contact emails but lacks visible security headers and formal policies. The absence of WHOIS data limits domain trust verification but the overall business credibility remains high due to brand recognition and consistent messaging. Strategic recommendations include enhancing privacy and cookie policies, implementing security headers, and publishing vulnerability disclosure information to improve trust and compliance.

T

Three Commas™

threecommas.com

69

Three Commas™ is an e-commerce apparel company co-founded by billionaire Mark Cuban, targeting entrepreneurs and fashion consumers. The website is built on the Shopify platform, leveraging modern web technologies and third-party marketing tools such as Facebook Pixel and Shopify Analytics. The site presents a professional and consistent brand image with a focus on apparel sales. Technically, the site is well-structured with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy but could improve transparency and security practices.

B

Built by Buffalo Limited

builtbybuffalo.com

60

Built by Buffalo Limited is a boutique web design and branding agency based in Brighton, UK, established in 2006. The company specializes in creating visually appealing and user-friendly websites and brands for clients worldwide. Their market position is that of a reputable small agency known for quality and client satisfaction, offering services including web design, development, e-commerce solutions, and content management systems. The website reflects a professional and consistent brand image with strong client testimonials and partner endorsements from Shopify and Mailchimp. Technically, the website uses modern web technologies such as HTML5, CSS3, JavaScript with MooTools and Raphaël.js, and integrates Google Analytics and Tag Manager for tracking. Hosting and DNS services are provided via Cloudflare, although DNSSEC is not enabled. The site is mobile optimized with good SEO and accessibility basics. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and DNSSEC is absent. Privacy compliance is basic with a privacy policy page but no cookie consent mechanism. Overall, the website is professional and trustworthy but could improve security and privacy practices.

S

Smile Inc.

smile.io

67

Smile.io is a well-established SaaS company founded in 2013, specializing in loyalty program solutions tailored for Shopify brands. The company positions itself as a leading loyalty platform, offering scalable and Shopify Plus certified services to e-commerce businesses. The website reflects a professional and modern design, leveraging technologies such as Framer for CMS and PostHog for analytics, hosted on AWS infrastructure. The technical implementation is solid with good mobile optimization and SEO practices, although some accessibility features could be improved. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

R

Région Nouvelle-Aquitaine

nouvelle-aquitaine.fr

61

Région Nouvelle-Aquitaine is the official regional government entity responsible for managing and supporting various public services and initiatives in the Nouvelle-Aquitaine region of France. The website serves as a comprehensive portal for citizens, providing information on economic development, employment, youth programs, territorial planning, and ecological transition. It maintains a strong market position as a government authority with a large audience base. Technically, the site is built on Drupal CMS, employs modern JavaScript libraries, and integrates Google Tag Manager for analytics, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, though WHOIS data is unavailable, likely due to registry server response issues rather than malicious intent.

C

CBS Nakladatelství s. r. o.

malovanemapy.cz

45

The website www.malovanemapy.cz represents CBS Nakladatelství s. r. o., a Czech company specializing in the creation and sale of hand-painted artistic maps. These maps are detailed, cartographically accurate, and serve both practical and decorative purposes for tourists, municipalities, schools, and other institutions. The company offers a variety of map types including city maps, area maps, cycling maps, panoramic maps, thematic maps, and orientation plans, catering to diverse customer needs. The business model focuses on bespoke map production and outdoor map solutions, positioning the company as a niche provider in the cartographic and artistic map market within the Czech Republic.

The website at salomon.com is currently inaccessible due to a security challenge page that blocks content access. This prevents extraction of business, contact, or compliance information. The domain is long-established since 1995, registered via Nameshield SAS, and shows legitimate domain status locks, indicating a trustworthy registration. However, the inability to access actual website content limits the ability to assess the company's business model, services, or security posture in detail. The technical infrastructure includes JavaScript-based captcha protection from a third-party provider, indicating a focus on bot mitigation. Due to the content block, no privacy, cookie, or terms policies are detectable, and no contact or security policy information is available. Overall, the site is protected by a generic WAF or security mechanism, resulting in a low AI score and incomplete analysis.

M

Manufacture Mercier

mercier.cc

71

Manufacture Mercier is a heritage French brand specializing in premium cycling apparel, leveraging a century-old legacy dating back to 1919. The company operates an e-commerce platform built on Shopify, targeting discerning cyclists seeking high-quality textiles designed in France and manufactured in Europe. The website reflects a strong brand identity with rich multimedia content and a professional design that enhances user experience and trust. Technically, the site employs modern web technologies and integrates multiple marketing and analytics tools, ensuring robust performance and customer engagement. Security posture is solid with HTTPS enforcement and privacy compliance, although explicit security policies and incident response details are absent. The domain WHOIS data is unavailable, which introduces some uncertainty regarding domain registration legitimacy, but the overall digital presence and branding suggest a credible business. Strategic recommendations include publishing security policies, improving transparency on incident response, and addressing WHOIS data gaps to enhance trust.

P

PNE AG

pne-ag.com

54

PNE AG is a German renewable energy company specializing in project development and services related to wind energy (onshore and offshore), photovoltaics, green hydrogen, and other sustainable energy solutions. The company targets investors, landowners, and energy sector stakeholders with a professional and well-structured website that highlights its key services and projects. The website is built on TYPO3 CMS and integrates modern technologies such as Cookiebot for cookie consent management and Google Tag Manager for analytics and marketing. Technically, the website demonstrates a moderate to good performance with mobile optimization and SEO best practices in place. The security posture is solid with HTTPS enforced and a comprehensive cookie consent mechanism, although some security headers and explicit security policies are missing. Privacy compliance is strong, with a detailed privacy policy and cookie consent banner that aligns with GDPR requirements. The WHOIS data for the domain www.pnegroup.com is missing, which is unusual for a commercial entity and introduces some uncertainty regarding domain registration legitimacy. However, the professional website and privacy compliance mechanisms suggest the business is legitimate. No critical security vulnerabilities or suspicious content were detected. Overall, the website presents a trustworthy and professional digital presence for PNE AG, with room for improvement in transparency around security policies and contact information.

B

BayWa r.e.

baywa-re.com

70

BayWa r.e. is a globally recognized renewable energy company specializing in the development, trading, and servicing of sustainable energy projects including solar, wind, and bioenergy. The company operates under the parent company BayWa AG and maintains a strong market position in the energy sector with a focus on innovation and sustainability. Their website reflects a professional and comprehensive digital presence, targeting investors, industry professionals, and commercial clients. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS and employs standard security headers, though it lacks a publicly available security policy or incident response details. The absence of WHOIS data for the domain is a notable anomaly that slightly impacts trust but does not overshadow the overall professionalism of the site. Strategic recommendations include publishing detailed security and vulnerability disclosure policies and improving transparency around incident response.