Security Directory

F

Fédération Française de Football

cnf-clairefontaine.com

68

The Centre National du Football Clairefontaine website is a professionally maintained portal representing the French Football Federation's prestigious football training center. It offers a variety of services including training programs, facility rentals, and group visits targeting enterprises, football clubs, associations, and the general public. The site is well-branded and aligned with the federation's identity, featuring partner logos from reputable companies. Technically, the site employs modern web technologies, including Google Analytics, Google Tag Manager, and a GDPR-compliant cookie consent mechanism, hosted on AWS infrastructure. Security posture is adequate with HTTPS enforced and reCAPTCHA integration, though security headers and incident response information are lacking. Overall, the website is trustworthy and compliant with privacy regulations, with room for improvement in security transparency and technical hardening.

P

PUMA Europe GmbH

puma.cz

72

PUMA Europe GmbH operates a professional e-commerce platform targeting the Czech market and broader European region, offering footwear, apparel, and accessories under the globally recognized Puma brand. The company is a large enterprise with a long history dating back to 1948 and is part of the Puma SE group. The website reflects a mature digital presence with advanced personalization and marketing technologies integrated, including Salesforce Commerce Cloud and Emarsys. The site is well-structured, mobile-optimized, and provides comprehensive business and contact information, enhancing user trust and engagement. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit incident response contacts and vulnerability disclosure policies could be improved. Overall, the domain and website demonstrate high legitimacy and professionalism consistent with a global retail brand.

Z

Združenje Manager

zdruzenje-manager.si

51

Združenje Manager is a well-established Slovenian non-profit association dedicated to supporting management professionals through events, knowledge sharing, and networking. The website reflects a professional and consistent brand presence with clear business information and active social media engagement. Technically, the site is built on SilverStripe CMS, uses modern JavaScript libraries, and integrates analytics tools like Google Analytics and Microsoft Clarity with privacy considerations. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks explicit security policies and vulnerability disclosure channels. Overall, the site is trustworthy, accessible, and serves its target audience effectively.

T

The Institute of Leadership

leadership.global

10

The website leadership.global is operated by The Institute of Leadership and focuses on providing leadership skills development, career progression resources, and professional recognition services. The site targets professionals seeking to enhance their leadership capabilities and advance their careers. The business model centers on education and professional development within the leadership sector. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the website employs modern technologies including Cookiebot for cookie consent management, Google Tag Manager for analytics, and ShareThis for social sharing. The site is mobile optimized and includes accessibility features, although no specific CMS or hosting provider was identified. Performance is moderate with proper SEO meta tags and Open Graph data enhancing visibility. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms aligned with GDPR. However, explicit security headers are not evident, and no published security or incident response policies were found. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is consistent with the business claims, supporting legitimacy. Overall, the website is safe, professional, and compliant with basic privacy regulations, but could improve by publishing privacy and security policies, adding security headers, and providing clear contact information for incident response.

C

Confédération Nationale des Cadres

cnc-nck.be

56

The website represents the Confédération Nationale des Cadres, a Belgian trade union focused on defending the rights of cadres and participating in social elections. The organization positions itself as a neutral alternative syndicate for Belgian cadres, targeting a specialized audience within Belgium. The website is built on the Wix platform, utilizing Wix's Thunderbolt framework and standard polyfills for browser compatibility. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is functional and professional but could improve transparency and compliance.

R

RMC BFM ADS

rmcbfm-ads.com

55

RMC BFM ADS is a prominent French advertising agency specializing in the commercialization of advertising spaces for major media brands such as BFM and RMC. Positioned as the third largest private TV advertising agency in France, it offers a comprehensive portfolio of advertising solutions across television, radio, digital platforms, and local channels. The company targets advertisers and businesses seeking to enhance brand visibility and performance through multi-channel campaigns. The website reflects a professional and consistent brand image with clear service offerings and a focus on digital-first advertising strategies. Technically, the website employs modern web standards including HTML5, CSS3, JavaScript, and JSON-LD structured data for SEO. It is mobile-optimized with good navigation clarity and moderate performance. The presence of cookie consent mechanisms and detailed privacy policies indicate a commitment to GDPR compliance. However, no explicit security policies or incident response information are published, which could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent. No critical vulnerabilities or exposed sensitive data were detected. The absence of security headers and vulnerability disclosure information suggests room for enhancement in security posture. The WHOIS data is unavailable, which slightly impacts trust but is mitigated by the professional presentation and consistent branding. Overall, RMC BFM ADS presents a trustworthy and professional online presence suitable for its business domain. Strategic improvements in security transparency and WHOIS data availability would further strengthen its credibility and compliance posture.

N

NextRadioTV

rmcbfmplay.com

69

RMC BFM PLAY is a French media streaming platform operated by NextRadioTV, offering live and replay video content from channels such as RMC Découverte, RMC Story, BFMTV, and BFM Business. The platform targets a general French-speaking audience interested in news, entertainment, and discovery programs. The website demonstrates a professional design and consistent branding aligned with its parent company. Technically, it leverages modern web technologies including Angular and integrates advanced consent management and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the site is trustworthy and compliant with GDPR, but the absence of WHOIS registration data and explicit contact information slightly reduces transparency.

J

Judoverse

judoverse.org

65

Judoverse.org is a website dedicated to a judo-themed NFT project, offering digital collectibles related to the sport of judo. The site targets NFT enthusiasts and fans of judo, leveraging blockchain technology to create unique digital assets. The business appears to be a small-scale, recently founded entity (2022) focusing on niche digital collectibles. The website features SVG animations and a clean, modern design but lacks comprehensive textual content and detailed business descriptions. Technically, the site uses Cloudflare DNS, Google Fonts, and Google Analytics, with HTTPS enabled, ensuring basic security and performance standards. However, DNSSEC is not enabled, and security headers are missing, which could be improved to enhance security posture. The security posture is moderate, with no critical vulnerabilities detected, but the absence of privacy and cookie policies, as well as incident response contacts, indicates gaps in compliance and security transparency. Contact is primarily through an external Discord link, with no direct company emails or phone numbers provided. Overall, the site is functional and moderately secure but would benefit from enhanced privacy compliance and security best practices.

Harvest Group SA is a Swiss-based international commodities merchant specializing in agricultural products such as wheat, corn, soy, and barley. The company provides comprehensive services including international logistics, financing, risk management, and advisory services, positioning itself as a key player in global commodity trading and supply chain management. The website reflects a medium-sized enterprise with a professional online presence and consistent branding. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript with the Slick Carousel library for UI elements. The site is hosted under a reputable registrar and DNS provider, with HTTPS enabled ensuring secure communications. Mobile optimization and navigation clarity are good, though accessibility features are basic and SEO optimization is moderate. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks advanced security headers and DNSSEC. There is no visible security policy or incident response information, and no cookie consent mechanism is implemented, which may impact GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is trustworthy and professional, with clear contact information and business details. However, improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance security posture and regulatory adherence.

I

International Judo Federation

judobase.org

60

The International Judo Federation (IJF) operates Judobase.org, a comprehensive and authoritative platform dedicated to judo sports enthusiasts worldwide. The website serves as the official source for competition results, athlete rankings, event calendars, and multimedia content related to IJF-sanctioned events. It targets a global audience including athletes, coaches, officials, and fans, positioning itself as a key resource in the judo sports ecosystem. The business model is primarily federation-driven, supported by sponsorships and partnerships, with a medium-sized operational scale and a history dating back to at least 2007. Technically, the website employs modern web technologies including JavaScript frameworks, Bootstrap for responsive design, and integrates third-party services such as Google Analytics and Facebook SDK for analytics and marketing. The site is well-optimized for performance and mobile devices, with a clean and professional design that facilitates excellent user experience and navigation. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a dedicated security policy page, which are areas for improvement. Privacy and cookie policies are present and appear comprehensive, indicating a reasonable level of GDPR compliance. Contact information is clearly provided with official domain emails, enhancing trustworthiness. Overall, Judobase.org demonstrates a strong security posture and high business credibility, with no signs of suspicious activity or content safety concerns. The lack of WHOIS data due to privacy protection is typical for such organizations and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, implementing explicit cookie consent mechanisms, and publishing a formal security incident response policy to further strengthen compliance and user trust.

S

Sangel Systemtechnik GmbH

helulight.de

48

The website helulight.de represents HELU Connectivity Solutions Bielefeld GmbH, formerly known as Sangel Systemtechnik GmbH, a medium-sized German company specializing in intelligent lighting concepts, cable assemblies, and LED industrial luminaires. The company is part of the HELUKABEL Group, which enhances its market position and product portfolio. The site targets industrial manufacturers and machine builders, offering B2B solutions for process visualization and industrial lighting. Technically, the website is built on the Shopware CMS platform with modern JavaScript and Bootstrap frameworks, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and cookie consent enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is moderate with a privacy policy linked on a partner domain but no dedicated cookie or terms of service pages on the site itself. Overall, the site is professional, trustworthy, and safe for general audiences.

The website onlinekonfigurator.biz serves as a specialized web configurator tool associated with TE Connectivity Corporation, a large US-based technology enterprise. The site provides a technical interface likely intended for business partners or internal users to configure products or services. The content is minimal and focused on functionality rather than marketing or customer engagement. The technical infrastructure relies on custom JavaScript and PHP backend handlers, with no visible use of common CMS or third-party analytics tools. The site lacks public-facing privacy, cookie, or terms of service policies, and no contact information is provided, which limits transparency and user trust. Security posture is moderate but could be improved by enabling DNSSEC, adding security headers, and publishing compliance policies. The domain registration is consistent with the corporate entity and shows no suspicious patterns, indicating legitimacy.

T

Tree of the year – Explore the trees with the most interesting stories

treeoftheyear.org

54

The website 'Tree of the Year' is dedicated to the European Tree of the Year competition, showcasing trees with interesting stories from various national rounds. The site targets a general audience interested in environmental and nature-related content. The technical infrastructure is modern, leveraging Nuxt.js and Vue.js frameworks, and includes Google Tag Manager for analytics. The site is mobile-optimized and presents content in a professional and consistent manner. Security posture is adequate with HTTPS enabled, but lacks security headers and detailed privacy or cookie policies. WHOIS data is incomplete, which impacts trustworthiness. Overall, the site is functional and informative but could improve in privacy compliance and security best practices.

D

Dôvera zdravotná poisťovňa, a.s.

dovera.sk

63

Dôvera zdravotná poisťovňa, a.s. is a leading public health insurance provider in Slovakia, offering comprehensive health insurance services to insured persons, payers, and healthcare providers. The company has a strong market position with a large customer base and provides various benefits, claims processing, and customer support services. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site uses a custom open-source framework (Cyclone3) and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook SDK, Exponea, and OneTrust for consent management. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance, although explicit security policy and incident response pages are not publicly available. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

V

Viessmann

viessmann.sk

65

Viessmann Slovakia operates a comprehensive website focused on climate solutions including heating, cooling, ventilation, and energy management. The company is a well-established enterprise with a strong market position in the energy sector, offering a wide range of products and services tailored to both residential and commercial customers. The website reflects a high level of professionalism, with excellent content quality, clear navigation, and consistent branding. Technically, the site uses modern frameworks and technologies such as Adobe Experience Manager, Google Tag Manager, and Usercentrics for consent management, ensuring a good user experience and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the site.

D

Digital Garden - Tvorba web stránok Bratislava

digitalgarden.sk

45

Digital Garden is a Slovak-based creative agency specializing in professional web design, web development, SEO optimization, online marketing, and corporate identity branding. The company targets businesses and individuals seeking comprehensive digital solutions to enhance their online presence and sales channels. The website is built on WordPress, leveraging popular plugins such as Yoast SEO, Contact Form 7, and Slider Revolution, indicating a modern and maintainable technical infrastructure. The site is mobile-optimized and includes social media integration, enhancing its digital maturity. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy policy or terms of service pages found. Overall, the website presents a professional and trustworthy image consistent with a small technology service provider in Slovakia.

B

bart.sk s.r.o.

bart.sk

64

bart.sk s.r.o. is a well-established Slovak technology company specializing in the development of custom digital products, including e-commerce platforms, web and mobile applications, and AI implementations. With over 27 years of experience, the company serves both B2B and B2C clients, positioning itself as a trusted partner in digital transformation. Their website showcases detailed case studies, client testimonials, and a strong social media presence, reflecting a mature and professional business model. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates advanced analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Google reCAPTCHA v3. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a high level of digital maturity and technical competence. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. The presence of ISO 9001 certification further underscores their commitment to quality and information security. However, the absence of explicit security headers and a public incident response or vulnerability disclosure policy suggests areas for improvement. Overall, bart.sk demonstrates a strong security posture and business credibility with no critical vulnerabilities detected. The website is safe for general audiences and complies well with privacy regulations. Strategic recommendations include enhancing security headers, publishing incident response information, and adding a vulnerability disclosure policy to further strengthen trust and compliance.

A

AJ Produkty

ajprodukty.sk

63

AJ Produkty is a well-established European company specializing in office, warehouse, and industrial furniture and equipment. Founded in 1975 in Sweden, it has expanded to 19 countries, including Slovakia, where this localized website operates. The company offers a broad product range with over 15,000 items, focusing on ergonomic and functional solutions for various business environments. Their market position is strong, supported by a consistent brand presence and comprehensive customer service including warranties and free shipping offers. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Analytics and error monitoring tools are integrated, indicating a mature digital infrastructure. From a security perspective, the site uses HTTPS with strong SSL configuration and a Content Security Policy header. Cookie consent is implemented with opt-in mechanisms, and no critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic recommendations include publishing security and incident response policies, implementing a vulnerability disclosure program, and enhancing accessibility features to further strengthen trust and compliance.

A

American Physical Society

aps.org

11

The American Physical Society (APS) is a well-established nonprofit organization dedicated to advancing physics through fostering a global and inclusive scientific community. The website reflects APS's leadership position in the physics domain, offering extensive services including peer-reviewed journals, conferences, membership benefits, and advocacy efforts. The content is professionally curated, targeting physicists, researchers, educators, and students worldwide. Technically, the website employs modern web technologies such as React and Next.js, integrated with a headless CMS (Sanity) and enhanced by Google Tag Manager and Osano for consent management. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements key security headers, and provides a cookie consent mechanism aligned with GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly evident, representing areas for improvement. Overall, the APS website demonstrates a strong security posture and high business credibility, with minor gaps in transparency around security governance. The domain WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. The site is safe, trustworthy, and professionally maintained, serving its community effectively.

The American Institute of Physics (AIP) operates as a federation of physical science societies, providing a broad range of services including scientific publications, advocacy, research resources, and educational support. The organization targets physical scientists, researchers, students, and STEM professionals, positioning itself as a leading non-profit entity in the physical sciences domain. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content relevant to its audience. Technically, the site leverages modern web technologies such as WebComponents, MathJax for scientific rendering, and integrates third-party services like Google Tag Manager and Facebook SDK for analytics and marketing. The content management system identified is Brightspot CMS, supporting a structured and scalable content delivery. Performance and mobile optimization are good, with accessibility features implemented to a reasonable standard. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR. However, explicit security headers and a published security policy or incident response information are not evident, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy standards, supporting the legitimacy of the organization. The absence of WHOIS data due to privacy protection is typical for organizations of this nature and does not detract from the trust assessment. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and providing clear security contact channels.

I

Instant System

instant-system.com

62

Instant System is a French-based company founded in 2013 specializing in white-label passenger information applications and Mobility as a Service (MaaS) solutions. The company collaborates closely with local public transport authorities and operators to deliver scalable and modular mobility solutions across 80 territories worldwide. Their offerings include journey planning, ticketing integration, and back office management tools tailored for cities, transport partners, and corporations managing employee mobility. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting B2B clients in the transportation sector. Technically, the site uses modern JavaScript frameworks such as Knockout.js and integrates cookie consent management via tarteaucitron.io, ensuring GDPR compliance in cookie handling. Security posture is adequate with HTTPS enabled and domain protections in place, though improvements are recommended in security headers and explicit security policies. Overall, the site demonstrates high business credibility and technical maturity with minor gaps in privacy documentation.

The website kobotdev.com currently displays a maintenance placeholder page titled 'The Genealogy Reporter - System Maintenance | Under Construction'. The content indicates a temporary system upgrade in progress with no active business or service information presented. The domain is registered since 2008 with GoDaddy.com, LLC and shows legitimate registration status with client protection flags, but DNSSEC is not enabled. The website lacks privacy, cookie, and terms of service policies, as well as any contact information or forms. No analytics or tracking technologies are detected, and social media links are placeholders without real URLs. The technical infrastructure is basic, relying on standard HTML, CSS, and JavaScript with no CMS or frameworks detected. The site is mobile optimized with a visually appealing design but limited content and navigation. Security posture is weak due to missing security headers and lack of HTTPS information, though no critical vulnerabilities or malicious content are evident. Overall, the site appears to be temporarily offline for maintenance with minimal risk but lacks compliance and business credibility indicators.

S

Session Rewind

sessionrewind.com

61

Session Rewind is a technology SaaS company founded in 2020 that provides affordable session recording, heatmaps, error tracking, and dashboard analytics to optimize website user experience. Positioned as a cost-effective alternative to established players like FullStory and Hotjar, it targets solopreneurs, startups, and enterprises seeking actionable insights into user behavior. The website demonstrates a professional design with clear navigation and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site leverages modern JavaScript frameworks (Vue.js), integrates analytics tools like Heap and Google Tag Manager, and uses Cloudflare for DNS, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and standard security headers present, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is basic with a comprehensive privacy policy and cookie policy present but lacking a consent mechanism. Overall, the site is safe, business-focused, and credible with no signs of malicious activity or suspicious content.

D

Dash Social

dashhudson.com

10

Dash Social is a Canadian-based technology company founded in 2013 that offers a comprehensive social media management platform. Their SaaS solution integrates AI-powered tools for content performance prediction, creator and influencer management, social analytics, campaign reporting, scheduling, and social commerce. The company targets brands, marketers, and social media managers seeking to optimize social media engagement and ROI. The website demonstrates a mature digital presence with rich content, customer testimonials, and partner badges from major platforms like TikTok, Meta, and Pinterest, indicating strong market positioning. Technically, the website is built on Webflow CMS and leverages modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for interactive features. It employs Google Tag Manager and HubSpot for analytics and marketing automation. The site is mobile-optimized, fast-loading, and SEO-friendly. Security practices include HTTPS enforcement and a cookie consent mechanism with opt-in compliance, though explicit security headers are not detected. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or data source limitations. The presence of a suspicious external script domain warrants further review. Overall, the site maintains good privacy compliance and business credibility but could improve transparency in domain registration and security disclosures. Strategically, Dash Social should enhance its security posture by publishing a vulnerability disclosure policy, adding security headers, and providing incident response contacts. These steps will strengthen trust and compliance. The technical infrastructure is solid but could benefit from continuous monitoring of third-party scripts and further accessibility improvements.

B

Billetterie en ligne complète - Meilleur tarif de France 🎫

billetweb.fr

51

The website www.billetweb.fr is an online ticketing platform primarily serving the French market, offering event ticket sales and management services. The site is built using modern web technologies including Prismic CMS and Tailwind CSS, providing a good user experience with responsive design and clear navigation. However, the absence of WHOIS data limits the ability to verify domain legitimacy and ownership, which is a concern for trustworthiness. Security posture is weak due to lack of visible security headers and unclear SSL configuration. Privacy and cookie policies are not detected, indicating potential compliance gaps with GDPR and other privacy regulations. Overall, while the business model and technical implementation are sound, improvements in security and compliance are necessary to enhance trust and protect user data.

MYBACKNUMBER.com is an e-commerce website specializing in official judo back numbers for international federations such as IJF, EJU, and DJB. The site targets judo athletes, clubs, and federations, offering customized back numbers and club registration services. The business operates primarily in Germany and appears to be a niche market leader in its segment. The website is professionally designed with clear navigation and consistent branding, supporting a small-sized retail business model focused on sports equipment. Technically, the website employs a classic JavaScript stack including Prototype.js and Scriptaculous, with integrations for Google Tag Manager and Hotjar for analytics and user behavior tracking. The site shows moderate performance and basic mobile optimization. SEO practices are good with proper meta tags and structured navigation. However, no modern CMS or hosting provider details are evident. From a security perspective, the site uses HTTPS and secure login forms but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance. No security policy or incident response contacts are published, and WHOIS data is missing, which raises concerns about domain registration legitimacy. The site does not expose sensitive data or show obvious vulnerabilities but would benefit from enhanced security practices. Overall, the website is functional, professional, and trustworthy from a user perspective but has gaps in domain registration transparency and privacy compliance. Strategic improvements in security headers, cookie consent, and WHOIS data verification are recommended to strengthen trust and compliance.

A

adidas Combat Sports

combat-sports.net

44

The website combat-sports.net represents a small-scale online presence focused on adidas Combat Sports products, likely targeting combat sports enthusiasts and athletes interested in adidas apparel and equipment. The site is built on WordPress using the Salient theme and includes basic integrations such as Instagram Feed. The technical infrastructure is moderate, hosted by OVH sas, a reputable provider, with HTTPS enabled but lacking advanced security headers and DNSSEC. The content is basic and consistent with the brand but lacks comprehensive privacy, cookie, and terms of service policies, as well as contact information, which impacts trust and compliance. Security posture is average with room for improvement in headers and vulnerability disclosures. Overall, the site is safe with no adult or questionable content detected.

K

KWON KG - Kampfsportartikel

kwon.com

41

KWON KG operates an e-commerce platform specializing in martial arts and security equipment, targeting martial arts practitioners primarily in Germany. The website offers a broad range of products including gear for Taekwondo, Karate, Judo, MMA, and other combat sports. The business model focuses on online retail with additional services such as product individualization and multilingual support. The company appears to be a medium-sized retailer with a consistent brand presence and a professional website design. Technically, the website uses modern web technologies including JavaScript and Google Tag Manager for analytics. The CMS is likely Shopware, inferred from URL and CSS patterns. The site is mobile-optimized with good SEO practices but lacks some accessibility features. Performance is moderate, and HTTPS is enforced, ensuring secure data transmission. From a security perspective, the site has a solid SSL configuration but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No WHOIS data is available for the domain, which raises concerns about domain registration legitimacy and reduces overall trust. Contact information is provided via phone and WhatsApp, but no company emails or physical addresses were found. Overall, the website is functional and professional but would benefit from improved transparency in privacy and security policies, better WHOIS registration clarity, and enhanced security headers to strengthen trust and compliance.

I

IPPON-SHOP.COM

ippon-shop.com

64

IPPON-SHOP.COM is a specialized e-commerce platform established since 2003, serving martial arts practitioners including Judoka, Karateka, and BJJ fighters. The site offers a wide range of high-quality martial arts products, including their own brand IPPON GEAR, and targets both individual consumers and clubs. Technically, the website is built on the Shopware CMS platform, utilizing modern web technologies and tracking tools such as Google Analytics and Facebook Pixel. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and comprehensive product categorization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some explicit security headers which could enhance protection. The absence of WHOIS data for the domain is a notable concern, impacting domain legitimacy verification. Overall, the website presents a professional and trustworthy front for its business, but domain registration details should be verified to strengthen trust.

J

Never miss a throw! - JudoTV

judotv.com

67

JudoTV is a niche media streaming platform dedicated to the sport of Judo, offering live competitions, expert commentary, training tips, and community engagement. The website targets Judo enthusiasts and sports fans, positioning itself as a specialized destination for Judo content. The business appears to be small-sized with a long-standing domain registration dating back to 2004, indicating an established presence in its niche. Technically, the website employs modern JavaScript frameworks, likely Vue.js, and integrates third-party services such as YouTube for video playback, OneSignal for notifications, and Cookiebot for cookie consent management. Hosting and DNS services are provided via Cloudflare, ensuring reliable performance and security at the infrastructure level. The site demonstrates good mobile optimization and basic accessibility features, with moderate performance. From a security perspective, HTTPS is properly enabled, and cookie consent mechanisms are in place, reflecting awareness of privacy regulations. However, the absence of security headers, privacy policy, terms of service, and incident response contacts indicates areas for improvement in compliance and security posture. No vulnerabilities or suspicious elements were detected, and the domain registration details support the legitimacy of the business. Overall, JudoTV presents a professional and focused platform with good content quality and technical implementation but requires enhancements in privacy compliance, security best practices, and transparency to strengthen trust and regulatory adherence.

Eleventy is an open-source static site generator designed for simplicity, performance, and flexibility. It targets developers who want full control over their static website output without the overhead of client-side JavaScript frameworks. The project is mature, founded in 2017, and enjoys strong community support and sponsorship from reputable organizations. The website is professionally designed with excellent content quality and clear navigation, reflecting a high level of digital maturity.

I

INSPIRE CZ s.r.o.

clubspire.cz

62

CLUBSPIRE.cz is a Czech-based software solution specializing in comprehensive management systems for fitness and sports centers. The platform offers a wide range of modules including reservation systems, membership management, email marketing, access control, and point of sale functionalities. With a client base of over 200 sports centers, CLUBSPIRE positions itself as a reliable and efficient tool for business managers in the fitness industry. The website reflects a professional and consistent brand image, supported by active content updates and social media engagement. Technically, the website employs a modern technology stack including Java-based backend architecture, Google reCAPTCHA for form security, and Google Analytics for user tracking. The site is optimized for multiple platforms including Windows, Linux, and Apple, and demonstrates good mobile responsiveness and SEO practices. Security measures such as HTTPS and consent-based cookie management are implemented, though some security headers could be enhanced. From a security perspective, the site shows a solid posture with encrypted communications and protection against automated abuse via CAPTCHA. However, the absence of published security policies and incident response contacts suggests room for improvement in transparency and preparedness. The lack of WHOIS data limits the ability to fully verify domain legitimacy, though the professional presentation and active business operations mitigate some concerns. Overall, CLUBSPIRE.cz is a credible and well-maintained business website with good technical and security foundations. Strategic enhancements in security policy publication, WHOIS transparency, and accessibility would further strengthen its trustworthiness and compliance posture.

A

AG2R LA MONDIALE

ag2rlamondiale.fr

65

AG2R LA MONDIALE is a leading French insurance and social protection group specializing in health mutual insurance, provident insurance, savings, and retirement products. The website targets individuals, professionals, enterprises, accountants, and brokers, offering a wide range of insurance and financial services. The company positions itself as a specialist in social and patrimonial protection in France, with a strong market presence and comprehensive service offerings. The website is professionally designed with clear navigation and mobile optimization, reflecting a mature digital infrastructure. Technically, the site uses modern JavaScript libraries and the Jahia CMS platform, with good performance and accessibility features. Security posture is strong, with HTTPS enforced and multiple security headers present, although no explicit incident response or vulnerability disclosure policies are publicly available. Privacy and cookie policies are present and GDPR compliant, indicating good privacy practices. Overall, the website is trustworthy, professional, and well-aligned with the company's business identity.

Obec Zbýšov's official website serves as a comprehensive portal for local government information, community news, and public services for the residents of the Vyškov district in the Czech Republic. It provides access to municipal documents, event calendars, contact information, and reservation systems for local facilities, positioning itself as a trusted source for civic engagement and administrative transparency. The website targets local residents and stakeholders interested in municipal affairs, operating under a government public service model with a small organizational size. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services including reCAPTCHA for form security and Google Translate for multilingual support, alongside OpenWeatherMap for weather updates. The site demonstrates moderate performance with good mobile optimization and basic accessibility features, though there is room for improvement in SEO and security header implementation. From a security perspective, the website enforces HTTPS and employs Google reCAPTCHA to protect its contact form, minimizing exposure to automated abuse. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and detailed security or incident response policies indicates areas for enhancement. Privacy compliance is basic, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is trustworthy and professionally maintained, fulfilling its role as a municipal information hub. Strategic improvements in security policies, privacy mechanisms, and technical optimizations would further strengthen its posture and user trust.

M

Městský úřad Vyškov

vyskov-mesto.cz

45

The website vyskov-mesto.cz is the official municipal portal for the city of Vyškov, Czech Republic, providing comprehensive information about city administration, services, news, events, and contact details. It serves residents, visitors, and local businesses with a broad range of public services and community resources. The site is well-established, with a domain registered since 2000, reflecting a mature digital presence. Technically, the site uses a custom CMS (vismo) with common web technologies including Bootstrap and jQuery, though the jQuery version is outdated and poses potential security risks. Security measures include HTTPS enforcement and Google reCAPTCHA integration on forms, but the absence of visible security headers and a formal security policy indicates room for improvement. Privacy compliance is good, with a clear privacy and cookie policy, though the cookie consent mechanism could be enhanced. Overall, the site is professional, trustworthy, and well-optimized for accessibility and mobile use, supporting the city’s communication and service delivery objectives effectively.

Burn IT, s.r.o. is a small Czech technology company specializing in web development, custom internet systems, Flash components, and internet marketing services. Their offerings include bespoke web presentations, internet system development, streaming applications, and packaged products such as Burn IT CMS and Burn IT E-shop. The website targets businesses seeking tailored online solutions and marketing support within the Czech Republic. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, and references to Adobe Flash and Adobe Air platforms, indicating some legacy technology usage. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is basic with HTTPS enabled but no detected security headers or privacy policies, and no visible contact or incident response information. The WHOIS data is missing, which raises concerns about domain registration transparency and reduces trust. Overall, the website is functional and provides relevant business information but requires improvements in security, privacy compliance, and transparency to enhance trust and professionalism.

R

Robel.sk

robelshoes.sk

59

Robel.sk is a Slovak-based e-commerce retailer specializing in branded footwear and accessories for women, men, and children. The company operates multiple country-specific domains, indicating a strong regional presence in Central and Eastern Europe. Their business model focuses on online sales complemented by in-store reservation and pickup options, with a customer-friendly 30-day return policy. The website is professionally designed with good navigation and multilingual support, targeting consumers seeking quality branded shoes and related products. Technically, the site uses a modern tech stack including Google Tag Manager, Facebook Pixel, Sentry for error tracking, and Cloudfront CDN, running on the CREATIVE shop CMS platform. Security practices are solid with HTTPS, CSRF protection, and reCAPTCHA integration, though cookie consent mechanisms and terms of service pages are missing, which could be improved for better GDPR compliance. Overall, the domain registration details align well with the business claims, supporting legitimacy and trustworthiness.

I

INSPIRE CZ s.r.o.

inspire.cz

67

INSPIRE CZ s.r.o. is a Czech-based digital agency specializing in custom web development, e-commerce solutions, customer portals, reservation systems, and online marketing. With over 15 years of experience, they position themselves as a trusted partner for businesses seeking to enhance their online presence and operational efficiency. The website reflects a professional and modern digital infrastructure, utilizing contemporary web technologies and analytics tools to optimize user experience and marketing effectiveness. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and no visible vulnerabilities. However, the absence of WHOIS data for the domain introduces a moderate trust concern that should be addressed. Overall, INSPIRE CZ demonstrates a mature digital presence with solid business credibility and compliance practices.

K

KNX Association

knx.org

73

KNX Association is a globally recognized standards organization specializing in smart home and building automation solutions. The website targets professionals in the automation industry, offering certification, training, and software tools such as ETS6. The organization positions itself as a leader with over 500 manufacturer members and 8000 certified products, emphasizing sustainability, security, and IoT integration. The website is professionally designed, well-structured, and provides comprehensive resources for its audience. Technically, the site uses a modern CMS (Weblication®), integrates various JavaScript libraries including jQuery and YouTube APIs, and employs HTTPS with good SSL configuration. The site is moderately optimized for performance and mobile devices, with good SEO practices and accessibility features. Privacy and cookie policies are clearly presented, indicating GDPR compliance. Security posture is solid with HTTPS and secure form handling, though explicit security headers and vulnerability disclosure mechanisms are absent. No critical vulnerabilities or suspicious content were detected. WHOIS data is privacy protected, which is typical for such organizations, and does not raise legitimacy concerns. Overall, the website reflects a mature digital presence with strong business credibility and a good security baseline. Strategic improvements in security headers and incident response transparency would enhance trust further.

E

Eplan

eplan.com

68

Eplan is a well-established provider of cloud-based engineering software solutions, targeting engineers and manufacturing professionals globally. Their website demonstrates a mature digital presence with comprehensive product offerings such as Eplan Platform, eStock, eManage, eView, eBuild, and Data Portal. The site is built on Adobe Experience Manager, leveraging modern web technologies and providing a seamless user experience with strong mobile optimization and accessibility. Security posture is robust with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. The WHOIS data for the domain is missing, which raises minor concerns but does not detract significantly from the site's professionalism and trustworthiness. Overall, Eplan's website reflects a large enterprise with consistent branding, good content quality, and a strong market position within the technology and manufacturing sectors.

V

VfB Stuttgart

vfb.de

53

VfB Stuttgart operates a comprehensive official website serving as the primary digital platform for the football club. The site offers extensive content including news, team rosters, match schedules, ticketing, merchandise sales, and fan engagement features. The club maintains a strong market position in German football with a large fan base and professional digital presence. Technically, the website employs modern JavaScript frameworks, consent management tools, and integrates advertising and analytics services while maintaining good mobile optimization and accessibility standards. Security posture is solid with HTTPS enforced and secure login forms, though some security headers and explicit incident response policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, making it a reliable source for fans and stakeholders.

S

Sector s.r.o.

onlinehry.sk

39

Onlinehry.sk is a Slovak online gaming portal operated by Sector s.r.o., offering a wide range of free online games including flash, unity, and HTML5 games. The site targets a general audience including children and families, providing categorized games and multiplayer options. The business model is primarily advertising-supported, leveraging Google Adsense and related ad services. The site integrates user account management via the sector.sk passport system, enhancing user engagement through features like game archiving and discussions. The portal holds a moderate market position within the Slovak online gaming niche, supported by a medium-sized operation and consistent branding.

Institut Curie is a prominent French non-profit foundation dedicated to cancer research, treatment, and education. The organization operates a hospital staffed with leading experts, an internationally recognized research center, and educational programs to train future cancer specialists. Their website reflects a professional and trustworthy presence, targeting patients, donors, researchers, and the general public interested in cancer-related initiatives. Technically, the website employs modern web technologies including Nuxt.js, Tailwind CSS, and Swiper.js, with performance and mobile optimization rated as good to excellent. Cookie consent is managed via Cookiebot, indicating attention to privacy compliance. Hosting is likely provided by Gandi SAS, a reputable registrar and hosting provider. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or suspicious patterns were detected. The domain registration is consistent with the organization's history and business claims, enhancing trustworthiness. Overall, the website is well-designed, content-rich, and professionally maintained, with room for improvement in explicit privacy and security policy disclosures. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen security posture and compliance.

V

Václav Nocar, AZnet

aznet.cz

45

Václav Nocar, operating under AZnet, is a small Czech Republic-based technology service provider specializing in web design, web hosting, SEO, IT consulting, and advertising services. The company targets local businesses and individuals primarily in Teplice and surrounding regions, offering a broad portfolio of digital and IT solutions including domain registration, programming, and promotional materials. The website reflects a modest but functional online presence with basic content and navigation, supported by integration with Facebook and Google Analytics for marketing and tracking purposes. Technically, the site uses legacy JavaScript libraries and standard web technologies but lacks modern security headers and explicit HTTPS enforcement details, indicating room for improvement in security posture. Privacy compliance is partially addressed through a cookie consent banner and a linked privacy PDF, though no comprehensive privacy or security policies are present. Contact information is clearly provided, enhancing business credibility. Overall, the site is accessible and safe, with no adult or questionable content detected.

G

GBG

gbg.com

72

GBG is a professional enterprise specializing in identity verification and fraud prevention solutions. Their website presents a comprehensive range of services targeting businesses that require secure and reliable customer identity validation. The company positions itself as a market leader with a broad client base and offers advanced technology-driven solutions including biometric verification, document authentication, and fraud risk management. The website is well-designed, mobile-optimized, and uses modern analytics and monitoring tools to ensure performance and user experience. Security posture is strong with HTTPS enforced and monitoring tools in place, though explicit security headers and policies could be improved. Privacy compliance is addressed with clear cookie and privacy policies, including GDPR adherence. However, the absence of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy, warranting further investigation. Overall, GBG demonstrates a mature digital presence with a solid business model and trustworthy online representation.

O

Orest Bida

orestbida.com

71

Orest Bida is a freelance web designer and developer offering bespoke high-performance and secure web solutions. The website serves as a professional portfolio showcasing the individual's skills and projects, targeting clients seeking freelance web design and development services. The business operates independently with a small scale and has been active since 2018. Technically, the site is built using the Eleventy static site generator, hosted with Cloudflare DNS and registrar services, and optimized for mobile and SEO. The site employs HTTPS with a good SSL configuration but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies are present, and contact is provided solely via a contact form without direct email or phone numbers. Social media presence is established on GitHub, Codepen, and Twitter, supporting professional credibility. Overall, the website is well-designed, user-friendly, and trustworthy, but could improve privacy compliance and security posture by adding relevant policies and headers.

N

Netpromotion group s.r.o.

netfirmy.cz

62

Netfirmy.cz operates as the largest regional business directory and lead generation platform focused on Eastern Bohemia, Czech Republic. It provides verified company listings, user ratings from Google and Facebook, and facilitates business inquiries with over 120,000 monthly requests. The website is owned by Netpromotion group s.r.o., a company with over 19 years of market presence, positioning itself as a trusted regional business resource. The platform targets general users seeking reliable local businesses and services.

Jéčko TV is a Czech internet television platform dedicated to children's educational and entertainment content, operated by HopeTV for the Seventh-day Adventist Church since 2023. The website offers streaming shows, games, and audio stories tailored for young audiences. The platform positions itself as a niche media provider within the Czech Republic, focusing on family-friendly and faith-based content. Technically, the site uses modern web technologies including JavaScript, CSS, and Google Tag Manager for analytics, with a responsive design suitable for mobile devices. Security posture is moderate, with HTTPS enabled and a cookie consent mechanism in place, but lacks visible security headers and formal privacy or terms of service documentation. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and branding provide some trust signals. Overall, the site is functional and professionally presented but would benefit from enhanced security practices and clearer compliance documentation.

S

Statutární město Mladá Boleslav

mb-net.cz

51

The website https://mb-net.cz/ is the official online presence of the statutory city of Mladá Boleslav, Czech Republic. It serves as a comprehensive portal for residents and visitors, offering city information, municipal services, news updates, event calendars, and contact details. The site is well-positioned as a government entity's digital platform, providing essential public services and information in Czech language. The business model is focused on public service delivery and citizen engagement, with no commercial intent. The domain's long history since 1997 supports its credibility and established presence. Technically, the website employs a custom CMS (vismo®), modern web standards including HTML5, CSS3, and JavaScript, and integrates Google services such as reCAPTCHA for form security and Google Analytics for traffic analysis. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Cookie consent and GDPR compliance mechanisms are implemented effectively. From a security perspective, the site uses HTTPS with excellent SSL configuration, employs reCAPTCHA to protect forms, and manages cookie consent responsibly. However, it lacks explicit published security policies, incident response contacts, and security headers that could enhance its security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is a trustworthy, professional municipal portal with good content quality and technical implementation. Strategic improvements include publishing security and incident response policies, enhancing security headers, and possibly adding terms of service to improve transparency and compliance.

M

Městský úřad Česká Lípa

mucl.cz

50

The website www.mucl.cz serves as the official municipal portal for the city of Česká Lípa in the Czech Republic. It provides residents and visitors with comprehensive information about city administration, public services, events, and contact details. The site is well-structured, professionally designed, and targets local citizens and stakeholders. It offers key services such as news updates, event calendars, online forms, and access to municipal resources. The presence of official branding and social media links reinforces its legitimacy as a government entity. From a technical perspective, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate widgets. The site uses a custom CMS platform (vismo®) tailored for municipal websites. Performance and mobile optimization are good, with accessibility features implemented to support diverse users. Security measures include HTTPS enforcement and CAPTCHA protection on forms, alongside a cookie consent mechanism compliant with GDPR. Security posture is solid but could be enhanced by implementing additional HTTP security headers and publishing explicit security policies or incident response contacts. The absence of WHOIS data for the domain is a notable transparency gap, though the website content and official contact information strongly indicate a legitimate government presence. No signs of malicious content or blocking mechanisms were detected, and the site maintains a safe content rating suitable for general audiences. Overall, www.mucl.cz is a credible, well-maintained municipal website with good technical and security practices. Strategic improvements in domain transparency and security policy disclosures would further strengthen trust and compliance.