Security Directory

Mikasa.cz is the official Czech Republic representative and retailer of Mikasa sports balls and accessories, specializing in volleyball, beach volleyball, water polo, and basketball equipment. The company, DASSAR s.r.o., has been operating since 2004 and offers products approved by international sports federations including FIVB and WORLD AQUATIC. The website is built on WordPress with WooCommerce, providing an e-commerce platform for direct sales. The technical infrastructure is modern and includes common libraries and frameworks such as jQuery, Bootstrap, and Font Awesome, hosted likely by WEDOS, a Czech hosting provider. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks advanced security headers and published security policies. Privacy compliance is partial, with no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-branded, targeting sports professionals and enthusiasts in the Czech market.

B

Bez Bariér

ostrava-bezbarier.cz

50

Bez Bariér is a small non-profit organization based in Ostrava, Czech Republic, providing free advisory and mapping services to severely physically disabled citizens, particularly those using wheelchairs. Established in 2000, it focuses on barrier-free access consulting, accessibility mapping, and project documentation review for local authorities. The website reflects a specialized local service with strong ties to municipal partners and accessibility initiatives. Technically, the site is built on WordPress with common libraries like jQuery and Lightbox2, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. The absence of WHOIS data reduces domain trust but the site's content and partnerships support its legitimacy. Overall, the site is professional and trustworthy for its niche audience but should enhance privacy compliance and security best practices.

T

TUTORIE

sdruzeni-stop.cz

62

TUTORIE is an educational website focused on knowledge sharing and learning, primarily targeting a Czech-speaking audience. The site uses WordPress with the Divi theme and Yoast SEO plugin, indicating a modern and SEO-optimized infrastructure. The presence of social media links on Facebook and Instagram supports community engagement. The website is well-designed with good content quality and user experience, suitable for general audiences interested in education. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is not uncommon for small educational sites. Overall, the site is legitimate, GDPR compliant, and professionally maintained.

U

Union des Associations L'Outil en Main

loutilenmain.fr

9

Union des Associations L'Outil en Main is a French non-profit organization dedicated to initiating young people to manual trades, craftsmanship, and heritage professions. Established in 1994, it operates a network of approximately 280 workshops across France, engaging volunteers and partnering with various governmental and private entities. The website reflects a well-structured educational mission with clear content targeting youth, volunteers, and partners interested in manual trades and artisan skills. Technically, the website employs modern web technologies including JavaScript, Ionic Framework, and Google Fonts, ensuring good mobile optimization and user experience. However, the absence of explicit privacy and cookie policies, as well as missing security headers, indicates areas for improvement in compliance and security posture. The site does not appear to use advertising or tracking technologies, suggesting a privacy-conscious approach. Security-wise, the site is accessible without WAF or blocking mechanisms, but lacks visible security headers and formal security policies. WHOIS data confirms the domain's legitimacy and long-standing presence consistent with the organization's history. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security best practices. The overall risk is low given the non-profit educational nature and absence of suspicious indicators, but strategic improvements in privacy and security policies are recommended to strengthen compliance and user trust.

K

Kabubu

kabubu.fr

48

Kabubu is a French non-profit association dedicated to promoting the social and professional inclusion of exiled individuals through the power of sport. The organization offers weekly sports activities, training programs, and workshops aimed at fostering friendship and integration. Their market position is niche, focusing on social inclusion within France, supported by partnerships with recognized organizations and media outlets. Technically, the website is built using modern frameworks such as React and Ionic, with good mobile optimization and moderate performance. Security posture is solid with enforced HTTPS and absence of trackers, though it lacks some security headers and formal privacy documentation. Overall, the site is professional and trustworthy, but the absence of WHOIS data and privacy policies slightly reduce credibility. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

E

En Boîte Le Plat

enboiteleplat.fr

46

En Boîte Le Plat is a French initiative dedicated to promoting the use of reusable and returnable glass containers to reduce disposable packaging waste in the take-away food sector. The project targets a diverse audience including restaurant professionals, event organizers, citizens, local communities, and enterprises. It operates as a collective model supported by local teams and a national coordinating body, emphasizing environmental sustainability and waste prevention. The website reflects a niche, environmentally conscious non-profit or collective with a growing presence across multiple French territories. Technically, the website is built using modern frontend technologies such as React and the Ionic framework, incorporating Google Fonts and Material Icons for design consistency. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Performance is moderate, with no major technical issues detected. However, accessibility features are basic and SEO optimization could be improved. From a security perspective, the site enforces HTTPS and avoids the use of cookies or trackers that require user consent, which is a positive privacy practice. Nonetheless, it lacks important security headers such as Content-Security-Policy and X-Frame-Options, and does not provide a privacy policy or terms of service, which are critical for compliance and user trust. No vulnerabilities or exposed sensitive data were detected, but the absence of these policies and headers suggests room for improvement in security posture. Overall, the website is trustworthy and professional, though the lack of WHOIS data and domain registration details slightly reduce the domain trustworthiness score. The site is safe for general audiences, with no adult or questionable content. Strategic recommendations include adding comprehensive privacy and security policies, implementing security headers, and enhancing accessibility and SEO to strengthen compliance and user confidence.

C

Communauté Emmaüs de Paris

emmaus-paris.fr

38

Emmaüs Paris is a non-profit community organization focused on social solidarity through donation collection, volunteer engagement, and operation of eight solidarity shops in Paris. The website serves as a portal for donors, buyers, and volunteers, providing information on how to contribute and participate. The organization maintains active social media profiles and provides contact information including a physical address and email. Technically, the website is built on WordPress with common plugins for SEO, forms, and maps, and enforces HTTPS for secure communication. However, the Google Maps integration suffers from API key issues, and no advanced security headers are detected. The WHOIS data is missing, which reduces domain trustworthiness, but the website content and social presence support legitimacy. Privacy compliance is addressed with a cookie consent banner and a privacy policy page. Overall, the site is functional, professional, and serves its community purpose effectively.

F

Festival Emmaüs Solidarité

festivalemmaussolidarite.fr

50

Festival Emmaüs Solidarité is a cultural and solidarity-focused event scheduled for June 28, 2025, in Aubervilliers, France. The website provides detailed information about concerts, DJ sets, stand-up shows, workshops, and other activities, targeting a general audience interested in cultural events and social engagement. The business model centers on event organization and ticket sales, with tickets sold through an external platform. Technically, the website uses modern web technologies including React and Ionic Framework, with good mobile optimization and SEO practices. Security posture is strong with HTTPS enforced and no trackers requiring consent, though the absence of security headers and privacy policy pages are noted gaps. Overall, the site is professional and trustworthy but could improve privacy compliance and security best practices.

L

La Venelle

lavenelle-montreuil.org

56

La Venelle is a non-profit community organization based in Montreuil, France, focused on promoting solidarity-based reuse and circular economy practices. It hosts nine associations that operate reuse shops, repair workshops, and social insertion employment programs. The organization also offers a café-cantine and hosts cultural events, positioning itself as a local hub for ecological and social initiatives. The website reflects this mission with clear content, community-oriented messaging, and accessible navigation. Technically, the site uses modern web technologies such as Ionic and React, with a moderate performance profile and good mobile optimization. However, it lacks explicit privacy and security policies, and no security headers or vulnerability disclosures are present. The site does not use tracking or analytics scripts, aligning with its privacy-conscious stance. Overall, the website is professional and trustworthy but could improve in privacy compliance and security posture.

E

Emmaüs Epargne Solidaire

emmaus-epargne-solidaire.org

56

Emmaüs Epargne Solidaire is a French social finance organization focused on providing solidarity savings products to fund acquisition, renovation, and construction of facilities for Emmaüs groups. These facilities support social activities such as second-hand sales and repair workshops. The website positions itself as a niche player in the social finance sector with a clear social mission and the Finansol certification as a trust indicator. Technically, the website uses modern JavaScript frameworks including React and Ionic, with good mobile optimization and SEO practices. However, some standard compliance elements such as privacy policy and terms of service pages are missing. Security posture is moderate with cookie consent implemented but lacking advanced security headers and explicit incident response policies. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

D

Dagen

dagen.no

66

Dagen.no is a Norwegian Christian and politically independent daily newspaper offering news, reportages, opinion pieces, podcasts, and digital e-paper services. The website targets Norwegian-speaking audiences interested in religious and general news content. It operates on a subscription and advertising business model, with a paywall and user authentication mechanisms in place. The site is professionally designed with consistent branding and good content quality, positioning it as a reputable media outlet in Norway. Technically, the site uses modern web technologies including Google Fonts, Google Publisher Tags for advertising, and custom paywall and authentication scripts. It integrates multiple advertising networks and tracking services, maintaining good performance and mobile optimization. Security-wise, the site enforces HTTPS, uses paywall authentication, and avoids exposing sensitive data, but lacks some advanced security headers and explicit security policies. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. WHOIS data is unavailable due to Norid's privacy policy, but the domain appears legitimate and consistent with the business. Overall, the site demonstrates a mature digital presence with moderate to high security and privacy posture, suitable for its media business model.

B

beIN MENA

bein.com

64

beIN MENA operates as a global sports and entertainment media group, offering 44 channels across multiple continents and languages, serving over 50 million subscribers. The company focuses on subscription-based broadcasting and online streaming services, targeting sports and entertainment consumers worldwide. The website reflects a large, established media entity with consistent branding and professional content. Technically, the site is built on WordPress with modern frontend technologies including Bootstrap and jQuery, and integrates multiple third-party analytics and advertising tools. Security posture is generally good with HTTPS enforced, but lacks visible security headers and formal privacy or cookie policies. WHOIS data is unavailable, which raises some concerns about domain registration transparency, though the site content and external references support legitimacy. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security disclosures.

D

Defi Mode

defimode.org

60

Defi Mode is an organization dedicated to supporting and accelerating the development and transformation of actors in the French fashion and apparel industry. The website presents a professional and consistent brand image, targeting industry stakeholders and professionals in France. The business model appears to be that of a non-profit or industry support entity, with a medium-sized presence established since at least 2016. Technically, the site is built on WordPress using modern plugins such as Yoast SEO, Divi Builder, and Cookie Law Info, indicating a mature digital infrastructure with good SEO and mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are lacking. Overall, the site is trustworthy and safe, with no adult or questionable content detected.

S

Sencyb

sencyb.com

43

Sencyb is a small French web agency specializing in website creation, updating, SEO, and multimedia services primarily targeting clients in the Nièvre (58) and Cher (18) regions. The company offers a range of web solutions from static sites to e-commerce platforms, emphasizing tailored solutions to client needs and budgets. Their website is professionally designed using WordPress with Elementor and Astra theme, incorporating modern web technologies and analytics tools such as Google Analytics and Matomo. The presence of a client portal and blog subdomains indicates a structured service offering and client engagement strategy. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit privacy policies and security headers, which are areas for improvement. The absence of WHOIS registration data is a notable anomaly that impacts trustworthiness, though the overall digital presence suggests a legitimate business. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and improving transparency around data protection and incident response.

H

HOSTEUR SA

hosteur.com

70

HOSTEUR SA is a Swiss-based technology company specializing in web hosting, domain registration, cloud services, and IT management with over 20 years of experience. The company emphasizes European data sovereignty, operating datacenters exclusively in Europe, and holds multiple ISO certifications (27001, 9001, 14001) that attest to its commitment to security, quality, and environmental responsibility. The website is professionally designed, mobile-optimized, and provides comprehensive service information targeting businesses and individuals seeking secure hosting solutions. Technically, the website employs modern web technologies including Bootstrap, jQuery, Owl Carousel, and Google Fonts, with a cookie consent mechanism implemented via Tarteaucitron. The site is served over HTTPS with no visible security vulnerabilities in the HTML content. However, no explicit HTTP security headers were detected, and no CMS or hosting provider details are disclosed. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, HOSTEUR demonstrates strong compliance with recognized standards through its ISO certifications and cookie consent implementation. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trustworthiness, though the website content and certifications support legitimacy. No incident response or vulnerability disclosure information is publicly available, indicating an area for improvement. Overall, HOSTEUR presents as a credible and professional hosting provider with a solid security posture and compliance focus. Strategic recommendations include enhancing transparency around incident response, publishing vulnerability disclosure policies, implementing additional security headers, and clarifying domain registration details to improve trust and compliance further.

D

DTScout

dtscout.com

61

DTScout is a small technology company based in Israel specializing in audience discovery and data aggregation for marketers and publishers. Their platform aggregates large-scale audience data to enable targeted advertising and improved monetization for publishers. The website demonstrates a professional design with clear navigation and a strong emphasis on privacy compliance, including opt-out mechanisms and user data request forms. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and integrates analytics and advertising tools like Google Analytics and AdRoll. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trust. Security practices are moderate with room for improvement in headers and incident response transparency. Overall, the site is functional and business-focused but requires domain registration verification and enhanced security policies to improve credibility.

I

ILD d.o.o.

ild.hr

40

ILD d.o.o. is a Croatian small business specializing in innovative and patented flat roof leak detection using the EFVM® method. The company also provides maintenance, repair, and safety systems for flat roofs, including fall protection compliant with European standards. Their market position is that of a niche specialist with a strong local presence and a portfolio of reputable clients. Technically, the website is built on WordPress with Elementor, uses modern web technologies, and is hosted by a Croatian registrar. The site is mobile optimized and provides a good user experience, though it lacks some advanced SEO and accessibility features. Security-wise, the site uses HTTPS and avoids exposing sensitive data but lacks security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional and trustworthy but could improve compliance and security posture.

D

DOBA Fakultet

doba.hr

45

DOBA Fakultet is a private, internationally accredited online higher education institution based in Slovenia, offering bachelor, master, and doctoral programs fully online. The institution targets students and working professionals seeking flexible and modern education aligned with EU standards and global trends such as sustainability and digitalization. The website demonstrates a mature digital presence with a modern tech stack including jQuery, Bootstrap, and various UI libraries, supporting a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though some security policies and incident response information are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, reflecting a reputable educational business with a strong market position in online education in the region.

Č

Čazmatrans - Nova d.o.o.

cazmatrans.hr

53

Čazmatrans - Nova d.o.o. is a Croatian transportation company specializing in bus services within Croatia and international routes. The website provides an online ticket purchasing platform targeting general travelers and commuters. The company has a medium-sized presence with multiple subsidiaries and a well-established market position since 2012. The website is professionally designed with good navigation, mobile optimization, and relevant content focused on transportation services. Technically, the site uses modern JavaScript libraries such as jQuery, Swiper.js, and integrates Google services like Tag Manager and Maps API, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied, cookie consent implemented, and secure payment logos displayed, though there is room for improvement in security headers and incident response transparency. Overall, the site is trustworthy, compliant with GDPR, and provides a safe user experience.

C

CREAPLUS

creaplus.com

68

CREAPLUS is a well-established European cybersecurity and AI consulting, distribution, and software development firm founded in 2008. The company specializes in delivering comprehensive cybersecurity solutions including cryptography, AI, and software development services to regulated industries such as banking, pharmaceuticals, telecommunications, and energy. Their market position is strong with over 15 years of experience and multiple certifications including ISO 27001 and Cyber Essentials Plus. Technically, the website is built on WordPress with modern plugins like Elementor and Slider Revolution, hosted with Cloudflare DNS and a reputable registrar. Security posture is good with HTTPS and domain transfer protection, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, content-rich, and trustworthy, targeting enterprise clients seeking secure innovation in cybersecurity and AI.

Nabium, d. o. o., is a Slovenian small business specializing in consulting, education, fairy tale production, marketing services, and creative writing. The company positions itself as a provider of strategic, innovative, and cost-effective marketing and communication solutions tailored to client needs. The website reflects a professional and consistent brand image with clear contact information and a focus on client service. Technically, the site is built on WordPress using WPBakery Page Builder and standard web technologies, offering good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and functional but would benefit from enhanced privacy and security transparency.

M

Motoresanità.it

motoresanita.it

10

Motoresanità.it is a specialized Italian healthcare media platform dedicated to advancing scientific research and knowledge dissemination both nationally and internationally. The website offers a comprehensive calendar of healthcare-related events, news, and insights targeting healthcare professionals, researchers, and stakeholders. The platform positions itself as a niche player in the healthcare media sector, focusing on innovation and scientific progress. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Modern Events Calendar, ensuring good SEO and event management capabilities. The presence of Google Analytics and Facebook SDK indicates moderate user tracking for marketing and analytics purposes. Security-wise, the site enforces HTTPS and implements GDPR-compliant cookie consent mechanisms, though it could enhance security headers for better protection. Overall, the website demonstrates a good balance of content quality, technical implementation, and privacy compliance, making it a trustworthy and professional resource in its domain.

S

Sinklar Conference Management B.V.

wco-iof-esceo.org

10

The website www.wco-iof-esceo.org represents the 26th World Congress on Osteoporosis, Osteoarthritis and Musculoskeletal Diseases, a globally recognized clinical congress organized by reputable healthcare organizations IOF and ESCEO. The event targets healthcare professionals and researchers in musculoskeletal health, offering a comprehensive scientific program and various engagement opportunities such as abstract submissions and awards. The site is professionally designed using Drupal 10, with good mobile optimization and accessibility features. It includes GDPR-compliant cookie consent mechanisms and clear contact information, enhancing user trust and compliance. However, the absence of WHOIS data limits domain trust assessment, and security headers are not detected, suggesting room for security improvements.

I

International Osteoporosis Foundation

iofacademy.org

40

IOF Academy is a specialized e-learning platform dedicated to osteoporosis and bone health education, operated by the International Osteoporosis Foundation. It offers a range of CME accredited courses designed by global experts, targeting healthcare professionals and researchers. The platform is well-branded, professionally designed, and provides comprehensive educational content with certificates of achievement. Technically, the website is built on Drupal 10 with modern frameworks and libraries, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong with clear policies and GDPR adherence. Overall, the website demonstrates high business credibility and trustworthiness, supported by its association with a reputable international foundation.

A

Analitsko središče

zakakovost.si

51

The website zakakovost.si serves as a centralized, accessible platform dedicated to quality assurance and self-evaluation in Slovenian education institutions, including kindergartens and schools. It provides key resources such as legislative documents, strategic policies, national reports, and international studies to support school leaders, quality teams, and policymakers. The site is positioned as a national educational resource supported by the Slovenian government and the European Union. Technically, the site is built on WordPress with a modern tech stack including Matomo analytics configured for privacy, accessibility plugins, and a cookie consent mechanism, hosted by the Slovenian academic network (ARNES). Security posture is good with HTTPS enforced and privacy-conscious analytics, though some security headers could be improved. The WHOIS data shows a suspicious future domain creation date, likely a data error, but the registrar and hosting align with the site's educational purpose. Overall, the site is professional, trustworthy, and well-optimized for accessibility and mobile use, with no detected security or content safety issues.

B

Business at OECD

biac.org

11

Business at OECD (BIAC) is a well-established advocacy organization representing the private sector's interests at the OECD. Founded in 1962, it connects over 55 national business and employer bodies, facilitating dialogue between business and government to promote economic growth and sustainable development. The website reflects a professional and authoritative presence with comprehensive policy content, reports, and event information targeting business leaders, policymakers, and OECD stakeholders. Technically, the site is built on HubSpot CMS, leveraging modern web technologies and analytics tools, with good mobile optimization and accessibility. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with a clear privacy policy and cookie consent mechanisms. Overall, the site demonstrates high business credibility and trustworthiness, though WHOIS data is unavailable due to privacy protection, which is justified given the organization's nature.

W

Reiseberichte :: Welt bereisen

welt-bereisen.de

47

The website 'Welt bereisen' is a niche travel blog primarily focused on European travel, with a strong emphasis on cultural, historical, and religious sites. It offers detailed travel reports, photo galleries, and rich content aimed at travel enthusiasts interested in history and culture. The site is small-scale and appears to be managed by an individual or small team, with content quality rated as good and consistent branding. Technically, the site uses a custom CMS, modern web fonts, and common JavaScript libraries such as jQuery, along with Google Analytics and Piwik for tracking. It employs HTTPS and includes a cookie consent mechanism, indicating some level of GDPR compliance. However, explicit privacy policies and terms of service are missing, and no direct contact information is provided, which limits business credibility and privacy transparency. Security posture is moderate with HTTPS but lacks security headers and formal security policies. Overall, the site is safe, professional, and well-structured but could improve in privacy and security documentation.

The website www.otustanausta.com is a Bulgarian language forum platform focused on user-generated recommendations for various services, specialists, and businesses across different regions in Bulgaria. It serves as a community-driven resource for sharing trusted local information, with monetization primarily through Google Adsense advertising. The site uses the phpBB forum software and integrates common web technologies such as Google Fonts and Font Awesome. While the site is accessible over HTTPS and includes basic security headers, it lacks advanced security measures such as Content Security Policy and X-Frame-Options headers. The presence of session IDs in URLs poses a potential security risk. No privacy, cookie, or terms of service policies are explicitly found, indicating limited privacy compliance. The WHOIS data for the domain is missing or unavailable, which raises concerns about domain legitimacy and trustworthiness. Overall, the site provides useful community content but requires improvements in security and compliance to enhance trust and protect users.

S

SofDestroy.com

sofdestroy.com

59

SofDestroy.com is a small Bulgarian company specializing in demolition, cleaning, and construction waste removal services primarily in Sofia. The website presents a professional image with detailed service descriptions, pricing, and customer testimonials, positioning the company as a reliable local service provider. Technically, the site is built on WordPress using the Astra theme and Rank Math SEO plugin, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and privacy compliance policies. The domain registration data is consistent and transparent, supporting the legitimacy of the business. Overall, the site is trustworthy and well-structured but would benefit from enhanced privacy and security measures.

А

Акаунт Консулт КО

acc-consultco.com

55

Акаунт Консулт КО is a professional accounting firm based in Sofia, Bulgaria, offering comprehensive accounting, tax, and payroll services tailored to various business sectors including transport, retail, healthcare, hospitality, and non-profit organizations. The company emphasizes personalized service, over 20 years of experience, and flexible solutions including remote service options. Their market position is strong within the Bulgarian accounting services sector, targeting small to medium-sized enterprises. Technically, the website is built on WordPress with standard plugins and demonstrates good SEO and mobile optimization, though some improvements in security headers and privacy compliance are recommended. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks explicit security policies and headers. Overall, the website is professional, trustworthy, and content-rich, though it lacks formal privacy and cookie policies which impacts compliance scoring.

C

Crafthemes

crafthemes.com

9

Crafthemes is a small technology business specializing in the development and sale of free and premium WordPress themes, primarily targeting bloggers and small businesses. Their website showcases a variety of themes with a focus on simplicity, SEO optimization, and customization. The company emphasizes customer support and documentation to enhance user experience. Technically, the website is built on WordPress using modern tools such as Elementor, Easy Digital Downloads, and Google reCAPTCHA, indicating a moderate level of digital maturity. Performance and mobile optimization are adequate, with good SEO practices in place. Security posture is reasonable with HTTPS enforced and CAPTCHA on forms, but lacks advanced security headers and published security policies. The absence of privacy and cookie policies is a notable compliance gap. WHOIS data is missing or unavailable, which raises concerns about domain legitimacy despite the professional website presence. Overall, the site is functional and trustworthy from a user perspective but would benefit from improved transparency and security documentation.

P

Period28.com

period28.com

49

Period28.com is a niche healthcare service offering an online female menstrual calendar that helps users track menstrual cycles, ovulation, symptoms, moods, and weight. The platform provides email notifications and diary features to support personal and medical tracking needs. The website targets women seeking an easy and discreet way to manage their menstrual health. The business operates as a small-scale online service with user registration and multilingual support, established since 2012. Technically, the website uses legacy JavaScript libraries such as jQuery 1.8.2, Google Fonts, Facebook SDK, and Google Analytics for tracking. Hosting appears to be managed through sureserver.com with domain registration via eNom, LLC. The site shows moderate performance and basic mobile optimization. SEO and accessibility are adequately addressed, though some modernization opportunities exist. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC is not enabled. The use of outdated JavaScript libraries introduces potential vulnerabilities. No explicit security policies or incident response information is published. Cookie consent is implemented, but GDPR compliance is only basic. The domain registration is consistent and legitimate, with a long registration period and transfer protection status. Overall, the website is functional and trustworthy for its intended audience but would benefit from technical and security improvements to enhance protection and compliance. Strategic recommendations include updating libraries, enabling DNSSEC, adding security headers, and publishing comprehensive policies.

D

Classic Lineage 2 Drop & Spoil Database

dropspoil.com

52

Dropspoil.com is a specialized online database dedicated to providing comprehensive drop and spoil information for the classic Lineage 2 MMORPG, covering chronicles from C1 to High Five. It serves a niche audience of classic server players and nostalgic gamers seeking detailed and accurate game data. The website operates primarily as an informational resource supported by advertising revenue, with no direct commercial transactions evident. Technically, the site employs standard web technologies including HTML, CSS, JavaScript, Google Fonts, Google Adsense, and Google Analytics. It features a cookie consent mechanism compliant with GDPR, ensuring user privacy preferences are respected. However, the absence of WHOIS registration data for the domain (likely a subdomain) and lack of security headers indicate areas for improvement in security posture. Overall, the site provides good content quality and user experience but could enhance trust and security by adding explicit contact details, security policies, and technical safeguards.

P

PMfun.com

pmfun.com

52

PMfun.com is a niche gaming resource website dedicated to providing comprehensive tools and databases for Lineage 2 players, including drop and spoil calculators, NPC drop rates, farming strategies, and quest walkthroughs. The site targets the Lineage 2 gaming community and offers a variety of content to enhance gameplay experience. Technically, the site uses standard web technologies with Google Fonts, Google Analytics, and Google Adsense for monetization and tracking. Privacy compliance is addressed with a cookie consent mechanism and GDPR-aligned policies. Security posture is moderate with HTTPS likely enabled but lacking explicit security headers and incident response information. The absence of WHOIS registration data raises concerns about domain legitimacy, although the active and content-rich website suggests operational stability. Overall, the site is functional and serves its audience well but would benefit from improved transparency and security practices.

S

Seir Sanduk

seirsanduk.com

51

Seir Sanduk operates as a Bulgarian online TV streaming platform offering free access to a variety of national and private TV channels, including sports, documentaries, and entertainment content. The site targets Bulgarian-speaking audiences and monetizes primarily through advertising networks such as Google Adsense and several programmatic ad providers. The platform is built on WordPress with common plugins for SEO and push notifications, indicating a moderate level of digital maturity. The website is accessible, mobile-optimized, and includes GDPR-compliant consent mechanisms, reflecting awareness of privacy regulations. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is adequate with HTTPS and consent management but lacks advanced security headers and explicit security policies. Overall, the site is functional and content-rich but would benefit from improved transparency and security hardening.

S

SuperHosting.BG Ltd.

obemnibukvi.eu

43

The website obemnibukvi.eu represents a Bulgarian company specializing in the design, manufacturing, and installation of volumetric letters and advertising signage. With over 26 years of experience, the company serves clients across Bulgaria with offices in Sofia, Varna, and Veliko Tarnovo. The business is positioned as an established local player offering comprehensive services including design, production, and installation of advertising letters and related signage products. The website content is primarily in Bulgarian and targets a general audience interested in advertising and signage solutions. Technically, the website is built on WordPress CMS and utilizes common web technologies such as PHP, jQuery, FancyBox for image galleries, Google Fonts, and FontAwesome icons. The hosting provider is SuperHosting.BG Ltd., a reputable Bulgarian hosting company. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. External integrations include Google Translate and StatCounter for analytics. From a security perspective, the website uses HTTPS with a good SSL configuration but lacks advanced security headers and formal security policies. There is no privacy or cookie policy present, which indicates compliance gaps with GDPR and related privacy regulations. The contact form is present and appears to have validation, but no explicit security or incident response policies are disclosed. The domain WHOIS data is transparent and consistent with the hosting provider, with no suspicious patterns detected. Overall, the website is professional and functional but would benefit from enhanced privacy compliance, improved security headers, and formalized security policies to strengthen trust and regulatory adherence.

R

Regenerate Hub

regeneratehub.org

56

Regenerate Hub is a platform focused on promoting circular economy principles and nature-based solutions. The website presents minimal content with a clear title and description but lacks detailed business information, contact details, or policy documentation. The platform appears to target a general audience interested in sustainability and environmental solutions. Technically, the site uses modern web technologies such as React, Webpack, and integrates third-party services like Hotjar and Google Tag Manager for analytics and user engagement. However, the absence of privacy and cookie policies despite the use of tracking scripts indicates a gap in privacy compliance. Security posture is limited by lack of visible security headers and unknown SSL configuration. The WHOIS data is unavailable, likely due to privacy protection or query failure, which reduces transparency and trustworthiness. Overall, the site is functional but basic in content and security maturity.

S

Simple Plan Foundation

simpleplanfoundation.org

59

The Simple Plan Foundation website represents a small non-profit organization established in 2005 by the band Simple Plan to support young people in need and victims of life-threatening illnesses. The foundation operates primarily in Canada and targets youth and charitable supporters. The website is built on the Squarespace platform, leveraging modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good design quality and clear navigation, though it lacks visible privacy and cookie policies, which impacts privacy compliance scores. Security posture is strong with HTTPS and HSTS enabled, but additional security headers could enhance protection. The absence of public WHOIS data suggests privacy protection, which is reasonable for a non-profit entity. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

R

Reformierte Kirche Kanton Luzern

reflu.ch

62

The website www.reflu.ch serves as the official online presence of the Reformed Church of the Canton of Luzern, Switzerland. It provides information about church services, pastoral care, community events, and regional church congregations. The site targets local German-speaking community members seeking spiritual support and church-related activities. The business model is non-profit and government-affiliated, focusing on community and religious services. The website is well-branded and consistent with the church's identity, featuring event calendars and news updates that demonstrate active engagement with its audience. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, and integrates tracking pixels from TikTok, Facebook, and Google Tag Manager. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, it lacks explicit privacy and cookie policies, which is a notable compliance gap. Security posture is generally good with HTTPS enforced, but the absence of security headers and explicit incident response contacts reduces the overall security maturity. From a security and compliance perspective, the site does not present critical vulnerabilities or exposed sensitive data. The WHOIS data aligns well with the website's claims, showing consistent registrant information appropriate for a regional church organization. No WAF or blocking mechanisms were detected, allowing full content access. The site does not contain any adult or NSFW content, making it safe for general audiences. Overall, the website is credible and professionally maintained but would benefit from enhanced privacy compliance measures and improved security headers. Adding clear contact information for security incidents and a vulnerability disclosure policy would further strengthen trust and compliance.

B

Blauring Littau

brlittau.ch

66

Blauring Littau is a well-established non-profit youth organization based in Switzerland, focused on providing engaging activities and community events for girls and young women. The website serves as a communication platform for event announcements, group activities, and community engagement, reflecting a strong local presence and a 90-year history. Technically, the site is built on the Jimdo Creator CMS platform, leveraging modern web technologies and third-party widgets, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not published. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, though it lacks some formal documentation such as terms of service and security policies.

Insert Moin is a German-language podcast website specializing in video game content, including free and premium podcast episodes, reviews, and industry news. The site targets German-speaking gaming enthusiasts and operates a business model supported by community platforms such as Patreon and Steady, alongside merchandise sales. The website is built on WordPress with a professional design and consistent branding, offering good content quality and user experience. Technically, the site uses a modern WordPress CMS with common web technologies like jQuery and Google Fonts. Performance is moderate with good mobile optimization. However, there is room for improvement in accessibility and SEO. Security posture is decent with HTTPS enabled and no visible vulnerabilities, but lacks important security headers and a formal security policy. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. Overall, the website is trustworthy and legitimate, with consistent WHOIS data and no signs of malicious or adult content. Strategic recommendations include enhancing security headers, implementing cookie consent, publishing security and incident response policies, and improving privacy compliance to strengthen user trust and regulatory adherence.

B

BX1

bx1.be

59

BX1 is a French-language regional media company focused on delivering news, culture, sports, traffic, and weather information for the Brussels Capital Region. The website offers a variety of content including news articles, TV broadcasts, radio and podcasts, and live streaming services. It targets residents and French-speaking audiences in Brussels, positioning itself as a key regional media outlet. The business appears medium-sized, founded in 2015, and maintains a consistent brand presence across multiple social media platforms. Technically, BX1 uses WordPress CMS with popular plugins such as Yoast SEO and Elementor, hosted on OVH and assets served via DigitalOcean. The site is moderately performant, mobile-optimized, and SEO-friendly. Security posture is good with HTTPS enabled and reCAPTCHA implemented, though explicit security headers and a published security policy are lacking. Privacy compliance is partial, with a GDPR cookie consent mechanism present but no explicit privacy or terms of service pages found. Overall, BX1 demonstrates a professional and trustworthy online presence with room for improvement in privacy and security transparency.

K

KidsGames

kidsgames.ch

9

KidsGames is a non-profit organization focused on organizing team-based sports and educational events for children aged 7 to 14 in the French-speaking regions of Switzerland. The website serves as an information hub for event details, media content, sponsorship, and partnership opportunities. The organization emphasizes inclusivity, teamwork, and biblical values in its activities. Technically, the website is built on TYPO3 CMS with modern frontend libraries such as jQuery and Bootstrap, providing a good user experience and mobile optimization. Security posture is moderate with HTTPS enabled and Google reCAPTCHA integrated, but lacks explicit security headers and privacy/cookie policies. Contact information is limited but includes official email and social media presence. Overall, the website is professional and trustworthy but could improve in privacy compliance and security transparency.

I

icTrainer

ictrainer.de

57

icTrainer is a small German company specializing in affordable indoor cycling software tailored for cyclists and triathletes. Their product complements roller and spinning bikes, targeting a niche market of fitness enthusiasts focused on indoor training. The website is professionally designed using WordPress with modern SEO and cookie consent tools, reflecting a mature digital presence. The technical infrastructure leverages popular analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager, indicating a data-driven approach to user engagement and marketing. Security posture is solid with HTTPS enforced and use of Google reCAPTCHA for form protection, though some security headers could be improved. Privacy compliance is strong with comprehensive GDPR-aligned policies and consent mechanisms. Overall, the website presents a trustworthy and professional image suitable for its market segment.

F

FRCI

frci.net

66

FRCI is a Mauritius-based IT consultancy specializing in Microsoft technologies, digital transformation, and training services. The company positions itself as a trusted partner enabling business success through people and technology, serving clients across multiple continents. Their key offerings include Microsoft licensing, project delivery, change management, technical support, business and digital solutions, and comprehensive IT training programs. The website reflects a professional and modern digital presence with clear navigation and relevant content targeting business clients seeking IT expertise. Technically, the website is built on the Umbraco CMS platform and leverages modern JavaScript libraries such as Swiper.js, Fancybox, GSAP, and jQuery. It uses Google Fonts and integrates Google Analytics for visitor tracking. The site is mobile-optimized with good design quality and user experience, though accessibility features are basic. The presence of a privacy policy is noted, but cookie consent mechanisms and detailed security policies are lacking. From a security perspective, the site uses HTTPS and employs email obfuscation to protect contact information. However, no explicit security headers were detected in the HTML content, and there is no published incident response or vulnerability disclosure information. The WHOIS data for the domain is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy despite the professional website content. Overall, the website demonstrates a solid business and technical foundation but requires improvements in security posture, privacy compliance, and domain registration transparency to enhance trust and reduce risk.

B

Bauhaus-Archiv GmbH

bauhaus-shop.de

70

Bauhaus-Shop is an e-commerce platform operated by Bauhaus-Archiv GmbH, offering design products associated with the Bauhaus-Archiv Museum in Berlin. The website targets general consumers interested in Bauhaus design merchandise, positioning itself as a niche cultural museum shop. The business model focuses on online retail through a Shopify-based storefront, leveraging Shopify's infrastructure and payment systems. The site is professionally branded and consistent with the museum's identity, providing a good user experience and clear navigation.

A

ActionAid International Kenya

actionaid-kenya.org

52

ActionAid International Kenya is a medium-sized non-profit organization established in 2022, focused on social justice and community empowerment in Kenya. The website serves as a platform for advocacy, fundraising, and information dissemination, leveraging WordPress with plugins such as GiveWP and WooCommerce for donation management. The technical infrastructure is modern and includes integrations with JamboPay for payment processing and Google Analytics for visitor tracking. Security posture is adequate with HTTPS enforced and domain registration protections in place, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service policies found. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and security documentation.

T

Tiroler Tageszeitung Online

tt.com

69

Tiroler Tageszeitung Online is a prominent regional news media outlet serving the Tirol region in Austria. The website offers a broad range of news categories including politics, economy, culture, sports, and local news. It operates on a business model combining advertising revenue and digital subscriptions, positioning itself as a leading media provider in its market. The parent company is New Media Online, indicating a structured media business entity. The website is professionally designed with consistent branding and high-quality content tailored to a general audience in the region. Technically, the site leverages modern web technologies such as Angular framework, Google Tag Manager, and multiple analytics and advertising platforms including Piano Analytics and INFOnline. The site is optimized for mobile devices and demonstrates good SEO and accessibility practices. Performance is moderate, with asynchronous loading of scripts and preconnect hints to improve speed. From a security perspective, the website enforces HTTPS and employs consent management for cookies, reflecting GDPR compliance. While explicit security headers are not fully confirmed, best practices such as adblock detection and consent-based tracking are implemented. No vulnerabilities or exposed sensitive data were detected in the analyzed content. However, the absence of a public security policy or incident response page suggests room for improvement in transparency and readiness. Overall, the website presents a low risk profile with strong business credibility and compliance posture. The missing WHOIS data slightly reduces transparency but is not uncommon for media companies. Strategic recommendations include enhancing public security disclosures, confirming security headers, and maintaining vigilance on third-party scripts to sustain trust and security.

F

Foodhak

foodhak.com

68

Foodhak is a UK-based e-commerce company specializing in healthy, Ayurvedic-inspired meal plans and snacks delivered directly to consumers. The business leverages a Shopify platform integrated with multiple marketing and analytics tools to provide personalized nutrition solutions via an app and subscription boxes. The website is professionally designed, mobile-optimized, and includes trust signals such as customer reviews and secure payment options. Technically, the site uses modern web technologies and is hosted on reliable infrastructure with good performance and SEO practices. Security posture is solid with HTTPS and domain registration protections, though DNSSEC is not enabled and no explicit security policies are published. Privacy compliance is basic but includes cookie consent and a comprehensive privacy policy. Overall, the site is trustworthy, well-maintained, and suitable for its target health-conscious audience.

R

Recisio

karafun.es

72

KaraFun, operated by Recisio, is a well-established online karaoke platform offering a vast catalog of karaoke songs and interactive music quizzes. The service targets a broad audience with multilingual support and multiple subscription plans, including free, premium, and professional tiers. The company also provides karaoke hardware and business solutions, positioning itself as a comprehensive karaoke entertainment provider in the media sector. The website demonstrates strong branding consistency and professional content quality, supported by a modern technical infrastructure leveraging JavaScript, SVG, and privacy-conscious analytics tools like Umami. Technically, the site is well-optimized for performance and mobile responsiveness, with good SEO and accessibility practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response information are not publicly disclosed. The domain registration aligns well with the business claims, indicating legitimacy and trustworthiness. Social media presence and partner domains further reinforce the company's market position. Overall, the website is professional, secure, and compliant with privacy regulations, offering a trustworthy user experience. However, improvements could be made by publishing a dedicated security policy, incident response contacts, and vulnerability disclosure information to enhance transparency and security readiness.