Security Directory

I

Iguana Design

iguanadesign.com.au

35

Iguana Design is a small Australian business specializing in brand design and marketing services, operating from the Sunshine Coast. With over 30 years of experience, they provide visual branding solutions including logos, branding, and web design to help businesses establish a strong market presence. The website is built on WordPress and uses common web technologies such as jQuery and FontAwesome, hosted by an Australian hosting provider. The site is moderately optimized for performance and mobile use, with a professional design and clear navigation. Security posture is adequate with HTTPS enabled, but lacks important security headers and formal privacy or cookie policies, which are critical for compliance and trust. No contact emails or phone numbers are explicitly provided, limiting direct communication channels. Overall, the domain registration details align well with the business claims, indicating legitimacy.

Y

Yoomigo

espacestrail.run

49

Espacestrail.run is a specialized platform dedicated to trail running, offering detailed information on trail running routes across over 40 territories primarily in France and nearby regions. The website serves trail runners and outdoor enthusiasts by providing route maps, event calendars, and mobile app integrations to enhance the trail running experience. The business operates as a niche outdoor sports network with a focus on promoting territories and facilitating trail running activities. Technically, the site uses modern web technologies including Bootstrap, OpenLayers for mapping, FontAwesome icons, and Matomo for analytics, delivering a responsive and user-friendly experience. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though privacy compliance could be improved by adding cookie consent and clearer GDPR statements. Overall, the site is professional, trustworthy, and well-positioned in its niche, though it would benefit from enhanced privacy and security policy disclosures.

A

Agence nationale du Sport

agencedusport.fr

59

Agence nationale du Sport is the official French national agency dedicated to the development and support of sports activities, high performance athletes, and territorial sport projects. It operates under the French Ministry of Sports and provides funding, governance, and coordination services to sports federations, athletes, and local authorities. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with government standards. Technically, the site is built on Drupal CMS with modern libraries and frameworks, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not publicly detailed. WHOIS data is not available, likely due to privacy protection, which is justified for a government-related domain. Overall, the site is trustworthy, professional, and compliant with GDPR regulations.

H

Health and Safety Authority

hsalearning.ie

66

The Health and Safety Authority (HSA) operates the hsalearning.ie platform, providing free, accessible online health and safety awareness courses targeted at workers, employers, educators, and students in Ireland. The platform leverages the Moodle LMS to deliver structured educational content, supporting workplace safety and compliance. The website is professionally designed with consistent branding and clear navigation, emphasizing accessibility and user experience. Privacy and cookie policies are comprehensive and GDPR compliant, supported by Cookiebot for consent management. Technically, the site uses modern web technologies including Moodle, YUI, jQuery, and FontAwesome, hosted by Hosting Ireland with a secure HTTPS configuration. Security posture is solid with room for improvement in DNSSEC and security headers. No critical vulnerabilities or suspicious content were detected, and the domain registration aligns well with the business history, indicating legitimacy and trustworthiness.

H

Havas

havas.bg

41

Havas.bg is the website of Havas, a creative agency specializing in connecting people and brands through creativity, media, and innovation. The site presents a portfolio of diverse projects for notable clients such as Vivacom, Baumit, Volkswagen, and others, indicating a strong presence in the Bulgarian advertising and media market. The business model revolves around providing creative and marketing services to corporate clients, positioning itself as a medium-sized agency with a professional digital presence. Technically, the website is built on WordPress, utilizing popular plugins like LayerSlider, Slider Revolution, and Visual Composer, along with standard web technologies such as jQuery and Google Fonts. The site is mobile-optimized and moderately performant, though some accessibility and SEO enhancements could be made. HTTPS is properly implemented, but security headers are missing, which could be improved to enhance security posture. From a security and compliance perspective, the site lacks visible privacy and cookie policies, as well as contact information for data protection or incident response, which are important for GDPR compliance and user trust. The WHOIS data is privacy-protected due to GDPR, which is justified for this business type, and no suspicious domain registration patterns were found. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website is professional and functional but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen trust and regulatory adherence.

H

Havas Village

havasvillage.es

61

Havas Village España operates as an integrated marketing and communication agency under the Havas Group umbrella, pioneering a model that consolidates multiple marketing specialties within a single location. The website reflects a mature digital presence built on WordPress, leveraging modern plugins such as Yoast SEO and Smart Slider 3, and integrates Google Tag Manager for analytics. The content is professionally crafted, targeting businesses and brands seeking comprehensive marketing solutions in Spain. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. Privacy compliance is partial, with cookie consent but no clear privacy policy or terms of service pages. Overall, the domain appears legitimate despite unavailable WHOIS data, with privacy protection justified for this business type.

C

Modern Consent Banners | CookieChimp

cookiechimp.com

73

CookieChimp is a modern SaaS platform specializing in AI-powered consent management solutions designed to help websites comply with global privacy regulations such as GDPR, CCPA, and Google Consent Mode. The platform offers customizable consent banners, automated cookie and vendor scanning, and real-time dashboards to optimize user consent rates. Positioned as both enterprise-grade and startup-friendly, CookieChimp targets website owners and developers seeking efficient privacy compliance tools. The website demonstrates strong branding, client testimonials, and integration with popular platforms, indicating a solid market presence. Technically, the website employs a modern tech stack including JavaScript, FontAwesome, Tailwind CSS, and Turbo Frames, hosted behind Cloudflare DNS and CDN services. It integrates analytics and user engagement tools like Google Tag Manager and Intercom, ensuring good performance, mobile optimization, and accessibility. The domain is registered with NameCheap since 2020, consistent with the company's startup profile. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but lacks DNSSEC and publicly available security or incident response policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial due to the absence of explicit privacy and cookie policy pages in the analyzed content. Overall, CookieChimp presents a professional, trustworthy, and technically sound platform with room for improvement in transparency around privacy policies and security disclosures.

H

Health and Safety Authority

hsa.ie

63

The Health and Safety Authority (HSA) is the national government body responsible for workplace health and safety regulation and enforcement in Ireland. Established in 1989, it provides comprehensive guidance, education, and support to employers, employees, and various industry sectors to promote safe and healthy working environments. The website serves as a central resource hub with extensive information on legislation, safety topics, training, and compliance requirements. Technically, the website employs a modern technology stack including jQuery, Bootstrap, FontAwesome, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing purposes. Hosting is provided by Hosting Ireland, and the domain is well-established with a long registration history. The site is mobile-optimized with good navigation and accessibility features, though some improvements in accessibility and security headers could be made. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partially addressed with a cookie management system and consent mechanism, but no explicit privacy policy or terms of service were found in the provided content. Overall, the website is professional, trustworthy, and serves its government regulatory function effectively. Strategic recommendations include enhancing security headers, publishing privacy and security policies, and adding vulnerability disclosure information to improve transparency and compliance.

A

a'urba

aurba.org

58

a'urba is a well-established urban planning agency based in Bordeaux, France, with over 40 years of experience in strategic urban development for the Bordeaux metropolitan area and its surrounding territories. The agency provides a range of services including urban development strategy, data observatories, research publications, and consulting. The website reflects a professional and comprehensive digital presence, featuring extensive resources, publications, and event information targeted at urban planners, government officials, and stakeholders in regional development. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Bootstrap, LayerSlider, and Google services including Analytics and reCAPTCHA. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security measures include HTTPS enforcement and CAPTCHA protection on forms, alongside GDPR-compliant cookie consent mechanisms. The security posture is solid but could be enhanced by implementing additional HTTP security headers and publishing explicit security policies or incident response contacts. The absence of WHOIS data due to query failure or privacy protection is noted but does not significantly detract from the site's legitimacy given the professional content and compliance indicators. Overall, a'urba presents a trustworthy and authoritative online presence suitable for its public agency role, with recommendations to improve security headers and transparency around security policies to further strengthen trust and compliance.

E

Exalto

e-licence.fr

55

Exalto operates the E-licence platform, a specialized information system serving French sports federations. The company provides extranet and intranet portals, license and competition management modules, and tailored software solutions for over 40 federations. Their market position is strong within the French sports federation sector, leveraging over 18 years of experience since domain registration in 2006. The website is professionally designed, content-rich, and targets federation administrators and sports organizations in France. Technically, the website is built on WordPress with common plugins such as WPBakery Page Builder, LayerSlider, and Bootstrap for responsive design. The infrastructure is hosted via GANDI, a reputable registrar and hosting provider. Performance is moderate with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. Security posture is adequate with HTTPS enforced and no exposed sensitive data. However, the site lacks explicit security headers and does not provide published security or incident response policies. Cookie consent mechanisms are absent, which may impact GDPR compliance. Analytics usage includes Google Analytics and ShareThis, indicating moderate user tracking. Overall, the website is trustworthy and professional with minor gaps in privacy compliance and security best practices. Strategic improvements in security headers, cookie consent, and transparency policies would enhance the security posture and regulatory compliance.

O

Obec Strašov

obecstrasov.cz

50

Obec Strašov is the official municipal website for the village of Strašov in the Czech Republic. It serves as a local government portal providing residents and visitors with information about municipal services, news, events, public notices, and contact details. The website targets local citizens and community members, offering a centralized platform for civic engagement and communication. The business model is that of a government entity focused on public service and community information dissemination. The domain was registered in 2022, consistent with a relatively new or modernized municipal web presence.

A

American Heart Association

heartpowered.org

63

HeartPowered.org is a professionally maintained website representing the American Heart Association's advocacy arm focused on advancing health policies to improve cardiovascular outcomes. The site targets advocates, volunteers, policymakers, and the general public interested in health advocacy. It leverages a modern WordPress infrastructure with SEO and accessibility best practices, including Yoast SEO and OneTrust for cookie consent management. The website demonstrates a strong security posture with HTTPS and no exposed sensitive data, though it could improve by enabling DNSSEC and publishing explicit security policies. Overall, the site is trustworthy, well-branded, and provides comprehensive content relevant to its mission.

T

TRACE International, Inc.

traceinternational.org

65

TRACE International, Inc. operates as a non-profit organization providing compliance tools and resources to companies aiming to adhere to anti-bribery laws such as the U.S. Foreign Corrupt Practices Act and the UK Bribery Act. Their business model is membership-based, pooling dues to develop shared compliance resources including eLearning and a member resource center. The organization is positioned as a globally recognized compliance community resource with a focus on ethical business practices. Technically, the website employs modern web technologies including Nuxt.js, jQuery, Bootstrap, and integrates third-party services such as HubSpot for marketing and analytics. The site is hosted partially on Microsoft Azure Blob Storage for media assets and demonstrates moderate performance with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the website content and branding suggest a professional and trustworthy organization. Overall, the website presents a solid compliance-focused resource with good content quality and technical implementation. Enhancements in security headers and transparency around security policies would strengthen its security posture and trustworthiness.

BIMCO is a globally recognized membership organization serving the maritime shipping industry, providing contracts, regulatory affairs, training, and expert knowledge. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to shipowners, charterers, shipbrokers, and agents worldwide. Technically, the site leverages modern JavaScript frameworks, analytics, and performance optimizations, hosted on a secure HTTPS platform with strong security headers and cookie consent mechanisms. Security posture is robust with no visible vulnerabilities, though explicit security policies and incident response details are absent. Overall, BIMCO's website demonstrates high professionalism and trustworthiness, supporting its market leadership in the shipping sector.

G

Gambling Therapy

gamblingtherapy.org

56

Gambling Therapy is a well-established non-profit organization founded in 2003, providing global support and practical advice for individuals affected by problem gambling. The service is offered by Gordon Moody, a registered charity in the UK, and targets both gamblers and those affected by others' gambling. The website is multilingual, professionally designed, and offers a variety of resources including support forums, informational content, and contact options. Technically, the site is built on WordPress with modern plugins and libraries, hosted behind Cloudflare DNS, and optimized for mobile and SEO. Security posture is good with HTTPS enforced and no exposed sensitive data, though improvements can be made by enabling DNSSEC and adding security headers. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates high business credibility and trustworthiness.

K

Kup-Kytici

kup-kytici.cz

51

Kup-Kytici.cz is an established Czech Republic based e-commerce platform specializing in online flower sales and same-day delivery services. The website offers a wide range of flower bouquets, gift add-ons, and regional delivery options, targeting consumers seeking convenient and reliable flower delivery. The platform is professionally designed with good content quality, clear navigation, and multi-language support. Technically, it leverages modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits domain transparency but does not detract from the overall legitimacy of the business. Contact information and social media presence enhance trust. Overall, the site is a credible and functional online flower delivery service with room for security and compliance enhancements.

K

Kytica Expres

kytica-expres.sk

49

Kytica Expres is an established Slovakian e-commerce business specializing in express flower delivery services across Slovakia and the Czech Republic. The website offers a broad catalog of flower bouquets, gift sets, and vouchers with a promise of delivery within 90 minutes. The platform supports multiple languages and currencies, enhancing accessibility for regional customers. Technically, the website employs common web technologies such as jQuery, Bootstrap, and integrates marketing and analytics tools including Google Tag Manager, Facebook Pixel, Klaviyo, and Smartlook, indicating a mature digital marketing strategy. Security posture is solid with HTTPS enforced and no visible critical vulnerabilities, though improvements such as CSP and security.txt publication are recommended. Privacy compliance is basic but present, with cookie consent mechanisms and privacy policies available. Overall, the website is professional, trustworthy, and well-positioned in its market niche.

F

Flora Online

flora-online.sk

49

Flora Online is an established Slovak e-commerce business specializing in flower delivery services with a promise of fast delivery within 90 minutes. The company sources fresh flowers from the Dutch flower market and offers a wide range of bouquets and gift items. The website is professionally designed, multilingual, and supports multiple currencies, targeting consumers in Slovakia. The technical infrastructure includes modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Klaviyo, alongside a live chat service for customer support. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. The business demonstrates good compliance with GDPR through privacy and cookie policies. Overall, the website presents a trustworthy and professional online retail platform with a strong market position in Slovakia.

F

Rozvoz květin online ❤️ po Praze a okolí do 60 minut | Flora Květiny Praha

flora-kvetiny.cz

50

The website www.flora-kvetiny.cz is an e-commerce platform specializing in fast flower delivery services in Prague and its surroundings. It offers a wide range of bouquets and related gift items with delivery promised within 60 minutes, operating 7 days a week. The site targets consumers seeking convenient and quick flower delivery with multiple payment options including PayPal, card payments, and cash on delivery. The business appears to be a small local player with a consistent brand presence and good content quality. Technically, the site uses a modern tech stack including jQuery, Google Analytics, Facebook SDK, and is likely built on the USHOP platform. Mobile optimization and SEO are well implemented, though accessibility could be improved. Security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. WHOIS data is unavailable, which reduces domain trustworthiness. Overall, the site is professional and functional but would benefit from enhanced transparency and security disclosures.

Z

Základní a mateřská škola Louka

zsmslouka.cz

54

Základní a mateřská škola Louka is a small educational institution based in the Czech Republic, providing primary and nursery education services. The website presents a well-structured and content-rich platform aimed at parents, students, and the local community. It highlights the school's modern facilities, individualized approach, and various educational and extracurricular offerings. The domain has been registered since 2015, consistent with the school's operational history. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and FontAwesome, with a CMS likely based on Nette framework. The site is mobile-optimized and demonstrates good SEO practices. However, performance is moderate and accessibility features are basic. The site uses Google Analytics for user tracking but lacks a cookie consent mechanism, which is a GDPR compliance gap. From a security perspective, the site uses HTTPS (implied by external scripts), but no explicit security headers or published security policies are detected. There are no visible vulnerabilities or exposed sensitive data. The absence of incident response contact information and security certifications suggests room for improvement in security posture. Overall, the website is professional, trustworthy, and serves its educational purpose well. Strategic improvements in privacy compliance and security practices would enhance its risk profile and user trust.

Základní škola a Mateřská škola Ladná is a small, family-type educational institution located in the Czech Republic, providing primary and preschool education services to the local community. The website serves as an information portal for parents and guardians, offering news updates, event calendars, and contact details. The institution is supported by various government and EU partners, indicating a stable and legitimate operation. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Google Tag Manager, ensuring a responsive and user-friendly experience. The site is hosted via a Czech registrar and hosting provider, consistent with the domain registration data. Security-wise, the site uses HTTPS and a cookie consent mechanism, but lacks published privacy policies, security headers, and incident response information, which are areas for improvement. Overall, the website is professional, trustworthy, and well-maintained, with moderate tracking via Google Analytics. Strategic recommendations include enhancing privacy compliance and security posture to align with best practices and regulatory requirements.

K

Kalisport

kalisport.com

59

Kalisport is a French software company providing an all-in-one sports management solution tailored for clubs, committees, and associations. Their platform offers a comprehensive suite of services including member management, accounting, sponsor management, online payments, event management, communication tools, and mobile applications. Positioned as a specialized SaaS provider in the sports technology sector, Kalisport targets small to medium-sized sports organizations primarily in France. The website is professionally designed with a clear focus on usability and accessibility, supporting both web and mobile platforms. Technically, the site leverages modern front-end technologies such as Bootstrap, jQuery, and FontAwesome, and implements cookie consent mechanisms with GDPR compliance in mind. Security posture is moderate; while HTTPS and cookie consent are implemented, the absence of visible security headers and incident response information suggests room for improvement. The lack of WHOIS data raises some concerns about domain registration legitimacy, though the active and professional website presence partially mitigates this risk. Overall, Kalisport presents a credible business with a solid digital presence but would benefit from enhanced transparency and security disclosures.

M

Mont-Blanc Hockey

montblanchockey.fr

53

Mont-Blanc Hockey is a small, community-focused ice hockey club based in France, founded in 2023. The club targets children and youth interested in ice hockey, offering training, tournaments, membership, and merchandise. The website reflects a well-structured and professionally designed platform that supports the club's activities and community engagement. The use of structured data and social media integration enhances its digital presence. Technically, the site employs a modern tech stack with popular JavaScript libraries and frameworks, hosted under a reputable registrar, and implements HTTPS with privacy-conscious analytics (Matomo). Security posture is solid with no critical vulnerabilities detected, though formal security policies and incident response contacts are absent. Privacy compliance is good, with a cookie consent mechanism and a privacy policy page in French. Overall, the website is trustworthy and suitable for its audience, with room for improvement in formal security documentation and contact transparency.

C

Chamonix Hockey Club

chamonixhockeyclub.com

56

Chamonix Hockey Club is a regional ice hockey sports club based in the Chamonix Mont-Blanc valley, France, catering to youth players aged 4 to 20 and adult leisure players. The club organizes training, tournaments, and seasonal events, positioning itself as a key local sports entity in Haute Savoie. The website reflects this focus with detailed match schedules, team information, and event announcements. Technically, the site uses a modern but somewhat dated tech stack including Bootstrap 3, jQuery, and various UI libraries, hosted by OVH sas. It implements HTTPS and cookie consent mechanisms aligned with GDPR requirements, though lacks some advanced security headers and explicit security policies. No contact emails or phone numbers are directly visible, which may impact user engagement and trust. Overall, the site is functional, well-branded, and provides relevant content for its audience.

Miele For Life is a dedicated membership loyalty website targeting existing Miele appliance owners in New Zealand, offering exclusive benefits such as discounts, events, and customer care. The website is built on WordPress with modern technologies including Bootstrap, jQuery, Google Tag Manager, and reCAPTCHA, hosted behind Akamai CDN infrastructure. The site demonstrates good digital maturity with mobile optimization, SEO best practices, and a clear content structure focused on recipes, offers, and member engagement. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, though minor issues such as missing DNSSEC and a broken GTM script fetch exist. Privacy compliance is well addressed with a cookie consent mechanism and clear links to privacy and terms pages. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate and professional brand presence.

S

Sphere

sphere.cz

56

Sphere.cz operates as the largest loyalty program platform in the Czech Republic and Slovakia, offering consumers a wide network of partners where they can collect points, receive discounts, and redeem rewards. The website is professionally designed using WordPress and Elementor, with a focus on retail consumers interested in maximizing shopping benefits. The platform supports multiple languages and integrates various marketing and analytics tools such as Facebook Pixel, Hotjar, and Smartlook to optimize user engagement and campaign effectiveness. Despite the lack of WHOIS data transparency, the website presents a legitimate and established business presence in the retail loyalty sector.

Z

ZÁLESÍ a.s.

zalesi.cz

55

ZÁLESÍ a.s. is a diversified Czech manufacturing and service company operating in plastics, metalworks, automotive parts production, agriculture, robotics, and hospitality sectors. The company maintains a strong regional presence with multiple subsidiary domains representing its various business units. The website is professionally designed, multilingual, and provides comprehensive information about the company's services and contact details. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, including Google Analytics, Facebook Pixel, and Smartlook, alongside GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and email obfuscation implemented, though security headers could be improved. The absence of WHOIS data limits domain registration transparency but does not detract from the overall legitimacy of the business. The site is free from adult or questionable content and targets a general industrial and commercial audience.

E

ELMAX

de-dietrich.cz

68

ELMAX operates as a premium retailer specializing in luxury French kitchen appliances, prominently featuring the De Dietrich brand. The company targets consumers in the Czech Republic seeking high-end cooking and kitchen solutions, offering showroom visits and personalized customer service. The website reflects a professional retail business with a medium-sized market presence and a history dating back to 1997. Technically, the site employs a modern JavaScript stack with libraries such as jQuery, Swiper, and FontAwesome, alongside analytics and marketing tools including HubSpot, Microsoft Clarity, and Facebook Pixel. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies could be improved. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for commercial retail sites. Overall, the site is trustworthy, professional, and well-maintained.

H

Hockey Club 74

hc74.fr

10

Hockey Club 74 is a regional alliance of ice hockey clubs based in Haute-Savoie, France, representing teams from Chamonix, Megève, Morzine, and St Gervais. The website serves as a hub for club information, upcoming matches, tournaments, and partner acknowledgments, targeting hockey players, fans, and the local community. The club is positioned as a key regional sports entity with institutional and private partnerships supporting youth development and competitive hockey. Technically, the website is built on a custom sports club platform (Kalisport) leveraging Bootstrap 3, jQuery, and various JavaScript libraries for UI components and event management. It is hosted by OVH and uses HTTPS with a good SSL configuration. The site is mobile responsive and includes SEO and accessibility considerations, though some accessibility features are basic. From a security perspective, the site enforces HTTPS, uses a cookie consent mechanism with high privacy settings, and employs Matomo analytics for privacy-conscious tracking. However, explicit security headers and incident response policies are not evident. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a professional and trustworthy front for the hockey club alliance with good content quality and privacy compliance. Strategic improvements could include adding explicit security policies, terms of service, and enhanced security headers to further strengthen the security posture.

S

SKIAREÁL KLÍNOVEC s.r.o.

klinovec.cz

43

SKIAREÁL KLÍNOVEC s.r.o. operates the largest ski resort in the Krušné hory region of the Czech Republic, offering winter and summer recreational activities including skiing, biking, hiking, and equipment rentals. The website is professionally designed, multilingual, and provides comprehensive information about services, pricing, and live updates. The company maintains a strong market position with established partnerships and a clear focus on family-friendly tourism. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is solid with HTTPS enforced and GDPR compliance mechanisms in place, although some security headers could be improved. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations.

Firefly Digital Marketing Ltd is a London-based digital agency specializing in website design, application development, ecommerce, and email marketing services. The company targets businesses and agencies seeking innovative and robust digital solutions, positioning itself as a trusted partner with a portfolio including notable clients such as Virgin Media Business and ABB. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the site employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Google Analytics and Tag Manager for tracking. The site is mobile-optimized and accessible with good SEO practices. Security posture is moderate; HTTPS is implied but no explicit security headers were detected, and no vulnerability disclosures or incident response contacts are provided. Privacy compliance is strong with a comprehensive privacy policy and GDPR commitment, though a cookie consent mechanism is absent. WHOIS data for the 'www' subdomain is unavailable due to domain naming rules, but the main domain is presumably registered correctly. Overall, the site is trustworthy and professional but could improve security transparency and cookie consent.

A

Anglet Hormadi Pays Basque

hormadi.fr

45

Anglet Hormadi Pays Basque is a professional ice hockey club based in France, competing in the Synerglace Ligue Magnus. The website serves as the official digital presence of the club, providing comprehensive information about the team, season schedules, news updates, ticketing options, and partner relations. The site targets sports fans and the local community, offering a well-structured and branded experience consistent with a medium-sized sports organization. Technically, the website is built on WordPress with a modern tech stack including popular plugins and libraries such as WPBakery, Bootstrap, and Google Analytics. The site demonstrates good mobile optimization, SEO practices, and user experience. Privacy compliance is well addressed with GDPR-aligned cookie consent and privacy policies. From a security perspective, the site uses HTTPS and implements some best practices, though security headers could be enhanced. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is common for such organizations, and does not raise immediate trust concerns. Overall, the website is professional, trustworthy, and suitable for its business purpose. Strategic recommendations include improving security headers, maintaining plugin updates, and enhancing incident response visibility.

P

Prose on Pixels

proseonpixels.com

61

Prose on Pixels is a global content production network powered by AI and audience-driven creativity, operating under the Havas Group umbrella. The company specializes in delivering scalable, personalized marketing campaigns with a focus on sustainability and diversity. Their market position is strong within the media sector, leveraging advanced technology and strategic partnerships to enhance brand performance for clients worldwide. Technically, the website is built on WordPress with modern plugins and libraries, showing good SEO and mobile optimization. Security posture is solid with HTTPS and Content-Security-Policy headers, though additional security headers and policies could improve resilience. The absence of WHOIS data is a notable anomaly but does not detract from the professional presentation and trust signals on the site. Overall, the company demonstrates a mature digital presence with room for enhanced transparency in security and contact information.

K

KENDESIGN - Werbeagentur Inh. Fatih Kendirli

kendesign.de

53

KENDESIGN is a small German communication agency specializing in branding, graphic design, marketing, SEO, social media management, web design, development, and hosting services. The company targets businesses and organizations seeking comprehensive communication and design solutions. Their market position is that of a local/regional agency with a focused service offering. The website content is minimal but relevant, providing clear contact information and links to social media profiles, which supports business credibility. Technically, the website is built on WordPress using the SeedProd Coming Soon Pro plugin, jQuery, Tailwind CSS, and FontAwesome. Hosting appears to be managed via GoDaddy's domain control nameservers. The site shows basic mobile optimization and SEO practices but lacks advanced accessibility features and performance optimizations. No analytics or tracking scripts were detected, indicating a minimal data collection approach. From a security perspective, the site lacks visible security headers and cookie consent mechanisms, and SSL configuration details are not provided. There is no evidence of a formal security policy, incident response plan, or vulnerability disclosure process. The WHOIS data is minimal but does not raise immediate concerns. Overall, the security posture is basic and could be improved to meet modern standards and compliance requirements. The overall risk assessment suggests a low to moderate risk profile typical for a small agency website. Strategic recommendations include implementing security headers, enforcing HTTPS, adding cookie consent for GDPR compliance, and publishing security and incident response policies to enhance trust and compliance.

K

Kytice-Expres

kytice-expres.cz

51

Kytice-Expres is an established online flower delivery service operating primarily in the Czech Republic and Slovakia, offering a wide range of bouquets and gift sets with express delivery options up to 90 minutes. The website demonstrates a mature e-commerce platform with multiple payment methods including modern options like Apple Pay and Google Pay, supported by marketing and analytics tools such as Klaviyo and Smartlook. Despite the lack of WHOIS data, the site presents professional content, clear contact information, and GDPR-compliant privacy and cookie policies. Security posture is good with HTTPS and security headers in place, though the absence of a public security policy and incident response details suggests room for improvement.

I

IVF Zlín Czech Republic, s.r.o.

ivf-zlin.cz

51

IVF Zlín Czech Republic, s.r.o. operates a specialized reproductive medicine and gynecology clinic based in Zlín, Czech Republic. The clinic offers a comprehensive range of services including IVF treatments, egg and sperm donation, fertility preservation, and gynecological care. With a history dating back to 2000 and over 7000 children born through their assisted reproduction techniques, the clinic holds a strong regional market position. Their business model integrates medical services with hospitality offerings such as an on-site hotel and pharmacy, enhancing patient comfort and convenience. Technically, the website employs modern web technologies including jQuery, Google Analytics, and Google Tag Manager, ensuring a responsive and user-friendly experience. The site is well-structured with good SEO practices and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and explicit security policies. From a security and compliance perspective, the site demonstrates GDPR awareness with a comprehensive privacy policy and cookie consent mechanism. However, no explicit incident response or vulnerability disclosure policies were found. WHOIS data is unavailable due to privacy protection, which is typical for healthcare providers. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and implementing a vulnerability disclosure program to further strengthen trust and compliance.

S

Synpase

synpase.eu

59

Synpase is a French national syndicate representing professionals in the audiovisual, spectacle, and event sectors. The organization provides resources, advocacy, and member services to support its constituency. The website is professionally designed using WordPress and the Avada theme, featuring modern plugins for document embedding, newsletter subscription, and member login. The site is well-structured and mobile-optimized, targeting industry professionals in France. Security posture is adequate with HTTPS enabled and secure forms, but lacks visible security headers and privacy policies. WHOIS data is unavailable, which slightly impacts trust but the active and updated website supports legitimacy. Overall, the site is a credible resource for its sector with room for improvement in privacy compliance and security transparency.

H

Hivebrite

hivebrite.io

48

Hivebrite is an enterprise-level SaaS company specializing in providing an online community engagement platform designed to facilitate organic connections and positive impact within communities. The company positions itself as a best-in-class, easy to set up, and customizable solution targeting organizations seeking to build and manage online communities. The website is professionally designed, built on WordPress with modern SEO and marketing tools integrated, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enabled and domain transfer protections in place, though some improvements like DNSSEC and security policy disclosures are recommended. Overall, the website is trustworthy and business credible but lacks explicit privacy and security policy documentation, which should be addressed to enhance compliance and user trust.

H

Hivebrite

hivebrite.com

55

Hivebrite is a technology company based in France, founded in 2020, offering a best-in-class online community engagement platform. Their SaaS model targets organizations and communities seeking customizable and easy-to-set-up engagement solutions. The website reflects a professional and consistent brand presence with good content quality and clear messaging focused on community engagement. Technically, the site is built on WordPress, leveraging modern marketing and analytics tools such as HubSpot, Google Tag Manager, and Visual Website Optimizer, hosted behind Cloudflare DNS services. Security posture is solid with HTTPS enabled and domain transfer protections, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks visible privacy and terms of service pages. Overall, the website is trustworthy, safe for general audiences, and well-positioned in the technology sector.

C

Consortium of Multiple Sclerosis Centers

mscare.org

52

The Consortium of Multiple Sclerosis Centers (CMSC) is a well-established non-profit organization dedicated to advancing clinical research, education, and advocacy in multiple sclerosis care. The website serves healthcare professionals, researchers, patients, and caregivers by providing continuing education, certifications, special interest groups, and annual meetings. CMSC holds a strong market position as a leading North American resource for MS care professionals, supported by partnerships with reputable organizations and a comprehensive offering of services.

S

SCR Technologies

dealdone.online

49

Dealdone is a technology company offering a secure digital platform for creating and managing verbal agreements online. Their service targets individuals and small to medium businesses who need a simple, encrypted way to document deals such as loans, rentals, sales, and work agreements. The business operates on a subscription SaaS model with free, premium, and enterprise plans. Technically, the website is built on WordPress with Bootstrap and jQuery, providing a modern but moderately optimized user experience. The site is mobile-friendly and SEO-optimized but shows some backend PHP warnings that could affect security and professionalism. Security posture is moderate with HTTPS and encryption claims, but lacks visible security headers and explicit security policies. Privacy compliance is basic with privacy and terms pages but no cookie consent mechanism. Overall, the site is trustworthy but could improve in backend stability and security transparency.

S

Syndicat National des Professionnels de l’Audiovisuel, du Spectacle et de l’Évènement

synpase.fr

52

Synpase is a French national syndicate representing professionals in the audiovisual, spectacle, and event sectors. The website serves as an information hub offering news, agreements, documentation, and member services to its target audience of industry professionals. The organization appears to be a small-sized non-profit entity focused on advocacy and resource provision within its niche market. Technically, the website is built on WordPress using the Avada theme and several plugins including Mailchimp and document embedding tools. It employs Google Analytics and Tag Manager for visitor tracking. The site is well-designed with good mobile optimization and clear navigation, though accessibility features are basic. Security posture is moderate with HTTPS enabled but lacking visible security headers and formal privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and professional presentation suggest legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

M

Městys Pozlovice

pozlovice.cz

49

Městys Pozlovice operates an official municipal website serving the local community and visitors with comprehensive information about local news, events, public notices, and services. The website targets residents, local organizations, and tourists, providing a centralized platform for community engagement and municipal communication. The business model is government/public service with a focus on transparency and accessibility. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Swiper.js, and Leaflet for interactive maps, supported by a Nette PHP framework backend. The site is hosted by REG-ZONER and uses HTTPS with a valid SSL certificate, ensuring secure communications. The design is responsive and accessible, with good SEO practices and clear navigation. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and use of reCAPTCHA to protect forms. However, it lacks some security headers and a formal incident response or vulnerability disclosure page. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism. The WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with the municipal nature of the site. Overall, the website is trustworthy, professionally maintained, and suitable for its intended audience. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance its security posture and compliance.

T

TruMerit

trumerit.org

57

TruMerit is a leading healthcare credential evaluation and certification organization with a global focus on nursing and allied health professionals. The company offers a comprehensive suite of services including credentials evaluation, verification, certification, and document management, targeting healthcare workers, recruiters, licensing authorities, and academic institutions worldwide. The website reflects a mature digital presence with multiple portals tailored for different user groups and a strong emphasis on research and thought leadership. Technically, the site is built on WordPress with modern analytics and marketing tools integrated, providing a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and anti-spam measures in place, though explicit security headers could be improved. Privacy compliance is well addressed with visible privacy and cookie policies and consent mechanisms. Overall, TruMerit presents a professional, trustworthy, and well-maintained online presence suitable for its healthcare industry role.

V

Vinařství Procházka Valtice

valtickavina.cz

65

Vinařství Procházka Valtice is a well-established family-owned winery based in the Czech Republic, specializing in the production and sale of quality Moravian wines. Founded in 1999, the company operates on 73 hectares of vineyards and produces up to 350,000 bottles annually. Their business model combines traditional wine production with modern technology, selling directly to consumers via an e-shop and a physical wine shop in Valtice. The website reflects a professional and consistent brand image, targeting wine consumers primarily within the Czech Republic. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Google Analytics, and implements appropriate mechanisms such as cookie consent and age verification for alcohol sales. Security posture is solid with HTTPS and reCAPTCHA, though some improvements in security headers and published policies are recommended. Overall, the website is trustworthy and well-positioned in its market niche.

D

DEAFCOM

deafcom.cz

48

DEAFCOM is a specialized service provider offering online sign language interpreting services primarily targeting deaf and hard of hearing individuals, as well as institutions and municipalities seeking accessibility solutions. The company positions itself as a leading European provider with a focus on barrier-free communication through technology, including mobile apps and online platforms. Their business model includes subscription packages for institutions and free services for deaf users, supported by professional interpreters and technological infrastructure. Technically, the website is built on WordPress with Elementor and incorporates modern technologies such as React for interactive components and Google Analytics for user tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers and explicit privacy policies are missing. The SSL configuration is good, ensuring secure HTTPS connections. From a security perspective, the site follows basic best practices but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces transparency and trustworthiness, though the professional presentation and consistent contact information support legitimacy. Overall, DEAFCOM presents a trustworthy and professional online presence with room for improvement in privacy compliance and security policy transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and verifying domain registration details to enhance trust and compliance.

F

Fundación ONCE

fundaciononce.es

66

Fundación ONCE is a prominent Spanish non-profit organization dedicated to the social inclusion and cooperation for people with disabilities. It operates under the Grupo Social ONCE umbrella and provides a wide range of services including training, employment support, accessibility innovation, and international cooperation. The website reflects a mature and professional digital presence with comprehensive content and strong branding consistency. Technically, the site is built on Drupal CMS with modern web technologies and integrates multiple analytics and marketing tools while maintaining good privacy compliance and security posture. Security best practices such as HTTPS, security headers, and cookie consent mechanisms are implemented, although there is room for improvement in incident response transparency and vulnerability disclosure. Overall, the website is trustworthy, well-maintained, and aligned with its mission and audience.

H

Hockey Club Les Grizzlys de Vaujany

lesgrizzlysdevaujany.com

55

Hockey Club Les Grizzlys de Vaujany is a small, community-focused amateur ice hockey club based in France. The website serves as an information hub for club news, team schedules, tournaments, and membership details, targeting local players, fans, and community members. The club appears well-established since 2017, with a consistent brand presence and active event calendar. Technically, the site uses a moderately modern technology stack including Bootstrap 3, jQuery, and various UI libraries, hosted via Gandi SAS. The site is mobile-optimized and SEO-friendly, though some technologies are slightly dated. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, but lacks advanced security headers and explicit security policies. Privacy compliance is good, with a GDPR-compliant cookie banner and a privacy policy page. Overall, the site is trustworthy and professional for its scale and purpose.

F

Fan Avenue

fanavenue.com

46

Fan Avenue is a French e-commerce retailer specializing in merchandising and derivative products related to music, cinema, TV series, and sports. Established since 2000, the company targets fans and collectors seeking licensed merchandise. The website is built on the PrestaShop platform, hosted by OVH sas, and integrates modern web technologies including Google Fonts, Google Maps API, and Google Tag Manager for analytics. The site is well structured with clear navigation and consistent branding, supporting a good user experience primarily for French-speaking audiences. From a technical perspective, the website employs HTTPS with a valid SSL certificate and domain status protections to prevent unauthorized domain transfers or deletions. However, DNSSEC is not enabled, and several recommended HTTP security headers are missing, which could be improved to enhance security posture. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR compliance details and no cookie consent mechanism detected. Security-wise, the site shows moderate maturity with no visible vulnerabilities or exposed sensitive data. The absence of a vulnerability disclosure policy or security contact channels indicates room for improvement in incident response readiness. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security practices to meet higher compliance standards. Strategic recommendations include enabling DNSSEC, implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and establishing clear incident response contacts to strengthen trust and compliance.