Security Directory

P

Paysafecard

casinopaysafecard.cz

58

The website casinopaysafecard.cz operates as an affiliate marketing platform focused on promoting online casinos that accept Paysafecard as a payment method, targeting Czech players. It provides informational content about casino bonuses, games, and payment safety, positioning itself as a niche player in the Czech online gambling market. The site uses modern web technologies and Cloudflare for hosting and security, ensuring good performance and HTTPS encryption. However, it lacks direct company contact information, terms of service, and cookie consent mechanisms, which impacts its compliance and trustworthiness. The affiliate links all redirect to a single external domain, indicating a focused but limited business model. Security posture is adequate with HTTPS and Cloudflare protection but could be improved with additional security headers and policies.

P

Panter spol. s r. o.

sennheiser.cz

52

Panter spol. s r. o. operates as the authorized distributor and reseller of Sennheiser audio products in the Czech Republic and Slovakia. The website serves as a commercial platform showcasing a broad range of audio equipment including headphones, microphones, conference systems, and accessories. The company targets both consumer and professional markets, positioning itself as a trusted local leader with a strong partnership ecosystem. The business model focuses on direct sales, authorized servicing, and support for audio technology products.

I

iQsoft

iqsoft.cz

44

iQsoft is a small Czech Republic-based web design agency established in 2001, offering services such as web design, e-shops, SEO, custom applications, webhosting, and site administration. The company targets local businesses and individuals seeking digital presence solutions. The website content is basic but relevant, showcasing references and contact information clearly. Technically, the site uses older JavaScript libraries like jQuery 1.6.2 and jQuery UI 1.8.16, hosted likely on Forpsi servers, with moderate performance and basic mobile optimization. Security posture is moderate but could be improved by updating libraries, adding security headers, and enforcing HTTPS. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms despite Google Analytics usage. Overall, the site is legitimate and stable but requires improvements in security and compliance to enhance trust and reduce risk.

D

Devo Fine Art Print

devofineartprints.com

67

Devo Fine Art Print operates an e-commerce platform specializing in limited edition, signed collectible art prints related to the band DEVO and renowned photographers. The website is built on Shopify, leveraging its secure and scalable infrastructure to provide a professional online shopping experience. The business targets collectors and fans seeking exclusive memorabilia with authenticity guarantees. Technically, the site uses modern web standards, Shopify's payment and analytics tools, and is optimized for performance and mobile devices. Security posture is strong with HTTPS and standard security headers, though explicit privacy and security policies could be enhanced. Overall, the site presents a trustworthy and niche-focused retail presence with room for improvement in privacy compliance and direct contact transparency.

P

Patrioti MSK, z. s.

patriotimsk.cz

48

Patrioti MSK is a well-established Czech non-profit organization focused on developing and supporting entrepreneurs primarily in the Moravskoslezský region and Prague. The organization fosters a business community through events, networking, mastermind groups, and educational initiatives. Their market position is strong regionally, supported by a comprehensive digital presence including podcasts and event platforms. Technically, the website is built on WordPress with modern SEO and user experience practices, showing good mobile optimization and performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates good compliance with GDPR and provides clear business and contact information, enhancing trust and credibility.

Y

YAPEAL

yapeal.ch

68

YAPEAL is a Swiss FinTech company providing embedded finance and digital business account solutions, licensed by FINMA. The website presents a professional and modern digital platform targeting businesses seeking integrated financial services such as business accounts, cards, and payment solutions. The technical infrastructure is built on Umbraco CMS with modern JavaScript and CSS technologies, and includes cookie consent management via Cookiebot. Security posture is strong with HTTPS and security headers properly implemented, though explicit privacy and terms policies are not found on the main site. Contact is primarily via forms and demo booking links, with no direct emails or phone numbers visible. Overall, the website reflects a credible and trustworthy FinTech business with good digital maturity.

Ú

Úklid J+J

uklidjj.cz

57

Úklid J+J is a professional cleaning company operating primarily in the Czech Republic, offering a wide range of cleaning services including upholstery, carpets, sofas, windows, blinds, and vehicle interiors. The company targets both residential and commercial customers across multiple cities such as Hradec Králové, Trutnov, and Prague. Their market position is that of a regional service provider with a focus on quality and customer satisfaction, supported by testimonials and detailed service pricing. Technically, the website is built on the Webnode CMS platform, hosted via Cloudfront CDN, and employs modern web technologies with good mobile optimization and SEO practices. Security-wise, the site uses HTTPS and has a cookie consent mechanism but lacks some advanced security headers and explicit GDPR compliance details. The absence of WHOIS data reduces domain trust, but the website content and business information appear legitimate and professional. Overall, the site demonstrates a moderate to good digital maturity with room for security and privacy improvements.

I

Séjour et week-end en Charente et Charente-Maritime

infiniment-charentes.com

58

The website 'infiniment-charentes.com' serves as the official tourism portal for the Charente and Charente-Maritime regions in France. It provides visitors and locals with comprehensive guides on activities, events, and local attractions, positioning itself as a practical and authentic resource for sustainable tourism. The site targets residents and tourists seeking cultural, natural, and leisure experiences in these French regions. Technically, the website is built using modern web technologies including React and utilizes Matomo for privacy-conscious analytics. Hosting is provided by OVH sas, a reputable provider, and the domain is well-maintained with appropriate registration status. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site employs HTTPS and has domain status protections to prevent unauthorized transfers or deletions. However, it lacks DNSSEC, explicit security headers, and formal vulnerability disclosure mechanisms. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards. Overall, the website is professional and trustworthy for its intended purpose but would benefit from enhanced privacy disclosures and security best practices to strengthen user trust and regulatory compliance.

S

Stará pekárna / Old Bakery

1starapekarna.cz

57

The website www.1starapekarna.cz represents a small hospitality business operating a historic boutique accommodation named 'Old Bakery' located in Znojmo, Czech Republic. The business emphasizes cultural heritage, offering guests an authentic stay in a building with a history dating back to the 13th century. Key services include lodging in restored apartments, yoga and relaxation offerings, event hosting, and a gift shop featuring local art and delicacies. The site is professionally designed with good content quality and clear navigation, targeting tourists interested in cultural and historic experiences. Technically, the website is built on the Webnode CMS platform, hosted via AWS Cloudfront CDN, and uses modern web technologies including JavaScript and CSS. It employs HTTPS with a strong SSL configuration and integrates Google Tag Manager for analytics. The site is mobile optimized and provides a moderate performance experience. However, it lacks some security best practices such as security headers and explicit privacy and cookie policies. From a security perspective, the site shows a basic but adequate posture with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to privacy protection limits domain trust verification. There are no visible incident response or vulnerability disclosure policies, which could be improved to enhance security transparency. Privacy compliance is minimal, with no clear GDPR-related policies or cookie consent mechanisms. Overall, the website is a legitimate and professionally presented small hospitality business with room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, publishing privacy and cookie policies with consent mechanisms, and providing incident response contact information to strengthen trust and compliance.

K

KnpUniversity

symfonycasts.com

64

SymfonyCasts is a specialized online educational platform offering video tutorials focused on PHP and the Symfony framework. Established since 2008, it operates under KnpUniversity and targets developers seeking structured learning paths with over 125 video tutorial courses. The platform uses a subscription-based business model and is recognized as an official and trusted source for Symfony learning. Technically, the website employs modern web technologies including JavaScript, CSS, and Stripe for payments, hosted on SymfonyCloud, ensuring fast performance and excellent mobile optimization. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is good with clear privacy and terms of service pages, but lacks a cookie consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. Overall, the site is professional, trustworthy, and safe for general audiences.

F

Facebook, Inc.

react.dev

57

React.dev is the official website for React, a leading JavaScript library for building web and native user interfaces, maintained by Meta Platforms, Inc. The site provides comprehensive documentation, learning resources, and community engagement tools targeting web developers and software engineers globally. It positions React as a foundational technology in modern frontend development with strong industry adoption and ecosystem support. The website demonstrates a mature technical infrastructure leveraging React and Next.js frameworks, optimized for performance, accessibility, and SEO. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy and cookie policies are absent. Overall, the site reflects a professional and trustworthy digital presence aligned with Meta's standards.

O

OVHcloud

ovh.co.uk

72

OVHcloud is a prominent European cloud computing and web hosting provider offering a broad portfolio of infrastructure and platform services including dedicated servers, VPS, bare metal servers, and cloud storage. The company targets businesses and developers seeking scalable and secure cloud solutions, positioning itself as a competitive player in the global cloud market. The website demonstrates a mature digital presence with multiple language versions and comprehensive service offerings. Technically, the site employs modern web technologies, custom analytics, and error monitoring tools, with good mobile optimization and accessibility features. Security posture is strong with HTTPS enforcement and certifications such as ISO 27001 and SecNumCloud, although explicit security headers and incident response details are not fully visible. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the brand recognition and content quality. Strategic recommendations include enhancing security header implementation, publishing vulnerability disclosure policies, and improving transparency on data retention. Overall, OVHcloud's website reflects a professional, secure, and business-focused cloud service provider with room for incremental security and compliance improvements.

Terciel is a digital platform associated with Terrena, a major French agricultural cooperative. The website serves primarily as a login portal for members to access their dashboards and related services. The platform is built on Drupal 10 and incorporates performance monitoring tools such as Boomerang. The site is designed with basic but consistent branding and provides clear contact information via phone for user support. However, it lacks visible privacy, cookie, or terms of service policies on the login page, which are important for compliance and user trust. From a technical perspective, the website uses modern CMS technology and includes some performance monitoring scripts. The site appears to be moderately optimized for mobile devices and accessibility but could benefit from enhanced SEO and accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers are detected, and no vulnerability disclosures or incident response information is provided. The WHOIS data for the domain is not publicly available, indicating privacy protection, which is common and justified for cooperative businesses. No suspicious patterns or legitimacy concerns are identified. Overall, the site is functional and trustworthy for its intended audience but would benefit from improved privacy compliance and security best practices. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, providing incident response contacts, and enhancing accessibility and SEO to improve user experience and compliance.

V

Vilmorin & Cie

vilmorincie.com

54

Vilmorin & Cie is a French international seed company affiliated with the Limagrain group, specializing in seed production and genetics. The company recently exited the stock market following a simplified public offer by Limagrain, indicating a strategic consolidation. Their website provides corporate information, financial publications, and press releases targeting agricultural professionals and investors. Technically, the site is built on modern web technologies including the Remix React framework, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is mostly addressed with a comprehensive privacy policy, but cookie consent mechanisms are lacking. Overall, the website reflects a professional and credible business presence with room for enhanced security and privacy features.

S

Studo GmbH

studoflow.com

78

Studo GmbH is a European software company specializing in digital solutions for higher education institutions. Their flagship product, Studo Flow, is a SaaS platform designed to help universities digitize and simplify administrative processes through modular, configurable software components. The company targets small and emerging higher education institutions, offering a user-friendly and integrable platform that supports various administrative needs. Their market position is strong as a pioneer in European higher education SaaS solutions, supported by EU and Austrian funding agencies. Technically, the website is well-constructed with modern web technologies, including Cloudflare DNS and CDN services, and uses Piwik PRO for privacy-conscious analytics. The site is mobile-optimized, fast-loading, and SEO-friendly, reflecting a mature digital infrastructure. However, some security best practices such as DNSSEC and explicit security headers could be improved. From a security perspective, the company demonstrates a solid posture with HTTPS enforcement, GDPR compliance, and support for modern authorization frameworks like OAuth, SAML, and LDAP. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit incident response contacts are areas for enhancement. Overall, the website and company present a trustworthy and professional image with a high level of business credibility and technical maturity. Strategic improvements in security headers, DNSSEC, and privacy mechanisms would further strengthen their security and compliance stance.

SVČ Lužánky is a well-established educational and leisure center based in Brno, Czech Republic, offering a wide range of activities including clubs, courses, camps, and events targeted primarily at children, youth, families, and schools. The organization operates as a non-profit entity focused on providing quality extracurricular and educational experiences. The website reflects a professional and modern digital presence, built using Next.js and React technologies, optimized for mobile devices and accessibility. It features comprehensive content, clear navigation, and integration with social media platforms, enhancing user engagement and outreach. Security posture is solid with HTTPS enforced and secure form handling, though there is room for improvement in implementing security headers and cookie consent mechanisms. The absence of WHOIS data limits domain trust assessment, but the overall site professionalism and transparency in contact information support legitimacy. Strategic recommendations include enhancing security headers, adding explicit cookie consent, and publishing incident response policies to strengthen trust and compliance.

Pražský Patriot s.r.o. operates an established Czech-language online news portal focused on Prague's local news, politics, culture, transport, and community events. The website serves residents and interested parties in Prague, providing timely news articles, event calendars, and newsletters. It maintains a consistent brand presence and leverages official news agency content, enhancing its credibility in the local media market. Technically, the site employs modern web technologies including JavaScript, Google Analytics, Google Adsense, and Gemius tracking, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced, though it lacks some advanced security headers and explicit incident response information. Privacy and cookie policies are present and indicate GDPR compliance. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear professional and legitimate. Overall, the site is a reliable local media source with moderate technical and security maturity.

A

Arammagnus s.r.o.

arammagnus.cz

59

Arammagnus s.r.o. operates an e-commerce website specializing in magical gifts, spiritual, and esoteric products such as oils, candles, incense, herbs, powders, runes, and ritual statues. The company targets customers interested in spiritual and magical goods primarily in the Czech Republic. The website is well-structured with clear navigation and product categorization, offering a good user experience and professional design. Technically, the site uses a custom e-commerce platform likely provided by ByznysWeb.cz, with modern web technologies including lazy loading and responsive design. Security posture is adequate with HTTPS and some security headers, but lacks advanced protections and published security policies. Privacy compliance is basic with a cookie consent mechanism but no dedicated privacy or terms pages. WHOIS data is missing, which raises concerns about domain registration transparency but does not directly impact the current operational status. Overall, the site is functional, safe, and serves a niche market effectively.

Parkovacilistek.cz is a Czech Republic based website operated by Erika, a.s. and parent company GLOBDATA a.s., providing mobile parking payment solutions across numerous Czech cities. The platform offers services including SMS parking payments, mobile applications ParkSimply and SEJF, and virtual parking tickets, targeting motorists seeking convenient parking payment methods. The website demonstrates a moderate level of digital maturity with ASP.NET backend, jQuery frontend, and basic SEO and accessibility features. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the site is legitimate, well-established, and trusted within its niche but would benefit from enhanced privacy and security measures.

T

Televize Natura s.r.o.

tvnatura.cz

55

TV Natura is a small Czech internet television platform focused on nature, environmental awareness, and community engagement. The website offers live streaming, archived videos, articles, and opportunities for user-generated content. The business operates as a small media entity with a non-profit or community-supported model, recently transitioning to a paid membership platform due to regulatory and financial challenges. Technically, the site uses modern web technologies including HTTPS, Bootstrap, and integrates Google Analytics and Facebook Pixel for tracking. The security posture is moderate with HTTPS enforced but lacks advanced security headers and explicit security policies. Privacy compliance is basic with a cookie consent banner and a privacy policy page, but no terms of service or incident response information is found. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information appear legitimate. Overall, the site provides a good user experience with relevant content for its target audience but would benefit from enhanced security and compliance measures.

T

Trophée Industrie Grand Ouest

trophees-industrie-grand-ouest.com

61

The website 'Trophées Industrie Grand Ouest' serves as a regional award platform recognizing top-performing industrial companies in Brittany, Normandy, and Pays de la Loire regions of France. It is positioned as a small-sized business focused on manufacturing sector awards and recognition. The site is built on the Wix platform, leveraging Wix Thunderbolt framework, and hosted by Wix, providing a moderate level of technical maturity with good mobile optimization and basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. The absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and structure appear professional and business-oriented. Contact information is limited to a phone number and postal address embedded in structured data, with no email or contact forms present. Overall, the site is functional and relevant to its target audience but requires improvements in privacy, security, and domain legitimacy verification.

A

Site not installed - OVHcloud

assojadorejadhere.fr

3

The domain assojadorejadhere.fr is registered with OVH since August 2021 and currently hosts only a placeholder page indicating that the site is not installed. There is no active business content, contact information, or policies available on the site. The hosting provider is OVH, a reputable French cloud and hosting company. The technical infrastructure is minimal, consisting of basic HTML and CSS with no advanced frameworks or CMS detected. Security posture cannot be fully assessed due to lack of content and absence of security headers or HTTPS status information. No privacy or cookie policies are present, indicating non-compliance with GDPR and related regulations. Overall, the site appears to be inactive or under development, limiting the ability to evaluate business credibility or security maturity.

S

Storck Polska

merci.pl

70

Merci.pl is the official Polish website for the merci chocolate brand, operated under the parent company Storck Polska. The site serves as a marketing and brand engagement platform, showcasing product ranges, limited editions, and interactive features for consumers in Poland. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, although explicit security policies and incident response information are absent. WHOIS data is unavailable, limiting domain trust assessment, but the website's professional presentation and brand consistency support legitimacy. Overall, merci.pl is a well-maintained retail brand site with moderate technical maturity and good privacy compliance.

The website garden-gourmet.com is currently a parked domain with no active business content or services. The domain is registered since 2019 with InterNetX GmbH and is set to expire in 2026. The site primarily serves as a landing page advertising the domain for sale, containing no privacy policies, contact information, or business details. Technically, the site uses basic HTML, CSS, and JavaScript with embedded iframes pointing to third-party ad and tracking domains. There is no evidence of HTTPS or security headers, which negatively impacts the security posture. The site lacks GDPR compliance indicators and does not provide cookie consent mechanisms. Overall, the site has low trustworthiness and poor content quality, reflecting its status as a parked domain rather than an active business website.

T

Transition Netzwerk e.V.

transition-initiativen.org

57

The website www.transition-initiativen.org represents the Transition Netzwerk e.V., a non-profit grassroots network active in Germany, Austria, and Switzerland focused on sustainability, climate protection, and social justice. It serves as a hub for over 120 local Transition Initiatives, offering educational resources, event announcements, and community engagement opportunities. The organization positions itself as a connector and supporter of local groups working towards ecological and social transformation. Technically, the site is built on Drupal 7 with jQuery and custom JavaScript, delivering a moderately performant and accessible experience. The site is mobile responsive at a basic level and includes standard SEO meta tags. Security posture is good with HTTPS enforced and CAPTCHA on login forms, but lacks advanced security headers and cookie consent mechanisms, which are recommended for GDPR compliance. The WHOIS data is unavailable or malformed, limiting domain registration transparency and trust verification. Despite this, the website content, external partnerships, and event details support the legitimacy of the organization. No signs of malicious activity or adult content were found, and the site is fully accessible without WAF or blocking mechanisms. Overall, the website is a credible and well-maintained platform for a non-profit sustainability network, with room for improvement in security headers, privacy compliance, and WHOIS transparency.

P

Precious Plastic France

preciousplastic.fr

53

Precious Plastic France is a French non-profit association dedicated to advancing ecological and social transition in the plastic economy. It operates as a community network promoting open-source recycling solutions, training, and events such as an annual festival. The organization targets professionals and the general public interested in sustainable plastic recycling. Technically, the website is built on WordPress, hosted by Alwaysdata, and uses common plugins like Contact Form 7. The site is moderately performant, mobile-optimized, and has good content quality but lacks explicit privacy and cookie policies. Security posture is decent with HTTPS enforced but could be improved by adding security headers and vulnerability disclosure mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the association.

F

Free

free.fr

58

Free is a major French telecommunications provider offering fiber internet, Wi-Fi 7, TV, fixed phone lines, and 5G mobile plans without contractual commitment. The website presents a professional and modern digital presence, leveraging Next.js and React frameworks, with excellent mobile optimization and user experience. Security posture is strong with HTTPS enforcement, security headers, and a consent management platform for GDPR compliance. However, the absence of WHOIS data and explicit contact or security policy pages slightly reduces trust from a domain registration and transparency perspective. Overall, the site is trustworthy and well-maintained, serving a large customer base in France with competitive telecom services.

J

Joanna Macy & Her Work

joannamacy.net

57

The website 'Joanna Macy & Her Work' appears to be a small-scale, non-profit or personal site hosted on the Squarespace platform. It presents minimal content with no descriptive business information or contact details. The technical infrastructure is standard for a Squarespace site, with HTTPS enabled and basic mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate due to HTTPS but lacks security headers and privacy policies. Overall, the site is accessible and safe but lacks comprehensive business and compliance information.

The website www.colibris-laboutique.org currently displays a maintenance page indicating that the online boutique is temporarily offline for updates. The lack of metadata, content, and business information suggests the site is either newly launched or undergoing redevelopment. The minimal content and absence of contact or policy pages limit the ability to assess the business comprehensively. Technically, the site uses basic CSS styling but lacks modern web technologies, security headers, and HTTPS enforcement, which are critical for e-commerce operations. The WHOIS data is unavailable due to a malformed response, preventing verification of domain ownership and legitimacy. This raises concerns about the trustworthiness and transparency of the domain registration. Overall, the site’s security posture is weak, with no visible security best practices implemented. Privacy compliance is absent, and no contact or incident response information is provided. The site is safe for general audiences but offers no business credibility or trust signals at this time.

H

Helexia

helexia.com.br

55

Helexia is a Brazilian company specializing in energy solutions with a focus on sustainable and renewable energy projects. The website is professionally designed using WordPress with Elementor and optimized with Yoast SEO, targeting business clients in the energy sector. The technical infrastructure is modern and mobile-optimized, though performance is moderate. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the website presents a credible business presence but would benefit from enhanced security and compliance documentation.

M

Mission H

mission-h.org

56

Mission H is a French educational non-profit project focused on promoting social cohesion, anti-racism education, and cultural diversity awareness among youth. It operates through interactive exhibitions, thematic educational toolkits, and international collaborations such as the Erasmus+ program. The website content is rich, well-structured, and targeted primarily at educational institutions and youth audiences. Technically, the site uses basic web technologies hosted on Infomaniak servers, with moderate performance and basic mobile optimization. Security posture is average, with domain transfer protections but lacking DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited but includes a valid organizational email. Overall, the site is trustworthy and professional but could improve in security and compliance aspects.

I

Ifremer

monlopindemer.fr

58

Ifremer is a French public research institute specializing in marine science and technology. The analyzed webpage presents the 'Mon lopin de mer' educational project aimed at raising awareness about ocean ecosystems and encouraging preservation actions among students and the public. The website is professionally designed, well-structured, and mobile-optimized, reflecting a mature digital presence. Technically, it uses Drupal CMS with modern web standards and security best practices including HTTPS and security headers. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. Business credibility is high due to official government branding, partnerships, and certifications. WHOIS data is unavailable, likely due to privacy or registry response, but this does not detract from the site's legitimacy given its governmental nature. Overall, the site is trustworthy, secure, and serves an important educational mission.

F

Faire Autrement

faire-autrement.fr

55

Faire Autrement is a French cultural festival and biennale focused on citizen and innovative ecological experiences, aiming to promote harmonious and sustainable living. The website is built on the Wix platform, leveraging Wix's hosting and standard JavaScript and CSS technologies. The site presents a professional design with good mobile optimization and basic SEO features. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data suggests privacy protection for the domain registration, which is common for event-based websites. Overall, the site is legitimate and safe but would benefit from enhanced privacy and security policies to improve trust and compliance.

S

SPECTRUM

spectrumstore.com

74

SPECTRUM is an established Italian e-commerce retailer specializing in graffiti art supplies including spray paints, markers, and accessories. The website positions itself as a community supporter with over 20 years of experience, targeting graffiti artists and enthusiasts. The business operates on the Shopify platform, leveraging modern e-commerce technologies and Cloudflare DNS services. The website demonstrates good design quality, clear navigation, and mobile optimization, providing a professional user experience. Security posture is solid with HTTPS enforced and domain transfer protection, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic with a cookie consent mechanism but lacks a published privacy policy or terms of service. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content detected.

A

association Autour du 1er mai

base-tessa.net

37

The website base-tessa.net represents a small non-profit project launched in 2021 by the association Autour du 1er mai, focused on cataloging and promoting films related to the social and solidarity economy (ESS) and ecological transition. The platform serves a niche audience interested in social innovation and sustainability through cinema. Technically, the site is built on the SPIP CMS, hosted by OVH sas, and uses Matomo for analytics. The site is accessible, with a good content structure and moderate performance, but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing security headers and no DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Overall, the domain registration is consistent and legitimate, supporting the credibility of the project.

T

theprotocol.it

theprotocol.it

67

theprotocol.it is a specialized online job portal focused on the IT sector in Poland, providing daily updated job offers and resources for both candidates and employers. The platform leverages modern web technologies such as React and Next.js to deliver a responsive and user-friendly experience. It maintains a strong security posture with HTTPS, DNSSEC, and security headers, ensuring safe browsing for users. However, the site lacks visible privacy and cookie policies, which are critical for GDPR compliance, and does not provide explicit contact information, which may affect user trust and compliance. Overall, the site is professionally designed and well-positioned in its niche market but should enhance its privacy compliance and transparency to improve trust and legal adherence.

U

U Mistra Mydláře

umistramydlare.cz

55

U Mistra Mydláře is a small family-owned business based in the Czech Republic specializing in handmade soaps, shampoos, shaving foams, and scented gifts. Established in 2012, the company emphasizes natural ingredients without chemical preservatives or dyes, targeting customers who value artisanal and natural skincare products. Their market position is that of a niche regional player with a loyal customer base, supported by certifications such as the regional product certificate and registration in the European Cosmetic Products Notification Portal (CPNP). Technically, the website is built on the Webnode CMS platform and utilizes modern web technologies including JavaScript, CSS, and HTML5. It leverages AWS Cloudfront CDN for hosting static assets and integrates Google Tag Manager for analytics and Smartsupp for live chat support. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. From a security perspective, the website enforces HTTPS with a good SSL configuration but lacks several important security headers such as Content-Security-Policy and X-Frame-Options. There is no visible cookie consent mechanism, which may impact GDPR compliance. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, although the website content and business information appear legitimate and consistent. Overall, the website presents a professional and trustworthy front for a small artisanal business but would benefit from enhanced security headers, improved privacy compliance mechanisms, and transparency in domain registration details to strengthen its security posture and trust signals.

F

FORTHEM Alliance

forthem-alliance.eu

65

FORTHEM Alliance is a European network of nine multidisciplinary public research universities focused on fostering cooperation across languages, borders, and disciplines to address societal challenges and skills shortages in Europe. The alliance provides various mobility programs, digital learning platforms, research innovation services, and collaborative labs targeting students, staff, researchers, and public organizations. The website reflects a well-structured and content-rich platform that supports the alliance's educational and research mission. Technically, the website leverages modern web technologies including React and Next.js, delivering a responsive and moderately performant user experience. The site is accessible and SEO optimized, though accessibility features could be enhanced. Security posture is solid with HTTPS enforced, but lacks explicit security headers and a cookie consent mechanism, which are recommended for improved compliance and protection. The domain WHOIS data is privacy protected by EURid, which is common for .eu domains and justified for this non-profit educational alliance. No suspicious patterns or vulnerabilities were detected. Overall, the website demonstrates a trustworthy and professional presence with room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, adding a cookie consent banner, publishing a security policy and incident response information, and enhancing accessibility features to further strengthen the website's security and compliance posture.

C

CentreForMuseums

centreformuseums.in

59

CentreForMuseums is a non-profit initiative focused on revitalizing the museum sector in India through research, management strategies, digital engagement, and sustainability planning. The organization targets museums, cultural institutions, and professionals seeking to modernize and enhance visitor experiences. The website is built on the Squarespace platform, featuring professional design and moderate performance with good mobile optimization. Security measures include HTTPS with HSTS, but the site lacks explicit privacy and cookie policies, which impacts compliance. Contact information is minimal, with only an Instagram social media link provided. Overall, the site presents a credible and focused cultural non-profit with room for improvement in privacy compliance and contact transparency.

T

The Epoch Times

theepochtimes.com

71

The Epoch Times is a large US-based media company providing breaking news, in-depth reporting, and video content focused on politics, culture, and world events. It operates a subscription and donation-based business model, targeting a general audience seeking independent news free from bias. The company maintains a strong online presence with social media integration and offers an e-Newspaper platform. Technically, the website is built on modern frameworks such as React and Next.js, leveraging CDNs and optimized image formats for fast performance and excellent mobile responsiveness. SEO and accessibility are well implemented, contributing to a professional user experience. From a security perspective, the site enforces HTTPS and includes multiple security headers, indicating a strong security posture. However, the absence of explicit privacy policies, terms of service, and incident response information represents compliance gaps. The lack of WHOIS data reduces domain trustworthiness but does not detract from the professional appearance and content quality. Overall, the website presents a low risk with good technical and content quality but would benefit from enhanced transparency and compliance documentation to improve trust and privacy compliance.

Zahadyshop.cz is a Czech e-commerce website specializing in the sale of printed and electronic magazines focused on mysteries, paranormal phenomena, health, and conspiracy theories. The business operates under the WEXBO brand, with a domain registered since 2013, indicating a stable presence in the niche media market. The website targets Czech-speaking audiences interested in mysticism and related topics, offering subscriptions and individual magazine sales. Technically, the site uses a proprietary CMS (WEXBO), modern web technologies including Google Fonts and Google Analytics, and is optimized for desktop and mobile users. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is basic but adequate, with clear privacy and cookie policies and GDPR references. Overall, the site presents a professional and trustworthy e-commerce platform with good user experience and content relevance.

T

TROPICANA - La Plage | Restaurant de plage par la Tarte Tropézienne

tropicanalaplage.com

38

The website 'TROPICANA - La Plage' represents a beach restaurant business associated with the Tarte Tropézienne brand, targeting general public and tourists in France. The site provides information about their hospitality and food services but lacks detailed business and contact information. Technically, the site is built on WordPress using the Divi theme, with moderate performance and good mobile optimization. However, the security posture is weak due to missing security headers and lack of HTTPS verification in the provided data. Privacy compliance is minimal, with no visible privacy or cookie policies, and no GDPR compliance indicators. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. Overall, the site is accessible and safe for general audiences but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

M

Myli

myli.io

63

Myli is a French SaaS company specializing in AI-powered e-reputation and customer acquisition platforms tailored for multi-location businesses, particularly in the hospitality, retail, and services sectors. The company positions itself as a leader in the French market, trusted by a significant portion of top fast food chains and recognized across various industries. Their platform offers integrated tools such as review management, presence optimization, SEO-optimized store locators, and gamification features to enhance local marketing efforts. Technically, the website is built using modern frameworks like React and Next.js, ensuring good mobile optimization, accessibility, and SEO practices. The site loads with moderate performance and employs privacy-respecting analytics (plausible.io). Security-wise, HTTPS is enforced, but explicit security headers and incident response policies are not publicly documented, suggesting room for improvement. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies including consent mechanisms. The business credibility is high, supported by client testimonials, partnerships, and consistent branding. Strategically, Myli should enhance its security transparency by publishing incident response and vulnerability disclosure policies and implementing additional security headers. These steps will strengthen trust and compliance, supporting its market leadership and growth ambitions.

D

De Bemanning comm. v.

debemanning.be

51

De Bemanning is a small Belgian creative agency specializing in design, web development, branding, and multimedia services. The company presents a professional portfolio showcasing diverse projects such as web development, campaigns, illustration, and visual identity. Their market position is that of a niche creative service provider trusted by local clients and organizations. The website is well-designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Technically, the website uses modern web technologies including ES modules, Typekit fonts, and a privacy-focused analytics service (Simple Analytics). The site is served over HTTPS with no visible security vulnerabilities or exposed sensitive data. However, it lacks some security headers and does not provide a privacy or cookie policy, which are important for GDPR compliance. The WHOIS data is restricted by the .be registry, limiting transparency but is typical for privacy protection. Security posture is generally good with HTTPS enforced and minimal third-party scripts. The absence of privacy and cookie policies and security headers are notable gaps. Contact information is clearly provided, but no incident response or security policy details are published. Overall, the website is safe, professional, and trustworthy, with room for improvement in privacy compliance and security hardening. The overall risk is low given the nature of the business and website content. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing incident response contacts to enhance compliance and trust.

I

IML spol. s r.o.

gimmexin.cz

50

IML spol. s r.o. operates the website gimmexin.cz, promoting and selling Gimmexin, a patented immunity support syrup targeted at both children and adults. The company positions itself within the healthcare supplement market in the Czech Republic, focusing on natural ingredients like turmeric and organic germanium to support immune function. The website serves as an informational and e-commerce platform, linking to pharmacy partners for purchase. Technically, the site is built on the SKY:CMS platform, employs modern web technologies, and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and cookie consent mechanisms, but lacks visible security headers and formal security policies or incident response contacts. The absence of WHOIS data for the domain is a notable concern, impacting domain trustworthiness. Overall, the site is functional and professional but would benefit from enhanced security disclosures and domain registration transparency.

N

Nadační fond Bytí pro životní filozofii a léčbu biotronikou

biovidtv.cz

44

BIOVID TV is a Czech non-profit foundation focused on spiritual ceremonies, lectures, and community activities related to the teachings of Josef Zezulka. The website serves as a broadcasting platform offering live spiritual events and an archive of past content. The organization positions itself as a niche media outlet within the spiritual and alternative medicine space, targeting a general audience interested in these topics. The business model revolves around educational and spiritual content dissemination rather than commercial sales. The website presents clear business registration information and contact details, enhancing credibility despite missing WHOIS data.

Profesní komora Sanátor is a Czech non-profit organization dedicated to the education, certification, and promotion of biotronics and complementary and alternative medicine (CAM) based on the philosophy of Josef Zezulka. The organization actively participates in international conferences and collaborates with European and global CAM associations, positioning itself as a specialized entity within the healthcare and CAM sector in the Czech Republic. The website provides comprehensive educational content, event information, and publications to support its mission. Technically, the site is built on Umbraco CMS, uses modern web technologies, and implements Google Analytics and Tag Manager for traffic analysis. The site is mobile-optimized with good navigation and content quality. Security posture is moderate with HTTPS in use and cookie consent implemented, but lacks visible security headers and explicit security policies. WHOIS data is unavailable, which impacts domain legitimacy verification. Overall, the site is professional, trustworthy, and safe for general audiences.

Shift4Shop operates as a comprehensive eCommerce platform offering shopping cart software and online store building services primarily targeting businesses and entrepreneurs seeking to establish or grow their online retail presence. The website content is fully branded under Shift4Shop, with no direct content or WHOIS data available for the domain www.3dcartstores.com, indicating that this domain may be a parked or redirect domain rather than an active business site. The platform provides a range of services including marketing tools, custom development, and payment gateway support, positioning itself as a competitive player in the eCommerce SaaS market. From a technical perspective, the website employs modern web technologies such as jQuery, Google Fonts, and Typekit fonts, and uses a proprietary framework (3dc-framework). The site is mobile optimized with good SEO practices and moderate performance. However, some accessibility features are basic, and there is room for improvement in security headers and cookie consent mechanisms. Security posture is generally good with HTTPS enforced, but the absence of security headers and vulnerability disclosure policies limits the overall security maturity. No exposed vulnerabilities or sensitive data were detected, but the lack of a cookie consent banner and security policy reduces privacy compliance. The WHOIS data for the domain is missing, which negatively impacts domain legitimacy and trustworthiness. Overall, the website is professional and trustworthy as an eCommerce platform under the Shift4Shop brand, but the analyzed domain www.3dcartstores.com lacks registration and WHOIS transparency. Strategic recommendations include implementing security headers, adding cookie consent mechanisms, publishing security and incident response policies, and clarifying domain registration to improve trust and compliance.

T

Transition Leytonstone

transitionleytonstone.org.uk

59

Transition Leytonstone is a community-driven initiative focused on environmental sustainability and improving the local area of Leytonstone. The website serves as an informational platform to engage local residents and environmentally conscious individuals. It operates as a small non-profit entity with a grassroots approach to community involvement. The site is built on the Wix platform, leveraging Wix's hosting and content management capabilities, which provides a moderate level of technical infrastructure suitable for small organizations. The website is accessible and mobile-optimized, but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing critical security headers and policies. The absence of privacy, cookie, and terms of service policies indicates a gap in compliance and user trust mechanisms. WHOIS data is unavailable due to domain naming rule violations, which raises legitimacy concerns but does not necessarily indicate malicious intent. Overall, the site is functional and serves its community purpose but requires improvements in security, compliance, and transparency to enhance trust and professionalism.

T

Terreeveille

terreveille.be

56

Terreeveille is a French-language website hosted on the Wix platform, representing a business or brand named Terreeveille. The site is professionally designed with moderate content quality but lacks detailed business descriptions, contact information, and legal policies such as privacy or terms of service. Technically, it uses Wix's Thunderbolt framework and standard web technologies, with good mobile optimization and basic SEO. Security posture is moderate with HTTPS implied but no explicit security headers detected. The absence of WHOIS data due to registry restrictions limits trust verification. Overall, the site appears legitimate but would benefit from enhanced transparency and compliance documentation.