Security Directory

F

Filmarchiv Austria

filmarchiv.at

54

Filmarchiv Austria is Austria's national film archive and cultural institution dedicated to the collection, documentation, preservation, and presentation of the country's film heritage. The organization operates a professional website offering film screenings, archival access, virtual exhibitions, and educational content targeting film enthusiasts, researchers, and the general public. The website demonstrates a high level of digital maturity, employing modern web technologies such as the Elixir Phoenix framework, Alpine.js, and Swiper.js, alongside privacy tools like Klaro for cookie consent. The site is well-structured, mobile-optimized, and provides rich multimedia content including videos and images. Security posture is solid with HTTPS enforcement and CSRF protection, though some security headers could be improved. Privacy compliance is strong with a clear privacy policy and cookie consent mechanism. No WHOIS data was available from NIC.AT, likely due to privacy protection, which is reasonable for this type of institution. Overall, the website is trustworthy, professional, and serves its cultural mission effectively.

F

Flowly.cz

libristo.pl

71

Libristo.pl is an online bookstore specializing in foreign language books, offering over 22 million titles in more than 100 languages. The business targets readers in Poland seeking foreign literature, providing a loyalty program, a 30-day return policy, and a network of pickup points. The website is professionally designed with a consistent brand presence and good content quality. Technically, it employs modern web technologies including Google Tag Manager, Cookiebot for cookie consent, Alpine.js, Swiper.js, and Tailwind CSS, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS enforced and cookie consent mechanisms, though explicit security headers and policies are not evident. The absence of WHOIS data limits domain trust assessment but the website's content and technology usage suggest legitimacy. Advertising and analytics integrations are extensive, with multiple third-party ad networks and tracking pixels in use. Privacy compliance is basic, with cookie consent but no clear privacy policy or terms of service found in the provided content.

A

Acquia

acquia.net

71

Acquia is a leading enterprise technology company specializing in cloud-based digital experience platforms. Their website presents a professional and comprehensive platform for content management, community engagement, and commerce solutions, targeting large organizations and enterprises. The company leverages modern web technologies including Drupal 10 CMS, Google Tag Manager, and Visual Website Optimizer to deliver a robust and optimized user experience. The site is well-structured, mobile-optimized, and supports multiple languages, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and use of security best practices, although explicit security policies and incident response contacts are not publicly detailed. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and trust signals indicate legitimacy. Overall, Acquia's website demonstrates a high level of digital maturity and business credibility.

B

Bundesverband Freie Darstellende Künste e.V.

darstellende-kuenste.de

58

The Bundesverband Freie Darstellende Künste e.V. (BFDK) is a prominent non-profit umbrella organization representing approximately 27,000 free performing arts professionals in Germany. The website serves as a comprehensive platform offering news, projects, advocacy information, and resources tailored to artists, cultural policymakers, and networks within the free performing arts sector. The organization is well-positioned nationally, supported by the German Federal Government's cultural office, and actively engages its community through multiple projects and social media channels. Technically, the website is built on Drupal 10, leveraging modern web technologies including Alpine.js and Matomo for analytics. It demonstrates good mobile optimization, accessibility, and SEO practices. The site employs a robust cookie consent mechanism ensuring GDPR compliance, reflecting a mature approach to privacy and user data protection. From a security perspective, the site enforces HTTPS and implements cookie consent but lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or suspicious activities were detected in the content or scripts. The WHOIS data aligns with the website's claims, showing consistent domain registration and no privacy protection, supporting legitimacy. Overall, the website presents a professional, trustworthy, and well-maintained digital presence for a cultural non-profit organization. Strategic improvements could include enhancing security headers and publishing a formal security policy to further strengthen trust and compliance.

Protecton HOLDING, a.s. is a well-established Czech security services company founded in 2017, offering a broad range of security-related services including personal protection, monitoring, technical solutions, and event security. The company operates with a large workforce and manages multiple subsidiaries, positioning itself as a significant player in the Czech security market. The website reflects a professional and consistent brand image targeting businesses and individuals seeking reliable security solutions. Technically, the website employs modern JavaScript frameworks such as Alpine.js and Livewire, integrates Google Tag Manager for analytics, and is hosted likely with WEDOS, a Czech hosting provider. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks explicit security policies or incident response contacts. No critical vulnerabilities or suspicious content were detected, and WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website demonstrates a solid digital presence with room for improvement in security transparency and incident response readiness.

A

Actierra

actierra.fr

61

Actierra is a French consulting engineering firm specializing in ecological transition and sustainability. With over 300 experts and 17 agencies, it operates as a subsidiary of Ingérop and focuses on delivering environmentally responsible and resilient projects. The company offers a broad range of services including climate, biodiversity, water expertise, and regulatory environment consulting. The website reflects a mature digital presence built on WordPress with modern JavaScript frameworks and SEO optimization. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is privacy protected, typical for consulting firms, and no suspicious indicators are found. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

I

Ingérop

ingerop.fr

55

Ingérop is a well-established French engineering and consulting group with over 60 years of experience, specializing in construction, infrastructure, energy, and transport sectors. The company operates internationally with multiple subsidiaries across Europe, Africa, Asia-Pacific, and the Americas, positioning itself as an independent reference in the engineering market. The website reflects a professional digital presence with a modern WordPress-based infrastructure, leveraging SEO and performance optimization tools. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data limits full trust verification but does not detract significantly from the company's apparent legitimacy. Overall, Ingérop demonstrates a mature business and digital footprint suitable for its industry and scale.

I

Inforca

inforca.mc

48

Inforca is a Monaco-based Enterprise Services Network (ESN) specializing in digital transformation services for businesses in Monaco and France. The company positions itself as a leading digital solutions provider in the Monaco market, offering expertise and realizations tailored to its target audience. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site leverages modern technologies including Alpine.js, Tailwind CSS, and the Ibexa CMS platform, with privacy-focused analytics via Matomo and a robust cookie consent mechanism using Tarte Au Citron. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website demonstrates a mature digital presence aligned with business goals and compliance requirements.

F

Fondation pour la Nature et l’Homme

fnh.org

73

Fondation pour la Nature et l’Homme is a well-established French non-profit foundation recognized as a public utility, dedicated to environmental awareness and ecological action. The organization operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. Their digital presence is professional and content-rich, targeting a broad audience interested in ecological and social sustainability. The website supports donations with clear tax deduction information and multiple giving options, reflecting a mature fundraising model. Technically, the website is built on WordPress with modern JavaScript frameworks such as Alpine.js and HTMX, and integrates advanced analytics tools including Google Tag Manager, Microsoft Clarity, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be explicitly verified and enhanced. No WHOIS details are available due to privacy protection, which is common and justified for non-profit entities. The website shows no signs of blocking or WAF challenges, allowing full content access. Privacy and cookie policies are comprehensive and GDPR compliant, but explicit contact emails and phone numbers are not publicly listed, relying instead on contact forms and social media channels. Overall, the foundation demonstrates a strong security and compliance posture appropriate for its sector, with a trustworthy and professional online presence. Strategic improvements could focus on enhancing security header implementation and incident response visibility.

C

Commune de Kopstal

kopstal.lu

50

The Commune de Kopstal website serves as the official digital presence for the local government of Kopstal, Luxembourg. It provides residents and visitors with comprehensive information about municipal services, news, events, publications, and administrative procedures. The site is well-structured, professionally designed, and targets local citizens and stakeholders. The business model is typical of a government entity focused on public service delivery and community engagement. Technically, the website is built on Drupal 10, leveraging modern web technologies including Tailwind CSS and Alpine.js for frontend interactivity. It integrates Piwik PRO for analytics and Usercentrics for GDPR-compliant cookie consent management, indicating a mature digital infrastructure with attention to privacy and user experience. The site is mobile-optimized and accessible, with good SEO practices. From a security standpoint, the site enforces HTTPS and implements cookie consent mechanisms. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. The absence of WHOIS data due to a failed query reduces domain registration transparency, though the official .lu domain and consistent branding support legitimacy. Overall, the website is a reliable and professional government portal with strong content and technical foundations but could enhance its security posture and transparency regarding domain registration and privacy policies.

A

Amasty

amasty.com

76

Amasty is a well-established Magento 2 extension developer and ecommerce service provider with over a decade of market presence. The company offers a broad portfolio of Magento 2 Hyva-compatible plugins and professional development services aimed at improving ecommerce store performance and functionality. Their market position is strong within the Magento ecosystem, targeting ecommerce businesses and developers seeking reliable Magento solutions. Technically, the website demonstrates modern frontend technologies including Alpine.js and Hyvä UI, with Cloudflare DNS and CDN services ensuring performance and security. The site is mobile-optimized, SEO-friendly, and provides a smooth user experience. Security posture is solid with HTTPS, domain transfer protection, and no visible vulnerabilities, although DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, including GDPR. Recommendations include enabling DNSSEC, publishing security policies, and adding a vulnerability disclosure page to enhance transparency and security readiness.

L

LuxDev

luxdev.lu

60

LuxDev is the Luxembourg agency for development cooperation, operating for over 45 years across Africa, Asia, Latin America, and Europe. The agency focuses on sustainable development, capacity building, climate action, digitalisation, and finance impact projects. Their market position is strong as a government agency with a medium-sized operational footprint and a clear mission to eradicate poverty and promote inclusive development. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site is built on Drupal 10 with modern JavaScript frameworks like Alpine.js and uses Matomo for privacy-respecting analytics. Hosting is managed via EuroDNS nameservers, and the site is well-optimized for performance and mobile devices. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are not publicly disclosed. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie and privacy policies. The absence of direct contact information in the provided content is noted but may exist elsewhere. The domain WHOIS data aligns well with the agency's legitimacy and history. Strategically, LuxDev should consider publishing explicit security policies and incident response contacts to enhance trust further. Continuous monitoring of security headers and vulnerability disclosures will maintain a strong security posture.

F

Fondation pour la Nature et l’Homme

fondation-nature-homme.org

69

Fondation pour la Nature et l’Homme is a well-established French non-profit organization dedicated to environmental awareness and ecological solutions. The foundation operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. It engages a broad audience including volunteers, donors, and citizens, leveraging digital platforms and partnerships to amplify its impact. The website reflects a mature digital presence with modern technologies and comprehensive content supporting its mission. Technically, the website is built on WordPress with advanced JavaScript frameworks like Alpine.js and HTMX, and integrates analytics tools such as Microsoft Clarity, Google Tag Manager, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security posture is good with HTTPS enforced and consent management implemented, though some security headers could be explicitly added for enhanced protection. The absence of WHOIS data limits domain registration trust verification, but the website's branding, certifications, and external references strongly support its legitimacy. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the foundation demonstrates a strong commitment to transparency, privacy compliance, and user engagement. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and security posture.

D

DialOnce

dial-once.com

66

DialOnce is a French technology company specializing in AI-powered omnichannel customer service agents designed to automate and enhance client interactions across multiple sectors including banking, insurance, transport, and public services. The company positions itself as a leader in the French market with over 10 years of expertise and a strong portfolio of enterprise clients. Their solutions include omnichannel AI agents, visual IVR (SVI Visuel), and augmented advisor tools integrated with CRM and CCaaS platforms. Technically, the website demonstrates a mature digital infrastructure leveraging modern web technologies such as Cloudinary for media, HubSpot for marketing and analytics, and Cookiebot for consent management. The site is well-optimized for mobile and SEO, with fast performance and good accessibility. Security posture is strong with HTTPS, reCAPTCHA Enterprise, and cookie consent, though explicit security policies and incident response contacts are not published. The domain is recently registered with privacy protection, consistent with a professional tech company. Overall, DialOnce presents a credible, professional, and trustworthy digital presence with strong business and technical foundations.

M

Moshbit GmbH

moshbit.com

11

Moshbit GmbH operates a professional website offering Controlling as a Service, primarily targeting tech-oriented startups and small to medium-sized enterprises (KMUs) in Austria and German-speaking markets. Their key services include financial planning, forecasting, dashboards, KPI tracking, investment calculations, and strategic consulting. The company presents itself as a niche service provider with a focus on efficient and tailored financial controlling solutions, leveraging their proprietary CoreControlling® tool. The website is well-branded, consistent, and provides clear service descriptions and team information, enhancing business credibility. Technically, the website uses modern frontend technologies such as Tailwind CSS and Alpine.js, with assets hosted on Amazon S3, indicating a modern and scalable infrastructure. The site is mobile-optimized, fast-loading, and accessible, with good SEO practices. However, some security best practices like DNSSEC and security headers are not implemented, representing minor improvement areas. From a security perspective, the site enforces HTTPS and has domain transfer protections, but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is partially met with a privacy policy present, but no cookie consent mechanism is detected. Contact information is primarily via a web form, with no direct emails or phone numbers listed. Social media presence is limited to LinkedIn profiles of key team members. Overall, the website is professional, trustworthy, and well-suited for its target audience, but could enhance security posture and privacy compliance by implementing additional security headers, DNSSEC, cookie consent, and incident response disclosures.

A

Agreenium

agreenium.fr

63

Agreenium is a French non-profit alliance focused on education and research in agriculture, food, environment, and global health. The organization provides a comprehensive platform for educational resources, doctoral and international research training, and thematic research coordination. The website is built on Drupal 10 and uses modern frontend technologies including Alpine.js and Swiper.js, with Matomo analytics for privacy-conscious user tracking. The site is well-designed, mobile-optimized, and offers clear navigation and professional content targeted at students, researchers, and professionals in related fields. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit privacy and cookie policies. WHOIS data is missing, which reduces domain trustworthiness, but the website content and social media presence support legitimacy. Overall, the site is a valuable resource in its sector but would benefit from enhanced transparency on privacy and security policies.

R

Rewora

rewora.io

66

Rewora is a technology company specializing in customer experience tools designed to boost sales and build trust through authentic product and store reviews, Q&A forums, and business intelligence analytics. The company targets e-commerce businesses seeking to increase conversion rates and customer loyalty by leveraging social proof and advanced review management features. The website presents a professional and modern digital presence with clear branding and comprehensive service descriptions. Technically, the site employs modern JavaScript frameworks such as Alpine.js and HTMX, integrates analytics tools like Google Tag Manager and Hotjar, and is hosted with Cloudflare DNS services, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent banner. However, the absence of a terms of service page and explicit security or incident response policies are gaps to address. Overall, the domain registration data aligns with the business profile, indicating a legitimate and consistent startup operation launched in 2023.

eMD Plugins, operated by eMarket Design LLC, offers enterprise-grade WordPress plugins designed to provide robust, reliable, and feature-rich solutions for businesses ranging from startups to large corporations. The company emphasizes ease of use, customization without coding, and exceptional support to empower customers in building successful online presences. The website reflects a mature business with a consistent brand and a clear focus on technology and software solutions for WordPress. Technically, the website leverages modern JavaScript frameworks such as Alpine.js, Swiper.js, and MeiliSearch for search functionality, hosted with Cloudflare DNS and registered via Amazon Registrar. The site is mobile-optimized, fast-loading, and SEO-friendly, with a professional design and clear navigation. Analytics are handled via Matomo, indicating a moderate level of user tracking with some privacy considerations. From a security perspective, the site uses HTTPS with good SSL configuration and domain status locks to prevent unauthorized changes. However, it lacks DNSSEC and explicit security headers, and no public security or incident response policies are found. Privacy compliance is partially addressed with a comprehensive privacy policy and terms of service, but no cookie consent mechanism is present. No vulnerability disclosure or security.txt files are published. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security headers, DNSSEC, cookie consent, and incident response transparency would enhance trust and compliance further.

D

DEVO

clubdevo.com

62

The website clubdevo.com serves as the official online presence for the iconic band DEVO, providing fans and visitors with news, tour dates, music, and multimedia content. The site integrates third-party services such as Bandsintown for live event tracking and offers links to official merchandise and galleries. The business model centers on entertainment, fan engagement, and merchandise sales, positioning DEVO as an established band with a dedicated audience. The website's content is professionally presented with consistent branding and a focus on user experience.

A

Atelier Anamorphose / Agence Anamorphose

anamorpho.se

10

Anamorphose is a French hybrid social enterprise combining an artistic association and a social mission agency focused on inclusion, upcycling, and artistic rehabilitation of objects and spaces. The company targets artists, enterprises, local authorities, and associations, positioning itself as a niche player in the Lyon metropolitan area. The website is built on WordPress with a modern tech stack including Alpine.js and Leaflet.js, hosted by OVH.net. It features GDPR-compliant cookie consent and uses Matomo analytics for privacy-conscious tracking. Security posture is solid with HTTPS and cookie management, though DNSSEC is not enabled and some security headers are missing. No critical vulnerabilities or exposed sensitive data were found. The domain is newly registered but consistent with the business profile. Overall, the website is professional, trustworthy, and compliant with privacy regulations.

C

Cairn.info

cairn.info

56

Cairn.info is a leading digital publishing platform specializing in humanities and social sciences publications, primarily serving French-speaking researchers, academics, and institutions. The platform offers access to a wide range of academic journals, books, magazines, and dossiers, positioning itself as a key resource in its sector. The website is professionally designed, mobile-optimized, and provides advanced search and thematic browsing capabilities, enhancing user experience and accessibility. Technically, the site employs modern web technologies including Alpine.js and Laravel Livewire, with bot protection via Datadome and progressive loading indicators. The infrastructure supports a responsive and accessible user interface with good SEO practices. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS, includes standard security headers, and protects user input forms with CSRF tokens. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy and cookie policies are comprehensive and GDPR compliant, though explicit security policies and incident response contacts are not published. Overall, Cairn.info demonstrates a mature digital presence with strong content quality and security posture. The lack of public WHOIS data is consistent with privacy regulations and does not detract from the platform's legitimacy. Strategic recommendations include publishing dedicated security and incident response policies and enhancing transparency around vulnerability disclosures.

E

Emmaüs

label-emmaus.co

62

Label Emmaüs is an ethical and solidarity-driven e-commerce platform affiliated with the Emmaüs association in France. The website offers a variety of second-hand and vintage products including clothing, books, vinyls, reconditioned smartphones, and artisan goods, targeting consumers interested in responsible consumption and social causes. The platform positions itself as a militant e-shop, emphasizing sustainability and social impact. Technically, the site employs modern JavaScript frameworks such as Alpine.js and HTMX, along with Tailwind CSS for styling, and integrates advanced monitoring and analytics tools like New Relic and Klaviyo. The website is well-optimized for mobile devices and includes comprehensive privacy and cookie policies with active consent management, reflecting good GDPR compliance. Security-wise, the site uses HTTPS with appropriate security headers and content security policies, though it lacks a publicly available security policy or incident response information. Overall, the domain registration data aligns with the website's claims, supporting its legitimacy and trustworthiness.

X-plose BVBA is a Belgium-based small technology company specializing in fully managed Linux web hosting services, including managed VPS and shared hosting. Established in 2004, the company targets B2B clients such as agencies, government authorities, software companies, and startups, emphasizing quality, personalized service, and strong SLAs. The website reflects a professional and consistent brand image with clear service offerings and client trust indicators. Technically, the site uses modern frontend technologies like Alpine.js and Tailwind CSS, integrates Google Tag Manager and TruConversion for analytics and marketing, and is built on the Statamic CMS platform. The website is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security posture is good with HTTPS enforced and cookie consent implemented; however, explicit security headers and formal privacy and terms policies are missing. WHOIS data confirms the legitimacy and consistency of the business identity and domain age. Overall, the website is professional and trustworthy but could improve privacy compliance and security header implementation.

T

TAZ Verlags- und Vertriebs GmbH

taz.de

66

TAZ Verlags- und Vertriebs GmbH operates taz.de, a well-established German left-leaning independent news media website founded in 1992. The site offers critical journalism including analyses, commentaries, interviews, and reportages, targeting a general audience interested in progressive news. The business model combines subscription services and advertising revenue, supported by a cooperative structure. The website demonstrates a mature digital infrastructure with modern JavaScript frameworks like Alpine.js, Cash DOM, and uses Google Publisher Tag for advertising and Matomo for analytics. Mobile optimization and accessibility are well implemented, providing a good user experience. Security posture is strong with HTTPS enforced and consent mechanisms for cookies, though explicit security headers could be confirmed. Privacy compliance is robust with clear privacy and cookie policies in German, aligned with GDPR requirements. WHOIS data is consistent with the business claims, showing legitimate domain registration and hosting in Berlin. Overall, the site is professional, trustworthy, and secure, with no critical vulnerabilities detected.

N

nova-Art s.r.o.

novaart.cz

51

Nova-Art s.r.o. is a Czech-based event and artistic agency specializing in organizing events, representing artists across various genres, and providing own production services such as concert production and dubbing studios. The company targets corporate clients and event organizers, leveraging an extensive network of artists and creative professionals. The website reflects a mature business with professional branding and a clear service offering. Technically, the site uses modern JavaScript frameworks like Alpine.js, integrates Google Tag Manager and Analytics, and employs Cloudflare Turnstile captcha for form security. The site is mobile-optimized and well-structured, providing a positive user experience. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers and incident response information are lacking. The absence of WHOIS data for the domain is a concern for domain legitimacy but does not detract from the professional presentation of the business. Overall, the website is trustworthy, compliant with GDPR, and serves its business purpose effectively.

Tlapnet s.r.o. operates a customer portal primarily serving its telecommunications customers in the Czech Republic. The portal provides login access for customers to manage their services such as internet, television, and VOIP. The website is professionally designed with a clear structure and good mobile optimization, leveraging modern JavaScript libraries and frameworks including jQuery, Bootstrap, Alpine.js, and the Nette Framework. The domain registration and hosting are consistent with the company's Czech location and business profile, indicating legitimacy and stable operation since 2019. From a security perspective, the site uses secure form practices such as POST method and password input types, but lacks visible HTTP security headers and explicit privacy or cookie policies, which are important for GDPR compliance. No WAF or blocking mechanisms were detected, and the site content is fully accessible and safe for general audiences. Contact information is clearly provided, enhancing business credibility. Overall, the website demonstrates a moderate to good security posture but would benefit from implementing formal privacy and cookie policies, security headers, and vulnerability disclosure mechanisms to improve compliance and trust. The technical infrastructure is modern but could be enhanced with better accessibility and SEO optimizations. The risk level is moderate with no critical vulnerabilities detected in the visible content.

D

D.A.S. právní ochrana

das.cz

70

D.A.S. právní ochrana is a Czech-based legal protection insurance provider with over 20 years of market presence, offering a range of legal insurance products tailored for private individuals, employees, families, and drivers. The company operates under the ERGO Versicherung Aktiengesellschaft pro ČR umbrella, providing comprehensive legal services and insurance packages with clear pricing and accessible customer support. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Alpine.js, Swiper.js, and various analytics and marketing tools. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, the absence of a publicly accessible privacy policy and WHOIS data transparency slightly reduce trust levels. Overall, the site demonstrates a mature digital presence suitable for its industry and audience.

G

Genentech

gene.com

77

Genentech is a leading biotechnology company specializing in biopharmaceutical research and development, serving healthcare professionals, patients, and investors. The website reflects a mature enterprise with consistent branding and comprehensive content focused on breakthrough science and patient care. Technically, the site employs modern JavaScript libraries, integrates Google Tag Manager for analytics, and uses OneTrust for cookie consent, indicating a strong digital maturity. Security posture is robust with HTTPS, security headers, and privacy compliance, though explicit security and incident response policies are not publicly detailed. Overall, the site is trustworthy and professionally maintained, with minor gaps in public security disclosures.

F

Futura DDB

futuraddb.com

56

Futura DDB is a well-established integrated advertising agency based in Slovenia, offering a comprehensive suite of marketing services that blend digital and traditional approaches. Their market position is strong, supported by a notable client portfolio including major brands such as McDonald's Slovenija and Merkur, and multiple industry awards like the Agency of the Year title awarded 14 times. Their key services include branding, digital product development, communications, gaming and e-sport marketing, and media planning. The website reflects a professional and modern digital presence with excellent design quality and user experience, optimized for mobile devices and enriched with multimedia content.

F

Futura DDB

futura.si

55

Futura DDB is a professional integrated advertising agency based in Slovenia, offering a comprehensive range of marketing services including branding, digital product development, communications, gaming and e-sport marketing, and media planning. The company positions itself as a market leader with multiple industry awards, targeting businesses seeking integrated digital and traditional marketing solutions. The website reflects a mature digital presence with modern technologies such as Alpine.js, Livewire, and Google Analytics integrated for performance and user tracking. The site is well-optimized for mobile and desktop users, providing a seamless user experience with clear navigation and professional design. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place; however, the absence of security headers and WHOIS registration data introduces some risk factors. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and security policies.

W

Weland Solutions AB

welandsolutions.com

65

Weland Solutions AB is a Swedish company specializing in warehouse automation solutions, including compact lift automats and associated software products such as Compact Store and Compact Talk. The company targets manufacturing, logistics, and e-commerce sectors, offering hardware, software, and support services. Their market position is that of an established medium-sized business with over 25 years of experience, providing tailored solutions to optimize warehouse operations. Technically, the website employs modern JavaScript frameworks like Alpine.js, integrates Google Tag Manager and Cookiebot for analytics and privacy compliance, and uses Umbraco CMS. The site is well-designed, mobile-optimized, and accessible, with clear navigation and professional content. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are published. Privacy compliance is good with a comprehensive privacy policy and cookie consent mechanism. However, WHOIS data is missing, which reduces domain registration transparency and slightly impacts trustworthiness. Overall, the website is professional and trustworthy but could improve in security transparency and domain registration clarity.

T

TLAPNET s.r.o.

tlapnet.cz

57

TLAPNET s.r.o. is a Czech Republic-based internet service provider offering residential and business internet, television, mobile tariffs, and corporate solutions. The company emphasizes stable and fast internet with zero initial costs, 24/7 customer support, and promotional discounts. Their market position is that of a regional ISP with a focus on customer proximity and technical support. The website is professionally designed with clear navigation and good content quality, targeting both residential and business customers in the Czech Republic. Technically, the website employs modern JavaScript frameworks such as Alpine.js and integrates multiple analytics and marketing tools including Google Tag Manager, Facebook Pixel, Microsoft Clarity, and Smartsupp Chat. The site is mobile optimized and uses HTTPS with good SSL configuration. However, no explicit security headers were detected, and no CMS or hosting provider information was found. Cookie consent is implemented with express consent mechanisms, indicating good privacy compliance. From a security perspective, the site shows good practices such as HTTPS enforcement and cookie consent but lacks published security policies or incident response contacts. The absence of WHOIS data for the domain reduces trustworthiness and raises questions about domain registration legitimacy. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, TLAPNET’s website presents a professional and trustworthy front for their ISP services, but the lack of WHOIS transparency and some missing security headers suggest areas for improvement. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and verifying domain registration details to improve trust and compliance.

S

SYNOT Group

synotgroup.com

67

SYNOT Group is a well-established international gaming technology company with over 26 years of experience, operating in more than 45 countries. The company offers a comprehensive portfolio of gaming products and solutions for both land-based casinos and online gaming platforms, including games, cabinets, jackpots, casino management systems, and omni-channel platforms. Their market position is strong, supported by multiple licenses, certifications, and partnerships with major industry players. Technically, the website is modern, fast, and mobile-optimized, leveraging contemporary JavaScript frameworks and analytics tools. Security posture is solid with HTTPS, cookie consent, and privacy policies in place, though explicit security headers could be better documented. The absence of WHOIS data for the domain is a notable concern, slightly impacting trustworthiness, but the overall business credibility remains high based on website content and transparency. Strategic recommendations include improving WHOIS transparency, publishing incident response contacts, and enhancing security header implementation.

C

Cirio 1856

cirio1856.pl

62

Cirio 1856 is a well-established brand specializing in authentic Italian tomato and vegetable products, targeting both consumers and business clients in Poland and internationally. The website reflects a professional presence with a clear product catalog and multi-language support, indicating a mature digital footprint. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall brand consistency and content quality support legitimacy. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving contact transparency to strengthen trust and compliance.

C

Conserve Italia Soc. coop. agricola

cirio1856.fr

63

Cirio1856 is a well-established Italian food brand specializing in authentic tomato and vegetable products sourced from a large network of Italian farmers and cooperatives. The website serves both consumers and professional clients, offering detailed product information, recipes, and business partnership opportunities. The brand is positioned as a premium supplier with a heritage dating back to 1856, supported by its parent company Conserve Italia. Technically, the website is built on WordPress with modern SEO and accessibility features, integrating third-party services like Cookiebot for privacy compliance and Google Analytics for tracking. Security posture is strong with HTTPS and cookie consent mechanisms, though additional security headers could enhance protection. The absence of WHOIS data limits domain registration insights, but the website's professionalism and brand consistency support its legitimacy. Overall, the site provides a secure, user-friendly experience with comprehensive content relevant to its market.

E

European Bioinformatics Institute

ebi.ac.uk

70

The European Bioinformatics Institute (EMBL-EBI) is a leading non-profit research organization specializing in bioinformatics and life sciences data services. As part of the European Molecular Biology Laboratory, it serves a broad scientific community by providing open access to biological data resources, research, and training. The website reflects a mature digital presence with comprehensive content, clear navigation, and a strong focus on scientific collaboration and education. Technically, the site employs modern web technologies including Alpine.js and a custom EMBL visual framework, ensuring good performance, accessibility, and SEO optimization. The presence of structured data (JSON-LD) enhances search engine understanding and user experience. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and a published security policy are absent. Privacy compliance is well addressed with clear privacy and cookie policies and a consent mechanism, aligning with GDPR requirements. Business credibility is high, supported by detailed contact information, official affiliations, and consistent branding. However, the lack of WHOIS data limits domain registration trust analysis, though the overall legitimacy is strongly supported by the website content and organizational transparency. Overall, EMBL-EBI’s website is a professional, secure, and trustworthy platform that effectively supports its mission to advance bioinformatics research and data sharing.

E

European Molecular Biology Laboratory

embl.org

68

The European Molecular Biology Laboratory (EMBL) is a prestigious intergovernmental research organization headquartered in Heidelberg, Germany, with multiple sites across Europe. Founded in 1974, EMBL focuses on fundamental molecular biology research, scientific services, training, and fostering collaboration across member states. The organization serves a broad audience including scientists, researchers, students, and industry partners, positioning itself as a leading European life sciences laboratory with global impact. Technically, the EMBL website is well-constructed using modern web technologies such as HTML5, CSS3, JavaScript, and Alpine.js. It employs CDNs for efficient content delivery and integrates Google Analytics for user behavior insights. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, demonstrating compliance with privacy regulations such as GDPR. However, explicit security headers and published security policies or incident response information are absent, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, EMBL's website reflects a high level of professionalism, trustworthiness, and compliance, supporting its reputation as a leading scientific institution. The lack of WHOIS data due to privacy protection is consistent with the organization's profile and does not detract from its legitimacy.

G

Grafana Labs

grafana.com

79

Grafana Labs is a leading technology company specializing in open source analytics and monitoring solutions, primarily targeting developers, IT professionals, and enterprises seeking comprehensive observability platforms. The company offers a robust suite of products including Grafana Cloud and open source tools such as Grafana, Loki, and Tempo, enhanced with AI/ML capabilities for anomaly detection and root cause analysis. Recognized as a leader in the 2025 Gartner Magic Quadrant for Observability Platforms, Grafana Labs maintains a strong market position with a focus on cloud-based and enterprise solutions. Technically, the website is built using modern technologies including the Hugo static site generator, Alpine.js for interactivity, and Tailwind CSS for styling, hosted on Amazon AWS infrastructure. The site demonstrates excellent performance, mobile optimization, and accessibility, supported by comprehensive SEO practices. Privacy compliance is well addressed with a detailed privacy policy, cookie consent mechanisms via OneTrust, and GDPR adherence indicators. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. While no explicit security policy or incident response contacts are published, the domain registration data is consistent and trustworthy, with clientTransferProhibited status and no privacy protection masking registrant details. Minor improvements could include enabling DNSSEC and publishing a security.txt file to enhance vulnerability disclosure transparency. Overall, Grafana Labs presents a professional, secure, and privacy-conscious digital presence aligned with its enterprise-grade observability solutions. The website effectively supports its business model and target audience, with strong trust signals and technical maturity.

G

Grafana Labs

grafana.net

79

Grafana Labs is a leading technology company specializing in open source analytics and monitoring solutions, primarily targeting developers, IT professionals, and enterprises seeking comprehensive observability platforms. The company offers a robust suite of products including Grafana Cloud, Loki for logs, Tempo for tracing, and Mimir for metrics, complemented by AI/ML insights and alerting capabilities. Recognized as a leader in the 2025 Gartner Magic Quadrant for Observability Platforms, Grafana Labs maintains a strong market position with a focus on innovation and customer-centric solutions. Technically, the website is built using modern technologies such as the Hugo static site generator, Alpine.js for interactivity, and Tailwind CSS for styling, hosted on AWS infrastructure. The site demonstrates excellent performance, mobile optimization, and accessibility, supported by comprehensive SEO and metadata implementations. Privacy compliance is robust, featuring detailed privacy and cookie policies with active consent mechanisms. From a security perspective, the site enforces HTTPS with strong SSL configurations and includes essential security headers. While no explicit security policies or incident response contacts are published, the domain registration data is transparent and consistent with the company's history, enhancing trustworthiness. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Grafana Labs presents a professional, secure, and compliant digital presence aligned with its enterprise stature. Strategic recommendations include enabling DNSSEC, publishing formal security policies, and establishing a vulnerability disclosure program to further enhance security posture and stakeholder trust.

D

Dan Sinker

dansinker.com

54

Dan Sinker's website is a well-designed personal brand platform showcasing his work as a journalist, multimedia artist, and podcast producer. The site features rich content including blog posts, podcast links, and a merchandise shop, targeting a general audience interested in indie culture and journalism. The technical infrastructure leverages modern JavaScript frameworks like Alpine.js, external services for email subscription and analytics, and is optimized for mobile and performance. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are missing. Privacy compliance is minimal with no visible privacy or cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

T

Tinylytics

tinylytics.app

69

Tinylytics is a privacy-focused analytics platform launched in 2023, targeting small websites, blogs, and personal projects. It offers GDPR-compliant, cookie-free tracking with features such as uptime monitoring, SSL and domain monitoring, automated insights, and customizable public stats pages. The business operates on a SaaS subscription model with a free tier and paid plans, emphasizing simplicity and privacy. The founder, Vincent Ritter, is prominently associated with the platform, providing personal support and transparency. Technically, the website is built on a modern Ruby on Rails stack with a rich JavaScript ecosystem including Turbo Rails, Stimulus, Tailwind CSS, and Chart.js. The site is performant, mobile-optimized, and accessible, with strong SEO and metadata implementation. Hosting is claimed to be in Europe, aligning with the privacy and GDPR compliance focus. Security posture is strong with HTTPS enforced, multiple security headers, and no use of cookies or PII collection. However, formal security policies and vulnerability disclosure mechanisms are not publicly documented, representing an area for improvement. The domain registration is consistent with the business claims, and no suspicious patterns were detected. Overall, Tinylytics presents a trustworthy, professional, and privacy-conscious analytics service with a clear market niche. Strategic recommendations include publishing formal security and incident response policies, adding vulnerability disclosure information, and considering certifications to enhance trust further.

David Jonathan Ross operates a specialized type foundry website offering a variety of digital font products and memberships such as the Font of the Month Club. The business targets designers and typographers with a niche market presence. The website is professionally designed with excellent content quality and clear navigation, supporting a positive user experience. Technically, the site uses modern JavaScript libraries like Alpine.js and Swiper.js, and employs HTTPS with a stable domain registration dating back to 1995, indicating a mature digital presence. However, some security best practices such as DNSSEC and security headers are not implemented, and privacy compliance could be improved by adding cookie consent mechanisms. Overall, the site is trustworthy and functional but could enhance its security posture and privacy transparency.

F

Festivaly.eu

festivaly.eu

46

Festivaly.eu is an online platform dedicated to aggregating and promoting music festivals and concerts primarily across Europe. The website offers users comprehensive event information including performers, venues, ticketing options, and accommodation details. It targets music enthusiasts looking to discover and attend festivals and concerts in the European region. The platform integrates modern web technologies such as Alpine.js and leverages structured data (JSON-LD) to enhance SEO and event discoverability. It also supports Spotify login for personalized artist discovery. The website is hosted with reliable infrastructure, including Amazon S3 for media assets, and employs HTTPS with good security practices.

G

Gulfood Manufacturing

gulfoodmanufacturing.com

68

Gulfood Manufacturing is a premier global event focused on the food and beverage manufacturing industry, connecting thousands of exhibitors and visitors worldwide. The website presents a professional, content-rich platform showcasing event details, exhibitor information, and registration options. The technical infrastructure leverages modern JavaScript frameworks, analytics, and marketing tools, ensuring a responsive and engaging user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a concern but does not detract from the site's professional presentation and operational legitimacy. Overall, the site effectively supports the business objectives of event promotion and industry networking.

C

Capital Brief Pty Ltd

capitalbrief.com

67

Capital Brief Pty Ltd operates a professional Australian media website focused on business and political news for the new economy. The site targets founders, executives, investors, and policymakers in Australia, providing subscription-based newsletters and digital content. Owned by Scire, an independent media company, Capital Brief demonstrates a clear market niche with a strong focus on Australian economic and political developments. The website is well-branded, professionally designed, and regularly updated with relevant content. Technically, it employs modern web technologies including Stripe for payments, Sentry for error monitoring, and Alpine.js for frontend interactivity, hosted likely behind Cloudflare infrastructure. Security posture is good with HTTPS and security headers, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are comprehensive and GDPR compliant. However, WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but would benefit from improved domain registration visibility and enhanced security disclosures.

C

CloudCannon

cloudcannon.com

71

CloudCannon is a New Zealand-based technology company founded in 2009, offering a Git-powered Jamstack CMS platform designed for marketers and developers. The platform enables teams to manage static websites with visual editing capabilities, integrating tightly with Git workflows and supporting multiple static site generators. Positioned as a niche leader in the Jamstack CMS market, CloudCannon targets digital agencies, enterprises, and development teams seeking scalable, secure, and performant website management solutions. The website demonstrates excellent content quality, professional design, and clear navigation, reflecting a mature and trustworthy business. Technically, the site leverages modern JavaScript libraries, Google Analytics, and Cloudflare DNS, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain transfer protections, though improvements are recommended in DNSSEC and security headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, CloudCannon presents a credible and professional online presence with room to enhance privacy and security transparency.

G

Google

flutter.dev

70

Flutter.dev is the official website for Flutter, an open source multi-platform app development framework maintained by Google LLC. The site targets developers and software engineers, offering comprehensive resources to build, test, and deploy applications across mobile, web, desktop, and embedded platforms from a single codebase. The website reflects Google's strong market position in developer tools and frameworks, supported by a large global community and integration with Google's ecosystem services such as Firebase and Google Ads. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, Alpine.js, and integrates Google services like Google Analytics and Tag Manager for analytics and tracking. The site is hosted on Google Cloud infrastructure, ensuring fast performance and excellent mobile optimization. Security best practices are observed with HTTPS enforcement and use of Google reCAPTCHA on forms, although explicit security headers are not visible in the HTML content. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, linking to Google's comprehensive privacy and cookie policies, and providing a cookie consent mechanism. However, the site lacks explicit incident response contact details and a public vulnerability disclosure page. Overall, the website is highly trustworthy, professional, and secure, reflecting Google's standards. Strategically, Flutter.dev serves as a critical platform for Google to engage the developer community, promote its cross-platform framework, and integrate with its broader cloud and advertising ecosystem. The site’s design, content quality, and technical implementation support a high level of user trust and engagement.

F

Fédération Française de Boxe

ffboxe.com

53

The Fédération Française de Boxe (FFBoxe) is the official French boxing federation, serving as the national governing body for amateur and professional boxing in France. The website provides comprehensive information about boxing practice, training, professional boxing, teams, and federation governance. It targets athletes, clubs, officials, and boxing enthusiasts in France. The federation is positioned as a key sports organization with over 60,000 licensed members, offering services such as licensing, training certifications, event organization, and information dissemination. Technically, the website is built on WordPress using Oxygen Builder, with modern JavaScript libraries like Alpine.js and jQuery. It employs SEO best practices with Yoast SEO and uses Matomo for analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers and publicly available incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with visible privacy and cookie policies, including consent mechanisms, aligning with GDPR requirements. Overall, the site is trustworthy and professional, though the absence of WHOIS data for the domain www.ffboxe.com is a concern that warrants verification. The domain may be newly registered or privacy protected, which is unusual for an official federation. Strategic recommendations include enhancing security headers, publishing incident response details, and verifying domain registration to strengthen trust.

2

24pay s.r.o.

24-pay.sk

58

24pay s.r.o. is a Slovakian payment solutions provider specializing in payment gateway services and POS terminal offerings. Established in 2011, the company targets businesses and developers seeking integrated payment methods including Google Pay and Apple Pay. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its market segment. Technically, the site is built on WordPress with modern plugins and tracking tools, hosted likely by Active24, and employs HTTPS with DNSSEC for secure communications. Security posture is solid with standard best practices observed, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the site demonstrates a mature digital presence with good business credibility and technical implementation.

N

NUTREND

nutrend.de

63

NUTREND operates a professional e-commerce platform specializing in sports nutrition products targeted at fitness enthusiasts, bodybuilders, and health-conscious consumers primarily in Germany and neighboring countries. The website presents a consistent brand image with a comprehensive product catalog and user account management features for both B2C and B2B customers. The technical infrastructure leverages modern JavaScript frameworks like Alpine.js and integrates multiple marketing and analytics tools such as Google Tag Manager, Hotjar, and Facebook Pixel, indicating a mature digital marketing strategy. Security measures include HTTPS enforcement, CSRF tokens in forms, and cookie consent mechanisms, though some security headers could be improved. Overall, the website demonstrates a good security posture with no critical vulnerabilities detected in the provided content. The WHOIS data aligns well with the website's branding and hosting, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and compliance.