Security Directory

C

Cofidis

cofidis.be

63

Cofidis Belgium operates as a financial services provider specializing in consumer credit and loan products, targeting French and Dutch speaking customers in Belgium. The website is bilingual and designed to guide users to their preferred language section. The business appears to be an established player in the Belgian consumer credit market, offering personal loans and financial solutions. The website infrastructure relies on HTTPS and uses a CDN for resource delivery, with JavaScript libraries such as jQuery for interactivity. However, the site lacks visible privacy and cookie policies and does not provide direct contact information on the landing page, which may impact user trust and compliance perception. Security posture is moderate with HTTPS enabled but missing visible security headers and incident response contacts. WHOIS data is restricted, showing privacy protection, which is common for financial entities but limits transparency. Overall, the site is functional and professional but could improve in privacy compliance and user trust signals.

Č

Česká basketbalová federace

cz.basketball

10

CZ.BASKETBALL is the official website of the Czech Basketball Federation, serving as the primary digital platform for basketball news, competitions, clubs, and national team information in the Czech Republic. The site targets basketball players, fans, coaches, referees, and other stakeholders, providing comprehensive schedules, results, and federation-related content. It maintains a strong market position as the authoritative source for Czech basketball information. Technically, the website employs modern web technologies including Google Tag Manager and Google Analytics for tracking, uses web fonts with FontFaceObserver, and is optimized for mobile devices. The site is served over HTTPS, ensuring secure communications, though there is room for improvement in security headers and accessibility features. From a security perspective, the site demonstrates good practices such as HTTPS and cookie consent mechanisms, but lacks explicit security policies, incident response contacts, and advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with cookie consent present but no visible privacy or terms of service pages. Overall, the website is professional, trustworthy, and well-branded, with a good user experience and relevant content. Strategic improvements in security policies, privacy documentation, and accessibility would enhance its compliance and security posture.

The website moravy.eu serves as a basic informational portal focused on Moravia, a historical and cultural region in the Czech Republic. It provides links and minimal content related to Moravian history, symbols, and geography. The site is small in scale and targets a general audience interested in regional information. Technically, the site is simple, built with basic HTML and CSS, hosted by a reputable Czech registrar, but lacks modern web technologies and optimization. Security posture is minimal with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are present. The absence of contact information and security policies limits trust and compliance. Overall, the site is safe but basic, with significant room for improvement in security, privacy, and content richness.

L

LEONI Group

leoni.com

61

LEONI Group is a global enterprise specializing in innovative cable and wiring systems primarily for the automotive and mobility sectors. The company positions itself as a key player shaping the future of mobility through advanced manufacturing solutions. Their website reflects a professional corporate presence with a focus on product offerings such as low and high voltage wiring harnesses and integrated system solutions. Technically, the website is built on TYPO3 CMS and employs Cookiebot for GDPR-compliant cookie management, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit incident response contacts. The absence of WHOIS data introduces some uncertainty regarding domain registration transparency but does not detract significantly from the overall legitimacy given the professional content and branding. Strategic recommendations include enhancing security headers, publishing a security policy, and improving contact transparency to bolster trust and compliance.

O

Orange France

orange.fr

65

Orange France operates a comprehensive telecommunications portal offering mobile, internet, TV, and streaming services primarily targeting the French market. The website demonstrates a strong market position as a leading telecom operator with a wide range of consumer offerings and a professional digital presence. The technical infrastructure utilizes modern web technologies including JavaScript libraries for carousels and sliders, and structured data for SEO and business information. Security posture is moderate with HTTPS implied but lacks explicit security headers and published security policies. Privacy compliance is limited in visible content with no clear privacy or cookie policies detected. Overall, the website is professional, trustworthy, and safe for general audiences, but could improve transparency in privacy and security disclosures. The absence of WHOIS data limits domain legitimacy verification but does not detract significantly from the brand's credibility given its established presence.

P

PHYSICS TODAY

physicstoday.org

65

Physics Today is a reputable publication operated by the American Institute of Physics, serving the physics community with news, analysis, and career resources. The website demonstrates a mature digital infrastructure with modern web technologies, including MathJax for scientific notation, and integrates comprehensive privacy and cookie consent mechanisms. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, the site is professional, trustworthy, and well-optimized for its target audience.

C

Cirkev adventistov siedmeho dňa na Slovensku – CASD

casd.sk

38

The website www.casd.sk serves as the official online presence of the Slovak Seventh-day Adventist Church, providing religious content, community news, event information, and links to affiliated organizations. It targets Slovak-speaking members and followers of the church, offering spiritual resources and institutional information. The site is built on WordPress with a moderate technical infrastructure and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and vulnerability disclosures. The site demonstrates good content quality and trustworthiness, supported by consistent branding and regular updates. No critical security issues or adult content were detected, and the WHOIS data aligns well with the organization's claims, indicating legitimacy.

F

Fédération Française de Football

cnf-clairefontaine.com

68

The Centre National du Football Clairefontaine website is a professionally maintained portal representing the French Football Federation's prestigious football training center. It offers a variety of services including training programs, facility rentals, and group visits targeting enterprises, football clubs, associations, and the general public. The site is well-branded and aligned with the federation's identity, featuring partner logos from reputable companies. Technically, the site employs modern web technologies, including Google Analytics, Google Tag Manager, and a GDPR-compliant cookie consent mechanism, hosted on AWS infrastructure. Security posture is adequate with HTTPS enforced and reCAPTCHA integration, though security headers and incident response information are lacking. Overall, the website is trustworthy and compliant with privacy regulations, with room for improvement in security transparency and technical hardening.

N

NextRadioTV

rmcbfmplay.com

69

RMC BFM PLAY is a French media streaming platform operated by NextRadioTV, offering live and replay video content from channels such as RMC Découverte, RMC Story, BFMTV, and BFM Business. The platform targets a general French-speaking audience interested in news, entertainment, and discovery programs. The website demonstrates a professional design and consistent branding aligned with its parent company. Technically, it leverages modern web technologies including Angular and integrates advanced consent management and analytics tools, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. Overall, the site is trustworthy and compliant with GDPR, but the absence of WHOIS registration data and explicit contact information slightly reduces transparency.

J

Judoverse

judoverse.org

65

Judoverse.org is a website dedicated to a judo-themed NFT project, offering digital collectibles related to the sport of judo. The site targets NFT enthusiasts and fans of judo, leveraging blockchain technology to create unique digital assets. The business appears to be a small-scale, recently founded entity (2022) focusing on niche digital collectibles. The website features SVG animations and a clean, modern design but lacks comprehensive textual content and detailed business descriptions. Technically, the site uses Cloudflare DNS, Google Fonts, and Google Analytics, with HTTPS enabled, ensuring basic security and performance standards. However, DNSSEC is not enabled, and security headers are missing, which could be improved to enhance security posture. The security posture is moderate, with no critical vulnerabilities detected, but the absence of privacy and cookie policies, as well as incident response contacts, indicates gaps in compliance and security transparency. Contact is primarily through an external Discord link, with no direct company emails or phone numbers provided. Overall, the site is functional and moderately secure but would benefit from enhanced privacy compliance and security best practices.

The website onlinekonfigurator.biz serves as a specialized web configurator tool associated with TE Connectivity Corporation, a large US-based technology enterprise. The site provides a technical interface likely intended for business partners or internal users to configure products or services. The content is minimal and focused on functionality rather than marketing or customer engagement. The technical infrastructure relies on custom JavaScript and PHP backend handlers, with no visible use of common CMS or third-party analytics tools. The site lacks public-facing privacy, cookie, or terms of service policies, and no contact information is provided, which limits transparency and user trust. Security posture is moderate but could be improved by enabling DNSSEC, adding security headers, and publishing compliance policies. The domain registration is consistent with the corporate entity and shows no suspicious patterns, indicating legitimacy.

D

Dôvera zdravotná poisťovňa, a.s.

dovera.sk

63

Dôvera zdravotná poisťovňa, a.s. is a leading public health insurance provider in Slovakia, offering comprehensive health insurance services to insured persons, payers, and healthcare providers. The company has a strong market position with a large customer base and provides various benefits, claims processing, and customer support services. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to its target audience. Technically, the site uses a custom open-source framework (Cyclone3) and integrates modern marketing and analytics tools such as Google Tag Manager, Facebook SDK, Exponea, and OneTrust for consent management. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance, although explicit security policy and incident response pages are not publicly available. Overall, the domain registration data aligns well with the business claims, supporting high legitimacy and trustworthiness.

The website www.orsr.sk serves as the official online business register for the Slovak Republic, operated under the Ministry of Justice. It provides authoritative access to company registration data, including search capabilities by company name, identification number, address, and other criteria. The site targets Slovak businesses, legal entities, and the general public seeking official business information. Its market position is that of a government-operated essential public service with no direct commercial competition. Technically, the website is built with basic HTML and CSS, lacking modern frameworks or CMS platforms. It shows moderate performance but poor mobile optimization and accessibility. There is no evidence of advanced analytics, tracking, or advertising technologies. The site lacks HTTPS confirmation in the provided data and does not display privacy or cookie policies, which are critical for compliance. From a security perspective, the site does not show security headers or incident response contacts, and no vulnerability disclosures or data protection officer information is present. The WHOIS data confirms the domain is legitimately registered to the Slovak Ministry of Justice, reinforcing trustworthiness. However, the absence of HTTPS and privacy policies are notable gaps. Overall, the site is a trustworthy government resource with basic technical implementation and limited security and privacy features. Strategic improvements in HTTPS deployment, privacy compliance, and mobile usability would enhance its security posture and user experience.

D

Dash Social

dashhudson.com

10

Dash Social is a Canadian-based technology company founded in 2013 that offers a comprehensive social media management platform. Their SaaS solution integrates AI-powered tools for content performance prediction, creator and influencer management, social analytics, campaign reporting, scheduling, and social commerce. The company targets brands, marketers, and social media managers seeking to optimize social media engagement and ROI. The website demonstrates a mature digital presence with rich content, customer testimonials, and partner badges from major platforms like TikTok, Meta, and Pinterest, indicating strong market positioning. Technically, the website is built on Webflow CMS and leverages modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for interactive features. It employs Google Tag Manager and HubSpot for analytics and marketing automation. The site is mobile-optimized, fast-loading, and SEO-friendly. Security practices include HTTPS enforcement and a cookie consent mechanism with opt-in compliance, though explicit security headers are not detected. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or data source limitations. The presence of a suspicious external script domain warrants further review. Overall, the site maintains good privacy compliance and business credibility but could improve transparency in domain registration and security disclosures. Strategically, Dash Social should enhance its security posture by publishing a vulnerability disclosure policy, adding security headers, and providing incident response contacts. These steps will strengthen trust and compliance. The technical infrastructure is solid but could benefit from continuous monitoring of third-party scripts and further accessibility improvements.

A

adidas Combat Sports

combat-sports.net

44

The website combat-sports.net represents a small-scale online presence focused on adidas Combat Sports products, likely targeting combat sports enthusiasts and athletes interested in adidas apparel and equipment. The site is built on WordPress using the Salient theme and includes basic integrations such as Instagram Feed. The technical infrastructure is moderate, hosted by OVH sas, a reputable provider, with HTTPS enabled but lacking advanced security headers and DNSSEC. The content is basic and consistent with the brand but lacks comprehensive privacy, cookie, and terms of service policies, as well as contact information, which impacts trust and compliance. Security posture is average with room for improvement in headers and vulnerability disclosures. Overall, the site is safe with no adult or questionable content detected.

Eleventy is an open-source static site generator designed for simplicity, performance, and flexibility. It targets developers who want full control over their static website output without the overhead of client-side JavaScript frameworks. The project is mature, founded in 2017, and enjoys strong community support and sponsorship from reputable organizations. The website is professionally designed with excellent content quality and clear navigation, reflecting a high level of digital maturity.

Burn IT, s.r.o. is a small Czech technology company specializing in web development, custom internet systems, Flash components, and internet marketing services. Their offerings include bespoke web presentations, internet system development, streaming applications, and packaged products such as Burn IT CMS and Burn IT E-shop. The website targets businesses seeking tailored online solutions and marketing support within the Czech Republic. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, and references to Adobe Flash and Adobe Air platforms, indicating some legacy technology usage. The site is accessible and moderately optimized but lacks advanced mobile responsiveness and accessibility features. Security posture is basic with HTTPS enabled but no detected security headers or privacy policies, and no visible contact or incident response information. The WHOIS data is missing, which raises concerns about domain registration transparency and reduces trust. Overall, the website is functional and provides relevant business information but requires improvements in security, privacy compliance, and transparency to enhance trust and professionalism.

S

Sector s.r.o.

onlinehry.sk

39

Onlinehry.sk is a Slovak online gaming portal operated by Sector s.r.o., offering a wide range of free online games including flash, unity, and HTML5 games. The site targets a general audience including children and families, providing categorized games and multiplayer options. The business model is primarily advertising-supported, leveraging Google Adsense and related ad services. The site integrates user account management via the sector.sk passport system, enhancing user engagement through features like game archiving and discussions. The portal holds a moderate market position within the Slovak online gaming niche, supported by a medium-sized operation and consistent branding.

O

Orest Bida

orestbida.com

71

Orest Bida is a freelance web designer and developer offering bespoke high-performance and secure web solutions. The website serves as a professional portfolio showcasing the individual's skills and projects, targeting clients seeking freelance web design and development services. The business operates independently with a small scale and has been active since 2018. Technically, the site is built using the Eleventy static site generator, hosted with Cloudflare DNS and registrar services, and optimized for mobile and SEO. The site employs HTTPS with a good SSL configuration but lacks DNSSEC and security headers, which are recommended for enhanced security. No privacy or cookie policies are present, and contact is provided solely via a contact form without direct email or phone numbers. Social media presence is established on GitHub, Codepen, and Twitter, supporting professional credibility. Overall, the website is well-designed, user-friendly, and trustworthy, but could improve privacy compliance and security posture by adding relevant policies and headers.

Jéčko TV is a Czech internet television platform dedicated to children's educational and entertainment content, operated by HopeTV for the Seventh-day Adventist Church since 2023. The website offers streaming shows, games, and audio stories tailored for young audiences. The platform positions itself as a niche media provider within the Czech Republic, focusing on family-friendly and faith-based content. Technically, the site uses modern web technologies including JavaScript, CSS, and Google Tag Manager for analytics, with a responsive design suitable for mobile devices. Security posture is moderate, with HTTPS enabled and a cookie consent mechanism in place, but lacks visible security headers and formal privacy or terms of service documentation. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and branding provide some trust signals. Overall, the site is functional and professionally presented but would benefit from enhanced security practices and clearer compliance documentation.

F

Fédération Française de Football

fff.fr

65

The Fédération Française de Football (FFF) is the official governing body for football in France, providing comprehensive information on national teams, competitions, clubs, and football-related activities. The website serves a broad audience including fans, players, officials, and stakeholders, offering news, event details, and official communications. The digital infrastructure employs modern web technologies, including JavaScript frameworks, consent management platforms, and analytics tools, ensuring a professional and user-friendly experience. Security posture is strong with HTTPS enforcement, security headers, and GDPR-compliant consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the website is trustworthy, well-branded, and professionally maintained, supporting the FFF's role as a key sports federation in France.

W

WebLinks - internetové odkazy filmy, inzerce, sběratelství, hobby

weblinks.cz

57

WebLinks.cz is a Czech language online catalog specializing in internet links related to films, classifieds, collecting, hobbies, and related topics. The website targets Czech users interested in these niche areas and monetizes primarily through Google AdSense advertising. The site structure includes multiple thematic subdomains focusing on specific interests such as model railways, women's inspiration, and job listings. Technically, the site uses basic HTML, CSS, and JavaScript with Cloudflare DNS services but lacks modern CMS or frameworks. The design and user experience are basic with limited mobile optimization and accessibility features. Security posture is weak due to lack of HTTPS information, absence of security headers, and no visible privacy or cookie policies. WHOIS data is inconsistent, showing a domain creation date in the future, which undermines trust in domain legitimacy. Overall, the site is safe for general audiences but requires significant improvements in security, privacy compliance, and technical modernization.

CLEVER Soft s.r.o. is a Czech Republic-based technology company specializing in automated production line control systems, quality management software, and IT services including hardware sales and web hosting. Established in 1997, the company targets manufacturing and industrial sectors, particularly automotive assembly lines, offering modular software solutions to integrate production automation with enterprise systems. The website reflects a mature business with clear contact information and a focus on industrial automation solutions. Technically, the site uses a custom CMS with legacy JavaScript libraries and basic mobile optimization. Security posture is moderate with no HTTPS or security headers information provided, and no visible privacy or incident response policies. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

S

Strombuch s.r.o.

strombuch.cz

41

Strombuch s.r.o. is a Czech Republic based company specializing in comprehensive forestry services including forest renewal, wood harvesting, sales, and maintenance activities. Established in 2004, the company serves private owners, municipal properties, and state organizations primarily in the Podkrkonoší region. The website reflects a professional business with clear service offerings and contact information, positioning itself as a trusted local forestry service provider. Technically, the website employs standard web technologies such as HTML5, CSS, and JavaScript, with integration of Google Analytics and Tag Manager for visitor tracking. The site is mobile optimized and has a moderate performance profile. However, it lacks advanced security headers and explicit privacy or cookie policies, indicating room for improvement in compliance and security posture. Security-wise, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. The absence of WHOIS data limits domain legitimacy verification, but the website content and contact details suggest a legitimate business. No forms or data collection beyond analytics scripts are present, reducing attack surface but also limiting user interaction. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security headers, and transparency regarding data protection. The domain's WHOIS opacity slightly reduces trust but does not outweigh the positive business indicators.

B

BFMTV

bfmtv.com

10

BFMTV is a leading French news media company providing continuous live news coverage, video content, and radio streaming services. The website serves a broad general audience interested in political, social, economic, sports, and international news. It operates a professional and well-branded digital platform with extensive multimedia content and strong social media presence. Technically, the site uses modern JavaScript libraries, consent management tools, and analytics services to deliver a responsive and engaging user experience. Security posture is generally good with HTTPS enforced and cookie consent implemented, though explicit security headers and privacy policies are not clearly published. The absence of WHOIS data is unusual but does not detract significantly from the site's legitimacy given its market position and content quality. Overall, BFMTV demonstrates a mature digital presence with room for improvement in transparency and security best practices.

F

France Kyudo

kyudo.fr

50

France Kyudo is a national federation dedicated to the traditional Japanese martial art of Kyudo, or Japanese archery, operating primarily in France. The website serves as an informational and community hub for practitioners and enthusiasts, promoting the art and philosophy of Kyudo. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. While the site is visually consistent and provides relevant content, it lacks critical privacy and contact information, which impacts its overall trustworthiness. Security posture is basic with HTTPS enabled but missing advanced security headers and policies. The absence of WHOIS data raises concerns about domain registration legitimacy, although the site content appears genuine and focused on its niche audience.

F

Fondation France Judo

fondationfrancejudo.fr

55

Fondation France Judo is a French non-profit organization dedicated to supporting social and inclusive projects through sports sponsorship, specifically judo. The website is built on the Wix platform and presents a professional and consistent brand image aligned with its parent organization, Fondation du Sport Français. The site targets donors and supporters interested in contributing to sports-related social initiatives. Technically, the website uses Wix's Thunderbolt framework and standard web technologies, offering moderate performance and good mobile optimization. However, it lacks advanced SEO and accessibility features. Security posture is basic with HTTPS implied but no visible security headers or policies. Privacy compliance is weak due to absence of privacy and cookie policies. WHOIS data is unavailable, which raises concerns about domain registration transparency. Overall, the website is functional and trustworthy in content but requires improvements in security and privacy disclosures.

Brioni S.p.A. is a prestigious Italian luxury menswear brand specializing in tailored clothing, bespoke services, and made-to-measure offerings. Established in 1945 and now part of the Kering group, Brioni maintains a strong market position in the high-end fashion retail sector, targeting discerning consumers seeking exclusive and high-quality apparel. The website serves as an official e-commerce platform showcasing collections, bespoke services, and brand heritage. Technically, the site is built on modern web technologies including Next.js and React, hosted on a robust CDN infrastructure (Akamai), and optimized for performance and mobile responsiveness. Security posture is strong with HTTPS enforcement, security headers, and a vulnerability disclosure policy, though some formal security policies and incident response details could be more explicit. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the site reflects a mature digital presence aligned with luxury brand standards, with no signs of blocking or WAF interference, and a high trustworthiness rating.

F

Florea Holand s.r.o.

florea.cz

55

Florea Holand s.r.o. operates Florea.cz, the largest online florist in the Czech Republic, specializing in fresh flower sales and nationwide delivery. The company targets consumers seeking quality bouquets and floral accessories, offering a broad product range and strong customer support. The website demonstrates a mature e-commerce platform with professional design, clear navigation, and mobile optimization. Technically, it employs modern JavaScript libraries, tracking tools, and analytics services, with a focus on user consent and privacy compliance. Security posture is solid with HTTPS and secure forms, though some security headers and policies could be improved. The absence of WHOIS data slightly impacts trust but is mitigated by visible certifications and contact transparency. Overall, Florea.cz presents a trustworthy, professional retail platform with room for enhanced security documentation.

B

Balance Club Brumlovka

balanceclub.cz

50

Balance Club Brumlovka is a premium fitness and wellness club based in the Czech Republic, offering a wide range of services including fitness, physiotherapy, spa, and psychological support. The club positions itself as a top-tier facility comparable to international standards, targeting health-conscious adults seeking comprehensive wellness solutions. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site uses modern web technologies such as Google Tag Manager and Leaflet.js for maps, and it is well-optimized for mobile devices with good SEO practices. Security-wise, the site enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements, though it lacks advanced security headers and explicit incident response policies. The absence of WHOIS data reduces domain trust but does not detract significantly from the website's professional presentation and business legitimacy. Overall, the site demonstrates a solid digital presence with room for improvement in security transparency and domain registration clarity.

R

Rittal Czech, s.r.o.

rittal.cz

66

Rittal Czech, s.r.o. operates a professional corporate website focused on modular system solutions for industrial and IT applications, including enclosures, power distribution, climate control, IT infrastructure, software, and automation. The company is positioned as a global leader with a strong modular system offering and is part of the Friedhelm Loh Group. The website is well-structured, content-rich, and targets industrial and IT professionals seeking advanced system solutions. Technically, the site uses modern web technologies such as Vue.js and JavaScript, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit incident response or security policy pages were found. WHOIS data is unavailable, which is unusual but likely due to privacy protection, and does not detract from the site's legitimacy given the strong corporate branding and parent company association. Overall, the site presents a trustworthy and professional digital presence.

B

BONEGA, spol. s r.o.

bonega.cz

51

BONEGA, spol. s r.o. is a Czech company specializing in the development, manufacturing, and distribution of high-quality electrical installation materials and water meters. The company emphasizes innovation with patented products and serves a B2B audience primarily in the Czech Republic and Central Europe. The website reflects a medium-sized enterprise with a history dating back to 2000, consistent with the domain registration data. The business model focuses on technical product development and distribution with additional services such as public customs warehousing. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking, hosted behind Cloudflare DNS. However, the site lacks modern CMS, mobile optimization, and accessibility features, indicating room for digital maturity improvement. Security posture is moderate; while Cloudflare DNS is used, no HTTPS enforcement or security headers are visible, and no privacy or cookie policies are present, which impacts compliance and trust. Overall, the site is functional but would benefit from enhanced security, privacy compliance, and technical modernization to improve user experience and regulatory adherence.

P

Primetta

primetta.de

44

Primetta is a German retail company specializing in eyewear products including sunglasses and reading aids, with a heritage dating back to 1928. The website presents a professional and consistent brand image targeting general consumers interested in stylish and functional eyewear solutions. The technical infrastructure is based on WordPress CMS with a custom theme, showing moderate performance and basic mobile optimization. Security posture is limited with no detected security headers or explicit privacy and cookie policies, indicating room for improvement in compliance and protection. Overall, the website is functional and trustworthy but would benefit from enhanced security and privacy measures to align with modern standards.

O

Office de Tourisme de l'Agglomération de La Rochelle

larochelle-tourisme.com

55

The website www.nous-larochelle.fr is the official online presence of the Office de Tourisme de l'Agglomération de La Rochelle, serving as a comprehensive portal for tourism-related information, local culture, events, and sustainable initiatives in the La Rochelle region of France. It targets tourists, local residents, and visitors interested in exploring the territory through various thematic content and practical services. The business model is that of a public tourism office providing information, event ticketing, and promotion of local attractions and services. Technically, the site is built using modern web technologies including React and Next.js, hosted on Scaleway infrastructure. It demonstrates excellent performance, mobile optimization, accessibility, and SEO practices. The site uses secure HTTPS connections and implements key security headers, indicating a strong security posture. However, it lacks a publicly available security policy or incident response information. From a security and privacy perspective, the site employs privacy protection for its domain registration, which is common for public entities. It uses analytics tools such as Matomo and Google Tag Manager with moderate user tracking and includes a GDPR-compliant privacy and cookie policy with consent mechanisms. Contact information is clearly provided, including phone numbers, physical addresses, and a contact form. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or content safety concerns. Strategic recommendations include publishing a security policy, vulnerability disclosure information, and incident response contacts to further enhance trust and compliance.

W

World Leagues Association

worldleagues.com

52

The World Leagues Association website serves as a global representative platform for professional football leagues, fostering cooperation with political and sports bodies. The organization is well-established, with a domain registered since 2002, and presents itself professionally with a clear mission and multiple league logos. The website is built on a modern CMS (Kirby) and demonstrates good technical implementation with responsive design and SEO optimization. Security posture is adequate with HTTPS and domain transfer protection, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is partial, with a cookie policy and consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the site is trustworthy and safe, with no adult or questionable content.

T

TKR Jašek s.r.o.

valachnet.cz

53

TKR Jašek s.r.o. operates the VALACHNET.cz portal, providing regional telecommunications services including internet, television, telephone, mobile, and hosting primarily in the Valašsko region of the Czech Republic. The company has a long-standing presence since 1990 and targets residential and business customers within its service area. The website reflects a regional ISP with a focus on customer engagement and service announcements. Technically, the website uses a traditional tech stack with jQuery and jQuery UI libraries, serving content over HTTPS. While the site is functional and content-rich, it lacks advanced security headers and modern privacy compliance features such as a cookie consent mechanism. The site is moderately optimized for performance and accessibility but could benefit from modernization. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but the absence of security headers and vulnerability disclosures indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness, though the website content and business information appear consistent and legitimate. Overall, the site presents a trustworthy regional ISP with good business credibility but requires enhancements in security best practices and privacy compliance to align with modern standards.

1

1C-Битрикс

b24.to

69

Bitrix24 is a comprehensive business management platform offering a wide range of tools including CRM, project management, communication, and AI-powered assistants. It targets businesses seeking integrated solutions to streamline operations and improve collaboration. The platform holds a strong market position in Russia and CIS countries, supported by a robust partner network and extensive service offerings. Technically, the website is built on the Bitrix CMS framework, leveraging modern web technologies and integrating analytics and tracking tools with GDPR compliance. Security posture is solid with HTTPS enforcement and security headers, though lacks explicit public security policies and incident response contacts. Overall, the site is professional, well-structured, and trustworthy, with minor gaps in transparency and WHOIS data availability.

B

Beetween

beetween.fr

41

Beetween is a French-based company founded in 2007 that provides a customizable online recruitment software solution (ATS) targeting recruiters and HR professionals. The website presents a professional and user-friendly platform with a clear focus on recruitment process optimization and collaboration. The company positions itself as a flexible and adaptable solution across various sectors and company sizes. Technically, the website is built on WordPress and integrates multiple marketing and analytics tools such as HubSpot, Microsoft Clarity, and Google Tag Manager, hosted by OVH. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks some security headers and published security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

M

MFK Karviná a.s.

mfkkarvina.cz

40

MFK Karviná a.s. operates an official website for their football club, primarily targeting local football fans and sports enthusiasts in the Czech Republic. The site provides basic information about the club, ticket sales, and news updates. The business model is focused on sports club promotion and fan engagement within the regional football league context. The website is modest in content and design, reflecting a small-sized organization with limited digital maturity. Technically, the website uses basic JavaScript and CSS with legacy character encoding (windows-1250). There is no evidence of modern CMS or advanced frameworks. Mobile optimization and accessibility are basic, and no advanced SEO or analytics tools are detected. The site lacks HTTPS, security headers, and privacy compliance mechanisms, indicating a low level of security and privacy maturity. From a security perspective, the absence of HTTPS and security headers is a significant vulnerability. No privacy policy or cookie consent mechanisms are present, which may expose the organization to GDPR compliance risks. The lack of contact information and incident response details further weakens the security posture. However, no malicious or adult content is detected, and the site is accessible without WAF or blocking mechanisms. Overall, the website presents moderate trustworthiness based on content alignment with the football club's identity but suffers from critical security and privacy shortcomings. Strategic improvements in HTTPS implementation, privacy compliance, and security best practices are recommended to enhance trust and protect user data.

F

FK Teplice, eSports.cz, s.r.o.

fkteplice.cz

37

FK Teplice is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club's activities, including news, match schedules, team rosters, fan engagement, and community initiatives such as CSR and esports. The domain has been registered since 1998, reflecting the club's longstanding history. Technically, the website employs modern web technologies including Google Analytics, Adsense, and Google Translate, hosted on Websupport infrastructure. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and rich content. Security posture is moderate with cookie consent implemented but lacks visible advanced security headers and explicit privacy or terms of service pages. No direct contact information or incident response details are provided, which could be improved to enhance trust and compliance. Overall, the website is a credible and functional digital asset for FK Teplice, serving its target audience effectively.

F

FC Hradec Králové, a.s.

fchk.cz

53

FC Hradec Králové, a.s. operates an official website serving as the primary digital platform for the Czech football club FC Hradec Králové. The site provides comprehensive information including match schedules, team rosters, news updates, ticketing services, and a fanshop for merchandise. The club has a strong market presence in Czech football, with a history dating back over 120 years, positioning itself as a well-established sports entity. The website targets football fans, local community members, and sports enthusiasts, offering a user-friendly and content-rich experience. Technically, the website employs modern JavaScript libraries such as GSAP and Swiper.js for animations and interactive elements, alongside Google Analytics and Facebook Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, hosted under a Czech registrar with consistent domain registration data. Cookie consent mechanisms and GDPR compliance are well implemented, reflecting a mature approach to privacy and user data protection. From a security perspective, the website enforces HTTPS and uses cookie consent categories to manage tracking scripts responsibly. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, the website demonstrates a high level of professionalism, content quality, and trustworthiness, with a strong alignment between domain registration and business identity. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen the security posture.

Autoservis Kobolka is a small, local automotive repair and maintenance service provider based in Kutná Hora, Czech Republic. The company specializes in servicing vehicles from major European brands such as VW, Peugeot, Citroen, Fiat, Ford, Opel, and Alfa Romeo. Established in 1999, the business offers a comprehensive range of services including diagnostics, mechanical repairs, brake and axle work, engine and transmission overhauls, and additional services like tire service and vehicle towing. The website reflects a modest but functional online presence with clear contact information and basic service descriptions.

S

Statutární město Kladno

mestokladno.cz

52

The website mestokladno.cz serves as the official online portal for the statutory city of Kladno in the Czech Republic. It provides residents and visitors with comprehensive municipal information including news, events, administrative services, and contact details. The site is positioned as a trusted government resource with a clear focus on public service delivery and community engagement. The target audience primarily consists of local citizens and stakeholders interested in city governance and services. From a technical perspective, the website employs a proprietary CMS platform (Vismo) and integrates modern web technologies such as HTML5, CSS, JavaScript, and Google Analytics for performance monitoring. The site is mobile-optimized and accessible, with a clear navigation structure and compliance with privacy regulations including GDPR. Cookie consent mechanisms are implemented effectively, enhancing user privacy. Security-wise, the site benefits from HTTPS encryption and does not expose sensitive data or vulnerable libraries. However, it lacks explicit published security policies and incident response contacts, which are recommended for enhanced transparency and preparedness. No critical vulnerabilities or suspicious activities were detected. Overall, mestokladno.cz demonstrates a solid security posture and business credibility consistent with an official municipal website. Strategic improvements in security policy publication and incident response readiness would further strengthen its trustworthiness and compliance profile.

S

Seznam.cz, a.s.

post.cz

68

Seznam.cz, a.s. operates a comprehensive Czech internet portal offering a variety of digital services including email, maps, real estate listings, and streaming. The login portal analyzed is a secure gateway to these services, supporting multiple OAuth providers such as Google, Microsoft, Apple, BankID, and MojeID, indicating a mature and user-friendly authentication infrastructure. The website is well-branded and targets general internet users primarily in the Czech Republic and Slovakia. Technically, the site uses modern web technologies with responsive design and password strength indicators, although some accessibility and security header enhancements could be made. Security posture is solid with HTTPS enforced and multi-factor authentication options, but lacks visible security headers and explicit incident response contacts. Privacy compliance is partially addressed with clear privacy and terms of service links, but no cookie consent mechanism is present. Overall, the site is trustworthy and professionally maintained, though improvements in privacy and security transparency are recommended.

R

REGISMASTER Consult, s.r.o.

regismaster.cz

52

REGISMASTER Consult, s.r.o. operates a Czech-language website offering ready-made companies for sale, primarily limited liability companies (s.r.o.) and joint-stock companies. The business targets entrepreneurs seeking fast company formation and related corporate services such as registered office provision and nominee services. The company has been established since 2010, with domain registration consistent with this timeline. The website is professionally designed with clear navigation and multilingual support, though mobile optimization is basic. Technical infrastructure includes standard HTML, CSS, JavaScript, and Google Analytics for visitor tracking. Hosting is provided via websupport.cz as indicated by nameservers. Security posture is moderate; HTTPS is implied but no advanced security headers or privacy policies are present, representing compliance and security gaps. Contact options include a web form and Skype link but lack explicit phone numbers or emails. Overall, the website is trustworthy and legitimate but would benefit from enhanced privacy compliance and security hardening.

Š

Šafra & partneři s.r.o., advokátní kancelář

safra-advokati.cz

45

Šafra & partneři s.r.o. is a small, established law firm based in Prague, Czech Republic, providing a range of legal services including company formation, contract drafting, and legal representation. The firm has been operating since 2008 with a domain registered in 2007, indicating a stable market presence. The website is primarily in Czech with an option for Italian, targeting local and possibly Italian-speaking clients. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking. Hosting appears to be with Active24, a known provider. Security posture is moderate but lacks HTTPS enforcement and security headers, which are critical for protecting client data and trust. Privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. Overall, the site is functional but requires improvements in security and privacy compliance to enhance trust and professionalism.

I

International Organization of Legal Metrology

oiml.org

65

The International Organization of Legal Metrology (OIML) is a well-established international standard-setting body focused on legal metrology. It supports governments and regulatory bodies worldwide by developing standards, certification systems, and training to ensure measurement accuracy and consumer protection. The organization has a strong market position with over 130 members and a history dating back to 1955. The website reflects a professional, government/non-profit entity with clear content and consistent branding. Technically, the website is built on the Plone CMS platform, using modern web technologies such as HTML5, CSS, and JavaScript. It is mobile-optimized and accessible, with good SEO practices. The site uses HTTPS with excellent SSL configuration, though it lacks some security headers and cookie consent mechanisms. No analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site demonstrates good practices with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy, incident response contacts, and vulnerability disclosure mechanisms are areas for improvement. The WHOIS data is unavailable due to malformed responses, which slightly reduces trust but is likely due to registry restrictions rather than malicious intent. Overall, the site is trustworthy, professional, and secure, serving its audience effectively. Strategic improvements in privacy compliance and security transparency would enhance its posture further.

B

Best Friends Pets

bestfriendspets.com.au

60

Best Friends Pets operates as a retail pet care and supplies business in Australia, recently transitioning its brand to PetO. The website serves as an e-commerce platform built on Shopify, offering pet products, grooming services, and links to veterinary care partners. The site targets pet owners seeking local pet care solutions and supplies. Technically, the website is well-implemented using modern web technologies, including Shopify's Dawn theme, JavaScript, and CSS, with good mobile optimization and performance. Security measures include HTTPS and hCaptcha for form protection, though the absence of published privacy and cookie policies indicates gaps in compliance. The domain registration is consistent and legitimate, registered through a reputable registrar with standard domain protection statuses. Overall, the website presents a professional retail presence with moderate trustworthiness but requires improvements in privacy compliance and contact transparency.

Alumina Limited is an energy sector company specializing in alumina production. The website content is minimal and primarily serves to inform visitors that Alumina Limited was acquired by Alcoa Corporation as of August 1, 2024, directing users to Alcoa.com for further information. The digital presence is limited, with no detailed corporate information, contact details, or policies available on the homepage. Technically, the website uses basic HTML and CSS with no detected advanced frameworks or analytics. Security posture is weak due to lack of visible security headers, privacy policies, and WHOIS data. The domain WHOIS information is missing, which raises concerns about domain legitimacy and registration status. Overall, the website is accessible but lacks depth and comprehensive corporate digital infrastructure.

C

Chromatix

chromatix.com.au

60

Chromatix is a Melbourne-based web design and development company specializing in creating professional websites and digital solutions for businesses. The company targets local and Australian businesses seeking to establish or enhance their online presence with quality design and development services. The website reflects a professional brand image with consistent branding and good content quality, positioning Chromatix as a credible player in the local digital agency market. Technically, the website is built on WordPress with a custom child theme, leveraging modern web technologies including JavaScript and CSS. Google Tag Manager is integrated for analytics and marketing tracking. The site demonstrates good mobile optimization and moderate performance, though there is room for improvement in accessibility and SEO fine-tuning. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks several important security headers. No explicit privacy or cookie policies were found, indicating compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and security posture. Overall, the website is safe and professional, with no signs of malicious content or blocking by WAFs. The domain WHOIS data is limited due to .au domain privacy policies but shows no suspicious patterns. Strategic recommendations include adding comprehensive privacy and cookie policies, implementing security headers, and publishing incident response details to strengthen compliance and security maturity.