Security Directory

R

renault

renault.fr

79

Renault France operates a comprehensive and professionally designed website dedicated to showcasing and selling new vehicles, including electric, hybrid, and utility models. The site targets a broad audience of vehicle buyers primarily in France, reflecting Renault's position as a major automotive brand. The website leverages modern web technologies such as React, Google Analytics, and OneTrust for cookie consent, ensuring a smooth user experience and compliance with privacy regulations. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response contacts could be improved. The absence of WHOIS data is typical for AFNIC-managed domains and does not detract from the site's legitimacy. Overall, the site demonstrates high professionalism, good technical implementation, and solid privacy compliance.

Z

Zalando

zalando.cz

47

Zalando.cz is a major European e-commerce platform specializing in fashion, shoes, and accessories. The website offers a broad assortment of products with a focus on fast delivery and free shipping for most orders. The platform targets a general audience including women, men, and children, providing a comprehensive online shopping experience. Technically, the site uses modern web technologies including React and RequireJS, and integrates a consent management platform to comply with GDPR requirements. The security posture is strong with HTTPS enforced and use of security best practices, although explicit security headers and vulnerability disclosure mechanisms are not visible in the provided data. Overall, Zalando.cz presents a professional, trustworthy, and user-friendly online retail environment.

2

20ecolesdechimie

20ecolesdechimie.com

41

20ecolesdechimie.com is the official website of the Fédération Gay-Lussac, a federation of 20 chemistry and process engineering schools in France. The site serves as an informational and promotional platform targeting prospective students, educators, and partners interested in chemistry engineering education. It provides detailed information on admissions, student life, international programs, and federation activities, positioning itself as a key resource in the French higher education sector for chemistry engineering. The federation is well-established, with a domain registered since 2015 and a consistent brand presence. Technically, the website is built on WordPress, utilizing common plugins such as Formidable Forms for contact and newsletter forms, Mailjet for email marketing, and Matomo for analytics. The site employs modern web technologies including lazy loading for images and SVG icons, ensuring good performance and mobile responsiveness. SEO and accessibility are adequately addressed, with proper meta tags, structured data, and language alternates. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, it lacks DNSSEC and some recommended security headers, which could be improved. The presence of a cookie consent mechanism and privacy policy indicates GDPR awareness, though no explicit security policy or incident response contact was found. Overall, the website is professional, trustworthy, and well-suited for its educational purpose. It demonstrates a solid digital maturity level with room for security enhancements. The risk profile is low, with no signs of malicious activity or content safety concerns.

S

Somfy d.o.o.

somfypro.rs

67

Somfy d.o.o. operates a professional B2B website targeting partners and customers in Serbia and the Balkan region, offering window and door automation products and home automation solutions. The company recently consolidated its regional presence by merging its distributor Migro d.o.o. into Somfy d.o.o., reinforcing its market leadership. The website is built on a modern Liferay CMS platform with integrated analytics and marketing tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and secure login forms, though security headers and incident response information could be improved. Privacy compliance is basic but includes cookie consent mechanisms and a privacy policy. Overall, the site reflects a credible and established business with consistent branding and professional content.

S

Somfy

somfy.at

71

Somfy is a well-established company specializing in motorized shading solutions and smart home automation products. The website www.somfy.at serves the Austrian market with a comprehensive product catalog, e-commerce integration, and extensive customer support resources. The company targets private customers, professional partners, and technical planners, positioning itself as a leader in smart home technology and automation. The site is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the website employs modern web technologies including responsive images, SVG icons, JSON-LD structured data, and uses Akamai CDN for performance optimization. The platform appears custom-built with a focus on user experience and SEO best practices. Security measures such as HTTPS, security headers, and privacy compliance mechanisms are well implemented, although explicit security policy and incident response pages are not found. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms aligned with GDPR. The absence of WHOIS data is noted but likely due to privacy protection, which is justified for a commercial brand site. Trust indicators such as Trusted Shops certification and active social media presence further enhance credibility. Overall, the website presents a low risk profile with strong business credibility and technical maturity. Recommendations include publishing explicit security policies and vulnerability disclosure information to further enhance transparency and trust.

A

ARTE Radio

arteradio.com

42

ARTE Radio is a well-established French podcast platform affiliated with the ARTE media group, offering a rich catalog of cultural and documentary audio content. The website demonstrates a high level of content quality, professional design, and user experience, targeting a broad audience interested in podcasts related to culture, society, and music. Technically, the site uses modern frameworks such as Next.js and React, ensuring good mobile optimization and accessibility. However, the security posture is moderate due to the absence of visible security headers and privacy policies. The WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy despite the strong brand association with ARTE. Overall, the site is trustworthy and professional but would benefit from improved transparency in privacy and security practices.

V

Ville de Paris

paris.fr

67

The website paris.fr is the official digital portal of the City of Paris, providing comprehensive access to municipal services, practical information, news, and events for residents and visitors. It serves as a central hub for public service delivery and environmental data dissemination, including water quality and air pollution monitoring. The site demonstrates a high level of digital maturity with modern technologies such as Matomo analytics for privacy-conscious tracking, Algolia for search, and Font Awesome for iconography. The design is professional, mobile-optimized, and accessible, reflecting the city's commitment to user experience. From a security perspective, the site enforces HTTPS and uses asynchronous script loading to enhance performance and security. However, explicit security headers and vulnerability disclosure mechanisms are not evident, suggesting room for improvement in security hardening and transparency. Privacy compliance is basic, with no clear privacy or cookie policies detected in the provided content, which is a critical area for enhancement given GDPR requirements. Overall, the site is trustworthy and authoritative, consistent with its role as a government portal. The absence of WHOIS data is likely due to registry policies or privacy protection common for government domains and does not detract from the site's legitimacy. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure process to strengthen security posture and user trust.

N

NEO handpan

handpan-vyroba.cz

46

The website handpan-vyroba.cz represents a small Czech manufacturing business specializing in the handcrafting of handpans, a unique musical instrument. The business is branded as NEO handpan and led by maker Jiří Káš. The site provides detailed information about the manufacturing process, emphasizing quality materials and manual craftsmanship. The target audience includes musicians and enthusiasts interested in high-quality, artisanal handpans. Technically, the site is built on WordPress 6.8.3, hosted on a Czech hosting provider, and uses modern web technologies such as CanvasJS and SVG icons. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. No contact emails or phone numbers are explicitly provided, which limits direct communication channels. Overall, the site is legitimate, consistent with the business profile, and free from suspicious elements or blocking mechanisms.

S

SIPPEREC

sipperec.fr

42

SIPPEREC is a French public syndicate specializing in energy and digital services for member municipalities, holding a leading market position in electricity concession, renewable energy production, and digital infrastructure in the Île-de-France region. The website is built on TYPO3 CMS and employs modern web technologies including Matomo for privacy-conscious analytics and Tarteaucitron.js for cookie consent management. The site is well-structured, mobile-optimized, and provides comprehensive content relevant to its target audience of local governments and residents. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers are not visibly implemented. Privacy compliance is strong with clear policies and consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but is common for French domains under AFNIC. Overall, the site presents a professional and trustworthy digital presence for a public sector entity.

K

KERAIN, a.s.

kerain.cz

56

KERAIN, a.s. is a Czech company specializing in real estate rental services including residential and commercial properties, alongside production, trade, and other services outside the scope of standard trade licensing annexes. The company maintains strategic partnerships with KERAMOST and KERACLAY, key players in the mining and processing of mineral raw materials in the Czech Republic and abroad, combining traditional manufacturing with modern technological innovations. The website presents a professional and business-focused image with clear contact details and links to official Czech business registries, supporting its market credibility. Technically, the website employs a basic but functional technology stack including jQuery 1.11.3 and Swiper.js for UI elements. The site is mobile-optimized with good design quality and navigation clarity, though some accessibility features could be improved. No advanced CMS or hosting provider details were detected. Performance is moderate, with no evident analytics or tracking scripts, indicating minimal user tracking. From a security perspective, the site uses HTTPS but lacks visible security headers and privacy or cookie policies, which are important for GDPR compliance. The use of an outdated jQuery version poses potential security risks. No forms collecting sensitive data were found, reducing immediate exposure risks. WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional site content. Overall, the website is safe, business-oriented, and trustworthy for general audiences. However, improvements in privacy compliance, security headers, and domain registration transparency are recommended to enhance trust and security posture.

E

Enel Group

enel.com

72

Enel Group is a large multinational energy company operating in over 30 countries, focusing on sustainable and innovative energy solutions. The company offers a broad range of services including energy production, distribution, and renewable energy technologies. Their market position is strong, supported by a consistent brand and a comprehensive digital presence. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies and Adobe Analytics for data insights. The site is well-optimized for SEO, accessibility, and mobile devices, providing a professional user experience. Security posture is good with HTTPS and secure form mechanisms, though some security headers are not explicitly detected and could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the website reflects a mature digital infrastructure aligned with the company's business goals and market stature.

J

Jiří Káš

handpanista.cz

55

The website handpanista.cz is a professionally designed personal business site dedicated to the handpan musical instrument activities of Jiří Káš. It focuses on the production of NEO handpans, handpan courses, workshops, and performances. The site targets handpan enthusiasts and musicians interested in learning and purchasing handpans. The business operates in a niche artisanal musical instrument sector within the Czech Republic and is relatively small in scale, founded in 2019. Technically, the site is built on WordPress 6.8.3 with a custom theme and hosted on cesky-hosting.eu. The site shows good mobile optimization and SEO practices but lacks some advanced accessibility features. Performance is moderate, and the site uses modern web technologies including JavaScript and SVG icons. From a security perspective, HTTPS is enabled ensuring encrypted communication. However, the site lacks important security headers such as Content-Security-Policy and X-Frame-Options, which could improve its security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. No contact emails or phone numbers are explicitly provided, which may affect user trust and business credibility. Overall, the site is safe with no adult or questionable content detected. The domain registration data is consistent with the website content and business claims, supporting legitimacy. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing clear contact information to enhance compliance and trust.

J

Jiří Káš

handpan-kurz.cz

55

The website handpan-kurz.cz is a small-scale educational platform focused on teaching handpan music, primarily through in-person courses and workshops led by Jiří Káš, a recognized handpan player in the Czech Republic. The site offers rich content including detailed explanations, images, and links to related handpan resources and artists, targeting individuals interested in learning and mastering the handpan instrument. Technically, the site is built on WordPress using the Donovan theme, hosted by a Czech hosting provider, and employs modern web technologies such as JavaScript and SVG icons. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks security headers and formal privacy or cookie policies, which limits its compliance posture. No contact emails or phone numbers are explicitly provided, which may affect user trust and business credibility. Overall, the site is legitimate and consistent with its domain registration data, but improvements in privacy compliance and security best practices are recommended.

H

Handpan s.r.o.

handpan.cz

55

Handpan s.r.o., operating the website handpan.cz, is a Czech Republic based small business specializing in the manufacturing, sale, and education of handpan musical instruments. The company offers handpan production under the NEO handpan brand, organizes workshops and courses primarily for beginners and enthusiasts, and provides rich content about handpan history and playing techniques. The website reflects a niche market position with a focus on quality and community engagement. Technically, the site is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Contact information is limited but includes a phone number and physical address in Říčany near Prague. Social media presence on Facebook and YouTube supports brand trust and outreach. Overall, the website is professional, content-rich, and trustworthy, though it would benefit from enhanced privacy compliance and security practices.

E

ecosystem

ecosystem.eco

73

ecosystem is a French eco-organization dedicated to extending the lifecycle of electrical and electronic equipment through repair, reuse, and recycling. Accredited by public authorities, it serves both individuals and professionals with services including locating repairers, donation and recycling points, and providing educational resources. The website is professionally designed, content-rich, and well-structured, targeting a broad audience interested in sustainable management of electrical waste. Technically, the site employs modern analytics tools such as Matomo and Google Tag Manager, along with Cookiebot for consent management. The site is mobile-optimized and accessible, with good SEO practices. However, explicit security headers and detailed security policies are not evident, representing an area for improvement. Security posture is moderate with HTTPS implied but lacking visible advanced security headers or incident response information. The absence of WHOIS data limits domain trust assessment, though the website's professional presentation and public accreditation support its legitimacy. Overall, ecosystem presents a trustworthy and authoritative platform in its domain, with recommendations to enhance security transparency and domain registration visibility to further strengthen trust and compliance.

S

Somfy

somfy.ro

61

Somfy Romania operates as a regional branch of the global Somfy Group, specializing in smart home automation solutions including motorized blinds, security systems, and energy-efficient products. The website demonstrates a professional and consistent brand presence with a clear focus on residential customers and certified professional installers. The technical infrastructure leverages modern JavaScript libraries, structured data, and is hosted on a reputable CDN provider, ensuring moderate to good performance and SEO optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in security headers and incident response transparency. Privacy compliance is partially met with clear privacy and cookie policies, but lacks an explicit cookie consent mechanism. Overall, the site is trustworthy and well-maintained, supporting Somfy's market position as a leading smart home solutions provider in Romania.

S

Somfy

somfy.ma

10

Somfy Maroc is a regional branch of the global Somfy Group, specializing in home automation and connected home solutions. The website presents a comprehensive catalog of products including motors for shutters, alarms, cameras, heating, and lighting automation, targeting Moroccan consumers and homeowners. The company leverages its established brand reputation and offers extensive customer support and sales channels including showrooms and professional installers. Technically, the website uses modern web technologies, including JavaScript frameworks, tag management, and performance monitoring tools, hosted likely on Akamai infrastructure. The site is mobile optimized and SEO friendly, providing a good user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though some advanced security headers could be added. The absence of WHOIS data for the domain is a concern for domain legitimacy verification but does not detract from the strong brand presence and professional content. Overall, the website is well-structured, trustworthy, and compliant with privacy regulations.

S

Somfy

somfy.it

67

Somfy is a well-established company specializing in motors, automation, controls, and smart home solutions primarily targeting residential consumers and professionals in Italy and internationally. The website reflects a mature digital presence with a comprehensive product catalog, multilingual support, and integration with e-commerce and customer account management systems. Technically, the site uses modern web technologies including JSON-LD structured data, SVG icons, and performance monitoring tools, hosted likely on Akamai infrastructure with Magento as the e-commerce backend. Security posture is strong with HTTPS enforcement and standard security headers, though improvements are recommended in cookie consent and explicit security policies. Overall, the site is professional, trustworthy, and aligned with GDPR compliance, supporting Somfy's market position as a leader in home automation.

S

Somfy

somfy.gr

53

Somfy Greece operates as a regional branch of the international Somfy Group, specializing in home automation products including motorized blinds, shutters, security cameras, alarms, heating, and lighting solutions. The website targets both consumers and professionals, offering a comprehensive product catalog and support services. The company is well-established with a founding date of 1969 and maintains a strong market position in the smart home and energy-saving sectors within Greece. Technically, the website is modern, responsive, and well-optimized for SEO and accessibility, leveraging structured data and a robust tech stack including JavaScript and jQuery. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some advanced security headers could be added. Privacy and cookie policies are present and GDPR compliant, supporting user consent mechanisms. Overall, the site reflects a professional, trustworthy, and mature digital presence aligned with business goals.

S

Somfy

somfy.es

66

Somfy Spain operates a comprehensive website offering smart home automation solutions including motors, controls, alarms, and security cameras. The company targets both consumers and professionals, providing a broad product catalog and professional installation services. The website demonstrates a mature digital presence with structured data, social media integration, and multimedia content, positioning Somfy as a reputable player in the smart home technology sector in Spain. Technical infrastructure leverages modern JavaScript libraries and performance monitoring tools, ensuring a responsive and engaging user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is partial, with cookie consent implemented but privacy policy not clearly linked. WHOIS data is unavailable due to registry restrictions, limiting domain trust verification. Overall, the site is professional, trustworthy, and well-optimized, with room for improvement in privacy transparency and security disclosures.

S

Somfy

somfy.ch

69

Somfy is a well-established company specializing in motorized shading products and smart home automation solutions, targeting both private customers and professional partners. The website reflects a mature digital presence with comprehensive product offerings, multilingual support, and clear navigation tailored for the Swiss market. The company leverages modern web technologies and performance monitoring tools to ensure a fast and responsive user experience. Security posture is strong with HTTPS enforcement and no visible vulnerabilities, although some security headers could be enhanced. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the website demonstrates high professionalism, trustworthiness, and business credibility.

S

Somfy

somfy.com.br

66

Somfy Brazil is a leading manufacturer and provider of motorized solutions for window coverings and smart home automation, serving both residential consumers and professional markets. The company offers a wide range of products including motors for blinds, curtains, awnings, gates, garage doors, and integrated smart home controls. The website is well-structured, professionally designed, and optimized for performance and mobile devices, reflecting a mature digital presence. The technical infrastructure leverages modern JavaScript frameworks, responsive design, and performance monitoring tools, hosted on a reliable CDN and infrastructure provider. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though there is room for improvement in explicit security policies and vulnerability disclosure. Overall, the domain registration and WHOIS data align well with the company's branding and history, supporting high legitimacy and trustworthiness.

H

Handpan s.r.o.

neo-handpan.cz

53

Handpan s.r.o., operating the website neo-handpan.cz, is a small Czech company specializing in the artisanal production of NEO handpans, unique handcrafted musical instruments. The business is led by Jiří Káš, who personally manufactures the instruments and offers workshops and courses. The company has a strong local presence and is recognized by Czech musicians and media. Technically, the website is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy compliance mechanisms. The site does not expose sensitive data and shows no signs of vulnerabilities. Overall, the business is credible and trustworthy, but it should improve privacy and cookie policies to enhance compliance and user trust.

L

La Quadrature du Net

mamot.fr

57

Mamot.fr is a French-language Mastodon social networking server operated by La Quadrature du Net, a recognized non-profit organization advocating for digital rights. The platform serves a niche community interested in privacy-focused federated social media, with approximately 2.7K active users. The website is built on the Mastodon 4.4.7 platform, leveraging modern web technologies including React and ES modules, hosted by ScaleWay. The technical infrastructure is solid, with good SSL configuration and secure resource loading practices. However, the site lacks explicit cookie consent mechanisms and terms of service pages, which slightly impacts privacy compliance. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though additional security headers and a vulnerability disclosure policy would enhance trust. Overall, Mamot.fr presents a professional, trustworthy, and privacy-conscious social platform with room for improvement in compliance documentation and user contact transparency.

S

Somfy

somfy.sk

63

Somfy Slovakia operates as a regional branch of the global Somfy Group, specializing in home automation products including motors for blinds, shutters, awnings, gates, and smart home solutions such as alarms, cameras, heating, and lighting control. The website targets Slovak consumers and businesses interested in smart home technology, offering a comprehensive product catalog and support services. The company is well-established, founded in 1969, and maintains a strong market presence with consistent branding and professional digital assets. Technically, the website employs modern web technologies, is mobile optimized, and integrates tracking and analytics tools responsibly. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response information are not publicly disclosed. Overall, the site is trustworthy, compliant with GDPR, and professionally maintained.

I

Internationale Hofer Filmtage

hofer-filmtage.com

60

The Hof International Film Festival is a well-established and important cultural event in Germany, focusing on independent and new cinema. Founded in 1967, it serves as a platform for emerging filmmakers and presents a diverse program of feature films, documentaries, and shorts. The festival is supported by a range of sponsors and partners, including government bodies and media organizations, and maintains a strong presence in the film industry. The website reflects a professional and user-friendly digital presence with comprehensive content and clear navigation. Technically, the site uses modern web technologies and Matomo analytics for user tracking, with good mobile optimization and accessibility. Security posture is solid with HTTPS and no obvious vulnerabilities, though improvements could be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data for the domain is a notable anomaly that slightly reduces trust but does not detract from the overall legitimacy of the organization. Strategic recommendations include enhancing security policies, publishing incident response contacts, and improving privacy compliance transparency.

T

Toyota Financial Services Czech s.r.o.

toyotafinance.cz

65

Toyota Financial Services Czech s.r.o. is a specialized financial services provider focused on branded vehicle financing for Toyota and Lexus in the Czech Republic. The company offers a range of financial products including loans for new and used cars, operational leasing, and insurance services tailored for both private individuals and businesses. With over 25 years of market experience and strong partnerships with Toyota and Lexus dealer networks, the company holds a solid position in the automotive finance sector within the region. The website reflects a professional and consistent brand image, providing clear and accessible information to its target audience. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics and marketing, and a proprietary CMS platform (Edee.one). The site is mobile-optimized, accessible, and SEO-friendly with structured data enhancing search engine visibility. Performance is moderate with no critical errors detected. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with GDPR requirements. From a security perspective, the site uses HTTPS with a good SSL configuration and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no public security policy or incident response information is provided. The WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for financial institutions. Overall, the security posture is solid but could be improved by adding explicit security headers and incident response details. The overall risk assessment is low with recommendations to enhance security transparency and header implementation. The website is trustworthy, professionally maintained, and compliant with relevant privacy regulations, making it a reliable platform for its users.

B

Trending - berlin.social

berlin.social

64

berlin.social is an independent Mastodon social networking instance focused on the Berlin community, providing a platform for local discussions and trending posts. It operates on the open-source Mastodon platform version 4.4.7, leveraging modern web technologies including React and ES modules. The site is accessible without WAF or security challenges and presents a good user experience with mobile optimization and clear navigation. Security posture is moderate with HTTPS likely enabled but lacking explicit security headers and cookie consent mechanisms. Privacy policy is present and GDPR compliance appears basic but adequate for the platform type. WHOIS data is unavailable due to TLD restrictions, but the site shows legitimacy through visible admin accounts and active user statistics.

B

BoursoBank (ex-Boursorama Banque)

boursobank.com

70

BoursoBank, formerly known as Boursorama Banque, is a French online bank positioned as the least expensive bank for 17 years, offering a range of financial services including free bank cards, mortgage loans, life insurance, stock market services, and savings products. The website is professionally designed, mobile-optimized, and compliant with GDPR regulations, featuring a comprehensive cookie consent mechanism. Technically, the site uses modern JavaScript frameworks and fonts, ensuring a good user experience and accessibility. However, the absence of WHOIS registration data raises concerns about domain legitimacy and registration status, which should be further investigated. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit incident response information. Overall, the site presents a trustworthy and professional banking service with room for improvement in transparency and security disclosures.

M

MPOHODA

mpohoda.sk

63

mPohoda is a well-established Slovak company providing comprehensive accounting and economic software solutions tailored for small and medium-sized enterprises. The website reflects a professional and consistent brand image, targeting SMEs primarily in Slovakia. Their key services include accounting, payroll, invoicing, and business analytics, positioning them as a leading software provider in their regional market. The technical infrastructure is modern, leveraging Tailwind CSS and JavaScript, with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although a dedicated security policy and incident response contact could enhance trust further. Overall, the website is compliant with GDPR and cookie regulations, providing clear privacy and cookie policies. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

M

Maison de L'Environnement

maison-environnement.fr

45

Maison de L'Environnement is a well-established non-profit association founded in 1994, focused on promoting ecological transition within the Lyon metropolitan area. The organization coordinates about fifty partner associations and offers services including event organization, a mediathèque, training, and cooperative projects. The website reflects a professional and consistent brand image, targeting both citizens and professionals interested in environmental issues. Technically, the site is built on WordPress, uses modern web technologies, and is optimized for performance and mobile devices. Privacy-conscious analytics via Matomo is implemented, though cookie consent mechanisms are absent. Security posture is good with HTTPS enforced, but lacks some security headers and explicit incident response policies. Overall, the website is trustworthy, accessible, and aligns well with the organization's mission and domain registration data.

S

Studdio

studdio.com

52

Studdio is a French communication agency specializing in comprehensive marketing services including website creation, SEO, social media management, graphic design, logo creation, printing, and signage. The company offers subscription-based communication solutions with monthly fees over 24 to 48 months, targeting businesses seeking efficient and budget-controlled marketing support. The website is professionally designed, mobile-optimized, and provides clear navigation and service descriptions, positioning Studdio as a small but operationally focused agency in the French market. Technically, the website employs modern web technologies such as Google Tag Manager for analytics, Google Fonts for typography, and SVG icons for graphics. The site is served over HTTPS with good SSL configuration, though no explicit security headers were detected. Performance is moderate, with good mobile optimization and basic accessibility features. Privacy and cookie policies are present and indicate GDPR compliance, though no explicit incident response or security policy pages were found. From a security perspective, the website shows a solid baseline with HTTPS and no exposed sensitive data. However, the absence of WHOIS registration data for the domain www.studdio.com is a notable concern, as it raises questions about domain legitimacy and registration consistency. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent in the HTML content. The site lacks explicit security best practices such as security headers and incident response contacts. Overall, Studdio presents a professional and trustworthy front for its communication services, but the missing WHOIS data and limited security disclosures suggest areas for improvement in transparency and security posture. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to strengthen trust and compliance.

S

Swiss National Bank

snb.ch

75

The Swiss National Bank (SNB) operates as Switzerland's central bank, providing essential services including monetary policy implementation, issuance of banknotes and coins, payment transaction facilitation, asset investment, and financial stability oversight. The website serves a broad audience including the general public, financial market participants, media, researchers, and government entities. It positions itself as a key national financial institution with a strong market presence and government backing. Technically, the website employs modern web technologies such as JavaScript, SVG icons, and CSS, likely managed via a custom CMS. It demonstrates excellent performance, mobile optimization, accessibility, and SEO practices. The site uses HTTPS with strong SSL configuration and includes a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site enforces HTTPS, avoids exposing sensitive data, and implements secure forms. However, explicit security policies and incident response contacts are not published, and no vulnerability disclosure or security.txt files are found. Analytics are conducted via a custom SNB service with moderate user tracking and a two-year data retention policy. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with a high legitimacy score based on WHOIS data consistency. Strategic recommendations include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to enhance transparency and security posture.

Č

Česká hiporehabilitační společnost, z.s.

kone-hiporehabilitace.com

60

Česká hiporehabilitační společnost, z.s. operates a specialized website focused on hiporehabilitation, providing educational resources, certification information, and community engagement for professionals and enthusiasts in the field. The organization positions itself as a key non-profit entity in the Czech Republic dedicated to therapeutic and social applications of horse-assisted therapy. The website serves as an information hub with links to partner sites offering courses and events. Technically, the site is built on WordPress with a custom theme and standard web technologies, hosted on Wedos servers. It offers a moderate performance and good mobile optimization but lacks advanced security headers and DNSSEC. Security posture is adequate with HTTPS enabled and cookie consent implemented, though privacy policy and incident response information are missing. Overall, the site is professional, trustworthy, and safe for general audiences, but could improve compliance and security transparency.

L

LogTech

logtech.cz

60

LogTech is a Czech Republic-based company specializing in the integration of logistics technologies, including conveyors, sorting systems, software, and robotics, aimed at optimizing warehouse operations. The company leverages nearly three decades of experience to provide tailored automation and material handling solutions supported by comprehensive service and technical support. Their website reflects a professional and consistent brand presence targeting industrial and logistics sectors seeking efficiency improvements. Technically, the website employs modern web standards with responsive design, Google Fonts, and SVG icons, ensuring good user experience across devices. However, there is no evidence of advanced frameworks or CMS usage, and performance is moderate. Security posture is adequate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published security policies. From a security and compliance perspective, the site includes GDPR and cookie policies with consent mechanisms, but lacks visible incident response contacts, vulnerability disclosure, or security certifications. The absence of WHOIS data for the domain is a concern, reducing trust in domain legitimacy despite the professional site content and clear company contact information. Overall, the website is functional, professional, and privacy-conscious but would benefit from enhanced security practices and domain registration transparency to improve trust and compliance.

O

OX Point - Homepage

oxpoint.cz

68

OX Point operates a network of modern smart lockers designed for municipalities, companies, and households primarily in the Czech Republic. Their services include parcel delivery boxes, luggage storage, municipal smart boxes, corporate logistics solutions, and residential parcel boxes. The website presents a professional and consistent brand image with clear contact information and a focus on accessibility and user experience. Technically, the site employs modern JavaScript frameworks and integrates multiple analytics and marketing tools, including Google Analytics, Hotjar, and Facebook Pixel, with a cookie consent mechanism in place. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers are not explicitly detected and privacy policy documentation is missing. WHOIS data is unavailable, which limits domain trust verification, but the website content and technical setup suggest a legitimate business. Overall, the site is well-positioned in its niche with room for improvement in privacy compliance and security transparency.

S

SFBA.social

sfba.social

70

SFBA.social is an independent Mastodon instance serving the San Francisco Bay Area community, providing a federated social networking platform for microblogging and community engagement. The website leverages the Mastodon 4.4.3 platform with modern web technologies including React and WebSockets, delivering a responsive and user-friendly experience. The platform emphasizes community interaction without advertising or intrusive tracking, focusing on organic social engagement. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks certain security headers and cookie consent mechanisms, which are recommended to enhance security posture and privacy compliance. The absence of WHOIS data due to unsupported TLD or privacy protection limits external trust verification, but the active community and transparent platform usage support its legitimacy. Overall, SFBA.social presents a well-maintained, community-focused social platform with good technical implementation and a moderate security posture. Strategic improvements in privacy compliance and security headers would further strengthen its trustworthiness and user protection.

S

SlotsUp

pl-slotsup.com

10

SlotsUp is a well-established online platform specializing in comprehensive online casino reviews, free slot games, bonus offers, and expert guides primarily targeting the Polish-speaking gambling community. Founded in 2015 and operating under a domain registered in 2022, the company positions itself as a leading collector and provider of casino-related data and content worldwide. The website demonstrates a high level of professionalism with excellent content quality, clear navigation, and responsive design optimized for mobile users. Technically, the site leverages modern web technologies including React and Vite, with Cloudflare DNS and Google Tag Manager integrations, ensuring a robust and scalable infrastructure. Security posture is solid with HTTPS enforced and domain protection statuses active, though improvements are recommended in DNSSEC implementation and security headers. Privacy compliance is partial, with a privacy policy present but lacking explicit cookie consent mechanisms. Overall, SlotsUp presents a trustworthy and credible online presence with room for enhancements in security and privacy transparency.

S

SlotsUp

slotsup.com

72

SlotsUp is a well-established online casino guide and review platform, operating since 2015 and headquartered in Hong Kong. The company offers a comprehensive data-driven and expert content approach to provide users with detailed casino, bonus, and game information, along with safety indexes and ratings. The website is professionally designed, mobile-optimized, and rich in relevant content, targeting adult online casino players globally. Technically, the site uses modern web technologies including React and Vite, with Google Analytics and Tag Manager for tracking. Security posture is good with HTTPS enforced, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is missing, which raises concerns about domain registration transparency. Overall, SlotsUp presents a trustworthy and professional front but should improve domain registration transparency and privacy compliance to enhance trust further.

T

Technologické centrum Praha

tc.cz

52

Technologické centrum Praha is a Czech national technology center focused on supporting the country's participation in the European Research Area. It provides strategic studies, technology transfer, and innovation support services primarily targeting research institutions, SMEs, and public sector entities. The website is professionally designed, mobile-optimized, and uses modern web technologies including Google Analytics and reCAPTCHA for security. While the site enforces HTTPS and includes CSRF tokens in forms, it lacks some security headers and an explicit cookie consent mechanism. The absence of WHOIS data reduces trust assessment confidence but the overall presentation and content quality indicate a legitimate and established organization. Social media presence on major platforms further supports credibility.

D

Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH

giz.de

70

The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH is a German government-owned enterprise specializing in international development cooperation. The organization operates globally to promote sustainable development, offering solutions and partnerships to improve living conditions worldwide. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design, targeting governments, international partners, businesses, and professionals in the development sector. Technically, the site is built on Drupal CMS, uses Matomo for privacy-respecting analytics, and employs a consent management system (Klaro) to comply with GDPR. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy and compliance policies are transparent and comprehensive, supporting GDPR compliance. Overall, the website is trustworthy, professional, and well-aligned with the organization's mission and market position.

T

ThinkDoBeCreate - Stephanie Eckles

moderncss.dev

62

ModernCSS.dev is a specialized educational website authored by Stephanie Eckles under the ThinkDoBeCreate brand, focusing on modern CSS solutions and frontend development techniques. The site offers a rich collection of articles, tutorials, and resources aimed at frontend developers and CSS enthusiasts, positioning itself as a niche expert content provider with strong author credibility and community endorsements. Technically, the site is built using the Eleventy static site generator, leveraging modern web standards including HTML5, CSS3, and JavaScript, with excellent mobile optimization and fast performance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and formal privacy or cookie policies. The site uses minimal tracking via Plausible Analytics and monetizes through Carbon Ads and BuySellAds, maintaining a good balance between user experience and advertising. Overall, the website is trustworthy, professional, and well-maintained, though it could improve compliance by adding privacy and cookie policies and enhancing security headers.

S

Sex18babes.com - XXX Video Free

sex18babes.com

57

Sex18babes.com is an adult entertainment website established in 2018, offering free pornographic video streaming and downloads. The site targets adult audiences with a wide range of explicit content categories and leverages affiliate marketing and advertising for monetization. Technically, it runs on the DataLife Engine CMS with jQuery and SVG icons, hosted behind Cloudflare DNS but lacks advanced security configurations such as DNSSEC and security headers. Privacy compliance is minimal, with no visible privacy or cookie policies, and contact options are limited to a feedback form. The site is accessible without WAF or security challenges, but security posture is weak due to missing HTTPS enforcement and security headers.

S

Sangel Systemtechnik GmbH

helulight.de

48

The website helulight.de represents HELU Connectivity Solutions Bielefeld GmbH, formerly known as Sangel Systemtechnik GmbH, a medium-sized German company specializing in intelligent lighting concepts, cable assemblies, and LED industrial luminaires. The company is part of the HELUKABEL Group, which enhances its market position and product portfolio. The site targets industrial manufacturers and machine builders, offering B2B solutions for process visualization and industrial lighting. Technically, the website is built on the Shopware CMS platform with modern JavaScript and Bootstrap frameworks, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enforced and cookie consent enabled, but lacks advanced security headers and explicit security policies. Privacy compliance is moderate with a privacy policy linked on a partner domain but no dedicated cookie or terms of service pages on the site itself. Overall, the site is professional, trustworthy, and safe for general audiences.

A

Alaio Inc.

bitrix24.net

71

Bitrix24, operated by Alaio Inc., is a comprehensive SaaS platform offering a free online workspace for businesses, integrating CRM, task management, collaboration, and sales tools. It targets businesses and teams seeking to streamline sales, communication, and project management. The platform is positioned as a mature and established player in the business software market, offering extensive features including AI-powered CoPilot tools across various modules. Technically, the website leverages the Bitrix Framework and modern web technologies, with good mobile optimization and SEO practices. Security posture is moderate with HTTPS usage and cookie consent mechanisms, though security headers and incident response details are not evident. The site is transparent with privacy and cookie policies, showing GDPR compliance. Overall, Bitrix24 presents a professional, trustworthy, and feature-rich platform with room for security enhancements.

D

DB SCHENKER

dbschenker.cz

66

DB SCHENKER operates as a leading global logistics and supply chain management provider, offering comprehensive services including land transport, air and ocean freight, contract logistics, and advanced 4PL solutions. The company is positioned as a major player in the transportation sector, supported by its parent company DSV. The website reflects a mature digital presence with multilingual support and customer portals, targeting business clients requiring sophisticated logistics solutions. Technically, the site employs modern web technologies such as web components, Adobe Launch for marketing and analytics, and enforces HTTPS with a strong Content Security Policy, indicating a robust security posture. While WHOIS data is unavailable, the website's professional presentation and linkage to known domains affirm its legitimacy. Overall, the site demonstrates high content quality, technical sophistication, and business credibility, with minor recommendations to enhance security headers and monitoring.

P

Preciosa

preciosa.com

73

Preciosa Group is a well-established manufacturer specializing in crystals, fine jewelry stones, designer lighting, traditional Czech beads and glass, and related machinery and packaging solutions. The company operates globally with a presence on six continents and serves a B2B audience in various manufacturing and decorative sectors. The website reflects a professional and consistent brand image with comprehensive content about their divisions and products. Technically, the site uses modern web technologies including Angular framework and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The missing WHOIS data is a concern for domain legitimacy but the overall digital footprint suggests a credible business. Strategic recommendations include enhancing security headers, publishing security policies, and improving contact transparency.

Č

Čáslavské referendum

caslavske-referendum.cz

42

Čáslavské referendum is a small-scale civic initiative based in the Czech Republic focused on organizing and informing the public about a local referendum concerning the expansion of a waste landfill. The website serves as an information hub for residents of Čáslav, providing updates, media links, and calls to action for participation and financial support. Technically, the site is built on WordPress using the Kadence theme and blocks, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. The absence of privacy and cookie policies represents a compliance gap. WHOIS data is unavailable, which slightly reduces trust but the site content and external references support legitimacy.

Mayfield Brain & Spine operates a professional healthcare blog focused on neurosurgery, brain, and spinal conditions. The website serves as an educational and informational platform targeting patients and healthcare professionals interested in spine care and neurosurgical advancements. The business is positioned as a leading regional neurosurgery practice with a medium-sized operation founded in 2012. Technically, the website is built on WordPress using the Gridbox theme, hosted by Bluehost, and employs modern web technologies such as jQuery and SVG icons. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the website is trustworthy and professional but could improve in privacy and security policy transparency.