Security Directory

LEELOODLES is a small, youth-led ecommerce business specializing in humorous and creative tshirts and apparel based in Toronto, Canada. The website is hosted on the Big Cartel platform and integrates Stripe and PayPal for payment processing. The business targets a general audience interested in unique, themed apparel, leveraging social media channels for brand presence. The website design and navigation are good, with mobile optimization and clear product listings. However, the site lacks critical privacy and cookie policies, and no direct contact emails or phone numbers are provided, only a contact form. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. WHOIS data is inconsistent and suspicious, showing a future domain creation date and a drop-catching registrar, which raises legitimacy concerns despite the professional website content. Overall, the site is functional and safe but requires improvements in privacy compliance and domain registration transparency.

M

Mudation.com

mudation.com

53

Mudation.com is a small Indonesian media platform focused on providing a space for young people to express their writing talents and foster reading interest. The website operates on WordPress with a moderate technical infrastructure including Cloudflare DNS and uses common SEO and advertising tools. The content is accessible, well-structured, and targeted primarily at Indonesian youth. However, the WHOIS data shows inconsistencies, with the domain registration date set in the future and registered by a domain backorder service, which raises questions about the domain's legitimacy and continuity. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is functional and safe but would benefit from improved security practices and clearer business legitimacy indicators.

The website tampines-condo.com is currently inaccessible to the public, returning a 403 Forbidden error page that blocks access to any substantive content. The domain is relatively new, registered in 2022 with NameCheap and hosted on SiteGround servers. Due to the access restriction, no business information, contact details, or privacy policies are available on the site. The technical infrastructure is minimal, with basic HTML and CSS and no detected scripts or analytics. Security posture is limited, with no DNSSEC enabled and no security headers observed. Overall, the site appears to be either under development, restricted, or misconfigured, limiting the ability to assess its business or security maturity.

The website newlaunchguru.sg is currently inaccessible to the public, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2017 under Exabytes Network (Singapore) Pte Ltd and hosted on SiteGround servers. Due to the access restriction, no business information, contact details, or policies are available on the site. The technical infrastructure is minimal with basic HTML and CSS, and no advanced frameworks or CMS detected. Security posture is weak with no DNSSEC and missing security headers, although HTTPS is enabled. Privacy compliance is absent as no privacy or cookie policies are found. Overall, the site appears to be either under maintenance, restricted, or misconfigured, limiting any comprehensive analysis.

C

ceskecasino.com

ceskecasino.com

70

CeskeCasino.com is a Czech-language online casino guide providing comprehensive information on licensed casinos, bonuses, free spins, and casino game guides targeted at adult players in the Czech Republic. The website is well-structured with clear navigation and uses modern web technologies including WordPress, Bootstrap, and Google Tag Manager for analytics. Despite the professional presentation and good content quality, the absence of WHOIS domain registration data raises concerns about domain legitimacy. Security posture is moderate with HTTPS enabled but lacks visible security headers and explicit privacy or cookie policies. Contact information and incident response details are not present, limiting transparency. Overall, the site serves as a useful resource for Czech online casino players but would benefit from enhanced security and compliance disclosures.

wreckage/salvage is a personal blog and micro-studio website run by Erin Kissane, focusing on topics related to networks and technology. The site offers blog posts and paid membership content, targeting a general audience interested in thoughtful technology discussions. The business model centers on content publishing with subscription options, positioning itself as a niche independent content creator in the media industry. The website was launched in 2024, consistent with the domain age and content timeline. Technically, the site is built on the Ghost CMS platform, leveraging modern web technologies including JavaScript, Stripe for payments, Google Fonts, and CDN services for performance. The site is mobile optimized and provides a good user experience with clear navigation and structured content. Performance is moderate, with room for improvement in accessibility features. From a security perspective, the website enforces HTTPS and uses secure forms for subscriptions. However, it lacks explicit security headers such as Content Security Policy and HSTS, and does not provide privacy or cookie policies, which are important for compliance and user trust. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected with minimal information, which aligns with the personal nature of the site but limits trust signals. Overall, the website is professionally presented with good content quality and technical implementation but would benefit from enhanced privacy compliance, security hardening, and clearer business contact information to improve trust and compliance posture.

T

The Roof is on Phire

phirephoenix.com

10

The Roof is on Phire is a personal blog operated by Jenny, known online as phire or phirephoenix. The site focuses on thoughtful commentary across technology, politics, work culture, and social issues, supplemented by a political newsletter project called Show Up Toronto. The blog targets a general audience interested in these topics and operates on a content publishing model with newsletter subscriptions for community engagement. Technically, the site is built using the Jekyll static site generator, hosted on NearlyFreeSpeech.net, and employs modern web standards with good mobile optimization and SEO practices. Security posture is moderate with HTTPS usage and domain transfer protection, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is safe, trustworthy, and professionally maintained, though improvements in security and privacy disclosures are recommended.

S

ShopTalk Show

shoptalkshow.com

53

ShopTalk Show is a well-established podcast focused on front end web design and user experience, hosted by Dave Rupert and Chris Coyier. The site serves a niche audience of web professionals and enthusiasts, providing weekly episodes and community engagement through Patreon and Discord. The business model centers on content creation and listener support. Technically, the website is built on WordPress with Jetpack and uses Cloudflare DNS, delivering a moderate performance and good mobile optimization. Security posture is solid with HTTPS and domain EPP protections, though improvements are needed in DNSSEC and security headers. Privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the site is professional, trustworthy, and content-rich, but could enhance compliance and security transparency.

C

Coaching Kompetenzzentrum KLG

coaching-kompetenzzentrum.ch

49

Coaching Kompetenzzentrum KLG is a Swiss-based small business specializing in coaching education, mentoring, mediation, and team development services. The website presents a professional and well-structured platform targeting individuals and organizations interested in coaching and professional development. Their offerings include a 10-day coaching course, seminars, individual coaching sessions, and certification as a 'betrieblicher Mentor'. The business positions itself as a niche regional coaching education center with strong local partnerships and a clear focus on quality training and professional growth. Technically, the website is built on Joomla CMS with modern web technologies such as Bootstrap, jQuery, and LayerSlider. It is mobile-optimized with good SEO practices and uses Google Analytics and Tag Manager for analytics. The site employs HTTPS with an excellent SSL configuration and includes a cookie consent mechanism, demonstrating awareness of privacy compliance. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site shows good practices with no visible vulnerabilities or exposed sensitive data. The cookie consent banner and privacy policy indicate GDPR compliance. The WHOIS data aligns with the website's Swiss business identity, supporting legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website is trustworthy, professionally maintained, and compliant with privacy standards. Strategic improvements could include adding security headers, publishing an incident response policy, and implementing a vulnerability disclosure mechanism to enhance security posture and trust further.

B

b-come, business coaching & mentoring

b-come.ch

54

b-come.ch is a Swiss-based professional coaching and mentoring training institute recognized by the International Coaching Federation (ICF) and operated by Gesformat sàrl. The website presents a professional and well-structured platform offering certified coaching education and mentoring services targeting professionals seeking to enhance their coaching skills. The business model focuses on delivering recognized training programs and professional services in the education sector. Technically, the site is built on WordPress using the Divi theme, enhanced with Yoast SEO for search optimization, and employs modern web technologies including Google Fonts and jQuery. Security posture is strong with HTTPS enforced and multiple security headers present, indicating good adherence to web security best practices. However, the absence of explicit privacy and terms of service pages represents a compliance gap that should be addressed to improve GDPR adherence and user trust. Overall, the website is safe, professional, and trustworthy, with moderate room for improvement in privacy compliance and contact transparency.

G

Google

dart.dev

71

Dart.dev is the official website for the Dart programming language, an open-source, portable, and productive language supported by Google. The site serves developers and software engineers by providing comprehensive documentation, tutorials, tools like DartPad, and package management resources. It positions Dart as a modern language for building high-quality apps across multiple platforms including mobile, web, and backend. The website reflects a mature and enterprise-level digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site leverages modern web technologies including Dart, JavaScript, Google Fonts, and the Jaspr web framework. It is hosted and integrated with Google services such as Google Analytics and Tag Manager, ensuring fast performance and mobile optimization. Accessibility and SEO practices are well implemented, contributing to a positive user experience. From a security perspective, the website enforces HTTPS, employs multiple security headers, and avoids exposing sensitive data. Privacy and cookie policies are linked to Google's comprehensive policies, indicating good compliance with GDPR and other regulations. However, explicit incident response contacts and vulnerability disclosure mechanisms are not present, representing an area for improvement. Overall, the website is trustworthy, professional, and secure, with a high AI-assessed score. Strategic recommendations include adding a security.txt file, publishing incident response contacts, and enhancing transparency on data retention to further strengthen security posture and compliance.

G

Google LLC

pub.dev

75

Pub.dev is the official package repository for the Dart programming language and Flutter framework, operated by Google LLC. It serves as a central platform for developers to find, publish, and manage reusable libraries and packages, supporting the vibrant Dart and Flutter ecosystems. The website is positioned as a trusted and authoritative source, featuring curated Flutter Favorites, trending packages, and top Dart packages, targeting software developers and organizations using Dart and Flutter technologies. Technically, the site leverages modern web technologies including Dart-based frameworks, Google Tag Manager, Google Analytics, and Material Design CSS. It is hosted on Google infrastructure, ensuring high performance, fast loading times, and excellent mobile optimization. The site is well-structured with comprehensive metadata, Open Graph tags, and JSON-LD structured data to enhance SEO and accessibility. From a security perspective, pub.dev demonstrates a strong posture with enforced HTTPS, multiple security headers, and a cookie consent mechanism compliant with GDPR. However, it lacks a publicly visible vulnerability disclosure policy or security.txt file and does not provide explicit incident response contact channels. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, pub.dev is a highly professional, secure, and trustworthy platform with excellent content quality and technical implementation. Strategic recommendations include publishing a formal vulnerability disclosure policy, enhancing incident response transparency, and continuing to maintain strong privacy compliance to further strengthen trust and security culture.

The website timothygu.me is a personal site and blog for Tiancheng "Timothy" Gu, focusing on technology topics and personal experiences. It serves as a portfolio and content hub with blog posts dating back to 2014-2015. The site is hosted on GitHub Pages using a Jekyll theme, leveraging modern web technologies such as Google Fonts and Font Awesome. Analytics are implemented via Google Analytics and Tag Manager, indicating moderate user tracking. The site is mobile optimized and well-structured, providing a good user experience with clear navigation and consistent branding. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, it lacks important security headers and formal privacy or cookie policies, which reduces its compliance posture. The domain is privacy protected but consistent with the personal nature of the site and its age aligns with the content timeline. No WAF or blocking mechanisms are detected, allowing full content access. Overall, the site demonstrates good technical implementation and business credibility for a personal website but falls short on privacy compliance and security best practices. Strategic improvements in policy disclosures and security headers would enhance trust and compliance.

G

Google Open Source

googlesource.com

65

Google Open Source is a dedicated platform by Google LLC that promotes and supports open source software development. The website serves as a hub for Google's open source projects, programs, and community engagement initiatives. It targets developers and contributors worldwide, providing resources, documentation, and program information such as Google Summer of Code. The site is professionally designed, mobile-optimized, and offers multilingual support, reflecting Google's high digital maturity and commitment to accessibility and SEO best practices. Technically, it leverages Google's proprietary Devsite framework, Google Fonts, Material Icons, and integrates Google Analytics and Tag Manager for performance and user behavior insights. Security posture is strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data, although explicit security headers and a public security policy page are not detected. Privacy compliance is robust, linking to Google's comprehensive privacy and cookie policies with consent mechanisms in place. Overall, the domain registration and WHOIS data confirm the site's legitimacy as an official Google property. The website is safe for general audiences with no adult or questionable content detected.

The website www.frezar.cz represents a small Czech manufacturing business specializing in custom milling and machining services, primarily targeting small and medium-sized clients requiring precise metal, wood, and polyamide parts. The business is operated by Zdeněk Jelínek and offers services such as custom milling, precise drilling, and thread cutting. The website is professionally designed with clear navigation and relevant content, supporting a moderate market position in the manufacturing sector. Technically, the site uses modern frontend technologies including jQuery, Bootstrap, and Swiper.js, and integrates Google Analytics for visitor tracking. The site is mobile-optimized with moderate performance and basic accessibility features. However, no CMS or hosting provider information is discernible. The site uses HTTPS, but lacks security headers and privacy/cookie policies, indicating room for improvement in security and compliance. From a security perspective, the site shows a good baseline with HTTPS enabled and no visible sensitive data exposure or vulnerable forms. The absence of security headers and privacy policies, however, reduces the overall security posture and GDPR compliance. WHOIS data is unavailable, likely due to privacy protection, which is common for small businesses but reduces transparency. No WAF or blocking mechanisms were detected, and the site content is safe with no adult or questionable material. Overall, the website is a credible and professional representation of a small machining business but would benefit from enhanced security headers, privacy and cookie policies, and improved compliance documentation to strengthen trust and security posture.

S

Synetix, s. r. o.

domacimed.cz

50

Domácí med is a Czech language online magazine focused on beekeeping and honey products, providing educational content, consumer advice, recipes, and seasonal guides for beekeepers and honey enthusiasts. The website is operated by Synetix, s. r. o., and targets a general audience interested in apiculture and natural honey. The site is well-structured with consistent branding and good quality content, serving a niche market in the Czech Republic. Technically, the website uses modern frontend technologies including Bootstrap, jQuery, Google Fonts, and integrates Google Analytics and Adsense for tracking and monetization. It employs HTTPS and a consent management platform to comply with GDPR requirements, although explicit privacy and terms of service pages are not found. Security posture is moderate with HTTPS enabled but lacks visible security headers and explicit contact information for incident response. The absence of WHOIS data reduces trustworthiness from a domain registration perspective, but the website content and technical setup appear legitimate and professional. Overall, the site is functional and informative but could improve transparency and security practices.

M

INDIVIDUAL PRODUCTS

medistik.eu

58

The website medistik.eu is an e-commerce platform specializing in healthcare products, particularly natural and cooling therapy items such as Medistik Ice Roll-on and Natural Cold Spray. The site targets consumers interested in wellness and healthcare retail products. The business model is focused on direct online sales with product detail pages and a shopping cart system. The website demonstrates consistent branding and a professional presentation with clear navigation and product categorization. Technically, the site uses a combination of jQuery, Bootstrap, and other common JavaScript libraries, along with Google Analytics for visitor tracking. The site appears to be custom-built or uses a proprietary CMS, with moderate performance and good mobile optimization. SEO practices are adequately implemented with meta tags and canonical URLs. From a security perspective, the site uses HTTPS and has a cookie consent mechanism, indicating basic privacy compliance. However, no advanced security headers were detected in the HTML content, and there is no visible incident response or vulnerability disclosure information. The WHOIS data is privacy protected, which is common for commercial sites, and no suspicious patterns were found. Overall, the security posture is moderate but could be improved with additional headers and explicit security policies. The overall risk assessment is low to moderate. The site is professional and functional but would benefit from enhanced security practices and more transparent business contact information. Strategic recommendations include implementing security headers, improving form protections, and providing clearer business and security contact details.

P

Printerka J&R s.r.o.

printerka.sk

42

Printerka J&R s.r.o. operates a specialized event service business in Slovakia, providing photobooth and instant photo printing solutions for corporate events, weddings, parties, and festivals. The company positions itself as a regional leader with over a decade of experience and a professional online presence. Their website is well-structured, visually appealing, and targets event organizers and agencies seeking photo printing services. Technically, the site uses standard web technologies including jQuery, Google Analytics, and Facebook Pixel, but relies on an outdated jQuery version which may pose security risks. The site is HTTPS enabled and uses asynchronous loading for analytics, contributing to moderate performance and good mobile optimization. Security posture is adequate but could be improved by adding security headers and updating libraries. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible consent mechanisms. Contact information is limited to contact forms without direct emails or phone numbers, which may impact user trust. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

L

Letter of Intent

letterofintent.com.au

66

Letter of Intent is a specialized Australian business news platform delivering daily email newsletters focused on finance, M&A, ECM, and VC deals. The site targets professionals such as bankers, lawyers, and investors, positioning itself as a niche media provider within the Australian finance sector. The business model revolves around free daily email subscriptions, leveraging partnerships such as with Capital Brief. Technically, the website is built on modern web technologies including Webflow, Google Fonts, and third-party newsletter embeds (beehiiv). The site demonstrates good design quality, mobile optimization, and SEO practices, though some accessibility features are basic. Security posture is moderate with secure form submissions but lacks explicit security headers and cookie consent mechanisms. WHOIS data is limited due to Australian domain privacy policies, but no suspicious patterns were detected, and the registrar is reputable. Overall, the website is professional and trustworthy with room for improvement in security and privacy compliance.

A

AŽD Praha s.r.o.

azd.cz

54

AŽD Praha s.r.o. is a leading Czech company specializing in the manufacturing and supply of security and control systems for transportation, focusing primarily on railway and road transport sectors. The company offers a broad range of products and services including telecommunications, automation technologies, system integration, and training. Their market position is strong within the Czech Republic and they maintain a professional online presence with comprehensive information about their offerings and corporate policies. Technically, the website employs modern web technologies such as Vue.js for chatbot functionality, Google reCAPTCHA for form security, and LinkedIn Insight for analytics, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the professional content and compliance indicators. Overall, the website reflects a well-established business with a focus on transportation technology and security solutions.

K

Sportovní vybavení a potřeby, krejčovství na míru - konig.cz

konig.cz

42

Konig.cz is a Czech Republic-based retailer specializing in sports equipment and related services, including rental and technical tailoring. The website presents a comprehensive catalog of products for winter and summer sports such as skiing, snowboarding, windsurfing, and kiting. The business model combines e-commerce with physical rental and service offerings, targeting sports enthusiasts in the Czech market. Technically, the site uses a mix of common web technologies including jQuery, Bootstrap, and Google Analytics, with a custom or niche CMS platform. The site is mobile-optimized and offers good navigation and content relevance. Security posture is moderate with HTTPS enabled but missing some recommended security headers and lacking a vulnerability disclosure policy. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective but the site content and structure indicate a legitimate small business. Overall, the site scores well in content quality and business credibility but could improve in security and privacy compliance.

C

cyklotury.cz

cyklotury.cz

46

Cyklotury.cz is a Czech Republic based small-scale content portal focused on cycling tours, equipment reviews, and travel tips for cycling enthusiasts of all ages. The website offers a variety of articles and blog posts related to cycling tourism primarily in the Czech Republic and neighboring countries. It operates a content-driven business model monetized through advertising and affiliate partnerships, with a consistent brand presence and active social media engagement on Facebook, YouTube, and Instagram. Technically, the site is built on Drupal 7 CMS with a technology stack including jQuery, Google Fonts, Google Analytics, and Facebook SDK. The site is mobile optimized with moderate performance and basic accessibility features. SEO practices are reasonably implemented with proper meta tags and structured content. However, the use of an outdated CMS version poses potential security risks. From a security perspective, the site uses HTTPS with anonymized IP tracking in Google Analytics but lacks important security headers such as Content-Security-Policy and X-Frame-Options. No privacy or cookie policies were found, indicating compliance gaps with GDPR and other privacy regulations. The WHOIS data for the domain is unavailable, which reduces trustworthiness and raises questions about domain registration legitimacy. Overall, Cyklotury.cz presents a good quality content experience for its niche audience but requires improvements in privacy compliance, security hardening, and domain legitimacy verification to enhance trust and reduce risk.

H

Herzog & Adelmann Gruppe

germanwebawards.com

60

German Web Awards is a reputable annual award event recognizing the best web agencies in Germany, focusing on design, know-how, service, and customer satisfaction. The awards have been running for six years and are organized by Herzog & Adelmann Gruppe, a known entity in the German digital agency space. The website is professionally designed, mobile-optimized, and provides clear information about the awards, participation, winners, and evaluation criteria. It targets German web agencies and digital service providers aiming to gain recognition and market differentiation. Technically, the site uses modern web technologies including Webflow CMS, GSAP animations, and hosts multimedia content on Amazon S3. The domain is registered with GoDaddy and shows no privacy protection, aligning with the business's transparency. Security posture is good with HTTPS and domain status protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is strong with a comprehensive privacy policy, cookie consent mechanism, and GDPR adherence. Contact information is clearly provided, enhancing business credibility. Overall, the site presents a trustworthy, professional, and well-maintained digital presence.

R

Ranxplorer

kifdom.com

52

KifDom is a French niche marketplace specializing in the acquisition and resale of expired .fr domain names, targeting SEO professionals and domain investors. The website is professionally designed, mobile-optimized, and provides clear navigation with comprehensive domain listings, auctions, and immediate purchase options. The business is operated by Ranxplorer, a company accredited by AFNIC since 2014, indicating a stable market presence. Technically, the site uses modern frontend technologies including Bootstrap, Tailwind CSS, and Google Tag Manager, with HTTPS enforced for secure communications. Security measures include CSRF protection and session management, though some standard security headers are not explicitly detected. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy in French, consistent with GDPR requirements. Contact is primarily via a web form, with no direct emails or phone numbers publicly listed. WHOIS data for the domain is unavailable or shows no match, which raises minor concerns about domain registration transparency but does not detract significantly from the site's legitimacy. Overall, KifDom presents a trustworthy and functional platform for expired domain transactions in the French market.

T

Triggerbee

triggerbee.com

61

Triggerbee is a Denmark-based technology company founded in 2014 that provides an all-in-one onsite marketing platform designed to help businesses convert website traffic through personalization, forms, promotions, surveys, referrals, and gamification. The company targets businesses seeking to enhance onsite marketing effectiveness using SaaS solutions. The website is built on WordPress with Elementor, leveraging modern web technologies and integrating multiple analytics and advertising tools such as Google Analytics, Microsoft Clarity, Facebook Pixel, and LinkedIn Ads. Hosting appears to be on Microsoft Azure, inferred from cookies. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not fully published. Privacy compliance is partially addressed with a detailed cookie consent banner but lacks a clearly accessible privacy policy and terms of service. Overall, the website demonstrates good technical maturity, professional design, and consistent branding, supporting a high trustworthiness level.

Las Empresas Verdes is a Spanish-language media platform focused on sustainability, innovation, and corporate social responsibility topics. The website targets professionals and organizations interested in green business practices, providing news, articles, and insights to promote environmental awareness. The business appears to be a small-sized entity founded around 2019, with a niche market position in sustainability media. Technically, the website is built on WordPress using the Astra theme and several plugins including SureCart for e-commerce capabilities. The site shows good SEO practices with comprehensive metadata and structured data, and it is mobile optimized with moderate performance. Hosting and domain registration are managed through IONOS SE, a reputable registrar, with standard DNS parking services. From a security perspective, the site uses HTTPS and has domain transfer protections enabled. However, DNSSEC is not enabled, and no advanced security headers were detected. There are no published privacy, cookie, or security policies, nor incident response or vulnerability disclosure information, which indicates room for improvement in compliance and transparency. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve user trust and regulatory adherence.

G

Greentology

greentology.life

41

Greentology is a Spanish-language media outlet dedicated to publishing high-quality content focused on sustainability, green business, and environmental topics. The website serves a niche audience interested in green innovation, NGOs, foundations, and lifestyle aspects related to sustainability. The business model centers on content publishing and opinion dissemination, positioning itself as a specialized media platform in the sustainability sector. The site is professionally designed, with consistent branding and a clear navigation structure, supported by a WordPress CMS infrastructure enhanced with popular plugins such as Yoast SEO and Elementor.

I

Industry News MX

industrynewsmx.com

45

Industry News MX is a Spanish-language media platform focused on delivering news and information about various industrial sectors in Mexico, including manufacturing, energy, and transportation. The website positions itself as a leading source for industry professionals and stakeholders in Mexico, providing news articles, video content, and event coverage. The platform appears to be moderately sized and founded around 2018, with a consistent brand presence and good content quality. Technically, the site is built on WordPress using popular plugins such as Yoast SEO and WPBakery Page Builder, with embedded YouTube videos and integration of Google Fonts and jQuery libraries. The site is mobile-optimized and has good SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and incident response contact information. Privacy and cookie policies are not found, indicating compliance gaps. WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website appearance. Overall, the site is functional and professional but would benefit from improved transparency and security practices.

M

Metalmecánica

metalmecanica.com

68

Metalmecánica is a Spanish-language online platform serving the metalworking community in Latin America, connecting suppliers and professionals with industry-specific content, product catalogs, and services. The website demonstrates a professional design and uses modern web technologies including Bootstrap, jQuery, Google Tag Manager, and analytics tools such as Google Analytics and Microsoft Clarity. The platform offers a variety of services including supplier directories, job listings, and industry news, positioning itself as a regional hub for the metalworking sector. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Additionally, the lack of explicit privacy and cookie policies and contact information indicates gaps in privacy compliance and business transparency. Security posture is moderate with HTTPS implied but missing explicit security headers and incident response details. Overall, the site is functional and well-designed but would benefit from enhanced transparency and security practices.

M

Manufactura Latam

manufactura-latam.com

64

Manufactura Latam operates as a specialized online directory and content platform serving the manufacturing industry in Latin America, primarily Mexico. It offers a comprehensive supplier directory, product catalogs, industry news, articles, events, and a digital magazine, targeting manufacturing professionals and companies seeking industry information and business connections. The platform leverages modern web technologies including Bootstrap, jQuery, and integrates multiple analytics and tracking tools such as Google Analytics, Microsoft Clarity, and LinkedIn Insight. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, but lack explicit security headers and published privacy or cookie policies, indicating room for compliance improvement. The absence of WHOIS registration data raises concerns about domain legitimacy, despite the professional appearance and functionality of the website.

G

Global Industries

globalindustries.mx

51

Global Industries is a Mexican business news publication targeting industry leaders and decision makers across sectors such as energy, manufacturing, construction, and transportation. The website provides industry news, analyses, and virtual editions to inform professionals and business executives. Technically, the site is built on WordPress with common SEO and advertising plugins, including Yoast SEO and Google Tag Manager, indicating a moderate level of digital maturity. The site is mobile optimized and uses HTTPS with good SSL configuration, but lacks visible privacy and terms of service policies. Security posture is adequate with no visible vulnerabilities, though security headers could be improved. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact information.

G

Gobierno de México

gob.mx

54

Gob.mx is the official digital portal of the Mexican federal government, providing citizens with access to federal procedures, social programs, and government services. It serves as a centralized platform to facilitate government-citizen interactions, offering key services such as procedure lookup, social program information, and secure authentication via LLave MX. The portal targets Mexican citizens and residents seeking government services online, positioning itself as the authoritative government digital gateway. Technically, the website employs modern web technologies including JavaServer Faces with PrimeFaces, jQuery, and Swiper.js for UI components. It leverages Google Fonts and Google Tag Manager for typography and analytics respectively. Hosting appears to be supported by Akamai CDN, ensuring performance and availability. The site is mobile optimized with responsive design and basic accessibility features. From a security perspective, the site uses HTTPS with strong SSL configuration and includes several security headers. However, it lacks explicit cookie consent mechanisms and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The domain WHOIS data confirms the site is legitimately registered to the Mexican government, reinforcing trust. Overall, gob.mx demonstrates a mature digital government presence with good technical and security posture. To enhance compliance and user trust, it should implement explicit cookie consent, publish security and privacy policies more prominently, and provide clear contact information for data protection and incident response.

The Cámara de Comercio del Canadá en México, A.C. is a well-established non-profit organization founded in 1982 that serves as the voice of Canadian businesses in Mexico. The website reflects a professional business chamber focused on promoting trade, investment, and networking between Canada and Mexico. It targets Canadian and Mexican business communities and offers services such as events, committees, and corporate partnerships. The site is built on the concrete5 CMS platform and uses common web technologies like jQuery, Bootstrap, and Font Awesome. Hosting is likely provided by GoDaddy, consistent with WHOIS data. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy and security best practices.

D

DRILL IT

drill-it.com

60

DRILL IT is a newly launched online education platform specializing in Brazilian Jiu-Jitsu training, offering video modules and courses for all skill levels. The platform targets individuals interested in learning martial arts online, primarily French-speaking users. The business operates on a small scale with a niche focus in the education sector. Technically, the website is built on the Bubble.io platform, integrating Stripe for payment processing and using modern JavaScript libraries such as Howler.js. The site demonstrates basic mobile optimization and SEO practices but lacks advanced accessibility features. Security posture is moderate with HTTPS enabled and domain status protections, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy and compliance policies are absent, representing a significant gap in GDPR adherence and user trust. No contact information or incident response channels are provided, limiting transparency and user support. Overall, the website is functional and relevant but requires enhancements in security, privacy compliance, and business credibility to improve trust and regulatory adherence.

D

Dojomania

dojomania.com

58

Dojomania is a French-based e-commerce retailer specializing in combat sports equipment such as judo, karate, taekwondo, boxing, and MMA gear. The website offers a wide range of products including kimonos, belts, gloves, bags, and personalized embroidery services. It targets martial arts practitioners and clubs, positioning itself as a specialist retailer with a professional online presence. The site is built on the PrestaShop platform, leveraging modern web technologies and providing multilingual support. Security posture is good with HTTPS and security headers implemented, though there is no visible security policy or incident response information. Privacy and cookie policies are present and GDPR compliant. The absence of WHOIS data is a concern for domain legitimacy but the website content and contact information suggest a legitimate business. Overall, the site is well designed, functional, and trustworthy for its target audience.

F

First-id

first-id.fr

47

First-id is a French technology company specializing in privacy-compliant user identification solutions that do not rely on cookies or emails. Their platform enables advertisers, media publishers, agencies, and adtech companies to unify and activate first-party data across devices and browsers, enhancing marketing reach and personalization. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content including client testimonials and partner logos, indicating a credible market position. Technically, the site is built on WordPress with modern frameworks and includes consent management tools, reflecting good digital maturity. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, though the absence of explicit security and incident response policies is noted. Overall, the site is trustworthy and well-optimized, but the lack of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy.

F

Fédération de MMA Français

fmmaf.fr

45

The Fédération de MMA Français (FMMAF) is the national governing body for Mixed Martial Arts in France, providing licensing, club affiliation, training, and event organization services. The website positions FMMAF as a professional federation affiliated with the International Mixed Martial Arts Federation (IMMAF), targeting MMA practitioners, clubs, and enthusiasts across France. The business model focuses on regulatory oversight, athlete development, and promotion of MMA as a sport within the country. Technically, the website is built on WordPress using the Divi theme and several specialized plugins such as EventON for event management and Matomo for analytics. The site is well-structured with good SEO practices including JSON-LD structured data and Open Graph metadata. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating a good baseline security posture. However, the absence of explicit privacy policy and terms of service documents, as well as no visible incident response or vulnerability disclosure information, suggests room for improvement in compliance and transparency. Overall, the website is trustworthy and professional, though the lack of WHOIS registrant data and some compliance documents slightly reduce the trust score. Strategic recommendations include publishing comprehensive privacy and security policies, implementing a vulnerability disclosure program, and enhancing accessibility and compliance features.

S

Sector s.r.o.

animaky.cz

42

Animaky.cz is an online media platform operated by Sector s.r.o., offering a large catalog of free animated fairy tales and cartoons primarily targeted at children and families in Czech and Slovak languages. The website features popular series such as Máša a Medvěd, Tom a Jerry, and Mr. Bean, providing categorized and searchable video content. The business model relies on advertising revenue, with Google Adsense and Google Ad Manager integrated for monetization. The platform maintains a consistent brand presence and leverages social media channels like Facebook for audience engagement. Technically, the website employs modern web technologies including jQuery, lazy loading, Google Fonts, and FontAwesome icons. It uses HTTPS with good SSL configuration and includes SEO-friendly meta tags and Open Graph data. The site is moderately optimized for performance and mobile devices, though accessibility features are basic. Analytics and tracking are implemented via Google Analytics and Google Tag Manager, indicating moderate user tracking. From a security perspective, the site enforces HTTPS and includes standard security headers, but lacks visible cookie consent mechanisms and published security policies. The absence of WHOIS data for the domain reduces trustworthiness and complicates domain legitimacy verification. No critical vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is basic, with a privacy policy available on the parent domain but no explicit cookie or terms of service pages. Overall, Animaky.cz presents a professional and trustworthy platform for children's animated content with room for improvement in privacy compliance and transparency. Strategic recommendations include implementing cookie consent banners, publishing terms of service and security policies, and enhancing accessibility and incident response disclosures.

R

Ringier Media Slovakia s.r.o.

nativne.sk

73

Natívne.sk is a creative studio operating under the media publishing house Ringier Media Slovakia s.r.o., focusing on native advertising and creative content production for the Slovak internet market. The website presents a professional and consistent brand image, targeting advertisers and media clients within Slovakia. Technically, the site is built on the Webflow platform, leveraging modern web technologies and hosting, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and cookie consent implemented, though lacking advanced security headers and published security policies. Privacy compliance is partial due to the absence of a dedicated privacy policy and terms of service pages. Overall, the site is trustworthy and well-positioned within its market segment.

T

Transparency International – Česká republika o.p.s.

ruzovypatnik.cz

63

Transparency International – Česká republika o.p.s. is a well-established non-profit organization dedicated to fighting corruption and promoting transparency in the Czech Republic. With a small but effective team, they focus on advocacy, legal expertise, public education, and free legal counseling. Their website reflects their mission with professional content, clear messaging, and a focus on public awareness. The organization has been active for over 20 years, positioning itself as a trusted entity in the anti-corruption space. Technically, the website is built on Webflow and uses modern web technologies including Google Tag Manager and CookieScript for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Privacy compliance is strong, with a comprehensive cookie policy and GDPR-aligned consent mechanisms. Security-wise, while HTTPS is assumed, explicit security headers and policies are not evident. No security.txt or incident response information is published, which could be improved. The WHOIS data is unavailable, likely due to privacy protection, which is common for non-profits but reduces transparency somewhat. Overall, the website is professional, trustworthy, and aligned with its mission. The main risks relate to limited publicly available security policies and lack of WHOIS transparency. Strategic improvements in security posture and transparency would enhance trust further.

H

Hodnocení nezávislosti veřejných institucí

nezavisleinstituce.cz

46

The website 'Hodnocení nezávislosti veřejných institucí' is a Czech non-profit project operated under the umbrella of Transparency International ČR. It focuses on evaluating the independence of 30 significant public institutions in the Czech Republic using 40 formal and factual criteria. The project aims to provide a comprehensive picture of institutional resilience against political or external influence, offering data-driven insights and recommendations to improve governance and transparency. The site targets government stakeholders, civil society, and the general public interested in institutional integrity. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and Yoast SEO, leveraging modern web fonts and responsive design. The site is well-structured with good SEO practices and moderate performance. Security-wise, HTTPS is enforced, and secure forms are used; however, the absence of security headers and explicit privacy or cookie policies indicates room for improvement in compliance and security posture. The WHOIS data for the domain is unavailable, which raises concerns about domain registration transparency. Despite this, the association with Transparency International ČR and the professional presentation lend credibility. No signs of WAF or content blocking were detected, allowing full content access and analysis. Overall, the website is a credible, well-maintained informational resource with a clear mission but would benefit from enhanced privacy compliance and security policy disclosures to strengthen trust and regulatory adherence.

I

Integrity Watch Česká republika

integritywatch.cz

45

Integrity Watch Česká republika is a specialized transparency platform focused on monitoring the financial activities of Czech political parties from 2017 to 2022. It provides detailed visualizations and data tables to promote political transparency and accountability. The platform is affiliated with Transparency International Czech Republic, enhancing its credibility and trustworthiness. Technically, the website uses modern JavaScript libraries such as D3.js and dc.js for interactive data visualization and is hosted on DigitalOcean, indicating a reliable infrastructure. However, the site lacks explicit privacy and cookie policies, and no contact information is provided, which may affect user trust and compliance. Security-wise, the site uses HTTPS but lacks visible security headers and incident response contacts, suggesting room for improvement in security posture. Overall, the website is professional, content-rich, and trustworthy for its target audience but should enhance privacy compliance and security transparency to improve its overall risk profile.

F

FTV Prima, spol. s r.o.

primadoma.cz

41

Primadoma.cz is a Czech media website focused on hobby, DIY, and home improvement content. It operates as part of the Prima media group, a well-established media entity in the Czech Republic. The site offers a variety of content including competitions, video shows, and social media engagement targeting hobby enthusiasts and DIY audiences. The business model is primarily media content delivery supported by advertising and partnerships. The website is professionally designed with consistent branding and good content quality, serving a large audience in the Czech Republic.

meteoblue AG operates a professional weather forecasting platform offering detailed meteorological data including forecasts, radar, satellite imagery, and weather warnings. The company targets a broad audience from general users to professionals requiring precise weather data. The website demonstrates a mature digital presence with multilingual support, structured data, and integration of modern web technologies such as Google Tag Manager and Google Ads for analytics and advertising. Security posture is good with HTTPS enforced, though explicit security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and consent mechanisms. However, the absence of WHOIS data for the domain introduces some uncertainty about domain registration transparency. Overall, the site is professional, trustworthy, and technically sound.

D

Destinační agentura České středohoří, o.p.s.

stredohori.cz

48

The website stredohori.cz serves as a comprehensive regional tourism portal for the České středohoří area in the Czech Republic. It provides detailed information about local attractions, events, accommodations, and services, targeting tourists and visitors interested in cultural, outdoor, and recreational activities. The site is operated by Destinační agentura České středohoří, o.p.s., a small regional destination management organization established in 2011. The business model focuses on promoting regional tourism and supporting local service providers through information dissemination and event promotion. From a technical perspective, the website employs modern web technologies including Google Fonts, Google Analytics, and Google Tag Manager, with a responsive design optimized for mobile devices. The site is hosted likely by Wedos, consistent with the domain registrar information. Performance is moderate with good SEO and basic accessibility features. The site uses HTTPS with a valid SSL certificate, ensuring secure communications. Security posture is solid with HTTPS enforced and a cookie consent mechanism that complies with GDPR requirements. However, the site lacks explicit privacy policy and terms of service pages, as well as published security policies or incident response contacts. No security headers were detected in the HTML content, which could be improved to enhance security. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is trustworthy and professional, with a clear focus on regional tourism promotion. Strategic recommendations include publishing comprehensive privacy and security policies, implementing security headers, and providing explicit incident response contacts to improve compliance and security maturity.

The website represents the Rada dětí a mládeže Středočeského kraje, a regional non-profit organization focused on youth activities and education within the Central Bohemian Region of the Czech Republic. It serves as an information hub for youth-related events, competitions, and educational programs, supported by regional government and the Ministry of Education. The site targets children, youth organizations, and stakeholders interested in youth development in the region. Technically, the website is built on Joomla CMS and leverages common web technologies such as jQuery, Bootstrap, Google Fonts, Facebook SDK, and Google reCAPTCHA. The site is mobile-optimized with a moderate performance profile and good SEO practices. However, it lacks some modern security headers and formal privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the site uses HTTPS with a good SSL configuration and includes CSRF tokens and reCAPTCHA for form security. No critical vulnerabilities or exposed sensitive data were detected. The absence of explicit privacy and cookie policies and security headers are notable gaps. The site is not blocked by any WAF or security challenge, allowing full content access. Overall, the website is trustworthy and professional for its non-profit purpose but would benefit from enhanced privacy compliance and security hardening to align with best practices and regulatory requirements.

M

Městský úřad Vyškov

novyvyskov.cz

59

The website www.novyvyskov.cz serves as an official municipal information portal for the city of Vyškov, Czech Republic, focusing on urban development projects linked to the modernization of the railway infrastructure and related city improvements. It provides residents and stakeholders with detailed information about ongoing and planned construction projects, investment plans, and urban revitalization efforts. The site is positioned as a trusted source of local government communication and community engagement. Technically, the site is built on the Webflow platform, utilizing modern web technologies such as Google Fonts, Leaflet.js for mapping, and Google Tag Manager for analytics. The site is mobile-optimized and demonstrates good design and navigation clarity. However, a visible license error in the dynamic map component slightly detracts from the user experience. The site employs cookie consent mechanisms and maintains a comprehensive privacy policy, indicating a good level of privacy compliance. From a security perspective, the site enforces HTTPS and uses cookie consent but lacks visible advanced security headers and explicit security or incident response policies. The absence of WHOIS data for the domain is a notable concern, reducing the overall trust score. Despite this, the official municipal branding and partner logos lend credibility to the site. No malicious or adult content is present, and the site appears safe for general audiences. Overall, the site is a well-constructed municipal information resource with moderate technical maturity and a generally good security posture. Addressing the WHOIS data gap, fixing the map license issue, and enhancing security headers would improve trust and security standing significantly.

B

Bubble Group, Inc

valorimetre.com

67

Bubble Group, Inc operates Bubble.io, a leading no-code platform that enables users ranging from first-time founders to experienced engineers to build, design, and launch web applications rapidly without coding. The platform supports SaaS, marketplaces, and CRM applications hosted on Bubble's cloud infrastructure. The website content and metadata confirm a strong market position as a pioneer in visual programming and no-code development tools. Technically, the site leverages modern JavaScript libraries, Google Fonts, and animation frameworks, hosted on Cloudflare with robust SSL encryption. The presence of multiple analytics and marketing tools indicates a mature digital marketing strategy. Security posture is solid with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled. Privacy and cookie policies are comprehensive and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site is professional, well-branded, and trustworthy, with no signs of malicious or adult content.

P

Play Fortune For Fun

playfortuneforfun.com

66

Play Fortune For Fun is a specialized online casino review and rating platform targeting adult gambling enthusiasts. The website offers curated casino reviews, bonus offers, and game guides to help users find the best online casinos. It positions itself as a trusted source with expert content authored by Victor Bagan, an experienced online gambling expert. The platform operates on WordPress CMS with a Laravel Nova backend, leveraging modern web technologies and SEO best practices. While the site is well-structured and mobile-optimized, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. The domain is newly registered in 2024, which is inconsistent with the website's claimed content history dating back to 2020, suggesting a recent domain acquisition or rebranding. Overall, the site is professional and trustworthy but should improve compliance and security practices.

C

CVVZ

cvvz.cz

51

CVVZ is a non-profit organization that hosts an annual event focused on youth resilience, wellbeing, and experience exchange in Kolín, Czech Republic. The event features lectures, workshops, and volunteer opportunities, supported by regional authorities and national partners. The website demonstrates a good level of professionalism with consistent branding and clear navigation, targeting youth, volunteers, and educators. Technically, the website uses modern web technologies including ES modules, Bootstrap, and Google Fonts, with a moderate performance profile and good mobile optimization. However, there is no explicit CMS or hosting provider information. Security headers are not detected, and privacy and cookie policies are missing, indicating areas for improvement in compliance and security posture. The security posture is moderate with HTTPS usage implied but lacking visible security headers and vulnerability disclosures. The absence of WHOIS data is a concern for domain legitimacy, though the website content and partner endorsements suggest a legitimate and trusted organization. Overall, the site is safe for general audiences and does not contain any adult or explicit content. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, publishing vulnerability disclosure information, and verifying domain registration details to enhance trust and compliance.