Security Directory

9

970 Design

970design.com

64

970 Design is a small marketing agency based in Vail, Colorado, specializing in branding, custom website design, and storytelling for purpose-driven brands. The company has been established since 2011, with a professional online presence that reflects its niche market focus. The website is built on WordPress and leverages modern technologies such as jQuery, Cloudflare Stream, Google Tag Manager, and reCAPTCHA to provide a functional and secure user experience. Cookie consent is managed via CookieYes, indicating some level of privacy compliance, although no explicit privacy policy or terms of service pages were detected. Security posture is generally good with HTTPS enabled and domain registration details consistent and transparent. However, DNSSEC is not enabled, and no formal security or incident response policies are published on the site.

M

Musikvertrieb AG

muve.ch

41

Musikvertrieb AG is a Swiss indie music distributor and record label founded in 1935, specializing in marketing national and international artists and labels such as PIAS and muve recordings. The company targets music industry professionals and consumers interested in indie music distribution. The website is built on WordPress using the Brooklyn theme and incorporates modern technologies including Google Analytics, Facebook Pixel, and reCAPTCHA, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and published security policies, indicating room for improvement. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy with a moderate risk profile.

L

La Cour des comptes de Genève

cdc-ge.ch

51

La Cour des comptes de Genève is the official governmental audit institution serving the Geneva public sector. It provides audit, evaluation, and consultation services to improve public action performance. The website targets government officials, public stakeholders, and citizens interested in governance transparency. The institution holds a stable market position as the official audit authority in Geneva. Technically, the website is built on WordPress with modern frontend libraries such as Swiper.js and Fancybox, and uses Google Fonts and reCAPTCHA for security. The site is moderately performant and mobile-optimized with good SEO practices. Security posture is strong with HTTPS and reCAPTCHA, but lacks some security headers and explicit policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

F

Fribourg International Film Festival

fiff.ch

53

Fribourg International Film Festival (FIFF) is a well-established non-profit cultural organization based in Switzerland, dedicated to promoting intercultural understanding through cinema. The festival emphasizes films that provoke reflection and discussion, targeting film enthusiasts, cultural communities, and educational institutions. The website reflects a mature digital presence with multilingual support, rich content, and clear navigation tailored to its audience. The business model relies on ticket sales, partnerships, and sponsorships, positioning FIFF as a significant player in the international film festival circuit. Technically, the site is built on Drupal 10 with modern web technologies and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager. Security measures include HTTPS enforcement, secure forms with reCAPTCHA, and standard security headers, although formal security policies and incident response plans are not publicly documented. Privacy compliance is partially addressed with a comprehensive data protection policy but lacks a visible cookie consent mechanism. Overall, the website is professional, trustworthy, and safe for general audiences.

V

Visions du Réel

visionsdureel.ch

54

Visions du Réel is a well-established international film festival based in Nyon, Switzerland, with a rich history dating back to 1969. The organization focuses on showcasing documentary cinema and offers a variety of services including film calls, industry networking, and public mediation. The website reflects a mature digital presence with excellent content quality, clear navigation, and strong branding consistency. Technically, the site is built on WordPress with modern frameworks and libraries, optimized for performance and mobile use. Security measures such as HTTPS, security headers, and reCAPTCHA are implemented, though some privacy compliance aspects like cookie consent and detailed policies could be improved. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

P

Parc Aventure

parc-aventure.ch

48

Parc Aventure is a well-established adventure park operator in Switzerland, offering outdoor adventure experiences across multiple locations including Aigle, Sion, and Signal de Bougy. The company targets families, individuals, groups, schools, and corporate clients with a variety of adventure courses and event organization services. Their business model includes online ticket sales and group bookings, positioning them as a regional leader in the hospitality and leisure sector. The website reflects a mature digital presence built on WordPress with modern SEO and marketing tools integrated. Security posture is strong with HTTPS and security headers implemented, although privacy compliance could be improved with explicit GDPR details and cookie consent mechanisms. Overall, the site is professional, trustworthy, and user-friendly, supporting the company’s market position effectively.

M

Musikvertrieb AG

musikvertrieb.ch

52

Musikvertrieb AG is a Swiss independent music distributor and record label with a long history dating back to 1935. The company focuses on marketing and distributing national and international artists and labels, including partnerships with notable entities such as PIAS and muve recordings. The website reflects a professional presence in the media industry, targeting music industry professionals and independent artists. Technically, the site is built on WordPress using the Brooklyn theme, leveraging modern web technologies and asynchronous loading of analytics and tracking scripts. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, but lacks visible security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

B

Blue Day S.r.l.

blueday.it

55

Blue Day S.r.l. is an established IT services company based in Vicenza, Italy, founded in 2006. The company offers a comprehensive range of IT solutions including IT assistance, communication services, web services, application solutions, and sales services primarily targeting small and medium enterprises (PMI) in the local region. Their market position is strong locally, supported by a long domain history and active social media presence. Technically, the website is built on WordPress with modern plugins and tracking tools, showing a moderate to good level of digital maturity and performance. Security posture is adequate with HTTPS and DNSSEC enabled, use of reCAPTCHA, and cookie consent mechanisms, but lacks explicit security headers and vulnerability disclosure policies. Privacy compliance is partial due to missing explicit privacy and terms of service pages. Overall, the website is professional, trustworthy, and safe for general audiences.

A

ABR SESTA

abrsesta.com

65

ABR SESTA is a well-established market research agency based in Poland, with a history dating back to 1996. The company offers a comprehensive range of research services including consumer research, business customer surveys, retail audits, and advanced analytics such as AI and Big Data. Their website reflects a professional and consistent brand image, targeting businesses and corporations seeking market insights to make informed decisions. The company has a medium-sized market presence with a solid client base and testimonials from reputable clients. Technically, the website is built on WordPress with modern plugins and tracking tools, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA in place, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service pages. Overall, the site is trustworthy and credible, though improvements in compliance and security practices are advised.

M

MidaTicket

midaticket.it

42

MidaTicket is a leading Italian ticketing platform specializing in both physical and digital ticket sales for cultural events, museums, theaters, cinemas, sports, and theme parks. The platform offers a white-label, customizable solution that integrates seamlessly with client websites, emphasizing brand identity. It holds a strong market position in Italy, issuing over 26 million tickets in 2024, and serves a broad audience of event organizers and ticket buyers. Technically, the website is built on WordPress with Elementor and JetEngine, leveraging modern web technologies and third-party services like Google Tag Manager and Queue-it for performance and analytics. The site demonstrates good digital maturity with responsive design, SEO optimization, and structured data implementation. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and reCAPTCHA integration, though some security headers and policies could be improved. Privacy compliance is strong, with a comprehensive cookie policy and GDPR adherence. Contact information is primarily via a contact form, with no explicit emails or phone numbers publicly listed. Overall, the website is professional, trustworthy, and well-positioned in its niche, with room for enhancements in security policy transparency and incident response readiness.

O

OpNet S.p.A.

opnet.it

66

OpNet S.p.A. is a medium-sized Italian telecommunications company specializing in wholesale fiber and 5G network services. With over 20 years of experience in building and managing public networks, OpNet positions itself as a national wholesale operator serving telecommunications providers and wholesale clients. The website reflects a professional business model focused on network infrastructure solutions. Technically, the site is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and ActiveCampaign. The site is well-optimized for SEO and mobile devices, with good content quality and clear navigation. Security posture is strong with HTTPS, DNSSEC, and security headers implemented, although no explicit security policy or incident response information is published. Privacy compliance is robust, featuring a comprehensive privacy and cookie policy with consent mechanisms. Overall, the website and domain registration data indicate a legitimate and trustworthy business presence in the telecommunications sector.

F

Flazio

flazio.org

72

Flazio is a technology company providing an easy-to-use website builder platform targeting individuals and small businesses seeking to create websites without coding. The platform offers multilingual support and emphasizes fast, template-based website creation with SEO optimization features. The website is professionally designed with good content quality and consistent branding, positioning Flazio as a competitive player in the online website creation market. Technically, the site employs modern JavaScript libraries, multiple analytics and marketing tools, and push notification services, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS data reduces transparency and trust slightly but does not negate the professional appearance and functionality of the site. Overall, Flazio presents a moderate risk profile with recommendations to enhance privacy compliance and security best practices.

L

LDV20

ldv20.com

66

LDV20 is a small Italian technology company specializing in startup consulting and business innovation services. The website is professionally designed using WordPress CMS, featuring multilingual support and modern web technologies such as Google Maps API, Google Tag Manager, and Cookiebot for cookie consent management. The site is secured with HTTPS and employs reCAPTCHA for form protection. However, the absence of WHOIS registration data raises concerns about domain legitimacy, despite the active and professional online presence. Privacy and terms of service policies are not clearly presented, indicating room for compliance improvements.

A

Association Môm’Art

mom-art.org

43

The website mom-art.org represents Association Môm’Art, a French non-profit organization dedicated to promoting family visits to museums through educational resources, charters, and participative content. The site is well-structured, primarily in French, targeting families and cultural institutions. Technically, it is built on WordPress with the Astra theme, hosted by OVH sas, and uses common web technologies including Google Analytics and reCAPTCHA for security on forms. The security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact is mainly via forms and social media, with no direct phone or email contacts clearly provided. Overall, the site is trustworthy and professionally maintained but could improve privacy and security practices.

G

Global Air Drone Academy

lakevictoriachallenge.org

47

The African Drone Forum (ADF) operates as the largest network of drone professionals across Africa, providing critical support for market entry, localization, and regional strategy. Their services include B2B introductions, access to Civil Aviation Authorities (CAA), expo visibility, and hands-on business support, positioning them as a key player in the African drone industry. The website reflects a professional and consistent brand presence, targeting drone professionals and businesses seeking to expand or establish themselves in the African drone market. Technically, the website is built on the Squarespace platform, leveraging modern web technologies such as Google Fonts, Google reCAPTCHA for form security, and a community widget from Circle.so. The site is hosted on Squarespace's CDN, ensuring moderate performance and good mobile optimization. SEO and accessibility features are basic but functional, with proper meta tags and structured data present. From a security perspective, the site enforces HTTPS with HSTS enabled, uses reCAPTCHA to protect forms, and does not expose sensitive data. However, the absence of explicit privacy, cookie, and terms of service policies, as well as lack of direct contact information, represents gaps in privacy compliance and user trust. The WHOIS data is privacy protected or unavailable, which is common but slightly reduces transparency. Overall, the website presents a moderate risk profile with good security fundamentals but needs improvements in privacy compliance and contact transparency. Strategic recommendations include adding comprehensive privacy and cookie policies, publishing terms of service, and providing clear contact channels to enhance trust and compliance.

E

E-Wide S.r.l.

e-wide.it

66

E-Wide S.r.l. is an Italian Energy Services Company specializing in energy efficiency and renewable energy solutions. As part of the Tremagi group, it leverages extensive industry experience to provide innovative services such as building energy requalification, photovoltaic installations, relamping, and renewable energy communities. The company targets condominiums, businesses, and public entities, positioning itself as a comprehensive energy solutions provider in Italy. The website reflects a professional and modern digital presence, built on WordPress with SEO and analytics integrations, showcasing projects and partnerships to reinforce credibility. Security measures include HTTPS and reCAPTCHA, but lack explicit published security policies or incident response contacts. Privacy compliance is partially addressed with a cookie consent mechanism, though no privacy or terms policies are directly found. Overall, the domain registration and website content align well, indicating a trustworthy and established business.

B

Boxol

boxol.it

56

The analyzed page is a queue management softblock page provided by Queue-it for the domain boxol.it. It serves as a waiting room to control user access to the Boxol home page, employing CAPTCHA challenges to prevent bots and manage traffic flow. The page itself contains minimal business content and no direct contact or policy information, indicating it is a service layer rather than a primary business website. The technical infrastructure relies on Queue-it's proprietary scripts and third-party CAPTCHA services, demonstrating a moderate level of digital maturity focused on security and bot mitigation. However, the lack of visible privacy, cookie, or terms policies and absence of contact details limits compliance and user trust. Overall, the security posture is moderate due to the use of multiple bot detection mechanisms, but the inability to access the underlying business content due to the queue softblock reduces the completeness of the analysis.

N

Notre Territoire

notre-territoire.com

45

Notre Territoire is a French website specializing in publishing public inquiry notices across France, serving as a primary source of information for citizens interested in administrative and public consultation processes. The platform offers free access to notices, search by city or region, and filtering options to refine inquiries. Technically, the website employs modern analytics tools such as Google Analytics and Matomo, integrates bot protection via DataDome, and uses reCAPTCHA for form security. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS enforced and bot mitigation in place, though some HTTP security headers and explicit security policies are not evident. Privacy compliance is addressed through a cookie consent banner and a privacy policy page, indicating GDPR awareness. However, the absence of WHOIS data raises concerns about domain registration legitimacy, and no direct contact or incident response information is visible, which could impact trust. Overall, the website is functional, professional, and serves its niche well but would benefit from enhanced transparency and domain registration verification.

K

Kanne Brottrunk

kanne-brottrunk.de

42

Kanne Brottrunk is a German company specializing in the production and sale of organic fermented bread drink products, with a history spanning approximately 35 years. The website targets health-conscious consumers interested in vegan and organic beverages. The business operates primarily in the retail sector, emphasizing natural and alcohol-free products. The website demonstrates consistent branding and good content quality, supporting its market position as an established organic health beverage provider. Technically, the website employs modern technologies including Google Tag Manager, Cookiebot for GDPR-compliant cookie management, and Google reCAPTCHA for bot protection. The site is served over HTTPS, ensuring secure communication. While no explicit CMS or hosting provider is identified, the site shows moderate performance and good mobile optimization. SEO and accessibility features are basic to good. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR. However, some common security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, representing an area for improvement. No vulnerabilities or exposed sensitive data were found. The site lacks a published security policy or incident response contact, which could enhance trust and compliance. Overall, the website is safe, professional, and trustworthy, with no adult or questionable content. The domain registration data is consistent with the business claims, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and providing clearer contact information to improve user trust and compliance.

H

Hohenzollern Apotheke

hohenzollern-apotheke.de

50

Hohenzollern Apotheke operates as a local pharmacy business with three physical locations in Münster, Germany, providing retail pharmacy services and customer consultation. The website targets local customers seeking pharmaceutical products and services, emphasizing extended opening hours and good customer service. The business model is retail-focused with a clear local market presence. Technically, the website employs modern web technologies such as Google Tag Manager, Cookiebot for cookie consent management, and Google reCAPTCHA for bot protection. The CMS appears to be ProcessWire, and hosting is managed via DomainControl nameservers, likely GoDaddy. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit policies are missing. Privacy compliance is partial, with a cookie consent banner but no visible privacy policy or terms of service pages. No contact information or data protection officer details are found, which limits transparency. Overall, the website is functional and professional but would benefit from enhanced privacy and security disclosures to improve trust and compliance.

E

Essi

essi.pl

51

Essi.pl is a Polish e-commerce retailer specializing in office equipment such as shredders, laminators, cutters, and air purifiers. The company boasts over 20 years of market presence and offers professional advisory services alongside warranty and post-warranty repairs with door-to-door service. The website targets Polish businesses and office users, providing a comprehensive product catalog and related services. Technically, the site is built on the PrestaShop platform, utilizing common e-commerce modules and tracking tools like Google Analytics and Tag Manager. The site is mobile-optimized with good navigation and content relevance. Security posture is moderate with HTTPS enforced and reCAPTCHA implemented, but lacks advanced security headers and DNSSEC. Privacy compliance is basic, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration data aligns well with the business claims, indicating legitimacy.

S

Studio gazoline

studiogazoline.com

57

Studio Gazoline is a well-established communication agency based in Montpellier, France, with over 20 years of experience in digital marketing, website creation, SEO, and graphic design. The company targets businesses seeking comprehensive communication and digital marketing services, primarily in the Montpellier region and nearby cities. Their service portfolio includes communication strategy, SEO, web development using popular CMS and frameworks, webmarketing, and visual communication. The website reflects a professional and consistent brand image with strong trust indicators such as client logos and certifications. Technically, the website is built on Drupal 7 and leverages modern JavaScript libraries and frameworks including jQuery, Bootstrap, and Accordion-js. It integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, Hotjar, and Google Tag Manager, indicating a mature digital marketing infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS and includes reCAPTCHA for form protection and a GDPR-compliant cookie consent mechanism. However, it lacks explicit security headers and published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, Studio Gazoline presents a strong digital presence with good technical and marketing capabilities. The main risk area is the lack of WHOIS transparency and some missing security best practices. Addressing these gaps would enhance trust and security posture significantly.

I

Institut F2I

institut-f2i.fr

59

Institut F2I is a private educational institution based in France specializing in post-baccalaureate education in information technology, digital technologies, and commerce. Founded in 2012, it offers courses from BAC to BAC+5 levels, including initial and alternating (work-study) programs. The institution targets students and professionals seeking specialized education in these sectors. The website reflects a focused educational business model with consistent branding and relevant content tailored to its audience. Technically, the website is built on WordPress CMS using modern libraries such as Bootstrap, jQuery, and Swiper, hosted by OVH. It employs Google Tag Manager and Google Analytics for tracking and marketing purposes, alongside reCAPTCHA for bot protection. The site demonstrates moderate performance and good mobile optimization but lacks advanced accessibility features. Security-wise, the website uses HTTPS with a good SSL configuration and some best practices like reCAPTCHA; however, it lacks security headers and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies despite the presence of cookie consent SDK. Overall, the website is professional and credible but requires improvements in privacy disclosures and security hardening to enhance trust and compliance.

O

Office Jack

officejack.de

70

Office Jack is a specialized e-commerce retailer based in Germany, focusing on ergonomic office furniture including height-adjustable desks and office chairs. The company targets businesses and institutes looking for modern, ergonomic office solutions. Their market position is that of a niche provider with a strong emphasis on quality, customization, and customer trust, supported by certifications such as Trusted Shops and CHIP Leading Shops 2025. The website is professionally designed, well-branded, and provides clear contact and business information. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. The site is mobile-optimized and SEO-friendly, with good performance and accessibility standards. Security posture is strong with HTTPS enforced and bot protection via reCAPTCHA, although some security headers could be improved. No WAF or blocking mechanisms interfere with content access, allowing full analysis. Privacy compliance is robust with a comprehensive privacy policy and cookie consent mechanism in place. No critical vulnerabilities or suspicious patterns were detected in the WHOIS data or website content. Overall, Office Jack presents a trustworthy and professional online presence with a solid technical foundation and good compliance practices, suitable for its business model and target market.

T

TPF Consultores

tpf.pt

51

TPF Consultores is a well-established Portuguese consulting company specializing in project design and supervision, primarily in the energy and transportation sectors. With over 45 years of experience and a significant workforce, the company positions itself as a leader in infrastructure consulting and project management. Their website reflects a professional and consistent brand image, targeting business and public sector clients internationally. Technically, the website employs modern web technologies and tracking tools, including Google Analytics and reCAPTCHA, indicating a moderate level of digital maturity. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policies and some recommended security headers, suggesting room for improvement in security posture. Overall, the domain registration data aligns well with the business claims, supporting the site's legitimacy. Strategic recommendations include enhancing security headers, publishing clear security and incident response policies, and improving contact information visibility to strengthen trust and compliance.

W

WEDOS Internet, a.s.

automatickemlyny.eu

49

Automatické mlýny is a cultural and educational complex located in Pardubice, Czech Republic, integrating multiple institutions and contemporary architectural projects. The website serves as a portal for event information, venue details, and cultural programming aimed at a broad audience including families, children, seniors, and cultural enthusiasts. The business model revolves around managing cultural venues, hosting events, educational workshops, and providing rental spaces. The site is positioned as a regional cultural hub with a strong community focus. Technically, the website is built on WordPress 6.3.2, utilizing common plugins for event management and GDPR compliance. It employs modern web technologies including jQuery, Google Tag Manager, and Google Analytics for tracking and performance. The site is mobile-optimized with a responsive design and good SEO practices, although some lazy loading images show errors which could impact user experience. From a security perspective, the website enforces HTTPS and uses Google reCAPTCHA to mitigate bot activity. Cookie consent mechanisms are implemented in compliance with GDPR. However, some security headers are missing or not explicitly detected, and no formal security policy or incident response information is published. No critical vulnerabilities or suspicious patterns were identified in the content or domain registration. Overall, the website demonstrates a good level of professionalism, security posture, and privacy compliance suitable for a cultural institution. Recommendations include enhancing security headers, fixing image loading issues, and publishing clearer contact and security policies to improve trust and user experience.

F

Fort Wayne Zoo

fwzoo.com

56

Fort Wayne Zoo is a well-established regional zoo located in Indiana, positioning itself as a leading summer family attraction. The website reflects a professional and engaging platform offering detailed information on admissions, events, memberships, education, and conservation efforts. The zoo targets families and local visitors with a focus on animal education and community engagement. Technically, the site is built on WordPress with modern marketing and analytics integrations, including Google Tag Manager, Facebook Pixel, and TikTok Pixel, indicating a mature digital marketing strategy. Security posture is solid with HTTPS and reCAPTCHA usage, though improvements are recommended in DNS security and HTTP security headers. Privacy compliance is basic, with privacy and terms policies present but lacking cookie consent mechanisms. Overall, the site is trustworthy, well-branded, and provides a positive user experience.

D

Descartes Développement & Innovation

descartes-devinnov.com

45

Descartes Développement & Innovation (DDI) is a French organization focused on fostering innovation in sustainable urban development within the Paris-Est region. It operates as a technopole, providing information, promotion, networking, and project engineering services, alongside managing a fablab and an incubator. The website reflects a professional and modern digital presence built on WordPress with WooCommerce and Elementor, indicating a mature technical infrastructure. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though the absence of a public privacy policy and terms of service pages suggests room for compliance improvement. The lack of WHOIS data reduces domain trustworthiness, but the active social media presence and quality content support legitimacy. Overall, the site is well-positioned in its niche but should enhance transparency and compliance documentation.

M

M+H

mh.cz

58

M+H is a Czech Republic based small business specializing in automotive services including chiptuning, decarbonization, and car media systems. The company claims 28 years of experience, positioning itself as an established player in the automotive enhancement sector. The website is built on WordPress with modern SEO and analytics tools, indicating a moderate level of digital maturity. Security posture is good with HTTPS enforced and use of reCAPTCHA and cookie consent, but lacks visible security policies and incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website content and branding appear professional and consistent. Overall, the site is safe and suitable for general audiences with no adult or questionable content detected.

C

Com'Un Panneau

com-un-panneau.com

51

Com'Un Panneau is a French small business specializing in the creation of custom circulation plans and signage, including factory entrance signs and safety boards. The company targets industrial and manufacturing clients requiring tailored visual communication solutions. The website reflects a niche market position with a professional presentation and clear service offerings. The technical infrastructure is based on WordPress with modern integrations such as Google Tag Manager and Sendinblue for marketing and analytics. Security measures include HTTPS and reCAPTCHA on forms, but lack some advanced security headers and explicit privacy policies. The absence of WHOIS data raises some concerns about domain registration legitimacy, though the website content and design partially mitigate trust issues. Overall, the site is functional, business-focused, and safe for general audiences.

B

Big Shock s.r.o.

bigshock.cz

50

Big Shock s.r.o. operates the official website for the Big Shock energy drink brand, offering a range of energy beverages, ice teas, coffees, energy bars, sugars, and branded merchandise. The site targets consumers primarily in the Czech Republic and serves as an e-commerce platform with promotional content and social media integration. The company positions itself as a prominent player in the energy drink market with a strong brand presence and active marketing campaigns. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Cookiebot for cookie consent, OneSignal for push notifications, and reCAPTCHA for bot protection. The site is mobile optimized with responsive design and uses HTTPS with appropriate security headers, indicating a good level of digital maturity. However, some accessibility features and explicit privacy policy documentation are lacking. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, use of security headers, and bot mitigation. No critical vulnerabilities or exposed sensitive data were detected. The absence of a dedicated privacy policy and contact information for security or incident response reduces compliance maturity. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for commercial brands. Overall, the website is professionally designed, secure, and functional for its business purpose. Strategic improvements in privacy documentation, contact transparency, and accessibility would enhance compliance and user trust. The risk profile is moderate with no immediate security concerns but room for governance enhancements.

R

Resilient Cities Network

resilientcitiesnetwork.org

77

Resilient Cities Network is a globally recognized non-profit organization dedicated to fostering urban resilience by connecting cities worldwide. Their platform facilitates collaboration, knowledge sharing, and capacity building among city governments and resilience professionals to address urban challenges and promote safe, equitable urban environments. The organization operates primarily through a membership and network model, targeting city officials and stakeholders interested in sustainability and resilience. Technically, the website is built on WordPress using the Divi theme, leveraging modern web technologies including jQuery, Google Analytics, and Google Tag Manager. Hosting and DNS services are managed via Cloudflare, ensuring reliable performance and security. The site demonstrates good mobile optimization and SEO practices, though some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and employs reCAPTCHA on forms, but lacks DNSSEC and explicit security policies or vulnerability disclosure mechanisms. Security headers are partially implemented, and no critical vulnerabilities were detected. Privacy compliance is strong with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website presents a professional, trustworthy digital presence with a solid security posture suitable for a non-profit organization. Recommendations include enabling DNSSEC, publishing a security policy, and enhancing HTTP security headers to further strengthen security and trust.

D

Domel, d.o.o.

domel.com

66

Domel, d.o.o. is a Slovenia-based manufacturer specializing in high-performance and ultra-high efficiency electric motors and components. The company targets industrial clients and OEMs, offering customized, sustainable, and innovative drive solutions. Domel has a global presence in over 60 countries and collaborates with major industry players, positioning itself as a reputable and established manufacturer in the electric motor and automation sectors. The website reflects a professional and well-structured digital presence with a focus on product categories, solutions, and research and development capabilities. Technically, the site uses modern tracking and analytics tools such as Google Tag Manager, Hotjar, and Microsoft WebTracking, and employs HTTPS with good security practices, although some security headers are missing. Privacy and cookie policies are not explicitly found, and no direct contact information or security incident response contacts are visible, which could be improved for compliance and trust. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the overall legitimacy suggested by the website content and branding.

Z

Zoologická zahrada a botanický park Ostrava, p.o.

zooostrava.cz

42

Zoo Ostrava is a large, well-established zoological garden and botanical park located in the Czech Republic, serving as a major regional attraction and educational resource. The website provides comprehensive information about the zoo's animal exhibitions, botanical collections, educational programs, events, and conservation efforts. It targets families, schools, and nature enthusiasts, offering online ticket sales and an e-shop for donations and supplies. The domain age and WHOIS data confirm the legitimacy and consistency of the business presence online. Technically, the website uses a modern tech stack including jQuery, bxSlider, FancyBox, Google Tag Manager, Google Analytics, Facebook SDK, and reCAPTCHA. The site is hosted by a reputable provider and uses HTTPS, ensuring secure communication. The design is professional, mobile-optimized, and offers good navigation and content relevance. However, it lacks explicit privacy and cookie policies and does not implement a cookie consent mechanism, which are compliance gaps. From a security perspective, the site employs HTTPS and reCAPTCHA, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The site uses tracking and advertising services such as Google Analytics and DoubleClick, with moderate user tracking levels but limited transparency regarding data retention and privacy compliance. Overall, Zoo Ostrava's website is trustworthy, content-rich, and professionally maintained, but would benefit from enhanced privacy compliance and security header implementation to improve user trust and regulatory adherence.

D

Outil de veille sur la formation dédié aux OF - Digiforma Veille

digiforma-veille.com

57

Digiforma Veille operates a specialized monitoring tool dedicated to training organizations, focusing on providing relevant information and updates in the education sector. The website is built on WordPress with Elementor, integrating modern technologies such as Google Tag Manager, Cookiebot for cookie consent, and reCAPTCHA for bot protection. The site demonstrates good design quality, mobile optimization, and SEO practices, making it accessible and user-friendly for its target audience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Security measures are adequate with HTTPS and bot protection, but the lack of explicit privacy policies and contact information limits compliance and user trust. Overall, the site is safe and professional but would benefit from enhanced transparency and security documentation.

HugeDomains operates as a reputable domain marketplace specializing in premium domain name sales with flexible payment options. Established in 2005, it targets entrepreneurs and businesses seeking valuable web addresses to enhance their online presence. The platform offers a secure and user-friendly shopping experience, supported by SSL encryption, trusted payment methods including PayPal and Escrow.com, and a 30-day money back guarantee. Customer testimonials and clear pricing reinforce its market credibility. Technically, the website employs modern web technologies such as jQuery, Google Analytics, and CookieYes for consent management, ensuring good mobile responsiveness and SEO optimization. While the site lacks explicit security headers beyond HTTPS, it maintains a solid security posture with encrypted transactions and bot protection via reCAPTCHA. Privacy and cookie policies are comprehensive and GDPR compliant, though a dedicated security policy and incident response details are absent. Overall, the security posture is strong with room for improvement in explicit security header implementation and transparency around vulnerability disclosures. The business model is clear and credible, supported by consistent WHOIS data and trusted partner integrations. The site is safe for general audiences with no adult or questionable content detected.

C

Coopérative d'Installation en Agriculture Paysanne Pays de la Loire

ciap-pdl.fr

48

CIAP Pays de la Loire is a cooperative dedicated to supporting agricultural installation projects in the Pays de la Loire region of France. The organization offers key services including a one-year creative farmer training program, activity incubation (portage d’activités), and permanent test spaces for aspiring farmers. The cooperative aims to secure project leaders, involve local authorities, and promote sustainable peasant agriculture. The website reflects a regional cooperative with a clear mission to facilitate agricultural entrepreneurship and innovation. Technically, the website is built on WordPress using Elementor and several plugins for enhanced functionality, including GDPR compliance and analytics. Hosting is provided by OVH, a reputable provider. The site is mobile-optimized and uses HTTPS with a good SSL configuration. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is moderate with best practices like HTTPS and reCAPTCHA in place, but improvements are recommended in security headers and formal policies. Privacy compliance is partial due to the absence of a visible privacy policy page, though cookie consent is implemented. Business credibility is high, supported by consistent domain registration, professional content, and social media presence. Overall, the website is a trustworthy and professional platform for its niche cooperative, with room for improvement in privacy and security transparency.

F

France Active

franceactive.org

50

France Active is a prominent non-profit organization in France dedicated to supporting engaged entrepreneurs through advice, financing, and a broad network of partners. The website presents a professional and consistent brand image, targeting social entrepreneurs and enterprises with a focus on social impact. Technically, the site is built on WordPress with Elementor, leveraging modern tracking and analytics tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and LinkedIn Insight Tag. The site is secured with HTTPS and employs reCAPTCHA to protect forms, although explicit security headers are not fully evident. Privacy and cookie policies are not clearly identified in the provided content, indicating room for improvement in compliance transparency. Overall, the website demonstrates a solid security posture and good digital maturity, but the absence of WHOIS data limits full trust verification. Strategic recommendations include enhancing security headers, improving privacy disclosures, and ensuring comprehensive contact and incident response information is available.

Ž

Življenjska zavarovalnica Vita

zav-vita.si

64

Življenjska zavarovalnica Vita operates as the largest bank-affiliated life insurance provider in Slovenia, offering health and life insurance products with 24/7 customer support. The company positions itself as a trustworthy insurer with transparent terms and no fine print, targeting a broad Slovenian audience. The website reflects a professional and consistent brand image aligned with its banking parent company, NLB. Technically, the site employs modern JavaScript frameworks, Google Tag Manager for analytics, and Google reCAPTCHA for bot protection, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and bot protection but lacks explicit security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the site is safe, professional, and credible but would benefit from enhanced privacy and security transparency.

R

Rostlinky.cz

rostlinky.cz

42

Rostlinky.cz is an established online garden retail business operating since 2001, primarily serving customers in the Czech Republic and Slovakia. The website offers a wide range of gardening products including seeds, bulbs, balcony plants, ornamental and fruit trees, shrubs, perennials, and gardening accessories. The business model is focused on e-commerce retail with an emphasis on fair and expert service. Technically, the website is built on the Magento platform, utilizing common web technologies such as jQuery, Prototype.js, and Bootstrap, and integrates marketing and analytics tools like Google Tag Manager and Facebook SDK. The site is secured with HTTPS and implements GDPR-compliant cookie consent mechanisms. However, the absence of WHOIS registration data and lack of explicit security headers slightly reduce the overall trust and security posture. Contact information is limited to a phone number and online forms, with no public company email addresses found. Overall, the website presents a professional and trustworthy front for its business, but domain registration transparency and enhanced security headers would improve its credibility and security stance.

D

DAFilms

dafilms.cz

55

DAFilms.cz is a niche online streaming platform specializing in curated art-house, documentary, festival, and children's films primarily targeting Czech-speaking audiences. Founded in 2012, it offers a subscription-based model with a focus on unique and authorial film content not commonly found on mainstream platforms. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Cookiebot for GDPR compliance, and reCAPTCHA for bot protection. The site is served over HTTPS with a good SSL configuration, though some security headers could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and links to detailed privacy policies. However, explicit contact and security policies are not readily found on the homepage, which could be enhanced for trust and compliance. Overall, the site is secure, compliant, and well-positioned within its niche market.

M

Mary's Meals Canada

marysmeals.ca

64

Mary's Meals Canada is a non-profit charitable organization dedicated to providing daily nutritious meals to children in impoverished communities to encourage education and break the cycle of poverty. The website serves as a platform for fundraising, volunteer engagement, and awareness, targeting donors and supporters primarily in Canada but linked to a global network of partner sites. The site is professionally designed with clear navigation, rich content, and consistent branding, reflecting a mature digital presence. Technically, the website employs modern web technologies including Google Analytics, Facebook SDK, Stripe for payments, and consent management tools, hosted on AWS Cloudfront CDN. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and a public security policy are absent. The absence of WHOIS data limits domain registration transparency, but the presence of charity registration numbers and consistent business information supports legitimacy. No WAF or blocking mechanisms were detected, and the site contains no adult or questionable content, making it safe for general audiences. Overall, the website demonstrates a strong balance of business credibility, technical implementation, and privacy compliance, with room for improvement in explicit security policies and domain registration transparency.

P

Parola spol. s r.o.

sportovecjihlavska.cz

47

The website www.sportovecjihlavska.cz serves as a regional media platform focused on the annual Sportovec Jihlavska sports awards and related local sports news. Operated by Parola spol. s r.o., it targets residents and sports enthusiasts in the Jihlava district, providing event coverage, voting mechanisms, and advertising opportunities. The business model revolves around media content and community engagement with advertising revenue streams. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, and CKEditor, ensuring a functional and moderately optimized user experience. Security posture is adequate with HTTPS enforced and use of CAPTCHA, but lacks some security headers and explicit privacy policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, but the visible business information and partnerships support legitimacy. Overall, the site is professional, content-rich, and trustworthy for its audience, though it would benefit from enhanced compliance and security practices.

V

Vooter

vooter.co

59

Vooter is a French digital platform specializing in voting, polling, and community consultation services aimed at organizations, local authorities, enterprises, and event organizers. The platform facilitates co-construction and inclusive participation through interactive digital tools, live voting, and instant communication. The website is built on WordPress using the Divi theme, incorporating standard SEO and analytics tools such as Yoast SEO and Google Analytics. Hosting and data storage are located in France, supporting GDPR compliance. Security measures include HTTPS and reCAPTCHA, though some security headers are not explicitly visible. The site lacks explicit privacy policy and terms of service pages, which are recommended for compliance and trust. Overall, the platform presents a professional and trustworthy digital service with a clear market niche in government and community engagement.

The website at impactlab.com is currently inaccessible beyond a bot verification challenge page utilizing Google's invisible reCAPTCHA. This security mechanism prevents direct access to the site's actual content, limiting the ability to analyze business, security, and compliance aspects fully. The domain is long-established, registered since 2000 via GoDaddy.com, LLC, with standard domain locks indicating legitimate ownership. However, no business or contact information is visible in the provided HTML content. The technical infrastructure includes reCAPTCHA scripts and hosting on WPX Hosting, but no other technologies or CMS are detectable. Security headers and privacy policies are absent from the accessible content, and no analytics or advertising scripts are present beyond reCAPTCHA. Overall, the site appears to have a strong security posture in terms of bot protection but lacks visible compliance and business transparency in the accessible content.

M

M. G. C. Trade, s. r. o.

mountain-gorilla.cz

53

Mountain Gorilla Coffee is a Czech-based specialty coffee and chocolate e-commerce retailer focused on high-quality products sourced from East Africa, particularly Uganda. The company integrates social responsibility by contributing a portion of sales to mountain gorilla conservation efforts. The website is professionally designed, mobile-optimized, and provides a seamless user experience with clear navigation and comprehensive product information. The business targets coffee enthusiasts who value quality and social impact. Technically, the site employs modern web technologies including Bootstrap, jQuery, Google Tag Manager, and integrates multiple analytics and marketing tools with user consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA usage, though it lacks some advanced security headers and explicit incident response contacts. The absence of WHOIS data reduces domain transparency but does not detract significantly from the overall trustworthiness given the professional presentation and business legitimacy. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, and improving accessibility compliance.

U

UNOS

unos.org

50

UNOS (United Network for Organ Sharing) is a well-established nonprofit organization dedicated to managing the organ transplantation system in the United States. The organization provides critical services including organ donor registration, organ matching, data analytics, advocacy, and education. Their website reflects a mature digital presence with comprehensive content targeting donors, patients, healthcare professionals, and advocates. The site is built on WordPress using the Divi theme, incorporating modern web technologies and analytics tools such as Google Analytics, Facebook Pixel, and Hotjar. Security posture is solid with HTTPS enforcement and clientTransferProhibited domain status, though improvements such as DNSSEC and enhanced security headers are recommended. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

U

UNOS

transplantliving.org

55

UNOS (United Network for Organ Sharing) operates a comprehensive website providing patient resources related to organ transplantation. The organization is a well-established non-profit entity in the healthcare sector, with a domain registered since 1993, reflecting its longstanding presence. The website targets patients, transplant candidates, and their families, offering educational brochures and transplant-related information. Technically, the site is built on WordPress with the Divi theme, leveraging modern tracking and analytics tools such as Google Analytics, Facebook Pixel, and Bing Ads. The site is mobile-optimized and uses HTTPS, ensuring secure data transmission. However, explicit privacy and cookie policies are not found on the analyzed page, which impacts privacy compliance scoring. Security posture is generally good with HTTPS and reCAPTCHA usage, but lacks visible security headers and incident response information. Overall, the website is professional, trustworthy, and safe for general audiences.

V

VetAgro Sup

vetagro-sup.fr

55

VetAgro Sup is a French public higher education and research institution specializing in veterinary medicine, agronomy engineering, and public veterinary health inspector training. The institution holds multiple accreditations and offers a range of educational and clinical services, positioning itself as a reputable player in the education and healthcare sectors in France. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to students, researchers, and professionals in related fields. Technically, the site is built on WordPress with modern plugins and frameworks, including Elementor and Bootstrap, and integrates analytics tools such as Google Analytics and Matomo. Security posture is good with HTTPS enforced and use of ReCaptcha, although explicit security headers and published security policies are lacking. Privacy compliance is well addressed with visible cookie consent and privacy policies. Overall, the site is trustworthy and professionally maintained, with no signs of malicious activity or content blocking.

P

Pinterest

pinterest.com.mx

74

Pinterest is a globally recognized technology company specializing in visual discovery and social media services. The platform enables users to find and share ideas related to recipes, home decor, fashion, and more, targeting a broad general audience. The Mexican localized site (mx.pinterest.com) reflects the company's commitment to regional markets with tailored content and language support. Pinterest operates primarily on an advertising and e-commerce integrated business model, leveraging its large user base and visual content to connect users with products and services. Technically, the website employs a modern tech stack including React, JavaScript, and WebAssembly, hosted on Amazon AWS infrastructure. It integrates multiple third-party services for fonts, analytics, advertising, and security, such as Google Fonts, Amazon Advertising, Facebook Pixel, and Arkose Labs for bot mitigation. The site demonstrates excellent performance, mobile optimization, and accessibility standards, ensuring a smooth user experience. From a security perspective, Pinterest enforces HTTPS with strong SSL configurations and implements comprehensive security headers including a strict Content Security Policy. The use of reCAPTCHA and Arkose Labs indicates proactive measures against automated abuse. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature privacy posture. No critical vulnerabilities or suspicious indicators were detected in the analyzed content. Overall, Pinterest's Mexican site exhibits a high level of professionalism, security, and compliance, supporting its position as a trusted and established platform. The absence of WHOIS data for the subdomain is typical and does not detract from legitimacy, as it is managed under the main pinterest.com domain. Strategic recommendations include maintaining regular security audits, enhancing transparency around vulnerability disclosures, and continuing to optimize privacy compliance.