Security Directory

T

Tělovýchovná jednota Sokol Kobeřice, z. s.

sokolkoberice.cz

0

TJ Sokol Kobeřice is a small local sports club based in Kobeřice u Brna, Czech Republic, primarily focused on organizing football teams across various age groups and leagues. The website serves as a community hub providing news updates, team information, cultural events, and photo galleries. The organization operates as a non-profit entity with a clear local community orientation. Technically, the website uses a custom CMS (H-optimal) and common web technologies such as jQuery, Bootstrap, and Fancybox, hosted likely by Wedos, a Czech hosting provider. The site is moderately optimized for mobile and performance but uses an outdated jQuery version which may pose security risks. Security posture is basic with no visible security headers and no published privacy or cookie policies, indicating compliance gaps with GDPR and related regulations. Contact information is clearly presented, enhancing business credibility. Overall, the website is functional and trustworthy for its intended audience but requires improvements in security and privacy compliance to reduce risk and enhance user trust.

T

Templum Bonum s.r.o.

cafe-mikulov.cz

0

Café Dolce Vita Mikulov is a small hospitality business operating a café located in a historic building in the center of Mikulov, Czech Republic. The business offers quality coffee, local wines, desserts, ice cream treats, and light snacks, targeting local visitors and tourists. The website reflects a well-branded and consistent digital presence with clear contact information and social media integration. Technically, the site is built on WordPress using popular plugins and themes, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and incident response information. Privacy compliance is basic, with no dedicated privacy policy or terms of service pages found. WHOIS data is unavailable due to CZ NIC privacy policies, but the website provides legitimate company registration details supporting trustworthiness.

D

Design Studio KOSS

nabytek-koss.cz

0

Design Studio KOSS is a Czech-based small business specializing in custom interior design and furniture manufacturing, particularly kitchens and built-in wardrobes. Established in 2008, it offers comprehensive services including 3D interior design, furniture production, and full interior realization with additional construction work. The company maintains a professional online presence with detailed contact information and social media engagement, targeting residential and commercial clients seeking tailored interior solutions. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Google Analytics, Facebook Pixel, and Hotjar, indicating a mature digital infrastructure. Security posture is generally good with HTTPS enforced and use of reCAPTCHA on forms, though lacks some security headers and explicit incident response policies. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanism. Overall, the website is trustworthy and professionally maintained, with room for improvement in security hardening and privacy transparency.

G

GPartners

canaletico.es

0

The website canaletico.es/en serves primarily as a login portal for GPartners' backoffice administration. It lacks public-facing business content, marketing descriptions, or customer engagement features. The site targets internal users or administrators rather than external customers. Technically, the site uses a legacy technology stack including jQuery 1.12.2, Bootstrap, and the Metronic theme framework. While the design is functional, it is basic with limited mobile optimization and accessibility features. Security posture is moderate but could be improved significantly by updating libraries, adding security headers, and implementing stronger authentication controls. No privacy or cookie policies are present, indicating low privacy compliance. The domain WHOIS is privacy protected, which is common for administrative portals but reduces transparency. Overall, the site is functional for its purpose but lacks comprehensive security and compliance measures.

A

Ayuntamiento de Getafe

feriadeempleogetafe.com

0

The website 'feriadeempleogetafe.com' serves as the official platform for the 4th Employment Fair and Congress organized by the Ayuntamiento de Getafe, Spain. It provides information about event dates, location, registration, and activities aimed at connecting job seekers with companies and offering employment-related resources. The site integrates third-party services such as Eventbrite for event registration and Google Maps for location embedding. The content is primarily in Spanish and targets local residents and businesses interested in employment opportunities. Technically, the site is built on WordPress using the Divi theme, with modern web technologies and accessibility features implemented via the OneTap plugin. The hosting is provided by a reputable registrar, and the domain registration aligns with the event timeline, indicating legitimacy.

M

Ministerio de Educación, Formación Profesional y Deportes - Gobierno de España

aulamentor.es

0

Aula Mentor is a well-established e-learning platform operated by the Spanish Ministry of Education, providing lifelong learning and professional development courses to adult learners. The platform offers a broad catalog of over 240 courses across multiple professional areas, supported by a network of physical learning centers (Aulas Mentor). The website demonstrates a high level of professionalism, consistent branding, and a user-friendly design optimized for accessibility and mobile use. Technically, it is built on WordPress with modern plugins and uses Matomo for privacy-conscious analytics. Security posture is strong with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is good with a comprehensive privacy policy, though a cookie consent mechanism is absent. Overall, the platform is trustworthy and credible, serving a government educational mission.

A

ADAMS Formación

accionesformativas.es

0

ADAMS Formación is a well-established Spanish education and training company with a history dating back to 1957. The company offers a broad catalog of professional development courses accessible online, targeting unemployed individuals, freelancers, and employees of small businesses. Their business model focuses on self-paced online learning with a structured preinscription process. The website reflects a professional and consistent brand image with clear contact information and legal policies, supporting their credibility in the education sector. Technically, the website is built on WordPress with integration of Webflow and Udesly adapter plugins, leveraging jQuery and Google Fonts for frontend functionality and styling. The site is mobile-optimized and performs moderately well, though there is room for improvement in accessibility and SEO. No major performance bottlenecks or broken elements were detected. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks important security headers and explicit incident response or security policy documentation. Cookie policies exist but no active consent mechanism is implemented, which may impact GDPR compliance. The absence of WHOIS data limits full trust verification, but the overall presentation and contact transparency mitigate concerns. Overall, ADAMS Formación presents a solid online presence with good business credibility and a safe, professional content environment. Strategic improvements in security headers, privacy consent, and incident response documentation would enhance their security posture and compliance standing.

A

American Physical Therapy Association

valueofpt.com

0

The website www.valueofpt.com serves as a dedicated platform for the American Physical Therapy Association's landmark report on the economic value of physical therapy in the United States. It provides comprehensive research findings, educational resources, and advocacy materials targeting healthcare professionals, policymakers, payers, and the general public. The site is well-branded, professionally designed, and offers clear navigation to various reports, conditions, and policy information. Technically, the site employs modern web technologies including asynchronous analytics and tracking scripts, and is built on the Episerver CMS platform. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks explicit security headers and incident response information. Privacy compliance is strong, featuring a clear privacy policy and cookie consent mechanism. However, the absence of WHOIS registration data for the domain introduces some uncertainty regarding domain legitimacy, though the content and branding strongly align with a reputable organization. Overall, the site is a trustworthy, authoritative resource with minor areas for security and transparency improvement.

H

Havas Creative

havascreative.com

0

Havas Creative is a globally integrated advertising and communications agency established in 2012, operating through a unique village model with 73 offices worldwide. The company offers a broad range of services including creative advertising, media planning, content creation, data-driven marketing, and customer experience solutions. Their website reflects a professional and consistent brand image targeting businesses and brands seeking comprehensive marketing solutions. Technically, the website is built on WordPress with modern SEO and analytics tools, hosted by Gandi SAS, and demonstrates good mobile optimization and performance. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and no explicit security policies or vulnerability disclosures are published. Privacy compliance is supported by a OneTrust cookie consent mechanism, but no visible privacy or terms of service pages were found on the homepage. Overall, the website is trustworthy and well-maintained, with room for improvement in security transparency and privacy documentation.

L

Le Vestiaire

le-vestiaire.fr

0

Le Vestiaire is a well-established French retailer specializing in hockey, skating, roller hockey, and related sports equipment. Founded in 2001, it operates both an e-commerce platform and 11 physical stores across France, positioning itself as a trusted supplier in the sports retail sector. The website is professionally designed, with clear navigation and comprehensive product offerings targeting sports enthusiasts and athletes in France. The company also provides technical services such as blade sharpening and bootfitting, enhancing its value proposition. Technically, the website is built on the PrestaShop CMS platform, leveraging modern web technologies including jQuery, Google reCAPTCHA v2 for form security, and various modules for enhanced user experience such as sliders and carousels. Hosting is provided by OVH, a reputable provider, and the site employs HTTPS with good SSL configuration. While some security headers are not explicitly detected, the overall security posture is solid with no visible vulnerabilities or exposed sensitive data. From a security and compliance perspective, the site includes a comprehensive privacy policy and cookie consent mechanism, indicating GDPR compliance. Contact information is clearly presented, including email, phone, and physical address. However, no explicit security policy, incident response page, or vulnerability disclosure mechanism was found, which could be areas for future improvement. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness. Overall, Le Vestiaire presents a secure, professional, and user-friendly online presence with strong business credibility in the French sports retail market. Strategic enhancements in security headers and formal incident response documentation could further strengthen its security posture and compliance standing.

A

Autocars BORINI

borini.com

0

Autocars BORINI is a regional transportation company based in Haute-Savoie, France, specializing in passenger transport services including tourist travel, airport and train station transfers, excursions, skibus services, and on-demand transport. The company has a well-established online presence with a website dating back to 1999, reflecting a mature market position in the regional transport sector. The website is professionally designed using WordPress and the Divi theme, providing a good user experience with clear navigation and mobile optimization. Technical infrastructure includes modern web technologies and integrations such as Google Analytics and reCAPTCHA for security and analytics purposes. Security posture is solid with HTTPS enabled and GDPR-compliant cookie consent mechanisms, although some security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the website demonstrates a trustworthy and professional digital footprint aligned with the company's business operations.

C

Communauté de communes de la Vallée de Chamonix Mont-Blanc

cc-valleedechamonixmontblanc.fr

0

The Communauté de communes de la Vallée de Chamonix Mont-Blanc operates as a local government community entity serving the Vallée de Chamonix Mont-Blanc region in France. The website provides official information, services, news, and resources for residents and visitors, positioning itself as an authoritative source for regional administrative and community matters. It maintains active social media channels and offers multilingual support via GTranslate, enhancing accessibility for a broader audience. Technically, the website is built on WordPress with a modern tech stack including Bootstrap and jQuery, supported by Matomo analytics for privacy-conscious user tracking. The site demonstrates good mobile optimization and SEO practices, though accessibility compliance is basic and could be improved. Security measures include HTTPS and cookie consent mechanisms, but lack explicit security headers and dedicated security policy pages. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to privacy protection is common for public entities but limits transparency. No incident response or vulnerability disclosure information is provided, which could be enhanced to improve trust and readiness. Overall, the website is professional, trustworthy, and well-suited for its public sector role. Strategic recommendations include implementing security headers, publishing security policies, enhancing accessibility, and adding vulnerability disclosure mechanisms to strengthen security and compliance further.

C

Communauté de Communes Pays du Mont-Blanc

ccpmb.fr

0

The Communauté de Communes Pays du Mont-Blanc operates a regional government website serving multiple municipalities in the Mont-Blanc area of France. The website provides comprehensive information on local services including transport, environment, culture, economy, tourism, and waste management. It targets residents and visitors seeking community resources and regional updates. Technically, the site is built on WordPress with a variety of plugins and integrates Google Maps and FontAwesome for enhanced user experience. The site is hosted by OVH and uses HTTPS, ensuring secure connections. Security posture is moderate with room for improvement, notably the absence of security headers and use of an outdated jQuery version. Privacy compliance is limited due to the lack of a published privacy policy and terms of service, although a cookie consent mechanism is present. Overall, the website is professional, trustworthy, and well-branded, but would benefit from enhanced security and compliance documentation.

D

Département de la Haute-Savoie

hautesavoie.fr

0

The Département de la Haute-Savoie operates an official government website serving the Haute-Savoie region in France. The site provides comprehensive information about departmental actions, events, employment opportunities, public services, and subsidies. It targets residents and stakeholders within the region, positioning itself as a key public sector information portal. The website is built on a modern WordPress CMS infrastructure, leveraging SEO and caching plugins, and integrates social media channels for broader engagement. Technically, the site is well-optimized for mobile and desktop, with good performance and accessibility standards. Security posture is strong with HTTPS enforcement, CAPTCHA usage, and cookie consent mechanisms, although explicit privacy and security policies are not found in the provided content. Overall, the site demonstrates high professionalism and trustworthiness consistent with a government entity.

C

Club des Sports de Glace Strasbourg - Alsace Section Hockey sur Glace

hockeystrasbourg.org

0

Hockey Strasbourg – CSGSA is a local sports club based in Strasbourg, France, focused on ice hockey training and competitions primarily for youth and amateur players. The club offers a variety of teams across age groups and skill levels, organizes events such as tournaments and equipment exchanges, and maintains an active community presence. The website serves as an information hub for members and prospective players, providing schedules, news, and registration details. Technically, the site is built on WordPress with common plugins and uses HTTPS, but lacks advanced security headers and privacy compliance features. The absence of WHOIS data limits domain trust verification, though the site’s content and social media presence support its legitimacy. Overall, the club maintains a good digital presence but should improve security and compliance aspects to enhance trust and user protection.

K

Kalisport

kalisport.com

0

Kalisport is a French software company providing an all-in-one sports management solution tailored for clubs, committees, and associations. Their platform offers a comprehensive suite of services including member management, accounting, sponsor management, online payments, event management, communication tools, and mobile applications. Positioned as a specialized SaaS provider in the sports technology sector, Kalisport targets small to medium-sized sports organizations primarily in France. The website is professionally designed with a clear focus on usability and accessibility, supporting both web and mobile platforms. Technically, the site leverages modern front-end technologies such as Bootstrap, jQuery, and FontAwesome, and implements cookie consent mechanisms with GDPR compliance in mind. Security posture is moderate; while HTTPS and cookie consent are implemented, the absence of visible security headers and incident response information suggests room for improvement. The lack of WHOIS data raises some concerns about domain registration legitimacy, though the active and professional website presence partially mitigates this risk. Overall, Kalisport presents a credible business with a solid digital presence but would benefit from enhanced transparency and security disclosures.

M

Mont-Blanc Hockey

montblanchockey.fr

0

Mont-Blanc Hockey is a small, community-focused ice hockey club based in France, founded in 2023. The club targets children and youth interested in ice hockey, offering training, tournaments, membership, and merchandise. The website reflects a well-structured and professionally designed platform that supports the club's activities and community engagement. The use of structured data and social media integration enhances its digital presence. Technically, the site employs a modern tech stack with popular JavaScript libraries and frameworks, hosted under a reputable registrar, and implements HTTPS with privacy-conscious analytics (Matomo). Security posture is solid with no critical vulnerabilities detected, though formal security policies and incident response contacts are absent. Privacy compliance is good, with a cookie consent mechanism and a privacy policy page in French. Overall, the website is trustworthy and suitable for its audience, with room for improvement in formal security documentation and contact transparency.

C

Chamonix Hockey Club

chamonixhockeyclub.com

0

Chamonix Hockey Club is a regional ice hockey sports club based in the Chamonix Mont-Blanc valley, France, catering to youth players aged 4 to 20 and adult leisure players. The club organizes training, tournaments, and seasonal events, positioning itself as a key local sports entity in Haute Savoie. The website reflects this focus with detailed match schedules, team information, and event announcements. Technically, the site uses a modern but somewhat dated tech stack including Bootstrap 3, jQuery, and various UI libraries, hosted by OVH sas. It implements HTTPS and cookie consent mechanisms aligned with GDPR requirements, though lacks some advanced security headers and explicit security policies. No contact emails or phone numbers are directly visible, which may impact user engagement and trust. Overall, the site is functional, well-branded, and provides relevant content for its audience.

T

The Scottish Government

scotland.gov.uk

0

The Scottish Government website serves as the official digital presence for the devolved government of Scotland, providing comprehensive information on policies, news, publications, consultations, and statistics. It targets residents, stakeholders, and the general public interested in Scottish governance and public services. The site is authoritative and well-positioned as a primary source of government information. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager, and Plausible Analytics, with a strong emphasis on accessibility, mobile optimization, and SEO best practices. The site is well-structured with clear navigation and uses structured data to enhance search engine understanding. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, though explicit security headers are not evident in the provided data. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is typical and justified for government domains, and the domain is highly legitimate based on trust signals and domain usage. Overall, the website demonstrates a high level of professionalism, security, and compliance, making it a trustworthy and reliable source for its audience.

A

Avarita – Obchod, marketing, konzultace

avarita.cz

0

Avarita is a Czech-based small business specializing in marketing and educational services, offering a range of solutions including website and e-shop development, social media advertising, business support, consultations, training, and graphic design. The company targets local entrepreneurs and small to medium businesses in the Czech Republic, emphasizing affordable and personalized service. The website is built on WordPress with Elementor, leveraging modern web technologies and integrating Google Analytics and Facebook Pixel for marketing and analytics purposes. Security posture is good with HTTPS enabled and cookie consent implemented, though some security headers could be improved. The domain registration is consistent with the business claims, indicating legitimacy. Overall, the website presents a professional and trustworthy image with clear contact information and GDPR-compliant privacy and cookie policies.

R

Robert Mročka a Lambda-comp s. r. o.

360pano.cz

0

The website 360pano.cz represents a small Czech business specializing in the creation of virtual tours and reportage photography, primarily serving hotels, companies, and municipalities. The business has been operating since at least 2009, demonstrating a stable market presence with a portfolio of satisfied clients and certifications such as Google Street View photographer status. Technically, the website uses traditional web technologies including HTML, CSS, JavaScript, and jQuery, with a focus on visual presentation through image sliders and galleries. However, the site lacks modern CMS integration and shows signs of aging technology stacks. Security posture is moderate but lacks critical elements such as HTTPS enforcement and security headers, which are essential for protecting user data and enhancing trust. Privacy compliance is minimal, with no privacy policy or terms of service found, though a cookie consent banner is implemented. Overall, the site is functional and professional but would benefit from modernization and improved security and compliance measures.

The website nmosdyourway.com serves as an educational platform providing a podcast series focused on neuromyelitis optica spectrum disorder (NMOSD) patients worldwide. Developed by Alexion Pharmaceuticals, a part of AstraZeneca Rare Disease, the site aims to support patients and caregivers through expert and patient-hosted content. The business model centers on patient education and advocacy, positioning itself as a trusted resource in the rare disease healthcare sector. The site leverages a mature technical infrastructure including Sitecore CMS and Adobe Analytics, hosted on AWS, ensuring reliable performance and moderate user tracking for analytics purposes. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms linked to the parent company’s legal pages. However, direct contact information and explicit security policies are not present on the site, which could be improved to enhance user trust and incident response readiness. Overall, the site demonstrates a good security posture with HTTPS enabled and no visible vulnerabilities, but could benefit from additional security headers and transparency around security practices. The domain registration is consistent with a legitimate new campaign site, supporting the credibility of the business. The content is safe for general audiences, with no adult or explicit material detected.

I

InfoJobs

infojobs.net

0

InfoJobs is a leading Spanish online job portal providing a platform for job seekers and employers to connect. The website offers job listings, company searches, salary information, and training resources, positioning itself as a comprehensive employment resource in Spain. The platform targets primarily Spanish-speaking users seeking employment opportunities or recruitment services. Technically, the site employs modern JavaScript libraries and analytics tools such as Google Tag Manager, Segment, and Braze, alongside a robust consent management system to comply with GDPR. The website is well-structured, mobile-optimized, and uses HTTPS with appropriate security headers, reflecting a mature digital infrastructure. Security posture is solid with no visible vulnerabilities, though the absence of a public security policy or incident response contact is noted. The WHOIS data is unavailable or not found, which slightly reduces trustworthiness but does not detract significantly from the site's legitimacy given its professional presentation and market position. Overall, InfoJobs demonstrates a strong business and technical foundation with good privacy compliance and user experience.

I

ILUNION

ilunionretail.com

0

ILUNION Tu Tienda operates a network of over 65 accessible retail stores located primarily in hospitals and strategic points across Spain. The business model emphasizes social responsibility, employing a workforce largely composed of people with disabilities and offering sustainable products. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive privacy and cookie compliance mechanisms. Technically, the site uses Drupal CMS with modern libraries and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. Security posture is good with HTTPS and reCAPTCHA protections, though some security headers are not detected and could be improved. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the strong brand association with Grupo Social ONCE and consistent content quality.

P

Prometric

prometric.com

0

Prometric is a global enterprise specializing in secure assessment design and delivery solutions, serving test takers, certification bodies, educational institutions, and professional organizations. The company offers a broad portfolio of services including assessment development, global delivery, candidate experience enhancement, and AI-powered exam development. Their market position is strong as a leader in secure testing with a vast network of test centers worldwide. The website reflects a mature digital presence with multi-language support and comprehensive resources for various stakeholders. Technically, the website is built on modern technologies including Craft CMS, Tailwind CSS, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security best practices are evident with HTTPS enforcement, security headers, CSRF protection, and a detailed cookie consent mechanism. Security posture is robust with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit incident response contacts and vulnerability disclosure mechanisms suggests areas for improvement. Privacy compliance is well addressed with a comprehensive privacy policy, cookie consent banner, and GDPR indicators. Business credibility is high, supported by professional content, consistent branding, and trust signals. Overall, the website presents a low-risk profile with strong business and technical foundations. Strategic enhancements in transparency around incident response and vulnerability disclosure would further strengthen trust and security posture.

The website at vrlps.co is currently inaccessible, returning a 404 error with minimal content. There is no visible business information, metadata, or user-facing content to analyze. The lack of privacy, cookie, or terms of service policies, as well as absence of contact information, indicates the site is either inactive or under development. The WHOIS data is privacy protected, which limits the ability to verify the legitimacy or business details of the domain owner. Technically, the site lacks detectable technologies, scripts, or security headers, and no SSL configuration details are available from the provided data. Security posture cannot be properly assessed due to the absence of content and technical details. Overall, the site presents a high risk due to lack of transparency and content, and it is not suitable for business or user engagement in its current state.

The website legacyfpt.org is currently inaccessible beyond a Cloudflare Turnstile security challenge page, which prevents direct content analysis. The domain is registered since 2012 via GoDaddy.com, LLC, indicating a mature domain age. However, no business or contact information, privacy policies, or terms of service are publicly visible. The site relies on Cloudflare for security and performance, but DNSSEC is not enabled, and no advanced security headers are detected. Due to the WAF challenge, the content quality and business credibility cannot be assessed, resulting in a low overall AI score. The lack of visible policies and contact details further reduces privacy compliance and trustworthiness.

V

VCU-Marquette Challenge for Physical Therapy Research

marquettechallenge.com

0

The VCU-Marquette Challenge for Physical Therapy Research is a non-profit organization focused on grassroots fundraising to support physical therapy research. Established since 1989, the organization has successfully raised over $5 million to fund research projects aimed at optimizing movement and health. The website serves as an informational and engagement platform targeting students, physical therapy professionals, and researchers. Technically, the website is built on WordPress, utilizing common plugins for SEO, analytics, and user experience enhancements. The site is hosted by GoDaddy and employs HTTPS for secure communications. However, it lacks some key compliance documents such as a privacy policy and terms of service, which are critical for user trust and regulatory adherence. Security posture is moderate with SSL enabled but missing security headers and DNSSEC. Overall, the website is professional, trustworthy, and well-branded but could improve in privacy compliance and security best practices.

F

Fundación ONCE para la Atención de Personas con Sordoceguera

foaps.es

0

Fundación ONCE para la Atención de Personas con Sordoceguera is a Spanish non-profit organization dedicated to supporting individuals with deafblindness. It operates under the umbrella of the ONCE group, providing social, educational, and informational services tailored to this community. The website reflects a professional and consistent brand presence aligned with its mission, targeting affected individuals, their families, and professionals. Technically, the site is built on the Plone CMS platform, utilizing modern web technologies and ensuring good mobile responsiveness and accessibility. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with clear policies and GDPR adherence. The absence of WHOIS data limits domain registration insights, but the overall trust indicators and official branding support legitimacy. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding vulnerability disclosure information to further strengthen trust and compliance.

F

FOAL

foal.es

0

FOAL (Fundación ONCE Latinoamérica) is a well-established non-profit organization focused on social inclusion of blind and visually impaired people in Latin America. The website reflects a mature digital presence with clear information about their mission, services, and transparency. The technical infrastructure is based on Drupal CMS with modern web technologies including jQuery, Bootstrap, and Font Awesome, complemented by Google Analytics and Tag Manager for analytics. Security posture is strong with HTTPS, security headers, and reCAPTCHA v3 implemented. Privacy compliance is robust with clear cookie and privacy policies and GDPR adherence. However, the site lacks explicit terms of service and incident response policies. Overall, the website is professional, trustworthy, and well-structured, supporting FOAL's mission effectively.

A

American Council of Academic Physical Therapy

acapt.org

0

The American Council of Academic Physical Therapy (ACAPT) is a well-established non-profit organization dedicated to advancing academic physical therapy education in the United States. The website serves as a comprehensive resource hub for academic institutions, educators, and students, offering leadership, educational events, research resources, and advocacy. The organization is positioned as a leader in its niche with a clear mission and strong ties to the American Physical Therapy Association (APTA). Technically, the website is built on a mature CMS platform (Telerik Sitefinity) with a technology stack including ASP.NET, Bootstrap, and jQuery. While the site is generally well-structured and mobile-optimized, some technical debt is evident in the use of older JavaScript libraries and lack of advanced security headers. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and implementing modern security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and safe for its intended audience.

G

Globo

globo.com

0

Globo.com is a leading Brazilian media portal providing comprehensive news, sports, and entertainment content to a broad general audience primarily in Brazil. The website is well-branded and professionally designed, reflecting its position as a major enterprise within the Grupo Globo media conglomerate. It offers a variety of digital services including live streaming, advertising, and extensive editorial content. The site targets a general audience with up-to-date information on national and international events.

Morzine Réservation operates as the central reservation office for the Morzine Tourist Office, providing online booking services for a variety of accommodations including hotels, chalets, and apartments in the Morzine and Portes du Soleil region of France. The website offers detailed information, availability, pricing, and promotional offers, targeting tourists seeking mountain vacations. The platform supports secure online payments and customer account management, positioning itself as a trusted local booking service. Technically, the website employs a mix of legacy and modern technologies including jQuery 1.9.0, Google Tag Manager, Zendesk Chat, and custom reservation widgets. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR. However, some technical improvements are recommended such as updating JavaScript libraries and adding security headers. From a security perspective, the site uses HTTPS and secure payment processing but lacks explicit security policies and incident response information. No major vulnerabilities were detected, but the absence of WHOIS registration data raises concerns about domain legitimacy. Overall, the security posture is good but could be enhanced with additional headers and transparency. The overall risk is moderate; the website appears legitimate and professional but the missing WHOIS data and minor technical issues suggest the need for verification and improvements. Strategic recommendations include verifying domain registration, enhancing security headers, updating libraries, and publishing security policies to increase trust and compliance.

The website 'Go Morzine Avoriaz' appears to be a travel-related site promoting trips to the Morzine and Avoriaz ski resorts in France. The content is accessible and designed with modern CSS frameworks and fonts, indicating a moderate level of digital maturity. However, the absence of WHOIS data raises concerns about the domain's registration legitimacy, which impacts trustworthiness. The site lacks critical compliance documents such as privacy and cookie policies, and no contact information or security policies are present, which are important for user trust and regulatory compliance. Security posture is weak due to missing security headers and unclear SSL/TLS configuration. Overall, the site serves its business purpose but requires improvements in security, compliance, and transparency to enhance credibility and user trust.

P

Portes du Soleil

portesdusoleil.com

0

Portes du Soleil operates a professional and content-rich website promoting a major alpine ski domain spanning 8 French and 4 Swiss ski stations. The site targets skiers and tourists seeking information on ski passes, accommodations, and live resort data. Technically, the site is built on WordPress with a modern tech stack including Google Tag Manager, Leaflet maps, and various UI libraries, delivering a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit privacy policies, terms of service, and security headers, which are recommended for compliance and protection. The WHOIS data is missing, which raises concerns about domain legitimacy and registration transparency. Overall, the site is trustworthy and professional but would benefit from improved transparency and security hardening.

A

ayuda Hosting

ayudahosting.com.au

0

ayuda Hosting is a small Australian hosting provider specializing in innovative and collaborative hosting solutions tailored for designers, developers, and creative agencies. The company emphasizes a personalized approach, offering reliable hosting services with expert support to improve project outcomes. Their market position is niche, focusing on quality and client relationships rather than mass-market hosting. Technically, the website uses AngularJS and jQuery libraries, hosted on AWS infrastructure, with Google Analytics and Tag Manager for tracking. The site is mobile optimized and well-structured but uses some outdated JavaScript libraries which may pose security risks. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with no cookie consent mechanism and no explicit GDPR compliance indicators. Contact information is clearly provided, and trust is reinforced by multiple client testimonials and logos. Overall, the website is professional and trustworthy but could improve in security and privacy compliance.

Miele For Life is a dedicated membership loyalty website targeting existing Miele appliance owners in New Zealand, offering exclusive benefits such as discounts, events, and customer care. The website is built on WordPress with modern technologies including Bootstrap, jQuery, Google Tag Manager, and reCAPTCHA, hosted behind Akamai CDN infrastructure. The site demonstrates good digital maturity with mobile optimization, SEO best practices, and a clear content structure focused on recipes, offers, and member engagement. Security posture is solid with HTTPS enforced and bot protection via reCAPTCHA, though minor issues such as missing DNSSEC and a broken GTM script fetch exist. Privacy compliance is well addressed with a cookie consent mechanism and clear links to privacy and terms pages. Overall, the domain registration and website content are consistent and trustworthy, reflecting a legitimate and professional brand presence.

T

The Business Standard

tbsnews.net

0

The Business Standard is a professional English-language news media outlet based in Bangladesh, founded in 2019. It provides comprehensive coverage of national and international news, business, economy, technology, sports, and entertainment. The website is well-structured, uses modern web technologies including Drupal CMS, and integrates multiple analytics and advertising platforms. The presence of subscription services and multimedia content indicates a mature digital media business model. However, the WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy. The site implements cookie consent mechanisms but lacks explicit privacy and terms of service pages, which could be improved for compliance and transparency. Overall, the site presents a trustworthy and professional front for its audience.

Earth.Org is a well-established environmental news platform founded in 1997, providing comprehensive coverage on climate change, pollution, conservation, and policy. It targets a global audience interested in environmental issues, offering news, data analysis, and policy solutions. The website uses WordPress CMS with modern plugins and technologies, hosted with DNS managed by Cloudflare and domain registered via GoDaddy. The site demonstrates good SEO, mobile optimization, and content quality. Security posture is solid with HTTPS and domain locks, but could improve by enabling DNSSEC and publishing security policies. Privacy compliance is partial due to lack of visible cookie consent mechanisms. Contact is primarily via forms and social media, with no direct emails or phone numbers published.

L

LUCID

lucid.berlin

0

LUCID is a Berlin-based digital consultancy focused on enabling global transformation through human-centered digital project scoping, process design, knowledge platforms, and monitoring & evaluation services. Their client base includes prominent foundations, international organizations, governments, and NGOs, positioning them as a niche player in sustainability and impact measurement. The website is professionally designed with good content quality and clear navigation, supporting both German and English languages. Technically, the site uses modern JavaScript libraries such as jQuery and Flickity, hosted with Cloudflare DNS, and enforces HTTPS, but lacks some security headers and DNSSEC. Privacy compliance is minimal, with a privacy policy page present but no cookie consent mechanism or GDPR indicators. No incident response or security policy information is published. Overall, the site is trustworthy and professional but could improve in security and privacy compliance.

The SI Digital Framework website serves as the authoritative digital reference for the International System of Units (SI), operated under the auspices of the Bureau International des Poids et Mesures (BIPM). It provides key services including Permanent Digital Identifiers for SI units, prefixes, constants, and related metrology data, targeting scientific and metrology professionals globally. The platform is positioned as an official and trusted source for measurement standards and related digital tools. Technically, the website employs modern frontend technologies such as Bootstrap 5, jQuery, MathJax for mathematical rendering, and Google Fonts, ensuring a responsive and accessible user experience. Hosting is provided by Scaleway SAS, a reputable cloud provider. The site integrates Google Analytics for usage tracking but lacks visible cookie consent mechanisms, which may impact privacy compliance. From a security perspective, the site uses HTTPS and has domain transfer protections enabled, but lacks DNSSEC and important security headers like Content-Security-Policy and HSTS. No explicit security or incident response policies are published, and no vulnerability disclosure or data protection officer information is available. These gaps suggest room for improvement in security posture and compliance. Overall, the website is professional, trustworthy, and well-aligned with its mission, but would benefit from enhanced privacy and security policies to meet modern compliance standards and improve user trust.

O

OIML – BIPM

worldmetrologyday.org

0

The World Metrology Day website is an authoritative resource managed by international metrology organizations BIPM and OIML, focusing on promoting the 2025 event celebrating the 150th anniversary of the Metre Convention. It targets the metrology community and related stakeholders by providing free communication resources and event information. The website is professionally designed with consistent branding and clear navigation, leveraging modern frontend technologies such as Bootstrap and Vue.js. Mobile responsiveness and user experience are good, though accessibility features are basic. From a security perspective, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and visible security headers, which are recommended for enhanced security. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. The site does not collect user data via forms and uses minimal tracking through AWStats. WHOIS data confirms the domain's legitimacy with consistent registration details and a long history. Overall, the website is a credible, well-maintained informational platform with moderate technical maturity and some room for improvement in privacy compliance and security hardening. There are no indications of malicious content or vulnerabilities, making it a safe and trustworthy resource for its audience.

I

Institute of Physics

iop.org

0

The Institute of Physics (IOP) is a well-established professional body and learned society dedicated to promoting physics in the UK and Ireland. The website serves as a comprehensive platform for physicists, educators, students, and the general public, offering membership services, educational resources, policy advocacy, events, and publications. The organization holds a strong market position as a leading physics institution with international collaborations and a focus on inclusivity and accessibility. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies including Google Tag Manager for analytics and OneTrust for cookie consent management. The site demonstrates good performance, excellent mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms, indicating a solid security posture. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR. The lack of WHOIS data is mitigated by the site's transparency and consistent branding. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure information, and enhancing direct security contact options to further strengthen trust and compliance.

A

Adaptic, s. r. o.

adaptic.biz

0

Adaptic, s. r. o. is a Czech-based technology service provider specializing in custom web design, internet applications, and digital marketing. Founded in 2006, the company has established a solid market presence with a portfolio of several hundred projects for notable clients such as Whirlpool, Seznam.cz, and CzechTourism. Their key services include bespoke website and application development, a proprietary CMS platform (Adaptic Admin), and comprehensive marketing solutions including SEO and PPC management. The company is led by an experienced director with nearly two decades in the industry, ensuring professional project management and quality control. Technically, the website demonstrates a mature infrastructure using PHP 7.4, MySQL, and the Nette framework with Latte templating. The site is mobile-optimized, well-structured, and employs modern web standards. Google Analytics and Tag Manager are used for visitor tracking, although no explicit cookie consent mechanism is present. The custom CMS indicates a strong internal capability for tailored solutions. Performance is moderate with good SEO and accessibility practices. From a security perspective, HTTPS is enabled, and the architecture supports secure development practices. However, the absence of explicit security headers and privacy/cookie policies represents compliance and security gaps. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data is unavailable, likely due to privacy protection, but the website provides transparent company registration and contact information, supporting legitimacy. Overall, the website and business present a trustworthy and professional front with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

哔

哔哩哔哩

bilibili.com

0

哔哩哔哩 (bilibili.com) is a leading Chinese video sharing platform specializing in ACG (Anime, Comics, Games) content, offering a rich ecosystem including video streaming, live broadcasts, gaming, manga, and e-commerce services. It enjoys a strong market position with a large, active user base and a vibrant community of content creators. The platform is well-branded and professionally designed, targeting primarily young audiences interested in animation and gaming culture. Technically, the site employs modern web technologies such as Vue.js, ES2015+ JavaScript, and optimized image formats (WebP, AVIF), ensuring good performance and mobile responsiveness. However, the absence of visible privacy and cookie policies and the lack of WHOIS transparency slightly reduce its compliance and trust scores. Security posture is moderate with HTTPS enforced but missing explicit security headers and published policies. Overall, bilibili.com is a mature, reputable media platform with room for improvement in privacy compliance and security transparency.

The website amendisclient.ma is currently inaccessible, returning a 403 Forbidden error page which blocks access to any meaningful content. The domain is registered to ITISSALAT AL-MAGHRIB, a Moroccan company likely operating in the energy sector, with a domain age of approximately 7-8 years, indicating a stable registration history. Due to the lack of accessible content, no metadata, forms, or contact information could be extracted, limiting the ability to assess the website's business model, services, or compliance posture. Technically, the site does not reveal any information about its technology stack, security headers, or performance characteristics. The security posture cannot be fully evaluated, but the absence of accessible content and security policies suggests a low maturity level. Overall, the site appears to be either restricted intentionally or misconfigured, resulting in a poor user experience and low trustworthiness.

O

OpenWeather Ltd.

openweathermap.org

0

OpenWeather Ltd. is a well-established UK-based company specializing in providing comprehensive weather data services globally. Their offerings include current, forecast, and historical weather data accessible via a variety of APIs, alongside specialized dashboards tailored for sectors such as renewable energy and extreme weather monitoring. The company targets developers and businesses requiring reliable and accurate meteorological information. Their market position is strong, supported by over a decade of domain presence and ISO certifications. Technically, the website employs modern web technologies including Bootstrap, Font Awesome, Google Fonts, and integrates analytics and error monitoring tools such as Google Analytics and Sentry. Hosting is managed via AWS infrastructure, ensuring scalability and reliability. The site is mobile-optimized with good SEO and accessibility features, though some improvements could be made in accessibility and security headers. From a security perspective, the site uses HTTPS and cookie consent mechanisms, with no visible exposed sensitive data or vulnerabilities. However, explicit incident response and vulnerability disclosure policies are not found, representing an area for enhancement. Privacy compliance is strong with comprehensive policies and GDPR-aligned consent banners. Overall, OpenWeather presents a professional, trustworthy, and technically sound web presence with a high level of business credibility. Strategic recommendations include enhancing security headers, publishing incident response details, and improving accessibility to further strengthen their security posture and user trust.

N

Nadace Partnerství

bevlava.cz

0

The website bevlava.cz serves as an informational and promotional platform for the BEVLAVA international long-distance cycling trail that traverses the Moravian-Slovak border region. It is operated by Nadace Partnerství, a non-profit organization, and targets cyclists and tourists interested in exploring natural landscapes and regional attractions. The site provides maps, tourist destinations, news updates, and a photo gallery to support regional tourism. Technically, the site is built using modern frameworks such as Astro and Kentico CMS, with integrations for analytics and marketing tools including Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The website is well optimized for performance and mobile devices, offering a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security headers and published privacy or terms policies, which are areas for improvement. The domain is mature and registered consistently with the business, enhancing trustworthiness. Overall, the website is a solid regional tourism resource with moderate security and privacy compliance, suitable for its purpose but with room for enhanced transparency and security practices.

L

Lázně Luhačovice, a.s.

hotelalexandria.cz

0

Hotel Alexandria is a well-established four-star spa and wellness hotel located in Luhačovice, Czech Republic, operated by Lázně Luhačovice, a.s. It offers a comprehensive range of hospitality services including accommodation, wellness treatments, gastronomy, and event hosting. The hotel holds a strong market position as a leading wellness destination in the region, supported by multiple awards and a large wellness center. The website reflects a professional digital presence with good content quality, clear navigation, and multimedia integration. Technically, it employs modern JavaScript libraries, Google Analytics, and tag management, with a cookie consent mechanism in place. Security posture is solid with HTTPS enforced, though it lacks some advanced security headers and published security policies. WHOIS data is unavailable, which slightly impacts trust but the overall business credibility remains high due to transparent contact information and customer testimonials. Strategic improvements include publishing privacy and security policies and enhancing accessibility compliance.