Other security reports

The website salons-bienetre.com represents Agence Plan B, an organizer of wellness fairs in France, targeting individuals interested in health, relaxation, and natural products. The site promotes events in multiple cities with dates and venues, providing a contact form and social media links for engagement. Technically, the site is built on WordPress using the Divi theme, leveraging standard web technologies such as jQuery and Google Fonts. The site is served over HTTPS, ensuring encrypted communication, and includes a captcha-protected contact form to mitigate spam. However, the absence of WHOIS data for the domain raises concerns about transparency and domain legitimacy. No privacy or cookie consent mechanisms were detected, which may impact compliance with privacy regulations. Security headers are not present, indicating room for improvement in security posture. Overall, the website is functional, professionally designed, and provides relevant content for its audience, but lacks some critical compliance and security features.

B

Bio en Grand Est

biograndest.org

9

Bio en Grand Est is a regional non-profit organization dedicated to supporting and promoting organic agriculture in the Grand Est region of France. The website serves as a network hub for organic producers and provides information, news, events, and resources related to organic farming. The organization targets both professionals in the organic sector and consumers interested in organic products. The site is professionally designed using WordPress and integrates modern web technologies and plugins to deliver a good user experience. Social media integration and structured data enhance its digital presence. Security measures such as HTTPS and reCAPTCHA are implemented, but there is room for improvement in DNS security and HTTP headers. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. Overall, the website is trustworthy and serves its business purpose effectively.

The website represents the Festival International du Film Ornithologique de Ménigoute, a well-established non-profit cultural event focused on wildlife and nature documentaries, particularly ornithology. Founded in 1985 and organized by Association MAINATE, it serves a general audience interested in nature and film. The site provides comprehensive information about the festival's program, activities, and participation opportunities, supported by social media and newsletter engagement. Technically, the site is built on the Contao CMS platform with modern JavaScript libraries and includes GDPR-compliant cookie consent mechanisms. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit security policies. WHOIS data is unavailable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-maintained.

S

Spas Organisation

spas-expo.com

10

Spas Organisation is a leading French event organizer specializing in bio, well-being, natural health, and sustainable development sectors. The company operates multiple public and professional salons and events, positioning itself as a market leader in France. Their digital presence is built on a WordPress platform with modern SEO practices and a clear focus on event promotion and partner collaboration. Technically, the website is well-structured, mobile-optimized, and uses recognized technologies such as Elementor and Yoast SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although incident response and vulnerability disclosure mechanisms could be improved. Privacy compliance is adequate with GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a professional and trustworthy business with a solid market position.

K

Koop Domeinnaam

cookiebanner.eu

8

Koop Domeinnaam operates as a domain reseller specializing in selling domain names such as cookiebanner.eu. The website is a straightforward landing page offering the domain for sale at a fixed price, targeting individuals or businesses interested in acquiring domain names quickly. The business model is simple and focused on domain sales with immediate invoicing and transfer token delivery. The market position is that of a niche domain reseller within the Netherlands, with a small-scale operation and basic online presence. Technically, the website employs standard HTML5, CSS, and JavaScript, with Cloudflare services used for CDN and security purposes. The site is moderately optimized for performance and mobile devices but lacks advanced frameworks or CMS platforms. SEO and accessibility features are basic, and no analytics or tracking services are detected, indicating minimal data collection. From a security perspective, the site benefits from Cloudflare's protection but lacks explicit security headers and cookie consent mechanisms, which are important for GDPR compliance. No forms or sensitive data collection points are present, reducing attack surface. The absence of detailed security policies and incident response information suggests limited security maturity. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the limited scope and content of the site, but improvements in privacy compliance, security headers, and transparency would enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing cookie consent, adding security headers, publishing terms of service, and improving mobile and accessibility features.

B

Brdy a Podbrdsko - dovolená kousek za Prahou

brdyapodbrdsko.cz

10

The website www.brdyapodbrdsko.cz serves as an official regional tourism portal for the Brdy and Podbrdsko area near Prague, Czech Republic. It provides visitors with comprehensive travel information including event calendars, accommodation options, cultural and natural attractions, and travel planning tools. The content is primarily in Czech and targets tourists and visitors interested in exploring this region. The business model focuses on promoting regional tourism through informational content and digital engagement. The site maintains a consistent brand image aligned with regional tourism authorities and governmental partners.

The domain regiotv.cz is currently expired and parked, showing no active business content or services. The website primarily serves as a placeholder with advertising iframes and links to domain sale contact pages. There is no evidence of an operational company or digital services under this domain. The technical infrastructure is minimal, relying on basic HTML and JavaScript with external ad and tracking scripts. No CMS or modern frameworks are detected. Security posture is weak due to lack of HTTPS enforcement, absence of security headers, and expired domain status. Privacy and compliance policies are missing, indicating non-compliance with GDPR and related regulations. Overall, the site presents a low trust profile and minimal business credibility.

Pretekaj.sk is a Slovak sports registration and results platform operated by Matj.sk. It serves organizers and athletes by simplifying event registration and providing easy access to sports performance data. The platform targets a niche market within Slovakia, focusing on regional sports events and races. The website is well-structured, professionally designed, and provides clear navigation and relevant content for its audience. Technically, it employs modern web technologies including Bootstrap, jQuery, Google Analytics, and Facebook SDK, hosted likely behind Cloudflare for performance and security. Security posture is good with HTTPS enforced and secure payment logos displayed, though some security headers and explicit policies are missing. Privacy and cookie policies are present and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site is trustworthy, functional, and well-positioned within its market niche.

M

MARVIO agency s.r.o.

marvio.cz

9

MARVIO agency s.r.o. is a creative marketing agency based in Ostrava, Czech Republic, specializing in comprehensive marketing services including online marketing, website development, graphic design, printing, and vehicle wrapping. The company targets businesses and organizations seeking to enhance their marketing presence through both digital and offline channels. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content in Czech language. Technical infrastructure is based on WordPress CMS with modern JavaScript libraries and frameworks, although some components like jQuery are outdated. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks some advanced security headers and explicit incident response information. WHOIS data is missing, which raises concerns about domain registration transparency and legitimacy. Overall, the website presents a trustworthy and professional marketing agency with room for improvement in security and domain registration transparency.

S

secondfoundation

second-foundation.eu

7

The website 'secondfoundation' presents a professional and modern design with a focus on business-related content. However, the lack of publicly available WHOIS data due to privacy protection limits the ability to verify domain ownership and legitimacy. The site uses modern CSS frameworks and animation libraries, indicating a moderate level of technical maturity. Security posture is weak due to absence of HTTPS verification and security headers, and no privacy or cookie policies are present, which impacts compliance and user trust. Overall, the site is safe for general audiences but lacks transparency and security best practices, which should be addressed to improve credibility and compliance.

Kristy z Ostravy is a small freelance marketing specialist business based in Ostrava, Czech Republic, founded in 2024. The website presents professional marketing services including strategy, online marketing, and event support targeted at local firms and entrepreneurs. The business positions itself as a local expert with a passion for Ostrava and marketing. Technically, the website is built on WordPress using the Astra theme, integrating modern marketing and analytics tools such as Google Tag Manager and Hotjar. Cookie consent is implemented, indicating awareness of privacy compliance, though no explicit privacy policy or terms of service pages were found. Security posture is good with HTTPS enabled and no exposed sensitive data, but could be improved by adding explicit security headers and incident response information. Overall, the website is professional, well-branded, and trustworthy with moderate SEO and mobile optimization.

S

Soudons, fermes !

soudons-fermes.org

58

Soudons, fermes ! is a French network of structures committed to peasant agroecology, collaborating closely with the Atelier Paysan to disseminate technical projects and tools that promote farm autonomy and sustainable agriculture. The website serves as an informational and networking platform, showcasing members and activities through interactive maps and content. The business operates as a small, focused non-profit entity founded recently in 2023, targeting agricultural communities and stakeholders interested in agroecology. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and domain protections but lacks advanced security headers and DNSSEC. Privacy compliance is limited, with no cookie consent mechanism or detailed privacy policies visible, which could be improved to meet GDPR standards. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy features.

The website at communspaysans.org currently serves as a simple directory listing with no substantive business content or branding. The domain is very recently registered (April 2024) via OVH sas without privacy protection, but the lack of detailed registrant information and minimal website content raises questions about the site's maturity and legitimacy. Technically, the site lacks HTTPS, security headers, and exposes sensitive files through directory listing, indicating poor security posture. No privacy, cookie, or terms of service policies are present, and no contact information is provided, which further diminishes trust and compliance standing. Overall, the site appears to be in an early or placeholder state with significant improvements needed to meet basic security, privacy, and business credibility standards.

Shen Yun Performing Arts is a globally recognized performing arts company specializing in classical Chinese dance and music, established in New York in 2006. The company focuses on reviving and presenting traditional Chinese culture through breathtaking performances that include classical dance, ethnic and folk dance, and orchestral music. Their market position is strong as a premier classical Chinese dance company with a broad international audience. The website reflects a professional and consistent brand image with multilingual support, targeting a general audience interested in cultural and performing arts experiences. Technically, the website employs modern JavaScript libraries, analytics tools, and accessibility features, indicating a mature digital infrastructure. However, some areas such as explicit privacy and cookie policies and WHOIS transparency could be improved. Security posture is good with HTTPS and no visible vulnerabilities, but security headers and incident response information are lacking. Overall, the site is trustworthy and well-maintained but would benefit from enhanced privacy compliance and domain registration transparency.

The website mestafrica.com/lander is currently a minimal placeholder or parking page with very limited content. It primarily serves advertising via Google Adsense and does not provide any business-related information, contact details, or policies. The domain is newly registered in November 2023 through GoDaddy, with no privacy protection on WHOIS data. The technical infrastructure is basic, using JavaScript and a proprietary 'PW' lander system, hosted on GoDaddy's DNS servers without DNSSEC enabled. Security posture is weak due to lack of HTTPS enforcement details, missing security headers, and absence of privacy or cookie policies. Overall, the site lacks professionalism and trust indicators, making it unsuitable for business or customer engagement in its current state.

The website at yfdnzfa.com presents minimal accessible content, primarily consisting of an invisible tracking pixel and an embedded iframe sourced from unrelated external domains. There is no visible business information, contact details, or user-facing content. The domain WHOIS data is suspicious, showing a creation date in the future (July 2025) and listing the registrar as PDR Ltd., a domain registrar service, without any registrant organization details. This raises concerns about the legitimacy and purpose of the domain. Technically, the site uses basic HTML and JavaScript but lacks modern security headers, DNSSEC, and privacy compliance mechanisms. The embedded third-party content suggests potential user tracking and profiling. Overall, the site appears to be a placeholder or a tracking intermediary rather than a legitimate business website.

The website esc.best currently presents no accessible content or metadata, rendering any business or technical analysis infeasible. The absence of visible information, forms, or scripts suggests the site is either inactive or a placeholder. The WHOIS data indicates privacy protection, which is common for small or new entities but limits transparency. Without content, no assessment of business model, services, or market position can be made. Technically, the site lacks detectable technologies or security configurations, indicating minimal digital maturity. Security posture cannot be evaluated due to lack of data, and no compliance or privacy policies are present. Overall, the site poses minimal risk but also offers no trust signals or business credibility.

P

Plinko

safetysleeve.cz

9

The website safetysleeve.cz (content points to plinkohra.cz) is an informational and promotional platform focused on the Plinko gambling game targeted at Czech players. It provides detailed guides, game mechanics, casino recommendations, and demo access to Plinko games. The site leverages Cloudflare for DNS and CDN services and uses modern web technologies including JSON-LD structured data for SEO and rich snippets. The content is well-structured, mobile-optimized, and professionally presented, though it lacks explicit cookie consent and some security headers. The domain WHOIS data is suspicious due to a future creation date, which undermines trust and raises questions about legitimacy. Contact information is limited to an email address, with no phone or physical address provided. Social media presence is established across multiple platforms, enhancing credibility. Overall, the site is functional and informative but requires improvements in privacy compliance and security transparency.

The website trafflinks.site currently serves only a 404 Not Found error page, indicating that the main content is inaccessible or not deployed. The domain is relatively new, registered in December 2022, and hosted via Hosting Ukraine LLC with DNS managed by Cloudflare. The site uses Cloudflare Insights for analytics but lacks any visible business or contact information, privacy or cookie policies, or terms of service. The technical infrastructure is minimal, with nginx 1.24.0 as the web server and no advanced security headers detected. The absence of content and policies severely limits the ability to assess the business or security posture comprehensively. The domain registration data is consistent and transparent, but the lack of website content and business details reduces trustworthiness and credibility.

ArtMoment is a newly launched business in Slovakia focused on offering creative workshops. The website serves primarily as a landing page to announce the upcoming launch and collect newsletter subscriptions, incentivizing sign-ups with a promotional 1+1 voucher. The business appears to be a small-scale operation targeting general consumers interested in creative activities. Technically, the website uses standard modern web technologies including Google Tag Manager and Facebook Pixel for marketing and analytics. Hosting is inferred to be with Wedos based on nameservers. Security posture is basic with no advanced headers or policies detected, and no privacy or cookie policies published, indicating room for compliance improvements. The domain registration is recent but consistent with the business launch timeline, supporting legitimacy. Overall, the site is safe, professional at a basic level, and suitable for general audiences.

Designloga.cz is a small Czech-based professional service provider specializing in logo design and corporate identity creation. The website showcases a portfolio of diverse client projects and offers multiple service packages with clear pricing. The business targets companies and individuals seeking professional branding solutions. The technical infrastructure includes common web technologies such as jQuery, Google Fonts, and CSS frameworks, with moderate performance and good mobile optimization. Security posture is moderate but could be improved by updating outdated libraries and implementing security headers. Privacy compliance is limited due to the absence of privacy and cookie policies. Overall, the website is professional and trustworthy, though domain registration data is unavailable, which slightly reduces trust.

T

TIMAC AGRO Maroc

timacagro.ma

53

TIMAC AGRO Maroc is a well-established agricultural solutions provider specializing in innovative fertilization, plant nutrition, and animal production products tailored for the Moroccan market. With a claimed 25 years of local expertise, the company positions itself as a trusted partner offering sustainable and environmentally respectful agricultural performance improvements. The website reflects a professional digital presence with clear branding, product categorization, and local support emphasis. Technically, the site is built on WordPress with Elementor and WooCommerce, leveraging modern analytics tools like Google Tag Manager and Matomo, and is hosted behind Cloudflare DNS services. Security posture is solid with HTTPS enabled and cookie consent implemented, though explicit privacy and terms policies are missing. The WHOIS data shows some inconsistencies, notably a future domain creation date, which may indicate a staging domain or data error but does not detract significantly from the site's legitimacy. Overall, the site is safe, professional, and targeted at agricultural professionals in Morocco.

The website zdravotnidozor.cz currently presents a security verification page that blocks direct access to its main content using Google reCAPTCHA v3. This indicates a bot protection mechanism is in place, preventing automated or unauthorized access. Due to this, no business-specific content, contact information, or policies are accessible for detailed analysis. The domain is registered since 2016 with a Czech registrar and uses Czech-based name servers, suggesting a legitimate regional presence. The technical infrastructure includes modern frontend technologies such as Bootstrap 5.3.3 and Google reCAPTCHA, but lacks visible security headers or metadata to assess SSL/TLS configuration or SEO. Overall, the site’s security posture shows basic bot protection but lacks transparency in privacy and compliance documentation.

N

Naturhelp.cz

naturhelp.cz

54

Naturhelp.cz is a Czech language informational website providing articles, reviews, and tips related to nature, gardening, ecology, and recipes. The site targets a general audience interested in environmental topics and sustainable living. It operates as a content publishing platform with monetization through Google AdSense. The website is built on WordPress, leveraging various plugins for SEO, multilingual support, and GDPR compliance. Hosting is provided by WEDOS, consistent with the domain registration data. The site demonstrates good digital maturity with responsive design, clear navigation, and structured data implementation. Security posture is solid with HTTPS enabled and cookie consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with a comprehensive cookie policy and GDPR opt-in banner. Contact information is limited to a contact form without explicit emails or phone numbers. Overall, the website is professional, trustworthy, and safe for general audiences.

The website mest.com is currently a parked domain with minimal content, primarily serving as a placeholder indicating the domain may be for sale. There is no active business presence or descriptive content about services or products. The site embeds an external iframe from an unrelated domain and includes multiple advertising and tracking scripts. The technical infrastructure is basic, with no detected CMS or advanced frameworks, and the hosting appears to leverage AWS Cloudfront CDN for static assets. Mobile optimization and accessibility are minimal, and SEO practices are poor due to lack of meaningful content and metadata. Security posture is weak, with no HTTPS enforcement visible in the provided data, no security headers, and no privacy or cookie policies, which raises compliance concerns. The WHOIS data shows the domain is old (registered in 1999) but uses parking DNS servers, consistent with the parked domain status. Overall, the site lacks business credibility and trust indicators, and the security and privacy compliance posture is poor.

OLDstars is a Czech student theater group that organizes theatrical performances, festivals, and acting courses primarily in Prague and surrounding regions. Their website showcases a rich program of upcoming performances, news, and educational opportunities, targeting students and theater enthusiasts. The site is built on modern web technologies such as Next.js and React, providing a responsive and user-friendly experience. Security posture is good with HTTPS and some security best practices, though some HTTP security headers could be improved. Privacy and cookie policies are not clearly presented, which is a compliance gap. WHOIS data is unavailable, which reduces domain trust but the professional content and social media presence support legitimacy. Overall, the site is a well-maintained cultural platform with room for enhanced privacy and security transparency.

A

AGENTURA SCHOK, spol. s r.o.

shakespeare.cz

46

The website www.shakespeare.cz represents the Letní shakespearovské slavnosti (Summer Shakespeare Festival) organized by AGENTURA SCHOK, spol. s r.o., a medium-sized cultural event organizer based in the Czech Republic. The festival is well-established, attracting tens of thousands of visitors annually and supported by prominent partners such as the PPF Group. The site provides comprehensive information about the festival's program, ticketing, partners, and historical context, targeting theater enthusiasts and the general public interested in Shakespearean drama. Technically, the website employs modern front-end technologies including Bootstrap for responsive design, Google Custom Search Engine for site search, Facebook SDK for social integration, and FontAwesome for icons. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Cookie consent mechanisms and a privacy policy are implemented, indicating compliance with GDPR requirements. From a security perspective, HTTPS is used as inferred from resource URLs, and cookie consent is managed with user options. However, no explicit security headers were detected in the HTML content, and no security policy or incident response contacts are published. The absence of WHOIS data reduces domain registration transparency, which slightly impacts trustworthiness. No vulnerabilities or exposed sensitive data were found in the content. Overall, the website is a professionally maintained cultural event platform with good content quality and privacy compliance. The main risk area is the lack of visible domain registration data and security policy disclosures. Strategic improvements in security headers, incident response information, and WHOIS transparency would enhance trust and security posture.

The website www.pujcimekaru.cz currently presents no accessible content, metadata, or business information, indicating it is either inactive or blocked. The WHOIS lookup returned no registration data, suggesting the domain may not be registered or is inactive. Technically, the site lacks HTTPS, security headers, and any detectable technologies or frameworks, reflecting a very low digital maturity. Security posture is weak due to absence of SSL and security best practices. Overall, the site is not trustworthy and does not provide any business or compliance information. Strategic recommendations include registering the domain properly, deploying HTTPS, adding business and privacy information, and improving content and technical implementation to establish legitimacy and security.

Terre Nourricière is a small French communication agency specializing in ethical and engaged communication services targeted at actors in environmental education, international solidarity, and peasant agriculture sectors. Their key offerings include web and mobile development, graphic design, video production, educational tools, and consulting/training services. The website presents a professional and consistent brand image with clear navigation and relevant content for their niche audience. Technically, the website uses modern front-end libraries such as Bootstrap 4.5.2, jQuery, Slick Carousel, and Typed.js, with Google Analytics for tracking. The site appears mobile-optimized and moderately performant. The CMS is likely SPIP based on URL patterns and form tokens. However, no advanced security headers or explicit privacy/cookie policies are present, and WHOIS data is unavailable, limiting domain transparency. Security posture is moderate with some best practices like honeypot anti-spam fields and CSRF tokens in forms, but lacks HTTP security headers and visible incident response contacts. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is safe and professional but would benefit from enhanced security and privacy measures. Recommendations include implementing security headers, publishing privacy and cookie policies with consent, improving WHOIS transparency, and adding incident response contacts to strengthen trust and compliance.

H

Dr. Heidi Sevestre : Glaciologist, Speaker, Author

heidisevestre.com

62

The website www.heidisevestre.com appears to be a portfolio or personal site built on the Wix platform, likely showcasing photography or art. The site uses standard Wix technologies and scripts, indicating a moderate level of technical infrastructure typical for Wix-hosted sites. However, the site lacks critical business and security information such as privacy policies, cookie consent mechanisms, contact details, and terms of service. The WHOIS data is unavailable or indicates the domain may not be registered, which raises concerns about the legitimacy and trustworthiness of the domain. Security posture is basic with HTTPS enabled but missing important security headers and policies. Overall, the site is accessible without WAF or blocking mechanisms but provides minimal content and business credibility.

ZEDD is a small, French communication agency based in Grenoble specializing in responsible and sustainable communication services. The company positions itself as a pioneer in the Auvergne Rhône-Alpes region, offering consulting, creation, development, and maintenance services with a focus on eco-conception and digital responsibility. The website content is professionally presented in French, targeting organizations seeking sustainable communication solutions. Technically, the website uses modern web technologies including JavaScript, CSS, and SVG graphics, with the SPIP CMS platform. Hosting is local to Grenoble, leveraging a datacenter with a positive carbon footprint, reflecting the company's environmental values. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are present. No privacy or cookie policies are found, indicating gaps in GDPR compliance. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are visible. No tracking or advertising scripts were detected, suggesting minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

The website browsiprod.com appears to be an API or protected resource rather than a traditional public-facing website. The content is inaccessible without a required HTTP header 'X-API-Key', indicating that the site is likely intended for authorized users or applications only. Due to this restriction, no meaningful content, metadata, or contact information is available for analysis. The domain is registered with Amazon Registrar, Inc. since 2016, which aligns with a plausible business timeline but lacks further public business details. The technical infrastructure appears minimal from the provided data, with no visible security headers or SSL configuration details. The security posture cannot be fully assessed due to lack of accessible content, but the absence of standard security and privacy policies is a concern. Overall, the site presents a low trust profile due to inaccessibility and lack of transparency.

The website joinjfd.com is currently inaccessible to visitors, returning a 403 Forbidden error page. This indicates that access to the site or page is blocked or restricted, preventing any meaningful content or business information from being displayed. The domain is registered since 2020 with EuroDNS S.A. and uses SiteGround nameservers for hosting. However, the lack of accessible content, absence of privacy or cookie policies, and no contact information severely limit the ability to assess the business or security posture. Technically, the site shows no evidence of modern web technologies, analytics, or security headers, and the user experience is poor due to the access restriction. Overall, the site is not currently suitable for public or customer interaction and requires remediation to restore access and provide essential business and compliance information.

C

CHRYSALIDE

cae29.coop

52

CAE 29 is a French cooperative organization under the legal entity CHRYSALIDE, founded in 2014, providing shared enterprise and employment cooperative services primarily in the Finistère region. The website serves as an informational and engagement platform for entrepreneurs and project holders seeking cooperative business support, administrative delegation, and training. The business model focuses on collective entrepreneurship and professional autonomy within a cooperative framework, positioning CAE 29 as a regional leader in this niche. Technically, the website is built on the SPIP CMS platform, hosted by Gandi SAS, and uses standard web technologies including JavaScript and CSS. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, there is room for improvement in accessibility and modern security practices. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. There is no cookie consent mechanism or detailed privacy policy, which may pose compliance risks under GDPR. No incident response or security policy information is published, and no analytics or tracking services are detected, indicating minimal user tracking. Overall, CAE 29 presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, DNSSEC, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

H

Hellowork

hellowork.com

65

Hellowork operates as a leading online job board and recruitment platform in France, offering a wide range of employment opportunities, CV management, job alerts, and recruitment services. The website targets job seekers and recruiters, positioning itself as a premier resource in the French employment market. The platform is well-branded and maintains a consistent professional image with strong social media integration and mobile app availability. Technically, the website employs modern web technologies including Turbo Frames, Tailwind CSS, and integrates multiple analytics and marketing tools such as Google Tag Manager, Piano Analytics, and Microsoft Clarity. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some security headers are missing. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, the absence of explicit security headers and lack of published security policies or incident response information indicate areas for improvement. The WHOIS data is unavailable, which raises questions about domain registration transparency but does not necessarily indicate illegitimacy given the site's professional presence. Overall, Hellowork presents a mature digital presence with strong business credibility and user engagement, though it would benefit from enhanced security transparency and domain registration clarity.

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) indicating that no actual website content is accessible. This page is used by the Chrome browser to display offline or error states and does not represent a real website or business entity. Consequently, there is no business information, contact details, or policies available for analysis. The technical infrastructure is limited to Chromium's internal scripts and styles for rendering the error page. Security posture cannot be evaluated as this is not a live website but a browser-generated page. Overall, this is not a legitimate website but a placeholder error page, and no meaningful security, compliance, or business insights can be derived.

The website autoketing.org is currently inaccessible, serving a standard 404 error page with no business content, contact information, or policies. The domain is registered since 2018 via Name.com, Inc. and uses Cloudflare nameservers, indicating some level of infrastructure setup. However, the absence of any accessible content or metadata prevents meaningful analysis of the business, its services, or its market position. Technically, the site lacks SEO, accessibility, and security best practices, and no privacy or cookie policies are present, which raises compliance concerns. The security posture is minimal but benefits from HTTPS and Cloudflare hosting. Overall, the site is not operational or publicly available, resulting in a low trust and credibility score.

M

MOVE Ostrava

movefest.cz

53

MOVE Fest Ostrava is a cultural festival focused on contemporary dance, new circus, and physical theatre, serving the Moravian-Silesian region of the Czech Republic. The website presents the festival as a regional cultural event with over 10 years of history, targeting a general audience interested in performing arts. The business model centers on event organization and cultural promotion. Technically, the website is built on the Wix platform, utilizing standard Wix technologies and scripts, with moderate performance and good mobile optimization. However, the site lacks comprehensive privacy and cookie policies, contact information, and security headers, which impacts its security posture and privacy compliance. The absence of WHOIS data reduces trust and transparency, though the website content appears legitimate and professional. Overall, the site is functional and well-designed but requires improvements in security, privacy, and business credibility to enhance trust and compliance.

L

Les 4 Éléments Production

paysansducielalaterre.fr

52

Paysans du Ciel à la Terre is a French documentary film project focused on agroecology and soil health, produced by the association Les 4 Éléments Production. The website serves as an informational and promotional platform offering film screenings, DVD sales, and educational resources. The site is built on WordPress using the Divi theme, integrating multimedia content such as YouTube videos and audio interviews. Contact details including emails and phone numbers are clearly provided, along with social media links to Facebook, Instagram, and YouTube. However, the absence of privacy and cookie policies indicates potential compliance gaps with GDPR regulations. Security posture is moderate with HTTPS enabled but lacking security headers. WHOIS data for the domain is unavailable, which limits trust verification of domain legitimacy. Overall, the website is professional and content-rich, targeting a general audience interested in environmental and agricultural topics.

E

Evolem

evolem.com

57

Evolem is a family office investment organization founded by entrepreneur Bruno Rousset, focusing on supporting entrepreneurs through investments and philanthropy. The company targets SME managers, startups, and non-profit projects promoting entrepreneurship, employment, and environmental sustainability. The website reflects a mature digital presence with clear business descriptions, structured navigation, and consistent branding. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and GDPR compliance, indicating a good level of digital maturity. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though some security headers and policies could be enhanced. Overall, Evolem presents a trustworthy and professional online presence aligned with its business objectives.

The website hobbypraha.cz is currently inaccessible due to a Cloudflare Web Application Firewall (WAF) block, presenting a security challenge page instead of actual content. This prevents any meaningful extraction of business, contact, or policy information. The domain WHOIS data is suspicious, showing a creation date in the future (June 18, 2025), which undermines trust and legitimacy. No metadata, forms, or external business links are available for analysis. The technical infrastructure relies on Cloudflare for security and hosting, but no further details can be ascertained due to the block. From a security perspective, the presence of a Cloudflare WAF indicates some level of protection against attacks, but the lack of accessible content and suspicious WHOIS data raise concerns about the domain's authenticity and operational status. No privacy, cookie, or terms of service policies are detectable, and no contact or incident response information is available, limiting compliance and transparency assessments. Overall, the website's risk profile is elevated due to inaccessibility, suspicious registration data, and absence of verifiable business information. Strategic recommendations include verifying domain registration details, ensuring website accessibility for legitimate users, and publishing essential compliance and contact information once accessible. Due to the WAF block, the AI scoring is capped low, and most observations remain unknown or blocked. For a comprehensive analysis, direct access to the live website content is necessary.

T

Trustia Czech Republic, s.r.o.

festivalevolution.cz

45

Festival Evolution is a Czech Republic-based event organizer focused on promoting healthy lifestyle and personal development through festivals, conferences, and workshops. The website serves as a platform to inform visitors and exhibitors about the festival, its partners, and related events. The business operates in the event organization sector with a regional market position and targets a general audience interested in wellness and personal growth. The company behind the website is Trustia Czech Republic, s.r.o., which is credited as the author in the metadata. The website content is well-structured, informative, and consistent with the festival's theme.

Nákupní kartářka.cz is a Czech Republic based online platform specializing in prepaid credit packages for tarot card readings and psychic consultations via telephone. The website targets adults interested in esoteric and psychic services, offering a variety of credit packages to access live card readers. The business operates a niche e-commerce model focused on telephonic psychic services, positioning itself as a specialized service provider within the Czech market. Technically, the site is built on the Yii framework with Bootstrap and jQuery, integrating Google Analytics for user tracking. The site is mobile responsive and provides a good user experience with clear navigation and professional design. Security posture is moderate with HTTPS enforced and CSRF protections in place, but lacks advanced security headers and a cookie consent mechanism, which are recommended for GDPR compliance. WHOIS data is transparent and consistent with the business profile, indicating legitimacy and domain age appropriate for the business history. Overall, the website is functional and professional but could improve privacy compliance and security practices to enhance trust and regulatory adherence.

C

Clement Charleux – Ecrivain – Photographe

clementcharleux.com

42

The website clementcharleux.com serves as a personal portfolio and blog for Clement Charleux, a French writer and photographer. It features a variety of artistic content including blog posts, photo galleries, interviews, and travel stories. The site targets a general audience interested in art, literature, and photography, positioning itself as a niche personal brand rather than a commercial enterprise. The business model revolves around content publishing and personal branding without evident monetization mechanisms. Technically, the site is built on WordPress and employs common web technologies such as jQuery, Modernizr, and various plugins for enhanced user experience like infinite scrolling and social sharing. The site is moderately optimized for performance and mobile devices, with a good design quality and clear navigation. However, accessibility features are basic and SEO optimization is minimal. From a security perspective, the site uses HTTPS but lacks important security headers and formal security policies. No vulnerabilities or exposed sensitive data were detected, but the absence of privacy and cookie policies indicates compliance gaps, especially regarding GDPR. Contact information is available via a contact page and social media links, but no dedicated incident response or security contact channels are provided. Overall, the website is safe and trustworthy for general audiences, with no adult or explicit content. The domain uses privacy protection for WHOIS data, which is typical for personal sites. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and enhancing compliance and incident response readiness to improve trust and security posture.

L

Louise DIDIER

quincaillere.org

72

Louise Quincaillère is a small, specialized service provider focused on cooperative and collaborative facilitation, offering training and digital tools to community groups and collectives. The website presents a clear business model centered on education, training, and support for cooperative projects, with a niche market position in the cooperative ecosystem in France. Technically, the site is built on the YesWiki CMS platform, leveraging Bootstrap and FontAwesome for UI, hosted by OVH sas. The site is moderately performant, mobile-optimized, and accessible at a basic level. Security posture is adequate with HTTPS enforced and domain protections in place, but lacks DNSSEC and security headers, which are recommended improvements. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security practices.

L

Les écolohumanistes

lesecolohumanistes.fr

45

Les écolohumanistes is a small French content site dedicated to ecology and humanist values, operated by individuals named Romain and Jeff. The website focuses on educating and simplifying ecological and humanist concepts for a French-speaking audience. The business model centers on content creation and knowledge transmission within a niche market. Technically, the site is built on WordPress 6.8.3, utilizing plugins such as Yoast SEO and WP Dark Mode, hosted by IONOS SE. The site is moderately optimized for performance and mobile devices, with good SEO practices but lacks full accessibility features. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies and no GDPR indicators. Overall, the site is trustworthy but would benefit from enhanced privacy and security measures.

V

Service is not available in your region.

vudu.com

52

The analyzed URL is a region restriction error page under the athome.fandango.com subdomain. The page content is minimal, displaying only a message that the service is not available in the visitor's region, with no additional business or contact information. WHOIS data for the subdomain is not found, indicating it is not separately registered and likely a subdomain or placeholder under the parent domain fandango.com. The technical infrastructure is basic HTML and CSS with no detected scripts or analytics. Security posture cannot be fully assessed due to lack of HTTPS and security headers information. Overall, the site is blocked or restricted for the visitor's region, limiting meaningful analysis.

D

Design for Real Life

dfrlbook.com

9

Design for Real Life is a professionally presented website dedicated to a book authored by Eric Meyer and Sara Wachter-Boettcher, focusing on compassionate and inclusive design principles. The site targets UX professionals and designers, offering free reading sections and book purchase options. The technical infrastructure is modern, leveraging Netlify hosting and JavaScript enhancements, with good mobile optimization and accessibility. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy and well-designed but would benefit from enhanced security and privacy measures.

A

Asociace kulturních center ČR, z.s.

akcecr.cz

40

Asociace kulturních center ČR, z.s. is a Czech non-profit association dedicated to supporting and connecting cultural centers throughout the Czech Republic. The organization provides advocacy, networking, educational resources, and methodological support to cultural centers, positioning itself as a key player in the cultural sector. The website reflects a professional and consistent brand image with clear communication of its mission and services. Technically, the site is built on WordPress using modern themes and plugins, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled and secure forms, though lacking advanced security headers and explicit privacy and cookie policies. The absence of WHOIS data limits domain trust assessment, but the website content and contact information indicate legitimacy. Overall, the site serves its target audience effectively but would benefit from enhanced privacy compliance and security transparency.

The website websitevisitorleads.com currently presents minimal content, limited to displaying the domain name with no additional business information, services, or user engagement features. The domain is relatively new, registered in 2022, and uses Cloudflare for DNS hosting. There is no evidence of privacy, cookie, or terms of service policies, nor any contact information or social media presence. Technically, the site is very basic with no detected CMS, frameworks, or third-party integrations. Security posture is minimal with basic SSL/TLS likely enabled but no advanced security headers or configurations observed. Overall, the site appears to be a placeholder or under development with low trust and credibility indicators.