Security Directory

GEM2GO is a digital platform operated by RIS GmbH, providing modern communication solutions for municipalities, cities, and regions primarily in German-speaking countries. The platform offers apps, websites, and digital signage to facilitate barrier-free, GDPR-compliant citizen communication. With over 1,400 municipalities as clients and more than one million app downloads, GEM2GO holds a strong market position in the government digital communication sector. The website is professionally designed, mobile-optimized, and accessible, reflecting a mature digital presence. Technically, the site uses a RIS CMS backend with jQuery, FontAwesome, and Matomo analytics for tracking. It integrates Google Maps API and supports accessibility features aligned with WCAG 2.2 AA standards. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is privacy protected, which is justified given the business nature. The domain is actively maintained with recent updates. Social media presence is robust across Facebook, Instagram, YouTube, LinkedIn, and TikTok, supporting community engagement. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, GEM2GO demonstrates a strong, trustworthy digital platform for government communication with good security and privacy practices. Strategic improvements in security headers and incident response transparency could further strengthen its posture.

A

agefiph

agefiph-universite-rrh.fr

58

The website agefiph-universite-rrh.fr serves as the official platform for the Université du réseau des référents handicap (URRH), an event organized by agefiph focused on disability employment and inclusion in France. It targets professionals such as disability referents in private and public sectors, training organizations, and unions. The site provides event information, program details, speaker profiles, and partner acknowledgments, positioning itself as a reputable resource in the non-profit and government sector related to disability employment. Technically, the site is built on Drupal 10, hosted by OVH, and employs modern analytics tools including Matomo and Google Tag Manager. It uses a comprehensive cookie consent mechanism (Tarteaucitron) ensuring GDPR compliance. The site is mobile-optimized with good accessibility and SEO practices, though accessibility could be improved further. From a security perspective, the site enforces HTTPS and uses cookie consent best practices. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content and organization, indicating legitimacy and consistency. Overall, the website presents a professional, trustworthy, and compliant digital presence for agefiph’s URRH event, with recommendations to enhance security transparency and incident readiness to further strengthen its posture.

A

Agefiph

agefiph-handinnov.com

65

Agefiph HANDINNOV is a French government-related platform dedicated to organizing calls for innovation projects and consultations, specifically targeting initiatives related to disability. The website serves as a portal for innovators and organizations to participate in Agefiph's innovation funding and consultation processes. The platform is relatively small in scale, consistent with a niche government service, and was established in 2018. The technical infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and the Jodit WYSIWYG editor, hosted by OVH sas with Cloudflare DNS services. The site uses HTTPS with a valid SSL certificate, ensuring secure communications.

B

Bus de l'Entrepreneuriat - Bienvenue sur le site des Bus de l'Entrepreneuriat pour Tous

bus-tousentrepreneurs.fr

57

The website 'Bus de l'Entrepreneuriat' serves as a public service platform aimed at supporting entrepreneurs in France by providing advice, orientation to partners, financing solutions, workshops, testimonials, events, training, and sponsorships. It positions itself as a regional and national initiative to facilitate business creation and growth, likely supported by Bpifrance. The site is well-structured with a clear focus on entrepreneurship and public support services. Technically, it employs modern frameworks such as Bootstrap and integrates Google Maps API for location-based services, indicating a moderate level of digital maturity. However, the site lacks visible privacy and cookie policies, and no explicit contact information or security policies are present, which impacts its compliance and trustworthiness. Security posture is moderate with no detected advanced security headers or incident response contacts. Overall, the site is safe, professional, and targeted at a general audience interested in entrepreneurship support.

T

TIM

tim.it

62

TIM is a leading Italian telecommunications company offering a wide range of services including fixed and mobile telephony, fiber and ADSL internet, TV entertainment, and energy solutions. The website targets general consumers and businesses in Italy, providing detailed product offerings and customer support. The company maintains a strong market position as a major telecom operator in Italy. Technically, the website is built on Adobe Experience Manager, leveraging modern JavaScript libraries, Google Maps API, and advanced analytics tools such as Adobe Analytics and Contentsquare. The site demonstrates good performance, mobile optimization, and SEO practices. Security-wise, the site enforces HTTPS, employs security headers, and integrates a comprehensive cookie consent mechanism, reflecting a mature security posture. However, explicit security policies and vulnerability disclosure mechanisms are not evident. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve transparency by publishing detailed privacy and security policies.

L

Letterbox Filmproduktion GmbH

letterbox-filmproduktion.de

50

Letterbox Filmproduktion GmbH is a German film production company specializing in high-quality fictional content including crime, drama, mystery, and comedy for TV and cinema. As a member of the Studio Hamburg Production Group, it holds a solid market position with a diverse portfolio of productions. The website is professionally designed, mobile-optimized, and uses WordPress CMS with common industry-standard technologies. Security posture is good with HTTPS and cookie consent mechanisms in place, though additional security headers and formal security policies could enhance protection. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, the site reflects a credible and professional media production business with moderate technical sophistication and good user experience.

N

NETSAMPLE

netsample.com

46

NETSAMPLE is a private web hosting provider with a long-established domain dating back to 1998. The company appears to focus on delivering private hosting services primarily to individuals and businesses seeking privacy in their web hosting solutions. The website is minimalistic, primarily serving as a portal with navigation links to billing, support, and status subdomains. The technical infrastructure leverages common web technologies such as Bootstrap, jQuery, Font Awesome, and Google Fonts, with Piwik (Matomo) analytics implemented for user tracking. The site shows moderate mobile optimization and basic SEO and accessibility features but lacks advanced technical enhancements such as CMS or modern frameworks. Security posture is moderate; domain registration includes transfer and update locks, but DNSSEC is not enabled, and no security headers are detected in the HTML content. There is no visible privacy, cookie, or terms of service policy, which impacts compliance and user trust. Overall, the website is functional but basic in content and security features.

C

CFP Board

letsmakeaplan.org

69

Let's Make a Plan (letsmakeaplan.org) is a professionally designed and content-rich website operated by CFP Board, a leading non-profit organization in the financial planning sector. The site serves as a consumer education platform and a directory to find CERTIFIED FINANCIAL PLANNER® professionals across the United States. It offers comprehensive educational resources, a robust search tool for locating CFP® professionals by location or name, and emphasizes fiduciary duty and ethical financial planning. The website is well-branded, consistent, and trusted within its niche, supported by references to CFP Board's official site and social media presence. Technically, the site leverages modern web technologies including Sitecore CMS, Google Tag Manager, Google Maps API, jQuery, and Cloudflare Turnstile CAPTCHA for form security. It demonstrates good mobile optimization, accessibility, and SEO practices. Privacy compliance is evident through a clear privacy policy, cookie consent mechanisms, and GDPR awareness. However, the site lacks explicit security policies and incident response information. From a security perspective, the site uses HTTPS and CAPTCHA protections effectively, with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to a malformed response limits domain registration trust analysis, but the strong brand presence and external references mitigate concerns. Overall, the site presents a secure, professional, and trustworthy platform for financial planning consumers. Strategically, the site should improve transparency by publishing security policies and incident response contacts, and address WHOIS data visibility to enhance domain trustworthiness. These steps will strengthen user confidence and compliance posture.

L

L'Agglo Hérault Méditerranée

agglo-heraultmediterranee.net

64

L'Agglo Hérault Méditerranée is a regional French government entity providing a broad range of public services including waste management, water and sanitation, public transportation, housing, cultural activities, and environmental protection. The website serves as an information portal for residents and businesses within the Hérault Méditerranée territory, offering access to services, news, and project updates. The organization positions itself as a key regional authority supporting sustainable development and quality of life. Technically, the website is built on WordPress using a custom WonderWP child theme and Bootstrap framework. It employs modern web technologies and is mobile-optimized with good SEO practices. The site uses Google Analytics for audience measurement with a clear cookie consent mechanism, reflecting a moderate level of digital maturity. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent aligned with GDPR. However, it lacks explicit security headers and a published vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is incomplete, which raises some concerns, but the website content and external links strongly indicate legitimacy as a public government entity. Overall, the website is professional, trustworthy, and serves its public service mission effectively. Strategic recommendations include enhancing security headers, publishing a security policy, improving accessibility, and maintaining regular security audits to strengthen the security posture and compliance.

G

Groupement National Interprofessionnel des Semences et plants

gnis-pedagogie.org

48

SEMAE Pédagogie is an educational platform dedicated to providing comprehensive pedagogical resources about seeds, plants, and their uses, primarily targeting teachers and students in the agricultural and seed sectors in France. The website is professionally designed, featuring detailed dossiers, media libraries, and interactive activities such as competitions and educational kits. It serves as a key resource for the French seed industry, supported by the Groupement National Interprofessionnel des Semences et plants, positioning itself as a trusted educational authority in this niche. Technically, the website is built on WordPress with Bootstrap and integrates various modern web technologies including Google Maps API, Font Awesome, and social sharing tools like AddToAny. The site is mobile-optimized and exhibits good SEO practices. Cookie consent is managed via Tarteaucitron, ensuring GDPR compliance. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is incomplete and malformed, which limits domain trust verification; however, the website’s professional presentation and official affiliations mitigate concerns about legitimacy. Overall, SEMAE Pédagogie presents a secure, professional, and content-rich platform with strong educational value. Strategic improvements in security headers, incident response transparency, and WHOIS data clarity would enhance trust and compliance further.

E

What to do today - Eventland

eventland.eu

57

Eventland.eu is a European event discovery platform that provides users with up-to-date information on concerts, festivals, parties, sporting events, and other activities across multiple European cities. The website is built on WordPress and leverages modern web technologies such as Bootstrap, jQuery, and various JavaScript libraries to deliver a responsive and user-friendly experience. SEO optimization is evident through the use of the Yoast SEO plugin and comprehensive meta tags. Security posture is adequate with HTTPS enabled and a cookie consent mechanism in place, though the absence of explicit privacy policies and terms of service indicates room for improvement in compliance and transparency. No blocking or WAF mechanisms were detected, allowing full content accessibility.

K

Kolowrat-Krakowští

kolowrat.cz

40

The website kolowrat.cz serves as an informational and heritage platform for the Kolowrat-Krakowští noble family, detailing their historical significance and current descendants. It targets audiences interested in Czech history and nobility, providing rich textual content but no direct commercial services. The site is built on Joomla! CMS with legacy technologies such as jQuery 1.7.2 and includes Google Maps and Google DoubleClick scripts for analytics and advertising. Security posture is moderate but lacks modern security headers and updated libraries, and no HTTPS status was confirmed from the data. Privacy and cookie policies are absent, which is a compliance gap. WHOIS data is missing, reducing domain trustworthiness and raising concerns about domain registration transparency. Overall, the site is professionally designed with consistent branding and good content relevance but requires improvements in security, privacy compliance, and domain legitimacy transparency.

C

Camalot

camalot.be

52

Camalot is a specialized high-end digital cinema rental company based in Vilvoorde, Belgium, with an additional presence in Amsterdam, Netherlands. The company focuses on providing premium digital cinema equipment and related services to film production professionals. Their market position is that of a niche provider catering to a professional audience requiring advanced camera and cinema technology. The website reflects a professional business model centered on equipment rental and support services, targeting media production companies and professionals in the region. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, jQuery, and Google Fonts, built on the P5 Webtemplate framework. Hosting is provided by team.blue nl B.V., a reputable registrar and hosting provider. The site is mobile optimized with good SEO practices and structured data markup, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS with a strong SSL configuration and implements a Content Security Policy header. Google Analytics is configured with IP anonymization, enhancing privacy. However, the site lacks a visible cookie consent mechanism and does not publish explicit security or incident response policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, Camalot's website is trustworthy and professional, with a solid security posture and good business credibility. Strategic recommendations include implementing explicit cookie consent, publishing security policies, enhancing accessibility, and maintaining vigilance on third-party scripts to ensure ongoing security and compliance.

Refdomaine.com is a French independent website dedicated to domain name information, offering news, guides, resources, and consulting services primarily targeting French-speaking domain professionals and enthusiasts. The site positions itself as a niche leader in the French domain name information space, with a consistent brand and good content quality. Technically, the site uses common web technologies such as Bootstrap, jQuery, and Font Awesome, hosted on o2switch.net, with moderate performance and good mobile optimization. Security posture is moderate with no detected HTTPS enforcement or security headers, and no cookie consent mechanism, indicating room for improvement in compliance and security best practices. The domain is registered since 2017 with no privacy protection, consistent with the business profile. Overall, the site is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

O

Office de tourisme d'Auxerre et de l'Auxerrois

ot-auxerre.fr

59

The website www.ot-auxerre.fr represents the official tourism office for Auxerre and the Auxerrois region in Bourgogne, France. It provides comprehensive tourism information including guided tours, accommodation, dining, leisure activities, and event agendas. The site targets tourists and visitors interested in cultural, historical, and natural attractions in the region. The business model focuses on promoting regional tourism and supporting local hospitality services. The website is professionally designed with multi-language support and rich multimedia content, reflecting a mature digital presence for a regional tourism office. Technically, the site is built on WordPress using the Woody theme and incorporates modern JavaScript libraries such as jQuery, Swiper.js, Flatpickr, and Leaflet for maps. It integrates Google Tag Manager for analytics and employs a cookie consent framework, indicating awareness of privacy regulations. The site is mobile-optimized and accessible with good SEO practices. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and explicit security policies or incident response contacts. No WHOIS registrant data was found, which reduces trustworthiness from a domain registration perspective. However, the professional content and consistent branding suggest legitimacy. There are no signs of malware or phishing. Overall, the website is a well-constructed regional tourism portal with strong content and technical implementation but would benefit from enhanced privacy disclosures, security headers, and transparent domain registration information to improve trust and compliance.

N

NH Hotels & Resorts

nh-hotels.net

76

NH Hotels & Resorts operates a large international hotel chain with over 350 properties across 36 countries, targeting leisure and business travelers. The website serves as a comprehensive online booking platform offering hotel reservations, loyalty programs, and travel inspiration. The brand is part of the Minor Hotels group, indicating a strong market position in the hospitality sector. Technically, the website employs modern web technologies including Google reCAPTCHA, Akamai service workers, and third-party analytics tools, ensuring a performant and secure user experience. Security posture is strong with HTTPS enforced and multiple security headers present, although explicit security policies and incident response information are not published. Privacy and cookie policies are comprehensive and GDPR compliant, with consent mechanisms in place. The absence of WHOIS data is a concern but likely due to privacy protection; however, the website's professional presentation and affiliation with a known hotel group support its legitimacy. Overall, the site demonstrates a mature digital presence with good security and privacy practices, suitable for its enterprise hospitality business model.

E

exceet Card Group

exceet-card-group.com

61

The exceet Card Group is a leading European manufacturer specializing in chip and plastic cards, serving sectors such as banking, government, transportation, and retail. The company produces approximately 400 million cards annually across six locations, emphasizing high security and sustainability. Their offerings include physical cards, security documents, and a digital card management app called mobile-pocket. The website reflects a mature digital presence built on WordPress with modern plugins and strong SEO and accessibility features. Security posture is robust, with HTTPS, anti-spam measures, and ISO 14298:2021 certification for security printing processes. However, the absence of WHOIS registrant data introduces a minor trust concern. Overall, the site is professional, secure, and compliant with GDPR and cookie regulations.

O

Domain Name News, Publications and Services

onlinestrat.com

51

OnlineStrat.com is a niche website dedicated to providing news, resources, and tools related to the domain name industry. It targets domain investors, industry professionals, and enthusiasts by offering directories of key players, market studies, publications, and event information. The site positions itself as a resource hub within the domain name ecosystem, focusing on education and industry insights. Technically, the website employs a standard modern web stack including Bootstrap for responsive design, jQuery, and various JavaScript libraries for UI enhancements. It integrates third-party services such as Brevo (Sendinblue) for forms and Statcounter for analytics. The site is served over HTTPS, ensuring basic transport security, but lacks advanced security headers and comprehensive privacy or cookie policies. From a security perspective, the site shows moderate maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, lack of contact information, and missing WHOIS registration data reduce overall trust and compliance posture. The WHOIS data is notably absent, which raises concerns about domain legitimacy and transparency. Overall, the website is functional, professionally designed, and content-rich for its niche. However, it would benefit from improved privacy compliance, enhanced security headers, and clearer business contact information to strengthen trust and regulatory adherence.

D

Domain Name News, Publications and Services

domstocks.com

51

OnlineStrat.com is a niche website dedicated to providing comprehensive resources, news, and tools related to the domain name industry. It targets domain name professionals, enthusiasts, and organizations by offering directories of key players, industry news, publications, and event information. The site positions itself as an information hub within the domain name ecosystem, focusing on education and resource sharing rather than commercial sales or services. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Font Awesome, and integrates third-party services such as Google Maps API, Statcounter analytics, and Brevo (Sendinblue) forms. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and formal privacy or cookie policies, indicating room for improvement in compliance and security hardening. From a security perspective, the site shows a moderate posture with HTTPS enabled and no visible vulnerabilities or exposed sensitive data. However, the absence of privacy policies, cookie consent mechanisms, and WHOIS registrant data reduces trust and compliance levels. The missing WHOIS data is a notable concern, as it may indicate recent registration or privacy restrictions, which impacts domain legitimacy assessment. Overall, the website is functional, informative, and safe for general audiences, but it would benefit from enhanced transparency, improved security headers, and formalized privacy and contact information to strengthen trust and compliance.

C

Office de Tourisme Cap d'Agde Méditerranée, Hérault, Occitanie

capdagde.com

57

The website www.capdagde.com serves as the official tourism office portal for the Cap d'Agde Mediterranean region in Hérault, Occitanie, France. It provides comprehensive information on local tourism services including accommodation, activities, events, and gastronomy, targeting tourists and visitors to the region. The site is built on WordPress and integrates Matomo analytics for visitor tracking. The technical infrastructure is modern with responsive design and good SEO practices, although accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and clearer contact information to improve trust and security.

M

Mulhouse

mulhousecestvous.fr

66

Mulhouse C'est Vous is a French local government participatory platform operated by the Ville de Mulhouse, designed to facilitate citizen engagement, project collaboration, and community participation. The platform offers a variety of services including project proposals, consultations, event calendars, and newsletters targeting citizens, associations, municipal agents, and institutions within Mulhouse. The website is well-established since 2015 and maintains a consistent brand and professional content quality. Technically, it leverages modern web technologies such as React, Bootstrap, and Google APIs, integrated within a Symfony-based backend and the Cap Collectif participatory platform framework. Security posture is solid with HTTPS enforcement, CAPTCHA protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with comprehensive GDPR-aligned policies and a named Data Protection Officer. Overall, the site is trustworthy, well-maintained, and serves its public sector mission effectively.

S

SDIS34

sdis34.fr

54

SDIS34 is the official fire and rescue service for the Hérault department in France, providing essential public safety services including firefighting, rescue operations, prevention, and recruitment of volunteer and professional firefighters. The website serves as an information portal for residents and stakeholders, offering news, practical information, and access to services. The organization maintains a strong social media presence and uses modern web technologies to deliver content effectively. Technically, the website is built on WordPress with common plugins such as WPBakery Page Builder and Slider Revolution, integrating Google Maps for location services. The site is secured with HTTPS and employs standard security headers, reflecting a good security posture. Performance and mobile optimization are adequate, though accessibility could be improved. Security-wise, the site shows good practices like HTTPS enforcement and no visible vulnerabilities. However, the absence of explicit privacy, cookie, and terms of service pages, as well as missing WHOIS data, slightly reduce trust and compliance confidence. There is no visible incident response or vulnerability disclosure information. Overall, SDIS34's website is a professional and trustworthy public service platform with room for improvement in privacy compliance and transparency. Strategic recommendations include publishing comprehensive privacy and cookie policies, adding security and incident response information, and ensuring WHOIS data availability to enhance legitimacy and trust.

Aides-entreprises.fr is a French government-affiliated platform managed by CMA France, providing a comprehensive database of over 2400 public financial aids for businesses. The website serves as a key resource for French businesses seeking financial support, offering advanced search tools, newsletters, and a mobile application to enhance accessibility and user engagement. The platform is well-positioned as a trusted reference in the French business aid ecosystem, supported by numerous partnerships with governmental and regional agencies. Technically, the site leverages AngularJS and Ionic frameworks, integrates Google Maps API, and uses Matomo for analytics, indicating a modern and moderately performant infrastructure. Security practices include HTTPS enforcement and GDPR-compliant cookie consent, though some security headers could be improved. Overall, the site demonstrates a good security posture with no critical vulnerabilities detected. The domain's WHOIS data confirms a long-standing and consistent registration, reinforcing the platform's legitimacy. Strategic recommendations include enhancing security headers, publishing a formal security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

The website for Mairie de Saint-Bris-le-Vineux serves as the official digital presence of the local government of Saint-Bris-le-Vineux, France. It provides comprehensive information about municipal services, local news, cultural events, and viticulture, targeting residents and visitors. The site is built on WordPress and leverages common plugins such as Yoast SEO, Contact Form 7, and WP Cloudy for weather information. The technical infrastructure is moderate in performance with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enforced but lacks advanced security headers and uses an outdated jQuery version, which could pose risks. Privacy compliance is minimal, with no visible cookie consent or detailed privacy policies. Overall, the site is trustworthy and professional but would benefit from enhanced security and privacy measures.

G

GardenSpa s.r.o.

higold.hu

56

HIGOLD, operated by GardenSpa s.r.o., is a Slovak-based company specializing in the design, manufacture, and retail of luxury outdoor furniture. The company has a rich history dating back to 1989 and has expanded globally with a presence in over 150 countries. Their business model focuses on high-quality, modular outdoor furniture collections targeting discerning customers seeking premium products. The website supports multiple languages and offers an online showroom and catalog access, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, Google APIs, and the Nette framework, providing a responsive and user-friendly experience. Security measures include Google reCAPTCHA v3 integration on contact forms, but the absence of explicit security headers and privacy policy pages indicates room for improvement. The WHOIS data is unavailable due to EURid privacy policies, but the website content and contact information suggest a legitimate and professional business. Overall, the site scores well on content quality and business credibility but should enhance privacy compliance and security posture.

H

Horizon Project Management

hpmgroupe.com

43

Horizon Project Management (HPM) is a Moroccan-based engineering and project management company specializing in construction project oversight, technical studies, and consultancy services. Established in 2010 and now part of the Ingérop group, HPM serves both private and public sector clients, focusing on real estate, hospitality, transportation, and industrial sectors. The company offers key services including project management assistance, delegated project management, and technical project execution. Their website reflects a professional presence with clear service offerings and client references, targeting construction developers and project owners primarily in Morocco and Africa. Technically, the website employs modern frontend technologies such as jQuery, Bootstrap, and Google Maps API, hosted by OVH sas. While the site is mobile-optimized and well-structured, some technical issues like a Google Maps loading error and lack of advanced security headers are noted. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and trustworthiness.

P

Trouvez un paysagiste qualifié près de chez vous. Devis gratuit

paysagistes.pro

50

The website www.paysagistes.pro appears to be a professional service site related to landscaping, primarily targeting a French-speaking audience. The site is built on WordPress and utilizes common web technologies such as Font Awesome and Google Maps API for icons and location services. However, the content provided is minimal and mostly technical resources, with no visible business descriptions, contact information, or privacy policies. The WHOIS data is unavailable or protected, which limits the ability to fully verify the domain's legitimacy and ownership details. The site is accessible without any WAF or security challenge blocking access.

B

Brain Behind Ltd

brain-behind.com

53

Brain Behind Ltd is a UK-based medium-sized company founded in 2005, specializing in high-volume loyalty and mission-critical loyalty solutions integrated with existing payment terminals. The company serves a diverse B2B audience including financial institutions, retailers, tourism operators, and urban mobility planners. Their product suite includes enterprise vouchers, loyalty programs for banks, tourism solutions, and contract farming administration systems. The website reflects a mature business with a consistent brand and strong partner ecosystem. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google Maps API, hosted on UKFast infrastructure. Security posture is moderate with room for improvement in DNSSEC and HTTP security headers. Privacy compliance is strong with comprehensive policies and cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-structured, supporting the company's market position as a reliable provider of payment and loyalty solutions.

I

IDEA

groupe-idea.com

52

IDEA is a well-established French logistics company specializing in industrial logistics, transport, customs, industrial packaging, production delegation, and consulting for flow management. The company serves diverse sectors including aeronautics, energy, naval, defense, agro-food bulk, manufacturing, health, and construction. The website is professionally designed using Drupal 8 and modern JavaScript libraries, providing a rich user experience with clear navigation and mobile optimization. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence and business information support legitimacy. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and monitoring domain registration details.

L

Liventa s.r.o.

speakeri.cz

61

Speakeři.cz is a Czech-based service operated by Liventa s.r.o. that specializes in connecting event organizers with professional speakers tailored to their event goals and communication needs. The company offers comprehensive event consulting services including speaker sourcing, dramaturgy, and administrative support. The website is well-structured, professionally designed, and targets corporate and professional clients seeking impactful event speakers. Technically, the site uses modern web technologies such as Google Tag Manager and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and client-side form validation, though it lacks some security headers and explicit cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but the presence of company registration details on the site supports legitimacy. Overall, the site presents a credible and professional business with room for improvement in privacy and security transparency.

Francouzský institut v Praze is a well-established cultural and educational institution dedicated to promoting French language and culture in the Czech Republic. The website offers a broad range of services including language courses, certifications, cultural events, and educational cooperation programs. It targets students, professionals, educators, and cultural enthusiasts. The institution maintains an active online presence with multiple social media channels and provides clear contact information and privacy policies, reflecting a commitment to transparency and user privacy. Technically, the website uses a modern technology stack including Angular, jQuery, Bootstrap, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some security best practices such as implementing security headers are missing, and the absence of WHOIS data raises questions about domain registration transparency. Security posture is moderate with HTTPS enforced and cookie consent implemented, but improvements are recommended in security headers and explicit terms of service. Privacy compliance is strong with a comprehensive GDPR policy and cookie management. Overall, the website is professional, trustworthy, and serves its educational and cultural mission effectively. The main risk lies in the lack of WHOIS transparency which slightly impacts trustworthiness. Strategic recommendations include enhancing security headers, publishing terms of service, and verifying domain registration details to improve legitimacy and user trust.

K

Krajči plus s.r.o.

krajci.cz

53

Krajči plus s.r.o. is a family-owned manufacturing company based in the Czech Republic, specializing in traditional fried potato chips and salty snacks with over 20 years of experience. The company operates a vertically integrated production process and distributes products domestically and internationally through partner firms in Slovakia, Poland, and Bulgaria. Their flagship product line is Cyrilovy brambůrky. The website reflects a mature business with a clear brand identity and international reach. Technically, the website is built on WordPress with WooCommerce and several plugins supporting e-commerce and pickup locations. It uses modern web technologies including Google Tag Manager and Google Maps API. The site is mobile-optimized and provides a good user experience with clear navigation and rich content. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and a published privacy policy, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data is unavailable, which slightly reduces trust but does not negate the legitimacy of the business based on website content. Overall, the site presents a professional and trustworthy front for a medium-sized manufacturing business. Strategic recommendations include publishing comprehensive privacy and terms of service policies, enhancing security headers, and maintaining regular plugin security audits to strengthen compliance and security posture.

O

Office de Tourisme Laval Agglomération

laval-tourisme.com

53

Office de Tourisme Laval Agglomération operates as the official tourism promotion entity for the Laval area in Mayenne, France. The website provides comprehensive information on accommodations, events, restaurants, and local experiences, targeting tourists and visitors. The business model focuses on tourism information dissemination and online booking facilitation. The site is professionally designed with consistent branding and high-quality content, positioning it as a trusted local tourism resource. Technically, the website is built on WordPress using the Woody theme and incorporates modern JavaScript libraries such as jQuery, Leaflet, and Google Maps API. The site is mobile-optimized, accessible, and SEO-friendly, with moderate performance. Security is generally good with HTTPS enforced and cookie consent implemented, though security headers and explicit privacy policies are lacking. The security posture is solid but could be improved by adding security headers, publishing privacy and terms of service pages, and establishing a vulnerability disclosure policy. The absence of WHOIS registrant data is a concern but does not necessarily indicate illegitimacy given the professional site presentation. Overall, the website is a reliable and professional tourism portal with minor gaps in privacy and security documentation. Strategic improvements in these areas would enhance trust and compliance.

BioTehna is a Slovenian platform dedicated to artistic research of living systems, fostering collaboration between artists and scientists to explore innovative intersections of nature and technology. The platform operates as a non-profit entity supported by governmental and European institutions, positioning itself as a niche cultural and scientific hub in Slovenia. The website provides information about projects, events, news, and opportunities, targeting artists, researchers, and the interested public. Technically, the site is built on WordPress with common plugins such as LayerSlider and WP Google Maps, and uses Google Maps API for geolocation features. The site is moderately performant, mobile-optimized, and has good SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of explicit privacy and cookie policies. Overall, the site is trustworthy and professional but could improve in privacy and security transparency.

L

La Corac

corac.fr

44

La Corac is a regional non-profit network coordinating international volunteer workcamps in the Provence-Alpes-Côte d’Azur region of France. The organization promotes cultural heritage preservation, ecological practices, and community engagement through volunteer projects involving participants from over 60 nationalities. The website is professionally designed, content-rich, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with modern plugins and integrates multimedia content such as Vimeo videos and Google Maps. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. WHOIS data is unavailable, which slightly reduces domain trust but the active social media presence and detailed content support legitimacy. Overall, the site effectively serves its target audience of volunteers and associations, providing clear navigation, contact information, and community testimonials.

R

Rodinné vinařství Skoupil

skoupil.com

50

Rodinné vinařství Skoupil is a well-established family winery based in Velké Bílovice, Czech Republic, with a history dating back to 1992. The company specializes in producing high-quality Czech wines, managing 23 hectares of vineyards, and offering approximately 150,000 bottles annually. Their business model extends beyond wine production to include hospitality services such as a family pension, restaurant, wine cellar, and event hosting including weddings and corporate events. The website reflects a professional and consistent brand image with comprehensive service offerings and a user-friendly e-commerce platform.

VINCI is a global leader in concessions, energy services, and construction, operating in over 120 countries with a workforce of approximately 285,000 employees. The company emphasizes sustainability, energy transition, and social progress, positioning itself as a responsible corporate citizen. The website reflects a mature digital presence with comprehensive corporate information, news updates, and engagement initiatives targeting investors, partners, job seekers, and the general public. Technically, the site is built on Drupal 10, integrates Matomo for analytics, and uses Tarteaucitron.js for cookie consent management, indicating a focus on privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers could be enhanced. HTTPS is enforced, and no critical vulnerabilities or exposed sensitive data were detected. Security posture is solid but could be improved by publishing explicit security policies and vulnerability disclosure mechanisms. The WHOIS data is missing or inaccessible for the queried domain, which is a minor concern but likely due to privacy protection or query format. Overall, the site is trustworthy and professionally maintained. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a formal vulnerability disclosure process to further strengthen trust and compliance.

Cloud Services for you is a Czech Republic-based technology company founded in 2015, specializing in cloud IT services including licensing for Office 365, Microsoft Azure, and Kaspersky Lab products. The company positions itself as a flexible and modern cloud service provider offering cumulative invoicing and ease of license ordering for organizations. Their extensive partner network and vendor relationships support their market presence. Technically, the website is built on WordPress with common plugins and Google Maps integration, though it uses outdated jQuery versions which may pose security risks. The site is moderately optimized for performance and mobile use, with good SEO practices but lacks explicit privacy and cookie policies. Security posture is average with no visible security headers and no incident response or vulnerability disclosure information. Overall, the website is professional and trustworthy but would benefit from improved security and compliance transparency.

A

Akademie klasické homeopatie, spol. s r.o.

studujtehomeopatii.cz

42

Akademie klasické homeopatie, spol. s r.o. is a Czech Republic-based educational organization specializing in professional homeopathy training for medical professionals and the general public. The website offers detailed information about courses, seminars, congresses, and online lectures led by an experienced homeopath. The company has a clear market position with over 32 years of experience in the field. Technically, the website uses a modern JavaScript and CSS stack with responsive design and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and secure login forms, but lacks advanced security headers and explicit privacy policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and company registration details support legitimacy. Overall, the site is professional, informative, and trustworthy for its target audience.

S

Sologne Nature Environnement

sologne-nature.org

57

Sologne Nature Environnement is a well-established non-profit association dedicated to the protection and promotion of nature and the environment in the Sologne region of France. With over 40 years of expertise, the organization offers a variety of services including biodiversity studies, public and school educational programs, environmental consulting, and community engagement through events and advocacy. The website reflects a mature digital presence with clear branding, contact information, and active social media channels. Technically, the site is built on Joomla CMS with modern front-end technologies and includes interactive features such as event calendars and maps. Security posture is generally good with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. The absence of WHOIS data limits domain trust verification, but the overall content and transparency support legitimacy. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving domain registration transparency.

B

Brdy a Podbrdsko - dovolená kousek za Prahou

brdyapodbrdsko.cz

10

The website www.brdyapodbrdsko.cz serves as an official regional tourism portal for the Brdy and Podbrdsko area near Prague, Czech Republic. It provides visitors with comprehensive travel information including event calendars, accommodation options, cultural and natural attractions, and travel planning tools. The content is primarily in Czech and targets tourists and visitors interested in exploring this region. The business model focuses on promoting regional tourism through informational content and digital engagement. The site maintains a consistent brand image aligned with regional tourism authorities and governmental partners.

S

Shopper Park Plus PLC

shop-land.eu

58

Shopland is a professional website representing a regional real estate business focused on managing shopping centers and retail parks across the Central and Eastern Europe region. The company, Shopper Park Plus PLC, offers retail space leasing and property management services, targeting retail customers and investors. The website reflects a medium-sized business with consistent branding and a clear market position in the real estate sector. Technically, the website uses modern front-end technologies including Bootstrap, jQuery, LightGallery, Splide.js, and Google Maps API for interactive features. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some accessibility and SEO optimizations could be improved. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR principles. However, it lacks explicit security headers and does not provide a privacy policy or incident response information, which are important for compliance and trust. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is trustworthy and professional but would benefit from adding comprehensive privacy and security policies, improving accessibility, and implementing security headers to enhance its security posture and compliance standing.

P

Pro-idea s.r.o.

eventival.com

52

Eventival.com is a professional SaaS platform specializing in film festival and event management software. The company, Pro-idea s.r.o., founded in 2009 and based in the Czech Republic, offers a comprehensive and widely adopted solution for film festivals worldwide, boasting over 100 clients and extensive industry integrations. The website is well-designed, content-rich, and optimized for mobile, providing a positive user experience and clear business positioning as a market leader in its niche. Technically, the site uses modern web technologies including Google Analytics, Google Tag Manager, and Google Maps API, with good performance and basic accessibility features. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Privacy compliance is partial, with a cookie policy present but no explicit privacy or terms of service pages detected. The WHOIS data is missing or unavailable, which reduces domain transparency and trustworthiness despite the professional appearance and business legitimacy. Overall, the site is safe, trustworthy, and well-positioned in its industry but would benefit from enhanced transparency and security documentation.

N

National Library of Medicine (NLM), National Institutes of Health (NIH)

clinicaltrials.gov

73

ClinicalTrials.gov is a US government-operated website managed by the National Library of Medicine (NLM) at the National Institutes of Health (NIH). It serves as a comprehensive and authoritative database of clinical research studies and their results, targeting researchers, healthcare professionals, patients, and the general public. The platform provides free access to clinical trial registrations and results, supporting transparency and informed decision-making in healthcare. The website is well-established, having been created in 2000, and holds a strong market position as the primary US government resource for clinical trial information. Technically, the website employs modern web technologies including Angular, Google Tag Manager, Google Fonts, and Google Maps API, hosted likely on Google Cloud infrastructure. It demonstrates excellent performance, mobile optimization, and accessibility features. The site uses HTTPS with strong SSL configuration and implements security best practices such as domain transfer protection. However, DNSSEC is not enabled, and there is no explicit security policy or vulnerability disclosure information published. From a security perspective, ClinicalTrials.gov maintains a strong posture with enforced HTTPS, no exposed sensitive data, and use of trusted domain registration practices. The WHOIS data shows privacy protection typical for government domains, with domain age consistent with the site's long operational history. Privacy and cookie policies are present and comprehensive, though no explicit cookie consent mechanism is detected. Contact information is clearly provided, including email, phone, and physical address, enhancing business credibility. Overall, ClinicalTrials.gov is a highly trustworthy, professional, and secure government website providing critical healthcare information. Strategic recommendations include enabling DNSSEC, publishing a dedicated security policy and incident response details, and adding a vulnerability disclosure or security.txt file to further enhance transparency and security posture.

B

BLOOM Association

bloomassociation.org

61

BLOOM Association is a French non-profit organization dedicated to protecting the ocean, climate, and artisanal fishermen. Established in 2007, it operates as an advocacy NGO with a strong focus on scientific research, legal actions, citizen mobilization, and education. The website reflects a mature and professional digital presence with comprehensive content, including news, campaigns, events, and publications. The organization maintains active social media channels and provides donation and petition platforms through related domains. Technically, the site is built on WordPress with modern libraries and APIs, hosted by OVH sas, and optimized for SEO and mobile use. Security posture is good with HTTPS and domain protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is partial, with consent mechanisms present but no explicit privacy or cookie policy pages found. Overall, the site is trustworthy and well-positioned in its sector, with recommendations to enhance security headers, enable DNSSEC, and publish clear privacy and cookie policies.

Svazek obcí Podkrkonoší operates as a regional community and informational portal serving the Podkrkonoší area in the Czech Republic. The website provides news, event information, cultural and nature-related content, and service center details aimed at residents and visitors. The platform positions itself as a trusted regional resource with consistent branding and regular content updates. Technically, the site employs a range of JavaScript libraries including jQuery, PhotoSwipe, and Google Maps API, indicating a moderate level of digital maturity. The website is mobile optimized and features a cookie consent mechanism, though it lacks explicit privacy and terms of service pages. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and updating libraries. Overall, the site is safe, professional, and trustworthy with no adult or explicit content detected.

N

Nature & Découvertes

natureetdecouvertes.com

61

Nature & Découvertes is a well-established French retail company specializing in nature-themed products and gifts, operating both online and through physical stores. The website offers a comprehensive e-commerce platform with features such as free in-store pickup and home delivery, targeting general consumers interested in unique and nature-related gifts. The company maintains a strong market position in the French retail sector with consistent branding and professional content. Technically, the website employs a modern technology stack including jQuery, Foundation framework, Google Maps API, and various marketing and analytics tools such as Kameleoon and Microsoft Clarity. The site demonstrates good performance, mobile optimization, and accessibility standards, supported by a well-structured SEO strategy. From a security perspective, the website enforces HTTPS and implements cookie consent mechanisms, with no visible vulnerabilities or exposed sensitive data. However, some security headers like Content-Security-Policy and X-Frame-Options could be explicitly added to enhance protection. The absence of WHOIS data is a notable anomaly that slightly impacts trust but does not detract from the overall legitimacy based on website content and branding. Overall, the website presents a low-risk profile with strong privacy compliance and business credibility. Strategic recommendations include improving security header implementation and verifying domain registration transparency to bolster trust further.

F

Fondation Lemarchand

fondationlemarchand.org

55

Fondation Lemarchand is a French non-profit foundation dedicated to supporting associative projects focused on nature preservation and social aid, particularly for children in social care. Established in 2017, it has supported over 874 projects and 364 associations, positioning itself as a reputable actor in the non-profit environmental and social sector. The website provides comprehensive information about its mission, projects, and partner associations, targeting donors, associations, and the general public interested in environmental and social causes. Technically, the site uses a moderate tech stack including jQuery, Modernizr, Google Maps API, and YouTube embeds, hosted by OVH sas. The site is mobile-optimized with good navigation and content quality.

I

Inclusive Outdoors Resource Hub

inclusiveoutdoors.org

56

The Inclusive Outdoors Resource Hub is a non-profit collaborative platform focused on providing a community-driven digital library and collective resources to promote inclusivity in outdoor recreation. It partners with organizations such as the Outdoor Recreation Roundtable and Recreate Responsibly to offer trainings, toolkits, research, and opportunities to its target audience of outdoor professionals and advocates. The website is built on the Softr platform using modern frontend technologies including Bootstrap and jQuery, with integration of Google Analytics and Google Maps API. While the site demonstrates good design quality, mobile optimization, and clear navigation, it lacks explicit privacy, cookie, and terms of service policies, which impacts its privacy compliance score. Security posture is moderate with HTTPS and some best practices but missing security headers and incident response information. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trustworthiness but is not uncommon for non-profit organizations. Overall, the site is safe, professional, and serves its niche audience effectively.

U

U Logistique

u-logistique.com

9

U Logistique is a large French logistics company serving the Coopérative U retail cooperative. The company specializes in transport logistics, warehouse management, and supply chain expertise, operating 27 sites and managing millions of parcels annually. The website reflects a professional and consistent brand presence with clear business focus and recruitment efforts. Technically, the site is built on WordPress with modern SEO and analytics tools, including Matomo for privacy-conscious tracking. Security posture is good with HTTPS and cookie consent implemented, though additional security headers and explicit policies are recommended. The absence of WHOIS domain registration data is a concern for domain legitimacy and should be investigated. Overall, the site is trustworthy and well-maintained but could improve transparency and security documentation.