Security Directory

V

Vojtěch Nedvěd

vn1.cz

47

Vojtěch Nedvěd operates a professional web development service primarily focused on creating websites and e-shops for a variety of clients. The business is positioned as a small independent developer based in the Czech Republic, with a portfolio showcasing diverse projects including programming, coding, design, and copywriting services. The website is well-structured, visually consistent, and targets local Czech businesses and individuals seeking custom web solutions. Technically, the site employs modern web standards including HTML5, CSS3, JavaScript, and integrates Google Fonts and Font Awesome for styling. It uses Google Analytics and Tag Manager for visitor tracking, hosted on Wedos, a reputable Czech hosting provider. The site is mobile optimized and SEO friendly but lacks advanced accessibility features. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers are missing and no formal security or privacy policies are published. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and professional but would benefit from improved privacy compliance and security best practices.

T

The Epoch Times

theepochtimes.com

71

The Epoch Times is a large US-based media company providing breaking news, in-depth reporting, and video content focused on politics, culture, and world events. It operates a subscription and donation-based business model, targeting a general audience seeking independent news free from bias. The company maintains a strong online presence with social media integration and offers an e-Newspaper platform. Technically, the website is built on modern frameworks such as React and Next.js, leveraging CDNs and optimized image formats for fast performance and excellent mobile responsiveness. SEO and accessibility are well implemented, contributing to a professional user experience. From a security perspective, the site enforces HTTPS and includes multiple security headers, indicating a strong security posture. However, the absence of explicit privacy policies, terms of service, and incident response information represents compliance gaps. The lack of WHOIS data reduces domain trustworthiness but does not detract from the professional appearance and content quality. Overall, the website presents a low risk with good technical and content quality but would benefit from enhanced transparency and compliance documentation to improve trust and privacy compliance.

I

inpublic technology s.r.o. | informační panely

inpublictechnology.cz

52

The website www.inpublictechnology.cz is a Wix-hosted site with minimal visible content and no accessible business or contact information. The lack of WHOIS data prevents verification of domain registration legitimacy. The site uses standard Wix scripts and polyfills but lacks privacy, cookie, or terms of service policies, and no contact or social media links are present. Technical infrastructure is basic with moderate performance and mobile optimization. Security posture is weak due to absence of security headers and no visible incident response or security policies. Overall, the site appears incomplete or underdeveloped, limiting trust and business credibility.

S

SKY Media s.r.o.

skymedia.cz

50

SKY Media s.r.o. is a Czech Republic-based internet agency specializing in web development, e-commerce solutions, SEO, and online marketing services. The company targets businesses and individuals seeking professional digital presence and marketing support. Their website demonstrates a professional design with clear navigation and a portfolio of client references, indicating a stable market position as a small but established technology service provider. Technically, the website uses a custom CMS (SKY:CMS) and integrates modern web technologies including Google Analytics, Google reCAPTCHA, and Microsoft Clarity for analytics and security. The site is HTTPS secured with valid SSL certificates and shows good mobile optimization and SEO practices. However, some security headers are missing, and no explicit privacy or cookie policies are found, which could be improved. From a security perspective, the site employs standard protections such as HTTPS and CAPTCHA on forms, but lacks published security policies or incident response contacts. The absence of WHOIS data limits the ability to fully verify domain legitimacy, which slightly reduces trustworthiness. Overall, the security posture is good but could benefit from enhanced transparency and header implementation. The overall risk is moderate with no critical vulnerabilities detected. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing a vulnerability disclosure or security policy to improve compliance and trust. The business appears credible and professional, with a solid technical foundation and clear contact information.

Zahadyshop.cz is a Czech e-commerce website specializing in the sale of printed and electronic magazines focused on mysteries, paranormal phenomena, health, and conspiracy theories. The business operates under the WEXBO brand, with a domain registered since 2013, indicating a stable presence in the niche media market. The website targets Czech-speaking audiences interested in mysticism and related topics, offering subscriptions and individual magazine sales. Technically, the site uses a proprietary CMS (WEXBO), modern web technologies including Google Fonts and Google Analytics, and is optimized for desktop and mobile users. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is basic but adequate, with clear privacy and cookie policies and GDPR references. Overall, the site presents a professional and trustworthy e-commerce platform with good user experience and content relevance.

T

TROPICANA - La Plage | Restaurant de plage par la Tarte Tropézienne

tropicanalaplage.com

38

The website 'TROPICANA - La Plage' represents a beach restaurant business associated with the Tarte Tropézienne brand, targeting general public and tourists in France. The site provides information about their hospitality and food services but lacks detailed business and contact information. Technically, the site is built on WordPress using the Divi theme, with moderate performance and good mobile optimization. However, the security posture is weak due to missing security headers and lack of HTTPS verification in the provided data. Privacy compliance is minimal, with no visible privacy or cookie policies, and no GDPR compliance indicators. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. Overall, the site is accessible and safe for general audiences but requires significant improvements in security, privacy, and business transparency to enhance trust and compliance.

M

Myli

myli.io

63

Myli is a French SaaS company specializing in AI-powered e-reputation and customer acquisition platforms tailored for multi-location businesses, particularly in the hospitality, retail, and services sectors. The company positions itself as a leader in the French market, trusted by a significant portion of top fast food chains and recognized across various industries. Their platform offers integrated tools such as review management, presence optimization, SEO-optimized store locators, and gamification features to enhance local marketing efforts. Technically, the website is built using modern frameworks like React and Next.js, ensuring good mobile optimization, accessibility, and SEO practices. The site loads with moderate performance and employs privacy-respecting analytics (plausible.io). Security-wise, HTTPS is enforced, but explicit security headers and incident response policies are not publicly documented, suggesting room for improvement. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies including consent mechanisms. The business credibility is high, supported by client testimonials, partnerships, and consistent branding. Strategically, Myli should enhance its security transparency by publishing incident response and vulnerability disclosure policies and implementing additional security headers. These steps will strengthen trust and compliance, supporting its market leadership and growth ambitions.

M

Malakoff Humanis

malakoffhumanis.com

68

Malakoff Humanis is a large French mutual social protection group specializing in health, provident, savings, and retirement services. The organization targets both individuals and enterprises within France, offering comprehensive social protection and accompaniment services. The website is professionally designed using Drupal 10, incorporating modern web technologies and marketing tools such as Abtasty and TagCommander. The technical infrastructure supports moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are needed in security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy policy page detected. WHOIS data is missing or unavailable, which reduces trustworthiness but the website content and structured data strongly indicate a legitimate entity. Overall, the site is professional, trustworthy, and well-positioned in its market segment.

S

Service Public d’Information en Santé

sante.fr

63

Santé.fr is the official French public health information portal managed under the Ministry of Health. Established in 2016, it serves as a comprehensive and reliable source of health information for the general public and health professionals. The website offers extensive editorial content, a large directory of health professionals and establishments, and personalized health advice services. It is positioned as a leading government-backed health information platform in France. Technically, the site is built on Drupal CMS with modern frontend technologies including Vue.js and FontAwesome. It implements strong privacy and cookie consent mechanisms using tarteaucitron.js and supports mobile and accessibility standards well. The site is served over HTTPS with no detected blocking or WAF interference, indicating good operational maturity. From a security perspective, the site enforces HTTPS and secure login via OpenID Connect but lacks explicit HTTP security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, Santé.fr presents a trustworthy, professional, and secure public health information service with excellent content quality and user experience. The domain WHOIS data is not publicly available, consistent with government domain privacy practices, and the site aligns well with its stated mission and branding.

S

Storck

merci.com

71

The merci.com website represents the official brand site for the merci chocolate product line, owned by the Storck company. It serves as a retail and brand information platform showcasing a variety of chocolate products, crafting ideas, and brand storytelling. The site targets general consumers interested in gifting chocolates and maintains consistent branding aligned with the parent company. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and includes a cookie consent mechanism and privacy policy, reflecting a mature digital presence. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. WHOIS data is unavailable or protected, which slightly reduces domain trust but the overall professional presentation and corporate linkage support legitimacy. The site is accessible without WAF or blocking mechanisms.

The website zezdravotnictvi.cz is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks direct access to any business content or information. The domain is registered since 2019 under REG-INTERNET-CZ with Cloudflare nameservers, indicating a Czech Republic origin. No visible business description, contact details, or policies are present on the landing page, limiting the ability to assess the company's market position or services. Technically, the site uses Cloudflare's security and CDN services but lacks visible SEO, accessibility, or security headers in the provided HTML content. The security posture is partially supported by Cloudflare's WAF but lacks transparency in policies and contact channels. Overall, the site scores low on content quality, privacy compliance, and business credibility due to the blocked content and missing information.

V

VITESTIN přímo od výrobce

vitestin.cz

50

The website vitestin.cz appears to be a small-scale business site hosted on the Wix platform, likely related to health or supplements given the domain name and branding. The site is accessible without any WAF or security challenge, but lacks critical business and security information such as WHOIS registrant data, privacy policies, cookie consent mechanisms, and contact details. Technically, it uses Wix's Thunderbolt framework and standard web technologies, with moderate mobile optimization and basic SEO features. Security posture is minimal with no advanced headers or policies detected. Overall, the site presents a basic online presence but lacks transparency and compliance features expected for trust and regulatory adherence.

I

IML spol. s r.o.

gimmexin.cz

50

IML spol. s r.o. operates the website gimmexin.cz, promoting and selling Gimmexin, a patented immunity support syrup targeted at both children and adults. The company positions itself within the healthcare supplement market in the Czech Republic, focusing on natural ingredients like turmeric and organic germanium to support immune function. The website serves as an informational and e-commerce platform, linking to pharmacy partners for purchase. Technically, the site is built on the SKY:CMS platform, employs modern web technologies, and integrates multiple marketing and analytics tools such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site uses HTTPS and cookie consent mechanisms, but lacks visible security headers and formal security policies or incident response contacts. The absence of WHOIS data for the domain is a notable concern, impacting domain trustworthiness. Overall, the site is functional and professional but would benefit from enhanced security disclosures and domain registration transparency.

The website novinyvm.cz is currently inaccessible due to a Cloudflare Turnstile security challenge page that blocks direct content access. This prevents extraction of any meaningful business, contact, or policy information from the site. The domain is registered since 2007 with a Czech registrar REG-WEDOS and uses Cloudflare name servers, indicating a legitimate and established domain. However, the lack of visible content and policies limits the ability to assess the business model, services, or compliance posture. Technically, the site uses Cloudflare's security and CDN infrastructure, but no additional security headers or frameworks are evident in the HTML content. Privacy and cookie policies are absent, and no contact information or forms are present beyond the security challenge. The site does not contain any adult or questionable content based on the available data. Overall, the site appears to be protected by Cloudflare's WAF, but this also restricts content visibility and analysis.

C

Chrám živočichů

chram.eu

55

Chrám živočichů is a small, community-oriented informational website focused on animals, providing a space of love and mercy for all beings. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies such as JavaScript, HTML5, and CSS3. The website is accessible, mobile-optimized, and uses HTTPS to secure communications. However, it lacks critical compliance documents such as privacy and cookie policies, and does not provide contact information, which limits its business credibility and privacy compliance scores. Security posture is moderate with HTTPS enabled but missing security headers and incident response details. Overall, the site appears legitimate but would benefit from enhanced transparency and compliance documentation.

Rádio Regenerace is a Czech-language cultural and lifestyle internet project focused on podcasts, articles, and multimedia content covering topics such as style, dialogue, speeches, reading, exhibitions, relaxation, music, and documentaries. The website targets a Czech-speaking audience interested in cultural enrichment and personal well-being. It operates primarily as a content publisher supported by voluntary donations, positioning itself as a niche media provider within the Czech Republic. Technically, the site uses standard web technologies including JavaScript, jQuery, Google Tag Manager, and Google reCAPTCHA for bot protection. The site is moderately optimized for mobile devices and has a clear navigation structure, though accessibility features could be improved. Security posture is moderate with HTTPS presumably enabled but lacking visible security headers and a published privacy policy. The absence of WHOIS data limits domain trust assessment, though the site content and presentation suggest legitimacy. Overall, the site is safe for general audiences and provides valuable cultural content.

F

FTV Prima, spol. s r.o.

radio1.cz

43

Radio 1 is a well-established Czech radio station operating since 1998, specializing in alternative music and cultural programming. It serves a general audience in the Czech Republic and positions itself as a unique alternative media outlet. The website supports online streaming and provides rich content related to its radio programs and DJs. Technically, the site is built on WordPress and leverages modern web technologies including Google Tag Manager and Gemius analytics, with a consent management platform (Didomi) ensuring GDPR compliance. Security posture is good with HTTPS enforced and consent mechanisms in place, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Business credibility is supported by consistent WHOIS data and comprehensive privacy policies. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

E

Ekokoza s.r.o.

ekokoza.cz

59

Ekokoza s.r.o. operates a Czech e-commerce platform specializing in natural and ecological products for home production of cosmetics, candles, and food. The company targets consumers interested in DIY natural products and provides both raw materials and expert recipes. The website is professionally designed, mobile-optimized, and offers a comprehensive product catalog with customer reviews and loyalty programs, positioning it as a niche leader in the Czech market. Technically, the site uses modern JavaScript frameworks, Google Tag Manager, and Facebook Pixel for analytics and marketing, running on the BSSHOP e-commerce platform. Security posture is strong with HTTPS and security headers, though no explicit security policy or incident response information is published. Privacy compliance is well addressed with GDPR-aligned privacy and cookie policies and explicit consent mechanisms. However, the absence of WHOIS registration data is a notable gap, reducing trustworthiness from a domain registration perspective. Overall, the site is safe, professional, and trustworthy for its target audience.

N

NIIM

niim.com.au

66

NIIM is a specialized healthcare provider based in Melbourne, Australia, focusing on integrative and holistic functional medicine. The website presents a professional image with clear service offerings targeted at patients seeking personalized healthcare solutions. The business operates on a small scale with a local market focus. Technically, the website is built on WordPress using Visual Composer and employs modern web fonts and lazy loading scripts to optimize performance. Hosting is provided by a reputable Australian data center, and DNS is managed via Cloudflare, although DNSSEC is not enabled. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies on the site. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced privacy and security disclosures.

E

Europe Ayurveda Academy

europeayurvedaacademy.org

48

Europe Ayurveda Academy (EAA) is a specialized educational institution providing authentic Ayurvedic education in Europe, with campuses in France and strong partnerships in India. The academy offers hybrid courses combining online lectures and practical in-person training, accredited by the Ayurveda Training Accreditation Board (ATAB) under the Ministry of AYUSH, Government of India. The website is professionally designed using WordPress and related modern plugins, providing detailed course information, testimonials, and contact details. However, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is adequate with HTTPS and domain locking but could be improved by enabling DNSSEC and publishing security policies.

The website ncamusa.org is currently inaccessible beyond a security check page that performs an automatic redirect after a brief delay. The visible content is minimal and primarily consists of a loading spinner and a message indicating a security check is in progress. The site appears to be protected by a Web Application Firewall (WAF) or similar security mechanism, likely BitNinja, as indicated by the external link. The domain is recently registered in January 2023 and uses outdated CMS technologies (Joomla 1.5 and WordPress 2.5), which are no longer supported and pose security risks. No business, contact, or policy information is accessible, limiting the ability to assess the organization's operations or compliance. Overall, the site lacks modern security headers, DNSSEC, and privacy compliance indicators, resulting in a low security posture and poor user experience.

N

Nadační fond Bytí pro životní filozofii a léčbu biotronikou

biovidtv.cz

44

BIOVID TV is a Czech non-profit foundation focused on spiritual ceremonies, lectures, and community activities related to the teachings of Josef Zezulka. The website serves as a broadcasting platform offering live spiritual events and an archive of past content. The organization positions itself as a niche media outlet within the spiritual and alternative medicine space, targeting a general audience interested in these topics. The business model revolves around educational and spiritual content dissemination rather than commercial sales. The website presents clear business registration information and contact details, enhancing credibility despite missing WHOIS data.

Profesní komora Sanátor is a Czech non-profit organization dedicated to the education, certification, and promotion of biotronics and complementary and alternative medicine (CAM) based on the philosophy of Josef Zezulka. The organization actively participates in international conferences and collaborates with European and global CAM associations, positioning itself as a specialized entity within the healthcare and CAM sector in the Czech Republic. The website provides comprehensive educational content, event information, and publications to support its mission. Technically, the site is built on Umbraco CMS, uses modern web technologies, and implements Google Analytics and Tag Manager for traffic analysis. The site is mobile-optimized with good navigation and content quality. Security posture is moderate with HTTPS in use and cookie consent implemented, but lacks visible security headers and explicit security policies. WHOIS data is unavailable, which impacts domain legitimacy verification. Overall, the site is professional, trustworthy, and safe for general audiences.

T

Transition Leytonstone

transitionleytonstone.org.uk

59

Transition Leytonstone is a community-driven initiative focused on environmental sustainability and improving the local area of Leytonstone. The website serves as an informational platform to engage local residents and environmentally conscious individuals. It operates as a small non-profit entity with a grassroots approach to community involvement. The site is built on the Wix platform, leveraging Wix's hosting and content management capabilities, which provides a moderate level of technical infrastructure suitable for small organizations. The website is accessible and mobile-optimized, but lacks advanced SEO and accessibility features. Security posture is basic with HTTPS enabled but missing critical security headers and policies. The absence of privacy, cookie, and terms of service policies indicates a gap in compliance and user trust mechanisms. WHOIS data is unavailable due to domain naming rule violations, which raises legitimacy concerns but does not necessarily indicate malicious intent. Overall, the site is functional and serves its community purpose but requires improvements in security, compliance, and transparency to enhance trust and professionalism.

K

KPMG

kpmg-discovery.cz

67

KPMG Česká republika is a leading professional services firm offering audit, tax, advisory, and legal services. The website reflects a mature, enterprise-level business with a strong market position supported by global brand recognition. The content is tailored to clients and potential clients in the Czech Republic, emphasizing the integration of advanced technologies and expert knowledge to deliver excellent results efficiently. The site is well-structured, professionally designed, and optimized for multiple devices and languages, indicating a high level of digital maturity. Technically, the website leverages modern JavaScript frameworks (Vue.js), a robust CMS (Adobe Experience Manager), and a global CDN (Akamai) to ensure fast performance and scalability. Privacy and cookie compliance are well implemented, with clear policies and consent mechanisms. Security posture is strong, with HTTPS enforced, domain registration protections, and no visible vulnerabilities or exposed sensitive data. However, explicit security policies and incident response contacts are not prominently published, representing an area for improvement. Overall, the risk profile is low with no signs of malicious activity or suspicious content. The website demonstrates a high degree of professionalism, trustworthiness, and compliance with relevant regulations. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing transparency around data protection officer contacts to further strengthen trust and security posture.

K

KPMG Česká republika, s.r.o.

manifest121.cz

59

Manifest 121 is a socially driven initiative emphasizing the centrality of humans in societal and technological progress, commemorating the 100th anniversary of Karel Čapek's play R.U.R. The initiative is supported and branded by KPMG Česká republika, indicating strong corporate backing and credibility. The website is professionally designed, multilingual, and includes interactive elements such as forms for joining and newsletter subscription, with clear privacy and cookie policies in place. Technically, the site uses modern JavaScript, cookie consent management, and Google Analytics for minimal tracking, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and anti-spam measures on forms, though some security headers are not explicitly detected. The absence of WHOIS data reduces transparency but does not significantly impact trust due to the strong corporate association. Overall, the site is a credible, well-maintained platform for a socially conscious initiative.

E

Eventmaker

eventmaker.io

60

Eventmaker is a French SaaS company specializing in event management and automation solutions. Positioned as a leading all-in-one platform for event organizers and corporate clients, it offers services including event registration, audience engagement, and data analytics. The website is professionally designed, optimized for SEO, and targets French-speaking markets primarily. Technically, the site runs on WordPress with the Divi theme, integrates multiple marketing and analytics tools such as HubSpot and Google Analytics, and employs performance monitoring via New Relic. Security posture is solid with HTTPS and some script security measures, though additional headers and explicit security policies are absent. The WHOIS data is unavailable, which raises some concerns about domain registration legitimacy, but the website content and branding are consistent and trustworthy. Overall, the site demonstrates a mature digital presence with room for enhanced security transparency.

P

Programme Équité

programme-equite.org

51

Programme Équité is a French non-profit initiative focused on accelerating ecological and social transition in West Africa through fair trade development. The program supports cooperatives and fair trade actors by fostering sustainable supply chains and capacity building. The website reflects a mature and consistent brand presence with clear messaging and trust indicators such as partner logos and testimonials. Technically, the site is built on WordPress with modern integrations including Mapbox, Google Tag Manager, and reCAPTCHA, providing a solid digital infrastructure. Security posture is adequate with HTTPS and form protections, though improvements like DNSSEC and security headers are recommended. Privacy compliance is basic but present, with cookie consent mechanisms and a privacy policy accessible via footer links. Overall, the domain registration and website content align well, indicating a legitimate and stable organization.

T

Terreeveille

terreveille.be

56

Terreeveille is a French-language website hosted on the Wix platform, representing a business or brand named Terreeveille. The site is professionally designed with moderate content quality but lacks detailed business descriptions, contact information, and legal policies such as privacy or terms of service. Technically, it uses Wix's Thunderbolt framework and standard web technologies, with good mobile optimization and basic SEO. Security posture is moderate with HTTPS implied but no explicit security headers detected. The absence of WHOIS data due to registry restrictions limits trust verification. Overall, the site appears legitimate but would benefit from enhanced transparency and compliance documentation.

The website roseaux-dansants.org is a small, community-focused platform dedicated to honoring Joanna Macy, a prominent figure in deep ecology. It primarily serves as a memorial and educational resource for individuals interested in ecological and spiritual teachings. The site content is minimalistic and static, with basic HTML and CSS, lacking modern web design and mobile optimization. There are no interactive elements, forms, or data collection mechanisms present. Technically, the site is hosted on servers associated with phpnet.org and uses no advanced frameworks or CMS. Security posture is weak, with no HTTPS enforcement, no security headers, and no DNSSEC enabled. Privacy compliance is absent, with no privacy or cookie policies found. The domain is legitimate, registered since 2008 with Tucows Domains Inc., and shows no suspicious registration patterns. Overall, the site is safe but lacks professional polish, security best practices, and privacy compliance.

Compagnonnage R.E.P.A.S. is a French non-profit association offering a six-month itinerant educational parcours focused on understanding and experimenting with self-managed structures. The website serves as an informational and resource hub for participants and supporters, providing downloadable documents and links to related partner sites. The association operates in a niche educational and social sector, targeting individuals interested in collective action and alternative societal models. Technically, the site is built using modern static site generation technology (Eleventy) and employs MapLibre GL JS for interactive map features, hosted likely via OVH sas. Security posture is moderate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers. Privacy compliance is limited due to absence of cookie consent mechanisms and explicit privacy policy details. Overall, the site is professional and trustworthy but could improve in privacy and security best practices.

N

notre-planete.info

notre-planete.info

50

notre-planete.info is an independent French media platform specializing in environment, ecology, nature, and earth sciences. Established since 2001, it provides a wide range of content including news articles, briefs, dossiers, real-time environmental data maps, forums, and photo submissions. The site targets a general audience interested in scientific and ecological topics, positioning itself as a reference media in its niche. The business model relies on memberships, donations, and advertising. Technically, the website uses standard web technologies with modern JavaScript features and integrates Google Identity Services for user authentication, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and uses consent management scripts but lacks explicit security headers and incident response disclosures. Overall, the site is accessible, content-rich, and trustworthy, with good privacy compliance but could improve in security transparency and technical optimizations.

L

La Maison Écologique

lamaisonecologique.com

59

La Maison Écologique operates as an independent French magazine focused on ecological construction, eco-habitat, and sustainable living. Established in 2003, it serves a niche audience interested in eco-construction through rich editorial content including articles, podcasts, videos, and practical guides. The business model centers on subscriptions and magazine sales via an online boutique, supported by a loyal subscriber base and active social media presence. Technically, the website is hosted by OVH sas and employs Matomo analytics and Revive Adserver for advertising. The site is well designed, mobile optimized, and accessible, with good SEO practices. However, it lacks explicit privacy and cookie policies, and security headers are not detected, representing areas for improvement. The domain registration is consistent and trustworthy, with no blocking or WAF detected, indicating good accessibility. Overall, the site demonstrates a solid digital presence with room to enhance privacy compliance and security posture.

B

Brin de paille

brindepaille.org

54

Brin de paille is a small French blog and community platform focused on ecology, permaculture, and sustainable living. The website provides articles, project sharing, and suggestions aimed at a general audience interested in sustainable practices. The site is built on WordPress and hosted by OVH sas, with a modern technical stack and good mobile optimization. However, it lacks formal privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Social media presence is established on Facebook, Instagram, and Twitter/X, enhancing community engagement. Overall, the site is professional and trustworthy for its niche but should improve privacy and security practices.

The website reseau-amap.org serves as a national directory and informational resource for AMAPs (Associations pour le maintien d'une agriculture paysanne) in France. It aims to promote sustainable and organic farming by connecting consumers directly with farmers. The site provides educational content, a directory of AMAPs, and guidance on creating new associations. The business model is non-profit and community-focused, targeting consumers and farmers interested in local agriculture. The website is modest in scale and has been operational since 2007, indicating a stable presence in its niche. Technically, the site uses basic web technologies including JavaScript and CSS, with Google Analytics for visitor tracking. Hosting is provided by Infomaniak, a known European hosting provider. The site lacks modern CMS indicators and shows basic mobile optimization and accessibility. SEO practices are minimal but functional. No advanced frameworks or platforms are detected. From a security perspective, the site uses HTTPS and has domain-level protections such as clientDeleteProhibited status, but lacks DNSSEC and security headers. There are no visible privacy or cookie policies, which is a compliance concern especially under GDPR. The use of Google Analytics without a consent mechanism further impacts privacy compliance. No incident response or security policies are published. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the non-commercial, informational nature of the site and absence of sensitive data collection. However, compliance gaps and missing security headers should be addressed to enhance trust and legal adherence. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and improving mobile and accessibility features.

The website permaculture.fr serves as the French network for permaculture, promoting ecological design principles and supporting permaculture projects and education in France. It acts as a hub connecting various French permaculture actors and organizations, including associations and educational institutions. The site provides information about permaculture, links to partner organizations, and contact via email. The domain is well-established since 2008 and hosted by Infomaniak Network SA, a reputable provider. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking. The site lacks advanced frameworks or CMS and shows moderate performance and basic mobile optimization. SEO and accessibility are basic but functional. No forms collecting sensitive data are present, reducing risk exposure. From a security perspective, the site uses HTTPS (implied by URL), but no security headers were detected in the provided data. There is no visible privacy or cookie policy, nor GDPR compliance indicators, which is a compliance gap. No incident response or vulnerability disclosure information is provided. The site does not appear to be behind a WAF or security challenge, and no suspicious WHOIS patterns were found, indicating a legitimate and stable domain. Overall, the site is safe and suitable for general audiences, with content focused on permaculture education and networking. Strategic improvements include adding privacy and cookie policies, enhancing security headers, improving mobile responsiveness, and publishing GDPR compliance information to strengthen trust and compliance posture.

G

GoGoCarto - Créez des cartes à GoGo !

gogocarto.fr

59

GoGoCarto is a French technology platform specializing in participatory mapping, enabling users to create and share community-driven map projects. The platform hosts thousands of projects, indicating a vibrant user base and active community engagement. The website is well-branded, consistent, and provides open source code and documentation links, reflecting transparency and openness. Technically, the site uses modern web technologies including JavaScript, CSS, and Matomo analytics for privacy-conscious user tracking. The hosting is provided by Colibris outils libres, a known free software hosting provider, which aligns with the platform's open source ethos. Security posture is moderate with HTTPS enforced and sandboxed iframes, but lacks explicit security headers and documented security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Business credibility is supported by domain age, consistent WHOIS data, and active project hosting. Overall, the site is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

SeenThis.net is a niche social blogging platform in beta phase, offering short-blogging without text limits, content curation, forums, and automatic thematisation. The platform targets general internet users interested in social media and content sharing. Technically, it uses the SPIP CMS with JavaScript libraries such as jQuery and Photoswipe, hosted by Infomaniak Network SA. The website is moderately optimized for mobile and performance, with a good user experience and clear navigation. Security posture is basic with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is legitimate and stable with a domain age consistent with its business history.

Élabore is a French cooperative specializing in the integration and deployment of open-source ERP and CRM solutions, primarily based on Odoo, targeting associations, small and medium enterprises, and organizations within the social, ecological, and cultural sectors. Their business model emphasizes digital transition with open-source tools, offering a suite of software, training modules, and maintenance services. The company holds a Qualiopi certification for its training activities, reinforcing its credibility in the education sector. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and demonstrates good SEO practices, although performance is moderate. Security-wise, the site uses HTTPS with valid SSL certificates and includes CSRF tokens, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. The security posture is adequate but could be improved by implementing DNSSEC, security headers, and publishing formal security policies. Privacy compliance is limited due to the absence of privacy and cookie policies and no visible consent mechanisms. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Analytics are conducted via Plausible.io, a privacy-focused service, indicating moderate user tracking. Overall, Élabore presents a trustworthy and professional online presence consistent with its cooperative and open-source ethos. Strategic improvements in privacy compliance and security practices would enhance its risk profile and user trust.

D

Dorik, Inc.

dorik.io

70

Dorik, Inc. operates an AI-powered website building platform designed to enable users without design or coding experience to create websites quickly and affordably. The company positions itself as a flexible and user-friendly SaaS provider in the technology sector, targeting individuals and small to medium businesses. The website demonstrates a modern technical infrastructure with extensive use of JavaScript analytics and marketing tools, hosted and registered through reputable providers such as Cloudflare. Security posture is adequate with HTTPS enforced and domain transfer protections, but lacks published security policies and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced transparency and security disclosures.

D

Dorik, Inc.

dorik.com

61

Dorik, Inc. operates an AI-powered website building platform designed to enable users without design or coding experience to create professional websites quickly and affordably. Positioned as a flexible and user-friendly SaaS solution, Dorik targets individuals and businesses seeking efficient website creation tools. The company was founded in 2020 and maintains a professional online presence with consistent branding and active social media channels. Technically, the website employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Mixpanel, Microsoft Clarity, Facebook Pixel, and ProfitWell, indicating a mature digital infrastructure. Hosting and domain management are handled via Cloudflare, ensuring reliable performance and security. Security posture is generally good with HTTPS enabled and domain transfer protections in place; however, the absence of DNSSEC and security headers suggests room for improvement. Privacy compliance is currently weak due to missing privacy and cookie policies, which poses a risk for GDPR and other regulations. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

R

ritimo

ritimo.org

54

Ritimo is a French non-profit network dedicated to providing information and documentation on international solidarity and sustainable development. The website serves as a hub for educational resources, campaigns, and community engagement, targeting a general audience interested in social and environmental issues. Ritimo maintains a consistent brand presence and offers multiple channels for user interaction, including social media and contact forms. Technically, the site is built on the SPIP CMS platform, employs Matomo analytics for privacy-conscious tracking, and demonstrates good mobile optimization and accessibility standards. Security posture is solid with HTTPS enforced, though some security headers are missing and no explicit cookie consent mechanism is present, indicating room for improvement in privacy compliance. WHOIS data is unavailable due to privacy protection, which is typical for non-profit organizations but slightly reduces trust scoring. Overall, Ritimo presents a professional, trustworthy, and content-rich platform with moderate technical sophistication and a strong focus on its mission.

R

ritimo

ritimo.info

54

Ritimo is a French non-profit network dedicated to providing information and documentation on international solidarity and sustainable development. The organization operates a network of 75 locations to inform and engage the public. Their services include information dissemination, documentation resources, advocacy campaigns, and educational training. The website is well-structured, professionally designed, and targets a general audience interested in social and environmental issues. Technically, the site uses the SPIP CMS platform and Matomo analytics, with good mobile optimization and accessibility. Security posture is solid with HTTPS enabled, though some security headers are missing and no explicit cookie consent mechanism is present. WHOIS data is unavailable, which slightly reduces domain trust but does not detract significantly from the legitimacy of the organization given their clear contact information and social media presence. Overall, the site is trustworthy, safe, and professionally maintained.

F

fenopix

fenopix.com

57

Fenopix is a small technology company specializing in providing an HTML5 and JavaScript charting library called CanvasJS. The website positions itself as a niche provider of responsive, high-performance charting solutions suitable for developers and businesses requiring interactive data visualization. The business model revolves around software product offerings, with additional promotion of a Twitter extension called HashPlug. The site demonstrates a moderate level of digital maturity, utilizing WordPress CMS, Bootstrap framework, and integrating Google Analytics and social media for marketing. The technical infrastructure is stable with Cloudflare DNS and GoDaddy domain registration, but lacks advanced security configurations such as DNSSEC and security headers. Security posture is basic with HTTPS enabled but missing explicit security policies or incident response information. Overall, the website is professional and safe, but lacks comprehensive privacy and cookie policies, which impacts compliance. Strategic improvements in security and privacy transparency are recommended to enhance trust and compliance.

K

Kulturní centrum Labuť

kclabut.cz

58

Kulturní centrum Labuť is a local cultural center based in Říčany, Czech Republic, offering a variety of cultural events, courses, and ticket sales. The website serves as an official portal for event information, ticket purchasing, and community engagement. It targets local residents and visitors interested in cultural activities. The business model revolves around event hosting, ticket sales, and community cultural promotion, positioning itself as a key local cultural institution with several partnerships and sponsors.

V

Vorwerk

vorwerk-digital.com

64

Vorwerk is a well-established manufacturing company specializing in household appliances, notably the Thermomix and Kobold brands. The website www.vorwerk.com functions primarily as a country selector landing page, directing users to localized versions of Vorwerk and Thermomix websites across multiple countries. This indicates a global market presence and a business model focused on direct sales and regional customer engagement. The website's content is minimal, focusing on navigation rather than detailed product or corporate information. From a technical perspective, the site uses standard web technologies such as HTML5, CSS3, and JavaScript, but lacks advanced frameworks or CMS indicators. The performance and mobile optimization are basic, with no detected analytics or tracking scripts in the provided content. Security features such as HTTPS enforcement, security headers, and privacy policies are not evident in the analyzed content, which suggests room for improvement in digital maturity and compliance. Security posture evaluation reveals a lack of visible security headers and no SSL configuration details, which are critical for protecting user data and ensuring trust. The absence of privacy and cookie policies further highlights compliance gaps, particularly concerning GDPR and other data protection regulations. The WHOIS data for the domain is unavailable or protected, which is common for large enterprises but reduces transparency and trustworthiness from a domain registration perspective. Overall, the website presents a moderate risk profile primarily due to limited security and privacy disclosures. Strategic recommendations include implementing robust HTTPS configurations, adding comprehensive privacy and cookie policies, enhancing security headers, and improving transparency around domain registration. These steps will strengthen trust, compliance, and security posture, aligning the digital presence with the company's global brand stature.

The website www.bescheinigung-forschungszulage.de serves as the official digital platform for the Bescheinigungsstelle Forschungszulage (BSFZ), a German government entity responsible for certifying research and development projects eligible for tax incentives under the Forschungszulagengesetz. It targets companies with tax residence in Germany engaged in R&D activities, providing them with information, application procedures, and digital access to submit certification requests. The site is well-branded with official logos and links to the Bundesministerium für Bildung und Forschung (BMBF), reinforcing its authoritative position. Technically, the website is built on TYPO3 CMS, hosted on German infrastructure (SGX Leipzig), and employs modern web standards with responsive design and accessibility considerations. The site lacks advanced tracking or advertising technologies, focusing on privacy and minimal data collection. However, no explicit cookie consent mechanism was detected despite anonymized data collection disclosures. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were found in the analyzed content. The WHOIS data aligns with the website's official nature, showing consistent domain registration and hosting details. Overall, the website demonstrates a solid business credibility and technical foundation suitable for its government service role. Strategic improvements include implementing security headers, adding cookie consent mechanisms, and publishing security and incident response policies to enhance trust and compliance.

S

Storck

toffifee.com

61

The website www.toffifee.com represents the Toffifee confectionery brand, part of the Storck group. It provides product information, brand history, and country-specific site links targeting a general family audience. The site is professionally designed with excellent content quality, clear navigation, and strong branding consistency. The technical infrastructure is based on TYPO3 CMS with modern JavaScript libraries and includes a cookie consent mechanism and privacy policy indicating GDPR compliance. However, the WHOIS data for the domain is missing, which raises some concerns about domain registration legitimacy despite the professional appearance and brand association. Security posture is good with HTTPS and no visible vulnerabilities, but lacks published security policies or incident response contacts. Overall, the site is trustworthy and well-maintained but would benefit from improved transparency in domain registration and security disclosures.

S

STORCK SVERIGE AB

storck.dk

60

STORCK SVERIGE AB operates as the Swedish branch of the global confectionery manufacturer August Storck KG, offering well-known brands such as Werther's Original, Toffifee, and Riesen. The website serves as a corporate and brand information portal targeting Swedish consumers and business partners, providing product information, company news, and career opportunities. The site is professionally designed, localized in Swedish, and integrates modern web technologies including TYPO3 CMS and JavaScript libraries for enhanced user experience. Privacy and cookie consent mechanisms are implemented in compliance with GDPR requirements. Security posture is generally strong with HTTPS enforced, though explicit security headers and incident response contacts are not evident. The WHOIS data for the subdomain www.storck.se is unavailable, likely due to it being a subdomain rather than a registered domain, but the overall brand legitimacy is supported by consistent branding and related domains. Recommendations include enhancing security headers, providing clearer security contact information, and auditing third-party scripts for vulnerabilities.

A

AUGUST STORCK KG

storck.de

73

Storck is a well-established German confectionery company operating a professional corporate website that showcases its brands, sustainability initiatives, career opportunities, and news updates. The website is built on TYPO3 CMS and employs modern JavaScript libraries and frameworks, providing a responsive and accessible user experience. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism, aligning with GDPR requirements. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which contrasts with the professional and active nature of the website. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but the lack of security headers and explicit incident response information suggests room for improvement. Overall, the website is trustworthy and well-maintained but would benefit from enhanced transparency regarding domain registration and security policies.