High-risk security reports

Z

Zámek Osečany BUDE!

zamekbude.cz

48

Zámek Osečany BUDE! is a small-scale cultural heritage and tourism project focused on the restoration and promotion of the Osečany Castle in the Czech Republic. The website serves as an information portal for visitors, offering details about the castle's history, upcoming events, guided tours, and accommodation options. The business model is primarily non-profit with revenue streams from ticket sales and merchandise. The site is built on WordPress with WooCommerce integration, indicating a moderate level of digital maturity. Technical infrastructure includes modern plugins and a cookie consent mechanism ensuring GDPR compliance. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies and headers. Overall, the website is professional, trustworthy, and well-targeted to its audience, with room for improvement in security and incident response transparency.

M

Město Dačice

dacice.cz

43

The website www.dacice.cz serves as the official online presence for the town of Dačice in the Czech Republic, providing comprehensive municipal information, news, and public services to residents and visitors. The site is well-structured with clear navigation and a broad range of content covering local government, community programs, and practical information. Technically, the site employs a modern tech stack including jQuery, Bootstrap, and Swiper.js, with a custom CMS indicated by versioned assets. The site is mobile-optimized and includes accessibility features, though these could be improved further. From a security perspective, the website enforces HTTPS and includes several important security headers, contributing to a good security posture. A cookie consent mechanism is implemented, supporting GDPR compliance to some extent. However, the absence of a publicly accessible privacy policy, terms of service, and incident response information represents gaps in compliance and transparency. The WHOIS data for the domain is unavailable, which reduces domain trustworthiness and transparency, although the website content and official nature mitigate some concerns. Overall, the site is a reliable and professional municipal resource with good technical implementation and security practices, but it would benefit from enhanced privacy documentation and domain registration transparency to strengthen trust and compliance.

Divadlo na Vinohradech is a prominent repertory drama theatre located in Prague, Czech Republic, with a rich history dating back to the early 20th century. The theatre offers a wide range of Czech and international plays, focusing on quality dramatic works and strong storytelling. It serves a general audience interested in cultural and theatrical experiences, providing ticket sales, subscriptions, club memberships, and gift vouchers as part of its business model. The website reflects a well-established cultural institution with consistent branding and professional content.

F

Festival Povaleč z.s.

povalec.cz

47

Festival Povaleč is a well-established cultural festival based in Valeč, Karlovy Vary region, Czech Republic, operating since 2006. The festival offers a diverse multi-genre program including music, theater, lectures, and children's activities, targeting local and regional audiences interested in cultural enrichment. The website reflects a professional and consistent brand image with strong multimedia content and social media integration. Technically, the site is built on WordPress with modern plugins and embeds, providing good mobile responsiveness and SEO optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers and privacy policies are lacking. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the festival's public presence and history.

M

Městský úřad Nymburk

mesto-nymburk.cz

47

The website www.mesto-nymburk.cz serves as the official online portal for the city of Nymburk, Czech Republic. It provides residents and visitors with comprehensive municipal information including news updates, event calendars, administrative services, and contact details. The site is well-structured to cater to the local community's needs, offering online appointment systems and access to official documents. The presence of social media links and a citizen portal enhances engagement and service accessibility. Technically, the site employs a custom CMS (vismoWeb5) with modern web technologies such as HTML5, CSS3, JavaScript, and integrates Google services like reCAPTCHA and Translate for security and accessibility. The website is mobile-optimized and includes accessibility features, contributing to a positive user experience. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and Google reCAPTCHA to protect forms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is addressed with privacy and cookie policies, though the cookie consent mechanism could be improved for explicit user consent. Overall, the website is a trustworthy and professional municipal portal with good content quality and technical implementation. The absence of WHOIS data limits domain trust verification, but the official nature and consistent branding support legitimacy. Strategic improvements in security headers, incident response transparency, and cookie consent would enhance the security posture and compliance.

M

Městský úřad Brandýs nad Labem-Stará Boleslav

brandysko.cz

49

The website brandysko.cz serves as the official online presence of the municipal government of Brandýs nad Labem-Stará Boleslav, Czech Republic. It provides comprehensive information about the city, its administration, public services, cultural events, and community resources. The site targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is focused on public service delivery and information dissemination, positioning itself as a trusted and authoritative source for the local community. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor analytics, with a clear cookie consent mechanism in place to comply with GDPR. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and manages cookie consent effectively. However, it lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration consistent with a municipal entity. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, providing a professional and trustworthy user experience. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and resilience.

M

Přístup není povolen | Access Denied

mkz-ltm.cz

47

The website www.mkz-ltm.cz is currently inaccessible to visitors from unauthorized countries due to geographic IP blocking. The content is limited to an access denied message in Czech and English, indicating a security or legal restriction on access. No business description or services are visible, limiting the ability to assess the company's market position or offerings. The domain WHOIS data is unavailable, suggesting privacy protection or registration issues, which impacts trust and legitimacy assessments. Technically, the site uses basic HTML, CSS, and JavaScript with responsive design but lacks advanced frameworks or CMS. Security posture is weak due to absence of security headers and unknown SSL status. Privacy and cookie policies are missing, and no analytics or tracking scripts are detected. Overall, the site is minimal and blocked, resulting in a low AI score and limited business insights.

The website www.atlantis-brno.cz is an online bookstore operating on the Zoner InShop 5 platform, primarily targeting Czech-speaking customers. It offers a catalog of books including antique and specialized literature. The site demonstrates a moderate level of digital maturity with a responsive design and basic SEO and accessibility features. However, the absence of WHOIS data and lack of explicit privacy and terms of service pages indicate gaps in transparency and compliance. Security posture is moderate, with no detected security headers and limited information on SSL configuration. The site uses Google Analytics for user tracking but lacks comprehensive privacy compliance indicators. Overall, the website is functional and safe for general audiences but would benefit from improved security and compliance measures.

A

Agentúra JAY production s.r.o.

wshakespeare.sk

48

The website wshakespeare.sk represents Agentúra JAY production s.r.o., organizing the Letné Shakespearovské Slávnosti, a well-established cultural festival celebrating Shakespeare's plays in Bratislava and other Slovak and Czech cities. The site targets theater lovers, families, and children with a focus on live performances and cultural enrichment. The business model revolves around event organization and ticket sales, supported by a 25-year history and regional partnerships. Technically, the site uses a custom-built platform with common JavaScript libraries like jQuery, Google reCAPTCHA for form security, and Matomo for privacy-conscious analytics. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is moderate, with room for improvement in HTTP security headers and explicit privacy policies. The domain WHOIS data is consistent and supports the legitimacy of the business. Overall, the website is professional, trustworthy, and serves its cultural mission effectively.

P

PaS de Theatre s.r.o.

shakespearova.cz

43

The website represents PaS de Theatre s.r.o., a small cultural event organizer specializing in Shakespeare festivals in Ostrava and other Czech and Slovak cities. It offers event information, ticket sales via Ticketmaster, and audience engagement through newsletters and social media. The site is professionally designed with consistent branding and clear navigation, targeting a general audience interested in theatrical performances. Technically, it employs modern web technologies including Google Analytics, Facebook SDK, and Bootstrap, ensuring good mobile optimization and SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. The absence of WHOIS data due to privacy protection is justified given the business type and does not detract from the site's legitimacy. Overall, the site is trustworthy and well-maintained, serving its niche effectively.

The website acomputer.cz is currently inaccessible, returning a 403 Forbidden error page with minimal HTML content. This prevents any meaningful extraction of business, security, or compliance information from the site itself. The domain is registered since 2004 under a Czech registrar with Czech name servers, indicating a legitimate and established presence. However, the lack of accessible content and absence of security or privacy policies on the site significantly limits the ability to assess the company's digital maturity or security posture. No metadata, scripts, or contact information are available for analysis. The security posture is unknown but likely poor due to the lack of HTTPS and security headers. Overall, the site appears to be blocked or restricted, resulting in a low AI score and incomplete analysis.

X

Xcruiter

xcruiter.no

49

Xcruiter is a Norwegian-based technology company founded in 2023 that provides an AI-powered recruitment platform designed to streamline and enhance the hiring process for businesses. Their solution focuses on lead generation, smart advertising, and automation to connect companies with quality candidates efficiently. The company targets businesses looking to improve recruitment outcomes and job seekers interested in new opportunities. The website demonstrates a professional and consistent brand presence with clear messaging and calls to action. Technically, the site is built on WordPress using the Themway theme and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, LinkedIn Insight Tag, Hotjar, and Microsoft Clarity, indicating a mature digital marketing strategy. Privacy compliance is addressed with a cookie consent mechanism and a privacy policy page, reflecting awareness of GDPR requirements. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response policies are absent. The domain registration aligns well with the company's founding date and business claims, supporting legitimacy. Overall, the website is well-constructed, secure, and business-focused, suitable for its target audience.

M

Mobibus

tisseomobibus.com

38

Tisséo Mobibus is a specialized transportation service catering to persons with reduced mobility in the Toulouse metropolitan area, operating under the Tisséo Collectivités umbrella. The website provides comprehensive information about their on-demand transport services, reservation systems, tariff details, and accessibility support. The digital presence is well-structured, leveraging WordPress with modern plugins and frameworks to deliver a user-friendly experience. The site is optimized for mobile and accessibility, reflecting the organization's mission. Security posture is solid with HTTPS and cookie consent management, though explicit security policies and incident response contacts are absent. The lack of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the overall business and technical indicators suggest a trustworthy public service entity.

T

Tisseo Ingénierie

tisseo-ingenierie.fr

45

Tisseo Ingénierie is a French public local company specializing in the design and realization of sustainable transport infrastructure projects, primarily serving local authorities in the Toulouse metropolitan area. The company positions itself as a key regional player in transport engineering, focusing on innovative and environmentally friendly mobility solutions. Their website reflects a professional and well-structured digital presence, leveraging WordPress with Elementor and Yoast SEO for content management and optimization. The site is well-designed, mobile-optimized, and provides clear navigation and relevant project information. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements can be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data slightly reduces domain trust but does not significantly impact overall legitimacy given the professional content and branding. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving domain transparency.

The website www.sicoval.fr currently presents a security challenge page indicating anti-DDoS flood protection and firewall measures are in place. The content is minimal, primarily a bot verification message with a countdown timer, and no accessible business or contact information is provided. The WHOIS lookup failed to return any registrar or registration data, suggesting the domain may be unregistered, privacy protected, or otherwise obscured. This limits the ability to verify the legitimacy or business details of the entity behind the domain. From a technical perspective, the site loads minimal resources, including Google Fonts, and uses JavaScript for the challenge mechanism. There is no evidence of a CMS, analytics, or tracking technologies. The site lacks SEO optimization, accessibility features, and security headers, and no SSL/TLS configuration details are available due to the content being blocked by a WAF or similar security mechanism. Security posture is weak from an external perspective due to the lack of visible HTTPS and security headers, but the presence of an anti-DDoS challenge indicates some level of protection against automated attacks. However, the absence of privacy policies, contact information, and WHOIS data raises concerns about transparency and trustworthiness. Overall, the site is currently inaccessible for meaningful analysis due to the WAF challenge, and the lack of WHOIS data further complicates trust assessment. Strategic recommendations include enabling HTTPS, publishing clear privacy and cookie policies, providing contact and incident response information, and improving website content and SEO to enhance credibility and user trust.

N

Le coin de web de Renaud - Illustrations et dessins divers ...

noche.fr

45

The website noche.fr is a personal portfolio site for an artist named Renaud, showcasing a variety of illustrations, drawings, and animation backgrounds. The site targets art enthusiasts and fans of fantasy and animation art. It operates primarily as a showcase without visible commercial transactions or e-commerce features. The domain is registered since 2005 with OVH, a reputable French registrar, consistent with the site's French language and content. Technically, the site uses classic web technologies including HTML, CSS, JavaScript, and jQuery 1.4.2, with integrations for Google Analytics and social media widgets. The design and navigation are basic but functional, with moderate performance and limited mobile optimization. Security posture is modest, with no visible security headers and use of outdated JavaScript libraries, which may pose risks. Privacy and cookie policies are absent, indicating poor privacy compliance. Overall, the site is moderately trustworthy but would benefit from security and compliance improvements.

P

Pays de La Loire Coopération Internationale

paysdelaloire-cooperation-internationale.org

49

Pays de La Loire Coopération Internationale operates as a regional multi-actor network dedicated to supporting international cooperation and solidarity projects within the Pays de la Loire region in France. The organization provides a comprehensive suite of services including networking, training, project support, and resource dissemination, positioning itself as a key regional player in the non-profit sector focused on international development and cooperation. The website reflects a professional and well-structured digital presence, leveraging modern web technologies and SEO best practices to engage its target audience effectively. Technically, the website is built on WordPress with a robust tech stack including Bootstrap, jQuery, and various plugins for SEO, GDPR compliance, and user engagement. The site is mobile-optimized, accessible, and performs moderately well, with room for improvement in security headers and hosting transparency. Privacy compliance is well addressed with clear policies and consent mechanisms. From a security perspective, the site enforces HTTPS and employs cookie consent management, but lacks visible security headers and publicly available incident response or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, though the website content and partner affiliations suggest legitimacy. Overall, the site presents a low-risk profile with strong business credibility and privacy compliance, suitable for its non-profit mission. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving WHOIS transparency to bolster trust and security posture.

EDF Obligation d’Achat is a public service entity under EDF responsible for managing the obligation to purchase energy produced by installations at regulated tariffs in France. The website serves multiple audiences including individual producers, professionals, mandataires, and buyers, providing resources, contract simulations, and support. The site is well-branded, consistent with EDF corporate identity, and offers comprehensive information aligned with its mission to support sustainable energy production. Technically, the site is built on Drupal 10, uses modern web technologies, and is hosted via Akamai CDN, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and a public security policy are absent. WHOIS data is not publicly available, likely due to AFNIC policies or privacy protection, which slightly reduces trust but is not uncommon for French domains. Overall, the site is professional, trustworthy, and compliant with GDPR and cookie regulations.

F

FAMILY ACE investiční společnost, a.s.

familyace.cz

48

Family Ace is a Czech investment management company specializing in managing investment funds in which they invest their own capital, emphasizing transparency, long-term relationships, and meaningful returns. The company targets investors seeking safer equity investments and operates primarily within the Czech financial sector. Their website reflects a professional and consistent brand image, providing clear information about their services, company background, and investor resources. The company was founded in 2021 and maintains a small but focused market presence.

The website queercom.de currently serves as a minimal placeholder page that redirects or links to queer.de, a German LGBTQ+ magazine. The site lacks substantive content, contact information, privacy or cookie policies, and security features such as HTTPS or security headers. The technical infrastructure is basic, relying on CSS fonts and simple HTML, hosted via GoDaddy-related nameservers. There is no evidence of analytics, advertising, or tracking technologies. The WHOIS data is minimal but indicates a legitimate registration without privacy protection. Overall, the site appears to be in an early or transitional stage, with low digital maturity and limited business presence. Security posture is weak due to lack of HTTPS and security headers, and privacy compliance is absent. The site is safe in terms of content, with no adult or explicit material detected.

S

Studio Soa Be srl

studiosoa.be

44

Studio Soa Be is a small Brussels-based micro communication agency specializing in social, cultural, and artistic projects. The business is led by Jérôme Hubert, an independent communication officer, WordPress expert, and photographer. The website is built on WordPress using Elementor and jQuery, reflecting a modest but functional digital presence. The technical infrastructure is standard for small agencies, with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy or cookie policies, indicating room for improvement in compliance and security maturity. The WHOIS data shows an anomalous domain creation date set in the future, which raises questions about data accuracy or domain legitimacy. Overall, the website is safe, professional, and targeted at clients seeking communication services in Brussels, but it would benefit from enhanced security practices and compliance documentation.

N

Nadační Fond Hyundai

nadacnifondhyundai.cz

47

Nadační Fond Hyundai is a small non-profit foundation established in 2007, focused on supporting civil society development and community projects primarily in the Czech regions of Frýdek-Místek and Nový Jičín. The foundation collaborates with Hyundai Motor Manufacturing Czech and local government entities to promote environmental protection, transparency, education, and human rights. The website provides information about the foundation's mission, grant rounds, and contact details, primarily targeting local NGOs and active citizens. Technically, the website is built with basic HTML and CSS, uses Google Tag Manager for analytics, and is hosted via WEDOS. The site lacks advanced CMS or frameworks and shows basic mobile and accessibility features. Security posture is moderate with some security headers but no visible HTTPS confirmation or advanced policies. Privacy compliance is limited, with a privacy policy PDF linked but no cookie consent or GDPR details. Overall, the site is legitimate, consistent with its stated mission, and shows moderate digital maturity.

N

Nadace rozvoje zdraví

nrz-no.cz

43

Nadace rozvoje zdraví is a small Czech non-profit organization focused on health development. The website is minimalistic and uses outdated HTML frameset technology, which limits content accessibility and modern user experience. The site lacks visible contact information, privacy policies, and security features, which impacts trust and compliance. Technically, the site is hosted by REG-ZONER with domain registration consistent with its business profile. Security posture is weak due to lack of HTTPS enforcement and security headers. Overall, the website requires modernization and improved compliance to enhance credibility and user trust.

The website 'Náš Jih' serves as a digital platform for the Ostrava-Jih municipal district in the Czech Republic, facilitating participatory budgeting where residents can influence the allocation of local government funds. The site provides information about ongoing projects, community engagement opportunities, and a project submission portal. It targets local residents and community members interested in civic participation. Technically, the site employs modern web technologies including jQuery, Bootstrap, Google Analytics, and Facebook Pixel for analytics and marketing. The hosting is provided by a Czech hosting provider, aligning with the local focus. Security-wise, the site uses HTTPS and implements a cookie consent mechanism compliant with GDPR principles, although no explicit privacy policy or terms of service pages were found. No security headers were detected in the provided data, suggesting room for improvement in security hardening. Overall, the site is professionally designed with good user experience and mobile optimization, but could enhance privacy and security transparency.

A

AB S.A.

cloudservices4u.com

39

Cloudservices4u.com is a Polish cloud service provider specializing in Microsoft cloud licensing and services, including Microsoft 365 and Azure. The company operates under AB S.A., a recognized entity in the technology sector, providing cloud licensing, technical support, and client training. Their platform enables quick order processing and license management, targeting businesses seeking modern cloud solutions. The website is professionally designed using WordPress, with integration of modern web technologies and social media presence on Facebook and LinkedIn. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic with a cookie consent banner and a data processing information PDF available. Overall, the website reflects a credible and established business with a medium-sized market presence in Poland.

C

Confédération générale des Scop et des Scic

pourunautremodeledesociete.coop

39

The website pourunautremodeledesociete.coop represents the Confédération générale des Scop et des Scic, a French non-profit organization dedicated to supporting cooperative societies. It serves as a hub for information about cooperative congresses, partners, and the cooperative network across France. The site targets cooperative members, stakeholders, and the general public interested in cooperative models. The business model is non-profit and focused on advocacy, networking, and resource provision within the cooperative sector. The organization is well-established with a domain registered in 2021 and a consistent brand presence.

The website realytics.net is currently inaccessible, returning a 503 Service Unavailable error indicating no server is available to handle requests. Due to this, no content, metadata, or business information is available for analysis. The domain is registered since 2014 with GoDaddy.com and uses multiple DNS providers including AWS and Azure DNS, but DNSSEC is not enabled. The lack of accessible content and security features results in a low overall security and compliance posture. No privacy, cookie, or terms of service policies are present, and no contact information or social media links are found. The website's technical infrastructure cannot be fully assessed due to unavailability, but the domain registration appears consistent and legitimate. The security posture is weak with no HTTPS or security headers detected. Overall, the site presents a high risk due to unavailability and lack of transparency.

P

Pour la Solidarité

transition-europe.eu

42

The website 'Observatoire européen de la Transition' is a French-language platform operated by the non-profit organization Pour la Solidarité, based in Brussels, Belgium. It serves as an information and strategic monitoring hub focused on just and equitable transition initiatives across Europe. The platform offers news, event agendas, resources, and actor information relevant to social and ecological transition stakeholders. Supported by European and regional authorities, it targets professionals and policymakers interested in sustainable development and social economy. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and Google Analytics for tracking. The design is professional, mobile-optimized, and content-rich, providing a good user experience with clear navigation. Security posture is solid with HTTPS enforced, though explicit security headers and incident response policies are absent. Privacy compliance is basic, with privacy and cookie policies present but lacking active consent mechanisms. Overall, the domain registration is consistent and trustworthy, with no signs of suspicious activity. Strategic recommendations include enhancing security headers, implementing a cookie consent mechanism, and adding vulnerability disclosure information to strengthen trust and compliance.

P

Pour la Solidarité

diversite-europe.eu

43

The website 'Observatoire européen de la Diversité' is a French-language platform operated by the non-profit organization Pour la Solidarité, based in Belgium. It serves as an information and strategic monitoring hub focused on diversity issues across Europe, targeting professionals, public decision-makers, and citizens. The platform offers news, events, publications, and resources related to social economy and diversity, positioning itself as a niche observatory with strong ties to European and regional institutions. Technically, the site is built on WordPress using Elementor, with integration of Google Analytics and social media channels, reflecting a moderate to good level of digital maturity. Security posture is adequate with HTTPS enforced but lacks advanced security headers and explicit incident response policies. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanism. Overall, the site is professional, trustworthy, and content-rich, suitable for its target audience.

C

Coopérative d'Installation en Agriculture Paysanne Pays de la Loire

ciap-pdl.fr

48

CIAP Pays de la Loire is a cooperative dedicated to supporting agricultural installation projects in the Pays de la Loire region of France. The organization offers key services including a one-year creative farmer training program, activity incubation (portage d’activités), and permanent test spaces for aspiring farmers. The cooperative aims to secure project leaders, involve local authorities, and promote sustainable peasant agriculture. The website reflects a regional cooperative with a clear mission to facilitate agricultural entrepreneurship and innovation. Technically, the website is built on WordPress using Elementor and several plugins for enhanced functionality, including GDPR compliance and analytics. Hosting is provided by OVH, a reputable provider. The site is mobile-optimized and uses HTTPS with a good SSL configuration. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is moderate with best practices like HTTPS and reCAPTCHA in place, but improvements are recommended in security headers and formal policies. Privacy compliance is partial due to the absence of a visible privacy policy page, though cookie consent is implemented. Business credibility is high, supported by consistent domain registration, professional content, and social media presence. Overall, the website is a trustworthy and professional platform for its niche cooperative, with room for improvement in privacy and security transparency.

C

Confédération des Commerçants de France

commercants-de-france.org

47

The Confédération des Commerçants de France (CDF) is a well-established French organization dedicated to representing and defending independent retailers and small businesses in the commerce sector. Founded in 1906, it serves as a federation for various commercial associations and unions, providing lobbying, resources, and networking opportunities to its members. The website reflects a professional and consistent brand presence, targeting independent merchants and federations across France. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and uses common libraries like jQuery and Swiper.js, indicating a moderate level of digital maturity. The hosting and domain registration are consistent with the organization's profile, with no privacy protection on WHOIS data, supporting transparency. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks DNSSEC and security headers, which are recommended improvements. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional but could enhance security and privacy features to align with best practices.

U

UDES

udes.fr

46

UDES is a prominent French non-profit organization representing employers in the social and solidarity economy sector. It aggregates 22 employer groups across 17 professional branches, representing over 200,000 enterprises and nearly 2.7 million employees. The website reflects a professional and consistent brand presence, targeting employers and stakeholders in the ESS sector with services including representation, social dialogue, publications, and events. Technically, the site is built on Drupal 7 with a modern front-end stack including Bootstrap and jQuery, delivering a responsive and accessible user experience. While performance is moderate, the site benefits from HTTPS and integration with Google Tag Manager and Analytics, though some libraries like jQuery are outdated. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is missing, which slightly impacts trust but the overall site professionalism mitigates concerns. Overall, UDES presents a credible and authoritative online presence for its sector, with recommendations to improve security headers, update libraries, and enhance privacy compliance to strengthen trust and resilience.

The website for UNION SOCIALE, a French cooperative established in 2002, is currently inaccessible, displaying only a generic error message. This lack of accessible content prevents detailed analysis of their business offerings, digital presence, and user engagement. The domain registration data is consistent and indicates a legitimate entity with a long operational history. However, the absence of website content and security features such as HTTPS and security headers significantly diminishes the site's trustworthiness and usability. The technical infrastructure appears to be either misconfigured or undergoing maintenance, resulting in a poor digital maturity assessment. Security posture is weak due to missing HTTPS and security policies, and no privacy or cookie policies are present to indicate GDPR compliance. Overall, the site presents a high risk for users due to its inaccessibility and lack of transparency.

URSCOP Hauts-de-France is a regional cooperative union dedicated to supporting the creation, development, and transmission of cooperative enterprises (Scop and Scic) within the Hauts de France region. The organization offers consulting services, training certified by Qualiopi, and territorial anchoring to assist cooperative entrepreneurs. Their market position is that of a regional leader in cooperative business support, targeting entrepreneurs and project holders interested in cooperative business models. Technically, the website employs modern front-end technologies including FontAwesome, Animate.css, Google Analytics (deferred until consent), and Elfsight widgets for enhanced user experience. The site is hosted by Gandi SAS with HTTPS enforced, though DNSSEC is not enabled. The site is mobile-optimized with good navigation and basic accessibility features. SEO is basic but sufficient for the site's scope. From a security perspective, the site benefits from HTTPS, domain transfer protection, and a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content, indicating legitimacy and consistency. Overall, the website presents a professional and trustworthy front for URSCOP Hauts-de-France with good business credibility and privacy compliance. Recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and implementing a vulnerability disclosure process to enhance security posture further.

U

URSCOP Grand Est

les-scop-grandest.coop

49

The website www.les-scop-grandest.coop represents URSCOP Grand Est, a regional cooperative union in France supporting SCOP, SCIC, and CAE cooperative enterprises. It provides accompaniment, training, networking, and resources to cooperative businesses in the Grand Est region. The site is well-structured, professionally designed, and targets cooperative entrepreneurs and stakeholders. Technically, it is built on Drupal 10, hosted on insite.coop, and optimized for mobile with good SEO and accessibility. Security posture is solid with HTTPS and secure forms, though improvements like DNSSEC and additional security headers are recommended. Privacy and cookie policies are present and GDPR compliant. Contact information is clearly provided, enhancing trust. No adult or questionable content is present, making it safe for general audiences.

L

Les Scop

jefinanceunprojetcooperatif.fr

37

Je finance un projet coopératif is a French crowdfunding platform dedicated to supporting innovative cooperative projects under the Scop and Scic models. It enables individuals to invest, lend, or donate to projects that align with cooperative values such as local job creation and solidarity. The platform partners with various crowdfunding services and institutional cooperatives to facilitate project financing. Technically, the website is built on Drupal 7, leveraging common JavaScript libraries and analytics tools like Google Analytics and Piwik, with HTTPS enforced and privacy-conscious tracking configurations. Security posture is moderate with room for improvement in security headers and formal policies. The absence of WHOIS data limits domain legitimacy verification, but the website content and partner references indicate a legitimate cooperative financing initiative. Overall, the platform presents a professional and trustworthy interface for cooperative project supporters.

S

Accueil | Start-Scop le site des start-up coopératives

start-scop.fr

48

The website www.start-scop.fr serves as a dedicated platform promoting and supporting start-up cooperatives (Scop/Scic) in France. It targets young entrepreneurs seeking social utility and a sense of belonging through cooperative business models. The site offers guidance on creating, financing, and accompanying cooperative startups, showcasing successful cooperative entrepreneurs and providing news and resources. Technically, the site is built on Drupal 10 CMS, integrates Matomo and Google Analytics for tracking with privacy considerations, and uses modern web technologies including YouTube APIs. Security posture is solid with HTTPS enforced and privacy-respecting analytics, though it lacks explicit security headers and formal privacy or security policies. The domain WHOIS data is not publicly available, typical for .fr domains or privacy-protected registrations, but the website content and activity indicate legitimacy. Overall, the site is professional, well-structured, and serves a niche cooperative entrepreneurship community effectively.

M

Mieux Vivre

mieuxvivre54.org

45

Mieux Vivre is a French non-profit association dedicated to environmental protection, promotion of organic and local food, and community activities in the Gorcy region. Established since 2004, the association has a strong local presence with a focus on ecological transition and pollution monitoring. The website serves as an information hub with event calendars, photo galleries, and partner links, targeting local residents and ecological activists. Technically, the site is built on WordPress with modern plugins and frameworks, offering good mobile optimization and user experience. Security posture is adequate with HTTPS enabled and cookie consent implemented, though some security headers and DNSSEC are missing. The domain registration is consistent with the association's history, enhancing trustworthiness.

The website at jabmo.app currently presents minimal content, consisting solely of a small JavaScript snippet injected into the page. There is no visible business information, metadata, structured data, or contact details available. This lack of content severely limits the ability to assess the company's market position, services, or audience. Technically, the site uses basic JavaScript but lacks modern frameworks, SEO optimization, or accessibility features. Security posture cannot be fully evaluated due to missing HTTPS confirmation and absence of security headers. The WHOIS data is privacy protected, which restricts trust and legitimacy analysis. Overall, the site appears incomplete or under development, with significant gaps in compliance, security, and business transparency.

The domain inserm-transfert.fr is registered since 2002 under the registrar GIP RENATER, indicating a legitimate and established presence likely related to the French government or public research sector. However, the website content is currently inaccessible, returning a 404 Not Found error page with no metadata, scripts, or visible content. This lack of accessible content prevents a full assessment of the business operations, services, or compliance posture. Technically, no information about SSL, security headers, or technologies used is available, indicating either a misconfiguration or the site being offline. Security posture cannot be properly evaluated due to missing content and headers. Overall, the website is not currently functional, which poses a risk to user trust and business credibility.

I

Institut français NL

institutfrancais.nl

45

Institut français NL is a medium-sized non-profit organization dedicated to fostering Franco-Dutch cooperation in culture, education, research, and the French language. The organization offers a variety of programs including artist residencies, language courses, scholarships, and professional mobility initiatives. The website reflects a well-established institution with a clear mission and a broad network of partners across the Netherlands. Technically, the site is built on WordPress with modern SEO and analytics tools, hosted by OVH with DNSSEC enabled, indicating a secure and stable infrastructure. Security posture is good with HTTPS enforced and use of hCaptcha for form protection, though additional security headers and policies could enhance the overall security framework. Privacy compliance is strong with clear policies and cookie consent mechanisms in place. Overall, the website is professional, trustworthy, and well-positioned to serve its target audience effectively.

E

Emmaüs Epargne Solidaire

emmaus-epargne-solidaire.fr

48

Emmaüs Epargne Solidaire is a French social finance organization that enables individuals to invest in solidarity savings products aimed at funding social and environmental projects, primarily supporting Emmaüs groups. The website presents a clear mission focused on ethical investment and social impact, supported by recognized certifications such as ESUS and Finansol. The platform is positioned as a niche player in the social finance sector, targeting socially conscious investors. Technically, the website leverages modern web technologies including React and Ionic Framework, with a responsive design and good SEO practices. However, some areas such as accessibility and security headers could be improved. The site does not appear to use extensive tracking or advertising, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal privacy or cookie policies, which are important for compliance and trust. The WHOIS data is incomplete or protected, which slightly reduces domain trustworthiness, though the website content and certifications support legitimacy. Overall, the website is professional and trustworthy with a strong social mission, but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

W

WebHouse, s.r.o.

mlady-vedec.eu

41

Mladý vedec is a Slovak-based e-commerce retailer specializing in scientific and technical toys, educational kits, and related products aimed at children, students, and educators. The website offers a broad range of categories including physics, biology, astronomy, robotics, and chemistry, positioning itself as a niche educational toy provider in Slovakia. The business model focuses on online sales with a clear target audience interested in educational and science-related products. The site is branded consistently and provides clear contact information, enhancing trustworthiness.

E

Ecclesia Holding GmbH

ecclesia.com

43

Ecclesia Holding GmbH operates as Germany's largest insurance broker and risk consultant, offering a broad portfolio of services that extend beyond traditional insurance brokerage. Their website presents a professional, well-structured digital presence powered by TYPO3 CMS, integrating modern analytics and consent management tools to ensure GDPR compliance. The company targets diverse sectors including health, industry, church, social services, transport, and logistics, providing tailored insurance and risk management solutions. Despite the absence of WHOIS data, the website's content quality and comprehensive service offerings indicate a mature and reputable enterprise. Security measures such as HTTPS, security headers, and consent mechanisms are properly implemented, reflecting a strong security posture. Overall, the site is safe, trustworthy, and professionally maintained.

E

Erasport, s. r. o.

ronnie.cz

36

Ronnie.cz is the largest Czech online portal dedicated to bodybuilding, fitness, powerlifting, and combat sports. Operated by Erasport, s. r. o., the website offers a comprehensive range of services including a news magazine, e-commerce store for supplements and fitness equipment, a training academy, and an active community forum. The site targets fitness enthusiasts primarily in the Czech Republic and maintains a strong market position as a leading fitness media outlet. Technically, the site uses modern JavaScript libraries such as jQuery and Google Tag Manager for analytics and marketing. It employs HTTPS and basic security best practices, though there is room for improvement in security headers and mobile optimization. Privacy and cookie policies are present and appear GDPR compliant, supporting user data protection. The WHOIS data is unavailable, which slightly reduces trust but the active business presence and company information support legitimacy. Overall, Ronnie.cz is a professional, content-rich, and trustworthy fitness portal with moderate technical sophistication and a solid security posture.

I

Inbound Back Office

inboundbackoffice.com

45

Inbound Back Office is a service provider specializing in white-label virtual assistant and marketing support services tailored for marketing agencies, fractional CMOs, and small businesses. The company positions itself as a scalable and seamless support partner, trusted by hundreds of teams globally to handle marketing execution and administrative tasks without the complexities of hiring. Their website reflects a professional and consistent brand image with clear messaging and client testimonials that reinforce trust. Technically, the website leverages modern front-end technologies including Bootstrap, Tailwind CSS, jQuery, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and HubSpot. The site is built on Zephyr CMS and demonstrates good mobile optimization and user experience. However, some areas such as accessibility and SEO could be improved. Security-wise, HTTPS is properly implemented, but the absence of security headers and privacy/cookie policies indicates room for enhancement in compliance and protection. The security posture is moderate with no immediate vulnerabilities detected in the visible content, but the lack of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. This discrepancy between professional website content and missing domain registration information suggests the need for further verification. Overall, the site is functional and credible from a business perspective but requires improvements in privacy compliance and security best practices. Strategically, the company should prioritize establishing clear privacy and cookie policies, implement security headers, and resolve WHOIS registration transparency to strengthen trust and compliance. Enhancing accessibility and SEO will also improve user reach and satisfaction.

A

Akademie klasické homeopatie, spol. s r.o.

studujtehomeopatii.cz

42

Akademie klasické homeopatie, spol. s r.o. is a Czech Republic-based educational organization specializing in professional homeopathy training for medical professionals and the general public. The website offers detailed information about courses, seminars, congresses, and online lectures led by an experienced homeopath. The company has a clear market position with over 32 years of experience in the field. Technically, the website uses a modern JavaScript and CSS stack with responsive design and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and secure login forms, but lacks advanced security headers and explicit privacy policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and company registration details support legitimacy. Overall, the site is professional, informative, and trustworthy for its target audience.

Kamael is a French company founded in 2014 specializing in software solutions tailored for bookstores and commerce. The website presents the company as a niche software provider targeting the retail sector, specifically bookstores. The business model revolves around providing software products to enhance commerce operations within this niche. The website content is primarily in French and focuses on describing the company's offerings to its target audience of bookstore owners and operators. Technically, the website employs modern iconography with Font Awesome 6 and uses the AOS library for animations. It also integrates Matomo for analytics, indicating a preference for privacy-conscious tracking. The hosting provider is OVH sas, a reputable French hosting company. The website is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There is no DNSSEC enabled for the domain, and no explicit security or incident response policies are published. Privacy and cookie policies are absent, which is a compliance gap, especially under GDPR regulations. Overall, the website is functional and moderately professional but lacks comprehensive privacy, security, and contact disclosures. The domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance posture.

K

Kolektor

kolektoravtomatizacija.com

44

Kolektor is a well-established company specializing in automation and engineering solutions for industry, energy, and infrastructure sectors. The website highlights their expertise in digitalization of production processes, energy management systems, and electrical equipment. They emphasize over 30 years of experience and a strong partnership network with global manufacturers, positioning themselves as a leading provider in their market segment. The business model focuses on delivering turnkey solutions, consulting, and technical support to industrial and energy clients. Technically, the website employs modern web technologies including Google Tag Manager, reCAPTCHA, and responsive design, ensuring a good user experience across devices. Security posture is solid with HTTPS and CAPTCHA protections, though additional security headers and published policies could enhance trust. The absence of WHOIS data for the domain is a notable concern, potentially impacting domain legitimacy verification. Overall, the site is professional, content-rich, and safe for general audiences, supporting Kolektor's strong market presence.

K

Kolektor

kolektorwater.com

48

Kolektor is a medium-sized Slovenian company specializing in water technologies, providing comprehensive engineering solutions for water preparation, purification, telemetry, and system optimization. The company is part of the larger Kolektor Group and collaborates with several subsidiaries and partners to deliver advanced water management solutions. The website reflects a professional and consistent brand image targeting B2B clients such as municipalities, industrial water users, and technology partners. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and reCAPTCHA for security and analytics, hosted on a CMS platform with good mobile optimization and SEO practices. Security posture is solid with HTTPS and spam protection, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data is a notable anomaly, slightly reducing trust but not detracting significantly from the overall legitimacy. Privacy and cookie policies are present and GDPR compliant, with clear consent mechanisms. Overall, the website is well-designed, user-friendly, and trustworthy for its intended audience.