High-risk security reports

M

McM promotion

pragueidiots.cz

41

Green Day revival Prague is a tribute band project established in 2012 by experienced musicians from various Czech bands. The website serves as a platform to promote their live performances, share news, and provide booking contact information. The site is built on WordPress with common plugins and scripts, offering a moderate level of technical sophistication and basic mobile responsiveness. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance documentation. The absence of WHOIS data limits domain legitimacy verification, but the presence of detailed contact information and active social media profiles supports business credibility. Overall, the site is functional and serves its niche audience effectively but would benefit from enhanced security and compliance measures.

F

Fondation Thuram

education-racisme.fr

49

The website education-racisme.fr is a French non-profit educational platform dedicated to combating racism through awareness and scientific knowledge dissemination. It is affiliated with the Fondation Thuram and offers interactive educational resources such as videos, animations, cards, and legal texts. The site targets educators, students, and the general public interested in anti-racism education. Technically, it is built on WordPress with common plugins for SEO and caching, and uses Google Analytics for visitor tracking. The site is secured with HTTPS and includes cookie consent mechanisms, reflecting good privacy compliance. However, WHOIS data is unavailable, likely due to privacy protection, but the website's content and partner affiliations support its legitimacy. Security headers could be improved, and accessibility and mobile optimization are basic but functional.

N

Nadace pro rozvoj architektury a stavitelství

stavbaroku.cz

45

Stavba roku is a Czech Republic-based non-profit foundation focused on promoting excellence in architecture and construction through various awards and competitions. The website serves as a platform to showcase these awards, provide information about the competitions, and engage with professionals and stakeholders in the construction and architectural sectors. The foundation operates with a clear mission to support architectural development and urban projects, targeting industry professionals and regional participants. The site is well-positioned in its niche with partnerships including media and construction industry leaders.

M

Mauges Communauté

maugescommunaute.fr

48

Mauges Communauté is a French local government community of agglomeration providing a broad range of public services and information to residents and stakeholders within the Mauges territory. The website serves as an official portal offering details on governance, environmental initiatives, economic development, cultural activities, and citizen participation. It targets local residents and public sector stakeholders, positioning itself as a key regional authority. Technically, the site is built on WordPress using the Divi theme, incorporating modern JavaScript libraries and Matomo analytics for user tracking. The site demonstrates good mobile optimization and SEO practices, though some accessibility features are basic. Security posture is solid with HTTPS enforced and use of security plugins, but lacks visible security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the domain appears legitimate despite missing WHOIS data, consistent with privacy protection norms for government domains. Strategic improvements in security headers, privacy mechanisms, and transparency would enhance trust and compliance.

S

Společnost bratří Čapků

bratri-capkove.cz

48

Společnost bratří Čapků is a well-established Czech non-profit cultural society dedicated to promoting the legacy and works of the Čapek brothers. Founded in 1947, it serves a niche audience of literary enthusiasts, researchers, and the general public interested in Czech literature and culture. The website provides information about the society's history, membership, events, and contact details, reflecting a focused cultural mission. Technically, the site is built on Joomla CMS with common JavaScript libraries, offering a moderate performance and good mobile responsiveness. However, it lacks advanced SEO and accessibility features. Security-wise, the site uses HTTPS but does not implement security headers or privacy policies, indicating room for improvement in compliance and protection. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security measures.

O

Obec Malé Svatoňovice

malesvatonovice.cz

45

Obec Malé Svatoňovice operates an official municipal website serving local citizens and tourists with information about the village, cultural events, local services, and historical sites such as the Museum of the Čapek brothers. The website is well-structured, primarily in Czech, and provides clear navigation and contact details, positioning itself as a trusted local government information portal. The domain is long-established since 2004, reinforcing its credibility and stable presence in the region. Technically, the website uses a modest technology stack including jQuery 1.11.1 and alertify.js, with CSS stylesheets and Google Fonts for styling. The site appears to be built on a CMS platform, likely CMS Made Simple, based on URL and form patterns. The site is mobile responsive and SEO optimized with proper meta tags, but lacks modern security headers and uses an outdated jQuery version, which could pose security risks. From a security perspective, the site enforces HTTPS and uses POST methods for forms, but does not implement visible security headers such as Content-Security-Policy or X-Frame-Options. There is no cookie consent mechanism despite having a GDPR policy page, indicating partial privacy compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is a reliable and professional municipal portal with good content quality and business credibility. However, improvements in security headers, updating JavaScript libraries, and implementing cookie consent would enhance its security posture and privacy compliance.

Y

Yuba Gals Independent Media

peakmoment.tv

45

Peak Moment Television is a niche media organization focused on providing educational content related to sustainable living, community resilience, and personal growth. The website offers a variety of media including online videos, newsletters, and DVDs, targeting individuals interested in environmental and social sustainability. The business operates as a small media and educational entity based in the US, with a domain registration dating back to 2006, indicating a well-established presence. Technically, the website is built on WordPress using the Genesis Framework and hosted by DreamHost. The site employs modern web technologies such as jQuery and CSS3, with moderate performance and basic mobile optimization. SEO practices are adequate, but accessibility features are basic. The site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and important security headers, which could be improved to enhance security posture. From a security perspective, the site shows good basic practices such as HTTPS and domain transfer protection but lacks advanced security measures like DNSSEC and security headers. No privacy or cookie policies were found, indicating potential compliance gaps with GDPR and other privacy regulations. No incident response or vulnerability disclosure policies are present, which could be a risk in case of security incidents. Overall, the website is functional, content-rich, and trustworthy for its niche audience but would benefit from improved privacy compliance and enhanced security measures. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and establishing incident response contacts to strengthen trust and compliance.

W

WPlook Themes

wplook.com

44

WPlook Themes is a Canadian-based small technology company specializing in premium WordPress themes and hosting solutions. Established in 2010, it serves a broad audience including nonprofits, creatives, agencies, and businesses seeking high-quality, speed-optimized WordPress themes. The company operates an e-commerce model offering yearly and lifetime access to theme bundles, hosting plans, and customization services. The website demonstrates strong branding, professional design, and clear navigation, supported by a robust technical infrastructure built on WordPress, WooCommerce, and modern web technologies. Analytics and marketing tools such as Google Tag Manager and Facebook Pixel are integrated for user tracking and advertising purposes. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements are recommended in DNSSEC adoption and security headers. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, WPlook presents a trustworthy and professional online presence with a mature digital footprint.

S

Society for Integrative Oncology

integrativeonc.org

45

The Society for Integrative Oncology (SIO) is a well-established non-profit organization founded in 2004, dedicated to advancing evidence-based integrative oncology care. The website serves as a comprehensive platform offering educational resources, clinical guidelines, conferences, and membership benefits targeting healthcare professionals, patients, and researchers globally. The organization maintains a strong market position as a premier multi-disciplinary integrative oncology society with international reach. Technically, the website is built on WordPress using the Yootheme theme and UIkit framework, supplemented by plugins such as CiviCRM and DJ Accessibility to enhance functionality and accessibility. Hosting and domain registration are managed through reputable providers, with HTTPS enabled and basic security practices in place. The site demonstrates good mobile optimization, accessibility, and SEO practices, though there is room for improvement in security headers and DNSSEC implementation. From a security perspective, the site uses HTTPS and domain status protections but lacks DNSSEC and explicit security headers. No privacy or cookie policies were found, which is a compliance gap. Contact information is available via email and physical address, but no phone numbers or incident response contacts are published. Analytics usage is minimal and privacy-conscious, using Plausible Analytics and Google Tag Manager. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include publishing privacy and cookie policies, enhancing security headers, enabling DNSSEC, and providing incident response information to improve compliance and security posture.

P

PLATFORMA 2020 PRAHA - NOVÁ WIKI TCIM

platforma2020praha.cz

46

The website platforma2020praha.cz serves as an informational resource dedicated to traditional, complementary, and integrative medicine (TCIM) aligned with resolutions from WHO, WHA, the European Parliament, and the Council of Europe. It targets a general audience interested in TCIM, providing public access, member registration, and login portals. The business operates as a small-scale informational platform founded in 2020, primarily serving the Czech Republic. Technically, the site uses standard HTML5 and CSS3 with Google Fonts, hosted by WEDOS, and features a responsive design with a background video. However, it lacks advanced frameworks or CMS indications and has moderate performance and accessibility levels. Security posture is minimal with no visible security headers or published policies, and no HTTPS status was provided in the data. Privacy compliance is weak due to the absence of privacy and cookie policies. No contact or incident response information is available, limiting trust and transparency. Overall, the site is functional and professionally designed but requires improvements in security, privacy, and contact transparency to enhance credibility and compliance.

T

Tomáš Haluza

haluza.cz

43

Tomáš Haluza is a small Czech Republic-based web design and internet application development service provider. The company offers a range of services including web design, logo creation, content management systems, online shops, and hosting partnerships, targeting businesses seeking professional online presence solutions. The website is well-structured, primarily in Czech, and demonstrates a solid technical foundation with PHP backend, Apache server, and integration of Google Analytics for visitor tracking. The presence of a cookie consent banner indicates awareness of GDPR compliance. Security posture is moderate with secure form submission and no visible vulnerabilities, but lacks advanced security headers and incident response information. WHOIS data is missing, which limits domain trust verification, but the website content and business information appear professional and legitimate. Overall, the site scores well in content quality and technical implementation but could improve in security and compliance transparency.

Galerie Cesty ke světlu is a Czech art gallery founded in 1994 by PhDr. Ing. Zdeněk Hajný, focusing on psychological and spiritual art. The website provides detailed information about exhibitions, events, and sales of art-related merchandise such as calendars and diaries. The target audience includes art enthusiasts and those interested in spiritual and psychological themes. The gallery maintains a niche position in the cultural sector within the Czech Republic. Technically, the website uses a combination of older and modern web technologies including Foundation CSS and jQuery 1.8, with multimedia features like jPlayer for audio. While the site is accessible and well-structured, it lacks modern security headers and uses outdated libraries, which could pose risks. No privacy or cookie policies are present, indicating compliance gaps. The domain WHOIS data is missing, raising concerns about domain legitimacy. Contact information is clearly provided, including email, phone, and physical address, along with social media presence on Facebook.

Robert Policar operates a personal website focused on astrology, dream work, meditation techniques, and related personal development services. The business targets a general audience interested in spiritual and mental growth, offering services such as astrology consultations, Reiki, and gift vouchers. The website is positioned as a niche personal guidance service primarily serving the Czech Republic market. Technically, the site is built on WordPress using the MioWeb platform, hosted likely by Wedos, and employs common web technologies such as jQuery and Google Fonts. The site is mobile-optimized with a moderate performance profile and basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the site is functional and professional but would benefit from improved privacy and security practices.

D

Diochi

diochi.cz

48

Diochi.cz is an established Czech company specializing in the development, manufacturing, and sale of natural bioinformational dietary supplements. The website reflects a mature e-commerce platform with a membership club, targeting health-conscious consumers interested in natural products. The company has a long-standing domain since 2003, indicating stability and market presence. Technically, the site is built on Joomla CMS with modern JavaScript libraries and frameworks, supporting responsive design and accessibility at a basic level. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and advanced login options including WebAuthn, though some security headers could be improved. Advertising and analytics are implemented with user consent, reflecting GDPR compliance. Overall, the site is professional, trustworthy, and well-positioned in its niche.

D

Divadlo Hybernia

hybernia.eu

43

Divadlo Hybernia is a Czech theatre offering cultural performances and entertainment services, targeting a general audience interested in theatre arts. The website is built on WordPress and employs modern web technologies including Google Tag Manager, Microsoft Clarity, and FontAwesome for icons. The site is well-structured with good SEO and mobile optimization, providing a professional user experience. However, it lacks explicit privacy and cookie policies, and no direct contact information is found in the analyzed content. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the domain appears legitimate though WHOIS data is privacy protected, which is common for small businesses. Strategic improvements in privacy compliance and security practices are recommended.

D

Divadlo Na Fidlovačce

fidlovacka.cz

45

Divadlo Na Fidlovačce is a Czech theater company focused on providing theatrical performances and cultural entertainment. The website showcases their events and productions, targeting a general audience interested in theater arts. The business operates in the hospitality sector, specifically cultural entertainment, with a medium-sized presence in the regional market. The site uses modern web technologies including Vue.js and MonsterCMS, with integrations for Google Tag Manager and Facebook Pixel for marketing and analytics purposes. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership. Security posture is weak due to missing security headers and lack of visible security policies. Privacy compliance is minimal, with no detected privacy or cookie policies, which is a concern for GDPR adherence. Overall, the website is professionally designed and functional but requires improvements in security and privacy transparency to enhance trust and compliance.

P

Parola spol. s r.o.

jihlavske-listy.cz

49

Jihlavske-listy.cz is a regional news website operated by Parola spol. s r.o., serving the Vysočina region in the Czech Republic. The site offers a broad range of local news, cultural content, sports updates, and magazines, targeting residents and readers interested in regional affairs. The business model relies on advertising and subscription services, supported by a consistent brand presence and active social media engagement. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Analytics and Tag Manager for tracking, and CKEditor for content management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some accessibility and SEO optimizations could be improved. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA for form protection, but lacks visible security headers which are recommended for enhanced protection. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, the site presents a professional and trustworthy regional news platform with moderate technical and security maturity. Strategic improvements in security headers, privacy policy presence, and WHOIS transparency would enhance trust and compliance.

D

DnesniObed.cz

dnesniobed.cz

44

DnesniObed.cz is an online platform focused on aggregating daily and lunch menus from restaurants primarily in Prague and its surroundings. It serves as a valuable resource for users seeking up-to-date meal options, restaurant details, and ordering capabilities. The platform also highlights gastronomic events, enhancing its appeal to food enthusiasts. The website demonstrates a solid market position within its niche, catering to a local audience with a medium-sized operational scale. Technically, the website employs a combination of Bootstrap 3.3.7, jQuery, Font Awesome, and lazy loading techniques to deliver a responsive and user-friendly experience. Integration with Google Analytics and Facebook Pixel indicates a moderate level of digital marketing maturity. While the site is mobile-optimized and SEO-friendly, some technical improvements such as updating libraries and enhancing accessibility could be beneficial. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in its HTML. However, the absence of security headers and privacy/cookie policies suggests gaps in compliance and security best practices. The lack of WHOIS data reduces domain trustworthiness, although the website content and external references support its legitimacy. Overall, DnesniObed.cz presents a functional and relevant service with room for improvement in privacy compliance and security posture. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

Z

zonasvobody.cz

zonasvobody.cz

41

Zóna svobody is a small hospitality and event venue based in Říčany, Czech Republic, offering refreshments, cultural activities, and entertainment for a broad audience including families and children. The website presents information about events, food and beverage offerings, and community programs, positioning itself as a local cultural hub. Technically, the site is built on WordPress with common libraries such as jQuery and Font Awesome, and it is moderately optimized for mobile devices with a good user experience. Security posture is basic with HTTPS enabled but lacking important security headers and privacy policies, which are critical for GDPR compliance. The absence of contact emails and phone numbers reduces business credibility and user trust. Overall, the site is functional and informative but would benefit from enhanced security and compliance measures.

E

Extravíno U Labutě

extravinoulabute.cz

40

Extravíno U Labutě is a small local wine retailer based in Říčany, Czech Republic, offering wine products through a WooCommerce-powered website built on WordPress with the Divi theme. The website targets local wine consumers and operates primarily as a retail business. Technically, the site uses common web technologies including Google Analytics and Tag Manager for tracking, but lacks advanced security headers and visible privacy or cookie policies. The site is mobile optimized and presents a good user experience with clear navigation and professional design. Security posture is moderate with HTTPS enabled but missing additional security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data is consistent with the business claims, indicating legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

L

LABE TRI CLUB Hradec Králové z.s.

skolnitriatlon.cz

41

The website skolnitriatlon.cz represents the LABE TRI CLUB Hradec Králové z.s., a small Czech sports organization focused on organizing school and public triathlon events. The site provides event schedules, contact information, and photo galleries to engage its target audience of athletes ranging from school children to general sports enthusiasts. The business model centers on event organization in collaboration with a sports equipment rental partner, Topsports Centrum. The website is modest but functional, with a clear focus on local sports community engagement. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, supplemented by Google Tag Manager and Facebook Pixel for marketing and analytics. Hosting and domain registration are managed by Wedos, a Czech provider, consistent with the business location. The site is mobile-optimized and offers a good user experience, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and modern tracking tools but lacks visible security headers and formal privacy or cookie policies, which impacts its privacy compliance score. No active forms or incident response contacts are present, and no vulnerability disclosure mechanisms are found. The domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is a good representation of a small local sports event organizer with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would improve trust and regulatory adherence.

U

UnisSoft s.r.o.

hairsoft.cz

38

HairSoft.cz is a professional website offering a comprehensive beauty salon management software solution developed by UnisSoft s.r.o. The software targets beauty salons, hairdressers, cosmeticians, and wellness providers primarily in the Czech and Slovak markets. The company emphasizes efficiency, modularity, and practical features derived from 25 years of industry experience. The website is well-designed, mobile-optimized, and rich in content including testimonials, detailed feature descriptions, and trial offers. Technically, the site uses Joomla CMS with modern frameworks and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS and CSRF protections, though some security headers and privacy compliance mechanisms are missing. WHOIS data is unavailable, which slightly reduces trustworthiness but the business information and website professionalism compensate for this. Overall, the site is a credible and valuable resource for its target audience.

U

UnisSoft s.r.o.

unisbook.cz

47

UnisSoft s.r.o. operates the UnisBook platform, a specialized online reservation system tailored for beauty and salon services. The company targets beauty professionals seeking efficient, automated booking solutions with features such as multi-branch management, client communication automation, and integration with payment gateways. The website demonstrates a mature digital presence with a professional design, clear navigation, and multilingual support, indicating a well-developed technical infrastructure based on Joomla CMS and modern web technologies. Security posture is solid with HTTPS and CSRF protections, though some security headers and cookie consent mechanisms could be improved. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the overall business credibility is supported by detailed policies, partner integrations, and active social media channels. Strategic recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, and improving accessibility features to further strengthen trust and compliance.

M

MĚSTO TŘEBÍČ

trebiczije.cz

47

The website trebiczije.cz serves as an official informational portal for the city of Třebíč, Czech Republic, targeting citizens, entrepreneurs, and tourists. It provides comprehensive information about living, business opportunities, tourism, and community events, supported by a dedicated incoming team. The site positions itself as a regional hub for local development and engagement, reflecting a medium-sized government entity with a focus on sustainable urban growth and community well-being. Technically, the site employs a modern JavaScript stack including jQuery, Swiper, Fancybox, and integrates analytics tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. It features responsive design and basic accessibility, with cookie consent mechanisms aligned with GDPR requirements. However, the absence of detected security headers and incomplete WHOIS data indicate areas for improvement in security and domain transparency. From a security perspective, the site benefits from HTTPS encryption and client-side form validation but lacks explicit security policies, incident response contacts, and vulnerability disclosure information. The missing WHOIS data raises concerns about domain registration legitimacy, although the website content and contact information strongly suggest it is an official municipal resource. Overall, the website is professionally designed and functional, with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and resolving WHOIS data visibility to improve trust and compliance. These steps will strengthen the site's security posture and business credibility while maintaining its role as a vital community resource.

M

MVE Sarl

mve.fr

46

MVE Sarl operates a website focused on the sale of used construction and public works equipment, targeting businesses and professionals in the construction sector primarily in France. The company has a long-standing domain registered since 1999, indicating an established presence in the market. The website uses WordPress with WooCommerce for e-commerce functionality and integrates SEO and analytics tools such as Yoast SEO and Google Tag Manager. The technical infrastructure is modern but lacks some advanced security headers and explicit privacy compliance documentation. Security posture is moderate with HTTPS enabled and reCAPTCHA implemented, but no published security or incident response policies were found. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

The website nami.org is currently inaccessible due to a Cloudflare Turnstile CAPTCHA security challenge, preventing access to any substantive content. The domain is long-established, registered since 1996 with Network Solutions, LLC, and uses Cloudflare for DNS and security services. Due to the blocking mechanism, no business, contact, or policy information is available for analysis. The technical infrastructure indicates use of modern security tools like Cloudflare's WAF and CAPTCHA to protect the site from automated threats. However, this also limits the ability to assess the website's content quality, security posture, and compliance status. Overall, the site appears legitimate based on domain age and registrar data, but the lack of accessible content restricts further evaluation.

F

Fondation Lilian Thuram

thuram.org

46

Fondation Lilian Thuram is a French non-profit organization dedicated to education against racism and promoting equality. The website serves as a platform to provide educational resources, multimedia content, and public awareness campaigns. It targets a broad audience including educators, students, and activists. The foundation is well-positioned in the non-profit education sector with a clear mission and professional online presence. Technically, the site is built on WordPress with common plugins and multimedia integrations, offering a good user experience and mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data limits domain trust verification, but the website's content and structure support its legitimacy. Overall, the site is a credible and valuable resource for anti-racism education.

U

Upian

upian.com

46

Upian is a French media company specializing in digital storytelling, offering studio services to media companies, institutions, and brands, as well as producing documentaries and magazines for web and television. The company positions itself as a creative and editorially focused production house with an international footprint. Technically, the website is built on modern frameworks such as Nuxt.js and Vue.js, providing a responsive and user-friendly experience. Security posture is adequate with HTTPS enabled, but lacks visible security headers and formal privacy and cookie policies, which could be improved to enhance compliance and trust. Overall, the website is professional and trustworthy, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic improvements in privacy compliance and security headers are recommended to strengthen the security posture and regulatory adherence.

F

Flexity

flexitylife.eu

46

Flexity is a specialized e-commerce retailer focusing on Pilates reformers, chairs, Cadillac units, and related fitness and body-mind care products. The website targets Pilates and fitness enthusiasts across multiple European markets with localized versions and multiple language support. The business model is retail e-commerce with a niche focus, supported by professional product presentation and customer engagement tools such as Trustpilot reviews and loyalty programs. Technically, the site is built on the Shoptet platform, leveraging common web technologies like jQuery, Google Tag Manager, and Facebook SDK for marketing and analytics. The site is mobile optimized and provides a good user experience with clear navigation and product categorization. Security posture is solid with HTTPS enforced and CSRF protection on forms, though some security headers could be improved. Privacy compliance is evident with a cookie consent mechanism and a privacy policy that aligns with GDPR requirements. No WHOIS registrant data is publicly available due to privacy protection, which is typical for commercial e-commerce sites. Overall, the site presents a trustworthy and professional front with moderate technical sophistication and good compliance practices.

Z

Zalando

zalando.cz

47

Zalando.cz is a major European e-commerce platform specializing in fashion, shoes, and accessories. The website offers a broad assortment of products with a focus on fast delivery and free shipping for most orders. The platform targets a general audience including women, men, and children, providing a comprehensive online shopping experience. Technically, the site uses modern web technologies including React and RequireJS, and integrates a consent management platform to comply with GDPR requirements. The security posture is strong with HTTPS enforced and use of security best practices, although explicit security headers and vulnerability disclosure mechanisms are not visible in the provided data. Overall, Zalando.cz presents a professional, trustworthy, and user-friendly online retail environment.

P

pressrelations GmbH

pressrelations.com

49

pressrelations GmbH is a well-established media monitoring and intelligence company founded in 2001, offering AI-supported platforms and consulting services to marketing and PR professionals worldwide. Their flagship product, NewsRadar®, provides cross-media monitoring and analysis, supporting over 1000 clients globally with a team of 250 employees across 12 locations. The company emphasizes a blend of technology and human expertise to deliver comprehensive media insights in real time. Technically, the website is built on TYPO3 CMS and integrates modern analytics and tracking tools such as Google Tag Manager, Hotjar, and social media pixels, with a strong focus on user privacy and consent management. Security posture is good with HTTPS enforced and secure forms, though improvements in security headers and incident response transparency are recommended. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting a strong business credibility despite missing WHOIS data. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure mechanisms to further strengthen trust and security.

2

20ecolesdechimie

20ecolesdechimie.com

41

20ecolesdechimie.com is the official website of the Fédération Gay-Lussac, a federation of 20 chemistry and process engineering schools in France. The site serves as an informational and promotional platform targeting prospective students, educators, and partners interested in chemistry engineering education. It provides detailed information on admissions, student life, international programs, and federation activities, positioning itself as a key resource in the French higher education sector for chemistry engineering. The federation is well-established, with a domain registered since 2015 and a consistent brand presence. Technically, the website is built on WordPress, utilizing common plugins such as Formidable Forms for contact and newsletter forms, Mailjet for email marketing, and Matomo for analytics. The site employs modern web technologies including lazy loading for images and SVG icons, ensuring good performance and mobile responsiveness. SEO and accessibility are adequately addressed, with proper meta tags, structured data, and language alternates. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, it lacks DNSSEC and some recommended security headers, which could be improved. The presence of a cookie consent mechanism and privacy policy indicates GDPR awareness, though no explicit security policy or incident response contact was found. Overall, the website is professional, trustworthy, and well-suited for its educational purpose. It demonstrates a solid digital maturity level with room for security enhancements. The risk profile is low, with no signs of malicious activity or content safety concerns.

The website tarikamar.fr represents a small, specialized digital services provider focused on public interest projects, operating within a cooperative model called multi. The business offers development, data science, and consulting services emphasizing open data and free software. The site is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience of organizations seeking digital tools for social good. Technically, the site uses modern web technologies including JavaScript, Python, Ruby, and PHP, hosted by OVH with HTTPS enabled, but lacks some security headers and formal privacy or cookie policies. Security posture is moderate with secure forms but missing incident response and vulnerability disclosure information. Overall, the domain registration is consistent and legitimate, supporting the business claims. The site contains no advertising or tracking technologies and no adult or questionable content, making it safe for general audiences.

The website garden-gourmet.com is currently a parked domain with no active business content or services. The domain is registered since 2019 with InterNetX GmbH and is set to expire in 2026. The site primarily serves as a landing page advertising the domain for sale, containing no privacy policies, contact information, or business details. Technically, the site uses basic HTML, CSS, and JavaScript with embedded iframes pointing to third-party ad and tracking domains. There is no evidence of HTTPS or security headers, which negatively impacts the security posture. The site lacks GDPR compliance indicators and does not provide cookie consent mechanisms. Overall, the site has low trustworthiness and poor content quality, reflecting its status as a parked domain rather than an active business website.

The Odoo Community Association (OCA) is a well-established non-profit organization founded in 2014 that supports the Odoo open source ERP ecosystem by fostering collaboration among developers, integrators, consultants, and users. The organization provides access to high quality apps, open upgrades, and community-driven resources, positioning itself as a key player in the open source ERP community. The website reflects this mission with clear navigation, professional design, and active engagement with sponsors and partners. Technically, the site is built on the Odoo CMS platform, leveraging modern web technologies such as FontAwesome, Google Analytics, and reCAPTCHA for security and analytics. Hosting is provided by Gandi SAS, with HTTPS enabled ensuring secure communications. However, some security best practices such as DNSSEC and security headers are not implemented, and no explicit cookie consent mechanism is present, which may impact GDPR compliance. Contact information is primarily via web forms, with no direct email or phone numbers visible. Overall, the site demonstrates good digital maturity and community trust but could improve in security and privacy compliance areas.

F

Ferme de Cagnolle

fermedecagnolle.fr

42

Ferme de Cagnolle is a small organic farm based in Dordogne, France, specializing in living soil market gardening and the production of organic vegetables, seeds, and legal CBD/CBG products. The farm also offers training programs and creates media content to share agroecological knowledge. Their business model combines direct product sales through an online boutique with educational services and participatory agricultural projects, targeting environmentally conscious consumers and learners in France and nearby European cities. The website is well-designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern web technologies including Google Analytics and cookie consent tools, but lacks some advanced security headers. The security posture is good with HTTPS enforced and no visible vulnerabilities. However, the absence of WHOIS domain registration data raises concerns about domain legitimacy and registration status, which should be addressed to improve trust. Overall, the site is professional and trustworthy, with good privacy compliance and clear contact information.

Le Présage is a pioneering solar-powered restaurant based in Marseille, France, established in 2016. The business focuses on sustainable and regenerative food practices using solar cooking technology. The website showcases the restaurant, a solar cooking container called La Guinguette, and a research and development section dedicated to solar technology in catering. The company targets environmentally conscious consumers and the local community, positioning itself as an innovative leader in sustainable hospitality. Technically, the website is built on WordPress using Elementor and several modern plugins, hosted by OVH. It features good SEO optimization and mobile responsiveness but lacks some security headers and privacy compliance elements. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, but improvements are recommended in security headers and privacy policies. Overall, the website is professional, trustworthy, and content-rich, supporting the business's credibility and market position.

Earthship Biras en Dordogne operates a niche informational website focused on promoting and sharing experiences about an autonomous Earthship house located in Dordogne, France. The business targets eco-conscious individuals interested in sustainable living and autonomous housing solutions. The website offers content about the house's history, life experience, rental opportunities, conferences, and related publications. Technically, the site is built on WordPress, hosted by OVH, and uses common web technologies such as jQuery and Google Fonts. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is basic with HTTPS enabled but missing important security headers and lacking published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is functional and professional but requires improvements in compliance and security to enhance trust and user protection.

L

L’Atelier Paysan

latelierpaysan.org

38

L’Atelier Paysan is a French cooperative organization dedicated to supporting farmers in designing and building agricultural machinery and infrastructure adapted to agroecology. The website serves as a platform for training, open-source tool plans, community engagement, and advocacy for technical autonomy in farming. The organization positions itself as a niche leader in agroecological technical solutions with a medium-sized presence and a strong community focus. Technically, the website is built on the SPIP CMS with a modern but moderate performance tech stack including jQuery, Google Analytics, and Matomo. The site is mobile-optimized and well-structured with good SEO practices. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is partial, with no cookie consent mechanism despite tracking scripts. No direct contact emails or phone numbers are published, which may impact user trust and compliance. Overall, the site is professional, content-rich, and trustworthy for its target audience.

C

Cerema

cerema.fr

48

Cerema is a French public entity specializing in climate adaptation and territorial planning, serving government bodies, local authorities, and enterprises. It holds a strong market position as a referent public organization providing tailored solutions for environmental and infrastructural challenges. The website reflects a mature digital presence with a modern Drupal 10 CMS, integrated analytics tools, and a professional design that supports user engagement and accessibility. Security posture is solid with HTTPS and privacy-conscious analytics configurations, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high business credibility and technical maturity, aligned with its governmental role.

S

salon Marjolaine - Parc Floral de Paris

salon-marjolaine.com

49

Salon Marjolaine is a well-established French event focused on organic agriculture, ecology, and sustainable living, operating since 2006. It serves as a major marketplace and meeting point for organic producers, consumers, and enthusiasts. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content about the event, exhibitors, and program. Technically, it is built on WordPress with modern plugins and tracking tools, hosted likely by Infomaniak, and uses HTTPS with basic security measures. Privacy compliance is well addressed with GDPR-aligned cookie consent and a detailed privacy policy. However, explicit security policies and vulnerability disclosures are absent, and some security headers could be improved. Overall, the site is trustworthy and professionally managed, with no signs of malicious activity or content safety concerns.

The website editions-croquant.org is currently inaccessible, returning a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered since 2002 with Tucows Domains Inc. and uses SiteGround as its hosting provider. No privacy, cookie, or terms of service policies are present, nor is there any contact or business information available on the site. The technical infrastructure appears minimal with only Google Fonts loaded externally. Security posture cannot be properly assessed due to lack of accessible content and missing security headers or SSL details. Overall, the site is effectively blocked, resulting in a very low trust and usability score.

L

leslibraires.fr

leslibraires.fr

46

Leslibraires.fr is a French e-commerce platform dedicated to supporting independent bookstores by offering online book sales, literary advice, thematic selections, and event agendas. The website targets French-speaking readers interested in literature and independent bookshops, positioning itself as a specialized retail platform within the French book market. The platform leverages modern web technologies including Bootstrap, Font Awesome, htmx, and Matomo analytics, hosted likely on OVH infrastructure, delivering a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS and secure payment indicators, though improvements are recommended in cookie consent and security headers. The absence of WHOIS data limits domain trust analysis, but the professional presentation and active social media presence support legitimacy. Overall, the site scores well on content quality, technical implementation, and business credibility, with moderate privacy compliance.

P

PEUPLES ET MUSIQUES AU CINEMA

peuplesetmusiquesaucinema.org

38

PEUPLES ET MUSIQUES AU CINEMA is a French cultural festival dedicated to the intersection of world music and cinema, organizing annual events including film screenings, concerts, and cultural workshops. The website demonstrates a well-established presence with archives dating back to 2000 and detailed programming for upcoming events, indicating a stable market position within the cultural and ethnomusicology sectors. The target audience is general public interested in cultural heritage and music cinema. Technically, the site is built on WordPress using the OceanWP theme and Elementor page builder, with modern libraries such as jQuery and FontAwesome, and includes Google reCAPTCHA for form security. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. Security posture is good with HTTPS and reCAPTCHA, but lacks visible security headers and comprehensive privacy/cookie compliance mechanisms. WHOIS data is unavailable due to malformed output, but domain expiry and website content suggest legitimacy. Overall, the site is professional and trustworthy but could benefit from enhanced privacy and security practices.

S

Syndicat du Conseil en relations publics

relations-publics.org

49

The Syndicat du Conseil en relations publics is a professional French association representing public relations agencies. The website serves as an information hub for members and the public, offering resources such as agency directories, training programs, events, and labels promoting responsible influence and corporate social responsibility. The site targets PR professionals, agencies, and students, positioning itself as a key industry player in France. Technically, the website is built on WordPress with common plugins like Yoast SEO and uses modern web technologies including jQuery and Google Analytics for tracking. The site is secured with HTTPS and employs Google reCAPTCHA for form protection, indicating a reasonable security posture. However, the absence of WHOIS registrant data and lack of explicit privacy cookie consent mechanisms slightly reduce trust and privacy compliance scores. Overall, the site is professional, well-structured, and trustworthy, but could improve transparency and compliance by publishing security policies and enhancing privacy controls.

U

UNIVERSEH

universeh.eu

44

UNIVERSEH is a European Space University dedicated to providing high-level education and research programs focused on space studies. It operates as a consortium of European universities and research institutions, offering courses, mobility programs, and research projects to students, researchers, staff, stakeholders, and citizens interested in space and humanity. The website reflects a well-structured and professionally designed platform with a clear focus on education and research in the space sector. Technically, the site is built on WordPress with modern plugins such as Elementor and Yoast SEO, and it integrates Google Analytics for user tracking. The site is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers are not detected and incident response information is absent. Overall, the domain registration is consistent with the business purpose, registered through BELNET, a reputable academic registrar. The site maintains a strong social media presence, enhancing its trustworthiness and outreach.

K

KOSTKA footbike

kostkafootbike.com

49

KOSTKA footbike is a well-established Czech manufacturer and retailer specializing in scooters for adults, children, and specialized uses such as mushing and seniors. The company emphasizes Czech production with over 20 years of tradition, offering a wide range of products and services including a Try & Buy rental program and a custom scooter configurator. The website is professionally designed, mobile-optimized, and provides rich content including blogs and community events, supporting a strong market presence in the micro-mobility retail sector. Technically, the website leverages a modern tech stack built on Prestashop CMS, integrating popular JavaScript libraries and marketing tools such as Google Tag Manager and Facebook Pixel. Performance and SEO are well addressed, with good accessibility and user experience. Privacy and cookie policies are present and GDPR compliant, with active consent mechanisms. Security posture is solid with HTTPS enforced, security headers implemented, and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data and lack of explicit security policy or incident response information slightly reduce trustworthiness. Overall, the site is secure, professional, and trustworthy, though domain registration transparency should be improved. Strategically, the company should consider publishing a dedicated security policy and vulnerability disclosure page, and ensure domain registration data is publicly available to enhance credibility and trust.

Place à l'acte is a French platform dedicated to facilitating social engagement and community action by providing resources, inspiration, and tools for individuals to launch and develop societal projects. The website targets socially conscious individuals seeking to contribute or start initiatives locally or more broadly. Technically, the site uses a modern front-end framework (Foundation) and integrates Facebook Pixel for marketing and tracking purposes. Hosting is provided by Infomaniak Network SA, a reputable provider. Security posture is moderate with HTTPS enabled but lacking important security headers and cookie consent mechanisms, which impacts GDPR compliance and overall security maturity. The website is accessible with no blocking or WAF challenges detected, and WHOIS data is consistent and transparent, supporting legitimacy. Overall, the platform is well-positioned in its niche but should improve privacy and security practices to enhance trust and compliance.

M

My Somfy Showroom

mysomfyshowroom.co.uk

48

My Somfy Showroom is a specialized digital platform showcasing Somfy motorized window treatment products and smart home integration solutions. The website targets Somfy customers, home automation enthusiasts, and Somfy experts, providing interactive product galleries, educational content, and resource downloads. The business operates primarily in the UK market and was established in 2022, reflecting a focused niche showroom model. Technically, the site employs AngularJS, jQuery, Bootstrap, and modern JavaScript libraries to deliver an interactive and mobile-optimized user experience. While the site uses HTTPS and DNSSEC for domain security, it lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The login and password reset forms indicate controlled access for Somfy experts, but no explicit contact information or incident response channels are provided. Overall, the site is professional and functional but would benefit from enhanced privacy compliance and security best practices.