Security Directory

O

Office de Tourisme Béziers Méditerranée

beziers-mediterranee.com

64

Office de Tourisme Béziers Méditerranée operates as the official regional tourism office for the Béziers Méditerranée area in France, providing comprehensive tourism information, event listings, and booking services. The website is well-branded and professionally maintained, targeting tourists and visitors seeking cultural, leisure, and outdoor activities in the region. The business model focuses on promoting local tourism and facilitating visitor engagement through digital channels. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and a cookie consent platform (Axeptio). It features responsive design, good SEO practices, and accessibility considerations. The site integrates interactive maps and booking widgets enhancing user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of explicit security headers is noted. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with visible privacy and cookie policies, and GDPR consent mechanisms. Overall, the site presents a low-risk profile with strong business credibility and digital maturity. The main concern is the lack of WHOIS data, which should be investigated to confirm domain registration legitimacy. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and verifying domain registration details.

M

My Sport Session

mysportsession.com

56

My Sport Session is an online platform based in France that enables users to discover and book a wide variety of sports and leisure activities without subscription or commitment. The service emphasizes flexibility, local availability, and ease of booking, targeting a broad audience interested in physical activities and leisure. The website is professionally designed with a consistent brand presence and includes user testimonials and social media integration to build trust. Technically, the website leverages modern web technologies including React and Google Tag Manager, with asynchronous and deferred script loading to optimize performance. The site is mobile-optimized and includes SEO best practices such as meta tags and Open Graph data. However, accessibility features are basic and could be improved. From a security perspective, the site enforces HTTPS and uses Google Tag Manager for analytics and marketing. There is a lack of visible security headers and no published privacy or cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating recent registration or privacy protection, which impacts trustworthiness. Overall, the platform presents a good user experience and a solid technical foundation but should enhance transparency around privacy, security policies, and contact information to improve compliance and user trust. Further verification of domain registration is recommended to confirm legitimacy.

T

Tourisme en Occitanie

grands-sites-occitanie.fr

61

Tourisme en Occitanie is a regional tourism promotion website dedicated to showcasing the key destinations and attractions within the Occitanie region of France. It serves as an official portal providing comprehensive travel information, destination guides, and event promotion to attract tourists. The website targets travelers interested in cultural, outdoor, and leisure activities in the region. Technically, the site is built on WordPress using Elementor, with integrations for Google Tag Manager and Matomo Analytics, indicating a mature digital infrastructure. The site is well-optimized for SEO, mobile-friendly, and accessible, providing a professional user experience. Security-wise, the website enforces HTTPS and includes several security headers, although the Content-Security-Policy could be more comprehensive. Privacy compliance is strong, with clear cookie consent mechanisms and a detailed privacy policy aligned with GDPR requirements. However, the absence of WHOIS data for the domain reduces trust slightly, as domain registration details are not publicly available. Overall, the site presents a low-risk profile with good security and privacy practices but would benefit from enhanced transparency in domain registration and contact information.

T

Tourisme en Occitanie

tourisme-occitanie.com

61

Tourisme en Occitanie operates as the official regional tourism portal for the Occitanie region in France, providing comprehensive travel information, destination guides, and event promotion to tourists and travelers. The website is professionally designed with excellent content quality, clear navigation, and mobile optimization, positioning it as a trusted source for regional tourism. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Google Tag Manager and Matomo, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and security headers, alongside a robust cookie consent mechanism ensuring GDPR compliance. However, the absence of WHOIS domain registration data and lack of explicit contact or security policies present areas for improvement in business credibility and transparency. Overall, the site is safe, trustworthy, and well-positioned to serve its audience effectively.

The website 'La Grande Motte Architecture' is an informational and cultural tourism platform dedicated to the architectural heritage of La Grande Motte, France, focusing on the work of architect Jean Balladur. It serves a niche audience interested in architecture, history, and tourism, providing detailed historical context, guided tours, and event information. The site is professionally designed using WordPress with the Avada theme and Fusion Builder, and it is hosted by OVH sas. The technical infrastructure includes modern web technologies and SEO optimizations, but performance is moderate and accessibility is basic. Security posture is adequate with HTTPS enabled but lacks important security headers and DNSSEC. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is trustworthy and legitimate, with consistent WHOIS data and no blocking mechanisms detected.

E

Effinity

effiliation.com

63

Effinity is a French digital marketing agency specializing in performance marketing with over two decades of experience. Their services include affiliation, influence marketing, social commerce, various advertising channels, and lead generation. The company positions itself as a trusted partner with a medium-sized team of 60 collaborators and strategic partnerships such as with TikTok Shop. The website is professionally designed using WordPress with modern plugins and tracking technologies, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are missing. The absence of WHOIS data slightly impacts trust but the overall business credibility remains high. Strategic recommendations include publishing comprehensive privacy and security policies and enhancing security headers.

E

Europskenoviny.sk

europskenoviny.sk

62

EuropskeNoviny.sk is a Slovak online news portal specializing in comprehensive coverage of European Union affairs, politics, and social issues. Established in 2013, it serves Slovak-speaking audiences interested in EU developments, providing news, political analysis, live parliamentary coverage, and video blogs. The website positions itself as a leading source for EU-related news in Slovakia, leveraging a WordPress-based platform with modern SEO and analytics integrations. The business model centers on digital media publishing supported by advertising networks and user engagement tools.

J

JOJ Group

jojgroup.sk

55

JOJ Group is the largest media group in Slovakia, offering a broad range of media broadcasting and advertising services. The company operates multiple TV stations and online media brands, targeting a general audience in Slovakia. Their business model focuses on media production, broadcasting, and advertising sales, positioning them as a market leader in the Slovak media industry. The website reflects a professional and modern digital presence with good content quality and clear branding. Technically, the site is built on WordPress with modern JavaScript libraries and includes a consent management platform for GDPR compliance. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

Č

Československá filmová společnost, s.r.o.

joj.cz

63

Československá filmová společnost, s.r.o. operates the JOJ.cz website, a media platform offering a rich selection of Czech and Slovak films and TV programming across multiple branded channels. The company targets film enthusiasts in the Czech Republic and Slovakia, providing both broadcast and online streaming services. The website is professionally designed with consistent branding and clear navigation, supporting a medium-sized media business founded in 2007. Technically, the site uses modern web technologies including Google Tag Manager and Google Analytics, with responsive design and lazy loading for performance optimization. Security posture is solid with HTTPS enforced and no exposed sensitive data, though improvements are recommended in security headers and incident response transparency. Privacy compliance is supported by comprehensive privacy and cookie policies, though a cookie consent mechanism is absent. Overall, the domain registration data aligns well with the business claims, indicating a legitimate and established media entity.

S

Slovenská produkčná, a.s.

joj.sk

59

TV JOJ, operated by Slovenská produkčná, a.s., is a leading Slovak media company specializing in television broadcasting and digital content delivery. The website serves as a comprehensive portal for live TV streaming, program archives, news, sports, and entertainment, targeting the Slovak-speaking general public. The company holds a strong market position as a major broadcaster in Slovakia, supported by a consistent brand presence and a broad content offering.

S

Slovenská produkčná, a.s.

noviny.sk

64

Noviny.sk is a prominent Slovak online news portal operated by Slovenská produkčná, a.s., a media company based in Bratislava, Slovakia. The website offers a wide range of news content including politics, economy, sports, crime, weather, and multimedia such as videos and podcasts. It targets a general audience seeking up-to-date news and information. The business model relies primarily on advertising revenue, supported by multiple ad networks and programmatic bidding technologies integrated into the site. The portal is part of a larger media group including joj.sk and jojgroup.sk, enhancing its market position in the Slovak media landscape. Technically, the website employs modern JavaScript modules, header bidding with Prebid.js, and multiple analytics and advertising platforms such as Google Analytics, Facebook Pixel, Gemius, Smart AdServer, and Teads. Consent management is handled via the Didomi CMP, ensuring GDPR compliance mechanisms are in place. The site is mobile-optimized with good SEO practices and structured data markup to enhance search engine visibility. From a security perspective, the site enforces HTTPS and uses consent management for privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly implemented, and there is no public security policy or incident response contact information. No vulnerabilities or exposed sensitive data were detected in the provided HTML content. Overall, the security posture is moderate but could be improved with additional headers and transparency. The overall risk assessment is low, with the site appearing legitimate, professionally managed, and compliant with basic privacy regulations. Strategic recommendations include publishing clear privacy and terms of service pages, enhancing security headers, and providing incident response contacts to improve trust and compliance.

C

Chaty

chaty.app

64

Chaty is a technology company offering a SaaS chat widget solution that integrates multiple popular messaging platforms such as WhatsApp, Facebook Messenger, Telegram, and more into a single widget for websites. The company targets website owners, e-commerce businesses, and customer support teams aiming to improve customer engagement and conversion rates. With over 300,000 websites using Chaty and a strong base of positive reviews, Chaty holds a solid market position in the customer communication tools sector. Technically, the website is built on WordPress with modern JavaScript libraries and supports multiple platforms including Shopify, Wix, and BigCommerce, reflecting a mature and versatile digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, Chaty enforces HTTPS, implements key security headers, and avoids exposing sensitive data, though it lacks a publicly visible security policy or incident response plan. Privacy compliance is partially addressed with a comprehensive privacy policy and GDPR page, but the absence of a cookie consent mechanism is a notable gap. Overall, Chaty presents a trustworthy and professional online presence with room for improvement in privacy and security transparency.

E

Eiffage

eiffageenergiesystemes.com

65

Eiffage Énergie Systèmes is a French enterprise specializing in the design, realization, operation, and maintenance of electrical, industrial, climatic, and energy engineering systems. As part of the larger Eiffage group, it serves key markets including industry, infrastructure, cities, and the tertiary sector, offering tailored solutions. The website reflects a mature digital presence with professional design, clear navigation, and compliance with privacy regulations, including GDPR. The technical infrastructure leverages modern JavaScript libraries, analytics tools, and cookie consent frameworks, indicating a well-maintained platform. Security posture is strong with HTTPS enforcement, reCAPTCHA integration, and user alerts about fraud attempts, though explicit security headers and incident response contacts are not evident. The absence of WHOIS data is a notable anomaly, suggesting either privacy protection or recent registration, which slightly impacts trust but is mitigated by consistent branding and linked official domains. Overall, the site demonstrates a solid business and technical foundation with room for enhanced transparency in security policies.

P

Playmain

playmain.com

47

Playmain is a small web development duo based in Indonesia, operated by a married couple who focus on crafting quality websites with an emphasis on both aesthetic design and functional code. Their website serves as a personal portfolio and family playground for their creative web design and development projects. The site is simple, with limited content and no advanced interactive features. Technically, the site uses basic web technologies including HTML5, CSS3, JavaScript, Google Fonts, and Google Analytics for tracking. However, there is no evidence of a CMS or advanced frameworks. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is missing or indicates the domain is unregistered or expired, which raises concerns about domain legitimacy. Overall, the site is functional but lacks professional security and compliance features.

C

Clay Global

clay.global

69

Clay Global is a professional UX/UI design and branding agency based in San Francisco, serving clients worldwide. They specialize in creating digital products, websites, design systems, and brand experiences, with a strong portfolio including major clients such as Coinbase, Uber, Slack, and Amazon. Their business model focuses on service delivery in design and development, supported by an in-house content production studio and expertise in generative AI-powered UX design. Technically, the website is built on modern frameworks like Next.js and React, uses Sanity CMS, and integrates analytics tools such as Google Tag Manager and Ahrefs Analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, with excellent design and user experience. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks some security headers and publicly available security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the website presents a high level of professionalism and trustworthiness, with minor areas for improvement in privacy and security transparency.

S

stempelservice.de

stempelservice.de

52

Stempelservice.de is a well-established German e-commerce retailer specializing in custom stamps and related accessories, boasting over 25 years of industry experience. The website offers a user-friendly online configurator for personalized stamps including text, logos, and various stamp types such as date, wood, and motivational stamps. Their market position is strengthened by strong customer trust signals including Trusted Shops and eKomi certifications, as well as positive customer reviews. The target audience includes businesses, schools, and private customers seeking quality stamp products.

O

Office de Tourisme Béziers Méditerranée

beziers-mediterranee.uk

60

The website represents the official Office de Tourisme Béziers Méditerranée, providing comprehensive tourist information, event promotion, and ticketing services for the Béziers region in France. It targets tourists and visitors seeking cultural, leisure, and practical information about the Mediterranean area. The site is well-branded, professionally designed, and offers multilingual support, reflecting a mature digital presence. Technically, the site is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, and integrates Google Analytics and Tag Manager for tracking. Cookie consent is managed via Axeptio, indicating attention to privacy compliance. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and no visible sensitive data exposure. However, the absence of HTTP security headers and lack of published security policies or incident response contacts are areas for improvement. The WHOIS data is missing or invalid due to domain naming rules violation, which slightly reduces trust from a domain registration perspective but does not detract from the site's legitimacy based on content and certifications. Overall, the site is low risk with strong business credibility and privacy compliance, but should address domain registration clarity and enhance security headers and policies to improve trust and resilience.

L

La Ramoneta

laramoneta.com

47

La Ramoneta is a small, niche travel and lifestyle blog focused on promoting tourism and cultural experiences in the South of France. The website offers curated content including guides on activities, places to see, local food, accommodations, and cultural insights. The business model centers around content publishing and local food tours, targeting tourists and visitors interested in authentic regional experiences. The site maintains a consistent brand presence with active social media channels and a professional design. Technically, the website is built on WordPress with Yoast SEO and integrates Google Analytics and CookieControl for analytics and cookie consent management. The site is mobile optimized and has good SEO practices, though performance is moderate. Hosting is provided by Vautron Rechenzentrum AG, and the domain is registered since 2017, consistent with the business age. From a security perspective, the site uses HTTPS and has implemented cookie consent, but lacks advanced security headers and does not enable DNSSEC. There is no visible privacy policy, terms of service, or incident response information, which are gaps in compliance and security transparency. No WAF or blocking mechanisms were detected, and no vulnerabilities were apparent from the data provided. Overall, La Ramoneta presents a trustworthy and professional online presence for a small travel blog, but should improve privacy and security disclosures to enhance compliance and user trust.

M

Meteored

tameteo.com

68

Tameteo.com, operated by Meteored, is a well-established online weather forecasting platform targeting French-speaking users primarily in France and its overseas territories. The site offers comprehensive 14-day weather forecasts, hourly updates, radar and satellite imagery, and weather-related news. It supports multiple platforms including web and mobile apps for Android, iOS, Huawei, and Windows, enhancing accessibility and user engagement. The business model relies on free content supported by advertising and additional services such as widgets and plugins for third-party integration. Technically, the website employs modern JavaScript frameworks and libraries, integrates Google Tag Manager and Google Ads for analytics and advertising, and uses a Consent Management Platform to comply with GDPR. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enforced and GDPR compliance evident, though some security headers could be improved. Despite the professional appearance and comprehensive content, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. No direct company contact emails or phone numbers are publicly available, which may impact business credibility. Overall, the site is trustworthy and functional but would benefit from improved domain registration transparency and enhanced security headers. Strategic recommendations include implementing additional security headers, enhancing accessibility features, and providing clearer business contact information to strengthen trust and compliance.

P

Plerdy

plerdy.com

69

Plerdy is a technology company specializing in conversion rate optimization (CRO) and SEO tools designed to help businesses improve website usability, track user behavior, and increase sales conversions. Their platform offers a comprehensive suite of products including heatmaps, session replay, pop-up software, ecommerce analytics, and AI-powered UX assistance. The company targets digital marketers, UX specialists, and e-commerce businesses seeking data-driven insights to optimize their online presence. The website is professionally designed, mobile-optimized, and rich in content, featuring client testimonials and endorsements from global enterprises, which positions Plerdy as a credible player in the CRO and SEO market. Technically, the website is built on WordPress and leverages modern JavaScript libraries such as jQuery, along with integrations for Google Analytics 4, Bing UET, and LinkedIn Insight for analytics and marketing. The site employs SSL encryption and has a cookie consent mechanism, indicating a good level of privacy compliance. However, some security headers are not explicitly detected, and there is no visible incident response or vulnerability disclosure information, which could be improved to enhance security posture. From a security perspective, the site demonstrates solid fundamentals with HTTPS and published privacy and security policies. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the professional presentation and comprehensive policies mitigate concerns. No critical vulnerabilities or suspicious content were detected. Overall, Plerdy maintains a strong security and privacy stance suitable for its business model. The overall risk assessment is low, with recommendations to enhance security headers, publish incident response contacts, and consider a security.txt file for vulnerability reporting. These steps would further strengthen trust and compliance. The website’s technical infrastructure is modern and well-maintained, supporting a positive user experience and effective marketing analytics.

S

Sellcodes

sellcodes.com

67

Sellcodes is an online marketplace specializing in the buying and selling of software codes, including themes, plugins, scripts, and software licenses. Founded in 2016, the platform currently operates in a limited capacity, processing payments exclusively for digital products licensed by its partner Inisev. The website targets software developers and digital product creators seeking a marketplace to monetize or acquire code assets. Technically, Sellcodes employs a modern tech stack including jQuery, Bootstrap, and various JavaScript libraries, with integrations for payment processing via Paddle and analytics through Google services. The site is hosted with a reputable registrar and uses Cloudflare DNS, ensuring stable domain management and HTTPS security. Security posture is moderate, with HTTPS enforced and CSRF protections in place, but lacks DNSSEC and explicit security headers. Privacy compliance is basic, with privacy and terms pages present but no cookie consent mechanism or detailed GDPR indicators. Overall, the website is professionally designed, user-friendly, and safe for general audiences, though improvements in security policies and privacy compliance are recommended.

MyPopUps is a specialized SaaS platform founded in 2017 that offers website owners and marketers a comprehensive solution to create and deploy customizable pop-ups. The platform provides a marketplace of ready-made pop-up themes and an advanced builder tool to create pop-ups for email collection, discount codes, cookie notices, and adblocker detection. The business targets digital marketers and website owners seeking to enhance user engagement and conversion rates through pop-ups. Technically, the website leverages modern JavaScript frameworks (likely Vue.js), integrates with popular analytics and marketing tools such as Google Analytics, Hotjar, and Google Tag Manager, and uses Cloudflare DNS for domain management. The site is hosted with a reputable registrar and employs HTTPS for secure communications. Security posture is solid but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic with privacy and terms pages present but lacking cookie consent mechanisms. Overall, the website is professional, functional, and trustworthy with moderate risk and room for security and compliance enhancements.

O

Orne Département

travaillerdanslorne.com

60

The website 'Travailler dans l'Orne' is a regional employment platform operated by the Orne Département, a local government entity in France. It serves as a centralized portal for job seekers and recruiters within the Orne department, offering job listings, training opportunities, internships, and alternance contracts. The platform also provides a CV analysis feature to better match candidates with relevant job offers. The site targets local residents and businesses, positioning itself as a key regional employment resource. Technically, the website employs modern JavaScript frameworks such as Turbo (Hotwire) and StimulusJS, and integrates analytics tools including Google Tag Manager and Piano Analytics. Hosting is provided by OVH sas, a reputable French hosting provider. The site is mobile-optimized with a good user experience and clear navigation. Security-wise, the site uses HTTPS and domain-level protections like clientDeleteProhibited and clientTransferProhibited statuses, but lacks DNSSEC and explicit security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism. Contact information is primarily via forms, with no explicit emails or phone numbers listed. Overall, the website is professional, trustworthy, and well-aligned with its government mandate, but could improve security and privacy practices.

V

Ville de Balaruc-les-Bains

ville-balaruc-les-bains.com

62

The website ville-balaruc-les-bains.com serves as the official municipal portal for the town of Balaruc-les-Bains in France. It provides comprehensive information about the town's thermal spa services, cultural events, public services, urban planning, and social programs. The site targets residents, tourists, and local citizens, positioning itself as a key information hub for the community. The business model is that of a government entity providing public services and information. The website is well-branded and consistent with municipal identity. Technically, the site is built on Drupal 9 CMS with Bootstrap Barrio theme and uses modern web technologies including Font Awesome and Leaflet.js for maps. Google Tag Manager and reCAPTCHA are integrated for analytics and form security. The site is mobile optimized and accessible with good SEO practices. Hosting appears stable with a domain age since 2003, indicating maturity. From a security perspective, HTTPS is enabled and forms are protected with reCAPTCHA. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing. No vulnerability disclosure or security.txt file is present. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy found. Social media presence is strong, enhancing trust. Overall, the website is safe, professional, and trustworthy with moderate security posture and good business credibility. Recommendations include enhancing security headers, enabling DNSSEC, publishing privacy and security policies, and improving privacy compliance documentation.

M

Meteored

tiempo.com

68

Tiempo.com, operated by Meteored, is a well-established Spanish-language weather information portal offering detailed 14-day forecasts, meteorological news, videos, and weather alerts. The site targets a broad general audience interested in weather updates primarily in Spain and other Spanish-speaking regions. It maintains a strong digital presence with mobile applications across Android, iOS, Huawei, and Windows platforms, and integrates social media channels to engage users. Technically, the website employs modern web technologies including asynchronous JavaScript bundles, Google Tag Manager, header bidding for advertising, and Cloudflare for performance and security. The site is optimized for desktop and mobile devices, with good SEO and accessibility practices. Privacy compliance is robust, featuring GDPR-compliant cookie consent mechanisms and detailed privacy policies. From a security perspective, the site enforces HTTPS and uses standard security practices, though explicit security headers are not fully confirmed. No vulnerabilities or exposed sensitive data were detected in the analyzed content. However, the absence of WHOIS registration data raises concerns about domain registration transparency, which could impact trustworthiness. Overall, Tiempo.com presents a professional and trustworthy weather service with strong content and technical maturity. The main risk lies in the lack of visible domain registration information, which should be addressed to enhance credibility and compliance.

L

La Filature

lafilature.org

46

La Filature is a prominent cultural institution based in Mulhouse, France, hosting a variety of performing arts organizations including the Scène nationale, Orchestre symphonique de Mulhouse, Opéra national du Rhin, and a Médiathèque. It serves as a regional hub for theater, music, opera, dance, and library services, targeting a broad audience interested in cultural events. The website reflects a well-structured and professionally maintained digital presence with clear navigation and rich content showcasing upcoming events and organizational information. Technically, the website employs modern JavaScript frameworks such as StimulusJS and SwiperJS for interactive features and uses Google Tag Manager for analytics. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be improved. Performance is moderate, with no critical technical issues detected in the provided HTML content. From a security perspective, the site uses HTTPS and avoids exposing sensitive data in the HTML. However, no explicit security headers were detected, and there is a lack of visible privacy, cookie, or incident response policies, which are important for compliance and user trust. The WHOIS data is unavailable, which slightly reduces domain trustworthiness but does not directly impact the legitimacy of the site given its professional content and clear contact information. Overall, La Filature's website is a reliable and professional platform for cultural engagement, with recommendations to enhance privacy compliance, security headers, and incident response transparency to further strengthen its security posture and user trust.

X

XTUNING LTD. - pobočka

xtuning.cz

50

XTuning is a professional automotive tuning company specializing in chip tuning services for passenger cars, agricultural machinery, and trucks. Established since 1999, the company operates primarily in the Czech Republic and neighboring countries, offering performance optimization and fuel consumption reduction services. The website reflects a mature digital presence with certifications from the Ministry of Transport and TÜV SÜD, enhancing trust and credibility. Technically, the site uses modern frameworks like Bootstrap and integrates multiple marketing and analytics tools with proper consent mechanisms. Security posture is good with HTTPS and no visible vulnerabilities, though security headers could be improved. The absence of WHOIS data limits domain trust verification but does not detract from the professional presentation and business legitimacy. Overall, XTuning demonstrates a solid market position with clear service offerings and customer engagement channels.

Entreprendredanslorne.com is a regional business facilitation platform focused on supporting companies seeking to establish operations in the Orne department of Normandy, France. The website offers services including project accompaniment, real estate and land search, public aid identification, and networking with local actors. It positions itself as a key regional player providing a free and tailored support network for business implantation. The site is linked to regional government entities, enhancing its credibility. Technically, the website employs a modern front-end stack including Bootstrap 3.3.7, jQuery, Font Awesome, Google Fonts, and interactive components like FlexSlider and Owl Carousel. It integrates Google Analytics, Google Tag Manager, and SnapEngage chat for user engagement and analytics. Security measures include HTTPS with reCAPTCHA v3 on forms, but lack explicit security headers and cookie consent mechanisms. The security posture is moderate with good SSL configuration and secure form handling, but improvements are needed in security headers and privacy compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact details suggest a legitimate regional business service. Overall, the site is professional and functional but would benefit from enhanced security and compliance transparency. Strategically, verifying domain registration and adding explicit privacy and security policies would strengthen trust. Enhancing security headers and cookie consent would improve compliance and user trust. Continued monitoring of third-party scripts and analytics is recommended to mitigate potential vulnerabilities.

A

AD Normandie

adnormandie.fr

47

AD Normandie is a regional economic development agency serving the Normandy region in France. The agency acts as a single point of contact for economic development and provides tailored support and aid to local businesses. The website reflects a professional government entity with a clear mission to assist companies in project formalization and implantation within Normandy. The digital infrastructure is built on a modern WordPress platform with SEO and analytics tools, indicating a mature digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is trustworthy, well-branded, and compliant with GDPR requirements. No critical vulnerabilities or suspicious elements were detected.

C

ClimateLaunchpad

climatelaunchpad.org

48

ClimateLaunchpad is a globally recognized green business ideas competition that supports entrepreneurs and innovators in transforming their sustainable ideas into successful startups. Established in 2015 and co-funded by the European Union through Climate KIC, it offers training, coaching, and competitive platforms culminating in national and regional finals. The website reflects a mature digital presence with a WordPress CMS, integration of Google Tag Manager for analytics, and a responsive design optimized for mobile users. Security practices include HTTPS enforcement and domain transfer protections, although enhancements like DNSSEC and security headers could improve the security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site demonstrates high professionalism, trustworthiness, and a strong commitment to its mission of fostering green innovation worldwide.

Tourisme Hérault operates an official regional tourism website promoting the Hérault region in Southern France. The site offers rich multimedia content, multilingual support, and detailed information about natural and cultural attractions, targeting tourists and holidaymakers. The business model focuses on tourism promotion and visitor engagement through surveys, videos, and inspirational content. Technically, the website is built on WordPress with Elementor and integrates modern analytics and tracking tools such as Google Tag Manager and Matomo. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers are not detected and no explicit incident response contacts are provided. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, the site is trustworthy and well-maintained but would benefit from improved transparency in domain registration and contact information.

Smulders is a well-established multidisciplinary construction company specializing in the engineering, production, delivery, and assembly of heavy, technically complex steel structures, with a strong focus on offshore wind farm integration. Operating primarily in Belgium and neighboring countries, it serves industrial and energy sectors as a comprehensive EPC contractor. The company benefits from a large workforce and a reputable market position supported by its parent company, Eiffage. The website reflects a professional corporate identity with clear messaging and comprehensive service descriptions. Technically, the site uses modern web technologies including Google Tag Manager and Matomo Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some advanced security headers and explicit security policies are absent. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

B

Best4Run Běžecká speciálka

best4run.cz

54

Best4Run is a Czech Republic based specialty retailer focused on running shoes, apparel, and equipment. Established in 2015, it operates both an e-commerce platform and a physical store in Přerov, serving customers from surrounding regions. The website offers a comprehensive product catalog, educational content, and diagnostic services for runners. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern web technologies and multiple analytics and marketing tools with user consent mechanisms. Security posture is good with HTTPS and CSRF protections, though some security headers could be improved. The absence of WHOIS data reduces domain trust but the website content and business presence appear professional and legitimate. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

S

Sykora spol. s r.o.

sykora.eu

60

Sykora spol. s r.o. is a Czech-based company specializing in high-quality custom kitchens and interior furniture solutions. Their website showcases a comprehensive product catalog including kitchens, wardrobes, bathrooms, and living room furniture, targeting consumers seeking tailored interior design. The company operates through multiple retail studios and emphasizes professional design and modern technology integration. Technically, the website is built on the Studio9 webManager CMS, uses modern JavaScript libraries such as jQuery, and integrates Google Tag Manager, Google Analytics, Facebook Pixel, and Pinterest tracking for marketing and analytics purposes. The site is well-optimized for mobile devices and provides a good user experience with clear navigation and rich multimedia content. Security-wise, the website enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and publicly available security policies or incident response contacts. The domain WHOIS data is privacy protected by EURid, which is typical for .eu domains and does not raise legitimacy concerns. Overall, the website is professional, secure, and compliant with privacy regulations, making it a trustworthy platform for customers.

Restaurace Maxima is a small hospitality business based in the Czech Republic, specializing in traditional gastronomy with a modern twist. The website presents a professional and visually appealing interface that highlights their daily menus, event hosting, and quality culinary offerings. The business targets local customers, families, and corporate clients seeking quality dining experiences. Technically, the website uses modern front-end technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of WHOIS data and privacy policy pages indicates gaps in transparency and compliance. Security posture is moderate with cookie consent implemented but lacking security headers and incident response information. Overall, the website is functional and trustworthy for its business purpose but would benefit from enhanced security and compliance documentation.

T

TAŠ STAPPA

tas-stappa.cz

47

TAŠ STAPPA is a Czech Republic based company specializing in the supply of concrete and aggregates primarily serving the Zlín region. With over 25 years of experience, it positions itself as a reliable local supplier offering concrete delivery, pumping services, and concrete plant equipment. The website reflects a medium-sized business with a clear focus on construction materials and services. Technically, the site is built on Joomla CMS using modern frameworks and libraries such as Bootstrap, jQuery, and Smart Slider 3, with integrated Google Analytics and Facebook Pixel for marketing and analytics purposes. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and policies are not publicly documented. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear professional and consistent. Overall, the site demonstrates good digital maturity and compliance with privacy regulations.

P

PURLIVE

purlive.cz

47

PURLIVE is a Czech-based certified manufacturer and supplier specializing in prefabricated construction systems primarily for family houses, modular wooden buildings, and container components. The company positions itself as a leading provider of energy-efficient and cost-effective building solutions in the Czech market. Their website reflects a professional digital presence with clear business offerings targeted at construction firms, architects, and private customers interested in modern prefabricated housing solutions. Technically, the website is built on Joomla CMS with modern frontend technologies including Bootstrap, jQuery, and Smart Slider 3, ensuring a responsive and user-friendly experience. The site integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, and Google Tag Manager, indicating a mature digital marketing strategy. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies, which could be improved. The absence of WHOIS data for the domain is a notable gap in trust verification, though the website content and structured data suggest a legitimate business. Overall, the site scores well in content quality and business credibility but should enhance privacy compliance and security transparency to strengthen trust and compliance.

S

Selectra

selectra.com

59

Selectra is a well-established international company specializing in utilities comparison and subscription services across energy, telecom, insurance, and finance sectors. Founded in 2007 and operating in 17 countries, Selectra serves a broad consumer base seeking to optimize household utility expenses. The website demonstrates strong branding, professional design, and extensive content supporting its market position as a leading player in its industry. Technically, the website employs modern tracking tools such as Google Analytics and Google Tag Manager, with DNS managed via Cloudflare and domain registration through Amazon Registrar. The site is mobile-optimized and SEO-friendly, though some technical improvements such as enabling DNSSEC and adding security headers could enhance security posture. Security-wise, the site uses HTTPS and domain status protections but lacks visible security policies, incident response contacts, and vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms, which is a notable gap given the tracking technologies in use. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security transparency to align with best practices and regulatory expectations.

Z

Zdravie.sk, s.r.o.

zdravie.sk

56

Zdravie.sk is a well-established Slovak health and lifestyle portal founded in 2004, operated by Zdravie.sk, s.r.o. It offers comprehensive health information, lifestyle content, medical news, and community forums targeting a general audience in Slovakia. The website enjoys a strong market position as a popular and trusted source of health-related content. Technically, the site uses a modern tech stack including Google Fonts, Google Analytics, Facebook SDK, and multiple advertising platforms. It is hosted with Google Domains and employs HTTPS for secure communications. However, the site lacks explicit privacy and cookie policies and does not display security headers, which are areas for improvement. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the site demonstrates good content quality and business credibility but could enhance privacy compliance and security posture.

Z

Zoznam, s.r.o.

plnielanu.sk

58

Plnielanu.sk is a Slovak lifestyle and health-oriented media website operated under the company Zoznam, s.r.o. It provides inspirational content focused on maintaining a healthy and active lifestyle for a general adult Slovak-speaking audience. The website leverages a WordPress CMS with Yoast SEO for content management and optimization, supported by a range of modern marketing and analytics tools including Google Tag Manager, Facebook Pixel, Gemius, and Didomi for GDPR-compliant consent management. The site integrates advertising networks such as Google Ad Manager and Adform, indicating a business model reliant on content publishing and advertising revenue. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are not published. Overall, the website presents a professional and trustworthy digital presence consistent with a regional media brand.

S

Slovenská produkčná, a.s.

prezenu.sk

62

The website zenske.joj.sk is a Slovak lifestyle media portal targeting contemporary women with content focused on fashion, health, relationships, and entertainment. It is operated by Slovenská produkčná, a.s., a recognized media company in Slovakia. The site features a professional design, consistent branding, and a clear navigation structure that supports user engagement. The business model is primarily advertising-driven, leveraging multiple ad networks and analytics platforms integrated with a consent management system to comply with privacy regulations. Technically, the site uses modern JavaScript libraries and ad bidding frameworks, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security and incident response policies are not published. Privacy compliance is supported by a visible cookie consent mechanism, but a dedicated privacy policy page was not found in the analyzed content. Overall, the domain registration data aligns well with the website's business claims, supporting high legitimacy and trustworthiness.

Z

Zoznam, s.r.o.

vysetrenie.sk

59

The website vysetrenie.zoznam.sk is a Slovak health and wellness media portal operated by Zoznam, s.r.o., a recognized media company in Slovakia. It provides a wide range of health-related content including articles, interviews, quizzes, and practical tools such as health calculators and listings of medical facilities. The site targets the general public interested in health, lifestyle, and medical information. Its business model is primarily content publishing supported by advertising revenue, positioning it as a significant player in the Slovak online media landscape focused on health topics. Technically, the website employs a modern technology stack including Google Tag Manager, jQuery, Vue.js, and multiple advertising and analytics platforms such as Google Ad Manager, Gemius, and Yieldbird. The site is mobile optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with asynchronous loading of scripts to enhance user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers. It uses a comprehensive consent management platform (Didomi) to comply with GDPR requirements, reflecting a mature privacy posture. However, explicit security policies and incident response contacts are not published, and there is no security.txt file for vulnerability disclosure. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website presents a low-risk profile with strong legitimacy and trustworthiness, supported by consistent WHOIS registration data matching the business identity. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

Z

Zoznam, s.r.o.

feminity.sk

57

Feminity.sk is a Slovak lifestyle media website operated by Zoznam, s.r.o., offering content focused on fashion, beauty, health, horoscopes, and celebrity news. The site targets a broad audience of modern Slovak men and women interested in lifestyle topics. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates multiple third-party analytics and advertising services, and uses a CDN for content delivery. It demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, uses standard security headers, and implements GDPR-compliant cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact information. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

Z

Zoznam s.r.o.

sportky.sk

58

Športky.sk is a Slovak-language sports news portal operated by Zoznam s.r.o., providing comprehensive coverage of sports such as football, hockey, tennis, and cycling. The site targets Slovak sports fans with up-to-date results, event calendars, and multimedia content. It holds a solid market position as part of the established Zoznam media brand. Technically, the website employs modern JavaScript frameworks including Vue.js and jQuery, integrates Google Analytics and Tag Manager for tracking, and uses Didomi for GDPR-compliant cookie consent management. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, HTTPS is enforced and basic security headers are present, though some headers like HSTS and X-Content-Type-Options should be confirmed or added. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear cookie policy and consent mechanism. However, explicit contact details and terms of service pages are not directly found on the site, which could be improved for transparency. Overall, the website is professional, trustworthy, and well-maintained, suitable for its audience and business model.

Z

Zoznam s.r.o.

dromedar.sk

57

The website dromedar.zoznam.sk is a Slovak travel magazine operated by Zoznam s.r.o., offering travel articles, tips, and cultural content aimed at Slovak-speaking travel enthusiasts. The site is well-branded, professionally designed, and provides a rich content experience with clear navigation and mobile optimization. Technically, it employs modern JavaScript libraries such as jQuery and Vue.js, integrates multiple analytics and advertising platforms, and uses a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site demonstrates good privacy compliance and business credibility, with WHOIS data confirming legitimacy and consistency with the brand.

N

News and Media Holding a.s.

novycas.sk

56

Nový Čas is a leading Slovak online daily newspaper operated by News and Media Holding a.s., providing current news from domestic and international sources including scandals, crime, and sports. The website is professionally designed with a consistent brand presence and targets a general audience interested in news media. Technically, the site uses modern web technologies such as Next.js, Google Tag Manager, and integrates multiple third-party advertising and analytics services. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is adequate with HTTPS enforced but lacks security headers and published security policies. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. WHOIS data confirms the legitimacy and consistency of the domain registration with the business entity. Overall, the website is a credible and professional news platform with room for improvement in privacy and security transparency.

U

UPSA

upsa.com

47

UPSA is a well-established French pharmaceutical company founded in 1935, specializing in self-medication products, medical devices, and nutritional supplements. It operates one of the largest pharmaceutical industrial sites in Europe and holds a strong market position as the leading manufacturer of paracetamol-based medicines in France. The website reflects a mature digital presence with multilingual support, professional design, and comprehensive content targeting patients, pharmacists, and healthcare professionals. Technically, the site is built on WordPress with modern frameworks and analytics tools, optimized for performance and mobile devices. Security posture is strong with HTTPS, bot protection, and secure forms, though explicit security headers and incident response information could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. However, the WHOIS data is missing or privacy protected, which is unusual for a company of this stature and warrants further verification. Overall, UPSA's website demonstrates a high level of professionalism, trustworthiness, and digital maturity.

Chaumet is a prestigious French luxury jeweller and watchmaker with a heritage dating back to 1780. The company operates a sophisticated e-commerce platform alongside its physical boutiques, targeting affluent consumers seeking high-end jewellery and watches. The website reflects the brand's luxury positioning with professional design, internationalization, and rich product offerings. Technically, the site leverages Magento as its CMS, enhanced with RequireJS, Algolia search, and advanced analytics tools such as Google Tag Manager and New Relic for performance monitoring. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and privacy policies suggests room for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for luxury brands. Overall, the site is well-positioned in its market with a solid digital presence but should enhance transparency and security practices to further strengthen user trust and compliance.

Hubbub is a specialized WordPress plugin provider focused on audience growth and website customization tools. Their flagship product offers features such as personalized email sign-up forms, social sharing buttons for over 18 networks, Pinterest sharing options, and integration with the Fediverse. The company positions itself as a niche player in the WordPress plugin market, targeting bloggers, marketers, and website owners seeking to convert visitors into engaged subscribers. The business is relatively new, founded in 2023, and operated by NerdPress, a certified B Corp, indicating a commitment to social and environmental standards. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Easy Digital Downloads for e-commerce, Affiliate WP for affiliate marketing, and analytics tools like Google Tag Manager and Microsoft Clarity. Hosting and DNS are managed via Cloudflare, providing performance and security benefits. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the site uses HTTPS with a good SSL configuration and domain transfer protection. However, DNSSEC is not enabled, and several security headers are not explicitly detected, representing areas for improvement. No privacy or cookie policies were found, which is a compliance gap, especially for GDPR. No explicit contact information or incident response policies are publicly available, limiting transparency in security and privacy matters. Overall, the website is professional, trustworthy, and well-designed but would benefit from enhanced privacy compliance and security policy disclosures to improve user trust and regulatory adherence.

T

Tabidoo

tabidoo.cloud

64

Tabidoo is a SaaS low-code platform founded in 2016, offering a comprehensive suite of business applications including task management, CRM, project tracking, and document management. The platform targets businesses and teams seeking efficient data management and app creation without extensive coding. Positioned as a competitive alternative to platforms like Notion and Airtable, Tabidoo emphasizes ease of use, affordability, and rapid deployment. The website reflects a mature digital presence with multi-language support and strong branding consistency. Technically, the site leverages modern cloud infrastructure, including Cloudflare DNS and CDN, Google Tag Manager, Microsoft Clarity, and Cookiebot for consent management, ensuring good performance and compliance. Security posture is strong with HTTPS enforcement, domain transfer protections, and a dedicated security page, though DNSSEC is not enabled and no explicit incident response contacts or security.txt file were found. Overall, the site is professional, trustworthy, and well-optimized for SEO and accessibility.