Security Directory

C

CONSTRUCTS SOLUTIONS

construct-solutions-renovation.be

57

CONSTRUCTS SOLUTIONS is a small, established construction and renovation company based in Belgium, serving Brussels and surrounding areas. With over 30 years of experience, it offers a comprehensive range of services including new construction, complete renovation, electrical work, plumbing, and exterior and interior works. The company emphasizes quality, compliance with standards, and customer satisfaction. The website is professionally designed, mobile-optimized, and includes structured data for local business identification. Technically, it uses modern web technologies such as jQuery, Google Tag Manager, and reCAPTCHA to enhance user experience and security. Security posture is good with HTTPS and CAPTCHA protections, though some security headers and explicit policies are missing. Privacy and cookie policies are present and GDPR compliant. WHOIS data is unavailable due to registry restrictions, which slightly impacts trust but the website content and business information appear legitimate and professional.

C

Cabinet Fabre Avocat

cabinetfabre-avocats.fr

55

Cabinet Fabre Avocat is a specialized law firm based in Montigny-le-Bretonneux, France, with over 20 years of experience in criminal law and personal injury indemnification. The firm focuses on defending victims and accused parties with a rigorous and strategic approach, serving clients primarily in the Yvelines region. Their services include criminal defense, victim support, road traffic law, and legal consultation. The website reflects a professional and modern legal practice with strong client testimonials and certifications, positioning the firm as a trusted local legal expert. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, Google reCAPTCHA, and service workers for PWA capabilities. It is well-optimized for SEO, mobile-friendly, and includes accessibility features. Security practices include HTTPS enforcement and spam protection on forms, although some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, enhancing user trust. The security posture is solid with no detected vulnerabilities or exposed sensitive data. However, the WHOIS data for the domain is unavailable, which limits verification of domain registration details and raises a moderate concern about domain legitimacy. Despite this, the website content and business information strongly support the firm's credibility. Overall, the website is professional, secure, and user-friendly, serving its target audience effectively. Strategic improvements in security headers and domain registration transparency are recommended to further enhance trust and compliance.

P

Purple Motorsport

garage-motorsport.be

63

Purple Motorsport is a small, local automotive garage based in Andenne, Belgium, specializing in comprehensive vehicle repair and maintenance services including bodywork, mechanical repairs, glazing, tires, and circuit vehicle servicing. The company positions itself as a trusted expert with a focus on customer satisfaction, offering personalized services such as free loaner vehicles and flexible scheduling. The website reflects a professional and consistent brand image with clear contact information and service descriptions. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and a cookie consent framework, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though HTTP security headers are not explicitly detected. The WHOIS data is unavailable due to registry restrictions, which slightly impacts domain trustworthiness, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, making it a reliable online presence for the garage.

H

Healthyfit Be Free

healthyfitbefree.com

57

Healthyfit Be Free is a small French healthcare business specializing in personalized sports coaching and nutritional guidance primarily serving the Paris 8 and 16 arrondissements and nearby areas. Founded in 2021 by Éric Capel, the company offers in-home and corporate coaching services, complemented by a line of nutritional products under the Beautysané brand. The website demonstrates a professional and consistent brand presence with strong customer trust signals such as positive Google reviews and active social media profiles. Technically, the site uses modern web technologies including Google Tag Manager, jQuery, and cookie consent management, and is optimized for mobile and accessibility. Security posture is good with HTTPS and cookie consent but lacks published security policies or incident response contacts. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency and legitimacy. Overall, the site is well-built and trustworthy from a user perspective but would benefit from improved domain registration transparency and enhanced security disclosures.

0

007Hebergement

007hebergement.com

67

007Hebergement is a French web hosting company established in 2004, offering affordable, fast, and secure hosting solutions tailored for both beginners and professionals. Their services include web hosting, domain registration, email hosting, and website creation tools such as SiteBuilder Pro. The company emphasizes customer satisfaction, with extensive client testimonials and certifications like ISO 27001, positioning itself as a trusted player in the French hosting market. Technically, the website is built on WordPress with modern libraries and frameworks, optimized for SEO and mobile use, and integrates analytics and marketing tools responsibly. Security measures include HTTPS, WAF, anti-malware, and daily backups, though some security headers and incident response disclosures are missing. The WHOIS data is absent or privacy-protected, raising concerns about domain registration legitimacy despite the professional presentation. Overall, the site is high quality but would benefit from improved transparency on domain registration and security policies.

З

Златна фирма

zlatnafirma.eu

55

The website 'Златна фирма' serves as an online platform awarding and listing the best-rated companies in Bulgaria based on customer reviews from trusted sources such as Google Maps and Facebook. It targets Bulgarian consumers and businesses seeking reliable service providers, offering a searchable database and a recognition program for companies with high positive feedback. The platform is positioned as a niche market player focused on enhancing business visibility through customer trust signals. Technically, the site employs modern JavaScript frameworks and Google Tag Manager for analytics, with responsive design and moderate performance. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and explicit incident response policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional and trustworthy but could improve in security and privacy transparency to enhance user trust and regulatory compliance.

C

Cap Créa

capcrea.com

68

Cap Créa is a French non-profit community dedicated to supporting entrepreneurs and business creators through a network of ambassadors. The website promotes entrepreneurial pride and the importance of accompaniment for successful business projects. Technically, the site is built on Drupal 11 with modern JavaScript libraries and is mobile optimized, offering a good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some security headers and formal privacy documentation. The absence of WHOIS data for the domain is a notable concern, potentially impacting trust. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

C

Clees Unternehmensgruppe

clees.net

21

Clees Unternehmensgruppe is a medium-sized, owner-managed real estate company specializing in the construction, development, rental, and management of residential and commercial properties across Germany. The company has a long-standing market presence of approximately 50 years, offering a portfolio of well-maintained apartments, houses, commercial spaces, and land. Their business model focuses on both new developments and revitalization of existing properties, targeting tenants, property owners, and business partners. The website is professionally designed using TYPO3 CMS and modern frontend libraries, providing good user experience and mobile optimization. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. Privacy policy and terms of service are present, indicating basic GDPR compliance. Contact information is clearly provided, enhancing business credibility.

I

Il Tempo

iltempo.it

69

Il Tempo is a well-established Italian news media website providing comprehensive coverage of politics, current affairs, economy, foreign news, and culture. The site targets a general audience interested in Italian and international news, leveraging a digital advertising-supported business model. It maintains a strong digital presence with active social media channels and video content offerings. Technically, the website employs modern web technologies including jQuery, Google Fonts, and various analytics and advertising scripts, ensuring a responsive and user-friendly experience across devices. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms compliant with GDPR standards, and uses security headers to protect users. However, explicit privacy policies, terms of service, and incident response contacts are not clearly found, representing areas for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

L

LGBTI Pathways

lgbtipathways.org

51

LGBTI Pathways is a recently established (2023) global non-profit initiative focused on improving funding and resources for LGBTI communities worldwide. The project operates through regional surveys and analyses, engaging activists, donors, and governments to align funding with community needs. The website is built on WordPress with modern plugins and technologies, providing a professional and accessible user experience. Security posture is good with HTTPS and cookie consent mechanisms, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR-aligned cookie consent. Business credibility is supported by clear organizational information and transparent domain registration. Overall, the website presents a trustworthy and professional front for the LGBTI Pathways project.

Bezirksgemeinschaft Vinschgau is the official regional government body serving the Vinschgau district in South Tyrol, Italy. The website provides comprehensive information about regional administration, social services, environmental management, and regional development initiatives. It targets residents and stakeholders within the district, offering public services and community engagement through news, events, and online services. The organization holds a stable market position as a government entity with a medium-sized operational scope. Technically, the website is built on the GEM2GO platform using ASP.NET WebForms and incorporates legacy JavaScript libraries such as jQuery 1.7.2 alongside modern tools like Slick Carousel and FontAwesome. The site is mobile-optimized, accessible, and performs moderately well. It employs Matomo analytics with privacy-conscious configurations and provides a cookie consent mechanism aligned with GDPR requirements. From a security perspective, the site enforces HTTPS and uses session cookies securely. However, it lacks explicit security headers like CSP and X-Frame-Options, and the use of outdated JavaScript libraries could pose risks. No incident response or vulnerability disclosure policies are published, which could be improved to enhance security posture. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. Strategic recommendations include updating JavaScript libraries, implementing comprehensive security headers, and publishing security policies to strengthen trust and resilience.

H

Huwise

opendatasoft.fr

70

Huwise is a French technology company specializing in data product marketplace solutions designed to simplify and secure data consumption and sharing. The company targets data leaders, IT, business leaders, and public sector organizations, offering a SaaS platform that integrates data cataloging, governance, AI-enhanced search, and collaboration features. Recognized by Gartner and trusted by over 350 clients including major financial and public institutions, Huwise positions itself as a leading solution in the data sharing market. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and uses various JavaScript libraries for enhanced user experience and analytics, including Matomo and Google Tag Manager. The site is well-optimized for SEO, mobile-friendly, and includes a cookie consent mechanism compliant with GDPR. From a security perspective, the site enforces HTTPS and uses consent management tools but lacks explicit security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is unusual but the website's professional presentation and client references support its legitimacy. Overall, Huwise presents a mature and professional digital presence with strong business credibility. Strategic improvements in security transparency and WHOIS registration clarity are recommended to enhance trust and compliance.

S

Südtiroler Kulturinstitut

tanzbozen.it

48

Tanz Bozen / BolzanoDanza is a well-established cultural and educational institution based in Italy, specializing in contemporary dance workshops and festivals. The organization operates under the Südtiroler Kulturinstitut and has been active since 2004, offering a variety of dance courses, events, and community engagement activities. Their website reflects a professional and consistent brand image targeting dance students, professionals, and cultural event attendees. The business model focuses on event organization and cultural education with a strong international presence in the dance community. Technically, the website is built on TYPO3 CMS and incorporates modern frontend technologies such as jQuery, Slick Carousel, Google reCAPTCHA, and Google Tag Manager. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, performance is moderate and accessibility features are basic. SEO practices are adequately implemented. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, the domain registration has recently expired, posing a risk to continuity and trust. No advanced security headers were detected, and DNSSEC is not enabled. There is no visible security policy or incident response contact information, which could be improved to enhance trust and compliance. Overall, the website is trustworthy and professional, with good privacy compliance and business credibility. Strategic recommendations include renewing the domain registration promptly, enabling DNSSEC, implementing security headers, and publishing security and incident response policies to strengthen the security posture and user trust.

A

Apecita

apecita-media.com

59

Apecita Media is a specialized French media platform providing news, resources, and employment information focused on the agriculture, agro-food, and environment sectors. The website offers a rich variety of content including sector news, career advice, quizzes, and professional resources, targeting professionals and job seekers in these industries. The platform maintains a consistent and professional brand image with active social media engagement and modern web technologies such as WordPress and Yoast SEO plugin. Technically, the site is well-structured, mobile-optimized, and uses performance-enhancing tools like WP Rocket. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks some security headers and explicit privacy and terms of service pages. The WHOIS data is missing or indicates the domain may not be registered, which is a significant risk factor for legitimacy. Overall, the site is trustworthy and professional in content but requires verification of domain registration and improvements in security and compliance documentation.

M

Mandai Park Holdings Pte. Ltd.

mandai.com

71

Mandai Wildlife Reserve is a prominent wildlife and nature destination in Singapore, operated by Mandai Park Holdings Pte. Ltd., a subsidiary of Temasek Holdings. The organization manages multiple wildlife parks and offers diverse services including ticketing, memberships, educational programs, event venues, and accommodations. The website reflects a strong market position with a focus on family and wildlife enthusiasts, supported by comprehensive content and consistent branding. Technically, the site is built on Adobe Experience Manager with modern analytics and marketing tools integrated, providing a good user experience with mobile optimization and accessibility considerations. Security posture is strong with HTTPS, security headers, and secure forms, though there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data slightly reduces domain trust. Strategic recommendations include enhancing security transparency and vulnerability disclosure mechanisms.

C

CENTRALNIC CANADA INC

roulette-en-ligne.ca

47

The website roulette-en-ligne.ca is a French-language Canadian online casino review platform specializing in roulette games. It provides detailed casino reviews, bonus offers, and game listings targeted at Canadian players interested in online gambling. The business operates primarily as an affiliate marketing site, promoting various reputable online casinos. The domain is registered in Canada with a consistent registrant and appropriate domain age, supporting its legitimacy. Technically, the site is built on WordPress and uses common web technologies such as jQuery, Bootstrap, and various JavaScript libraries for UI and analytics. Hosting is behind Cloudflare DNS, ensuring reliable delivery, though no active WAF challenge is detected. The site is moderately optimized for mobile and SEO, with good navigation and content quality. From a security perspective, the site uses HTTPS and includes tracking via Google Analytics and Yandex Metrika but lacks visible security headers and explicit privacy or cookie policies. No contact information or incident response details are provided, which reduces trust and compliance posture. There are no detected vulnerabilities or exposed sensitive data, but improvements in security headers and privacy compliance are recommended. Overall, the site is functional and professional but would benefit from enhanced privacy disclosures, security hardening, and transparent contact information to improve trust and compliance with data protection regulations.

P

Prognos AG

prognos.com

75

Prognos AG is a professional consulting and research firm specializing in economic and policy analyses, serving government, public sector, and business clients primarily in Germany and Europe. Their services encompass studies, forecasts, evaluations, and strategic consulting across sectors such as economy, innovation, climate, energy, and infrastructure. The company maintains a strong market position with over 200 experts and multiple European offices. Technically, the website is built on Drupal 10 with modern JavaScript libraries, offering good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but does not detract significantly given the professional site presentation. Overall, the site is well-designed, content-rich, and trustworthy, with moderate user tracking via Matomo analytics and compliance with GDPR indicated by comprehensive privacy and cookie policies.

I

IUCN

iucnleadersforum.org

71

The IUCN Leaders Forum website serves as a professional platform for promoting the 2024 edition of the IUCN Leaders Forum event, focusing on innovation and conservation. It is backed by the International Union for Conservation of Nature (IUCN), a well-established global environmental organization. The site provides comprehensive event details, speaker profiles, and multimedia content, targeting environmental leaders, policymakers, and sustainability professionals worldwide. The business model is non-profit, centered on convening stakeholders to advance nature-positive solutions. Technically, the website is built on Drupal 9 with Bootstrap 4, leveraging modern web technologies and performance optimizations such as lazy loading and responsive design. It integrates multiple marketing and analytics tools, including Google Tag Manager, LinkedIn Insights, and Twitter tracking, all managed with a clear cookie consent mechanism ensuring GDPR compliance. The site is hosted with Cloudflare DNS and secured with HTTPS, although DNSSEC is not enabled. From a security perspective, the website demonstrates good practices with HTTPS enforcement, domain locking, and cookie consent. However, there is room for improvement by enabling DNSSEC and publishing explicit security policies and vulnerability disclosure information. No critical vulnerabilities or security issues were detected. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations. It effectively supports the IUCN's mission to foster collaboration and innovation in environmental conservation through its Leaders Forum event.

H

Home Instead GmbH & Co.

homeinstead.de

51

Home Instead GmbH & Co. operates Germany's largest private home care and support service network, offering individualized and compassionate care for elderly and dependent individuals. With over 179 locations across 15 federal states, the company provides a broad range of services including senior care, dementia support, 24-hour care, and assistance for people with special needs. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technical infrastructure is based on WordPress with modern plugins for SEO and cookie consent, hosted on UI-DNS servers. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though explicit security policies and incident response details are not published. Overall, the domain registration data aligns well with the business claims, indicating high legitimacy and trustworthiness.

U

Penzion Švihák lázeňský - Ubytování v Jeseníkách - Velké Losiny

ubytovani-losiny.cz

47

The website www.ubytovani-losiny.cz represents a family-run pension located in the Jeseníky region of the Czech Republic, offering accommodation services with amenities such as a heated saltwater pool, sauna, and breakfast buffet. The business targets families, couples, individuals, and groups seeking comfortable lodging in a spa town environment. The site is well-structured with clear navigation and detailed service descriptions, supporting a positive user experience. Technically, the site employs modern frontend technologies including Bootstrap 4, jQuery, and Slick Carousel, and integrates Google Analytics and reCaptcha for tracking and security. However, the absence of visible security headers and privacy/cookie policies indicates room for improvement in security and compliance. The WHOIS data is unavailable, which limits domain legitimacy verification and slightly impacts trustworthiness. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security hardening.

J

Jez Koncept

jezkoncept.cz

47

Jez Koncept is a Czech hospitality and catering company with a history dating back to the 1990s. The company operates multiple gastronomic outlets including restaurants, canteens, cafes, catering services, and fine dining concepts. Their market position is that of an established regional player offering a wide range of food services targeting both corporate clients and general consumers. The website presents a professional image with clear branding and multiple service brands linked from the main site. Technically, the website is built on WordPress and uses modern JavaScript libraries such as jQuery, Slick Carousel, and Magnific Popup. Security measures include HTTPS enforcement and Google reCAPTCHA on the contact form, along with GDPR consent mechanisms. However, the absence of WHOIS data and some missing security headers slightly reduce the overall trust score. The site is fully accessible with no blocking or WAF challenges detected.

A

Artisan Financial Planning

artisanfinancialplanning.com

60

Artisan Financial Planning is a specialized financial advisory firm offering flat-fee financial planning and investment management services tailored specifically for musicians, performing artists, and creatives. The company positions itself as an affordable, transparent, and client-aligned alternative to traditional asset-based fee advisors, emphasizing simplicity and empathy in its service delivery. The website content is professionally crafted, targeting a niche market segment with clear messaging and trust signals such as professional certifications and media features. Technically, the website is built on a modern stack including jQuery, Bootstrap, Font Awesome, and Zephyr CMS. It integrates marketing and analytics tools such as Google Tag Manager, MailerLite, and Plausible Analytics, indicating a moderate level of digital maturity. The site is mobile optimized and provides a good user experience with clear navigation and professional design. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks several recommended security headers and does not provide a cookie consent mechanism, which could impact privacy compliance. The absence of WHOIS registration data is a notable anomaly that reduces trustworthiness, though the professional presentation and certifications mitigate some concerns. Overall, the website presents a low-risk profile with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing security headers, adding cookie consent, publishing incident response policies, and clarifying domain registration details to enhance trust and compliance.

N

Net 15

websee.fr

63

Websee is a French CMS platform developed by Net 15, specializing in creating professional, administrable websites for businesses, artisans, associations, and web agencies. The company emphasizes personalized service, responsive design, and compliance with modern web standards including GDPR and cookie consent. The website is well-structured, visually consistent, and provides clear contact channels and client testimonials, positioning itself as a trusted regional player in the web development market. Technically, the site uses a proprietary CMS with common JavaScript libraries and Matomo analytics, indicating a privacy-conscious approach. Security posture is adequate with HTTPS and cookie consent but lacks advanced HTTP security headers and explicit incident response policies. WHOIS data is unavailable, which slightly reduces domain trust assessment, but the overall business presence and content quality support legitimacy.

Jana Shoes is a German-based e-commerce retailer specializing in women's footwear, operating under the Wortmann Group umbrella. The website presents a professional and user-friendly shopping experience with a focus on comfort and fashion. The brand targets comfort-oriented female consumers with a broad product range and emphasizes quality and customer satisfaction. Technically, the site leverages Salesforce Commerce Cloud and integrates modern tracking and marketing tools, maintaining good performance and mobile optimization. Security posture is strong with HTTPS, secure payment options, and bot protection, though explicit incident response and vulnerability disclosure mechanisms are absent. Overall, the site is trustworthy, compliant with GDPR, and well-positioned in the retail footwear market.

H

Huwise

huwise.com

73

Huwise is a technology company specializing in providing a SaaS data product marketplace solution that enables organizations to centralize, manage, and share their data assets securely and interactively. The company targets data leaders, business teams, IT leaders, and CSR/ESG leaders across sectors such as energy, transport, banking, and government. Their market position is strong, supported by Gartner citations, a high NPS score, and a client base of over 350 organizations. The website reflects a mature digital presence with comprehensive content, multimedia, and customer testimonials. Technically, the website is built on WordPress with modern frameworks like Bootstrap and uses various JavaScript libraries for enhanced user experience. It integrates Matomo for analytics and Axeptio for cookie consent, indicating attention to privacy compliance. The site is mobile-optimized, fast-loading, and SEO-friendly. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms but lacks explicit security headers and incident response disclosures. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern and should be investigated to confirm domain registration legitimacy. Overall, Huwise presents a professional and trustworthy online presence with strong business credibility. The main risk lies in the missing WHOIS information, which impacts domain trustworthiness. Strategic recommendations include enhancing security header implementation, publishing incident response contacts, and verifying domain registration status.

M

Mandai Nature Fund

mandainature.org

61

Mandai Nature is a Singapore-based conservation organization focused on protecting threatened species, restoring ecosystems, and supporting communities in Southeast Asia. Established in 2020 as the conservation arm of Mandai Wildlife Group and funded by Temasek, it operates as a non-profit entity delivering impact through catalyzing conservation programs, building capacity, and convening partnerships. The website is professionally designed using Adobe Experience Manager, with modern technologies and good mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, but could be improved by adding explicit security headers and cookie consent mechanisms. Privacy policies are comprehensive and GDPR compliant, though cookie policy and incident response information are lacking. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the website content and external references support legitimacy. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices.

P

PayLife

paylife.at

72

PayLife is a financial services company specializing in credit cards for private and business customers in Austria. The website showcases a broad portfolio of credit card products including Black, Platinum, GoldPlus, Classic, and student cards, along with prepaid cards and insurance offerings. The company is positioned as a premium provider with strong ties to the Bawag Group, a major Austrian banking group. The site emphasizes security awareness, including active phishing warnings and advice, reflecting a commitment to customer protection. Technically, the website is built on CoreMedia CMS and integrates modern tracking and consent management tools such as Google Tag Manager, Adobe Launch, and Cookiefirst. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS and Content-Security-Policy headers, though additional headers could enhance protection. WHOIS data is unavailable due to NIC.AT restrictions, but the website's professional presentation and linkage to known parent companies support its legitimacy. Overall, PayLife's digital presence reflects a mature, secure, and customer-focused financial service provider.

J

JOJ Group

jojgroup.sk

55

JOJ Group is the largest media group in Slovakia, offering a broad range of media broadcasting and advertising services. The company operates multiple TV stations and online media brands, targeting a general audience in Slovakia. Their business model focuses on media production, broadcasting, and advertising sales, positioning them as a market leader in the Slovak media industry. The website reflects a professional and modern digital presence with good content quality and clear branding. Technically, the site is built on WordPress with modern JavaScript libraries and includes a consent management platform for GDPR compliance. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

C

Chaty

chaty.app

64

Chaty is a technology company offering a SaaS chat widget solution that integrates multiple popular messaging platforms such as WhatsApp, Facebook Messenger, Telegram, and more into a single widget for websites. The company targets website owners, e-commerce businesses, and customer support teams aiming to improve customer engagement and conversion rates. With over 300,000 websites using Chaty and a strong base of positive reviews, Chaty holds a solid market position in the customer communication tools sector. Technically, the website is built on WordPress with modern JavaScript libraries and supports multiple platforms including Shopify, Wix, and BigCommerce, reflecting a mature and versatile digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, Chaty enforces HTTPS, implements key security headers, and avoids exposing sensitive data, though it lacks a publicly visible security policy or incident response plan. Privacy compliance is partially addressed with a comprehensive privacy policy and GDPR page, but the absence of a cookie consent mechanism is a notable gap. Overall, Chaty presents a trustworthy and professional online presence with room for improvement in privacy and security transparency.

M

Mairie de Gigean

ville-gigean.fr

54

The website ville-gigean.fr is the official online presence of the municipal government of Gigean, a commune in the Hérault department of France. It provides residents and visitors with municipal information, local news, event calendars, administrative procedures, and contact options. The site targets local citizens and stakeholders interested in community services and updates. The business model is public service oriented, with no commercial intent, focusing on transparency and community engagement. Technically, the site is built on Joomla CMS with modern frontend technologies including Bootstrap 5, jQuery, Vue.js, and popular UI libraries like Font Awesome and Slick Carousel. Hosting is provided by OVH, a reputable French hosting provider. The site demonstrates good mobile optimization, accessibility features, and SEO practices, though performance is moderate likely due to rich media and scripts. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms with high privacy settings. It uses reCAPTCHA for form protection and social sharing tools with minimal tracking. However, explicit security headers like CSP and X-Frame-Options are not evident, and no dedicated security or incident response policies are published. No vulnerabilities or suspicious content were detected. Overall, the site is trustworthy, professionally maintained, and compliant with GDPR requirements. It serves its purpose as a municipal information portal effectively. Strategic recommendations include enhancing security headers, publishing security policies, and adding a vulnerability disclosure mechanism to improve transparency and resilience.

P

Place du Village

place-du-village.fr

44

Place du Village is a French SaaS provider specializing in communication solutions for local governments and municipalities. Their platform offers a unified interface to manage multi-channel communication and citizen engagement, targeting public administrations with a subscription model starting at 68 €HT per month. The website reflects a niche market positioning with a professional and consistent brand presence. Technically, the site is built on WordPress and leverages modern libraries such as Bootstrap 5, jQuery, and Mapbox GL JS, hosted behind Cloudflare for performance and security. Security posture is adequate with HTTPS and cookie consent implemented, but lacks explicit security policies and vulnerability disclosure mechanisms. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

I

Institut Technologique FCBA

fcba.fr

9

Institut Technologique FCBA is a French industrial technical center specializing in forestry, cellulose, wood construction, and furniture sectors. It provides a range of services including innovation support, environmental performance evaluation, training, laboratory testing, certification, and diagnostics. The organization targets professionals in these industries and holds recognized certifications such as Qualiopi, COFRAC, and ASI, positioning itself as a reputable technical institute in France. The website is built on WordPress with Elementor and uses modern web technologies including jQuery, Bootstrap, and various UI libraries. It features a cookie consent mechanism and is mobile-optimized with good navigation and content quality. However, some images have lazy loading errors, and explicit privacy and terms of service pages are not clearly found, indicating room for improvement in compliance and user experience. Security posture is moderate with HTTPS enabled and some security best practices observed, but lacks explicit security headers and a vulnerability disclosure mechanism. No WHOIS data was retrievable, limiting domain legitimacy verification, but the website content and structure suggest a legitimate and professional organization. Overall, the website is functional, professional, and trustworthy with recommendations to enhance privacy compliance, security headers, and user experience for improved trust and regulatory adherence.

C

CHI Créteil

chicreteil.fr

11

The Centre Hospitalier Intercommunal de Créteil (CHI Créteil) is a large public healthcare institution serving the Créteil region in France. The website provides comprehensive information about the hospital's services, specialties, patient resources, and professional opportunities. It is well-positioned as a regional healthcare provider with a strong focus on accessibility, patient care, and medical expertise. The site also highlights research and teaching activities, indicating an integrated healthcare and academic mission. Technically, the website is built on WordPress with modern web technologies including jQuery, Slick Carousel, and Google Fonts. It uses Matomo analytics configured with privacy by design, and a robust cookie consent mechanism via Tarteaucitron, reflecting a mature approach to privacy compliance. The site is mobile-optimized and accessible, with clear navigation and professional design. From a security perspective, the site enforces HTTPS and employs cookie consent controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly present and should be implemented to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations. The lack of WHOIS data is typical for .fr domains and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular updates to plugins and CMS to mitigate vulnerabilities.

A

Altice Europe

altice.net

64

Altice Europe was a major telecommunications company with a long-standing domain registration since 2003. The website currently serves as an archive following the company's delisting and cessation of operations. It primarily directs investors to Altice France and Altice International for ongoing information. The technical infrastructure is based on Drupal CMS with legacy JavaScript libraries, showing moderate digital maturity. Security posture is basic with HTTPS enforced but lacking DNSSEC and security headers. Privacy and cookie policies are absent, indicating compliance gaps. Overall, the website is functional but minimal, with limited business and security disclosures.

B

Best4Run Běžecká speciálka

best4run.cz

54

Best4Run is a Czech Republic based specialty retailer focused on running shoes, apparel, and equipment. Established in 2015, it operates both an e-commerce platform and a physical store in Přerov, serving customers from surrounding regions. The website offers a comprehensive product catalog, educational content, and diagnostic services for runners. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern web technologies and multiple analytics and marketing tools with user consent mechanisms. Security posture is good with HTTPS and CSRF protections, though some security headers could be improved. The absence of WHOIS data reduces domain trust but the website content and business presence appear professional and legitimate. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations.

Z

Zoznam s.r.o.

sportky.sk

58

Športky.sk is a Slovak-language sports news portal operated by Zoznam s.r.o., providing comprehensive coverage of sports such as football, hockey, tennis, and cycling. The site targets Slovak sports fans with up-to-date results, event calendars, and multimedia content. It holds a solid market position as part of the established Zoznam media brand. Technically, the website employs modern JavaScript frameworks including Vue.js and jQuery, integrates Google Analytics and Tag Manager for tracking, and uses Didomi for GDPR-compliant cookie consent management. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, HTTPS is enforced and basic security headers are present, though some headers like HSTS and X-Content-Type-Options should be confirmed or added. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear cookie policy and consent mechanism. However, explicit contact details and terms of service pages are not directly found on the site, which could be improved for transparency. Overall, the website is professional, trustworthy, and well-maintained, suitable for its audience and business model.

Gočárova Galerie is a regional cultural institution based in Pardubice, Czech Republic, focused on art and architecture exhibitions, educational programs, and community engagement. The gallery operates under the auspices of the Pardubice regional government and offers a variety of exhibitions, workshops for children and adults, and event space rentals. The website is professionally designed, primarily in Czech, with clear navigation and a modern technical stack including jQuery, Foundation, and Google Tag Manager for analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and explicit security policies are not evident. The domain registration aligns well with the gallery's founding date, supporting legitimacy. Overall, the site presents a trustworthy and well-maintained digital presence for a government-supported cultural entity.

C

Commune de Champs-sur-Yonne

champs-sur-yonne.fr

54

The website champs-sur-yonne.fr serves as the official digital portal for the municipal government of Champs-sur-Yonne, France. It provides residents and visitors with essential information including local news, administrative procedures, municipal services, and contact details. The site is positioned as a trusted local government resource, focusing on transparency and community engagement. The business model is public service oriented, with no commercial activities evident. The website is well-branded and consistent with the identity of a small municipal entity founded in 2014. Technically, the site employs a modern technology stack including Bootstrap, jQuery, and several carousel libraries for UI enhancement. It uses hCaptcha for form protection and a cookie consent management tool (tarteaucitron.js) to comply with privacy regulations. Hosting is provided by OVH, a reputable French hosting provider. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the site enforces HTTPS and uses hCaptcha to mitigate spam on contact forms. However, it lacks visible HTTP security headers such as CSP or HSTS, and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is supported by a clear privacy policy and cookie consent mechanism, aligned with GDPR requirements. Overall, the website presents a low-risk profile with a solid foundation for public sector communication. Strategic improvements include enhancing security headers, publishing incident response information, and expanding accessibility compliance. These steps would strengthen the site's security posture and trustworthiness further.

O

Otipass

otipass.com

57

Otipass is a French company specializing in the digitization of territorial and cultural passes, including tourist and multiservice passes. The company positions itself as a market leader in France with a strong presence in public procurement catalogs and a network of city clients. The website is built on Joomla CMS using modern frameworks and includes integrations with analytics and marketing tools such as Matomo and Google Tag Manager. Security posture is good with HTTPS and cookie consent mechanisms, though explicit privacy policies and terms of service are not clearly found. WHOIS data is missing, which raises concerns about domain registration legitimacy, but the website content and client testimonials support a credible business presence. Overall, the site is professional, well-branded, and targets local governments and tourism sectors.

E

EKLEKTIK design & shop

eklekticky.cz

55

EKLEKTIK design & shop is a small Czech Republic based business specializing in interior design services and retail of unique home decorations and vintage furniture. The company operates both a physical store in Šumperk and an online e-shop, targeting customers interested in personalized interior design and stylish home accessories. The website is professionally designed, consistent in branding, and provides clear contact information and customer testimonials, indicating a trustworthy local boutique business. Technically, the website is built on the Shoptet CMS platform, utilizing common JavaScript libraries such as jQuery and Slick Carousel, and integrates Google Analytics and Facebook SDK for marketing and tracking purposes. The site is served over HTTPS with valid SSL, but lacks some security headers and up-to-date libraries, which could be improved to enhance security posture. Privacy and cookie policies are not explicitly present, representing a compliance gap with GDPR requirements. Overall, the website is accessible, functional, and presents a positive user experience with moderate technical maturity and a good security baseline.

J

JitroDesign

jitrodesign.com

50

JitroDesign is a small, specialized graphic design studio showcasing a portfolio of projects focused on cultural heritage, music albums, and art publications. The website is hosted on the Cargo Collective platform and uses modern web technologies including jQuery and Handlebars.js. The site is accessible without any WAF or security challenges and uses HTTPS, ensuring basic transport security. However, it lacks privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. The domain is well-established since 2011, registered through a reputable registrar, and aligns with the business's maturity. Overall, the site presents professional content with good design quality and moderate SEO and accessibility features.

L

Location iPad Toulosue

location-ipad-toulouse.com

46

The website www.location-ipad-toulouse.com operates as a local rental service agency in Toulouse, France, specializing in short and long-term rentals of electronic devices such as iPads, iPhones, Samsung devices, screens, and stands. The business targets both individuals and companies in need of such equipment, positioning itself as a responsive and proximity-based service provider. The website content is primarily in French and is optimized for search engines using Yoast SEO, with structured data implemented for enhanced visibility. Technically, the site is built on WordPress with modern plugins including Ninja Forms for contact forms and WP Rocket for performance optimization. The design is professional and mobile-friendly, providing a good user experience.

V

Van Tienhoven Foundation

vantienhovenfoundation.com

55

The Van Tienhoven Foundation is a small non-profit organization based in the Netherlands dedicated to providing small grants for the protection of threatened species and key ecosystems worldwide. Their focus is on practical, community-led conservation efforts that generate sustainable environmental impact. The website is professionally designed using WordPress with modern technologies such as jQuery and Slick Carousel, optimized for mobile and SEO. Security posture is good with HTTPS enabled and no visible vulnerabilities, though security headers and cookie consent mechanisms could be improved. The absence of WHOIS data limits domain trust verification but the presence of official documents, contact information, and testimonials supports legitimacy. Overall, the site effectively communicates its mission and services to conservation stakeholders globally.

N

NaKoncerty.cz

nakoncerty.cz

29

NaKoncerty.cz is a Czech language media portal dedicated to providing news, updates, and information about concerts, festivals, and the music scene in the Czech Republic. The website offers a variety of articles covering upcoming events, festival news, and concert reviews, targeting music enthusiasts and festival goers primarily in the Czech region. The business model revolves around content publication and advertising revenue, leveraging Google AdSense and Jetpack analytics for monetization and user insights. Technically, the website is built on the WordPress CMS platform, utilizing common web technologies such as jQuery, Slick Carousel, and FontAwesome for UI enhancements. The site is served over HTTPS with a good SSL configuration, ensuring secure data transmission. However, it lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. The website is mobile optimized with a responsive design and moderate performance. From a security perspective, the site demonstrates basic good practices such as HTTPS usage but misses critical security headers and formalized privacy compliance mechanisms. No vulnerabilities or exposed sensitive data were detected in the analysis. The WHOIS data is not publicly available, indicating privacy protection or registry restrictions, but the website content and structure suggest a legitimate and professional media portal. Overall, NaKoncerty.cz presents a well-structured and content-rich platform for music event information in the Czech Republic. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers, and providing clear contact information to improve trust and compliance. These steps will strengthen the site's security posture and business credibility while maintaining its role as a valuable resource for its audience.

C

CENTROPOL ENERGY, a.s.

centropol.cz

56

CENTROPOL ENERGY, a.s. operates as a reliable energy supplier in the Czech Republic, providing gas and electricity to households and businesses for over two decades. The company emphasizes fair pricing and additional customer benefits, positioning itself as a trusted player in the energy sector. The website reflects a professional digital presence with clear branding and relevant content tailored to its target audience. Technically, the site is built on WordPress with a modern technology stack including Google Tag Manager, Cookiebot for consent management, and reCAPTCHA for bot protection. While the site is mobile-optimized and SEO-friendly, there is room for improvement in accessibility and security headers implementation. Security posture is solid with HTTPS enforced and consent mechanisms in place, but lacks explicit security policies and incident response information. The absence of WHOIS data raises concerns about domain registration transparency, which slightly impacts overall trust. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve credibility and compliance.

Můj první gól is a Czech grassroots football project focused on supporting young beginner football players and clubs, operated under the Football Association of the Czech Republic (FAČR) and 2Score, s.r.o. The project offers recruitment events, training videos, school physical activity programs, and nutrition education, positioning itself as a recognized leader in youth football development in the Czech Republic, evidenced by its UEFA award. The website is professionally designed with consistent branding and clear navigation, targeting young athletes, their parents, and football clubs. Technically, the site uses modern JavaScript libraries and the Nette framework, hosted by Active24, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and cookie consent mechanisms, though security headers could be improved. No blocking or WAF interference was detected, allowing full content access. Overall, the site demonstrates a mature digital presence with good privacy compliance and trustworthy business information.

H

Haute-Garonne Ingénierie - Agence Technique Départementale (HGI-ATD)

atd31.fr

62

Haute-Garonne Ingénierie - Agence Technique Départementale (HGI-ATD) is a regional government technical agency serving the Haute-Garonne department in France. The organization provides a range of services including technical engineering support, legal and financial advisory, training for local elected officials, and information dissemination. The website targets local government officials and public sector entities, positioning itself as a trusted regional partner. The business model is public service oriented, focusing on supporting territorial communities with expertise and resources. Technically, the website is built on the Ametys CMS platform and employs modern JavaScript libraries such as jQuery and Slick Carousel. It uses Matomo analytics configured for privacy by design and implements a comprehensive cookie consent mechanism via tarteaucitron.js. The site is mobile optimized and demonstrates good SEO and accessibility practices, although some improvements in accessibility could be made. From a security perspective, the website enforces HTTPS and uses privacy-respecting analytics. However, it lacks visible security headers and does not publicly provide a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain WHOIS data is not publicly available due to AFNIC policies, but the domain and website content appear legitimate and consistent with a government entity. Overall, the website presents a professional and trustworthy digital presence for a regional government agency. Strategic recommendations include publishing a security policy, adding security headers, and providing incident response information to enhance transparency and security posture.

C

Communauté d'Agglomération Pays Basque

communaute-paysbasque.fr

63

The website www.communaute-paysbasque.fr serves as the official portal for the Communauté d'Agglomération Pays Basque, a regional government entity in France. It provides comprehensive information and services related to public utilities, environmental initiatives, transport, waste management, housing, agriculture, culture, and social services tailored for residents, businesses, and associations within the Pays Basque region. The site is multilingual, primarily in French, with Basque and Gascon language options, reflecting the local cultural context. Technically, the site is built on TYPO3 CMS, leveraging modern web technologies including jQuery, Matomo analytics with privacy by design, and a robust cookie consent mechanism via tarteaucitron.js. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience. Performance is moderate, with room for optimization. From a security standpoint, the site enforces HTTPS and uses privacy-focused analytics. However, explicit security headers are not clearly detected, and no public security policy or incident response contacts are provided. The absence of WHOIS registration data for the domain reduces trust from a domain legitimacy perspective, though the content and domain suffix strongly indicate a legitimate government site. Overall, the website is professional, trustworthy, and privacy-conscious, serving its public sector mission effectively. Strategic improvements in transparency around security policies, incident response, and domain registration details would enhance trust and compliance further.

A

Arcadis

arcadis.com

75

Arcadis is a leading global design and consultancy firm specializing in sustainable solutions for natural and built assets. With over 33,000 employees across more than 70 countries, the company generates significant revenues and maintains a strong market position in sectors such as energy, transportation, and real estate. The website reflects a mature, professional brand with comprehensive corporate information, investor relations, and a global footprint. Technically, the site leverages modern technologies including Sitecore CMS, Google Analytics, and Cookiebot for consent management, ensuring a robust digital presence with good performance and accessibility. Security measures such as HTTPS enforcement, reCAPTCHA on forms, and security headers are well implemented, though the site lacks a dedicated security policy or incident response contact details. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations like GDPR.

M

Mairie de Léguevin

ville-leguevin.fr

51

The website www.ville-leguevin.fr serves as the official online presence for the municipal government of Léguevin, France. It provides residents and visitors with access to local government information, administrative services, cultural activities, and community engagement resources. The site is positioned as a trusted source for municipal news and services, targeting local citizens and stakeholders. Technically, the site is built on WordPress, leveraging modern plugins such as Yoast SEO for search optimization and Matomo for privacy-conscious analytics. The site demonstrates good mobile responsiveness, accessibility, and user experience, with a clear navigation structure and professional design. Security-wise, the site uses HTTPS and implements a cookie consent mechanism with granular user control, but lacks some advanced security headers and a published security or privacy policy. The absence of WHOIS data is a notable anomaly, potentially indicating a recent registration or a WHOIS server issue, which slightly impacts trust. Overall, the site is functional, professional, and safe for general audiences, with room for improvement in privacy transparency and security hardening.