Security Directory

E

Eiffage

eiffageconstruction.com

54

Eiffage Construction is a major construction and real estate development company operating primarily in France and Europe. As a subsidiary of the Eiffage group, it offers expertise in construction, urban development, real estate promotion, and maintenance services. The website reflects a professional corporate presence with consistent branding and clear navigation aimed at business and public sector clients. Technically, the site uses modern JavaScript libraries and analytics tools, including jQuery, Google reCAPTCHA, and Piano Analytics, and appears to be built on the Jahia CMS platform. The site is mobile-optimized and includes accessibility features, although explicit security headers are not detected in the provided content. The WHOIS data for the domain is missing or unavailable, which is unusual for a corporate domain and warrants further investigation. Privacy compliance is supported by a cookie consent mechanism, but explicit privacy and terms of service pages were not found in the provided content. Overall, the website is professional and trustworthy, but the lack of WHOIS data and explicit contact/security policies are areas for improvement.

V

Ville de Balaruc-les-Bains

ville-balaruc-les-bains.com

62

The website ville-balaruc-les-bains.com serves as the official municipal portal for the town of Balaruc-les-Bains in France. It provides comprehensive information about the town's thermal spa services, cultural events, public services, urban planning, and social programs. The site targets residents, tourists, and local citizens, positioning itself as a key information hub for the community. The business model is that of a government entity providing public services and information. The website is well-branded and consistent with municipal identity. Technically, the site is built on Drupal 9 CMS with Bootstrap Barrio theme and uses modern web technologies including Font Awesome and Leaflet.js for maps. Google Tag Manager and reCAPTCHA are integrated for analytics and form security. The site is mobile optimized and accessible with good SEO practices. Hosting appears stable with a domain age since 2003, indicating maturity. From a security perspective, HTTPS is enabled and forms are protected with reCAPTCHA. However, DNSSEC is not enabled, and some security headers like Content-Security-Policy are missing. No vulnerability disclosure or security.txt file is present. Privacy compliance is partial with a cookie consent mechanism but no explicit privacy policy found. Social media presence is strong, enhancing trust. Overall, the website is safe, professional, and trustworthy with moderate security posture and good business credibility. Recommendations include enhancing security headers, enabling DNSSEC, publishing privacy and security policies, and improving privacy compliance documentation.

S

Santé publique France

santepubliquefrance.fr

57

Santé publique France is the official French national public health agency, providing authoritative information, surveillance, and prevention services related to public health. The website serves a broad audience including the general public, healthcare professionals, and policymakers. It is positioned as a key government institution in the healthcare sector in France, offering publications, studies, and health data. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for bot protection, and New Relic for performance monitoring, indicating a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy policy documentation in the provided content. Security posture is good with no evident vulnerabilities, but could be improved with better security headers and published incident response information. Overall, the site is trustworthy and professional, with a strong business credibility as a government entity.

E

Eiffage

aprr.com

60

APRR is a major motorway concession operator in France, managing a 2,410 kilometer network focused on sustainable and efficient mobility solutions. It operates under the umbrella of the Eiffage group, a large construction and infrastructure conglomerate. The website reflects a mature digital presence with comprehensive content about their services, sustainability initiatives, and corporate governance. Technically, the site uses modern JavaScript libraries, integrates video APIs, and employs cookie consent management tools, indicating a good level of digital maturity. Security-wise, HTTPS is enforced and reCAPTCHA is used, but explicit security headers and policies are not evident, suggesting room for improvement. The absence of WHOIS data is unusual but the website's branding and social media presence support its legitimacy. Overall, APRR's website is professional, compliant with privacy regulations, and serves its audience effectively.

A

ANCV Cheque-Vacances

cheque-vacances.com

57

ANCV Cheque-Vacances operates a well-established French government-backed program providing holiday vouchers to individuals and organizations, facilitating access to tourism, leisure, and cultural activities. The website reflects a mature digital presence with a strong brand, extensive partner network, and multiple user segments including public agents, enterprises, and tourism professionals. Technically, the site is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use, though some accessibility and security header improvements are recommended. Security posture is solid with HTTPS and bot protection, but lacks some advanced DNS and header configurations. Privacy compliance is minimal on the homepage, with no visible privacy or cookie policies, which should be addressed to meet GDPR standards. Overall, the domain registration and WHOIS data confirm legitimacy and consistency with the business claims.

E

EUROSTYLE, spol. s r.o.

footwork.sk

61

FootWork, operated by EUROSTYLE, spol. s r.o., is a well-established Slovak retail footwear business founded in 1993. The company offers a broad range of footwear, leather goods, hosiery, and care products from both Slovak and international brands. It operates multiple physical stores in Bratislava and Pezinok and maintains an e-commerce platform to serve a wider audience. The website is professionally designed with clear navigation and mobile optimization, supporting a positive user experience. The business targets general consumers seeking quality footwear at competitive prices.

The website sorties-scolaires-loireatlantique.com is operated by Loire-Atlantique Développement and serves as a regional platform for organizing school outings and pedagogical stays in the Loire-Atlantique area of France. It targets schools, teachers, and parents of primary and college students, offering educational trips and classes de découvertes. The site is positioned as a trusted regional educational tourism service provider with a medium-sized organizational footprint, founded in 2019. Technically, the website is built on WordPress with common plugins such as Yoast SEO, Google Analytics, and Complianz GDPR for cookie consent. The hosting registrar is Nuxit, and the site uses HTTPS with a good SSL configuration. Performance is moderate, with good mobile optimization and basic accessibility features. SEO is well implemented with proper meta tags and structured data. From a security perspective, the site benefits from HTTPS and reCAPTCHA on forms but lacks some security headers and DNSSEC. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a cookie consent mechanism but no explicit privacy policy or terms of service found in the analyzed content. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements include adding a comprehensive privacy policy, enabling DNSSEC, and enhancing security headers to strengthen the security posture and privacy compliance.

P

Play For Nature

playfornature.org

55

Play For Nature is a French non-profit organization dedicated to biodiversity conservation and environmental education. Founded in 2013, it operates by raising public awareness and collecting funds to support various conservation programs worldwide. The website serves as a platform to showcase supported projects, promote educational activities, and facilitate donations and sponsorships. The organization targets a general audience interested in environmental protection and biodiversity. Technically, the website is built on a modern WordPress CMS infrastructure using Elementor for page building and Yoast SEO for optimization. It employs standard web technologies including jQuery, Swiper.js for sliders, Google reCAPTCHA for form security, and CookieYes for cookie consent management. Hosting is provided by OVH sas, a reputable provider. The site is mobile-optimized and demonstrates good SEO practices. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements Google reCAPTCHA to protect forms. However, it lacks DNSSEC and visible security headers, which are recommended to enhance security posture. No privacy policy or terms of service pages were detected, which may impact compliance with GDPR and other regulations. Incident response and vulnerability disclosure mechanisms are not evident. Overall, the website is professional, trustworthy, and well-positioned within its niche. To improve, it should implement comprehensive privacy and security policies, enable DNSSEC, and add security headers. These steps will enhance user trust and regulatory compliance.

R

Ready for Boarding - travel not only by plane

readyforboardingblog.com

47

Ready for Boarding is a multilingual travel blog primarily targeting travel enthusiasts interested in experiences beyond air travel. Established around 2013, it offers travel stories, tips, and guides with a focus on Poland and Central Europe. The website is built on WordPress and integrates multiple third-party services including WooCommerce for e-commerce, Google Analytics for traffic analysis, and Facebook Pixel for advertising effectiveness. It employs a comprehensive cookie consent mechanism and privacy policy compliant with GDPR, reflecting a mature approach to privacy and user consent. Security posture is adequate with HTTPS enforced and use of Google reCAPTCHA, but lacks visible security headers and formal security policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate and consistent with a small professional travel blog. Overall, the site demonstrates good technical and content quality with room for improvement in security transparency and domain registration clarity.

G

Genesii

genesii.fr

52

Genesii is a French technology company specializing in bespoke web application development, custom websites, and AI integration services. Positioned as a small but innovative agency, it serves businesses seeking digital transformation solutions. The company holds the 'Jeune Entreprise Innovante' certification, highlighting its commitment to innovation and research, particularly in machine learning and e-learning platforms. The website is professionally designed, mobile-optimized, and provides clear contact information, supporting its business credibility. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery, Owl Carousel, and Swiper. It integrates Google Analytics, Google Tag Manager, and Calendly for marketing and scheduling. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, alongside a GDPR-compliant cookie consent mechanism. However, additional security headers and a published security policy would enhance its security posture. The security evaluation shows a good baseline with no detected vulnerabilities or exposed sensitive data. Privacy compliance is strong with visible policies and consent mechanisms. The absence of WHOIS data limits domain trust analysis, but the website content and certifications support legitimacy. Overall, the site is safe, professional, and trustworthy, with recommendations to improve security headers and incident response transparency. Strategically, Genesii should focus on enhancing its security documentation, expanding accessibility compliance, and maintaining transparency in data protection to strengthen trust and compliance in the evolving regulatory landscape.

B

Bwin Casino Oostende

casinooostende.be

40

Bwin Casino Oostende operates as a casino and entertainment venue in Belgium, offering casino gaming, events, jackpots, and restaurant services. The website is professionally designed using WordPress and Elementor, with modern web technologies and a cookie consent mechanism in place. Security posture is good with HTTPS and bot protection via Google reCAPTCHA, though explicit security headers and privacy policies are missing. The domain WHOIS data is restricted, which is common for privacy but reduces transparency. Overall, the site targets adult casino customers and maintains a moderate trust level.

C

CENTROPOL ENERGY, a.s.

centropol.cz

56

CENTROPOL ENERGY, a.s. operates as a reliable energy supplier in the Czech Republic, providing gas and electricity to households and businesses for over two decades. The company emphasizes fair pricing and additional customer benefits, positioning itself as a trusted player in the energy sector. The website reflects a professional digital presence with clear branding and relevant content tailored to its target audience. Technically, the site is built on WordPress with a modern technology stack including Google Tag Manager, Cookiebot for consent management, and reCAPTCHA for bot protection. While the site is mobile-optimized and SEO-friendly, there is room for improvement in accessibility and security headers implementation. Security posture is solid with HTTPS enforced and consent mechanisms in place, but lacks explicit security policies and incident response information. The absence of WHOIS data raises concerns about domain registration transparency, which slightly impacts overall trust. Strategic recommendations include publishing comprehensive privacy and security policies, enhancing security headers, and verifying domain registration details to improve credibility and compliance.

N

NH HOTEL GROUP, S.A.

nh-collection.com

77

NH Collection Hotels, operated by NH HOTEL GROUP, S.A., is a large international hospitality brand offering premium hotel accommodations across more than 100 hotels in 24 countries. The website targets travelers and business customers seeking quality lodging in major cities such as Madrid, Milan, and Barcelona. The business model focuses on direct online bookings, reservation management, and customer loyalty programs. The brand maintains consistent and professional digital presence with multilingual support and clear navigation.

V

Vinofol, s.r.o.

vinofol.cz

52

Vinofol, s.r.o. is a well-established family winery based in the Czech Republic, operating since 1992. The company specializes in producing and selling high-quality wines from the Mikulov and Novosedly regions, leveraging modern technology and traditional winemaking methods. Their market position is strong within the Czech wine retail sector, supported by a broad product range, including award-winning wines, and a multi-channel sales approach via e-shop and physical vinoték stores. The website reflects a mature digital presence with integrated marketing and analytics tools, providing a professional user experience and clear business information. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data is a notable gap in domain transparency but does not detract significantly from the overall legitimacy based on website content. The site targets adult consumers, implementing age verification due to alcohol sales regulations.

R

Rebrandly

rebrand.ly

74

Rebrandly is a leading SaaS company specializing in branded link shortening, campaign analytics, and QR code generation. Positioned as a market leader, it serves marketing teams, developers, agencies, and creators with a comprehensive smart link platform. The company emphasizes boosting click-through rates and proving campaign ROI through its services. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, Microsoft Clarity, and integrates advanced analytics and consent management tools. The site is well-optimized for performance, mobile responsiveness, and accessibility. Security-wise, Rebrandly demonstrates strong compliance with SOC 2, HIPAA, and GDPR standards, employs HTTPS with robust security headers, and uses CAPTCHA to protect forms. However, WHOIS data is unavailable, likely due to privacy protection, which is common for SaaS providers. Overall, the website is professional, trustworthy, and secure, with minor recommendations to improve transparency around vulnerability disclosure and incident response.

T

the new botanist

thenewbotanist.com

59

The New Botanist is a French ecological gardening initiative focused on promoting biodiversity by offering seed kits of local wildflowers to create pollinator refuges. The website is hosted on Squarespace, leveraging standard web technologies and security features such as HTTPS and HSTS. While the site is well-designed, mobile-optimized, and provides relevant content for environmentally conscious gardeners, it lacks explicit privacy, cookie, and terms of service policies, which impacts compliance and trust. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and structure suggest a legitimate small business. Security posture is strong with HTTPS and reCAPTCHA usage, but improvements in privacy compliance and contact transparency are recommended.

U

Université Bourgogne-Franche-Comté

ubfc.fr

43

Université Bourgogne-Franche-Comté (UBFC) is a prominent French higher education and research consortium offering a broad range of academic programs, research initiatives, and graduate schools. The institution targets students, researchers, academic staff, and enterprises, positioning itself as a key player in national education and research. The website reflects a mature digital presence with comprehensive content, clear navigation, and consistent branding. Technically, the site is built on WordPress with Elementor and integrates modern analytics and marketing tools such as Matomo and Facebook Pixel. Security posture is strong with HTTPS and reCAPTCHA, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, supporting trust and regulatory adherence. Overall, UBFC's website demonstrates professionalism, credibility, and a solid digital infrastructure.

P

PanneauPocket

panneaupocket.com

52

PanneauPocket is a French-based company providing a leading mobile application designed for local governments such as municipalities and intercommunal entities (EPCI) to communicate real-time information and alerts to residents. Established in 2017, the company has positioned itself as the number one mobile alert and information app in France, serving over 13,500 local entities including gendarmeries and covering approximately 8 million residents. Their key services include push notifications, RSS feeds, legal postings, directories, and event calendars, all aimed at enhancing local communication efficiency and citizen engagement. Technically, the website is built on WordPress with Elementor and leverages modern web technologies including Bootstrap, jQuery, and various JavaScript libraries for UI and analytics. The site is well-optimized for mobile devices and demonstrates good SEO and accessibility practices. Analytics tools such as Matomo and Microsoft Clarity are used for user behavior tracking, complemented by Google reCAPTCHA for form security. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but lacks explicit security headers like Content-Security-Policy and X-Frame-Options which are recommended for enhanced protection. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the domain is unavailable, which slightly reduces trust but is mitigated by strong business signals such as media coverage, partnerships with official organizations, and transparent contact information. Overall, PanneauPocket presents a professional, trustworthy, and well-maintained digital presence with a strong market position in the French local government communication sector. Strategic improvements in security headers and publishing a dedicated security policy would further enhance their security posture and trustworthiness.

A

Agence Gardeners

agencegardeners.com

45

Agence Gardeners is a creative and digital communication agency operating primarily in France and Switzerland. It offers a comprehensive suite of services including branding, communication strategy, web and e-commerce development, advertising, SEO, social media management, and influencer marketing. The agency positions itself as a one-stop shop, merging creative and technical expertise to deliver seamless communication strategies. The company is part of Groupe Gardeners and was formed from the merger of two agencies in 2019, indicating a medium-sized, well-established business with a strong regional presence. Technically, the website is built on WordPress with modern technologies such as Google Tag Manager, Google Analytics, Matomo, Vimeo, and Google reCAPTCHA. The site is well-optimized for mobile devices and SEO, with good accessibility features. Privacy compliance is addressed through cookie consent mechanisms and a privacy policy page. However, some security best practices like explicit security headers and published security policies are missing. The security posture is solid with HTTPS enforced and anti-bot protections in place, but the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Despite this, the professional website, social media presence, and multiple industry awards support the agency's credibility. Overall, the website and business demonstrate a mature digital presence with good security and privacy practices, though domain registration transparency should be verified. Strategic recommendations include enhancing security headers, publishing security policies, and clarifying domain registration details to improve trust and compliance.

G

Galio marketing s.r.o.

galio.cz

30

Galio marketing s.r.o. is a Czech Republic based small marketing and advertising agency established in 1999. The company offers services including graphic design, advertising, website development, e-commerce solutions, printing, and marketing. The website is professionally designed using WordPress with the Divi theme and integrates common marketing and analytics tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The content is primarily in Czech, targeting local businesses and individuals seeking marketing services. The domain registration data aligns well with the business information, indicating legitimacy and a long-standing presence in the market. However, the website lacks explicit privacy and terms of service pages, which are important for compliance and user trust.

E

Eiffage

eiffage.com

66

Eiffage is a leading European construction and concessions group specializing in infrastructure development, energy systems, and real estate. The company holds a strong market position as a major player in the construction sector, with a broad portfolio of subsidiaries covering various specialized domains such as construction, rail, metal works, and energy systems. The website reflects a professional corporate presence with consistent branding and comprehensive information about its group and subsidiaries. Technically, the website employs modern JavaScript libraries including jQuery, YouTube and Vimeo APIs, and integrates Google reCAPTCHA for form security. The use of OneTrust for cookie consent demonstrates compliance with GDPR and privacy regulations. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is well-structured, accessible, and optimized for SEO and mobile devices, supporting a positive user experience and trustworthiness.

T

TPF Ingénierie

tpf-i.fr

43

TPF Ingénierie is a well-established French engineering consultancy specializing in building, infrastructure, environmental, and energy sectors. The company positions itself as an independent international group with over 30 years of experience, offering multidisciplinary and innovative project management and engineering services. Their website reflects a professional and consistent brand image, targeting architects, urban planners, engineers, and enterprises seeking integrated and sustainable engineering solutions. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, WPBakery, and Slider Revolution, ensuring good SEO and user experience. Security-wise, the site uses HTTPS and Google reCAPTCHA for form protection but lacks some security headers and explicit security policies. Overall, the site is accessible, professional, and trustworthy, though improvements in privacy compliance and security posture are recommended.

V

Ville d'Argentan

argentan.fr

10

The website argentan.fr serves as the official digital presence for the city of Argentan, France, providing municipal information, citizen services, event updates, and tourism resources. It targets residents and visitors, positioning itself as a trusted government portal with a medium-sized operational scope. The site leverages a modern WordPress CMS infrastructure with popular plugins and frameworks such as Elementor, Bootstrap, and Leaflet.js, indicating a mature and maintainable technical foundation. Security measures include HTTPS enforcement, Google reCAPTCHA integration, and GDPR-compliant cookie consent management, though there is room for improvement in implementing comprehensive security headers. Overall, the site demonstrates a good balance of usability, compliance, and security for a government entity.

G

Générations Futures

victimes-pesticides.fr

54

Victimes-pesticides.fr is a French non-profit advocacy website operated by Générations Futures, dedicated to raising awareness about the health and environmental impacts of pesticide exposure. The platform primarily serves residents living near agricultural lands, professionals, and the general public concerned about pesticide risks. It collects and publishes detailed personal testimonies to support advocacy efforts and inform the public about pesticide-related health issues. The website is positioned as a niche player in environmental health advocacy within France. Technically, the site is built on WordPress, leveraging modern web technologies such as Yoast SEO for optimization, Leaflet.js for mapping, and Google reCAPTCHA for form security. Hosted by OVH, the site benefits from HTTPS encryption and standard security headers, ensuring a secure browsing experience. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the website follows best practices with HTTPS, security headers, and anti-bot measures. However, it lacks explicit privacy and cookie policies, incident response contacts, and data protection officer information, indicating areas for compliance improvement. No critical vulnerabilities or suspicious activities were detected. Overall, the site is a credible and professionally maintained platform with a clear mission. Strategic recommendations include implementing comprehensive privacy and cookie policies, publishing incident response contacts, enhancing accessibility, and maintaining transparency to strengthen trust and compliance.

G

Générations Futures

semaine-sans-pesticides.fr

46

The website 'Semaine pour les alternatives aux pesticides' is a professionally maintained platform promoting a non-profit event focused on alternatives to pesticides, organized by Générations Futures. It targets a general audience interested in environmental sustainability and agricultural alternatives, providing event information, news, and resources. The site is well-structured, multilingual, and uses modern web technologies including WordPress, Yoast SEO, and Leaflet.js for interactive maps. It integrates Google Analytics and Google reCAPTCHA for analytics and form security respectively. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. WHOIS data is not publicly available, indicating privacy protection, which is justified for this non-profit entity. Overall, the site is trustworthy, compliant with GDPR, and provides a good user experience.

K

Kredance

kredance.cz

56

Kredance is a Czech cultural organization specializing in dance and movement arts, providing a variety of courses, workshops, artistic residencies, and cultural events. The website reflects a niche market position focused on arts education and community engagement within the Czech Republic. The digital infrastructure is built on WordPress with WooCommerce integration, indicating e-commerce capabilities for event ticketing or course registration. The site uses modern web technologies including jQuery, Swiper.js for sliders, and Google reCAPTCHA for bot protection, demonstrating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit security policies. Privacy compliance is partially met with privacy and terms pages present, though cookie consent mechanisms are absent. Overall, the website is professional and trustworthy but could improve in privacy and security transparency.

L

LJ Studio, s.r.o.

lj.studio

59

LJ Studio, s.r.o. is a professional digital agency specializing in web design, branding, app development, ecommerce solutions, and AI-driven innovations. The company positions itself as a full-service creative and development studio powered by strategy and technology, targeting brands and companies seeking to enhance their digital presence. Their market position is supported by a portfolio of notable clients, case studies, and official partnerships such as with Shopify. Technically, the website is built on WordPress with modern plugins like Yoast SEO, Google Analytics, Facebook Pixel, and Smartsupp Live Chat, indicating a mature digital infrastructure. The site is well-optimized for mobile devices, uses HTTPS, and implements cookie consent mechanisms, reflecting a good level of digital maturity. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is basic, with cookie consent present but no explicit privacy policy page found in the provided content. Overall, the website is professional, trustworthy, and secure with minor areas for improvement in security headers and privacy disclosures. The domain WHOIS data is limited due to privacy protection but shows no suspicious patterns. The risk level is low, and the site is suitable for business use with recommended enhancements in compliance and security transparency.

I

IAB Slovakia

iabslovakia.sk

51

IAB Slovakia is the largest Slovak digital association operating in the internet advertising sector. It provides market rules, standards, ethical codes, supports professional networking, educates digital marketing professionals, and measures the traffic of Slovak online media. The website is built on WordPress and integrates modern technologies such as Google Tag Manager, Cookiebot for cookie consent management, Hotjar for user behavior analytics, and Google reCAPTCHA for bot protection. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional content. Security posture is strong with HTTPS enforced and multiple security headers present. Cookie consent is comprehensive and GDPR compliant, with detailed cookie categorization and user control. However, no explicit terms of service or security policy pages were found, and direct contact emails or phone numbers are not exposed on the site, relying on contact forms instead. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, the website demonstrates a mature digital presence with good security and privacy practices, suitable for its role as a professional industry association.

C

CRESS

cress-na.org

44

CRESS Nouvelle-Aquitaine is a regional non-profit organization dedicated to the development of the Social and Solidarity Economy (ESS) in the Nouvelle-Aquitaine region of France. The website serves as an informational and engagement platform targeting regional stakeholders interested in economic transition and social economy initiatives. The organization positions itself as a key regional actor supporting a just economic transition through ESS development. Technically, the website is built on WordPress using the Divi theme, incorporating modern web fonts, Matomo analytics for user tracking, and Google reCAPTCHA for form security. The site demonstrates good mobile optimization and SEO practices but lacks explicit privacy and cookie policies, which impacts privacy compliance. Security posture is moderate with the presence of reCAPTCHA but absence of visible security headers and unknown SSL configuration. WHOIS data is unavailable or malformed, limiting domain trust verification. Overall, the website is professional and relevant to its audience but would benefit from enhanced privacy disclosures and security hardening.

F

France Active Nouvelle Aquitaine

franceactive-aquitaine.org

50

France Active Nouvelle Aquitaine is a regional non-profit organization dedicated to supporting and financing small businesses and social economy structures in the Nouvelle-Aquitaine region of France. The website presents a professional and well-structured digital presence, leveraging WordPress with modern plugins such as Elementor and Yoast SEO to deliver content and services effectively. The organization targets entrepreneurs and social economy enterprises, offering accompaniment, financing, and networking opportunities. Technically, the site is hosted by OVH sas, uses HTTPS, and integrates analytics and tracking tools like Google Analytics and Facebook Pixel. Security measures include HTTPS and reCAPTCHA, but additional security headers and published policies could enhance the security posture. Privacy and cookie policies are not explicitly found, indicating an area for compliance improvement. Overall, the website is trustworthy, with consistent domain registration data and a clear business focus.

Č

Česká eventová asociace

c-e-a.cz

61

Česká eventová asociace (ČEA) is a professional association representing the largest group of event professionals in the Czech Republic. Founded in 2017, it serves as a networking and industry body for event professionals, providing services and community engagement within the event sector. The website is built on WordPress using the Divi theme, integrating modern technologies such as Google reCAPTCHA to secure forms and enhance user experience. The site is well-structured with good SEO practices and mobile optimization, targeting Czech-speaking event professionals and stakeholders. Security posture is adequate with HTTPS enforced and basic security practices in place, though explicit security headers and incident response policies are not published. Privacy compliance is partial, with a cookie policy and consent mechanism present but lacking a dedicated privacy policy or terms of service. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

C

CEA

leti-cea.com

10

The website represents CEA-Leti, a prominent French government-funded research center specializing in micro and nanotechnologies. It serves a broad audience including researchers, institutions, companies, and the general public. The site provides comprehensive information on applied research, industrial innovation, education, and partnerships. The business model focuses on collaborative R&D and technology transfer to industry. The organization holds a strong market position within European technological research. Technically, the site is built on Microsoft SharePoint, uses modern analytics (Matomo), and integrates security features like Google reCAPTCHA. The security posture is solid with HTTPS and no visible vulnerabilities, though security headers and explicit cookie consent are lacking. WHOIS data for the domain www.leti-cea.com is missing, which slightly reduces trust but the site’s affiliation with the official CEA domain and consistent branding supports legitimacy. Overall, the site is professional, informative, and trustworthy with room for improvement in privacy compliance and security headers.

Nadace Kutná Hora Památka UNESCO is a small non-profit foundation dedicated to the preservation and presentation of the historic center of Kutná Hora, a UNESCO World Heritage site. The foundation supports cultural heritage projects, documentation, and public education through exhibitions and events. The website is professionally designed with clear navigation and content relevant to its mission, targeting a general audience interested in cultural heritage and UNESCO sites. Technically, the site uses legacy JavaScript libraries such as jQuery 1.6.4 and includes Google reCAPTCHA and CookieScript for consent management. While HTTPS is enforced, the absence of security headers and use of outdated libraries present moderate security risks. The lack of WHOIS data reduces domain trustworthiness, but the website content and structure indicate a legitimate organization. Privacy compliance is addressed with a cookie consent banner and a basic privacy information page. Overall, the site is functional and trustworthy but would benefit from technical and security improvements.

T

Textileworld

textileworld.eu

58

Textileworld is a German-based B2B platform specializing in textile industry products and services, including a comprehensive product catalog and color matching systems. The website targets textile manufacturers and buyers primarily in Europe. The platform is built on Magento, indicating a mature e-commerce infrastructure with standard features such as user login and search capabilities. The technical stack includes jQuery, Google reCAPTCHA, and Google Analytics with IP anonymization, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and secure cookie settings; however, the absence of explicit security headers and privacy policies suggests room for improvement. The domain WHOIS data is privacy protected by EURid, which is common and acceptable for business websites, though it limits transparency. Overall, the website is professional and functional but could enhance trust and compliance by publishing clear privacy and security policies and improving technical security controls.

La Fabrique de la Cité is a French think tank focused on urban transitions, founded in 2010 and supported by the VINCI group. The organization collaborates with French and international stakeholders to develop innovative approaches to city planning and reconstruction. Their offerings include research publications, events, and urban projects aimed at sustainable urban development. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting urban planners, policymakers, and researchers. Technically, the website is built on WordPress using the Divi Builder framework, leveraging modern JavaScript libraries such as jQuery and Glide.js for UI components. It employs Google reCAPTCHA for form security and MailerLite for newsletter management. The site is mobile-optimized and demonstrates good SEO practices with Yoast SEO integration and structured data in JSON-LD format. From a security perspective, the site uses HTTPS and includes an invisible reCAPTCHA on forms, along with a cookie consent mechanism compliant with GDPR. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no public security or incident response policies are found. The WHOIS data for the domain is unavailable, which slightly reduces trust but is mitigated by the professional branding and VINCI backing. Overall, the website presents a low-risk profile with strong content quality and privacy compliance. Strategic recommendations include enhancing security headers, publishing a security policy, and improving WHOIS transparency to bolster trust and compliance.

N

Numo d.o.o.

numo.si

38

Numo d.o.o. is a premium creative digital agency based in Slovenia, founded in 2008. The company specializes in digital branding, creative design, and digital transformation services targeting ambitious brands seeking high-quality digital experiences. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the site is built on WordPress with modern frameworks like Bootstrap and integrates Google Tag Manager and reCAPTCHA for analytics and security. Security posture is solid with HTTPS and form protections, though additional HTTP security headers could enhance defenses. Privacy and cookie policies are implemented with consent mechanisms, supporting GDPR compliance. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility, supported by multiple industry awards and partnerships.

S

StudioV3

studiov3.fr

44

StudioV3 is a small French communication agency based in Laval, specializing in brand strategy, digital marketing, content creation, website development, video production, and event communication. The agency targets businesses and institutions seeking to enhance their brand presence and digital footprint. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive service descriptions. Social media integration and a blog further support their digital marketing efforts. Technically, the website runs on WordPress with modern technologies such as LiteSpeed Cache, Google Analytics, and reCAPTCHA for security. The site loads quickly and includes SEO best practices like meta tags and structured data. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy, although no explicit security policy or incident response information is provided. Security posture is solid with HTTPS enforced and anonymized analytics tracking, but the absence of security headers and vulnerability disclosure policies suggests room for improvement. The WHOIS data is unavailable, which slightly reduces trustworthiness, but the professional presentation and clear contact information mitigate concerns. Overall, StudioV3 presents a credible and professional digital presence suitable for its market niche, with recommendations to enhance security transparency and domain registration visibility for improved trust.

V

Vinné sklepy Lechovice, spol. s r.o.

vslechovice.cz

57

Vinné sklepy Lechovice, spol. s r.o. is a small regional wine producer based in the Czech Republic, specializing in wine production from their own vineyards in the Znojmo wine region. The company operates an e-commerce platform alongside physical stores and offers wine tourism experiences including degustations and cycling. Their market position is supported by certifications such as ISO 22000 and membership in the VOC association, indicating a commitment to quality and integrated production methods. The website is professionally designed with clear navigation and mobile optimization, supporting a positive user experience for their target audience of adult wine consumers and tourists. Technically, the website employs modern technologies including Google Analytics, Google reCAPTCHA for bot protection, and SmartSupp live chat for customer engagement. The site uses HTTPS with a strong SSL configuration and implements cookie consent mechanisms aligned with GDPR requirements. However, no explicit security headers were detected, and there is no published security or incident response policy, which could be improved to enhance trust and compliance. From a security perspective, the site demonstrates good practices such as age verification for alcohol sales and secure form handling. No vulnerabilities or exposed sensitive data were identified. The absence of WHOIS registration data is a notable concern, reducing the overall trustworthiness of the domain despite the professional appearance and legitimate business operations. Overall, the website scores well in content quality, technical implementation, and security posture but should address domain registration transparency and publish security policies to improve credibility. Strategic recommendations include implementing security headers, publishing incident response and security policies, and considering a security.txt file for vulnerability disclosures. These steps will strengthen the security posture and enhance user trust, supporting the company’s business growth and compliance efforts.

I

Iskra PIO d.o.o.

iskra-pio.si

45

Iskra PIO d.o.o. is a well-established Slovenian manufacturing company specializing in clean room solutions, operator and product protection, decontamination, laboratory equipment, and related engineering services. With over 30 years of experience and ISO 9001 and 14001 certifications, the company serves pharmaceutical, healthcare, and industrial sectors with a strong market presence. The website is professionally designed using Drupal 8, featuring modern analytics and privacy compliance mechanisms such as GDPR-aligned cookie consent and privacy policies. Security posture is strong with HTTPS enforcement and use of reCAPTCHA, though additional security headers and a formal security policy could enhance protection. Contact information is clearly provided, and the site includes client logos and certifications that build trust. No blocking or WAF challenges were detected, allowing full content access and analysis.

T

Toerisme Oostende

visitoostende.be

58

The website www.visitoostende.be is the official tourism portal for the city of Oostende, Belgium. It provides comprehensive information on local attractions, events, dining, shopping, accommodation, and cultural experiences. The site targets tourists and visitors seeking to explore Oostende and offers multilingual support in Dutch, French, German, and English. The business model focuses on promoting tourism and local businesses through curated content and event listings. Technically, the site is built on Drupal 9, employs modern web technologies, and integrates analytics and marketing tools such as Google Tag Manager, Facebook Pixel, and Ortto. Security measures include HTTPS, reCAPTCHA, and standard security headers, although some headers could be enhanced. The WHOIS data is restricted by DNS Belgium policy, limiting transparency but not detracting significantly from the site's legitimacy given its official nature. Overall, the site is professional, user-friendly, and secure, with room for improvement in privacy policy visibility and explicit security headers.

S

Silné reči

silnereci.sk

61

Silné reči is a Slovak entertainment company specializing in stand-up comedy and theatrical performances, operating since 2009. The website showcases their events, formats, and corporate offerings, targeting a general audience interested in comedy and live shows. The company maintains a strong brand presence with active social media channels and a ticketing partner domain. Technically, the site is built on WordPress with modern plugins for SEO, analytics, and cookie consent, hosted by Websupport with DNSSEC and HTTPS enabled, indicating a mature digital infrastructure. Security posture is solid with Google reCAPTCHA and error tracking via Sentry, though some security headers are missing. Privacy compliance is partially addressed through a detailed cookie consent mechanism but lacks a dedicated privacy policy page. Overall, the site is professional, user-friendly, and trustworthy with no critical vulnerabilities detected.

Bouygues is a large French multinational conglomerate operating in diverse sectors including construction, telecommunications, media, and real estate. The website serves as a corporate portal and magazine to communicate news and updates about the group. The site is professionally designed, mobile-optimized, and uses modern web technologies such as WordPress, Google Tag Manager, Matomo Analytics, and Cookiebot for consent management. Security measures include HTTPS enforcement, reCAPTCHA integration, and comprehensive cookie consent mechanisms. However, the absence of publicly available WHOIS data and registrant information slightly reduces domain trustworthiness. No explicit security policy or incident response contact information is published, which could be improved to enhance transparency and compliance. Overall, the website reflects a mature digital presence consistent with a large enterprise.

T

Terres d'Argentan

terresdargentan.fr

50

Terres d'Argentan is a French local government community portal serving 49 communes with approximately 34,000 inhabitants. The website provides comprehensive information about community services, events, public announcements, and citizen resources. It positions itself as an essential public service platform for residents and stakeholders in the Argentan area. The site is well-branded and consistent with official government communications. Technically, the website is built on WordPress using a modern tech stack including Bootstrap, jQuery, Leaflet.js for maps, and integrates Google Fonts and Google reCAPTCHA for security. It employs Matomo for privacy-conscious analytics and uses the Complianz GDPR plugin to manage cookie consent, demonstrating a good level of digital maturity and compliance with European privacy regulations. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms. Cookie consent is actively managed, and analytics cookies are disabled by default. However, some security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected and could be improved. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website is trustworthy, professionally maintained, and compliant with privacy laws. It serves its community audience effectively with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing a dedicated security policy, and continuing regular updates to maintain security posture.

L

L'Union sociale pour l'habitat

union-habitat.org

53

L'Union sociale pour l'habitat is a prominent French non-profit organization dedicated to supporting social housing entities (Hlm) and contributing to national housing policy development. The website serves as a comprehensive resource hub offering thematic content, publications, event information, and professional support to stakeholders in the social housing sector. The organization maintains a strong market position as a key actor in France's social housing ecosystem, with a large-scale presence and multiple affiliated entities. Technically, the website is built on Drupal CMS, employs modern web technologies such as lazy loading and Matomo analytics, and is optimized for mobile and accessibility. Security posture is strong with HTTPS enforcement and security headers, though explicit security and privacy policies are not prominently published. The absence of WHOIS data limits domain trust verification but does not detract significantly from the site's legitimacy given its professional presentation and content. Overall, the site is well-designed, content-rich, and trustworthy for its target audience.

F

France Ville Durable

sustainablecitybyfrance.org

51

Sustainable City by France is a French non-profit association dedicated to accelerating the transition of cities and territories towards sustainability and resilience. It brings together local authorities, state entities, companies, and experts to collaborate on sustainable urban development projects. The website reflects a medium-sized organization with strong government and private sector partnerships, offering resources, project mapping, and events to its audience. Technically, the site is built on WordPress with Elementor, uses modern web technologies, and is hosted by OVH sas. Security posture is good with HTTPS and reCAPTCHA implemented, though there is room for improvement in DNS security and HTTP headers. Privacy compliance is well addressed with clear cookie and privacy policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-positioned in its niche.

D

Digiforma Certif

digiforma-certif.com

61

Digiforma Certif is a French company specializing in software solutions for managing RNCP and RS certifications, primarily serving training organizations and certification bodies. The company positions itself as a key player in the French educational certification software market, offering SaaS-based tools to streamline compliance and training management. The website is professionally designed, mobile-optimized, and provides comprehensive information about its services and certifications. Technically, the site is built on WordPress with Elementor, leveraging modern libraries and SEO tools, and includes standard security measures such as HTTPS and reCAPTCHA. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with moderate security posture and good business credibility.

F

France Villes et territoires Durables

francevilledurable.fr

44

France Villes et territoires Durables is a French non-profit association dedicated to accelerating the transition of cities and territories towards sustainability and resilience. It brings together local authorities, government entities, companies, and experts to collaborate on sustainable urban development. The website reflects a professional and well-established organization with a clear mission and a strong network of reputable partners. The digital infrastructure is based on WordPress with modern plugins and technologies, hosted by OVH and utilizing Cloudflare DNS services. Security posture is solid with HTTPS, security headers, and reCAPTCHA protections in place, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, well-maintained, and serves its target audience effectively.

N

Nux s.r.o.

nux.cz

69

Nux s.r.o. is a Czech technology company specializing in web development, online office solutions, and comprehensive internet consulting services. Established in 2004, the company has a solid market presence in the Czech Republic, targeting businesses and organizations seeking tailored digital solutions. Their offerings include custom software development, e-learning platforms, client portals, e-commerce solutions, and communication tools such as Mattermost and Jitsi. The website reflects a professional and consistent brand image with clear service descriptions and client references. Technically, the website employs modern technologies including Tailwind CSS, Google Tag Manager, and Google reCAPTCHA, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be enhanced. The CMS used is a proprietary or custom system (cms1.nux.cz), and the site is served over HTTPS with a good SSL configuration. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate automated abuse. However, explicit security headers are not evident, and there is no published security policy or incident response contact information. Cookie consent is implemented, supporting GDPR compliance, but no explicit privacy policy or terms of service were found on the main page. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's history. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, enhancing accessibility, and implementing additional security headers to strengthen the security posture.

C

Convertim s.r.o.

convertim.com

62

Convertim s.r.o. operates a specialized SaaS platform focused on optimizing e-commerce checkout processes to increase sales and conversion rates. Their service offers one-click checkout, passwordless authentication via SMS PIN, and seamless integration with carriers and payment gateways, targeting online retailers seeking to improve user experience and cross-border sales. The website is professionally designed, multilingual, and leverages modern web technologies such as Webflow, Google Tag Manager, and Weglot for translation. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, alongside a cookie consent mechanism compliant with GDPR. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the active business presence and social media profiles provide mitigating trust signals. No explicit security policy or incident response information is published, indicating room for improvement in transparency and security posture.

N

Nadace BLÍŽKSOBĚ

blizksobe.cz

48

Nadace BLÍŽKSOBĚ is a Czech non-profit foundation dedicated to supporting organizations and individuals that enhance social quality of life, focusing on education, democracy, and civil society. The website presents a professional and consistent brand image with clear mission statements and support for known social initiatives such as Člověk v tísni. Technically, the site is built on WordPress with Bootstrap and uses modern web technologies including Google Analytics and reCAPTCHA for security. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and anti-bot measures, but lacks advanced security headers and published security policies. The absence of privacy and cookie policies is a compliance gap given GDPR relevance. WHOIS data is unavailable, which limits domain trust verification and reduces overall credibility. No signs of WAF or content blocking were detected, and the site content is safe for general audiences.