Security Directory

D

DIGEEK

digeek.fr

48

DIGEEK is a small digital communication agency based in Toulouse, France, specializing in graphic design, website and mobile application development, video production, and digital marketing. The company targets businesses, startups, institutions, and associations primarily in the Toulouse region. Their website demonstrates a professional and consistent brand image supported by strong client testimonials and active social media engagement. Technically, the site is built on WordPress with modern technologies and performance optimizations, ensuring fast loading and excellent mobile responsiveness. Security posture is good with HTTPS and performance plugins, though some security headers and explicit incident response information are missing. Overall, the domain appears legitimate despite the absence of WHOIS registration details, likely due to privacy protection.

L

La Salamandre

salamandre.net

61

La Salamandre is an independent, non-profit French media publisher dedicated to nature education and appreciation. They produce three nature magazines targeting different age groups, alongside rich digital content including articles, podcasts, videos, and educational activities. Their market position is strong within the French-speaking nature enthusiast community, with a clear focus on family and educational content. Technically, the website is built on WordPress with modern libraries and frameworks, optimized for mobile and SEO, and integrates privacy-compliant analytics and consent management. Security posture is good with HTTPS and secure login mechanisms, though some HTTP security headers could be improved. Overall, the site is professional, trustworthy, and content-rich, supporting a sustainable business model based on subscriptions and product sales.

Č

Česko-německý fond budoucnosti

fondbudoucnosti.cz

35

Česko-německý fond budoucnosti is a well-established non-profit organization dedicated to fostering Czech-German relations through project funding and cultural initiatives. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. The organization targets individuals and groups involved in Czech-German cooperation, providing support and promoting mutual understanding. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. The absence of WHOIS data limits domain trust analysis but the overall professional presentation and social media presence support legitimacy.

K

Kraj blanických rytířů, z.s.

blanik.net

58

Kraj blanických rytířů, z.s. operates a well-established official regional tourism portal focused on the Blaník region in the Czech Republic. The website provides comprehensive information on local attractions, cultural events, school trips, regional products, and visitor services, targeting tourists, families, and educational groups. Supported by regional government and ministry partners, it serves as a trusted source for regional tourism promotion. Technically, the site is built on Drupal 9 with modern front-end frameworks and integrates Google Analytics, Microsoft Clarity, and CookieHub for analytics and privacy compliance. The site is mobile-optimized, accessible, and SEO-friendly. Security posture is solid with HTTPS enforcement and domain transfer protections, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is well addressed with a GDPR page and cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with its business goals.

P

PracevRegionu.cz - nabídky práce ve vašem regionu

pracevregionu.cz

43

PracevRegionu.cz is a Czech Republic regional job portal established in 2016, offering extensive job listings across multiple regions and municipalities. The platform targets both job seekers and employers, providing a marketplace for employment opportunities with over 155,000 job offers. The website is professionally designed with clear navigation and regional segmentation, supporting a focused business model of online job advertisement and regional employment facilitation. The business operates primarily in the Other industry sector, serving a small-sized market niche within the Czech Republic.

F

Accueil - Festival Salamandre

festival-salamandre.org

60

The Festival Salamandre website represents a nature festival event held in Switzerland, targeting a general audience interested in environmental and outdoor activities. The site is built on WordPress and uses modern web technologies such as Bootstrap, jQuery, and FontAwesome, with tracking via Facebook Pixel and Plausible Analytics. The website is well-designed, mobile-optimized, and provides a good user experience with clear event information. However, the absence of visible contact information, privacy policy, and terms of service pages limits its compliance and trustworthiness. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks security headers and incident response contacts. WHOIS data is unavailable due to a malformed request, which reduces domain trust and legitimacy assessment. Overall, the site is functional and professional but could improve in compliance and security transparency.

L

La Salamandre

salamandre.org

60

La Salamandre is an independent, non-profit media publisher dedicated to fostering a love of nature through its three nature magazines targeted at different age groups, educational content, books, films, podcasts, and videos. The organization positions itself as a niche leader in nature education and environmental awareness in France, with a strong focus on family and children audiences. The website reflects a mature, well-branded, and content-rich platform with consistent messaging and trust signals such as eco-responsible printing and environmental projects. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and jQuery, and employs privacy-conscious analytics (Matomo) and cookie consent management (Cookiebot). Security posture is good with HTTPS enforced, though additional security headers could improve defenses. Privacy compliance is strong with clear policies and consent mechanisms. No WHOIS data was retrievable, likely due to privacy protection, which is justified for this type of organization. Overall, the site is professional, trustworthy, and well-optimized for its audience.

Z

Zepros

zepros.fr

55

Zepros is a well-established French B2B media group founded in 2005, specializing in delivering professional information across multiple sectors including automobile, building, trade, habitat, catering, territorial collectivities, and artisans entrepreneurs. The group operates several sector-specific websites and offers daily newsletters and professional events, positioning itself as a key information source for professionals in these industries. Technically, the website is built on Drupal 10, leveraging modern web technologies and standard marketing and analytics tools such as Google Tag Manager and Cloudflare Insights. The site is mobile-optimized and provides a good user experience with clear navigation and professional content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some advanced security headers and publicly available security policies or incident response contacts. The absence of WHOIS data suggests privacy protection, which is common and justified for media companies. Overall, the website is legitimate, professional, and trustworthy with moderate to good security posture.

G

Générations Futures

generations-futures.fr

68

Générations Futures is a well-established French non-profit organization founded in 1996, dedicated to protecting future generations from pesticides and other chemical pollutants. The association is accredited by the Ministry of Ecology and recognized as a public interest organization. It operates primarily through advocacy, public awareness campaigns, scientific publications, and support for victims of pesticides. The website reflects a mature digital presence with comprehensive content, active social media engagement, and clear calls to action such as donations and volunteer recruitment. Technically, the website is built on WordPress with modern JavaScript libraries and CSS frameworks like Bootstrap. It employs cookie consent management via Tarteaucitron and integrates Google Analytics for traffic analysis. The site is mobile-optimized, accessible, and SEO-friendly, though some security headers are not explicitly detected in the HTML source. HTTPS is enforced, ensuring secure communications. From a security perspective, the site demonstrates good practices including encrypted connections and privacy compliance with GDPR. However, the absence of WHOIS data limits domain trust verification, and no explicit security or incident response policies are published. No critical vulnerabilities or exposed sensitive data were found in the content. Overall, Générations Futures presents a trustworthy and professional online presence consistent with its mission as an environmental NGO. Strategic improvements in security headers, incident response transparency, and domain registration visibility would further enhance its security posture and trustworthiness.

C

Conseil Départemental de l'Hérault

herault.fr

63

The Conseil Départemental de l'Hérault website serves as the official digital presence for the Hérault department government in France. It provides comprehensive information about departmental services, news, events, and public initiatives targeting residents and stakeholders within the region. The site is well-structured with clear navigation and a focus on accessibility and user experience. The content is primarily in French and covers a broad range of topics including culture, environment, social services, and digital inclusion. Technically, the website employs a variety of established JavaScript libraries such as jQuery, Colorbox, Slick Carousel, and Matomo for analytics, indicating a mature and modern front-end infrastructure. The site uses HTTPS and cookie consent mechanisms compliant with GDPR, reflecting a good level of privacy awareness. However, no explicit security policies or incident response contacts are published, which could be improved. From a security perspective, the site benefits from HTTPS encryption and cookie management but lacks visible security headers and vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration, consistent with a government entity. Overall, the website is professional, trustworthy, and serves its public service role effectively. Strategic improvements could include publishing explicit security policies, incident response contacts, and enhancing security headers to further strengthen the security posture.

U

Uniformation

uniformation.fr

61

Uniformation is a well-established French non-profit organization acting as an OPCO (Opérateur de compétences) specializing in the social cohesion sector. The website clearly targets employers, employees, partners, and job seekers, offering services such as professional training financing, pedagogical engineering, HR management support, and alternance recruitment. The site demonstrates a strong market position with a comprehensive catalog of training and consulting services tailored to the social cohesion industry. Technically, the website is built on Drupal 10 with modern JavaScript libraries and analytics tools, providing a responsive and accessible user experience. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be explicitly added. The absence of WHOIS data reduces domain trust slightly, but the professional presentation and compliance with GDPR and cookie regulations support legitimacy. Overall, the site is professional, secure, and user-friendly, serving a large audience in France's education and social sectors.

I

IDEA

groupe-idea.com

52

IDEA is a well-established French logistics company specializing in industrial logistics, transport, customs, industrial packaging, production delegation, and consulting for flow management. The company serves diverse sectors including aeronautics, energy, naval, defense, agro-food bulk, manufacturing, health, and construction. The website is professionally designed using Drupal 8 and modern JavaScript libraries, providing a rich user experience with clear navigation and mobile optimization. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not evident. WHOIS data is unavailable, which slightly impacts trust but the overall digital presence and business information support legitimacy. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and monitoring domain registration details.

Z

Zephyr

zephyrcms.com

61

Zephyr is a specialized service provider focused on delivering beautiful websites and marketing solutions exclusively for fee-only Registered Investment Advisors (RIAs). The company positions itself as a niche expert helping independent fiduciary financial advisors enhance their brand identity and marketing effectiveness through tailored digital solutions. Their website showcases a professional design with clear navigation, client testimonials, and featured client case studies, reinforcing their credibility in the financial advisory sector. From a technical perspective, the website leverages modern web technologies including Bootstrap, jQuery, FontAwesome, and integrates marketing and analytics tools such as Google Tag Manager, MailerLite, Plausible, and Fathom Analytics. The site is mobile-optimized, fast-loading, and accessible, reflecting a mature digital infrastructure. However, some security best practices like explicit security headers and cookie consent mechanisms are missing. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain raises some concerns about domain legitimacy or recent registration status, but the professional content and consistent branding mitigate immediate trust issues. No incident response or vulnerability disclosure information is provided, which could be improved to enhance security transparency. Overall, Zephyr presents a trustworthy and professional online presence with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen their security posture and regulatory alignment, supporting their business credibility and client trust.

O

OSLAVÍN.cz, s.r.o.

oslavin.cz

61

OSLAVÍN.cz, s.r.o. operates a specialized online platform focused on facilitating event planning by connecting users with venues, services, and inspiration for celebrations such as weddings, parties, and corporate events primarily in the Czech Republic. The platform offers a commission-free inquiry system, promoting ease and speed for customers seeking event solutions. The website demonstrates a good level of professionalism with consistent branding and a user-friendly interface. Technically, it leverages modern web technologies including Vue.js, Google Tag Manager, Facebook Pixel, and live chat integration, ensuring a responsive and interactive user experience. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although there is room for improvement in publishing comprehensive privacy and security policies. The absence of WHOIS data for the domain is a notable concern, impacting trust and legitimacy assessments. Overall, the site is well-positioned within the hospitality sector niche, serving a small business market with a clear value proposition.

E

EVENT ARENA s.r.o.

eventarena.cz

63

EVENT ARENA s.r.o. is a Czech-based event management company specializing in organizing corporate events such as conferences, VIP events, virtual events, and teambuilding activities. The company has a strong market presence supported by numerous awards and a broad client portfolio including major corporations. Their website reflects a professional and modern digital presence with multimedia content and clear navigation. Technically, the site uses modern tracking and video technologies, though some security best practices like security headers are missing. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a dedicated privacy policy page. Overall, the security posture is moderate with room for improvement in transparency and technical safeguards. The domain WHOIS data is missing, which reduces trustworthiness but the business information on the site is consistent and credible.

Francouzský institut v Praze is a well-established cultural and educational institution dedicated to promoting French language and culture in the Czech Republic. The website offers a broad range of services including language courses, certifications, cultural events, and educational cooperation programs. It targets students, professionals, educators, and cultural enthusiasts. The institution maintains an active online presence with multiple social media channels and provides clear contact information and privacy policies, reflecting a commitment to transparency and user privacy. Technically, the website uses a modern technology stack including Angular, jQuery, Bootstrap, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some security best practices such as implementing security headers are missing, and the absence of WHOIS data raises questions about domain registration transparency. Security posture is moderate with HTTPS enforced and cookie consent implemented, but improvements are recommended in security headers and explicit terms of service. Privacy compliance is strong with a comprehensive GDPR policy and cookie management. Overall, the website is professional, trustworthy, and serves its educational and cultural mission effectively. The main risk lies in the lack of WHOIS transparency which slightly impacts trustworthiness. Strategic recommendations include enhancing security headers, publishing terms of service, and verifying domain registration details to improve legitimacy and user trust.

T

topalkohol.cz

topalkohol.cz

57

Topalkohol.cz is a Czech Republic-based e-commerce retailer specializing in the sale of quality alcoholic beverages including rum, whisky, bourbon, gin, vodka, brandy, and related products. The website positions itself as one of the largest online alcohol retailers in the Czech market, offering a wide product range with fast and secure delivery services. The target audience is mature consumers seeking premium alcoholic products online. Technically, the site is built on the Shoptet e-commerce platform, leveraging modern JavaScript libraries, Google Analytics, Facebook SDK, and various advertising and tracking tools with a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS enforced and CSRF protections in place, though some security headers could be improved. The absence of WHOIS data limits domain trust assessment but the website content and business presence appear professional and credible. Overall, the site demonstrates a mature digital infrastructure suitable for its retail business model.

F

FLERET FRUIT s.r.o.

fleret.cz

51

FLERET FRUIT s.r.o. is a small Czech company specializing in the traditional production of fruit distillates and liquors, targeting adult consumers with a focus on quality and attractive design. The website reflects a professional presentation of their products, including limited edition offerings, and enforces age verification to comply with legal requirements for alcohol sales. The company maintains an active social media presence and provides clear contact information including a physical address and phone number. Technically, the website uses modern JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel, with good mobile optimization and SEO practices. However, the absence of privacy and cookie policies and missing WHOIS data reduce the overall trust and compliance posture. Security is adequate with HTTPS enforced and no visible vulnerabilities, but security headers are lacking. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

I

Inštitút pre dobre spravovanú spoločnosť (SGI)

odkazprestarostu.sk

53

Odkazprestarostu.sk is a Slovak non-profit civic engagement platform established in 2010, operated by the Inštitút pre dobre spravovanú spoločnosť (SGI). It enables citizens to report local problems and track their resolution in cooperation with local governments, promoting transparency and public service improvement. The platform has a strong presence in Slovakia with over 100,000 resolved reports and is supported by the European Social Fund. Technically, the website uses a custom CMS with modern JavaScript libraries including jQuery, Bootstrap, and AngularJS, and integrates social media SDKs and analytics tools such as Google Analytics and Mixpanel. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. Security-wise, the site enforces HTTPS with excellent SSL configuration but lacks some security headers and explicit cookie consent mechanisms. No critical vulnerabilities or exposed sensitive data were found. Overall, the website is trustworthy, professionally maintained, and serves an important civic function in Slovakia.

S

Spinkids.cz

spinkids.cz

47

Spinkids.cz is a Czech Republic-based e-commerce retailer specializing in creative and interactive children's toys, including popular brands such as Tlapková patrola, Bakugan, Rubik, Batman, and Harry Potter. The website targets parents and children seeking branded toys with fast delivery services. The business is relatively new, founded in 2023, and operates on the PrestaShop platform with a moderate digital maturity level. The site employs multiple analytics and marketing tools including Google Analytics, Matomo, Microsoft Clarity, and CJ.com affiliate tracking, indicating a focus on data-driven marketing and customer insights. Security posture is adequate with HTTPS enforced and tokenized forms, but lacks explicit security headers and published privacy or cookie policies, which are critical for GDPR compliance and user trust. No contact emails or phone numbers are directly available, which may impact customer support perception. Overall, the site is professionally designed, mobile-optimized, and safe for general audiences, but improvements in privacy compliance and security best practices are recommended.

The Slovak-Czech Women's Fund is a small non-profit organization dedicated to advancing women's rights and gender equality in Slovakia and the Czech Republic. Their website provides information about their mission, grant programs, projects, and ways to support their cause. The organization maintains a clear presence with contact details, social media links, and a consistent brand identity. The website content is primarily in Slovak with options for Czech and English, targeting women and supporters of women's rights in the region. Technically, the website uses a custom CMS with modern JavaScript libraries such as jQuery, Slick Carousel, and Underscore.js. It employs Google Fonts and FontAwesome for styling and icons. The site is mobile-optimized with good navigation and content structure, though accessibility features are basic. Google Analytics is used for visitor tracking, but no explicit cookie consent mechanism is present despite having a cookie policy page. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. No forms or input fields were detected on the main pages, reducing attack surface. There is no vulnerability disclosure or incident response information available. The site appears safe with no adult or questionable content. Overall, the website is professional, trustworthy, and fulfills its informational role well. However, improvements in security headers, privacy compliance mechanisms, and transparency around security policies would enhance its security posture and user trust.

P

Partner & Co

semence-biologique.fr

39

SemBio, operated by Partner & Co, is a French e-commerce business specializing in the sale of certified organic seeds and seed mixtures for agricultural use. The website targets French-speaking agricultural professionals and organic farmers, offering a range of products including pure seeds and specialized blends for various farming sectors. The company positions itself as a niche supplier within the organic agriculture retail market in France. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO best practices. It integrates marketing and analytics tools such as Google Analytics, Google Tag Manager, and Sendinblue for newsletter and marketing automation. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and uses security headers, reflecting a good security posture. However, it lacks a publicly available security policy or incident response contact information. The domain WHOIS data is privacy protected, which is common and justified for this business type. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with room for improvement in security transparency and accessibility.

F

Festival de Sevilla

festivalcinesevilla.eu

57

Festival de Sevilla is a well-established European film festival based in Sevilla, Spain, with a strong cultural and media focus. The website serves as a comprehensive platform for festival information, programming, news, and educational initiatives, targeting film enthusiasts, professionals, and the general public. The festival enjoys solid institutional support from government and cultural organizations, enhancing its credibility and market position. Technically, the website is built on Drupal 8, leveraging modern web technologies such as Google Analytics for tracking, AddToAny for social sharing, and lazy loading for performance optimization. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. From a security perspective, the site implements basic privacy compliance with cookie consent and IP anonymization in analytics. However, it lacks advanced security headers, a published security policy, and vulnerability disclosure mechanisms. No blocking or WAF challenges were detected, and no suspicious content was found, indicating a generally secure posture but with room for improvement. Overall, the website is professional, trustworthy, and well-maintained, supporting the festival's mission and audience engagement effectively.

goEast Filmfestival is a well-established cultural event organizer specializing in Central and Eastern European cinema. The website provides comprehensive information about the festival, including event dates, program details, and opportunities such as internships and film submissions. The organization targets film enthusiasts and cultural audiences interested in this niche. Technically, the website is built on WordPress with modern JavaScript libraries and SEO optimizations, hosted on a professional DNS provider. Security posture is adequate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. Social media integration is strong, enhancing community engagement and trust. Overall, the website is professional, trustworthy, and serves its audience effectively.

W

What The Web

whattheweb.org

55

What The Web is a specialized web service provider focused on creating and supporting websites and digital tools for associations and Social and Solidarity Economy (SSE) structures. Their business model is based on a free price approach, offering scalable and personalized support to their clients. The company positions itself as a committed partner for non-profit organizations, providing tailored web solutions that include website creation, management tools, and visual identity services. Technically, the website uses modern frameworks such as React and Ion Framework, with good mobile optimization and accessibility features. Security posture is solid with HTTPS enabled and no obvious vulnerabilities, though some security headers are missing. Privacy compliance is limited as no explicit privacy or cookie policies were found. Overall, the website is professional, trustworthy, and well-designed, targeting non-profit and social economy sectors.

A

Active Citizens Fund

activecitizensfund.cz

10

Active Citizens Fund is a Czech Republic-based non-profit grant program focused on strengthening civil society, promoting openness, tolerance, and citizen participation in public policy. The website presents a professional and consistent brand image, targeting NGOs, vulnerable groups, and civic activists. The program is supported by EEA and Norway Grants, indicating a reputable funding source. Technically, the site is built on WordPress with common plugins for GDPR compliance and user experience enhancements. The presence of Google Tag Manager indicates moderate analytics and tracking capabilities. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data is a concern for domain transparency but does not detract significantly from the site's legitimacy given the content and social media presence. Overall, the site is well-structured, accessible, and trustworthy for its intended audience.

Komunitní plánování Ostrava is a Czech non-profit organization focused on community planning of social services tailored to the needs of Ostrava citizens. The website serves as an information portal providing news, event calendars, and resources related to social service planning and community engagement. It maintains a network of partner organizations and offers structured content in Czech language. Technically, the site is built on WordPress CMS with plugins for event management and GDPR compliance, and uses Matomo for analytics, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is professional, trustworthy, and compliant with privacy regulations, serving its community-focused mission effectively.

R

Région Centre-Val de Loire

europeocentre-valdeloire.eu

23

Europe O Centre-Val de Loire is an official regional platform operated by the Région Centre-Val de Loire, France, providing comprehensive information and access to European funding programs for project holders in the region. The website serves as a gateway to identify funding opportunities, access calls for projects, and prepare funding applications, supported by official regional and European Union branding. The platform targets residents and organizations in the Centre-Val de Loire region seeking European financial support for development projects. Technically, the website is built on WordPress using modern plugins such as Yoast SEO and WP Rocket for optimization, with a responsive design and accessibility considerations. It employs Matomo analytics with a strong cookie consent mechanism via Tarteaucitron, reflecting good privacy compliance. The site uses HTTPS with strong SSL configuration and security headers, although explicit security policy and incident response pages are not found. Security posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS registrant data is consistent with EURid policies for .eu domains and does not detract from the legitimacy of the site, which is well-branded and professionally maintained. Overall, the site demonstrates a high level of trustworthiness, compliance, and technical maturity. Recommendations include publishing explicit security and incident response policies, implementing a security.txt file for vulnerability disclosure, and continuing regular security audits of third-party scripts and forms to maintain a strong security posture.

U

UDES

udes.fr

46

UDES is a prominent French non-profit organization representing employers in the social and solidarity economy sector. It aggregates 22 employer groups across 17 professional branches, representing over 200,000 enterprises and nearly 2.7 million employees. The website reflects a professional and consistent brand presence, targeting employers and stakeholders in the ESS sector with services including representation, social dialogue, publications, and events. Technically, the site is built on Drupal 7 with a modern front-end stack including Bootstrap and jQuery, delivering a responsive and accessible user experience. While performance is moderate, the site benefits from HTTPS and integration with Google Tag Manager and Analytics, though some libraries like jQuery are outdated. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and incident response information. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. WHOIS data is missing, which slightly impacts trust but the overall site professionalism mitigates concerns. Overall, UDES presents a credible and authoritative online presence for its sector, with recommendations to improve security headers, update libraries, and enhance privacy compliance to strengthen trust and resilience.

C

CoopVenture

coopventure.fr

54

CoopVenture is a French investment fund specializing in evergreen and participative financing for innovative companies that engage their employees in ownership and decision-making. Founded in 2016, it operates with a long-term horizon of at least seven years, focusing on sustainable development and local employment. The website reflects a niche market position combining cooperative values with the French Tech ecosystem, offering financing up to 400 K€ and business acceleration services. Technically, the site is built on WordPress with common plugins and uses Google Analytics for tracking. The site is mobile-optimized and well-structured, though some accessibility features could be improved. Security posture is adequate with HTTPS and cookie consent but lacks advanced security headers and published security policies. No direct contact emails or phone numbers are provided, relying on a contact form instead. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the website is professional and trustworthy but could enhance transparency on security and privacy policies.

C

Copernicus

copernicus.eu

11

Copernicus is the European Union's flagship Earth observation program, providing environmental data and services for the benefit of European citizens and public authorities. The website reflects a mature digital presence with a professional design, multilingual support, and comprehensive content focused on environmental monitoring, climate change, security, and emergency management. The program collaborates with major European agencies and institutions, reinforcing its authoritative market position. Technically, the site is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Matomo, with a strong emphasis on GDPR compliance and user privacy. The infrastructure supports good performance, mobile responsiveness, and accessibility, although some security headers could be improved. Security posture is solid with HTTPS enforced and privacy-conscious cookie management, but the absence of explicit vulnerability disclosure and incident response contacts suggests room for enhancement. No critical vulnerabilities or blocking mechanisms were detected, indicating a trustworthy and stable platform. Overall, Copernicus.eu represents a high-quality, secure, and compliant government service website with strong business credibility and technical maturity, suitable for its broad public and institutional audience.

E

Emmaüs Epargne Solidaire

emmaus-epargne-solidaire.fr

48

Emmaüs Epargne Solidaire is a French social finance organization that enables individuals to invest in solidarity savings products aimed at funding social and environmental projects, primarily supporting Emmaüs groups. The website presents a clear mission focused on ethical investment and social impact, supported by recognized certifications such as ESUS and Finansol. The platform is positioned as a niche player in the social finance sector, targeting socially conscious investors. Technically, the website leverages modern web technologies including React and Ionic Framework, with a responsive design and good SEO practices. However, some areas such as accessibility and security headers could be improved. The site does not appear to use extensive tracking or advertising, reflecting a privacy-conscious approach. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal privacy or cookie policies, which are important for compliance and trust. The WHOIS data is incomplete or protected, which slightly reduces domain trustworthiness, though the website content and certifications support legitimacy. Overall, the website is professional and trustworthy with a strong social mission, but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

E

Edumania

edumania.sk

58

Edumania is a Slovakian e-commerce retailer specializing in educational toys, kits, and games designed for curious children who enjoy learning through play. The website is professionally designed, leveraging the Shoptet e-commerce platform, and offers a well-structured catalog with clear navigation and product categorization by area, type, and age. The business targets parents and educators seeking quality educational products in Slovakia. Technically, the site uses modern web technologies including jQuery, Google Analytics, Facebook SDK, and slick carousel for UI components, hosted on Shoptet's CDN infrastructure. The site is mobile-optimized and includes accessibility features, though some improvements could be made.

I

Inbound Back Office

inboundbackoffice.com

45

Inbound Back Office is a service provider specializing in white-label virtual assistant and marketing support services tailored for marketing agencies, fractional CMOs, and small businesses. The company positions itself as a scalable and seamless support partner, trusted by hundreds of teams globally to handle marketing execution and administrative tasks without the complexities of hiring. Their website reflects a professional and consistent brand image with clear messaging and client testimonials that reinforce trust. Technically, the website leverages modern front-end technologies including Bootstrap, Tailwind CSS, jQuery, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and HubSpot. The site is built on Zephyr CMS and demonstrates good mobile optimization and user experience. However, some areas such as accessibility and SEO could be improved. Security-wise, HTTPS is properly implemented, but the absence of security headers and privacy/cookie policies indicates room for enhancement in compliance and protection. The security posture is moderate with no immediate vulnerabilities detected in the visible content, but the lack of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. This discrepancy between professional website content and missing domain registration information suggests the need for further verification. Overall, the site is functional and credible from a business perspective but requires improvements in privacy compliance and security best practices. Strategically, the company should prioritize establishing clear privacy and cookie policies, implement security headers, and resolve WHOIS registration transparency to strengthen trust and compliance. Enhancing accessibility and SEO will also improve user reach and satisfaction.

S

Storck Romania

toffifee.ro

67

The website www.toffifee.ro represents the Romanian localized brand presence of Toffifee, a confectionery product under the Storck group. It provides product information, brand storytelling, and consumer engagement primarily targeting Romanian consumers interested in confectionery. The site is built on TYPO3 CMS and uses modern JavaScript libraries such as RequireJS, jQuery, and Lodash, indicating a moderate level of technical maturity. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Privacy compliance is well addressed with a visible privacy policy and cookie consent mechanism. However, direct contact emails and phone numbers are not explicitly listed on the homepage, relying instead on a contact form.

V

Virtual Visit

virtualvisit.cz

10

Virtual Visit is a Czech Republic-based digital agency specializing in innovative digital presentations including custom web design, virtual tours, accessibility audits, branding, and video production. The company targets a diverse audience including businesses, schools, healthcare, tourism, hospitality, and real estate sectors. Their market position is that of an established small agency with a professional portfolio and strong client references. Technically, the website employs modern web technologies such as jQuery, Nette Framework, Flatpickr, and integrates Google reCAPTCHA v3 for security. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit incident response or security policy pages are found. Overall, the website is professional and trustworthy, but the absence of WHOIS data reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing incident response information, and adding a security.txt file to improve transparency and security readiness.

F

FiremníAkce.cz, s.r.o.

firemniakce.cz

60

FiremníAkce.cz, s.r.o. operates a Czech Republic-focused online platform specializing in corporate event planning. The website offers a comprehensive marketplace for event locations, services, and inspiration, targeting corporate clients and event organizers. It positions itself as a commission-free, easy-to-use solution for finding venues and services for various event types including conferences, team building, and parties. The platform features curated offers, partner collaborations, and interactive search forms to facilitate client inquiries. Technically, the site employs modern web technologies including Vue.js, Bootstrap, and integrates multiple marketing and analytics tools such as Google Analytics, Facebook Pixel, and Smartlook. The presence of cookie consent mechanisms and social media integration reflects a moderate level of digital maturity. Security posture is adequate with HTTPS usage and no visible sensitive data exposure, but lacks explicit security headers and published security policies. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not detract significantly from the site's legitimacy given the professional content and contact information. Overall, the website is well-designed, user-friendly, and serves its niche effectively.

W

Washington University in St. Louis

washubears.com

64

Washington University in St. Louis operates an official athletics website providing comprehensive information about its NCAA Division III sports teams, schedules, rosters, news, and athletics department resources. The site targets students, athletes, alumni, and sports fans, serving as a central hub for university sports engagement. The business model is focused on supporting university athletics and community involvement, positioning itself as a trusted source for sports information within the education sector. Technically, the website leverages a modern JavaScript stack including jQuery, RequireJS, Knockout.js, and integrates with Google Tag Manager and Google Analytics for tracking. It is hosted on Cloudfront CDN with DNS managed by Rackspace. The site is mobile optimized, accessible, and uses the Sidearm Sports CMS platform, reflecting a mature digital infrastructure suitable for its audience and purpose. From a security perspective, the site enforces HTTPS and employs standard domain protections but lacks DNSSEC and some advanced security headers like Content Security Policy. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the visible content. Privacy compliance is partial, with a privacy policy present but no explicit cookie consent mechanism despite active tracking scripts. Overall, the website demonstrates a solid security posture and business credibility with room for improvement in privacy compliance and DNS security. Strategic recommendations include enabling DNSSEC, implementing a cookie consent banner, adding security headers, and publishing a vulnerability disclosure policy to enhance trust and compliance.

C

CEREMA

expertises-territoires.fr

62

Expertises Territoires is a professional network platform affiliated with CEREMA, a French public organization focused on territorial expertise. The website serves elected officials, community and state agents, experts, companies, and civil society members by facilitating collaboration, knowledge sharing, and co-construction of territorial solutions. It features communities, partners, and domains of action such as territorial engineering, building, mobility, transport infrastructure, environment, and coastline management. The platform is bilingual (French and English) and emphasizes community engagement and professional networking. Technically, the website is built on the Jalios CMS platform, utilizing modern web technologies including jQuery, Bootstrap 3.4.1, Slick Carousel, and LightGallery. The site demonstrates good mobile optimization, accessibility, and SEO practices. Cookie consent is implemented with a clear banner, and privacy and legal notices are present, indicating compliance with GDPR requirements. However, no explicit security headers or incident response policies are visible in the provided content. Security posture is moderate with HTTPS implied but not explicitly confirmed in the HTML content. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain is a concern, reducing trustworthiness from a domain registration perspective. Despite this, the website's branding and partner affiliations suggest legitimacy. Overall, the site is professional, secure, and compliant but would benefit from enhanced transparency in security policies and domain registration information.

D

DK Akord Ostrava

dkakord.cz

48

DK Akord Ostrava operates as a cultural and social center located in Ostrava-Zábřeh, Czech Republic, offering a wide range of cultural events including concerts, theater performances, and educational courses. The organization also provides venue rental services and operates a restaurant, positioning itself as a regional hub for cultural and social activities. The website reflects a medium-sized enterprise with a professional digital presence, integrating modern web technologies and multiple analytics and marketing tools to engage its audience effectively. The business model focuses on event hosting, ticket sales, and community engagement through educational and cultural programming. Technically, the site is built on WordPress with Bootstrap and jQuery, supported by reputable third-party services for analytics and marketing, ensuring a good user experience across devices. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie consent mechanisms, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is trustworthy, well-maintained, and compliant with relevant privacy regulations, serving its target audience effectively.

K

Kolektor Conttek GmbH

conttek.de

45

Kolektor Conttek GmbH is a well-established German manufacturer specializing in precision stamping, bending parts, pressfit, contact parts, metal-plastic composite parts, assemblies, and plastic parts primarily serving the automotive and electronics industries. With a 60-year history and integration into the international Kolektor group, the company holds a strong market position as a reliable B2B partner offering development, tooling, and automation services. The website reflects a professional corporate presence with detailed descriptions of technologies and competencies, targeting industrial clients. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by adding explicit security policies, incident response contacts, and security headers. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media presence.

K

KaviAR Tech SAS

kaviar.app

63

KaviAR Tech SAS operates KaviAR.app, a cloud-based augmented reality platform combined with a mobile app that enables users to create interactive AR experiences without technical expertise. The company targets businesses and individuals seeking to enhance printed materials with digital content, democratizing augmented reality usage. Their market position is that of a niche SaaS provider focusing on ease of use and accessibility, supported by tiered subscription plans and a free trial. Technically, the website employs modern web technologies including Bootstrap, jQuery, and integrates marketing and analytics tools such as HubSpot and Google Analytics. The site is mobile optimized and well-structured, providing a professional user experience. Security posture is solid with HTTPS, reCAPTCHA Enterprise, and cookie consent mechanisms, though it lacks explicit security policies and advanced security headers. Overall, the domain registration and WHOIS data align well with the business claims, indicating legitimacy and consistency. The site does not contain adult or questionable content and maintains good privacy compliance.

Terre Nourricière is a small French communication agency specializing in ethical and engaged communication services targeted at actors in environmental education, international solidarity, and peasant agriculture sectors. Their key offerings include web and mobile development, graphic design, video production, educational tools, and consulting/training services. The website presents a professional and consistent brand image with clear navigation and relevant content for their niche audience. Technically, the website uses modern front-end libraries such as Bootstrap 4.5.2, jQuery, Slick Carousel, and Typed.js, with Google Analytics for tracking. The site appears mobile-optimized and moderately performant. The CMS is likely SPIP based on URL patterns and form tokens. However, no advanced security headers or explicit privacy/cookie policies are present, and WHOIS data is unavailable, limiting domain transparency. Security posture is moderate with some best practices like honeypot anti-spam fields and CSRF tokens in forms, but lacks HTTP security headers and visible incident response contacts. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is safe and professional but would benefit from enhanced security and privacy measures. Recommendations include implementing security headers, publishing privacy and cookie policies with consent, improving WHOIS transparency, and adding incident response contacts to strengthen trust and compliance.

The website www.shoptak.cz represents a small Czech company, techka s.r.o. & Tomáš Hlad, specializing in custom design and modification of Shoptet e-commerce templates. They hold a strong market position as a gold partner of Shoptet, serving thousands of e-shops primarily in the Czech and Slovak markets. Their key services include bespoke template creation, template customization, and Shoptet add-ons, targeting e-shop owners seeking tailored UX/UI solutions. The website content is professionally presented with clear navigation and positive client testimonials, reinforcing their credibility. Technically, the site employs modern JavaScript libraries such as jQuery, Slick Carousel, and AOS for animations, alongside Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and uses Google Fonts for typography. However, no explicit CMS or hosting provider information is discernible. Performance is moderate with good SEO practices but basic accessibility features. From a security perspective, HTTPS is implied but no security headers were detected in the provided data. The site includes a cookie consent banner indicating some privacy compliance, but lacks explicit privacy, terms of service, or security policies. No WHOIS data was retrievable, which raises concerns about domain registration legitimacy. No vulnerability disclosure or incident response information is present. Overall, the website is professional and trustworthy from a business and content perspective but would benefit from enhanced security practices, explicit privacy documentation, and verification of domain registration details to improve trust and compliance.

R

RUSCONA Česko

ruscona.cz

48

RUSCONA.cz is a professional e-commerce platform specializing in gel nail modeling products and accessories, targeting both professional nail technicians and consumers in the Czech Republic. The website offers a wide range of UV gels, gel polishes, polygels, and related tools, supported by educational courses and a strong brand presence. The site is built on the Shoptet e-commerce platform and integrates modern analytics and marketing technologies such as Google Analytics, TikTok Pixel, Facebook SDK, and Hotjar, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust assessment, but the professional presentation and comprehensive content suggest a legitimate and established business. Overall, the site demonstrates good technical implementation, privacy compliance, and business credibility.

G

GoldPC.cz

goldpc.cz

52

GoldPC.cz is a Czech Republic-based e-commerce retailer specializing in affordable and quality computers, including notebooks, desktops, components, and accessories. The company offers a 24-month warranty and customer support via phone and email, targeting both consumers and businesses. The website is professionally designed, mobile-optimized, and integrates modern marketing and analytics tools such as Google Analytics and Facebook Pixel. Privacy and cookie policies are present, indicating GDPR compliance awareness. However, the absence of WHOIS registration data reduces domain trustworthiness and warrants further verification. Security posture is generally good with HTTPS and CSRF protections, but lacks explicit security policies and vulnerability disclosure mechanisms.

K

KeZdraví.cz

kezdravi.cz

49

KeZdraví.cz is a Czech Republic-based e-commerce platform specializing in natural health products including Schüssler salts, homeopathic remedies, and Bach flower essences. The website offers a broad catalog of products alongside educational content such as a homeopathic manual, targeting consumers interested in alternative medicine and natural wellness. The business operates primarily in the healthcare retail sector with a small company size profile. Technically, the site is built on the Shoptet e-commerce platform, utilizing common web technologies like jQuery, Google Fonts, and tracking tools such as Google Analytics and Facebook SDK. The site is mobile-optimized with good navigation and content quality. Security posture is adequate with HTTPS enforced and cookie consent implemented, though it lacks some advanced security headers and uses an outdated jQuery version. The absence of WHOIS registration data is a notable concern, impacting domain legitimacy trust. Overall, the site is professional and trustworthy from a user perspective but would benefit from enhanced security practices and domain registration transparency.

M

mlady-vedec.sk

mlady-vedec.sk

58

Mladý-vedec.sk is a Slovak e-commerce retailer specializing in educational and scientific toys designed for children who enjoy playful learning. The website offers a broad range of didactic products including experiment kits, building sets, and educational games. Positioned as a niche player in the Slovak market, it targets parents and educators seeking quality educational toys. The business model is primarily online retail with additional wholesale cooperation and affiliate partnerships. The site is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

Z

Zidlestoly.cz

zidlestoly.cz

57

Zidlestoly.cz is a Czech Republic-based e-commerce retailer specializing in chairs, tables, and furniture for various interiors. The company emphasizes quality products with a 30-year market presence and offers fast shipping within 48 hours. The website is built on the Shoptet platform and integrates multiple analytics and marketing tools, including Google Analytics 4, Microsoft Clarity, and Facebook Pixel, with a clear cookie consent mechanism. Security posture is generally good with HTTPS and CSRF protections, though some outdated libraries like jQuery 1.11.3 present potential vulnerabilities. The absence of WHOIS data limits domain trust assessment, but the website content and business claims appear professional and credible.