Security Directory

C

Centre national du livre

partir-en-livre.fr

58

Partir en Livre is a French government-backed cultural initiative organized by the Ministry of Culture and the Centre national du livre. It promotes free youth literature events across France, targeting children, families, and cultural actors. The website is professionally designed using Drupal 9, featuring rich content, event information, and resources for organizers. It integrates Matomo analytics and provides cookie consent mechanisms compliant with GDPR. However, no direct contact emails or phone numbers are publicly listed, relying on contact forms instead. The absence of WHOIS data is notable but likely due to registry policies rather than malicious intent. Overall, the site demonstrates a mature digital presence with good content quality and user experience.

C

Carrefour Culturel Arnaud Bernard

arnaud-bernard.net

43

Carrefour Culturel Arnaud Bernard is a small non-profit cultural association based in Toulouse, France, focused on promoting cultural and linguistic diversity through events such as the Forom des Langues du Monde, Repas de Quartier, and Conversations Socratiques. The website serves as a hub for community engagement, event information, and cultural publications. Technically, the site is built on WordPress with Elementor and uses modern web technologies, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. The domain WHOIS data is missing or inaccessible, which raises concerns about domain registration legitimacy despite the professional appearance of the site. Overall, the website is functional and trustworthy for its cultural mission but should improve compliance and security transparency.

F

Fotbalová asociace České republiky

fotbal.cz

52

Fotbalová asociace České republiky operates as the official governing body for football in the Czech Republic, providing comprehensive football-related content including news, match calendars, team information, and fan engagement. The website serves a broad audience including players, coaches, referees, and football fans, positioning itself as an authoritative source in the Czech football ecosystem. The business model is non-profit and focused on sports governance and promotion. Technically, the website employs modern web technologies including Google Analytics, Facebook Pixel, Smartlook, and Targito marketing tools, alongside frontend libraries like Swiper.js and EasyDropdown. The site is mobile-optimized with good accessibility and SEO practices, although no CMS or hosting provider details were detected. Performance is moderate with a well-structured design and clear navigation. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. However, the absence of explicit security headers and privacy policy reduces the overall security and privacy compliance maturity. No critical vulnerabilities were detected, but improvements in security headers and explicit privacy documentation are recommended. Overall, the website is trustworthy and professional, but the lack of WHOIS data and some missing compliance documents suggest areas for improvement in transparency and trust. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, and verifying domain registration details to strengthen legitimacy.

C

Cité des énergies

cite-des-energies.fr

41

Cité des énergies is an international R&D hub focused on low-carbon energy technologies, particularly solar energy and biotechnologies for energy and environment. It is affiliated with the French CEA research center and supports technology transfer, startups, and collaborative projects. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are not published. WHOIS data is unavailable, which slightly reduces trust but the site content and affiliations indicate legitimacy. Overall, the site is a credible resource for energy research stakeholders.

A

Adapex Inc

adapex.io

66

Adapex Inc is a technology company specializing in advanced monetization solutions for digital publishers and advertisers. Leveraging AI technology developed in collaboration with Nasdaq AI suite contributors and allied with Datrix, Adapex offers a comprehensive suite of products and services including the M4 Tech Suite and data refinery solutions. The company positions itself as an industry leader with a strong focus on transparency, innovation, and partnership, supported by industry awards and a professional online presence. Technically, the website is built on WordPress with Elementor, integrates multiple analytics and consent management tools, and uses Cloudflare for DNS and CDN services. Security posture is good with HTTPS and consent mechanisms but could be enhanced by enabling DNSSEC and publishing security policies. Overall, the website is accessible, well-designed, and compliant with GDPR consent requirements, though explicit privacy and terms of service pages were not found in the provided content.

I

ID Ward, trading as Anonymised

anonymised.io

69

Anonymised, operated by ID Ward, is a privacy-first data platform specializing in ID-less audience targeting and measurement solutions for publishers and advertisers. Positioned as a cutting-edge alternative to traditional cookie-based targeting, the company leverages proprietary technology to enable large-scale audience reach without exposing personal data. The platform supports audience targeting, customer discovery through AI, and attribution measurement using cohort-based data, catering primarily to digital advertising and publishing sectors. The company maintains offices in London, UK, and Barcelona, Spain, and demonstrates strong compliance with GDPR and industry standards through multiple certifications and a robust consent management framework. Technically, the website is built on the Webflow CMS platform, integrating modern JavaScript libraries such as jQuery and Swiper.js, and employs Google Tag Manager and InMobi CMP for analytics and consent management. The site is well-optimized for mobile devices, features good SEO practices, and maintains moderate performance. Security posture is solid with HTTPS enforced and no visible vulnerabilities, although security headers could be improved. Privacy compliance is strong, with clear privacy and cookie policies and user consent mechanisms in place. From a security perspective, the site shows good adherence to best practices, including anonymization of user data and integration of consent management platforms. No critical vulnerabilities or exposed sensitive information were detected. However, the absence of explicit security policies or incident response contacts suggests room for enhancement in transparency and readiness. The WHOIS data is unavailable, likely due to privacy protection, which aligns with the company’s privacy-centric business model. Overall, Anonymised presents a professional, trustworthy, and privacy-compliant digital presence with a clear business focus on privacy-first audience targeting. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and maintaining vigilance on third-party script security to further strengthen trust and compliance.

S

SOARE SEKT a.s.

muchasekt.sk

52

Mucha Sekt is a Slovak-based premium sparkling wine brand operated by SOARE SEKT a.s., leveraging the artistic legacy of Alfons Mucha to position itself in the niche market of cultural and artistic beverage experiences. The website showcases a well-structured product portfolio, emphasizing quality and heritage, targeting adult consumers interested in premium alcoholic beverages. The digital infrastructure is built on modern JavaScript frameworks such as Vue.js and Nuxt.js, providing a responsive and visually appealing user experience. However, some compliance gaps exist, notably the absence of explicit privacy policy and terms of service pages, which are critical for GDPR adherence. Security posture is moderate with HTTPS enforced but lacking security headers and vulnerability disclosure mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

E

Etarget se

etarget.eu

56

Etarget se is a digital advertising service provider specializing in programmatic and display advertising solutions. Their business focuses on optimizing campaigns for attention, engagement, and conversions through data-driven approaches. The company targets media agencies, publishers, and brands, positioning itself as a specialized partner with long-term client relationships and expertise in campaign optimization. The website content is professional and consistent with their market positioning. Technically, the website employs modern JavaScript libraries such as Google Tag Manager, jQuery, and Swiper.js, along with cookie consent management scripts. The site is mobile optimized with good design quality and clear navigation. However, some technical improvements could be made in accessibility and SEO optimization. Security headers are not explicitly detected, and no public security or incident response policies are available, indicating room for improvement in security transparency. The security posture is moderate with HTTPS implied but lacking visible advanced security headers. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a clear privacy policy and cookie consent mechanism aligned with GDPR requirements. Business credibility is supported by client testimonials and trust signals such as IAB membership. WHOIS data is privacy protected by EURid, which is common and justified for this business type. Overall, the website presents a trustworthy and professional digital advertising service with moderate technical and security maturity. Strategic recommendations include enhancing security headers, publishing security policies, improving accessibility, and expanding contact information to increase trust and compliance.

B

Big Shock s.r.o.

bigshock.cz

50

Big Shock s.r.o. operates the official website for the Big Shock energy drink brand, offering a range of energy beverages, ice teas, coffees, energy bars, sugars, and branded merchandise. The site targets consumers primarily in the Czech Republic and serves as an e-commerce platform with promotional content and social media integration. The company positions itself as a prominent player in the energy drink market with a strong brand presence and active marketing campaigns. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Cookiebot for cookie consent, OneSignal for push notifications, and reCAPTCHA for bot protection. The site is mobile optimized with responsive design and uses HTTPS with appropriate security headers, indicating a good level of digital maturity. However, some accessibility features and explicit privacy policy documentation are lacking. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, use of security headers, and bot mitigation. No critical vulnerabilities or exposed sensitive data were detected. The absence of a dedicated privacy policy and contact information for security or incident response reduces compliance maturity. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is common for commercial brands. Overall, the website is professionally designed, secure, and functional for its business purpose. Strategic improvements in privacy documentation, contact transparency, and accessibility would enhance compliance and user trust. The risk profile is moderate with no immediate security concerns but room for governance enhancements.

R

Red Española de Ciudades por el Clima

redciudadesclima.es

34

The Red Española de Ciudades por el Clima website serves as an official platform for a Spanish government-affiliated network focused on local climate change policies. It provides resources, news, projects, and events to support municipalities in their climate action efforts. The site is well-branded, professionally designed, and targets local governments and stakeholders interested in environmental policy. Technically, it is built on Drupal 8 with common web libraries and includes modern UI components like Swiper.js and cookie consent management. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks visible advanced security headers and incident response information. The site is fully accessible without WAF or blocking mechanisms, indicating good operational status. Overall, the website is trustworthy and credible, though WHOIS data is unavailable due to query restrictions, which is common for .es domains. Strategic improvements in security headers and incident response disclosures are recommended.

C

Clarté

clarte-lab.fr

65

Clarté is a well-established French company specializing in consulting, innovation, and training in virtual reality, augmented reality, and artificial intelligence for professional use. With over 25 years of experience, it positions itself as a reference in immersive technologies, offering a broad range of services including consulting, solution development, equipment rental, and training. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to business clients and professionals interested in immersive tech solutions. Technically, the site is built on WordPress with modern optimization plugins like WP Rocket and Yoast SEO, ensuring fast performance and good SEO. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. Overall, the site is trustworthy and professional, though WHOIS data is privacy protected, limiting domain age verification. Strategic recommendations include publishing security and incident response policies and enhancing transparency on vulnerability disclosures.

L

Laval Economie

laval-economie.fr

43

Laval Economie is a French economic development agency serving the Laval Agglomération region. It operates as a non-profit association under French law (loi 1901) and focuses on supporting business creation, implantation, talent recruitment, sustainable development, and providing economic indicators to stimulate local economic vitality. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. It integrates Google Analytics for visitor tracking and implements a cookie consent mechanism to comply with privacy regulations. However, the absence of a visible privacy policy and WHOIS data reduces trustworthiness. Security posture is solid with HTTPS enforced but lacks some security headers and explicit incident response information. Overall, the site is a credible resource for local businesses and entrepreneurs, but improvements in transparency and security practices are recommended.

S

Soare Sekt Slovakia, s.r.o.

soaresekt.sk

50

Soare Sekt Slovakia, s.r.o. is a medium-sized Slovakian company specializing in the production and distribution of alcoholic and non-alcoholic sparkling wines and beverages. It operates under the parent company Soare Sekt a.s. and benefits from a strong brand portfolio including Mucha Sekt, Moscato de Luxe, and Robby Bubble. The company targets adult consumers in Slovakia and international markets, emphasizing quality and tradition dating back to 1991. The website is professionally designed using modern web technologies such as Nuxt.js and Vue.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, although explicit security headers and incident response contacts are absent. Privacy policies are comprehensive and GDPR compliant, including detailed data processing and retention information. Overall, the site reflects a trustworthy and mature digital presence aligned with the company's business operations.

D

Domel, d.o.o.

domel.com

66

Domel, d.o.o. is a Slovenia-based manufacturer specializing in high-performance and ultra-high efficiency electric motors and components. The company targets industrial clients and OEMs, offering customized, sustainable, and innovative drive solutions. Domel has a global presence in over 60 countries and collaborates with major industry players, positioning itself as a reputable and established manufacturer in the electric motor and automation sectors. The website reflects a professional and well-structured digital presence with a focus on product categories, solutions, and research and development capabilities. Technically, the site uses modern tracking and analytics tools such as Google Tag Manager, Hotjar, and Microsoft WebTracking, and employs HTTPS with good security practices, although some security headers are missing. Privacy and cookie policies are not explicitly found, and no direct contact information or security incident response contacts are visible, which could be improved for compliance and trust. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency but does not detract from the overall legitimacy suggested by the website content and branding.

B

BE ONE

radiobeone.be

31

BE ONE is a local Belgian radio station serving the coastal region with a fresh mix of pop, rock, and hits. The website offers live streaming, regional news, event information, and advertising opportunities. The digital infrastructure is built on WordPress with Elementor and Yoast SEO, indicating a modern and maintainable platform. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks some security headers and visible privacy policies. The WHOIS data is restricted due to registry policy, which is common for .be domains and does not raise immediate concerns. Overall, the website is legitimate, functional, and serves its local audience effectively.

A

Aj Ty v IT o.z.

ajtyvit.sk

40

Aj Ty v IT is a Slovak non-profit organization dedicated to empowering girls and women by providing education, motivation, and community support in the field of information technology. The organization offers workshops, courses, motivational events, and mentorship programs targeting various age groups including school girls, adult women, and educators. Their market position is strong within Slovakia as a recognized entity promoting women in IT. Technically, the website is built on WordPress with Elementor, leveraging modern analytics and tracking tools such as Google Analytics, Facebook Pixel, TikTok Pixel, and Hotjar. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and vulnerability disclosure. Overall, the website is professional, trustworthy, and compliant with GDPR regulations.

S

Soare sekt a.s.

soaresekt.cz

61

Soare sekt a.s. is a well-established Czech wine company founded in 1991, offering a broad portfolio of alcoholic and non-alcoholic wine products under multiple brands. The company holds a strong market position in the Czech Republic and exports internationally, supported by a German parent company. The website is built on modern frameworks (Nuxt.js and Vue.js) and features comprehensive privacy and cookie policies, including GDPR compliance and an age verification mechanism for alcohol-related content. Security posture is adequate with HTTPS and cookie consent but lacks some advanced security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and user-friendly, targeting adult consumers and wine enthusiasts.

I

Internet Info, s.r.o.

czechinternetforum.cz

56

The Czech Internet Forum website represents a well-established annual conference organized by Internet Info, s.r.o., focusing on trends and developments in the Czech online media and digital marketing sectors. The event targets professionals and stakeholders in media, marketing, and digital content creation, offering a platform for knowledge sharing and networking. The site content is rich, professionally presented, and includes detailed program schedules, speaker profiles, partner information, and registration options. Technically, the website employs modern web technologies including Google Tag Manager for analytics, Sentry for error monitoring, and popular JavaScript libraries such as jQuery, Swiper, and Fancybox. The site is mobile-optimized with good SEO practices and a cookie consent mechanism, although it lacks explicit privacy and terms of service pages. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and integrates error tracking, but lacks visible security headers and formal security policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and business presence appear legitimate. No vulnerabilities or suspicious content were detected. Overall, the site demonstrates a solid security posture but would benefit from enhanced transparency and compliance documentation. Strategically, the site is a credible and professional platform for the Czech Internet Forum event, with strong branding and industry trust signals. Recommendations include publishing privacy and terms policies, implementing security headers, adding a security.txt file, and improving accessibility to strengthen compliance and user trust.

F

Fondation pour la Nature et l’Homme

fnh.org

73

Fondation pour la Nature et l’Homme is a well-established French non-profit foundation recognized as a public utility, dedicated to environmental awareness and ecological action. The organization operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. Their digital presence is professional and content-rich, targeting a broad audience interested in ecological and social sustainability. The website supports donations with clear tax deduction information and multiple giving options, reflecting a mature fundraising model. Technically, the website is built on WordPress with modern JavaScript frameworks such as Alpine.js and HTMX, and integrates advanced analytics tools including Google Tag Manager, Microsoft Clarity, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be explicitly verified and enhanced. No WHOIS details are available due to privacy protection, which is common and justified for non-profit entities. The website shows no signs of blocking or WAF challenges, allowing full content access. Privacy and cookie policies are comprehensive and GDPR compliant, but explicit contact emails and phone numbers are not publicly listed, relying instead on contact forms and social media channels. Overall, the foundation demonstrates a strong security and compliance posture appropriate for its sector, with a trustworthy and professional online presence. Strategic improvements could focus on enhancing security header implementation and incident response visibility.

威

威聯通科技股份有限公司(QNAP Systems, Inc.)

qnap.com.tw

73

QNAP Systems, Inc. is a well-established technology company specializing in NAS (Network Attached Storage), networking, and smart video solutions. The company targets both individual and enterprise customers, offering a range of products including NAS/DAS storage devices, networking hardware, and cloud storage services such as myQNAPcloud Storage and Cloud NAS. The website is professionally designed with consistent branding and is primarily presented in Traditional Chinese, indicating a focus on the Taiwan market alongside international reach. The business model centers on technology product sales and cloud service offerings, positioning QNAP as an expert in its niche.

D

Digiforma Certif

digiforma-certif.com

61

Digiforma Certif is a French company specializing in software solutions for managing RNCP and RS certifications, primarily serving training organizations and certification bodies. The company positions itself as a key player in the French educational certification software market, offering SaaS-based tools to streamline compliance and training management. The website is professionally designed, mobile-optimized, and provides comprehensive information about its services and certifications. Technically, the site is built on WordPress with Elementor, leveraging modern libraries and SEO tools, and includes standard security measures such as HTTPS and reCAPTCHA. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with moderate security posture and good business credibility.

S

SOARE SEKT a.s.

muchasekt.cz

49

Mucha Sekt is a Czech-based producer and retailer of premium sparkling wines inspired by the art of Alfons Mucha. The company operates a well-designed, modern website built on Nuxt.js, showcasing a diverse product portfolio including Brut, Demi Sec, Rosé, Ice variants, and Prosecco. Their market presence is supported by distribution through major Czech retail chains and online platforms. The website demonstrates a mature digital infrastructure with mobile optimization, modern JavaScript frameworks, and integrated marketing tools such as Google Tag Manager and Facebook Pixel. Security measures include HTTPS enforcement and an age verification popup to restrict underage access, reflecting compliance with alcohol sales regulations. However, the absence of explicit privacy policy and terms of service pages indicates areas for compliance improvement. Overall, the website and domain registration data reflect a legitimate, stable business with a strong brand identity and good technical implementation.

A

ARCHA+

archa-plus.cz

58

ARCHA+ is a multifunctional cultural space operating since 2024 in the premises of the original Divadlo Archa in Prague. The organization offers a diverse program of contemporary arts including music, theater, and dance, targeting a broad audience interested in cultural events. Supported by municipal and governmental bodies, ARCHA+ positions itself as a key cultural institution in Prague with a focus on education and community engagement. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing, all implemented with GDPR-compliant consent mechanisms. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and well-optimized for users.

Φ

Φεστιβάλ Κινηματογράφου Θεσσαλονίκης

filmfestival.gr

72

The website www.filmfestival.gr is the official digital presence of the Thessaloniki International Film Festival, a prominent cultural institution in Greece. It provides comprehensive information about the festival's organization, film screenings, professional activities, museum, archives, and an e-shop. The site targets film enthusiasts, industry professionals, and the general public interested in cinema and cultural events. The business model is non-profit, focusing on cultural promotion and film industry support. The website is well-branded, consistent, and rich in relevant content, reflecting a medium-sized organization with a strong market position in the media sector in Greece. Technically, the site is built on Joomla CMS with Bootstrap 3 and uses modern JavaScript libraries like Swiper.js and jQuery. It integrates Google Analytics, Facebook SDK, and Google Adsense for analytics and advertising. The site is mobile-optimized, accessible, and SEO-friendly, with good performance. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. No vulnerabilities or suspicious activities were detected. Overall, the website demonstrates a mature digital infrastructure with good privacy compliance, including GDPR-aligned privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. The WHOIS data aligns with the website's claims, supporting legitimacy. No adult or questionable content is present, making it safe for general audiences. Strategic recommendations include enhancing security headers, adding a vulnerability disclosure policy, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

C

Cecoforma S.A

media-stands.eu

51

Media-stands.eu is a specialized service provider organizing umbrella stands for European independent audiovisual and film market participants at major international events such as MIPTV, Marché du Film, MIFA, MIPCOM, Series Mania Festival, and the European Film Market. The website represents the interests of the Creative Europe MEDIA Programme and the European Education and Culture Executive Agency, positioning itself as an official and trusted partner in the European media sector. The business operates primarily from Belgium and targets audiovisual professionals seeking exhibition opportunities at key industry markets. Technically, the website employs modern front-end technologies including Font Awesome, Bootstrap, and Swiper.js, with a responsive design optimized for mobile devices. Cookie consent mechanisms are implemented to comply with GDPR requirements, and analytics scripts are present but commented out, reflecting a privacy-conscious approach. The site demonstrates good SEO and accessibility basics but lacks advanced security headers and explicit security policy documentation. From a security perspective, the site uses HTTPS (implied by the URL), has no visible vulnerabilities or exposed sensitive data, and implements cookie consent. However, it lacks a published security policy, incident response contacts, and vulnerability disclosure mechanisms. No WAF or blocking mechanisms were detected, and the WHOIS data is consistent with a legitimate domain registration. Overall, the security posture is moderate with room for improvement in formal security documentation and headers. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include enhancing HTTP security headers, publishing a security policy and vulnerability disclosure, and verifying SSL/TLS configurations to strengthen security and compliance posture.

V

Výměník1

vymenik1.cz

33

Výměník1 is a small cultural and community center based in the Czech Republic, offering event space rental and hosting various cultural projects and community events. The website serves as a hub for local cultural activities, providing an event calendar and information about ongoing projects. Technically, the site is built on WordPress with WooCommerce integration, using common libraries such as jQuery and Swiper.js for UI components. The hosting provider is Wedos, a reputable Czech hosting company. Security posture is moderate with HTTPS properly configured and Google reCAPTCHA implemented on forms, but lacks important security headers and explicit cookie consent mechanisms. Privacy policy and terms of service pages are present and appear GDPR compliant. Contact information is primarily via forms, with no explicit emails or phone numbers listed. Overall, the site is professionally designed with consistent branding and good user experience, targeting local community members and cultural event attendees.

M

Město Dačice

dacice.cz

43

The website www.dacice.cz serves as the official online presence for the town of Dačice in the Czech Republic, providing comprehensive municipal information, news, and public services to residents and visitors. The site is well-structured with clear navigation and a broad range of content covering local government, community programs, and practical information. Technically, the site employs a modern tech stack including jQuery, Bootstrap, and Swiper.js, with a custom CMS indicated by versioned assets. The site is mobile-optimized and includes accessibility features, though these could be improved further. From a security perspective, the website enforces HTTPS and includes several important security headers, contributing to a good security posture. A cookie consent mechanism is implemented, supporting GDPR compliance to some extent. However, the absence of a publicly accessible privacy policy, terms of service, and incident response information represents gaps in compliance and transparency. The WHOIS data for the domain is unavailable, which reduces domain trustworthiness and transparency, although the website content and official nature mitigate some concerns. Overall, the site is a reliable and professional municipal resource with good technical implementation and security practices, but it would benefit from enhanced privacy documentation and domain registration transparency to strengthen trust and compliance.

T

Tisseo Ingénierie

tisseo-ingenierie.fr

45

Tisseo Ingénierie is a French public local company specializing in the design and realization of sustainable transport infrastructure projects, primarily serving local authorities in the Toulouse metropolitan area. The company positions itself as a key regional player in transport engineering, focusing on innovative and environmentally friendly mobility solutions. Their website reflects a professional and well-structured digital presence, leveraging WordPress with Elementor and Yoast SEO for content management and optimization. The site is well-designed, mobile-optimized, and provides clear navigation and relevant project information. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements can be made by adding security headers and cookie consent mechanisms. The absence of WHOIS data slightly reduces domain trust but does not significantly impact overall legitimacy given the professional content and branding. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving domain transparency.

Plus que pro Solution is a French business-oriented website offering a comprehensive solution aimed at small and medium enterprises (TPME) to protect their reputation, enhance their know-how, and improve overall business performance. The website positions itself as a trusted partner for TPMEs, leveraging digital tools and reputation management services. The content is professionally presented, targeting a French-speaking audience with clear business value propositions. Technically, the site is built on WordPress using Elementor and Yoast SEO, indicating a modern and SEO-optimized infrastructure. The presence of multiple analytics and marketing tools such as Google Analytics, Matomo, and Microsoft Clarity shows a mature approach to data-driven marketing and user behavior analysis. Security-wise, the site uses HTTPS and has no visible critical vulnerabilities or exposed sensitive data, but lacks some security headers and explicit privacy and cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data is a concern for domain legitimacy and trust, although the website content and technical setup appear professional. Overall, the site demonstrates a solid business and technical foundation but would benefit from enhanced privacy compliance and clearer contact and security policies.

W

WS Interactive

ws-interactive.fr

55

WS Interactive is a well-established French web agency based in Toulouse, offering tailored digital solutions including website creation, mobile app development, SEO, and UX/UI design. With over 25 years of experience, the agency targets businesses seeking high-quality digital presence and marketing strategies. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital infrastructure. Technically, the site runs on WordPress with modern JavaScript libraries and employs analytics tools like Matomo and Google Tag Manager, alongside privacy-compliant cookie consent mechanisms. Security posture is solid with HTTPS and CAPTCHA protections, though explicit security headers and policies could be enhanced. The absence of WHOIS data reduces transparency but does not detract significantly from the site's legitimacy given the professional presentation and compliance. Overall, WS Interactive demonstrates a strong market position in the technology sector with a focus on quality and client engagement.

V

VYNCKE

vyncke.com

56

VYNCKE is a well-established Belgian company specializing in the engineering and construction of biomass boilers and energy plants that convert biomass and industrial waste into clean energy. With over 100 years of experience and a global presence spanning multiple countries, VYNCKE serves a diverse industrial and energy provider audience worldwide. Their key services include thermal energy and electricity production using sustainable solid fuels, supported by a strong customer service network. The website reflects a professional and consistent brand image with comprehensive content and clear navigation. Technically, the website is built on WordPress with Elementor, leveraging modern technologies such as Google Tag Manager, Microsoft Clarity, and reCAPTCHA v3 for security and analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, with a robust cookie consent mechanism ensuring GDPR compliance. However, explicit security headers and a published security policy are absent, which could be improved. Security posture is solid with HTTPS enforced and spam protection on forms, but the absence of WHOIS domain registration data raises transparency concerns. No signs of vulnerabilities or exposed sensitive data were found. Overall, the site demonstrates a mature digital presence with minor areas for security enhancement. Strategically, VYNCKE should focus on improving domain registration transparency, publishing a security policy, and implementing additional security headers to strengthen trust and compliance. These steps will enhance their security posture and business credibility in the competitive clean energy sector.

A

AB S.A.

cloudservices4u.com

39

Cloudservices4u.com is a Polish cloud service provider specializing in Microsoft cloud licensing and services, including Microsoft 365 and Azure. The company operates under AB S.A., a recognized entity in the technology sector, providing cloud licensing, technical support, and client training. Their platform enables quick order processing and license management, targeting businesses seeking modern cloud solutions. The website is professionally designed using WordPress, with integration of modern web technologies and social media presence on Facebook and LinkedIn. Security posture is adequate with HTTPS enabled and domain transfer protection, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic with a cookie consent banner and a data processing information PDF available. Overall, the website reflects a credible and established business with a medium-sized market presence in Poland.

L

Lita

lita.co

10

Lita is a French-based European investment platform specializing in sustainable and impact investing. It enables individual investors to support companies committed to ecological and social transition through non-listed equity and debt investments. The platform offers diverse investment opportunities including capital investment, private debt, renewable energy projects, and real estate, with accessible entry points and tax benefits. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Webflow CMS, HubSpot marketing tools, and Google Tag Manager. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although explicit privacy and security policies are not directly found on the site. WHOIS data confirms the legitimacy and consistency of the domain registration. Overall, Lita presents a trustworthy and professional platform for sustainable investment, though improvements in privacy disclosures and contact transparency are recommended.

C

Confédération des Commerçants de France

commercants-de-france.org

47

The Confédération des Commerçants de France (CDF) is a well-established French organization dedicated to representing and defending independent retailers and small businesses in the commerce sector. Founded in 1906, it serves as a federation for various commercial associations and unions, providing lobbying, resources, and networking opportunities to its members. The website reflects a professional and consistent brand presence, targeting independent merchants and federations across France. Technically, the site is built on WordPress with modern frameworks such as Bootstrap and uses common libraries like jQuery and Swiper.js, indicating a moderate level of digital maturity. The hosting and domain registration are consistent with the organization's profile, with no privacy protection on WHOIS data, supporting transparency. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks DNSSEC and security headers, which are recommended improvements. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professional but could enhance security and privacy features to align with best practices.

L

La Mutuelle des Scop et des Scic

mutuelledesscop.fr

61

La Mutuelle des Scop et des Scic is a French mutual insurance organization specializing in health and provident coverage tailored for cooperative enterprises and their members, including active and retired cooperators. The website positions itself as a niche mutual insurer emphasizing solidarity and cooperative values, offering multiple health insurance plans adapted to various cooperative sectors and individual needs. The company operates with a medium-sized footprint, founded in 2017, and maintains a consistent brand presence with clear governance and compliance with GDPR regulations. Technically, the website is built on Drupal 10, hosted by OVH, and employs modern web technologies with good mobile optimization and accessibility. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, although formal security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with privacy standards, with a moderate to good technical and security maturity level.

C

Confédération générale des Scop et des Scic

pouruneeconomiehumaine.coop

53

The website pouruneeconomiehumaine.coop represents the Confédération générale des Scop et des Scic, a well-established French cooperative confederation with approximately 140 years of history. The site primarily promotes the 2026 congress event and provides resources and information for cooperative members, partners, and stakeholders. It features detailed navigation for congress registration, partner engagement, and regional cooperative networks. The business model is non-profit and focused on supporting cooperative enterprises in France. The website content is professionally presented in French, targeting cooperative members and related organizations.

C

Confédération générale des Scop

les-scop.coop

55

The website www.les-scop.coop represents the Confédération générale des Scop, a French non-profit organization supporting cooperative enterprises such as Scop and Scic. It serves as a central hub for cooperative members, entrepreneurs, and stakeholders in the social and solidarity economy in France. The site offers resources, news, career information, and a network of regional unions and partners, positioning itself as a national leader in cooperative support. Technically, the site is built on Drupal 10 CMS, leveraging modern JavaScript libraries and analytics tools including Matomo and Google Tag Manager. It demonstrates good mobile optimization, accessibility, and SEO practices. The site employs cookie consent mechanisms compliant with GDPR and provides clear contact information and member extranet access. From a security perspective, the site enforces HTTPS and uses consent-based tracking. However, it lacks visible security headers and a published security policy or incident response contacts. The domain registration is consistent and trustworthy, registered since 2009 with a registrar specialized in .coop domains. No critical vulnerabilities or suspicious patterns were detected. Overall, the website is professional, trustworthy, and well-aligned with its cooperative mission. Strategic improvements in security headers and explicit security policies would enhance its security posture further.

E

Escambiar

escambiar.com

56

Escambiar is a small cultural association founded in 1981, focused on artist management, event organization, and cultural exchanges primarily through music. The organization targets a general audience interested in cultural and musical activities, operating mainly in the Arnaud Bernard neighborhood and broader cultural projects. The website is built on WordPress with Elementor and uses common web technologies such as jQuery and Swiper.js. It is accessible, mobile-optimized, and uses HTTPS with Google reCAPTCHA for form security. However, the absence of privacy and cookie policies and missing WHOIS registration data reduce trust and compliance levels. No explicit contact emails or phone numbers are provided, limiting direct communication channels.

S

salon ARTEMISIA - Marseille

salon-artemisia.com

50

Salon ARTEMISIA is a regional event organizer based in Marseille, France, specializing in bio, well-being, and ecological habitat trade shows. The website presents a professional and well-structured platform showcasing event dates, exhibitor profiles, partner logos, and visitor information. The business targets consumers and exhibitors interested in organic products and sustainable living. Technically, the site is built on WordPress with Elementor and uses modern SEO and analytics tools, including Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and domain transfer protection, but lacks explicit security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the site is trustworthy and professionally maintained, with room for improvement in compliance and security transparency.

A

Annuaire Vert

annuairevert.com

64

Annuaire Vert is a French online directory and media platform specializing in organic (bio) products, services, and stores. It provides a comprehensive listing of bio-related businesses, news, events, and video content targeted at consumers and professionals interested in organic products in France. The website is well-structured with clear navigation and a professional design, supporting a medium-sized business model focused on retail and media sectors. Technically, the site employs modern JavaScript libraries and frameworks, including jQuery, Swiper, Leaflet, and Google reCAPTCHA, ensuring a good user experience and mobile optimization. Security posture is adequate with HTTPS enforced and CAPTCHA protection on forms, but lacks explicit security headers and a vulnerability disclosure policy. Privacy compliance is addressed with a cookie consent banner and a privacy policy page in French, indicating GDPR awareness. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy, although the website content itself appears professional and trustworthy.

F

Fondation pour la Nature et l’Homme

fondation-nature-homme.org

69

Fondation pour la Nature et l’Homme is a well-established French non-profit organization dedicated to environmental awareness and ecological solutions. The foundation operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. It engages a broad audience including volunteers, donors, and citizens, leveraging digital platforms and partnerships to amplify its impact. The website reflects a mature digital presence with modern technologies and comprehensive content supporting its mission. Technically, the website is built on WordPress with advanced JavaScript frameworks like Alpine.js and HTMX, and integrates analytics tools such as Microsoft Clarity, Google Tag Manager, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a smooth user experience. Security posture is good with HTTPS enforced and consent management implemented, though some security headers could be explicitly added for enhanced protection. The absence of WHOIS data limits domain registration trust verification, but the website's branding, certifications, and external references strongly support its legitimacy. No blocking or WAF mechanisms were detected, allowing full content access. Overall, the foundation demonstrates a strong commitment to transparency, privacy compliance, and user engagement. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and maintaining vigilance on third-party scripts. These steps will further strengthen trust and security posture.

Q

QNAP Systems, Inc.

qnap.com

79

QNAP Systems, Inc. is a recognized enterprise in the technology sector specializing in network-attached storage (NAS), direct-attached storage (DAS), networking hardware, and intelligent video surveillance solutions. Their offerings also include cloud storage services such as myQNAPcloud Storage and Cloud NAS, targeting both individual consumers and business customers. The company positions itself as an expert in storage, performance, security, and scalability solutions. The website reflects a professional and consistent brand image with a focus on technology products and services. From a technical perspective, the website employs modern web technologies including Google Tag Manager, Google Analytics, Bootstrap Icons, Font Awesome, SweetAlert, and Swiper.js for UI components. The site is mobile-optimized with good SEO practices such as canonical and hreflang tags. Performance is moderate with room for improvement in accessibility features. The SSL configuration is excellent, ensuring secure HTTPS connections. Security posture is generally strong with HTTPS enforced and no visible exposed sensitive data or vulnerable libraries. However, the absence of explicit security headers and lack of published privacy, cookie, and terms of service policies indicate areas for compliance and security enhancement. No incident response or vulnerability disclosure information is provided, which could be improved to increase trust and readiness. Overall, the website is trustworthy and professional but suffers from missing WHOIS data, which reduces domain registration transparency. The lack of privacy and cookie policies and explicit contact information also impacts privacy compliance scores. Strategic improvements in these areas would enhance the security posture and business credibility of the site.

E

ESET

eset.cz

74

ESET is a globally recognized cybersecurity company providing advanced antivirus and internet security solutions for both personal and business use. The website targets Czech-speaking customers, offering localized content and support. The company positions itself as a trusted leader with over 30 years of experience, emphasizing reliable protection and local customer service. Technically, the website is built on TYPO3 CMS, uses modern JavaScript libraries, and integrates Google Tag Manager and Bing tracking for analytics and marketing. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit incident response contacts and security.txt are not found. Overall, the site is professional, secure, and compliant with GDPR, reflecting a mature digital presence.

C

Creatim d.o.o.

creatim.com

70

Creatim d.o.o. is a well-established Slovenian digital solutions company with over 25 years of experience, specializing in web applications, portals, e-commerce, AI, and user experience design. The company targets businesses seeking digital transformation and offers comprehensive services from strategy to long-term support. Their market position is strong, supported by multiple industry awards and certifications including ISO 27001. Technically, the website is built on a modern stack with advanced accessibility features and good SEO practices, reflecting a mature digital infrastructure. Security posture is robust with HTTPS, security certifications, and regular audits, though explicit security headers and incident response contacts could be improved. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though the lack of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy.

S

SAS NAAIA

naaia.ai

53

Naaia is a French-based SaaS company specializing in AI compliance, risk management, and governance solutions. Founded in 2022, it positions itself as a European leader and the first AIMS® provider, offering a platform to operationalize AI governance and compliance with global regulations. The company holds ISO 27001 and ISO 42001 certifications, reinforcing its commitment to security and AI management standards. The website is professionally designed, content-rich, and targets organizations deploying AI systems that require regulatory compliance and risk oversight. Technically, the website is built on WordPress with Elementor and integrates modern analytics and marketing tools such as HubSpot, Google Analytics, and Matomo. The hosting provider is Gandi SAS, and the domain registration details align well with the business identity. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. From a security perspective, the site enforces HTTPS, uses security headers, and demonstrates best practices through certifications and cookie consent mechanisms. However, DNSSEC is not enabled, and no explicit vulnerability disclosure or incident response contacts are provided. The absence of direct company emails or phone numbers on the site suggests reliance on contact forms for communication. Overall, Naaia presents a strong security posture and business credibility with minor areas for improvement in DNS security and transparency of incident response. The site content is safe for general audiences, with no adult or questionable material detected.

F

Fathers Coffee Roastery

fathers.cz

47

Fathers Coffee Roastery is a small Czech Republic-based e-commerce business specializing in coffee roasting and sales. The website is built on WordPress using Elementor and WooCommerce, indicating a modern and flexible technical infrastructure. The site demonstrates good design quality, mobile optimization, and SEO practices, though it lacks explicit privacy and terms of service documentation. Security posture is adequate with HTTPS enabled, but could be improved by adding security headers and formal policies. No signs of malicious content or blocking mechanisms were detected, and the domain registration details align well with the business profile, supporting legitimacy. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and clearer contact information.

G

Galerie výtvarného umění v Ostravě, p. o.

gvuo.cz

49

Galerie výtvarného umění v Ostravě, p. o. is the oldest regional art gallery in Ostrava, Czech Republic, established in 1952. It operates as a non-profit cultural institution under the Moravskoslezský kraj (Moravian-Silesian Region) and offers art exhibitions, educational programs, virtual tours, and an e-shop. The website reflects a well-established institution with a clear focus on art and culture, targeting the general public and educational sectors. The business model is centered on cultural enrichment and public engagement rather than commercial profit. Technically, the website employs a modern technology stack including HTML5, CSS3, JavaScript libraries such as jQuery, Leaflet.js for maps, and Google Analytics for tracking. It uses the Shopnero CMS platform and is hosted by Active24. The site is mobile-optimized with good SEO practices and structured data enhancing search engine visibility. Performance is moderate with room for optimization. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, it lacks explicit security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear privacy policy and GDPR adherence. Overall, the website is professional, trustworthy, and well-maintained, with a strong cultural and educational focus. Strategic improvements in security policies and accessibility could further enhance its posture and user trust.

O

Ostravské vodárny a kanalizace a. s.

hledejpramenvody.cz

55

The website www.hledejpramenvody.cz represents Ostravské vodárny a kanalizace a.s., a regional company focused on water supply and ecological education in Ostrava, Czech Republic. The site promotes an educational ecological project targeting 4th and 5th grade students in local schools, emphasizing environmental awareness and water knowledge. The project is supported by the city of Ostrava and offers awards and recognition to participants. Technically, the website uses modern web technologies including HTML5, CSS, JavaScript, and Swiper.js for interactive content. The site is well-structured, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is limited, with no dedicated privacy or terms pages and minimal cookie consent mechanisms. WHOIS data is unavailable, which reduces trustworthiness but the website content and contact information indicate a legitimate educational initiative. Overall, the site is professional and trustworthy for its target audience but could improve in privacy and security transparency.

C

CYMEDICA – partner pro veterinární profesionály

cymedica.cz

62

CYMEDICA is a well-established veterinary partner operating since 1995, serving the Czech Republic and Central and Eastern Europe markets. The company specializes in veterinary product distribution, professional education, and expert consulting, positioning itself as a market leader with a strong regional presence. Their website reflects a mature digital infrastructure with multilingual support, e-commerce capabilities, and active engagement through social media and newsletters. Technically, the site is built on WordPress with WooCommerce and employs modern libraries and plugins, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be enhanced. The absence of WHOIS data is a transparency concern but does not detract from the overall legitimacy indicated by certifications and professional content. Strategic recommendations include improving security headers, publishing vulnerability disclosure information, and enhancing incident response contacts.

Yamaha Motorsports USA operates a professional and well-branded website focused on providing information about Yamaha motorsports products, dealer locations, pricing, and community engagement. The site targets motorsports enthusiasts and Yamaha product owners in the USA, positioning itself as a key player in the transportation sector with a long-established presence since 2001. The business model revolves around retail and brand experience enhancement through racing, training, and community programs. Technically, the website employs modern JavaScript libraries, video embedding, and accessibility tools, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain management best practices, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, the site is trustworthy and professional, with extensive analytics and advertising integrations.