Security Directory

N

Nadace BLÍŽKSOBĚ

blizksobe.cz

48

Nadace BLÍŽKSOBĚ is a Czech non-profit foundation dedicated to supporting organizations and individuals that enhance social quality of life, focusing on education, democracy, and civil society. The website presents a professional and consistent brand image with clear mission statements and support for known social initiatives such as Člověk v tísni. Technically, the site is built on WordPress with Bootstrap and uses modern web technologies including Google Analytics and reCAPTCHA for security. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and anti-bot measures, but lacks advanced security headers and published security policies. The absence of privacy and cookie policies is a compliance gap given GDPR relevance. WHOIS data is unavailable, which limits domain trust verification and reduces overall credibility. No signs of WAF or content blocking were detected, and the site content is safe for general audiences.

F

Festival de Sevilla

festivalcinesevilla.eu

57

Festival de Sevilla is a well-established European film festival based in Sevilla, Spain, with a strong cultural and media focus. The website serves as a comprehensive platform for festival information, programming, news, and educational initiatives, targeting film enthusiasts, professionals, and the general public. The festival enjoys solid institutional support from government and cultural organizations, enhancing its credibility and market position. Technically, the website is built on Drupal 8, leveraging modern web technologies such as Google Analytics for tracking, AddToAny for social sharing, and lazy loading for performance optimization. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. From a security perspective, the site implements basic privacy compliance with cookie consent and IP anonymization in analytics. However, it lacks advanced security headers, a published security policy, and vulnerability disclosure mechanisms. No blocking or WAF challenges were detected, and no suspicious content was found, indicating a generally secure posture but with room for improvement. Overall, the website is professional, trustworthy, and well-maintained, supporting the festival's mission and audience engagement effectively.

P

PaS de Theatre s.r.o.

shakespearova.cz

43

The website represents PaS de Theatre s.r.o., a small cultural event organizer specializing in Shakespeare festivals in Ostrava and other Czech and Slovak cities. It offers event information, ticket sales via Ticketmaster, and audience engagement through newsletters and social media. The site is professionally designed with consistent branding and clear navigation, targeting a general audience interested in theatrical performances. Technically, it employs modern web technologies including Google Analytics, Facebook SDK, and Bootstrap, ensuring good mobile optimization and SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. The absence of WHOIS data due to privacy protection is justified given the business type and does not detract from the site's legitimacy. Overall, the site is trustworthy and well-maintained, serving its niche effectively.

C

CEA-Leti

leti-innovation-days.com

55

CEA-Leti is a prominent technology research institute under CEA, specializing in miniaturization technologies that enable smart, energy-efficient, and secure solutions for various industries. The website serves as a platform to promote and organize multiple semiconductor and technology innovation events globally, targeting industry professionals and researchers. Their market position is strong as a global leader in semiconductor innovation events, supported by a large organization and a consistent brand presence. Technically, the website is built on a modern WordPress CMS with Elementor and several event management plugins. It uses Cloudflare for DNS and serves content over HTTPS, ensuring a secure and reliable user experience. The site is moderately optimized for performance and mobile devices, with good SEO practices and accessibility features. From a security perspective, the site enforces HTTPS and has domain transfer protections but lacks DNSSEC and advanced security headers like Content-Security-Policy. There is no visible security policy or incident response information, which could be improved. Privacy compliance is partially addressed with a privacy policy and GDPR links, but no cookie consent mechanism is present. Overall, the website is professional, trustworthy, and well-maintained, with minor gaps in security and privacy compliance. Strategic improvements in security headers, cookie consent, and incident response transparency would enhance their posture.

C

CAPTOGO

captogo.org

60

CAPTOGO is a French non-profit collective organization that unites various associations focused on Togolese community support and development. The website serves as an information hub, providing resources, event information, and networking opportunities for associations both in Europe and Togo. The organization appears to be well-established, with a domain registered since 2008, reflecting a stable presence in its niche. The target audience includes association members, donors, and individuals interested in Togolese affairs. Technically, the website is built on WordPress, utilizing common plugins such as Events Manager and Newsletter. The hosting is provided by o2switch, a French hosting provider, and the site uses HTTPS with a good SSL configuration. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Cookie consent is implemented with a blocking mechanism, indicating attention to privacy compliance. From a security perspective, the site employs HTTPS and basic security best practices but lacks advanced security headers and DNSSEC. There is no visible security policy or incident response information, and no vulnerability disclosure mechanism is present. The WHOIS data is consistent with the website's claims, showing a legitimate and long-standing domain registration. Overall, CAPTOGO's website is a well-maintained, legitimate non-profit platform with good content quality and moderate technical maturity. Security posture is adequate but could be improved with additional measures. Privacy compliance is basic but present. The site does not exhibit any suspicious or risky behavior, making it a trustworthy resource within its domain.

G

Groupement National de la Cooperation

entreprises.coop

55

Coop FR represents a large network of French cooperative enterprises, promoting the cooperative business model characterized by democratic governance and equitable profit sharing. The organization serves as a national voice for over 23,000 cooperatives employing 1.3 million people. The website provides resources, news, testimonials, and event information to support and promote the cooperative movement in France. Technically, the site is built on Drupal 10, hosted on OVH infrastructure, and uses Matomo analytics with privacy-conscious settings. The site is well-structured, mobile-optimized, and accessible, reflecting a mature digital presence. Security posture is solid with HTTPS enabled and no exposed sensitive data, though additional security headers and a formal security policy could enhance protection. Privacy compliance is supported by visible cookie consent and a privacy policy, aligned with GDPR requirements. Overall, the website is professional, trustworthy, and well-aligned with its business mission.

URSCOP Hauts-de-France is a regional cooperative union dedicated to supporting the creation, development, and transmission of cooperative enterprises (Scop and Scic) within the Hauts de France region. The organization offers consulting services, training certified by Qualiopi, and territorial anchoring to assist cooperative entrepreneurs. Their market position is that of a regional leader in cooperative business support, targeting entrepreneurs and project holders interested in cooperative business models. Technically, the website employs modern front-end technologies including FontAwesome, Animate.css, Google Analytics (deferred until consent), and Elfsight widgets for enhanced user experience. The site is hosted by Gandi SAS with HTTPS enforced, though DNSSEC is not enabled. The site is mobile-optimized with good navigation and basic accessibility features. SEO is basic but sufficient for the site's scope. From a security perspective, the site benefits from HTTPS, domain transfer protection, and a cookie consent mechanism compliant with GDPR. However, it lacks advanced security headers and does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website content, indicating legitimacy and consistency. Overall, the website presents a professional and trustworthy front for URSCOP Hauts-de-France with good business credibility and privacy compliance. Recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and implementing a vulnerability disclosure process to enhance security posture further.

A

ARESCOP

revisioncooperative.coop

56

The website revisioncooperative.coop represents ARESCOP, a cooperative network focused on providing cooperative revision and auditing services to Scop, Scic, and Coop47 entities in France. The platform serves as an informational and contact portal, offering regional office details and testimonials to support cooperative governance. The business model is non-profit and cooperative-oriented, targeting cooperative enterprises and their members across France. Technically, the website is built on Drupal 10, leveraging modern web technologies including FontAwesome for icons and Matomo for analytics, complemented by a GDPR-compliant cookie consent mechanism (tarteaucitron). The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting details are not explicit. From a security perspective, the site enforces HTTPS and uses cookie consent tools but lacks advanced security headers and a published security policy or incident response contacts. The domain registration is consistent with the business, registered under ARESCOP in France since 2019, indicating legitimacy. No WAF or blocking mechanisms are detected. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with room for improvement in security hardening and transparency regarding incident response and vulnerability disclosure.

Cloud Services for you is a Czech Republic-based technology company founded in 2015, specializing in cloud IT services including licensing for Office 365, Microsoft Azure, and Kaspersky Lab products. The company positions itself as a flexible and modern cloud service provider offering cumulative invoicing and ease of license ordering for organizations. Their extensive partner network and vendor relationships support their market presence. Technically, the website is built on WordPress with common plugins and Google Maps integration, though it uses outdated jQuery versions which may pose security risks. The site is moderately optimized for performance and mobile use, with good SEO practices but lacks explicit privacy and cookie policies. Security posture is average with no visible security headers and no incident response or vulnerability disclosure information. Overall, the website is professional and trustworthy but would benefit from improved security and compliance transparency.

K

Kolektor

kolektorsisteh.si

10

Kolektor Sisteh is a leading Slovenian technology company specializing in automation, electrical energy supply, and water management solutions. With over 30 years of experience and more than 5000 projects completed domestically and internationally, it operates as part of the larger Kolektor corporate group. The website reflects a professional and consistent brand image, targeting industrial and energy sector clients with a focus on innovative technological solutions. Technically, the site uses modern web technologies including Google Tag Manager, reCAPTCHA, and jQuery, with good mobile optimization and basic accessibility features. Security posture is solid with HTTPS and CAPTCHA protections, though it lacks explicit security headers and incident response information. Privacy compliance is addressed with a privacy policy and cookie consent mechanism, indicating GDPR awareness. Overall, the site is trustworthy and well-maintained, with room for improvement in security transparency and contact information visibility.

E

Edumania

edumania.sk

58

Edumania is a Slovakian e-commerce retailer specializing in educational toys, kits, and games designed for curious children who enjoy learning through play. The website is professionally designed, leveraging the Shoptet e-commerce platform, and offers a well-structured catalog with clear navigation and product categorization by area, type, and age. The business targets parents and educators seeking quality educational products in Slovakia. Technically, the site uses modern web technologies including jQuery, Google Analytics, Facebook SDK, and slick carousel for UI components, hosted on Shoptet's CDN infrastructure. The site is mobile-optimized and includes accessibility features, though some improvements could be made.

I

Inbound Back Office

inboundbackoffice.com

45

Inbound Back Office is a service provider specializing in white-label virtual assistant and marketing support services tailored for marketing agencies, fractional CMOs, and small businesses. The company positions itself as a scalable and seamless support partner, trusted by hundreds of teams globally to handle marketing execution and administrative tasks without the complexities of hiring. Their website reflects a professional and consistent brand image with clear messaging and client testimonials that reinforce trust. Technically, the website leverages modern front-end technologies including Bootstrap, Tailwind CSS, jQuery, and integrates marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and HubSpot. The site is built on Zephyr CMS and demonstrates good mobile optimization and user experience. However, some areas such as accessibility and SEO could be improved. Security-wise, HTTPS is properly implemented, but the absence of security headers and privacy/cookie policies indicates room for enhancement in compliance and protection. The security posture is moderate with no immediate vulnerabilities detected in the visible content, but the lack of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. This discrepancy between professional website content and missing domain registration information suggests the need for further verification. Overall, the site is functional and credible from a business perspective but requires improvements in privacy compliance and security best practices. Strategically, the company should prioritize establishing clear privacy and cookie policies, implement security headers, and resolve WHOIS registration transparency to strengthen trust and compliance. Enhancing accessibility and SEO will also improve user reach and satisfaction.

K

Kolektor

kolektoravtomatizacija.com

44

Kolektor is a well-established company specializing in automation and engineering solutions for industry, energy, and infrastructure sectors. The website highlights their expertise in digitalization of production processes, energy management systems, and electrical equipment. They emphasize over 30 years of experience and a strong partnership network with global manufacturers, positioning themselves as a leading provider in their market segment. The business model focuses on delivering turnkey solutions, consulting, and technical support to industrial and energy clients. Technically, the website employs modern web technologies including Google Tag Manager, reCAPTCHA, and responsive design, ensuring a good user experience across devices. Security posture is solid with HTTPS and CAPTCHA protections, though additional security headers and published policies could enhance trust. The absence of WHOIS data for the domain is a notable concern, potentially impacting domain legitimacy verification. Overall, the site is professional, content-rich, and safe for general audiences, supporting Kolektor's strong market presence.

K

Kolektor

kolektorwater.com

48

Kolektor is a medium-sized Slovenian company specializing in water technologies, providing comprehensive engineering solutions for water preparation, purification, telemetry, and system optimization. The company is part of the larger Kolektor Group and collaborates with several subsidiaries and partners to deliver advanced water management solutions. The website reflects a professional and consistent brand image targeting B2B clients such as municipalities, industrial water users, and technology partners. Technically, the website employs modern JavaScript libraries, Google Tag Manager, and reCAPTCHA for security and analytics, hosted on a CMS platform with good mobile optimization and SEO practices. Security posture is solid with HTTPS and spam protection, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data is a notable anomaly, slightly reducing trust but not detracting significantly from the overall legitimacy. Privacy and cookie policies are present and GDPR compliant, with clear consent mechanisms. Overall, the website is well-designed, user-friendly, and trustworthy for its intended audience.

S

salon ARTEMISIA - Marseille

salon-artemisia.com

50

Salon ARTEMISIA is a regional event organizer based in Marseille, France, specializing in bio, well-being, and ecological habitat trade shows. The website presents a professional and well-structured platform showcasing event dates, exhibitor profiles, partner logos, and visitor information. The business targets consumers and exhibitors interested in organic products and sustainable living. Technically, the site is built on WordPress with Elementor and uses modern SEO and analytics tools, including Google Analytics and Facebook Pixel. Security posture is adequate with HTTPS and domain transfer protection, but lacks explicit security headers and published security policies. Privacy compliance is partial with a cookie consent mechanism but no visible privacy or terms of service pages. Overall, the site is trustworthy and professionally maintained, with room for improvement in compliance and security transparency.

S

Spas Organisation

spas-expo.com

10

Spas Organisation is a leading French event organizer specializing in bio, well-being, natural health, and sustainable development sectors. The company operates multiple public and professional salons and events, positioning itself as a market leader in France. Their digital presence is built on a WordPress platform with modern SEO practices and a clear focus on event promotion and partner collaboration. Technically, the website is well-structured, mobile-optimized, and uses recognized technologies such as Elementor and Yoast SEO. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although incident response and vulnerability disclosure mechanisms could be improved. Privacy compliance is adequate with GDPR-aligned policies and cookie consent mechanisms. Overall, the site reflects a professional and trustworthy business with a solid market position.

H

HashBang

hashbang.coop

9

HashBang is a Lyon-based cooperative specializing in bespoke web engineering services. They provide comprehensive project management, technical expertise, and responsible digital solutions primarily targeting businesses seeking tailored web and ERP development. Their cooperative model emphasizes collective decision-making and employee ownership, positioning them as a socially responsible player in the local technology sector. Technically, the website leverages modern frameworks such as Django and Wagtail CMS, with a clean, mobile-optimized design and good accessibility. However, the site lacks visible cookie consent mechanisms and detailed privacy or security policies, which impacts compliance and security posture. Security-wise, no explicit security headers or incident response information are published, though no obvious vulnerabilities or exposed sensitive data were detected. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

WilldooIT Pty Ltd is a well-established Australian company specializing in Odoo ERP software solutions tailored for diverse industries including timber, food distribution, manufacturing, and renewables. With over 15 years of experience and multiple industry awards such as the Odoo APAC Partner of the Year, WilldooIT holds a strong market position as a trusted ERP partner in Australia and New Zealand. Their business model focuses on B2B consulting, implementation, custom development, and ongoing support services, targeting medium-sized enterprises seeking to streamline operations and improve productivity through ERP technology. Technically, the website is built on the Odoo CMS platform, hosted on Amazon Web Services, and incorporates modern web technologies including JavaScript, FontAwesome, Google Tag Manager, and Hotjar for analytics and user behavior tracking. The site demonstrates good performance, mobile optimization, and SEO practices, reflecting a mature digital infrastructure. However, there is room for improvement in security headers and DNSSEC implementation. From a security perspective, the website enforces HTTPS and includes CSRF tokens, indicating attention to secure session management. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present with consent mechanisms, though explicit GDPR compliance indicators are limited. The absence of a published security policy or incident response contact is noted as an area for enhancement. Overall, WilldooIT presents a professional, trustworthy online presence with strong business credibility and a solid technical foundation. The security posture is good but could benefit from additional hardening measures. The website content is safe for general audiences, and the company provides clear contact information and transparent policies. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and enhancing GDPR compliance to further strengthen trust and security.

K

Kolektor

kolektorgradbenistvo.si

46

Kolektor Gradbeništvo is a construction-focused branch of the Kolektor group, operating primarily in Slovenia with a strong emphasis on infrastructure, high-rise buildings, and reinforced concrete structures. The company leverages its subsidiaries Kolektor Koling and Kolektor CPG to deliver comprehensive construction engineering services. The website reflects a mature business with a clear market position in the regional construction sector, targeting industry clients and potential employees. Technically, the site uses modern JavaScript libraries and tracking tools, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and documented security policies. Overall, the site is professional, trustworthy, and safe for general audiences.

P

Pricemania s.r.o.

pricemania.sk

42

Pricemania s.r.o. operates a well-established Slovak price comparison website that aggregates offers from over 8,000 e-shops and more than one million products. The platform targets general consumers seeking to compare prices and find the best deals across a wide range of product categories. The website demonstrates a mature digital infrastructure with modern analytics, advertising, and cookie consent mechanisms integrated. Hosting is provided by a Slovak hosting provider, ensuring regional performance optimization. Security posture is strong with HTTPS enforced and standard security headers implemented, though explicit security policies and incident response contacts are not published. Overall, Pricemania presents a professional and trustworthy e-commerce service with good content quality and user experience.

O

ONERA

onera.fr

60

ONERA is the French national aerospace research center, established in 1995, with a strong market position as a leading government research entity in aerospace. The website reflects a mature digital presence with comprehensive content targeting researchers, industry professionals, and academic audiences. Technically, the site uses Drupal 10, Bootstrap 5, and Matomo analytics, ensuring modern standards and good performance. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though it lacks a dedicated security policy or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR, supporting ONERA's reputation as a credible research institution.

E

European University Foundation

uni-foundation.eu

9

The European University Foundation (EUF) operates as a non-profit organization focused on fostering collaboration among European universities and supporting higher education initiatives. The website presents a professional and consistent brand image, targeting academic institutions and stakeholders within the European education sector. The technical infrastructure is based on WordPress with the Divi theme, leveraging modern web technologies and integrating Google Analytics and Tag Manager for user tracking and analytics. The site demonstrates moderate digital maturity with good mobile optimization and basic SEO practices. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, the absence of explicit security headers and lack of published privacy and security policies indicate areas for improvement. Overall, the website is safe, trustworthy, and suitable for a general audience, but could enhance compliance and security transparency to strengthen user trust and regulatory adherence.

K

Kolektor Conttek GmbH

conttek.de

45

Kolektor Conttek GmbH is a well-established German manufacturer specializing in precision stamping, bending parts, pressfit, contact parts, metal-plastic composite parts, assemblies, and plastic parts primarily serving the automotive and electronics industries. With a 60-year history and integration into the international Kolektor group, the company holds a strong market position as a reliable B2B partner offering development, tooling, and automation services. The website reflects a professional corporate presence with detailed descriptions of technologies and competencies, targeting industrial clients. Technically, the site is built on TYPO3 CMS with modern frontend frameworks and includes a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate but could be improved by adding explicit security policies, incident response contacts, and security headers. Overall, the site is trustworthy, compliant with GDPR, and provides clear contact information and social media presence.

K

Kolektor

kolektor.com

50

Kolektor is a large, established industrial and technology company based in Slovenia, specializing in manufacturing and technological solutions primarily for the automotive, energy, and construction sectors. The company operates multiple subsidiaries focused on energy transformers, water technologies, automation, and construction. Their website reflects a professional corporate presence with multilingual support and a focus on innovation and sustainability. Technically, the site employs modern tracking and analytics tools such as Google Tag Manager, Apollo.io, and IpMeta, and enforces HTTPS with reCAPTCHA protections on forms. However, some security best practices like security headers and explicit incident response contacts are missing. The WHOIS data is unavailable, which slightly reduces trust but the overall digital footprint and branding consistency support legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant, indicating a mature approach to data protection. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in security posture and transparency.

Arche TI is a Canadian technology company specializing in Odoo ERP consulting, implementation, and optimization services. Positioned as the top Odoo integrator in Canada, they serve businesses primarily in Montreal, Quebec, Toronto, and other Canadian regions. Their key offerings include ERP consultation, project rescue, migration, customization, and ongoing support, targeting medium-sized businesses seeking digital transformation and operational efficiency. The company has a professional web presence with detailed service descriptions, client testimonials, and multiple office locations, reflecting a mature and credible business model. Technically, the website is built on the Odoo platform, leveraging modern web technologies such as JavaScript, FontAwesome, and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with fast to moderate performance. However, there is room for improvement in security headers and explicit privacy compliance features. From a security perspective, the site uses HTTPS and includes CSRF tokens, indicating a baseline security posture. The domain is registered with GoDaddy and secured with registrar locks, consistent with the business's age and claims. No critical vulnerabilities or suspicious patterns were detected, but the absence of a visible privacy policy and cookie consent mechanism represents compliance gaps. The presence of a named Data Protection Officer with contact details is a positive indicator. Overall, Arche TI presents a trustworthy and professional digital footprint with strong business credibility and technical maturity. Strategic enhancements in privacy compliance and security best practices would further strengthen their security posture and regulatory alignment.

Dynapps is a professional and well-established Odoo implementation partner specializing in digitalizing business processes through tailored ERP solutions. They hold a strong market position as the largest Odoo implementer in Europe and have been recognized as the Best Odoo Partner in Europe 2024. Their services cover a broad range of industries including technology, energy, manufacturing, retail, and healthcare, targeting innovative companies seeking efficient business management solutions. The company operates multiple offices across Belgium, the Netherlands, Switzerland, and France, reinforcing their regional presence. Technically, the website is built on the Odoo CMS platform, utilizing modern web technologies such as Bootstrap, FontAwesome, Google Tag Manager, and Leadinfo for analytics and tracking. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security-wise, Dynapps demonstrates a strong posture with HTTPS enforcement, ISO 27001 certification, and use of Google reCAPTCHA on forms. However, there is room for improvement in implementing security headers and explicit incident response contacts. Overall, the website and business exhibit high professionalism, trustworthiness, and compliance with privacy regulations, although cookie consent mechanisms could be enhanced. The lack of public WHOIS data is due to EURid privacy policies and is justified for this business type. The risk profile is low, with no critical vulnerabilities detected, making Dynapps a credible and secure partner for ERP implementation.

A

AGENTURA SCHOK, spol. s r.o.

shakespeare.cz

46

The website www.shakespeare.cz represents the Letní shakespearovské slavnosti (Summer Shakespeare Festival) organized by AGENTURA SCHOK, spol. s r.o., a medium-sized cultural event organizer based in the Czech Republic. The festival is well-established, attracting tens of thousands of visitors annually and supported by prominent partners such as the PPF Group. The site provides comprehensive information about the festival's program, ticketing, partners, and historical context, targeting theater enthusiasts and the general public interested in Shakespearean drama. Technically, the website employs modern front-end technologies including Bootstrap for responsive design, Google Custom Search Engine for site search, Facebook SDK for social integration, and FontAwesome for icons. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. Cookie consent mechanisms and a privacy policy are implemented, indicating compliance with GDPR requirements. From a security perspective, HTTPS is used as inferred from resource URLs, and cookie consent is managed with user options. However, no explicit security headers were detected in the HTML content, and no security policy or incident response contacts are published. The absence of WHOIS data reduces domain registration transparency, which slightly impacts trustworthiness. No vulnerabilities or exposed sensitive data were found in the content. Overall, the website is a professionally maintained cultural event platform with good content quality and privacy compliance. The main risk area is the lack of visible domain registration data and security policy disclosures. Strategic improvements in security headers, incident response information, and WHOIS transparency would enhance trust and security posture.

D

Divadlo Petra Bezruče, s.r.o.

bezruci.cz

43

Divadlo Petra Bezruče, s.r.o. is a regional theatre company based in Ostrava, Czech Republic, providing theatrical performances, ticketing services, subscriptions, and cultural event hosting. The website serves as a portal for program schedules, ticket reservations, and company information, targeting local theatre audiences and cultural enthusiasts. The business operates with support from local government and cultural partners, positioning itself as a key cultural institution in the region. Technically, the website employs modern front-end technologies including Bootstrap, JavaScript libraries like WOW.js, and a cookie consent mechanism from TermsFeed. The site is mobile-optimized with responsive design and provides a user-friendly navigation experience. However, there is no evidence of a CMS or advanced analytics tools, and performance is moderate. From a security perspective, the site uses HTTPS but lacks visible security headers and published privacy or terms of service policies. Cookie consent is implemented with express consent, indicating some GDPR awareness. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and clear contact information mitigate some concerns. Overall, the website is functional and professional but would benefit from enhanced security practices, published privacy documentation, and WHOIS transparency to improve trust and compliance.

I

Interpole

mon-parcours-collaboratif.fr

51

Interpole is a small, community-driven educational platform based in France, focusing on collaborative work, digital tools, and commons creation. It integrates content from the 'Mon Parcours Collaboratif' project, providing resources and guides for collaborative project management and digital tool usage. The website uses YesWiki CMS with Bootstrap and FontAwesome, hosted by OVH, and presents good content quality and user experience. However, it lacks formal privacy, cookie, and security policies, and does not provide explicit contact information. Security posture is moderate with HTTPS enabled but missing security headers and DNSSEC. The domain registration is consistent and legitimate, supporting trust in the platform. Overall, the website is safe, professional, and targeted at general audiences interested in collaborative digital work.

L

La Théorie du Boxeur

latheorieduboxeur.fr

51

La Théorie du Boxeur is a French documentary film project focusing on the impact of climate change on agriculture, particularly in the Drôme valley. The website serves as a platform to present the film and its investigative content about agricultural resilience and adaptation. The project appears to be a small-scale media initiative with a clear thematic focus on environmental and agricultural issues. The site is professionally designed using WordPress and the Divi theme, with good content relevance and user experience. However, the absence of WHOIS registrant data and lack of visible privacy or cookie policies limit the overall trust and compliance posture. Technically, the site uses modern web fonts and caching plugins but lacks visible security headers and detailed security configurations. No forms or direct contact information are present, which may hinder user engagement and trust. Overall, the site is safe for general audiences and provides valuable documentary content but would benefit from enhanced security and compliance features.

Ú

Ústav filmové, televizní a rozhlasové tvorby (ÚFTaRT), Slezská univerzita v Opavě

audiovizualnitvorba.cz

55

The website represents the Ústav filmové, televizní a rozhlasové tvorby (ÚFTaRT), an academic institute affiliated with the Silesian University in Opava, Czech Republic. It focuses on providing quality education in audiovisual creation, supporting students, and engaging in cultural and media projects including film festivals, exhibitions, and conferences. The site serves students, academics, and the cultural community with a professional and content-rich platform. Technically, the site is built on WordPress with modern plugins and themes, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. The absence of WHOIS data limits domain trust assessment, but the university affiliation and professional presentation support legitimacy. Overall, the site is a credible academic and cultural resource with room for improvement in privacy and security compliance.

Q

Quae

quae-open.com

67

Quae-Open is an educational platform providing open access to scientific books primarily in the natural sciences domain. The website offers a catalog of over 300 books available for free download in PDF and ePub formats, targeting researchers, academics, and authors. The platform supports multilingual access (English and French) and includes author support and newsletter subscription features. Technically, the site uses modern web technologies including jQuery, Bootstrap, Matomo analytics, and Google Tag Manager, with a responsive design and good SEO practices. Security posture is solid with HTTPS and CSRF protections, but lacks some advanced security headers and explicit privacy policy documentation. The absence of WHOIS data for the domain is a notable concern for legitimacy and trust, although the site links to a known publisher domain, mitigating some risk. Overall, the site is functional, professional, and trustworthy for its educational purpose but would benefit from improved transparency and security disclosures.

L

Louise DIDIER

quincaillere.org

72

Louise Quincaillère is a small, specialized service provider focused on cooperative and collaborative facilitation, offering training and digital tools to community groups and collectives. The website presents a clear business model centered on education, training, and support for cooperative projects, with a niche market position in the cooperative ecosystem in France. Technically, the site is built on the YesWiki CMS platform, leveraging Bootstrap and FontAwesome for UI, hosted by OVH sas. The site is moderately performant, mobile-optimized, and accessible at a basic level. Security posture is adequate with HTTPS enforced and domain protections in place, but lacks DNSSEC and security headers, which are recommended improvements. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced privacy and security practices.

M

miniOrange

miniorange.com

76

miniOrange is a technology company specializing in identity and access management (IAM) solutions, offering a comprehensive suite of products including Single Sign-On (SSO), Multi-Factor Authentication (MFA), User Lifecycle Management (ULM), Privileged Access Management (PAM), and Cloud Access Security Broker (CASB). The company targets enterprises and IT professionals seeking secure and unified access management across cloud, web, and legacy applications. Their market position is solidified by a broad product portfolio and extensive integrations with popular platforms such as WordPress, Atlassian, Shopify, and more. Technically, the website demonstrates a mature digital infrastructure utilizing modern technologies such as jQuery, Google Tag Manager, Microsoft Clarity, and Cloudflare services. The site is well-optimized for mobile devices, features good SEO practices, and implements a comprehensive cookie consent mechanism compliant with GDPR. The use of structured data (JSON-LD) enhances search engine understanding and visibility. From a security perspective, the website enforces HTTPS, employs Google reCAPTCHA for bot mitigation, and uses Cloudflare Bot Management cookies. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not clearly present and should be implemented to strengthen security posture. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and content-rich, providing a positive user experience. The main concern lies in the absence of publicly available WHOIS domain registration data, which affects domain legitimacy verification. Despite this, the business presence, SSL configuration, and operational indicators suggest a legitimate and established entity.

T

TicketingBox

ticketingbox.com

67

TicketingBox operates a professional, turnkey theater ticketing platform designed to boost ticket sales, simplify audience management, and maximize revenue for theaters and venues. The website demonstrates a solid market position with notable clients such as Shen Yun, showcasing its capability to handle large-scale events across multiple theaters annually. The platform offers comprehensive services including marketing tools, custom branding, reporting, and secure ticketing technology. Technically, the website is built on a modern WordPress CMS with Elementor and integrates Google Analytics and AdSense for tracking and monetization. The site is mobile-optimized and SEO-friendly, providing a good user experience. However, the absence of privacy and cookie policies and missing WHOIS registration data raise concerns about compliance and domain legitimacy. Security posture is moderate with HTTPS enabled but lacks explicit security headers and published security policies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and domain registration transparency.

Scènes de Pays is a regional cultural event platform operated as a service of Mauges Communauté in France. It focuses on programming theatrical and cultural events for the general public, families, and schools, positioning itself as a key regional promoter of cultural activities. The website provides comprehensive event information, ticketing links, and practical guides, supporting community engagement and cultural participation. Technically, the site is built on WordPress using the Divi theme, enhanced with accessibility features, SEO optimizations, and a cookie consent mechanism compliant with GDPR. The use of Matomo analytics indicates a privacy-conscious approach to user tracking. Security posture is solid with HTTPS, security headers, and no visible vulnerabilities, though the site lacks a dedicated security policy or incident response contact. WHOIS data is privacy protected, typical for French domains, and the domain appears legitimate and consistent with the business. Overall, the website is professional, user-friendly, and trustworthy, serving its community-oriented mission effectively.

Onestein B.V. is a Dutch company specializing in open-source business software solutions, prominently featuring their CURQ ERP system based on Odoo Community. They provide consultancy, support, and custom development services tailored to businesses ranging from startups to enterprises, with a strong emphasis on Dutch financial compliance and community management. The website is professionally designed, well-structured, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site runs on Odoo CMS, uses Matomo for analytics, and employs modern web technologies such as Bootstrap and FontAwesome. Security posture is solid with HTTPS enforced, CSRF tokens present, and DNSSEC enabled, though the absence of explicit security headers and cookie consent mechanisms indicates room for improvement in compliance and defense-in-depth. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

L

Librairie Quae

quae.com

71

Librairie Quae operates as a specialized online bookstore focused on scientific literature, offering a broad catalog of printed and digital books, including open access ebooks through its partner platform Quae-open. The website demonstrates a professional e-commerce infrastructure with modern technologies such as jQuery, Google Analytics, Matomo, and Owl Carousel, and is built likely on a Ruby on Rails framework. The site is well-structured with clear navigation and a responsive design, targeting scientists, professionals, and the general public interested in science. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and explicit policies such as privacy and terms of service. Cookie consent is implemented, indicating some privacy compliance efforts. Overall, the site is functional and trustworthy in content but requires improvements in transparency and security documentation.

R

Réseau Canopé

mathador.fr

59

Mathador is an educational platform operated by Réseau Canopé, focused on promoting mental calculation skills through engaging games and contests. The website offers both digital and physical game formats, targeting students and educators primarily in France. The platform is well integrated with educational initiatives and provides resources to motivate learners in mathematics. Technically, the site uses a modern tech stack including Bootstrap, jQuery, and Matomo analytics, with a cookie consent mechanism compliant with GDPR. The website is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some security headers and explicit security policies are not evident, suggesting room for improvement in security hardening. Security posture is moderate with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data limits domain trust verification, but the strong affiliation with a reputable educational network and consistent branding supports legitimacy. Privacy compliance is well addressed through cookie management and privacy policy presence. Overall, Mathador presents a trustworthy and professional educational service with a solid digital presence. Strategic enhancements in security headers, incident response transparency, and WHOIS data availability could further strengthen trust and compliance.

A

Amicus Therapeutics US, LLC

pombilitiopfoldahcp.com

70

The website for POMBILITI® (cipaglucosidase alfa-atga) + OPFOLDA® (miglustat) is a professionally designed healthcare professional portal operated by Amicus Therapeutics US, LLC. It provides comprehensive clinical data, dosing information, safety warnings, and patient support resources for a specialized pharmaceutical therapy targeting late-onset Pompe disease. The site is clearly targeted at US healthcare professionals and includes links to official prescribing information and patient referral forms. The domain is relatively new, registered in 2022, consistent with the product's market introduction timeline. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager and Microsoft Clarity, alongside a cookie consent mechanism powered by OneTrust, indicating a moderate level of digital maturity and privacy awareness. The site is mobile-optimized, accessible, and SEO-friendly, with a consistent branding approach aligned with the parent company Amicus Therapeutics. Hosting and DNS services are stable, though DNSSEC is not enabled, representing a minor security gap. From a security perspective, the site uses HTTPS and includes cookie consent banners, but lacks explicit security policies or vulnerability disclosure pages. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data shows domain registration with protections against unauthorized transfer or deletion, supporting legitimacy. Overall, the site demonstrates a solid security posture with room for improvement in DNS security and transparency around incident response. The overall risk assessment is low, with the site serving as a trustworthy source of pharmaceutical information for healthcare professionals. Strategic recommendations include enabling DNSSEC, publishing a security policy or vulnerability disclosure page, and enhancing security headers to further strengthen the security posture.

P

Porsche Inter Auto CZ spol. s r.o.

porsche-brno.cz

11

Porsche Inter Auto CZ spol. s r.o. operates as a major authorized automotive dealership and service provider in the Czech Republic, specializing in Volkswagen, Audi, Škoda, and Porsche brands. The company is part of the larger Porsche Inter Auto group based in Austria, which is a leading automotive sales and service entity in Europe. Their website showcases a comprehensive portfolio of new and used vehicles, service offerings, and accessories, targeting customers seeking premium automotive products and services. The site is professionally designed, mobile-optimized, and integrates modern web technologies such as Nuxt.js and Google Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, although some security headers could be improved. Privacy compliance is well addressed with accessible GDPR and cookie policies. Overall, the website reflects a mature digital presence aligned with the company's market position and business model.

S

SocialWick

socialwick.com

65

SocialWick is a well-established social media marketing platform operating since 2017, offering a wide range of services including followers, likes, views, and other engagement metrics across major social media platforms such as Instagram, YouTube, TikTok, Facebook, and more. The company positions itself as a market leader with over a million customers and emphasizes fast delivery, premium quality, and affordable pricing. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site uses modern web technologies including jQuery, Google Tag Manager, and Cloudflare Insights, hosted behind Cloudflare's infrastructure for performance and security. Security posture is generally good with HTTPS enforced and secure forms, though some security headers are missing and no explicit cookie consent mechanism is present, which may affect privacy compliance. The absence of WHOIS data limits domain trust verification, but the business operations and content appear legitimate and professional. Overall, SocialWick presents a credible and functional platform for social media marketing services.

A

Addock

addock.co

49

Addock operates as a specialized B2B SaaS platform focused on the tours and activities sector, providing booking and fulfillment solutions tailored for local experience operators and travel brands. The company positions itself as a next-generation technology provider facilitating real-time connectivity between operators, distributors, and customers. The website content and structure reflect a professional approach targeting industry professionals seeking innovative booking solutions. Technically, the site is built on WordPress with Elementor and integrates modern SEO and analytics tools, indicating a moderate to advanced digital maturity. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and formal security policies. Overall, the site is accessible, well-structured, and trustworthy with room for improvement in privacy and security disclosures.

I

Institut informacijskih znanosti (IZUM)

izum.si

10

Institut informacijskih znanosti (IZUM) is a Slovenian public institute established by the government to provide information services supporting science, culture, and education. It operates key national infrastructures such as the COBISS library system and HPC-RIVR supercomputing resources, positioning itself as a critical technology and research enabler in Slovenia. The website reflects this institutional role with professional content, clear navigation, and multilingual support. Technically, the site is built on WordPress with modern plugins and frameworks, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. Overall, the domain's long history and consistent WHOIS data reinforce the site's legitimacy and trustworthiness.

P

Paris&Co

parisdelinnovation.fr

38

Le Paris de l'Innovation is an annual innovation event organized by Paris&Co and the City of Paris, held at the Hôtel de Ville. It serves as a major networking and business development platform for startups, investors, public institutions, and large companies focused on ecological, environmental, and social transition. The event offers startup meetups, demo spaces, conferences, workshops, and incubator networking opportunities. The website is professionally designed using WordPress with modern technologies and SEO best practices, providing good user experience and mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though improvements are recommended in security headers and cookie consent mechanisms. WHOIS data is unavailable, which slightly reduces domain trust, but the official partnerships and event details support legitimacy. Overall, the website is a credible and well-maintained platform for innovation stakeholders in Paris.

A

Asta Communications Pvt Ltd.

astacommunications.com

48

Asta Communications Pvt Ltd. is a Bangalore-based advertising agency specializing in brand development, advertising, graphic design, photography, printing, and website design and development. Established in 2010, the company positions itself as a creative partner for corporate clients and SMEs seeking comprehensive branding and marketing solutions. Their market presence is supported by an active social media footprint and a portfolio showcasing diverse creative works. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and third-party widgets for social media integration and WhatsApp contact, hosted on HostGator servers. Security posture is moderate with domain transfer protection but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the website is professional and trustworthy but would benefit from enhanced security and privacy compliance measures.

F

Formation Animacoop

animacoop.net

50

Formation Animacoop is a French educational organization specializing in cooperative training across multiple cities in France. Established in 2010, it offers comprehensive training programs focused on animating and facilitating cooperative projects, collective intelligence, and collaborative digital tools. The organization targets professionals involved in project management, facilitation, coaching, and collective initiatives, providing blended learning with both in-person and remote sessions. The website reflects a mature digital presence with structured data, social media integration, and clear contact points. Technically, the site is built on WordPress with modern frameworks and includes GDPR-compliant cookie consent and privacy policies. Security posture is good with HTTPS and domain transfer protections, though DNSSEC is not enabled and security headers are not explicitly detected. Overall, the site is professional, trustworthy, and well-positioned in its niche.

C

Conseil départemental de la Vendée

vendee.fr

62

The website www.vendee.fr is the official online presence of the Conseil départemental de la Vendée, a government entity serving the Vendée department in France. It provides comprehensive information and services related to social support, infrastructure, culture, and public administration targeted at residents and stakeholders of the region. The site is well-branded, professionally designed, and structured to facilitate user navigation and access to departmental resources. Technically, the site is built on TYPO3 CMS with Bootstrap and FontAwesome for frontend styling, and integrates Matomo analytics for user behavior tracking, including heatmaps and session recordings. The presence of cookie consent mechanisms and structured data indicates a mature digital infrastructure with attention to privacy and SEO best practices. Performance and mobile optimization are good, supporting a positive user experience. From a security perspective, the site enforces HTTPS and includes some security headers, though additional headers like Content-Security-Policy could enhance protection. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data is unavailable, likely due to privacy protection, which is justified for a government domain. No WAF or blocking mechanisms were detected, allowing full content access. Overall, the website demonstrates a strong security posture, good privacy compliance, and high business credibility as a government portal. Strategic recommendations include enhancing security headers and publishing a clear privacy policy page to improve transparency and compliance.

Père Dodu is a well-established French brand specializing in poultry and prepared food products, operating since 1965. The website serves as a consumer-facing platform providing product information, recipes, and promotional campaigns, targeting general family audiences. The brand maintains consistent and professional digital branding with a focus on facilitating home cooking. Technically, the site is built on WordPress with modern SEO and performance plugins, including Yoast SEO and WP Rocket, and uses Matomo for analytics. The site is mobile-optimized and provides a good user experience, although some broken images were detected which could impact perception. Security posture is solid with HTTPS and standard security headers, but could be improved with enhanced form protections and fixing broken assets. Privacy and cookie policies are present and GDPR compliant, but no explicit contact emails or phone numbers were found, limiting direct contact options. WHOIS data is not publicly available, typical for AFNIC domains, but the domain appears legitimate given the professional site and brand history. Overall, the site is trustworthy, secure, and well-maintained, suitable for its retail and consumer engagement purposes.