Security Directory

T

TAS Holešov, s.r.o.

tsholesov.cz

60

TAS Holešov, s.r.o. is a municipal services company formed in 2024 by merging two local entities, providing energy, waste management, property management, and recreational services primarily for the Holešov region in the Czech Republic. The website reflects a well-structured local government service portal with clear navigation and relevant content for residents and businesses. Technically, the site uses modern JavaScript libraries such as jQuery, Swiper.js, and Google Maps API, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and incident response contact details. Overall, the site is trustworthy and professionally maintained, though WHOIS data is unavailable, likely due to privacy protection.

D

Digitální agora

digitalniagora.cz

52

Digitální agora is a Czech-based organization specializing in digital civic engagement and public participation tools, with over 20 years of experience. Their services include participatory budgeting, public space creation, and strategic planning, supported by custom digital platforms. The website reflects a professional and consistent brand presence targeting municipalities, schools, and companies. Technically, the site is built on WordPress with Elementor and JetFormBuilder, incorporating modern web technologies and GDPR-compliant cookie consent mechanisms. Security posture is strong with HTTPS, reCAPTCHA protection on forms, and no visible vulnerabilities, though additional security headers could enhance protection. WHOIS data is unavailable, common for CZ domains, but the presence of official funding logos and partner links supports legitimacy. Overall, the site is well-structured, secure, and compliant, serving its niche effectively.

Terrena is a well-established agricultural cooperative based in the Grand Ouest region of France, serving 18,000 member farms and employing 13,000 people. The cooperative focuses on supporting farmers through local supply chains and strong brand management, aiming to provide responsible and accessible food. The website reflects a mature digital presence built on WordPress, with good SEO, mobile optimization, and privacy-conscious analytics via Matomo. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism in place. Security posture is solid with HTTPS enforced, though explicit security headers and incident response policies are not published. WHOIS data is unavailable, which slightly reduces trust but the overall business credibility remains high due to consistent branding and external partner references.

P

PortlandLabs

concretecms.org

72

Concrete CMS is an established open source content management system developed and maintained by PortlandLabs since 2008. It targets web developers and content editors seeking an easy-to-use, flexible CMS platform with built-in features and a strong community backing. The website positions Concrete CMS as a trusted solution used by governments and Fortune 500 companies, emphasizing security, extensibility, and user-friendly editing experiences. The business model revolves around open source software distribution complemented by community engagement and commercial support services. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Vue.js, FontAwesome, and analytics tools such as Matomo and Google Analytics. The CMS itself is Concrete CMS, which is also the product being promoted. The site is mobile optimized, well-structured, and uses responsive design techniques. Performance is moderate with room for improvement in accessibility features. SEO practices are good with proper meta tags and Open Graph data. From a security perspective, the site enforces HTTPS and includes a dedicated security page. Cookie consent mechanisms and a comprehensive privacy policy demonstrate compliance with privacy regulations including GDPR. However, explicit security headers are not detected, and no public vulnerability disclosure or incident response contacts are published. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is professional, trustworthy, and well-maintained with a high level of content quality and business credibility. The lack of WHOIS data limits domain registration trust analysis, but the site’s branding and external trust signals strongly support legitimacy. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure policies, improving accessibility, and maintaining transparency in data protection practices.

C

Coop.tools

coop.tools

50

Coop.tools is a small technology-focused cooperative platform offering a suite of open-source digital collaboration tools including private cloud storage, blogging, federated video hosting, real-time document editing, and team chat. The platform also provides webmaster utilities such as hosting management and database administration. The website is built on the YesWiki CMS with modern frontend technologies like Bootstrap and FontAwesome, delivering a good user experience with clear navigation and mobile responsiveness. However, the site lacks explicit privacy and cookie policies, and no contact or business registration details are provided, which impacts trust and compliance perception. Security posture is moderate with HTTPS enabled and anti-CSRF tokens in forms, but missing security headers and incomplete WHOIS data reduce confidence. Overall, Coop.tools serves a niche cooperative audience with a focus on privacy-respecting, federated services but should improve transparency and security practices to enhance credibility.

O

KIM – KONGRES INTEGROVANÉ MEDICÍNY – Oficiální webové stránky Kongresu integrované medicíny.

openmedicine.cz

58

The website openmedicine.cz serves as the official platform for the 10th annual Congress of Integrated Medicine (KIM) held in Prague, Czech Republic. It targets medical professionals interested in integrated and alternative medicine disciplines such as acupuncture and homeopathy. The site provides event information, registration links, and partner details, positioning itself as a niche event organizer within the healthcare sector. The domain age and WHOIS data support the legitimacy and consistency of the business. Technically, the site is built on WordPress using Elementor and standard web technologies like jQuery and Bootstrap. It is hosted likely in the Czech Republic with HTTPS enabled, ensuring basic security. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. However, it lacks advanced security headers and formal privacy or cookie policies, which are important for compliance and trust. From a security perspective, the site uses HTTPS but does not publish security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of privacy and cookie policies and security headers lowers the overall security posture. Overall, the website is functional, professional, and trustworthy for its purpose but would benefit from enhanced privacy compliance, security best practices, and transparency in contact and policy disclosures to improve user trust and regulatory adherence.

D

Divadlo Hybernia

hybernia.eu

43

Divadlo Hybernia is a Czech theatre offering cultural performances and entertainment services, targeting a general audience interested in theatre arts. The website is built on WordPress and employs modern web technologies including Google Tag Manager, Microsoft Clarity, and FontAwesome for icons. The site is well-structured with good SEO and mobile optimization, providing a professional user experience. However, it lacks explicit privacy and cookie policies, and no direct contact information is found in the analyzed content. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the domain appears legitimate though WHOIS data is privacy protected, which is common for small businesses. Strategic improvements in privacy compliance and security practices are recommended.

P

PMB Services

pmbservices.fr

66

PMB Services is a French company specializing in the development and support of PMB, an open-source library management software designed for libraries, documentation centers, and educational institutions. The company offers a comprehensive suite of services including consulting, installation, hosting, training, and support, serving over 1800 clients with more than 10,000 users. Their market position is solid, supported by a professional website with good content quality and consistent branding. Technically, the website employs a mature technology stack including jQuery, UIkit, Dojo Toolkit, and FontAwesome, alongside analytics tools like Google Analytics and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a moderate to good performance level. Privacy and cookie policies are well implemented, indicating GDPR compliance. From a security perspective, the site uses HTTPS and includes CSRF tokens in forms, but the Content-Security-Policy header is empty, representing a potential security weakness. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data for the domain www.sigb.net is a concern, suggesting the domain may be unregistered or expired, which could impact trustworthiness. Overall, the website presents a professional and trustworthy front for PMB Services, but the domain registration inconsistency should be addressed to ensure legitimacy and prevent potential security risks. Strategic recommendations include enhancing security headers, verifying domain registration status, and maintaining up-to-date software components.

B

BEST OF NATURE

bestofnature.sk

10

Best of Nature is a small retail business specializing in natural plant-based oils and wellness products, targeting consumers interested in aromatherapy and traditional herbal remedies primarily in Slovakia and the Czech Republic. The website presents a professional and consistent brand image with clear product promotion and customer engagement through exhibitions and online sales. Technically, the site uses modern web technologies including Vue.js and FontAwesome, with good mobile optimization and SEO practices. Security posture is moderate with cookie consent and privacy policies implemented, but lacks explicit security headers and incident response information. Overall, the website is trustworthy and compliant with GDPR, though improvements in security policies and technical hardening are recommended.

Le Média is an independent French media outlet focused on providing socially and ecologically engaged news and analysis. It operates on a citizen-funded model, ensuring independence from state or billionaire ownership. The website offers a rich variety of content including articles, investigative reports, podcasts, and video programs, targeting French-speaking audiences interested in alternative media perspectives. Technically, the site uses modern web technologies such as React and privacy-conscious analytics like Matomo, with good mobile optimization and SEO practices. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit cookie consent mechanisms. The absence of WHOIS data limits domain legitimacy verification, but the active and professional content suggests a legitimate operation. Strategic recommendations include enhancing privacy compliance, publishing security policies, and improving security headers to strengthen trust and compliance.

The Odoo Community Association (OCA) is a well-established non-profit organization founded in 2014 that supports the Odoo open source ERP ecosystem by fostering collaboration among developers, integrators, consultants, and users. The organization provides access to high quality apps, open upgrades, and community-driven resources, positioning itself as a key player in the open source ERP community. The website reflects this mission with clear navigation, professional design, and active engagement with sponsors and partners. Technically, the site is built on the Odoo CMS platform, leveraging modern web technologies such as FontAwesome, Google Analytics, and reCAPTCHA for security and analytics. Hosting is provided by Gandi SAS, with HTTPS enabled ensuring secure communications. However, some security best practices such as DNSSEC and security headers are not implemented, and no explicit cookie consent mechanism is present, which may impact GDPR compliance. Contact information is primarily via web forms, with no direct email or phone numbers visible. Overall, the site demonstrates good digital maturity and community trust but could improve in security and privacy compliance areas.

Coop Formations is a French cooperative organization specializing in professional training aimed at transforming work, organizations, and society. Founded in 2020, it operates as a small, human-scale entity focused on delivering accessible, high-quality educational sessions and courses. The cooperative emphasizes combining critical thinking with practical action, supported by passionate trainers and personalized learner support. The website reflects a clear mission and strong trust signals such as the Qualiopi certification and a 100% learner recommendation rate. Technically, the website is built on the Odoo CMS platform, hosted via Infomaniak, and employs modern web technologies including Bootstrap, FontAwesome, and Chart.js. It demonstrates good mobile optimization, accessibility, and SEO practices. Analytics are implemented with privacy-conscious tools like Plausible alongside Google Analytics, with a cookie consent mechanism ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and has domain transfer protections in place. However, DNSSEC is not enabled and no explicit security policies or incident response contacts are published, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the site presenting a professional, trustworthy, and compliant digital presence. Strategic recommendations include enabling DNSSEC, publishing security and incident response policies, and enhancing security headers to further strengthen trust and resilience.

U

University of California, Davis

ucdavis.edu

70

University of California, Davis (UC Davis) is a large, top-tier public university located in California, USA. The institution focuses on education, research, and community engagement, with nationally recognized programs in agriculture, veterinary medicine, and graduate financial success. The website serves prospective and current students, faculty, staff, alumni, and visitors, providing comprehensive information about admissions, academics, campus life, and research. The digital presence reflects a mature and professional organization with consistent branding and rich content.

C

Cerema

cerema.fr

48

Cerema is a French public entity specializing in climate adaptation and territorial planning, serving government bodies, local authorities, and enterprises. It holds a strong market position as a referent public organization providing tailored solutions for environmental and infrastructural challenges. The website reflects a mature digital presence with a modern Drupal 10 CMS, integrated analytics tools, and a professional design that supports user engagement and accessibility. Security posture is solid with HTTPS and privacy-conscious analytics configurations, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates high business credibility and technical maturity, aligned with its governmental role.

A

Agence Bio

agencebio.org

60

Agence Bio is the official French agency dedicated to the development and promotion of organic agriculture. It serves as a governmental and non-profit entity focused on raising awareness, providing data, funding projects, and communicating the benefits of organic farming to various stakeholders including consumers, producers, distributors, and the general public in France. The agency maintains a strong market position as the authoritative source for organic agriculture information and support in France. Technically, the website is built on a modern WordPress CMS platform with Elementor page builder and enhanced SEO via Yoast. It integrates multiple marketing and analytics tools such as Google Tag Manager, Matomo, and Sendinblue, indicating a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good performance and clear navigation. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers and a published security.txt file. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data limits domain trust verification, though the website content and official tone strongly suggest legitimacy. Overall, Agence Bio presents a professional, trustworthy, and content-rich platform supporting organic agriculture in France. Strategic improvements in security headers, privacy policy transparency, and incident response disclosures would enhance its security posture and compliance.

U

Union Nationale de l'Apiculture Française

unaf-apiculture.info

52

The Union Nationale de l'Apiculture Française (UNAF) operates as a professional union serving beekeepers across France. The organization provides advocacy, insurance services, training, regulatory information, and publishes a specialized apiculture magazine. The website reflects a mature digital presence with a clear focus on serving both professional and amateur beekeepers, emphasizing environmental stewardship and industry support. Technically, the site is built on WordPress with modern libraries such as jQuery and AddToAny for social sharing, and it demonstrates good performance and mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers, alongside GDPR-compliant cookie and privacy policies. However, WHOIS data is unavailable, likely due to privacy protection, which is common and justified for such an entity. Overall, the site is trustworthy, professional, and well-maintained, with no visible security or privacy concerns.

S

salon Marjolaine - Parc Floral de Paris

salon-marjolaine.com

49

Salon Marjolaine is a well-established French event focused on organic agriculture, ecology, and sustainable living, operating since 2006. It serves as a major marketplace and meeting point for organic producers, consumers, and enthusiasts. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content about the event, exhibitors, and program. Technically, it is built on WordPress with modern plugins and tracking tools, hosted likely by Infomaniak, and uses HTTPS with basic security measures. Privacy compliance is well addressed with GDPR-aligned cookie consent and a detailed privacy policy. However, explicit security policies and vulnerability disclosures are absent, and some security headers could be improved. Overall, the site is trustworthy and professionally managed, with no signs of malicious activity or content safety concerns.

P

PEUPLES ET MUSIQUES AU CINEMA

peuplesetmusiquesaucinema.org

38

PEUPLES ET MUSIQUES AU CINEMA is a French cultural festival dedicated to the intersection of world music and cinema, organizing annual events including film screenings, concerts, and cultural workshops. The website demonstrates a well-established presence with archives dating back to 2000 and detailed programming for upcoming events, indicating a stable market position within the cultural and ethnomusicology sectors. The target audience is general public interested in cultural heritage and music cinema. Technically, the site is built on WordPress using the OceanWP theme and Elementor page builder, with modern libraries such as jQuery and FontAwesome, and includes Google reCAPTCHA for form security. Performance and mobile optimization are adequate, though accessibility and SEO could be improved. Security posture is good with HTTPS and reCAPTCHA, but lacks visible security headers and comprehensive privacy/cookie compliance mechanisms. WHOIS data is unavailable due to malformed output, but domain expiry and website content suggest legitimacy. Overall, the site is professional and trustworthy but could benefit from enhanced privacy and security practices.

T

TotalEnergies

totalenergies.be

60

TotalEnergies Belgium operates a professional and comprehensive website offering electricity and natural gas supply services to individuals, SMEs, and large enterprises. The company positions itself as a major energy supplier with a focus on competitive pricing, renewable energy options, and customer-centric services including mobile app management and expert support. The website is well-structured, multilingual, and integrates modern web technologies and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and privacy compliance evident through detailed policies and cookie consent mechanisms. No critical vulnerabilities or suspicious activities were detected, indicating a trustworthy and reliable online presence.

T

Toulouse INP-ENSIACET

ensiacet.fr

53

ENSIACET is a French engineering school specializing in the transformation of matter and energy, offering multiple engineering diplomas and masters programs. It is part of the Toulouse INP group and maintains strong partnerships with governmental and educational institutions. The website is professionally designed, content-rich, and targets prospective students, researchers, and industry partners. The technical infrastructure is based on Ametys CMS with common JavaScript libraries and includes a cookie consent mechanism and Matomo analytics for privacy-conscious tracking. Security posture is moderate with no visible critical vulnerabilities, but lacks explicit security headers and incident response information. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the presence of official certifications and partner links supports legitimacy. Overall, the site is well-maintained, compliant with GDPR, and provides clear contact information.

M

musee-ile-oleron

musee-ile-oleron.fr

38

The Musée de l’île d’Oléron is a regional cultural institution dedicated to preserving and showcasing the heritage and traditions of the Oléron island. The museum offers a rich collection of over 500 objects spanning from prehistory to modern times. Currently closed for renovations with a reopening planned in 2027, it maintains engagement through temporary exhibitions, educational programs, and a mobile app for virtual tours. The website reflects a well-maintained digital presence with clear visitor information and official certifications, positioning the museum as a trusted cultural destination in the region. Technically, the website is built on WordPress with modern plugins and frameworks such as Yoast SEO, Bootstrap, and Ultimate Addons for Gutenberg. It employs HTTPS, Google reCAPTCHA v3 for form security, and a cookie consent mechanism via Axeptio, indicating a mature approach to privacy and security. Analytics are handled by Matomo, supporting privacy-conscious tracking. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security posture is solid with HTTPS and form protections, but lacks explicit security headers and published security policies or incident response information. WHOIS data is unavailable, likely due to privacy protection, which is common and not suspicious for this type of institution. Overall, the site demonstrates good security hygiene and compliance with GDPR requirements. Strategically, the museum should consider publishing detailed security policies and incident response plans to enhance trust and transparency. Implementing security.txt and improving accessibility compliance would further strengthen its digital maturity. The website effectively supports the museum’s mission and audience engagement, with room for incremental security and technical improvements.

B

Be MAD! Magazín pro hostesky & modelky

bemad.cz

58

Be MAD! Magazín pro hostesky & modelky is a Czech online media publication focused on fashion trends, casting calls, and job opportunities for hostesses and models. Founded in 2016 and operated by MAD Production, it serves a niche audience interested in lifestyle, health, and modeling industry news. The website is built on WordPress with a modern tech stack including Bootstrap and various plugins for SEO, GDPR compliance, and social sharing. The site demonstrates good content quality, consistent branding, and a user-friendly design optimized for mobile devices. Security posture is adequate with HTTPS and security headers, though some improvements in security disclosures and plugin configuration are recommended. Privacy and cookie policies are present and GDPR compliant. Overall, the site is safe, professional, and trustworthy for its target audience.

V

Vorwerk

vorwerk.ch

71

Vorwerk.ch is a retail-focused website offering Thermomix TM7 kitchen appliances and Kobold VK7 vacuum cleaners primarily targeting consumers in Switzerland. The site emphasizes free consultation services and positions itself as a recognized brand in household appliances. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and third-party services such as Google Tag Manager and Cookiebot for analytics and privacy compliance. The security posture is strong with HTTPS enforced and cookie consent implemented, though explicit privacy policies and incident response contacts are not found in the provided content. Overall, the website is professional, user-friendly, and trustworthy, with moderate tracking and advertising practices aligned with industry standards.

E

Expertises Climat

expertisesclimat.fr

11

Expertises Climat is a French non-profit association founded in 2022, dedicated to bridging scientific research and media to enhance public debate on ecological urgency. The organization federates over 200 researchers and experts, supporting journalists and promoting scientific expertise in media coverage of climate issues. Their partnerships with reputable institutions such as ADEME and CNRS reinforce their credibility and influence in the environmental sector. Technically, the website is built on WordPress with modern web technologies including Google Fonts, FontAwesome, and the Complianz GDPR plugin for privacy compliance. The site is well-optimized for mobile devices, has good SEO practices, and uses HTTPS with secure cookie consent mechanisms. Google Tag Manager is used for analytics, indicating moderate user tracking with privacy considerations. From a security perspective, the site enforces HTTPS and uses cookie consent management but lacks explicit security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns with the organization's profile, showing a consistent and legitimate domain registration. Overall, the website presents a professional, trustworthy, and privacy-conscious platform for its niche audience. Strategic improvements could include enhanced security headers and publicly available security policies to further strengthen trust and compliance.

C

Coop-médias SCIC SA

coop-medias.org

10

Coop-médias is a French citizen cooperative established in 2024 that supports, promotes, and defends independent media through citizen investment starting at 100 euros, offering tax benefits. Positioned as the first cooperative of its kind in France, it aims to finance independent media, increase their visibility, and defend media independence in public discourse. The website is professionally designed, mobile-optimized, and rich in relevant content targeting citizens interested in democratic and independent information. Technically, it is built on WordPress with modern plugins for GDPR compliance and tracking, including Facebook Pixel and Google Analytics, all integrated with user consent mechanisms. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers could be improved. WHOIS data is incomplete, limiting domain trust verification, but the website's professionalism and transparency support its legitimacy. Overall, Coop-médias presents a credible and well-structured platform for cooperative investment in media independence.

I

Iziflo

iziflo.com

9

Iziflo is a specialized software solution designed for multi brand car dealers, offering an integrated suite of applications to manage sales, processing, logistics, and customer relationship management. The website presents a professional and consistent brand image, targeting automotive dealerships and related business teams. Technically, the site is built on WordPress with modern web technologies including jQuery, Google Analytics, and Google Tag Manager, providing moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers and explicit policies are missing. The absence of WHOIS data raises concerns about domain legitimacy, impacting overall trust. Privacy and cookie policies are not found, indicating compliance gaps. Overall, the site is functional and business-focused but would benefit from enhanced transparency and security documentation.

K

Kutnohorská Mincovna

kutnohorskamincovna.cz

51

Kutnohorská Mincovna is a small Czech Republic-based business dedicated to reviving and celebrating the historical royal mint of Kutná Hora. The company focuses on producing investment-grade gold and silver coins, bullion bars, corporate minting services, and collector's editions that honor Czech traditions and history. The website is professionally designed with good content quality and clear navigation, targeting investors and collectors interested in precious metals and Czech heritage. Technically, the site uses modern front-end libraries including Bootstrap, FontAwesome, and Google Tag Manager for analytics and marketing. The hosting leverages Amazon Cloudfront for widget delivery. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and incident response information. WHOIS data is unavailable, which limits domain legitimacy verification and slightly reduces trustworthiness. Overall, the site is safe, compliant with GDPR, and provides a positive user experience with room for security and contact information improvements.

U

Università degli Studi di Palermo

unipa.it

62

The Università degli Studi di Palermo is a large, well-established public university in Italy, founded in 1806, serving over 40,000 students. It offers a broad range of academic programs including undergraduate, graduate, and single-cycle degrees. The website reflects its educational mission with content focused on academic offerings and institutional information. Technically, the site uses standard web technologies such as Bootstrap and FontAwesome, providing a good user experience with responsive design and clear navigation. However, there is a lack of visible privacy and cookie policies, as well as security and incident response information, which are critical for compliance and trust in today's digital environment. The security posture is moderate but could be improved by implementing security headers and disclosing vulnerability handling procedures. Overall, the domain registration data aligns well with the university's identity, indicating high legitimacy and trustworthiness.

I

Institute of Indic Wisdom

iiwisdom.org

49

Institute of Indic Wisdom (IIW) is a small non-profit organization founded in 2023, focused on translating timeless Indic wisdom into contemporary leadership and personal growth practices. The website presents a professional and consistent brand with clear navigation and relevant content targeting leaders, entrepreneurs, and individuals seeking transformational learning. Technically, the site is built on WordPress with modern libraries like Bootstrap and Swiper, hosted by GoDaddy. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. Privacy compliance is partial with a privacy policy present but no cookie consent mechanism. Overall, the domain registration is consistent and trustworthy, matching the organization's founding timeline.

P

PERSKIMEDIA Szymon Perski

epochtimes.pl

59

Epoch Times Polska is a Polish-language independent news media outlet, part of the international Epoch Times network published in 23 languages across 35 countries. The website provides news, analyses, opinions, and cultural content with a focus on China, human rights, and Polish affairs. The business operates on a digital publishing model with advertising revenue and targets Polish-speaking audiences interested in independent journalism. Technically, the site is built on WordPress, using common libraries such as jQuery, Bootstrap, and FontAwesome, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and no obvious vulnerabilities, though improvements in security headers and DNSSEC are recommended. Privacy compliance is strong with clear cookie consent and a comprehensive privacy policy. No direct contact emails or phone numbers are publicly listed, which may limit direct user engagement. Overall, the site is professional, trustworthy, and content-rich, serving a medium-sized media business in Poland.

K

Kutnohorská Mincovna

khm.cz

50

Kutnohorská Mincovna is a Czech-based business dedicated to reviving and celebrating the historical royal mint traditions of Kutná Hora. The company offers investment-grade precious metals including gold and silver coins, bullion bars, and commemorative collector's editions. Their market position is niche, targeting investors and collectors interested in Czech heritage and precious metals. The website demonstrates a moderate level of digital maturity, utilizing modern web technologies such as Bootstrap, FontAwesome, and Google Tag Manager, with embedded YouTube content and cloudfront-hosted widgets. Security posture is adequate with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and incident response policies. The absence of WHOIS data limits domain trust verification, though the website content and social media presence support legitimacy. Overall, the site is professionally designed, mobile-optimized, and provides relevant content for its audience.

S

Stellar Media s.r.o.

vltavskykuryr.cz

57

Vltavský Kurýr is a Czech regional news media website operated by Stellar Media s.r.o., focusing on news, culture, travel, and local events around the Vltava river region. The site targets a general audience interested in regional updates and cultural happenings. Technically, the website is built on WordPress with a modern theme and uses common web technologies such as jQuery and Google Tag Manager for analytics. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS data limits domain trust assessment, but the website content and structure appear legitimate and professional. Overall, the site is a functional regional news portal with moderate technical maturity and some compliance gaps.

S

Service Public d’Information en Santé

sante.fr

63

Santé.fr is the official French public health information portal managed under the Ministry of Health. Established in 2016, it serves as a comprehensive and reliable source of health information for the general public and health professionals. The website offers extensive editorial content, a large directory of health professionals and establishments, and personalized health advice services. It is positioned as a leading government-backed health information platform in France. Technically, the site is built on Drupal CMS with modern frontend technologies including Vue.js and FontAwesome. It implements strong privacy and cookie consent mechanisms using tarteaucitron.js and supports mobile and accessibility standards well. The site is served over HTTPS with no detected blocking or WAF interference, indicating good operational maturity. From a security perspective, the site enforces HTTPS and secure login via OpenID Connect but lacks explicit HTTP security headers and a published security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a comprehensive privacy policy and cookie management. Overall, Santé.fr presents a trustworthy, professional, and secure public health information service with excellent content quality and user experience. The domain WHOIS data is not publicly available, consistent with government domain privacy practices, and the site aligns well with its stated mission and branding.

T

TK grafika/webdesign

tkwebdesign.cz

52

TK grafika/webdesign is a small Czech-based creative service provider specializing in corporate graphic design, web design, vehicle wraps, and video production. The business emphasizes a combined approach to graphic and web design, leveraging the owner's dual expertise. The website is professionally designed using WordPress with a custom Avant theme and several plugins to enhance functionality and user experience. Hosting is provided by a Czech hosting provider, indicating a local focus. Security posture is moderate with HTTPS enabled and use of Google reCAPTCHA, but lacks advanced security headers and formal privacy or cookie policies, which are compliance gaps. Contact information is clearly presented, enhancing business credibility. Overall, the website is safe, professional, and suitable for general audiences.

P

PMB Services

sigb.net

66

PMB Services is a French company specializing in the development and support of PMB, an open-source library and documentation management software. The company targets libraries, documentation centers, educational and research institutions, offering a comprehensive suite of services including software development, consulting, installation, hosting, training, and support. With over 20 years of experience and a client base exceeding 1800 organizations and 10,000 users, PMB Services holds a solid position in the library technology sector. Technically, the website employs a mature technology stack featuring jQuery, UIkit, Dojo Toolkit, and FontAwesome, alongside analytics tools like Google Analytics and Matomo. The site is built on the PMB CMS platform, optimized for mobile devices with good SEO and basic accessibility features. Security practices include HTTPS usage, CSRF tokens in forms, and a cookie consent mechanism, though explicit security headers are not evident. The security posture is moderate, with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with a comprehensive privacy policy and GDPR-aligned cookie consent. The absence of WHOIS data suggests privacy protection, which is justified for this business type. Social media presence and community engagement further enhance trust. Overall, PMB Services presents a professional, trustworthy online presence with a focus on open-source library management solutions. Strategic improvements in security headers and accessibility could further strengthen their digital maturity and security posture.

E

EUROCAM

cam-europe.eu

51

EUROCAM is a European non-profit foundation that unites umbrella organizations representing patients, medical doctors, veterinarians, and practitioners in the Traditional, Complementary, and Integrative Healthcare (TCIH) sector. It holds a recognized position within the European health policy landscape, engaging with the European Commission and Parliament, and is accredited by the WHO Regional Office for Europe. The organization focuses on advocacy, policy influence, and education to promote TCIH's role in sustainable, patient-centered healthcare across Europe. The website reflects this mission with comprehensive content, clear navigation, and a professional design tailored to its target audience of healthcare stakeholders and policymakers. Technically, the website is built on WordPress using modern frameworks such as Bootstrap and integrates various plugins for SEO, GDPR compliance, and user engagement (e.g., Mailchimp for newsletters). The site is mobile-optimized and employs HTTPS with a good SSL configuration. Analytics and tracking are implemented via Google Analytics and MonsterInsights, with appropriate cookie consent mechanisms in place. From a security perspective, the site demonstrates good practices including HTTPS enforcement and cookie consent but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or suspicious elements were detected in the provided content. The WHOIS data confirms a consistent and legitimate domain registration with a reputable registrar and no privacy protection, appropriate for a transparent non-profit entity. Overall, EUROCAM's website is a credible, well-maintained platform supporting its advocacy and educational goals in the healthcare sector, with room for improvement in security transparency and accessibility features.

YesWiki.net is a French open-source platform providing a no-code wiki and collaborative database solution aimed at users without technical skills. Founded in 2009, it offers tools for creating collaborative workspaces, form-based data entry, and various content visualization modules. The platform is community-driven with active documentation, forums, and a newsletter. Technically, the site uses PHP, Bootstrap, jQuery, Vue.js, and integrates third-party services like Matomo for analytics and MailerLite for marketing. The website is well-structured, mobile-optimized, and uses HTTPS with a stable domain registration. However, it lacks some modern security headers and cookie consent mechanisms, which are areas for improvement. Overall, the site is trustworthy, professional, and serves a niche market of collaborative content creators.

Les Alvéoles is a French-based ecological education center specializing in permaculture and agroecology. The organization offers a variety of services including in-person and online training, consulting, a nursery, and an experimental garden. Their target audience includes individuals and organizations interested in sustainable landscape design and ecological transition. The website is professionally designed using the Odoo CMS platform and integrates modern technologies such as Google Analytics and Vimeo for content delivery. While the site is accessible and well-structured, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled and CSRF tokens present, but missing explicit security headers and incident response contacts. Overall, the domain registration is consistent and legitimate, supporting the business's credibility.

N

Nature et Progrès

natureetprogres.org

67

Nature et Progrès is a well-established French non-profit association founded in 1964, dedicated to promoting agroecology and organic production through a participatory guarantee system. The website serves as an informational and community platform for producers, consumers, and local groups involved in sustainable agriculture and related sectors. The organization holds a credible market position within the organic certification space in France, supported by a domain registered since 2002 with a reputable registrar, OVH sas. Technically, the website is built on the YesWiki CMS platform, leveraging Bootstrap, jQuery, and Vue.js for a responsive and modern user experience. Hosting is provided by OVH, a known hosting provider. The site demonstrates good mobile optimization and accessibility, though SEO and privacy compliance could be improved. No major performance issues were detected. From a security perspective, the site uses HTTPS and has domain-level protections such as clientDeleteProhibited and clientTransferProhibited statuses. However, it lacks DNSSEC and explicit security headers, and no published security or incident response policies were found. The absence of privacy and cookie policies indicates a gap in compliance with GDPR and related regulations. Overall, the website is trustworthy and professional, with a strong business credibility score. The main risks relate to privacy compliance and security best practices, which should be addressed to enhance user trust and regulatory adherence.

G

GoGoCarto - Créez des cartes à GoGo !

gogocarto.fr

59

GoGoCarto is a French technology platform specializing in participatory mapping, enabling users to create and share community-driven map projects. The platform hosts thousands of projects, indicating a vibrant user base and active community engagement. The website is well-branded, consistent, and provides open source code and documentation links, reflecting transparency and openness. Technically, the site uses modern web technologies including JavaScript, CSS, and Matomo analytics for privacy-conscious user tracking. The hosting is provided by Colibris outils libres, a known free software hosting provider, which aligns with the platform's open source ethos. Security posture is moderate with HTTPS enforced and sandboxed iframes, but lacks explicit security headers and documented security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanism. Business credibility is supported by domain age, consistent WHOIS data, and active project hosting. Overall, the site is functional and trustworthy but would benefit from enhanced privacy and security disclosures.

Élabore is a French cooperative specializing in the integration and deployment of open-source ERP and CRM solutions, primarily based on Odoo, targeting associations, small and medium enterprises, and organizations within the social, ecological, and cultural sectors. Their business model emphasizes digital transition with open-source tools, offering a suite of software, training modules, and maintenance services. The company holds a Qualiopi certification for its training activities, reinforcing its credibility in the education sector. Technically, the website is built on the Odoo CMS platform, leveraging modern web technologies such as Bootstrap and FontAwesome. The site is mobile-optimized and demonstrates good SEO practices, although performance is moderate. Security-wise, the site uses HTTPS with valid SSL certificates and includes CSRF tokens, but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. The security posture is adequate but could be improved by implementing DNSSEC, security headers, and publishing formal security policies. Privacy compliance is limited due to the absence of privacy and cookie policies and no visible consent mechanisms. Contact information is primarily via a contact form, with no direct emails or phone numbers publicly listed. Analytics are conducted via Plausible.io, a privacy-focused service, indicating moderate user tracking. Overall, Élabore presents a trustworthy and professional online presence consistent with its cooperative and open-source ethos. Strategic improvements in privacy compliance and security practices would enhance its risk profile and user trust.

C

Centrum vzdělávání, informací a kultury p. o.

cvik.info

45

Centrum vzdělávání, informací a kultury Český Brod is a local public institution combining educational, informational, and cultural services including a municipal library, information center, and cultural house. The website serves as a portal for event calendars, ticket sales, photo galleries, and official communications targeting the local Czech community. The business model is focused on community engagement and cultural enrichment rather than commercial activities. Technically, the website employs a modern frontend stack with Bootstrap, jQuery, FontAwesome, and other libraries, ensuring a responsive and user-friendly experience. Google Tag Manager is used for analytics and marketing tracking, with a cookie consent mechanism implemented to comply with GDPR requirements. The site is well-structured with clear navigation and accessible contact options. From a security perspective, the site uses HTTPS and has implemented cookie consent controls, but lacks visible HTTP security headers and explicit security or incident response policies. The WHOIS data is incomplete and malformed, which reduces domain trustworthiness, but the website content and contact information appear legitimate and consistent with a public cultural institution. Overall, the website is functional, professional, and trustworthy for its intended audience, but improvements in security headers, WHOIS transparency, and explicit security policies would enhance its security posture and compliance.

S

Storck

merci.us

66

merci is a European chocolate brand marketed in the United States by Storck. The website serves as a brand and e-commerce platform offering a variety of chocolate products including personalized chocolate covers. The brand positions itself as a premium gift option for heartfelt moments of appreciation. The website is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses TYPO3 CMS and modern JavaScript libraries, with integration of SmartCart for e-commerce functionality. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. The lack of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the strong brand presence and consistent content. Strategic recommendations include enhancing security headers, publishing a security policy, and improving WHOIS transparency.

S

Storck

werthers-original.us

71

Werther’s Original is a well-established confectionery brand specializing in caramel products, operating under the parent company Storck. The website showcases a variety of caramel products and brand storytelling aimed at a general consumer audience in the United States. The digital infrastructure is built on TYPO3 CMS with modern JavaScript frameworks and includes e-commerce capabilities via SmartCart. Privacy and cookie policies are implemented with consent mechanisms, reflecting a commitment to compliance. However, the absence of WHOIS data limits domain trust verification. Security posture is moderate with room for improvement in security headers and incident response transparency. Overall, the website is professional, accessible, and trustworthy with a good user experience.

T

Trustami GmbH

trustami.com

67

Trustami GmbH operates a sophisticated reputation aggregation platform focused on collecting and displaying customer reviews from multiple sources to enhance trust and conversion for e-commerce businesses. The company serves over 30,000 clients and aggregates more than 1.39 billion reviews, positioning itself as a significant player in the online reputation management market. Their services include trust badges, public company profiles, Google star integration, and review insurance, supported by a variety of plugins for popular shop systems. Technically, the website employs modern web technologies such as jQuery, Bootstrap, and lazy loading, ensuring fast performance and excellent mobile optimization. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the absence of WHOIS data raises concerns about domain registration legitimacy, although the website content and external references strongly indicate a legitimate business. Security posture is generally good with HTTPS and secure form handling, but lacks explicit security policies and HTTP security headers. Overall, the site is professional, trustworthy, and well-optimized for SEO and user experience.

H

Habitat Participatif France

habitatparticipatif-france.fr

58

Habitat Participatif France is a French citizen movement founded in 2013 dedicated to promoting participative, ecological, and solidarity-based housing projects. The organization acts as a federation providing resources, advocacy, and networking opportunities for individuals and groups interested in alternative housing models. The website is well-structured, professionally designed, and provides comprehensive information and tools to support participative housing initiatives across France. Technically, the site is built on the YesWiki CMS platform, leveraging Bootstrap 5 and jQuery, and employs Matomo analytics configured to respect user privacy by disabling cookies. Security posture is solid with HTTPS enforced and secure login forms, though some security headers could be improved. The absence of WHOIS data for the domain is a transparency concern but does not detract significantly from the site's legitimacy given the quality and consistency of content. Privacy compliance is partial, with a privacy policy present but no visible cookie consent mechanism. Overall, the site is trustworthy, informative, and serves a niche non-profit community effectively.

M

Mouvement Utopia

mouvementutopia.org

52

Mouvement Utopia is a French non-profit cooperative dedicated to popular education and social activism. Established in 2008, it operates as a citizen cooperative offering educational resources, events, podcasts, and cultural activities. The organization maintains a strong presence in its niche sector with active engagement through its website and social media channels. The website serves as a hub for news, event announcements, and educational content, targeting citizens interested in social change and education.

C

Copergreen

copergreen.fr

47

Copergreen is an independent pioneer group founded in 2008 specializing in the development and integration of photovoltaic energy projects. The company targets individuals and businesses interested in energy transition and solar power solutions, offering services such as project development, maintenance, optimization, and investment options. The website reflects a medium-sized energy sector business based in France, with consistent branding and professional content. Technically, the website is built on WordPress using Elementor and Yoast SEO plugins, hosted by OVH. It employs modern web technologies including Google Analytics for tracking and CookieYes for GDPR-compliant cookie consent management. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be improved. From a security perspective, the site uses HTTPS with good SSL configuration but lacks explicit security headers like Content-Security-Policy and X-Frame-Options. No security policy or incident response information is published, and no vulnerability disclosure mechanism is present. Cookie consent is well implemented with detailed categories and user controls, indicating good privacy compliance. Overall, the website is trustworthy, professionally maintained, and compliant with basic privacy regulations. However, it could enhance its security posture by adding security headers, publishing security policies, and improving accessibility. No critical vulnerabilities or suspicious activities were detected.

H

Helexia

helexia.green

46

Helexia is a French company specializing in providing personalized energy transition trajectories for businesses. Their services encompass energy audits, photovoltaic solar installations, energy efficiency solutions, and regulatory compliance support. The company positions itself as a medium-sized enterprise under the Helexia Group umbrella, targeting corporate clients seeking sustainable energy solutions. The website is professionally designed using WordPress with modern plugins and integrates HubSpot forms for lead generation. The technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, although some security headers and explicit privacy policies are missing. The WHOIS data is unavailable or malformed, which slightly reduces trustworthiness but the overall digital presence is consistent and professional. The company leverages marketing and analytics tools such as HubSpot, Facebook Pixel, and LinkedIn Insight Tag to optimize user engagement and tracking.