Security Directory

L

Le Théâtre du Tiroir des affabulation

theatre-du-tiroir.com

60

Le Théâtre du Tiroir is a small French cultural non-profit organization specializing in theatrical performances, concerts, conferences, and community educational events. The website presents a rich schedule of events from August to December 2025, focusing on social, political, and cultural themes such as peace, human rights, and historical memory. The organization targets a broad audience interested in culture and social issues, operating primarily in the Laval region of France. Technically, the website is built on WordPress with a modern block editor, uses HTTPS, and shows good mobile optimization and content quality. However, it lacks formal privacy, cookie, and terms of service policies, which impacts compliance and trust. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures. WHOIS data is unavailable, which reduces domain trust but the website content and presentation suggest a legitimate cultural entity. Overall, the site is functional and content-rich but could improve in privacy compliance and security best practices.

M

Medialibs

e-majine.com

56

Medialibs operates the e-majine platform, a comprehensive and versatile CMS solution designed for professionals in communication and website creation. The platform supports a wide range of website types including e-commerce, community sites, blogs, and multi-language sites, positioning itself as a robust tool for businesses seeking scalable web solutions. The website content is professionally presented in French, targeting a medium-sized business audience primarily in France. Technically, the site employs a modern but somewhat dated tech stack including jQuery 1.10, Google Analytics GA4, and Google reCAPTCHA v3, with a strong emphasis on user privacy via a granular cookie consent mechanism. However, the absence of explicit privacy and terms of service pages is a notable gap. Security-wise, the site uses HTTPS and anti-spam measures but lacks visible security headers and a vulnerability disclosure policy. The WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional appearance and content quality. Overall, the site scores well on content and business credibility but should improve privacy transparency and domain registration clarity.

B

Boucles de la Mayenne - Crédit Mutuel | Course cycliste Pro Series

bouclesdelamayenne.fr

56

The website www.bouclesdelamayenne.fr represents a professional cycling event known as Boucles de la Mayenne - Crédit Mutuel, part of the UCI Pro Series calendar. It targets cycling enthusiasts and partners, offering event promotion and media broadcasting services. The site is built on the Wix platform, leveraging Wix Thunderbolt framework and standard web technologies such as JavaScript, CSS, and HTML5. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance mechanisms. The absence of WHOIS data from the AFNIC server raises concerns about domain registration transparency, although the website content and branding appear legitimate. Overall, the site is functional and professional but would benefit from enhanced security practices and privacy compliance to improve trust and regulatory adherence.

M

Mgr. Marek Sivčo

mareksivco.sk

56

The website mareksivco.sk represents the personal and professional portfolio of Mgr. Marek Sivčo, a Slovak teacher, web developer, poet, and podcaster. The site highlights his extensive experience in web development, teaching engagements, creative works, and supported projects. It targets individuals interested in IT education, Slovak geek culture, and creative arts. The business model is centered on personal branding and educational content delivery, with a niche market position in Slovakia and the broader Slovak-speaking community. Technically, the website employs a modern tech stack including PHP, WordPress, JavaScript, and various Adobe creative tools. Hosting is provided by Websupport, with DNSSEC enabled and HTTPS properly configured, indicating a secure and reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. No analytics or tracking scripts are present, reflecting a privacy-conscious approach. From a security perspective, the site benefits from HTTPS and DNSSEC but lacks security headers and formal security policies. No vulnerability disclosure or incident response information is provided, and no privacy or cookie policies are found, which are notable compliance gaps. The absence of forms reduces attack surface but also limits user interaction. Overall, the website is professional, trustworthy, and content-rich, with strong business credibility but room for improvement in privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and publishing a vulnerability disclosure policy to enhance trust and compliance.

P

PENNY Market Česká republika

penny.cz

67

PENNY Market Česká republika operates as a major retail supermarket chain in the Czech Republic, providing grocery and household products to a broad consumer base. The website serves as a digital storefront and information portal, featuring store locations, promotions, and company information. It is part of the REWE Group, a large European retail conglomerate, which supports its market position and brand recognition. The site targets general consumers in the Czech market with a focus on retail grocery shopping. Technically, the website employs modern frontend technologies such as Vue.js and uses Google Fonts and Material Icons for UI consistency. The site is mobile-optimized and demonstrates moderate performance with good SEO and accessibility basics. Security best practices are observed with HTTPS enforcement and standard security headers, though some advanced security disclosures and policies are absent. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Contact information is clearly provided, enhancing business credibility. However, the lack of WHOIS transparency due to privacy protection limits domain registration visibility. Overall, the website presents a professional, trustworthy, and secure digital presence for PENNY Market in the Czech Republic. Strategic improvements could include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

H

HS Media

hsmedia.no

8

HS Media is a Norwegian small business specializing in contextual marketing across print, digital, and social media channels. The company aims to place advertising in contexts where the target audience is most receptive, focusing on Norwegian markets. The website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. The site presents professional content with good design and navigation but lacks comprehensive privacy and security disclosures. Security posture is moderate with no detected WAF or blocking mechanisms, but the absence of security headers and policies indicates room for improvement. Overall, the domain registration is privacy protected, which is common for small businesses, and no suspicious indicators were found. Strategic recommendations include enhancing privacy compliance, adding contact and security information, and improving security headers and SSL configurations.

D

Display

display.cz

41

Display is a small non-profit association based in Prague, Czech Republic, focused on research and collective practice in cultural and educational domains. The website presents a well-structured platform showcasing events, projects, and publications, targeting a general audience interested in cultural research and collective activities. The organization appears established with a domain age since 2000 and active social media presence, enhancing its market position within its niche. Technically, the website is built on GravCMS, a modern flat-file CMS, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and SEO practices, although performance is moderate. The use of Mailchimp for newsletter subscriptions shows integration with common marketing tools. However, there is a lack of visible advanced analytics or tracking services, suggesting minimal user tracking. From a security perspective, the site uses HTTPS and secure form handling but lacks visible security headers and published security policies. No privacy or cookie policies are found, representing compliance gaps with GDPR and related regulations. The WHOIS data is consistent and supports the legitimacy of the domain and organization. No WAF or blocking mechanisms are detected, and no vulnerabilities are apparent from the provided data. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency to improve its risk posture and user trust.

Z

zirk.us

zirk.us

65

zirk.us operates as an independent Mastodon social network server focused on the arts and humanities community, providing a platform for readers, writers, and academics to engage in cultural and intellectual discussions. The website leverages the Mastodon open-source platform, utilizing modern web technologies such as React and JavaScript ES modules to deliver a responsive and user-friendly experience. The domain is well-established, registered since 2004, and managed via GoDaddy with protective domain status flags, enhancing trustworthiness. However, the domain predates the Mastodon platform, indicating repurposing of the domain for this service. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, and privacy compliance is basic with a privacy policy present but no cookie consent mechanism or terms of service found. Overall, the site is functional, trustworthy, and serves a niche community with good content quality and technical implementation.

G

GoDaddy Operating Company, LLC

cea.tech

11

The website is a domain sales landing page for the domain cea.tech, operated by GoDaddy Operating Company, LLC, a leading global domain registrar and marketplace. The platform offers multiple purchasing options including buy now, lease to own, and making an offer, targeting businesses and individuals seeking premium domain names. The site leverages modern web technologies such as React and Next.js, hosted on GoDaddy infrastructure, providing a fast and responsive user experience. Security is robust with HTTPS enforced, security headers present, and secure payment assurances. Privacy and cookie policies are available through GoDaddy's main site, indicating compliance with GDPR and other regulations. Overall, the site demonstrates a high level of professionalism, trustworthiness, and technical maturity.

W

waterlutions

waterlutions.com

68

Waterlutions is a small French business specializing in artisanal water filtration solutions, particularly gravity-based filtration systems. The company operates primarily through its website, offering products via an integrated Ecwid ecommerce platform. The website is built on WordPress using the Gutenberg editor, hosted with AWS Cloudfront CDN, and presents a professional and consistent brand image targeting environmentally conscious consumers interested in water purification. The business appears niche with a local focus in Grisolles, France. Technically, the site uses modern web technologies but lacks some advanced security headers and cookie consent mechanisms, which could impact GDPR compliance. The security posture is moderate with HTTPS enabled but could be improved with additional headers and policies. The absence of WHOIS data raises concerns about domain legitimacy, although the website content and contact information suggest a genuine business presence. Overall, the site is functional and trustworthy but would benefit from enhanced security and privacy compliance measures.

A

ADweby.com

adweby.com

61

ADweby.com is a Czech Republic-based small technology company specializing in custom web development, e-commerce solutions, and graphic design services primarily targeting businesses and individuals in the Ostrava and Moravskoslezský kraj region. The company emphasizes unique graphic design and offers a proprietary content management system (AD-RS) and e-commerce platform (AD-Shop). The website demonstrates a professional digital presence with good content quality and SEO optimization, although some technical aspects such as outdated JavaScript libraries and lack of visible security headers suggest room for improvement. The security posture is moderate with HTTPS enforced and cookie consent implemented, but the absence of a clear privacy policy and missing WHOIS domain registration data raise concerns about compliance and legitimacy. Overall, the site is accessible and business-focused with no adult or questionable content detected.

F

FIDMarseille — Festival International de Cinéma de Marseille

fidmarseille.org

59

FIDMarseille is a well-established international film festival based in Marseille, France, with a history dating back to 2000. The festival showcases a diverse program of fiction, documentary, and artist films, attracting a culturally engaged audience and international cinema professionals. The website reflects a professional and consistent brand image, providing detailed event information, schedules, and social media engagement. Technically, the site is built using modern frameworks like Astro, optimized for mobile devices, and delivers fast performance with responsive images. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is currently weak, with no visible privacy or cookie policies or consent mechanisms. Overall, the site is trustworthy and professionally maintained but would benefit from improved privacy and security practices.

Z

Zámek Osečany BUDE!

zamekbude.cz

48

Zámek Osečany BUDE! is a small-scale cultural heritage and tourism project focused on the restoration and promotion of the Osečany Castle in the Czech Republic. The website serves as an information portal for visitors, offering details about the castle's history, upcoming events, guided tours, and accommodation options. The business model is primarily non-profit with revenue streams from ticket sales and merchandise. The site is built on WordPress with WooCommerce integration, indicating a moderate level of digital maturity. Technical infrastructure includes modern plugins and a cookie consent mechanism ensuring GDPR compliance. Security posture is adequate with HTTPS and cookie consent but lacks explicit security policies and headers. Overall, the website is professional, trustworthy, and well-targeted to its audience, with room for improvement in security and incident response transparency.

M

Městský úřad Brandýs nad Labem-Stará Boleslav

brandysko.cz

49

The website brandysko.cz serves as the official online presence of the municipal government of Brandýs nad Labem-Stará Boleslav, Czech Republic. It provides comprehensive information about the city, its administration, public services, cultural events, and community resources. The site targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is focused on public service delivery and information dissemination, positioning itself as a trusted and authoritative source for the local community. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor analytics, with a clear cookie consent mechanism in place to comply with GDPR. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and manages cookie consent effectively. However, it lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration consistent with a municipal entity. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, providing a professional and trustworthy user experience. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and resilience.

N

Le coin de web de Renaud - Illustrations et dessins divers ...

noche.fr

45

The website noche.fr is a personal portfolio site for an artist named Renaud, showcasing a variety of illustrations, drawings, and animation backgrounds. The site targets art enthusiasts and fans of fantasy and animation art. It operates primarily as a showcase without visible commercial transactions or e-commerce features. The domain is registered since 2005 with OVH, a reputable French registrar, consistent with the site's French language and content. Technically, the site uses classic web technologies including HTML, CSS, JavaScript, and jQuery 1.4.2, with integrations for Google Analytics and social media widgets. The design and navigation are basic but functional, with moderate performance and limited mobile optimization. Security posture is modest, with no visible security headers and use of outdated JavaScript libraries, which may pose risks. Privacy and cookie policies are absent, indicating poor privacy compliance. Overall, the site is moderately trustworthy but would benefit from security and compliance improvements.

N

Nadační Fond Hyundai

nadacnifondhyundai.cz

47

Nadační Fond Hyundai is a small non-profit foundation established in 2007, focused on supporting civil society development and community projects primarily in the Czech regions of Frýdek-Místek and Nový Jičín. The foundation collaborates with Hyundai Motor Manufacturing Czech and local government entities to promote environmental protection, transparency, education, and human rights. The website provides information about the foundation's mission, grant rounds, and contact details, primarily targeting local NGOs and active citizens. Technically, the website is built with basic HTML and CSS, uses Google Tag Manager for analytics, and is hosted via WEDOS. The site lacks advanced CMS or frameworks and shows basic mobile and accessibility features. Security posture is moderate with some security headers but no visible HTTPS confirmation or advanced policies. Privacy compliance is limited, with a privacy policy PDF linked but no cookie consent or GDPR details. Overall, the site is legitimate, consistent with its stated mission, and shows moderate digital maturity.

C

CareJam

carejam.cz

60

CareJam is a Czech-based educational platform specializing in training and professional development for the nonprofit sector, with a focus on mental health, digitalization, leadership, and organizational professionalization. The website offers accredited courses, workshops, and webinars tailored to nonprofit organizations and professionals working with mental health issues. Supported by notable partners such as the Nadacni fond Hyundai, CareJam positions itself as a trusted resource within its regional market in Moravskoslezský kraj, Ostrava. The business model revolves around providing specialized educational content to enhance skills and knowledge in the nonprofit sector.

F

Fédération des Coopératives d'Activité et d'Emploi

les-cae.coop

51

The Fédération des Coopératives d'Activité et d'Emploi is a French federation supporting the creation and development of cooperative business models known as CAE. The organization promotes the entrepreneur salarié and associé status, providing resources, networking, training, and advocacy for cooperative enterprises. The website is well-structured, professionally designed, and targets entrepreneurs and cooperatives in France. Technically, the site is built on Drupal 10, uses Matomo for analytics, and includes modern web technologies with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies are missing. The domain registration is consistent with the business claims and shows no suspicious patterns. Overall, the website demonstrates a mature digital presence with good business credibility and compliance with GDPR.

U

UR SCOP OUEST

les-scop-ouest.coop

53

UR SCOP OUEST is a regional cooperative union based in Western France, dedicated to supporting and promoting the Scop and Scic cooperative models. The organization provides a range of services including business creation, transmission, transformation, acceleration, training, and cooperative revision. It serves cooperative entrepreneurs and members within the Ouest region, positioning itself as a key regional player in the cooperative ecosystem. The website reflects a professional and consistent brand image with comprehensive content tailored to its audience. Technically, the website is built on Drupal 10, leveraging modern web technologies and providing good mobile optimization and accessibility. The site uses Matomo and Google Tag Manager for analytics, with a clear cookie consent mechanism in place, demonstrating a mature approach to privacy compliance. Hosting appears to be managed by insite.coop, with DNS and SSL configurations generally good, though DNSSEC is not enabled. From a security perspective, the site enforces HTTPS and employs consent management for cookies. However, it lacks DNSSEC and explicit Content-Security-Policy headers, which are recommended for enhanced security. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business identity, indicating legitimacy and trustworthiness. Overall, the website presents a low-risk profile with strong business credibility and good privacy practices. Strategic improvements in DNS security and security headers would further strengthen its posture.

U

Union Regionale des SCOP Aquitaine

les-scop-nouvelle-aquitaine.coop

55

Union Régionale Nouvelle Aquitaine is a regional cooperative support organization dedicated to promoting and assisting SCOP and related cooperative enterprises in the Nouvelle-Aquitaine region of France. The organization provides a comprehensive range of services including business creation support, business transmission to employees, business takeover assistance, association transformation, training, and network animation. It targets cooperative entrepreneurs, associations, and regional stakeholders, positioning itself as a key regional leader in the cooperative sector. The website reflects a professional and consistent brand image aligned with its mission. Technically, the website is built on Drupal 10, leveraging modern web technologies and providing a responsive, accessible, and SEO-optimized user experience. The site integrates multiple analytics and marketing tools with a strong emphasis on privacy compliance, including a cookie consent mechanism and GDPR-aligned privacy policy. Hosting details are not explicitly disclosed but DNS and domain registration indicate a cooperative-focused infrastructure. From a security perspective, the site uses HTTPS with good SSL configuration and cookie consent management. However, there is room for improvement in security headers and explicit security policies or incident response disclosures. No vulnerabilities or suspicious activities were detected. The WHOIS data is consistent with the organization's identity and domain age is appropriate for its business history. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing DNS security with DNSSEC, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

U

URSCOP Grand Est

les-scop-grandest.coop

49

The website www.les-scop-grandest.coop represents URSCOP Grand Est, a regional cooperative union in France supporting SCOP, SCIC, and CAE cooperative enterprises. It provides accompaniment, training, networking, and resources to cooperative businesses in the Grand Est region. The site is well-structured, professionally designed, and targets cooperative entrepreneurs and stakeholders. Technically, it is built on Drupal 10, hosted on insite.coop, and optimized for mobile with good SEO and accessibility. Security posture is solid with HTTPS and secure forms, though improvements like DNSSEC and additional security headers are recommended. Privacy and cookie policies are present and GDPR compliant. Contact information is clearly provided, enhancing trust. No adult or questionable content is present, making it safe for general audiences.

U

URSCOP Bourgogne France-Comte

les-scop-bfc.coop

55

The website www.les-scop-bfc.coop represents the Union Régionale Bourgogne Franche Comté, a regional cooperative organization supporting the creation, takeover, transformation, and transmission of businesses under the Scop and Scic cooperative models. Established in 2010, it serves the Bourgogne-Franche-Comté region in France, providing services such as business accompaniment, training, and network facilitation. The site targets entrepreneurs, cooperative members, associations, and employees interested in cooperative business structures. The business model is focused on regional cooperative development and support, positioning itself as a key player in the cooperative ecosystem within its region. Technically, the website is built on Drupal 10, indicating a modern and maintainable CMS platform. The site is mobile-optimized, accessible, and SEO-friendly with clear navigation and professional design. Hosting appears to be managed by insite.coop, with domain registration consistent with the business entity. Analytics are implemented via Matomo and LinkedIn Insight, with moderate user tracking and basic privacy compliance mechanisms including cookie consent. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms legitimacy and consistency with the business claims. Overall, the site demonstrates a solid security posture but could improve by enabling DNSSEC, adding security headers, and publishing formal security policies. The overall risk is low with no signs of malicious activity or suspicious content. Strategic recommendations include enhancing security policies, improving privacy compliance transparency, and implementing vulnerability disclosure mechanisms to further strengthen trust and security culture.

F

Framasoft

framateam.org

56

Framateam is a French non-profit association's service providing a free, privacy-focused, open source team chat platform based on Mattermost. It targets teams and communities seeking ethical and user-controlled communication tools. The website is well designed, content-rich, and consistent with the organization's mission. Technically, it uses modern JavaScript frameworks and enforces HTTPS with a Content-Security-Policy header, though DNSSEC is not enabled and no cookie consent mechanism is present. Security posture is good but could be improved with published incident response policies and vulnerability disclosure mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the service.

S

Storck

dickmanns-gewinnspiel.de

67

The website www.dickmanns-gewinnspiel.de is a promotional campaign platform for Storck's Super Dickmann's confectionery product, offering consumers in Germany a chance to win cashback and free products through a contest mechanism. The site is professionally designed with consistent branding and clear navigation, targeting retail consumers interested in confectionery promotions. Technically, the site is built on a modern Next.js framework with React, ensuring good mobile optimization and moderate performance. Security posture is adequate with cookie consent mechanisms and no visible vulnerabilities, though explicit security policies and headers could be improved. Privacy compliance is strong with GDPR-aligned policies and consent banners. Overall, the domain appears legitimate with brand protection via Brandshelter nameservers, and the site links to multiple official Storck partner domains. No adult or questionable content is present, making it safe for general audiences.

K

Koop Domeinnaam

cookiebanner.eu

8

Koop Domeinnaam operates as a domain reseller specializing in selling domain names such as cookiebanner.eu. The website is a straightforward landing page offering the domain for sale at a fixed price, targeting individuals or businesses interested in acquiring domain names quickly. The business model is simple and focused on domain sales with immediate invoicing and transfer token delivery. The market position is that of a niche domain reseller within the Netherlands, with a small-scale operation and basic online presence. Technically, the website employs standard HTML5, CSS, and JavaScript, with Cloudflare services used for CDN and security purposes. The site is moderately optimized for performance and mobile devices but lacks advanced frameworks or CMS platforms. SEO and accessibility features are basic, and no analytics or tracking services are detected, indicating minimal data collection. From a security perspective, the site benefits from Cloudflare's protection but lacks explicit security headers and cookie consent mechanisms, which are important for GDPR compliance. No forms or sensitive data collection points are present, reducing attack surface. The absence of detailed security policies and incident response information suggests limited security maturity. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the limited scope and content of the site, but improvements in privacy compliance, security headers, and transparency would enhance trustworthiness and regulatory adherence. Strategic recommendations include implementing cookie consent, adding security headers, publishing terms of service, and improving mobile and accessibility features.

S

Svazek obcí Dobříšska a Novoknínska

dobrisskonovokninsko.cz

10

Svazek obcí Dobříšska a Novoknínska is a regional governmental association serving municipalities in the Dobříš and Nový Knín areas of the Czech Republic. The website provides official information, documents, event calendars, and contact services aimed at local government officials and residents. The site is well-structured with clear navigation and comprehensive content relevant to its audience. Technically, it uses a CMS platform (Vismo), integrates Google Analytics with GDPR-compliant consent mechanisms, and employs Google reCAPTCHA for form security. The security posture is solid with HTTPS and form protections, though it lacks some advanced HTTP security headers. Overall, the site demonstrates good privacy compliance and business credibility consistent with a small governmental entity.

The Extensible Web Manifesto website serves as a platform to promote a new philosophy for web standards development, emphasizing low-level capabilities and iterative JavaScript-based feature development. It targets web developers, standards committees, and browser vendors, positioning itself as a thought leadership and advocacy initiative within the technology sector. The site content is well-structured and professional, featuring notable industry signatories, but lacks commercial or transactional elements. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, Google Fonts, and integrates Google Analytics and AddThis for tracking and social sharing. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No CMS or hosting provider details are evident. From a security perspective, the domain is stable and legitimate with a long registration period and appropriate domain status flags. However, the site lacks DNSSEC, security headers, and visible HTTPS enforcement details. Privacy and cookie policies are absent, which impacts compliance and user trust. Tracking technologies are present without clear consent mechanisms. Overall, the website is a credible and professional advocacy platform with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance.

T

Toot Café

toot.cafe

60

Toot Café is an independent Mastodon instance primarily serving a community interested in web design and development. It operates as a social networking platform within the fediverse, leveraging the open-source Mastodon software (version 4.4.7). The site provides features such as trending posts, hashtags, and a profiles directory, targeting users who seek decentralized social networking without ads or algorithms. The platform is administered by an individual named Nolan Lawson, indicating a small-scale community-driven operation. Technically, the website employs modern web technologies including React, JavaScript ES modules, and WebSockets for real-time streaming. The presence of a manifest file suggests support for progressive web app features. While the site appears to be mobile-optimized and has a good design quality, accessibility and SEO optimizations are basic. Performance is moderate, with no major issues detected in the HTML structure or resource loading. From a security perspective, HTTPS is implied and WebSocket connections use secure protocols. However, no explicit security headers were detected in the provided data, and there is no visible cookie consent mechanism or published terms of service. WHOIS data is unavailable due to unsupported TLD WHOIS queries, which slightly reduces trustworthiness. No contact information or incident response channels are published, limiting transparency. No advertising or tracking technologies were found, indicating a privacy-conscious approach. Overall, Toot Café presents as a legitimate, community-focused Mastodon instance with good technical foundations but some gaps in security best practices and compliance documentation. Strategic improvements in security headers, privacy compliance, and transparency would enhance trust and resilience.

L

Le Filament

le-filament.com

57

Le Filament is a small French technology company based in Toulouse, specializing in IT project management and integration of CRM and ERP tools, with a focus on open source solutions. The website reflects a professional and human-centric approach to digital transformation, targeting businesses seeking tailored IT services. The technical infrastructure is modern, utilizing the Hugo static site generator and hosted by Ikoula, a reputable French hosting provider. The site is well-structured, mobile-optimized, and SEO-friendly, though it lacks advanced accessibility features and some security best practices. Security posture is moderate; while HTTPS is presumably enabled (not explicitly confirmed), no security headers or vulnerability disclosures are present, and DNSSEC is not enabled. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced security and compliance documentation.

B

Be Bouncy

bebouncy.com

9

Be Bouncy is an AI-driven social media management platform designed to simplify and optimize social media growth for creators, SMBs, and agencies. The platform offers a suite of tools including smart scheduling, analytics, automated moderation, and gamified team management, all powered by its AI agent Nimbus. The website demonstrates a modern technical infrastructure built on React and Next.js, providing a responsive and user-friendly experience. However, the absence of WHOIS registration data and some minor issues such as a suspicious YouTube link domain and lack of cookie consent mechanisms slightly reduce trustworthiness. Security posture is moderate with HTTPS implied but no explicit security headers detected. Overall, the platform presents a professional and promising solution in the social media SaaS market, but domain legitimacy verification and enhanced privacy compliance are recommended.

R

Reacteev

reacteev.com

9

Reacteev is a technology company specializing in product management, agile methodologies, and AI-powered organizational tools. The website presents a professional and modern interface built on React and Gatsby, indicating a mature digital infrastructure. The business appears to target organizations looking to enhance their product and agile processes through AI solutions. The domain registration data supports the legitimacy and stability of the business, with a domain age consistent with the company's founding year of 2015. However, the website lacks critical privacy and cookie policies, as well as explicit contact information, which impacts its compliance and trustworthiness scores. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosures.

Z

ZAZUMi – vše pro zahradu i domov

zazumi.cz

57

ZAZUMi.cz is a Czech Republic-based e-commerce retailer specializing in plants, gardening supplies, and pet products. The website offers a broad catalog of products for home and garden enthusiasts, including indoor plants, garden equipment, and pet accessories. The platform supports customer accounts with login and registration features and provides clear contact information for customer support. The site is professionally designed with good navigation and mobile optimization, targeting primarily Czech-speaking customers interested in gardening and home care. Technically, the website employs modern JavaScript libraries such as Algolia for search and Mailkit for email services, alongside Google Tag Manager for analytics. The site uses HTTPS, ensuring encrypted communication, but lacks visible security headers which could enhance protection against common web attacks. Performance is moderate with room for improvement in accessibility and SEO features. From a security perspective, the site demonstrates basic best practices such as secure login forms with CSRF tokens and encrypted connections. However, the absence of privacy and cookie policies, as well as no visible incident response or vulnerability disclosure mechanisms, indicates gaps in compliance and security maturity. The lack of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness. Overall, ZAZUMi.cz presents a functional and user-friendly e-commerce platform with a solid business focus but requires improvements in transparency, privacy compliance, and security hardening to enhance trust and regulatory adherence.

Rijksdienst voor Ondernemend Nederland (RVO) is a Dutch government agency dedicated to supporting sustainable and strong economic development. The agency provides a wide range of services including information dissemination, advisory support, financing options, and networking opportunities to entrepreneurs, individuals, governments, and knowledge institutions. The website reflects a mature digital presence with comprehensive content tailored to its diverse audience, emphasizing sustainability, innovation, and international business growth. The agency's market position is that of a key national facilitator for economic and environmental initiatives in the Netherlands.

M

Mon espace santé

monespacesante.fr

66

Mon espace santé is a French government-backed digital health platform designed to securely store and share personal and family health data. It serves over 20 million users and is positioned as a leading national health service. The platform offers key services including document storage, secure messaging with health professionals, and management of children's health profiles. Technically, the website uses modern JavaScript frameworks (Vue.js), is mobile optimized, and integrates privacy and cookie consent mechanisms. Security posture is strong with HTTPS, HDS certification for data hosting, and no visible vulnerabilities, though explicit security headers and incident response contacts could be improved. Overall, the platform demonstrates high professionalism, trustworthiness, and compliance with GDPR, making it a reliable service for French residents.

C

CEA

prisonnier-quantique.fr

52

Le Prisonnier quantique is an educational interactive game developed and hosted by the French public research organization CEA. It aims to promote scientific and technical culture through a free browser-based adventure game targeting a general audience including students and educators. The website is well-branded with official CEA logos and partnerships, providing a trustworthy platform for educational content. Technically, the site uses standard web technologies with responsive design and integrates Matomo analytics for privacy-conscious user tracking. Security posture is adequate with HTTPS and no visible vulnerabilities, though security headers and explicit cookie consent mechanisms are missing. Contact information is limited to official CEA email addresses, supporting legitimacy but lacking phone or physical address details. Overall, the site is professional, secure, and suitable for its educational mission.

D

Divadlo Petra Bezruče, s.r.o.

bezruci.cz

43

Divadlo Petra Bezruče, s.r.o. is a regional theatre company based in Ostrava, Czech Republic, providing theatrical performances, ticketing services, subscriptions, and cultural event hosting. The website serves as a portal for program schedules, ticket reservations, and company information, targeting local theatre audiences and cultural enthusiasts. The business operates with support from local government and cultural partners, positioning itself as a key cultural institution in the region. Technically, the website employs modern front-end technologies including Bootstrap, JavaScript libraries like WOW.js, and a cookie consent mechanism from TermsFeed. The site is mobile-optimized with responsive design and provides a user-friendly navigation experience. However, there is no evidence of a CMS or advanced analytics tools, and performance is moderate. From a security perspective, the site uses HTTPS but lacks visible security headers and published privacy or terms of service policies. Cookie consent is implemented with express consent, indicating some GDPR awareness. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and clear contact information mitigate some concerns. Overall, the website is functional and professional but would benefit from enhanced security practices, published privacy documentation, and WHOIS transparency to improve trust and compliance.

ZEDD is a small, French communication agency based in Grenoble specializing in responsible and sustainable communication services. The company positions itself as a pioneer in the Auvergne Rhône-Alpes region, offering consulting, creation, development, and maintenance services with a focus on eco-conception and digital responsibility. The website content is professionally presented in French, targeting organizations seeking sustainable communication solutions. Technically, the website uses modern web technologies including JavaScript, CSS, and SVG graphics, with the SPIP CMS platform. Hosting is local to Grenoble, leveraging a datacenter with a positive carbon footprint, reflecting the company's environmental values. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are present. No privacy or cookie policies are found, indicating gaps in GDPR compliance. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are visible. No tracking or advertising scripts were detected, suggesting minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

techka s.r.o. is a small Czech Republic based company specializing in custom web and e-commerce development services, leveraging popular platforms such as WordPress and Shoptet. The company targets businesses and individuals seeking tailored website and online shop solutions. The website content is minimal but relevant, providing basic company information and links to partner projects. Technically, the site uses standard HTML and CSS with Google Fonts, but lacks advanced frameworks or CMS detection. Security posture is weak due to missing HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and company details appear consistent with a legitimate small business. Overall, the site demonstrates basic digital maturity with room for improvement in security, privacy compliance, and technical sophistication.

C

CHRYSALIDE

cae29.coop

52

CAE 29 is a French cooperative organization under the legal entity CHRYSALIDE, founded in 2014, providing shared enterprise and employment cooperative services primarily in the Finistère region. The website serves as an informational and engagement platform for entrepreneurs and project holders seeking cooperative business support, administrative delegation, and training. The business model focuses on collective entrepreneurship and professional autonomy within a cooperative framework, positioning CAE 29 as a regional leader in this niche. Technically, the website is built on the SPIP CMS platform, hosted by Gandi SAS, and uses standard web technologies including JavaScript and CSS. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, there is room for improvement in accessibility and modern security practices. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. There is no cookie consent mechanism or detailed privacy policy, which may pose compliance risks under GDPR. No incident response or security policy information is published, and no analytics or tracking services are detected, indicating minimal user tracking. Overall, CAE 29 presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, DNSSEC, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

O

Ostravské vodárny a kanalizace a. s.

hledejpramenvody.cz

55

The website www.hledejpramenvody.cz represents Ostravské vodárny a kanalizace a.s., a regional company focused on water supply and ecological education in Ostrava, Czech Republic. The site promotes an educational ecological project targeting 4th and 5th grade students in local schools, emphasizing environmental awareness and water knowledge. The project is supported by the city of Ostrava and offers awards and recognition to participants. Technically, the website uses modern web technologies including HTML5, CSS, JavaScript, and Swiper.js for interactive content. The site is well-structured, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is limited, with no dedicated privacy or terms pages and minimal cookie consent mechanisms. WHOIS data is unavailable, which reduces trustworthiness but the website content and contact information indicate a legitimate educational initiative. Overall, the site is professional and trustworthy for its target audience but could improve in privacy and security transparency.

B

BRGM

brgm.fr

58

BRGM is the French national geological survey and a public institution specializing in geological research and management of soil and subsoil resources and risks. It holds a prominent position as the national reference in its sector, providing scientific and technical expertise to public and private stakeholders. The website reflects a mature digital presence built on Drupal 10, with privacy-conscious analytics via Matomo and a professional design optimized for accessibility and mobile devices. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a limitation but the domain and content align with a legitimate public entity. Overall, the site is trustworthy and serves its audience well.

G

Grill & Golf events z.s.

minigolfporuba.cz

40

Minigolf Poruba is a small hospitality and leisure business located in Ostrava-Poruba, Czech Republic, offering minigolf, beverage sales, equipment rental, and event hosting services. The website is professionally designed with clear navigation and good mobile optimization, targeting students, families, and local residents interested in recreational activities. The business is operated by Grill & Golf events z.s., with clear contact details and partner affiliations enhancing credibility. Technically, the site uses modern tracking tools like Google Tag Manager and Facebook Pixel, with HTTPS properly configured, but lacks some security headers and privacy policies, indicating room for compliance improvement. The absence of WHOIS registration data reduces domain trustworthiness, though the website content and business information appear legitimate. Overall, the site scores well in content quality and business credibility but needs enhancements in privacy compliance and security best practices.

SATON s.r.o. is a medium-sized Czech company founded in 1991, specializing in construction, metal fabrication, and automotive servicing primarily in the Ostrava region. The company offers a range of services including new construction, renovations, steel and stainless steel fabrication, and vehicle servicing. Their website reflects a professional and consistent brand image targeting local businesses and customers needing construction and related services. Technically, the website is built using modern SvelteKit technology with good mobile optimization and moderate performance. However, it lacks some advanced SEO and accessibility features. Security-wise, the site uses HTTPS and integrates Sentry for error tracking but lacks important security headers and formal security policies, which lowers its security posture. Privacy and cookie policies are absent, indicating compliance gaps with GDPR. Overall, the domain registration is consistent with the business claims, and the website content is safe and professional.

M

Mary's Meals Slovenija

marysmeals.si

59

Mary's Meals Slovenija is a small non-profit organization dedicated to providing nutritious school meals to children in impoverished regions, aiming to improve education and reduce hunger. The website serves as a local chapter platform for fundraising, awareness, and donor engagement, aligned with the global Mary's Meals movement. Technically, the site is built on the Shopify platform, leveraging its e-commerce and content management capabilities, with good mobile optimization and accessibility. Security posture is solid with HTTPS, hCaptcha protection, and no visible vulnerabilities, though it lacks a dedicated security policy or incident response information. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned to support its charitable mission.

M

Mary's Meals Portugal

marysmeals.pt

73

Mary's Meals Portugal is a non-profit organization dedicated to providing daily school meals to children in impoverished communities, thereby improving educational attendance and outcomes. The website serves as a platform for awareness, donations, volunteer engagement, and event promotion. Technically, the site is built on the Shopify platform using the Dawn theme, leveraging modern web technologies and ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced, use of hCaptcha for form protection, and no visible vulnerabilities, although explicit security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site presents a trustworthy and professional image aligned with its charitable mission.

T

Trustia Czech Republic, s.r.o.

festivalevolution.cz

45

Festival Evolution is a Czech Republic-based event organizer focused on promoting healthy lifestyle and personal development through festivals, conferences, and workshops. The website serves as a platform to inform visitors and exhibitors about the festival, its partners, and related events. The business operates in the event organization sector with a regional market position and targets a general audience interested in wellness and personal growth. The company behind the website is Trustia Czech Republic, s.r.o., which is credited as the author in the metadata. The website content is well-structured, informative, and consistent with the festival's theme.

C

CPI Hotels, a.s.

qualityhotelbrnoexhibitioncentre.com

60

Quality Hotel Brno Exhibition Centre is a medium-sized hospitality business located in the Czech Republic, offering hotel accommodation, conference facilities, restaurant services, and wellness amenities. It is part of the CPI Hotels group, which adds to its market credibility and brand strength. The website is professionally designed with excellent content quality and clear navigation, targeting business travelers, event organizers, and tourists. The business model focuses on providing quality services for corporate and leisure guests with a strong emphasis on comfort and regional cuisine. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations for Google Tag Manager, cookie consent management, and marketing/analytics tools like Sojern and Zoomletter. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. However, no CMS or hosting provider details were detected. From a security perspective, the site uses HTTPS and cookie consent mechanisms effectively, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain is a notable concern, reducing trust slightly, but the overall security posture is solid. Overall, the website presents a low-risk profile with strong business credibility and compliance with privacy regulations. Strategic improvements include publishing a dedicated security policy, enhancing incident response transparency, and adding security headers to further harden the site.

I

Igalia, S.L.

igalia.com

10

Igalia, S.L. is a Spain-based open source consultancy specializing in innovative software development projects across multiple technology domains including browsers, multimedia, embedded Linux, and compilers. The company holds a strong market position with recognized expertise in WebKit, Chromium/Blink, Firefox, and GNU/Linux solutions, serving a global clientele. Their business model focuses on consultancy and software development services with a medium-sized organizational footprint. Technically, the website employs modern AMP HTML technology, ensuring fast performance and excellent mobile optimization. The site integrates analytics tools such as Piwik and Ahrefs, and demonstrates good SEO and accessibility practices. However, there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. The absence of WHOIS data is a concern for domain legitimacy but is mitigated by the professional and consistent website content and active community engagement. No forms collecting sensitive data were found, reducing privacy risks. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security policies, cookie consent, and domain registration transparency would enhance trust and compliance.

Brian Kardell's website serves as a personal professional platform highlighting his role as a Developer Advocate at Igalia and his contributions to web standards and extensibility. The site features his writings, talks, and art, targeting web developers and technology enthusiasts interested in web standards and innovation. The business model is centered on personal branding, thought leadership, and community engagement rather than commercial transactions. Technically, the website employs modern web technologies including custom web components and CSS, hosted with DNS services via Cloudflare and domain registration through Squarespace. The site is moderately performant, mobile-optimized, and accessible, though it lacks some advanced SEO and security headers. There are no forms or data collection mechanisms, minimizing privacy risks. From a security perspective, the site uses HTTPS (implied by Cloudflare usage), but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, which limits GDPR compliance. No contact information or incident response channels are provided, which could hinder security communication. The domain registration is consistent and stable, supporting the site's legitimacy. Overall, the website is a well-maintained personal professional site with good content quality and business credibility but has room for improvement in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing contact information for security incidents.

S

Shen Yun Tickets

shenyuntickets.com

46

Shen Yun Tickets operates as a specialized ticketing platform dedicated to facilitating the purchase of tickets for Shen Yun Performing Arts shows worldwide. The platform emphasizes ease of use, security, and a streamlined user experience without requiring account registration. The website is professionally designed with clear navigation and multilingual support via Google Translate, targeting patrons globally interested in Shen Yun performances. Technically, the site uses modern web technologies including HTTPS, Google Fonts, and Google Tag Manager for analytics, hosted likely via GoDaddy infrastructure. Security posture is adequate with HTTPS and domain locks but lacks advanced security headers and DNSSEC. Privacy compliance is basic with presence of privacy and cookie policies but no active consent mechanisms. Business credibility is supported by consistent domain registration data and clear business focus. Overall, the site is functional, trustworthy, and safe for general audiences.