Security Directory

The website roseaux-dansants.org is a small, community-focused platform dedicated to honoring Joanna Macy, a prominent figure in deep ecology. It primarily serves as a memorial and educational resource for individuals interested in ecological and spiritual teachings. The site content is minimalistic and static, with basic HTML and CSS, lacking modern web design and mobile optimization. There are no interactive elements, forms, or data collection mechanisms present. Technically, the site is hosted on servers associated with phpnet.org and uses no advanced frameworks or CMS. Security posture is weak, with no HTTPS enforcement, no security headers, and no DNSSEC enabled. Privacy compliance is absent, with no privacy or cookie policies found. The domain is legitimate, registered since 2008 with Tucows Domains Inc., and shows no suspicious registration patterns. Overall, the site is safe but lacks professional polish, security best practices, and privacy compliance.

B

Brin de paille

brindepaille.org

54

Brin de paille is a small French blog and community platform focused on ecology, permaculture, and sustainable living. The website provides articles, project sharing, and suggestions aimed at a general audience interested in sustainable practices. The site is built on WordPress and hosted by OVH sas, with a modern technical stack and good mobile optimization. However, it lacks formal privacy and cookie policies, which impacts compliance. Security posture is moderate with HTTPS enabled but missing DNSSEC and security headers. Social media presence is established on Facebook, Instagram, and Twitter/X, enhancing community engagement. Overall, the site is professional and trustworthy for its niche but should improve privacy and security practices.

The website reseau-amap.org serves as a national directory and informational resource for AMAPs (Associations pour le maintien d'une agriculture paysanne) in France. It aims to promote sustainable and organic farming by connecting consumers directly with farmers. The site provides educational content, a directory of AMAPs, and guidance on creating new associations. The business model is non-profit and community-focused, targeting consumers and farmers interested in local agriculture. The website is modest in scale and has been operational since 2007, indicating a stable presence in its niche. Technically, the site uses basic web technologies including JavaScript and CSS, with Google Analytics for visitor tracking. Hosting is provided by Infomaniak, a known European hosting provider. The site lacks modern CMS indicators and shows basic mobile optimization and accessibility. SEO practices are minimal but functional. No advanced frameworks or platforms are detected. From a security perspective, the site uses HTTPS and has domain-level protections such as clientDeleteProhibited status, but lacks DNSSEC and security headers. There are no visible privacy or cookie policies, which is a compliance concern especially under GDPR. The use of Google Analytics without a consent mechanism further impacts privacy compliance. No incident response or security policies are published. Overall, the security posture is moderate but could be improved with standard best practices. The overall risk is low given the non-commercial, informational nature of the site and absence of sensitive data collection. However, compliance gaps and missing security headers should be addressed to enhance trust and legal adherence. Strategic recommendations include implementing privacy and cookie policies, enabling DNSSEC, adding security headers, and improving mobile and accessibility features.

The website permaculture.fr serves as the French network for permaculture, promoting ecological design principles and supporting permaculture projects and education in France. It acts as a hub connecting various French permaculture actors and organizations, including associations and educational institutions. The site provides information about permaculture, links to partner organizations, and contact via email. The domain is well-established since 2008 and hosted by Infomaniak Network SA, a reputable provider. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking. The site lacks advanced frameworks or CMS and shows moderate performance and basic mobile optimization. SEO and accessibility are basic but functional. No forms collecting sensitive data are present, reducing risk exposure. From a security perspective, the site uses HTTPS (implied by URL), but no security headers were detected in the provided data. There is no visible privacy or cookie policy, nor GDPR compliance indicators, which is a compliance gap. No incident response or vulnerability disclosure information is provided. The site does not appear to be behind a WAF or security challenge, and no suspicious WHOIS patterns were found, indicating a legitimate and stable domain. Overall, the site is safe and suitable for general audiences, with content focused on permaculture education and networking. Strategic improvements include adding privacy and cookie policies, enhancing security headers, improving mobile responsiveness, and publishing GDPR compliance information to strengthen trust and compliance posture.

R

ritimo

ritimo.org

54

Ritimo is a French non-profit network dedicated to providing information and documentation on international solidarity and sustainable development. The website serves as a hub for educational resources, campaigns, and community engagement, targeting a general audience interested in social and environmental issues. Ritimo maintains a consistent brand presence and offers multiple channels for user interaction, including social media and contact forms. Technically, the site is built on the SPIP CMS platform, employs Matomo analytics for privacy-conscious tracking, and demonstrates good mobile optimization and accessibility standards. Security posture is solid with HTTPS enforced, though some security headers are missing and no explicit cookie consent mechanism is present, indicating room for improvement in privacy compliance. WHOIS data is unavailable due to privacy protection, which is typical for non-profit organizations but slightly reduces trust scoring. Overall, Ritimo presents a professional, trustworthy, and content-rich platform with moderate technical sophistication and a strong focus on its mission.

R

ritimo

ritimo.info

54

Ritimo is a French non-profit network dedicated to providing information and documentation on international solidarity and sustainable development. The organization operates a network of 75 locations to inform and engage the public. Their services include information dissemination, documentation resources, advocacy campaigns, and educational training. The website is well-structured, professionally designed, and targets a general audience interested in social and environmental issues. Technically, the site uses the SPIP CMS platform and Matomo analytics, with good mobile optimization and accessibility. Security posture is solid with HTTPS enabled, though some security headers are missing and no explicit cookie consent mechanism is present. WHOIS data is unavailable, which slightly reduces domain trust but does not detract significantly from the legitimacy of the organization given their clear contact information and social media presence. Overall, the site is trustworthy, safe, and professionally maintained.

The website www.bescheinigung-forschungszulage.de serves as the official digital platform for the Bescheinigungsstelle Forschungszulage (BSFZ), a German government entity responsible for certifying research and development projects eligible for tax incentives under the Forschungszulagengesetz. It targets companies with tax residence in Germany engaged in R&D activities, providing them with information, application procedures, and digital access to submit certification requests. The site is well-branded with official logos and links to the Bundesministerium für Bildung und Forschung (BMBF), reinforcing its authoritative position. Technically, the website is built on TYPO3 CMS, hosted on German infrastructure (SGX Leipzig), and employs modern web standards with responsive design and accessibility considerations. The site lacks advanced tracking or advertising technologies, focusing on privacy and minimal data collection. However, no explicit cookie consent mechanism was detected despite anonymized data collection disclosures. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were found in the analyzed content. The WHOIS data aligns with the website's official nature, showing consistent domain registration and hosting details. Overall, the website demonstrates a solid business credibility and technical foundation suitable for its government service role. Strategic improvements include implementing security headers, adding cookie consent mechanisms, and publishing security and incident response policies to enhance trust and compliance.

L

Léo Chiron

leochiron.fr

57

Léo Chiron is a freelance full-stack web developer and webmaster based in France, with over 8 years of experience. The website serves as a professional portfolio showcasing his expertise in web development, SEO, WordPress, and site maintenance. The business targets clients needing custom website creation, e-commerce platforms, and ongoing site support. Technically, the site uses a modern tech stack including PHP, JavaScript, SQL Server, and integrates Google services such as Maps, reCAPTCHA, and Tag Manager. The hosting is provided by o2switch, a French hosting provider. Security posture is solid with HTTPS and reCAPTCHA protection on forms, but lacks explicit security headers and published privacy or cookie policies, which are compliance gaps. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

Les Petits Débrouillards is a French non-profit association dedicated to promoting scientific culture, education, and civic engagement among children and youth. The organization operates nationally with regional branches, offering educational programs, exhibitions, training, and volunteer opportunities. Their mission emphasizes curiosity, critical thinking, solidarity, and citizenship, positioning them as a key player in the French educational non-profit sector. Technically, the website is built with standard HTML5 and CSS, featuring multimedia content such as videos. While the site is accessible and well-structured, it lacks advanced technical frameworks or CMS indications. Mobile optimization and accessibility are basic but functional. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS but lacks visible security headers and published security policies. The WHOIS data is malformed and incomplete, which reduces domain trustworthiness from a registration standpoint. However, the professional content, official contact information, and external partnerships support the site's legitimacy. No critical vulnerabilities or exposed sensitive data were found. Overall, the website presents a trustworthy and professional front for a medium-sized educational non-profit. Strategic improvements in security headers, cookie consent mechanisms, and WHOIS transparency would enhance trust and compliance.

A

Autour du 1er mai

autourdu1ermai.fr

44

Autour du 1er mai is a French non-profit cultural association dedicated to cinema, popular education, and collective projects aimed at societal improvement. The website serves as a portal for film-related resources, including a cinema and society database, filmographies, and event information. It also coordinates the TESSA project and participates in the CoreDem network, indicating active collaboration within the cultural sector. The target audience is general public interested in cinema and social issues. The organization has a long-standing presence since 2006, supported by a domain age of over 17 years and multiple partner affiliations. Technically, the website is built on the SPIP CMS platform, using standard web technologies such as HTML5, CSS, JavaScript, and jQuery. It employs Matomo analytics, a privacy-respecting tool, and is hosted by OVH, a reputable provider. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and privacy-conscious analytics but lacks explicit security headers and a cookie consent mechanism. There is no visible security policy or incident response contact information, which could be improved to enhance trust and compliance. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, showing a legitimate and stable registration. Overall, the website is professional, trustworthy, and serves its niche well. Strategic recommendations include implementing cookie consent, adding security headers, publishing a security policy, and improving accessibility to strengthen compliance and security posture.

E

eko & co

discre.to

57

Discre.to is a French-based small technology company offering 'discreto', an open source GDPR-compliant consent management tool focused on user privacy and anonymity. The website provides extensive documentation, configuration options, and integration with popular analytics and advertising services, emphasizing anonymized data collection and user control. The company, eko & co, sponsors the project and offers consulting and donation options. Technically, the site uses modern web technologies including JavaScript, Sass, and Webpack, and is hosted likely on OVH. Security practices include respecting Do Not Track headers and anonymizing IP addresses, though explicit security headers and policies are not publicly detailed. Overall, the site is professional, trustworthy, and well-aligned with GDPR principles, though it lacks explicit privacy and terms of service pages.

The website represents the official Weleda Beauty & Store in the Czech Republic, specializing in retailing natural and BIO cosmetics alongside holistic beauty salon services. The business leverages the heritage of the Swiss Weleda brand and targets consumers seeking high-quality natural beauty products and personalized care. The site is professionally designed with good content quality and clear navigation, optimized for mobile devices. Technically, it uses modern web technologies including Turbo and Ruby on Rails frameworks, with Google Analytics and Tag Manager for tracking. However, there are gaps in privacy compliance and security best practices, such as the absence of privacy and cookie policies, lack of DNSSEC, and missing security headers. No contact information is explicitly provided on the analyzed page, which may impact user trust and compliance. Overall, the security posture is moderate but could be improved with better header configurations and policy disclosures.

K

KPMG Česká republika, s.r.o.

nejlepsi.cx

60

The website nejlepsi.cx is a professional portal operated by KPMG Česká republika, focusing on customer experience (CX) research and consulting in the Czech Republic. It publishes annual studies on the top 100 customer experiences in various sectors, leveraging KPMG Nunwood methodology. The site targets business professionals and companies seeking insights to improve CX. The content is well-structured, bilingual (Czech and English), and integrates modern web technologies including Google Analytics and consent management tools. The site demonstrates good mobile optimization and user experience, with clear navigation and professional branding consistent with KPMG's global identity. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers are not detected. WHOIS data for the domain is missing, which reduces domain trustworthiness, but the strong KPMG branding and external domain links mitigate this concern. Overall, the site is a credible, well-maintained business resource with moderate technical sophistication and good privacy compliance.

K

KPMG Česká republika, s.r.o.

danovky.cz

65

The website danovky.cz serves as a professional information portal providing tax, legal, and accounting updates primarily for Czech Republic businesses and professionals. It is operated by KPMG Česká republika, a subsidiary of the global KPMG network, reflecting a strong market position in the finance and consulting sector. The site offers regularly updated articles, podcasts, newsletters, and event invitations, supporting KPMG's advisory services and thought leadership. Technically, the website employs modern JavaScript frameworks, consent management tools, and analytics services such as Google Analytics and Google Tag Manager. It is hosted by REG-ZONER, with a custom or proprietary CMS. The site is mobile-optimized with good SEO and basic accessibility features, delivering moderate performance. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with comprehensive policies and GDPR-aligned consent management. Overall, the website presents a low-risk profile with professional content and infrastructure. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to further strengthen trust and resilience.

E

Enel Cuore Onlus

enelcuore.it

74

Enel Cuore Onlus is a non-profit organization affiliated with the Enel Group, dedicated to supporting social welfare initiatives across Italy. The website clearly communicates its mission to promote social well-being through funding and supporting non-profit projects focused on education, social inclusion, health, and autonomy. The organization leverages its strong brand association with Enel, enhancing its credibility and market position within the energy and non-profit sectors. Technically, the website is built on Adobe Experience Manager, utilizing modern web technologies including Adobe DTM for tag management and AblePlayer for accessible media playback. The site demonstrates good performance, mobile optimization, and accessibility compliance, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and employs standard security best practices, although some HTTP security headers could be enhanced. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is robust, with clear privacy and cookie policies and consent mechanisms in place, aligning with GDPR requirements. Overall, the website presents a professional, trustworthy, and well-maintained digital presence that effectively supports the organization's mission. Strategic recommendations include enhancing security headers, continuous monitoring of third-party scripts, and maintaining compliance documentation to further strengthen security and trust.

F

Fondazione Centro Studi Enel

enelfoundation.org

71

Enel Foundation is a non-profit organization dedicated to advancing knowledge and education in the clean energy sector. It operates as a knowledge platform focusing on capacity-building, research, and fostering partnerships to support the energy transition. The foundation is linked to the Enel Group, a major player in the energy industry, which strengthens its market position and credibility. The website presents a professional and well-structured digital presence, leveraging Adobe Experience Manager and Adobe marketing technologies to deliver content and manage user experience effectively. Privacy and cookie policies are clearly implemented, reflecting compliance with GDPR standards. Security posture is solid with HTTPS enforced and consent mechanisms in place, though additional security headers and explicit security policies could enhance protection. Overall, the foundation's website demonstrates a mature digital infrastructure and a trustworthy business profile suitable for its sector and audience.

Agentura Bora operates the website pronajemchalup.net, a specialized online catalog offering rental listings for cottages, chalets, and pensions primarily in the Czech Republic, with a focus on southern Bohemia and mountain regions such as Šumava and Krkonoše. The business targets families and tourists seeking vacation accommodations, providing a searchable database with photos, pricing, and booking forms. The company has a long-standing presence since 2004, reinforcing its market credibility in the regional hospitality sector. Technically, the website is built on a custom stack using basic HTML, CSS, and JavaScript, with integration of third-party analytics and retargeting scripts. However, it lacks modern security features such as HTTPS, DNSSEC, and security headers, which exposes it to potential risks. The site is not mobile optimized and has limited accessibility features, indicating room for technical modernization. From a security and compliance perspective, the site does not provide privacy or cookie policies, nor GDPR compliance statements or a data protection officer contact. The absence of HTTPS and security headers further weakens its security posture. Contact information is available via phone and a contact form, but no company email addresses are published. The site does maintain a terms of service page. Overall, while the business model and content quality are solid for its niche, the website requires significant improvements in security, privacy compliance, and technical modernization to enhance trustworthiness and user safety.

WP channel is a specialized business focused on providing expert services and content related to WordPress and WooCommerce platforms. Established in 2009 and based in France, it targets WordPress users, developers, and businesses seeking professional guidance and solutions. The website presents a professional design with good content relevance and user experience, catering well to its niche audience. Technically, the site is built on WordPress CMS, hosted by Scaleway SAS, and uses Cloudflare DNS services, indicating a modern and reliable infrastructure. Performance and mobile optimization are adequate, though there is room for improvement in accessibility and SEO features. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Overall, the site is legitimate and trustworthy but would benefit from improvements in privacy compliance and security best practices.

C

COGITERRA

emploi-environnement.com

69

Emploi-Environnement is a specialized French job board and recruitment platform focusing on the environmental and sustainable development sectors. It offers job listings, candidate CV registration, recruitment services, and career resources tailored to professionals and organizations in this niche. The platform targets job seekers and recruiters primarily in France and francophone countries, positioning itself as a key player in environmental employment services since 2002 under the company COGITERRA. Technically, the website employs a traditional web stack with jQuery, JavaScript, CSS, and HTML5, complemented by modern analytics tools such as Google Analytics 4 and WebTag Echobox. The site is mobile responsive with good SEO practices and a moderate performance profile. However, no CMS or hosting provider details are explicitly detected. The site implements cookie consent mechanisms and privacy policies consistent with GDPR requirements. From a security perspective, the site enforces HTTPS and includes cookie consent banners but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or sensitive data exposures are evident in the HTML content. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and CNIL registration number suggest a legitimate business operation. Overall, Emploi-Environnement presents a professional and trustworthy platform for environmental job seekers and recruiters, with room for improvement in security transparency and domain registration verification. Strategic recommendations include enhancing security headers, publishing security policies, and verifying domain WHOIS information to strengthen trust and compliance.

Y

Yann Rolland

yannrolland.com

45

Yann Rolland operates as a freelance consultant specializing in digital advice, design, and development, primarily serving clients in the energy transition, environmental, and social sectors. The website presents a professional portfolio showcasing a wide range of projects for reputable organizations, indicating a strong niche market position in France. The business model is focused on freelance digital services with a clear emphasis on sustainable and socially impactful projects. Technically, the website is built with standard web technologies including HTML5, CSS, JavaScript, and jQuery, hosted on o2switch.net. The site is mobile-optimized with moderate performance and basic accessibility features. SEO is basic but sufficient for the site's purpose. Analytics are implemented via Google Analytics, but no cookie consent mechanism or privacy policies are present, indicating room for compliance improvement. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, DNSSEC is not enabled and no security headers are detected, which are recommended enhancements. No forms or sensitive data collection points are present, reducing attack surface. The absence of privacy and cookie policies and vulnerability disclosure mechanisms are notable compliance gaps. Overall, the website is professional and trustworthy with a solid business credibility score. The main risks relate to privacy compliance and security best practices. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and establishing a vulnerability disclosure process to enhance security posture and regulatory compliance.

E

Enel Group

enel.com

72

Enel Group is a large multinational energy company operating in over 30 countries, focusing on sustainable and innovative energy solutions. The company offers a broad range of services including energy production, distribution, and renewable energy technologies. Their market position is strong, supported by a consistent brand and a comprehensive digital presence. Technically, the website is built on Adobe Experience Manager, leveraging modern web technologies and Adobe Analytics for data insights. The site is well-optimized for SEO, accessibility, and mobile devices, providing a professional user experience. Security posture is good with HTTPS and secure form mechanisms, though some security headers are not explicitly detected and could be improved. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the website reflects a mature digital infrastructure aligned with the company's business goals and market stature.

H

Historic Hotels of Europe

historichotelsofeurope.com

60

Historic Hotels of Europe operates a niche hospitality website focused on promoting and facilitating bookings for historic hotels across Europe. The business targets culturally interested travelers seeking unique accommodations in historic houses. The website is built on WordPress using the Elementor page builder, hosted by a reputable Irish hosting provider, and has been operational since 2003, indicating a mature digital presence. Technically, the site employs modern web technologies and includes cookie consent mechanisms via Cookiebot, reflecting basic privacy compliance. However, the absence of visible privacy policies, terms of service, and contact information limits full compliance and user trust. Security posture is moderate with HTTPS enabled but lacks advanced security headers and incident response details. Overall, the site is professionally designed with good SEO and mobile optimization but would benefit from enhanced transparency and security practices.

Rezo.net is a French-language media portal established in 1996, focusing on social, political, and cultural news aggregation and commentary. It curates content from various reputable sources and targets French-speaking audiences interested in these topics. The website uses the SPIP CMS and is hosted by OVH sas, a reputable French hosting provider. The technical infrastructure is basic but functional, with moderate performance and limited mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps with GDPR. Contact and incident response information are not provided, limiting transparency. Overall, the website is accessible without WAF or blocking mechanisms and contains safe content suitable for general audiences.

The website programprazskychkin.cz serves as an informational portal providing cinema program listings primarily for Prague and other locations in the Czech Republic. It aggregates schedules and links to multiple cinema websites, offering users a centralized resource for movie showtimes and related contests. The site targets general audiences interested in cinema and cultural events. Technically, the site uses basic HTML, CSS, and JavaScript with jQuery 1.10.2, alongside Google Analytics and Google Tag Manager for tracking. The design and user experience are functional but basic, with limited mobile optimization and accessibility features. Security posture is moderate to low, with no visible HTTPS enforcement in metadata, outdated JavaScript libraries, and lack of security headers. Privacy compliance is poor, with no visible privacy or cookie policies or consent mechanisms. Contact information is provided in the form of multiple cinema addresses and phone numbers, but no company emails or social media links are present. Overall, the site is a small-scale media information portal with moderate trustworthiness but requires improvements in security and privacy compliance.

J

Jiří Káš

handpanista.cz

55

The website handpanista.cz is a professionally designed personal business site dedicated to the handpan musical instrument activities of Jiří Káš. It focuses on the production of NEO handpans, handpan courses, workshops, and performances. The site targets handpan enthusiasts and musicians interested in learning and purchasing handpans. The business operates in a niche artisanal musical instrument sector within the Czech Republic and is relatively small in scale, founded in 2019. Technically, the site is built on WordPress 6.8.3 with a custom theme and hosted on cesky-hosting.eu. The site shows good mobile optimization and SEO practices but lacks some advanced accessibility features. Performance is moderate, and the site uses modern web technologies including JavaScript and SVG icons. From a security perspective, HTTPS is enabled ensuring encrypted communication. However, the site lacks important security headers such as Content-Security-Policy and X-Frame-Options, which could improve its security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. No contact emails or phone numbers are explicitly provided, which may affect user trust and business credibility. Overall, the site is safe with no adult or questionable content detected. The domain registration data is consistent with the website content and business claims, supporting legitimacy. Strategic recommendations include adding privacy and cookie policies, implementing security headers, and providing clear contact information to enhance compliance and trust.

H

Handpan s.r.o.

handpan.cz

55

Handpan s.r.o., operating the website handpan.cz, is a Czech Republic based small business specializing in the manufacturing, sale, and education of handpan musical instruments. The company offers handpan production under the NEO handpan brand, organizes workshops and courses primarily for beginners and enthusiasts, and provides rich content about handpan history and playing techniques. The website reflects a niche market position with a focus on quality and community engagement. Technically, the site is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, indicating room for compliance improvement. Contact information is limited but includes a phone number and physical address in Říčany near Prague. Social media presence on Facebook and YouTube supports brand trust and outreach. Overall, the website is professional, content-rich, and trustworthy, though it would benefit from enhanced privacy compliance and security practices.

T

Outlook

toulouse-tech-transfer.com

50

The website at toulouse-tech-transfer.com/owa/auth/logon.aspx is a Microsoft Outlook Web Access (OWA) login portal hosted on a custom domain registered with OVH sas since 2011. The site primarily serves as an authentication gateway for email access and does not provide business descriptive content, privacy policies, or contact information on the login page. The domain registration is consistent and legitimate, hosted by a reputable provider, but the website content is minimal and focused solely on login functionality. Technically, the site uses standard Microsoft OWA web technologies including JavaScript, HTML5, and CSS, with some legacy ActiveX references for S/MIME controls. The hosting provider is OVH sas, and the domain is not DNSSEC enabled. The site lacks modern security headers and privacy compliance disclosures, which limits its security posture and GDPR compliance. Mobile optimization and SEO are basic, and no analytics or advertising scripts are detected. From a security perspective, the site uses HTTPS (implied by URL), employs POST method for login form submission with autocomplete disabled, and includes client-side scripts for password visibility toggling. However, the absence of security headers and privacy policies reduces the overall security maturity. No vulnerabilities or malware indicators are detected in the provided data. Overall, the website functions as a secure login portal but lacks comprehensive privacy, security, and business transparency features. Strategic improvements in security headers, privacy compliance, and user experience would enhance trust and compliance.

L

L’Atelier Transmédia

lateliertransmedia.com

46

L’Atelier Transmédia is a small audiovisual production company based in Nantes, France, specializing in media content creation and transmedia storytelling. The website reflects a professional service provider targeting businesses and individuals seeking audiovisual production services. The technical infrastructure is built on WordPress with Elementor and optimized using WP Rocket, indicating a moderate level of digital maturity. The site loads moderately fast and is mobile optimized, though accessibility features are basic. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy but could improve in compliance and security transparency.

Libre en Fête is a French non-profit initiative coordinated by April that promotes free software and free culture through annual events across France. The website provides detailed information about the 2025 edition of the event, including dates, how to participate, and links to related free software projects. The site targets the general public interested in technology and free culture, positioning itself as a well-established community-driven event organizer with a history dating back to 2001. Technically, the website is built on the SPIP CMS platform and uses Matomo for analytics, reflecting a moderate level of digital maturity with a focus on privacy-conscious tracking. The site is mobile-optimized and has a clear navigation structure, although accessibility features are basic. Performance is moderate, and SEO optimization is basic but functional. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and Strict-Transport-Security. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as incident response information, indicates gaps in compliance and security transparency. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, improved security headers, and clearer contact information to strengthen its security posture and user trust.

D

debian-fr.org - debian-fr.org forum

debian-fr.org

58

The website debian-fr.org is a French-language community forum dedicated to Debian GNU/Linux users and enthusiasts. It serves as a support and discussion platform, providing categorized forums for technical support, programming, announcements, and general community interaction. The site is powered by the Discourse forum software, indicating a modern and interactive technical infrastructure. The forum is active with recent posts and pinned official announcements, reflecting a well-maintained community resource. However, the absence of visible privacy, cookie, and terms of service policies suggests gaps in compliance and transparency. The WHOIS data is unavailable due to a malformed request, limiting the ability to verify domain registration details and reducing trust slightly. Overall, the site demonstrates good content quality and technical implementation but would benefit from enhanced privacy compliance and clearer business contact information.

D

Debian

debian.org

63

Debian is a globally recognized open source operating system distribution maintained by a large community of volunteers. The website serves as a hub for project news, downloads, community engagement, and security advisories. It targets a broad audience including developers, users, and contributors interested in free software. The project is well-established with a strong reputation in the technology sector, particularly in Linux and open source communities. Technically, the website is built with standard HTML and CSS technologies, with no advanced frameworks detected. It is moderately optimized for performance and mobile devices, with good accessibility and SEO practices. The site uses HTTPS for secure form submissions but lacks visible advanced security headers or explicit security policies. From a security perspective, the site shows good basic practices such as no exposed sensitive data and secure form handling. However, the absence of explicit privacy, cookie, and security policies, as well as missing WHOIS registration details, limits the overall trust and compliance posture. There is no evidence of vulnerability disclosure mechanisms or incident response contacts. Overall, Debian's website is trustworthy and professional, reflecting the project's maturity and community-driven nature. Strategic improvements in transparency around privacy, security policies, and WHOIS data would enhance trust and compliance. The site is safe for general audiences with no adult or questionable content detected.

T

TotalEnergies

totalenergies.fr

58

TotalEnergies is a major French energy supplier offering electricity and gas services with a strong focus on customer satisfaction and energy savings. The website presents a professional and comprehensive digital presence, leveraging TYPO3 CMS and modern web technologies. It provides clear navigation, extensive product information, and customer engagement features including reviews and a mobile app. The security posture is solid with HTTPS and some security scripts, though explicit security policies are not publicly disclosed. WHOIS data is unavailable due to registry restrictions, which is common for .fr domains but slightly reduces transparency. Overall, the site is trustworthy, well-branded, and user-friendly, serving a broad audience from individual consumers to enterprises.

U

Unecuillerepourdoudou

unecuillerepourdoudou.com

48

Unecuillerepourdoudou is a French e-commerce retailer specializing in birth gifts, wooden toys, and organic comforters for babies. The website presents a well-structured, professionally designed platform built on the PrestaShop CMS, targeting parents and gift buyers in the baby products niche. The company offers a curated selection of high-quality products with a focus on originality and eco-friendly materials. Technically, the site uses modern web technologies including Google Fonts, FontAwesome, Facebook Pixel for marketing, and Piwik (Matomo) for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and product presentation. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some recommended security headers and visible privacy or cookie policies, which are important for GDPR compliance. The WHOIS data for the domain is missing, which raises questions about domain registration legitimacy, though the website content and HTTPS presence suggest a legitimate business. Overall, the site scores well on content and technical implementation but needs improvements in privacy compliance and domain registration transparency.

A

Affinity Fundraising Registration

afrportal.com

53

The website afrportal.com hosts a customer login portal titled 'Affinity Fundraising Registration' for the Affinity Single Portal® service. The portal appears to be designed for customers to access fundraising management services. The domain was registered in early 2022 and is currently active with Cloudflare DNS services. The site uses basic web technologies including HTML, CSS, JavaScript, and jQuery, with a slider captcha (QapTcha) implemented to prevent automated login attempts. The content is minimal and focused solely on login functionality without additional business or policy information. From a technical perspective, the site employs standard web technologies but lacks advanced security headers and visible HTTPS enforcement details in the provided data. The use of Cloudflare DNS and a reputable registrar adds some trustworthiness. However, the absence of privacy, cookie, or terms of service policies, as well as lack of contact information, limits the site's compliance and transparency. Security posture is moderate with some anti-bot measures but missing critical security headers and no visible multi-factor authentication. The domain registration data is consistent with the business purpose and shows no suspicious patterns. Overall, the site is functional but basic, with room for improvement in security, privacy compliance, and user trust signals. Strategic recommendations include enabling DNSSEC, adding security headers, publishing privacy and cookie policies, improving form security, and providing clear contact information to enhance trust and compliance.

R

Rudy Lis

skleprl.pl

60

Rudy Lis is a Polish e-commerce retailer specializing in photography and video equipment, targeting photographers, filmmakers, streamers, and content creators such as TikTokers and YouTubers. The business offers product sales alongside consulting, project design, installation, and training services. The website is built on the Shoper platform and hosted by nazwa.pl, with a modern but basic technical infrastructure including Google Analytics and reCAPTCHA for security. The domain is newly registered in May 2024, consistent with a recently launched business. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers. Privacy and cookie policies are not present, indicating compliance gaps. Overall, the site provides a professional user experience with good navigation and mobile optimization but requires improvements in privacy compliance and security best practices.

H

Handpan s.r.o.

neo-handpan.cz

53

Handpan s.r.o., operating the website neo-handpan.cz, is a small Czech company specializing in the artisanal production of NEO handpans, unique handcrafted musical instruments. The business is led by Jiří Káš, who personally manufactures the instruments and offers workshops and courses. The company has a strong local presence and is recognized by Czech musicians and media. Technically, the website is built on WordPress with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy compliance mechanisms. The site does not expose sensitive data and shows no signs of vulnerabilities. Overall, the business is credible and trustworthy, but it should improve privacy and cookie policies to enhance compliance and user trust.

S

Slunečnice Food s.r.o.

jidelnaslunecnice.cz

51

Jídelna Slunečnice is a small-scale food service business operating in Brno, Czech Republic, with a focus on providing affordable and honest meals, particularly targeting seniors and the local community. The business offers onsite meal pickup, meal delivery services, and an online ordering system, positioning itself as a community-oriented social dining provider. The website is professionally designed, mobile-optimized, and provides clear information about services and contact details, although it lacks phone contact information. Technically, the website is built on the Webnode platform, leveraging Amazon Cloudfront CDN for hosting and Google Tag Manager for analytics. The site uses HTTPS, ensuring secure communication, but lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance and enhanced security posture. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. From a security perspective, the site shows basic good practices such as HTTPS usage and no visible sensitive data exposure. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The privacy policy is present and appears GDPR compliant, but cookie consent is missing. Overall, the security posture is moderate but could be improved with additional headers and compliance features. The overall risk assessment indicates a generally trustworthy and functional website for a local food service business, but the missing WHOIS data and lack of cookie consent reduce trust and compliance scores. Strategic recommendations include implementing security headers, adding cookie consent, publishing security and incident response policies, and verifying domain registration details to enhance credibility and compliance.

M

Město Třebíč

trebic.cz

49

The website www.trebic.cz serves as the official digital presence of the city of Třebíč, Czech Republic. It provides comprehensive information and services for residents, tourists, and local businesses, including municipal news, event updates, electronic citizen services, and urban development projects. The site is well-structured and targets a broad audience interested in local government and community activities. Technically, the site uses a custom CMS platform (Vismo) and integrates several Google services such as Analytics, Tag Manager, reCAPTCHA, and Translate. The website is mobile-optimized, accessible, and includes cookie consent mechanisms compliant with GDPR. Performance is moderate with good SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses reCAPTCHA for form protection. However, it lacks visible security headers and does not publish formal security or incident response policies. No vulnerability disclosure or security.txt files are present, which could be improved to enhance transparency and security posture. Overall, the website is trustworthy and professional, with clear contact information and official branding. The absence of WHOIS data limits domain trust assessment but does not detract from the site's legitimacy as a government portal. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure information to strengthen security and compliance.

V

Vinařství Málek Valtice s. r. o.

malekvaltice.cz

57

Vinařství Málek Valtice s. r. o. operates a historic wine cellar and accommodation business located in Valtice, Czech Republic, a renowned wine tourism destination. The company offers wine cellar tours, tastings, event hosting, and accommodation in both rooms and modern apartments. Their market position is that of a specialized local hospitality provider catering primarily to tourists and wine enthusiasts visiting the South Moravia region. The website reflects a professional and consistent brand image with good content quality and clear service descriptions. Technically, the website is built on the Webnode CMS platform and leverages Amazon Cloudfront CDN for content delivery. It uses modern web technologies including JavaScript and CSS, and is served over HTTPS ensuring secure communication. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured content. However, accessibility features are basic and could be improved. From a security perspective, the site enforces HTTPS and implements a cookie consent banner, demonstrating some compliance with privacy regulations. However, it lacks explicit security headers and published privacy or security policies, which are important for comprehensive security posture. The absence of WHOIS data reduces domain trust verification, though the website content and business details appear legitimate and professional. Overall, the website presents a trustworthy and professional front for a small hospitality business with moderate technical maturity and security posture. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance compliance and trustworthiness.

R

Radůzy Recepty.com

raduzyrecepty.com

37

Radůzy Recepty.com is a Czech-language culinary website offering over 3600 recipes, cooking ideas, inspirations, contests, and step-by-step cake decoration guides. It targets cooking enthusiasts primarily in the Czech Republic, providing a niche content platform with community discussion features and user-generated content sections. The business model appears to be content-driven with monetization through advertising and affiliate partnerships. Technically, the site is built on the Estranky.cz CMS platform, utilizing legacy JavaScript libraries such as jQuery 1.12.4 and Google services for analytics and advertising. While the site is accessible and content-rich, it lacks modern technical optimizations and comprehensive privacy or security policies. Security posture is moderate with outdated libraries and missing security headers, and WHOIS data is unavailable, raising some legitimacy concerns. Overall, the site provides valuable culinary content but would benefit from technical and security improvements.

SVATEBNÍ KATALOG, s.r.o. operates a Czech-language wedding directory and informational portal focused on providing comprehensive wedding planning resources, service listings, and articles for couples and related parties in the Czech Republic. The website has a niche market position with over 10 years of claimed presence, serving a small to medium audience interested in wedding services. Technically, the site uses standard web technologies including jQuery, Google Maps API, and Google Analytics, with basic mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, indicating room for compliance improvement. The absence of WHOIS data reduces domain trustworthiness, but the business information and content quality support legitimacy. Overall, the site is functional, relevant, and safe for general audiences, though it would benefit from enhanced security and privacy measures.

N

Nailpro Czech – Šampionát v nail designu a nail artu

nailproczech.com

59

Nailpro Czech is a niche website dedicated to organizing and promoting nail design and nail art championships in the Czech Republic. The site targets professionals and enthusiasts in the nail art industry, providing event information and competition details. The business operates primarily as an event organizer within the beauty and personal care sector, with a focus on the Czech market. The domain has been active since 2017, indicating a stable presence in its niche. Technically, the website is built on the WordPress platform, utilizing standard web technologies such as PHP, JavaScript, and CSS. Hosting is provided by WEDOS Internet, a reputable Czech hosting provider. The site demonstrates moderate performance and good mobile optimization, though accessibility features are basic. SEO practices appear adequate with proper meta tags and structured content. From a security perspective, the website employs HTTPS, ensuring encrypted communication. However, it lacks advanced security headers and DNSSEC is not enabled, which could expose it to certain DNS-related risks. No explicit security policies or incident response mechanisms are publicly documented. The cookie policy with consent mechanism is present, but privacy and terms of service policies are missing, indicating partial compliance with privacy regulations. Overall, the website is functional and professionally presented but would benefit from enhanced security measures and improved privacy compliance. Strategic recommendations include implementing comprehensive privacy and terms policies, enabling DNSSEC, adding security headers, and providing clear contact information to improve trust and compliance.

B

Belfius Bank

belfius.be

69

Belfius Bank is a 100% Belgian bankinsurer providing financial solutions to individuals, entrepreneurs, and public or social profit institutions. The website targets investors and financial analysts with dedicated sections for company profile, press releases, reports, results, ratings, and debt issuance. The site is professionally designed with multi-language support and a clear focus on compliance and user experience. Technically, the site uses modern web technologies including JavaScript, CSS, and integrates OneTrust for cookie consent management, indicating a mature approach to privacy and GDPR compliance. Security posture is adequate with HTTPS usage and cookie consent, but lacks visible advanced security headers or explicit security policies. WHOIS data is restricted due to DNS Belgium policies, which is typical for .be domains, but the domain appears legitimate and consistent with the business claims. Overall, the site is professional, trustworthy, and compliant with privacy regulations, suitable for its financial services audience.

E

EVENT media s.r.o.

winter-run.cz

44

WinterRUN is a Czech Republic-based event organizer specializing in winter running races held across multiple cities. The company operates a well-structured website providing race schedules, registration links, results, galleries, and news updates. The business targets runners and sports enthusiasts, leveraging partnerships with notable sponsors and media outlets to strengthen its market position. Founded in 2014, WinterRUN maintains a medium-sized operation with consistent branding and a professional online presence. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Facebook Pixel for analytics and marketing. Hosting is provided by VAS Hosting, with a moderate performance profile and good mobile optimization. The site includes cookie consent mechanisms compliant with GDPR, although some security headers are missing, indicating room for improvement in security hardening. From a security perspective, the site uses HTTPS and implements cookie consent with express consent. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security policies and incident response contacts suggests an opportunity to enhance trust and compliance. The WHOIS data aligns well with the business information, supporting legitimacy. Overall, WinterRUN presents a trustworthy and professional digital footprint with good content quality and business credibility. Strategic improvements in security headers and incident response transparency would further strengthen its security posture and user trust.

Synerjob is a non-profit organization established in 2007 to foster collaboration between regional employment agencies in Belgium, including ACTIRIS, ADG, Bruxelles Formation, Forem, and VDAB. The website serves as an informational portal providing multilingual content about the association's mission, members, documents, events, and statistics. The business model focuses on regional labor market synergy and information sharing among government entities. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript with jQuery and Bootstrap, and integrates Google Tag Manager for analytics. The site is moderately optimized for mobile and accessibility with basic SEO practices. Security posture is moderate with no explicit security headers detected and no visible HTTPS status in the provided data, though Google Tag Manager scripts load over HTTPS. Privacy compliance is basic, with a cookie consent banner present but no privacy policy or terms of service found. No contact information or forms are present on the homepage HTML. The domain WHOIS data is consistent with the organization's founding date and business purpose, registered with a reputable registrar since 2007, supporting legitimacy. Overall, the website is professional and safe for general audiences but could improve in privacy transparency and security best practices.

Q

Queer Communications GmbH

queer.de

53

Queer Communications GmbH operates queer.de, a well-established German online magazine serving the LGBTI community with news, culture, entertainment, and event information. The website targets the queer community and allies, providing diverse content including interviews, TV tips, podcasts, and galleries. The business model relies on advertising, affiliate marketing, and newsletter subscriptions, positioning queer.de as a niche media leader in Germany. Technically, the site employs standard web technologies with a focus on responsive design and GDPR-compliant cookie management. Hosting appears to be with Your-Server.de, and analytics are handled via Piwik (Matomo), reflecting a moderate digital maturity. Security posture is solid with HTTPS and content security policies, though additional headers could enhance protection. No critical vulnerabilities or adult content were detected, and privacy compliance is well addressed. Overall, queer.de presents a professional, trustworthy, and user-friendly platform with room for incremental security and compliance improvements.

R

remspace

remspace.cz

52

remspace.cz is a professional Czech online magazine and communication platform focused on the real estate and construction sectors. It provides industry news, articles, and organizes conferences and discussion events, targeting professionals and stakeholders in urban planning, development, and real estate markets. The website is well-branded, content-rich, and maintains a consistent presence with partners and social media channels. Technically, the site is built on WordPress with modern performance optimizations and uses Google Tag Manager for analytics. Security posture is good with HTTPS and cookie consent mechanisms, though some HTTP security headers are missing. WHOIS data is unavailable, which slightly impacts trust but the overall professional presentation supports legitimacy. Privacy and cookie policies are comprehensive and GDPR compliant.

E

ENOÉ, créateur d'énergie

enoe-energie.fr

66

Enoé is a French renewable energy producer specializing in green and local energy solutions. The company manages the entire value chain from design to maintenance, positioning itself as a key player in the energy transition sector in France. Their website reflects a professional and consistent brand image with a focus on sustainability and expertise in renewable energy production. The digital infrastructure is based on WordPress with SEO optimization via the All in One SEO plugin, and integrates marketing and analytics tools primarily from HubSpot and social media platforms. Security posture is moderate with HTTPS usage but lacks visible security headers and explicit privacy or cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and structured data support legitimacy. Overall, the site is well-designed and user-friendly but would benefit from enhanced security and privacy compliance measures.

S

Solutions 30

solutions30.com

68

Solutions 30 is a technology solutions provider established in 2009, offering services related to new technologies. The website is built on WordPress using the Divi theme and hosted with AWS DNS services. The digital infrastructure is moderately optimized with basic mobile responsiveness and SEO features. Security posture is average, with HTTPS enabled but lacking advanced security headers and policies. No explicit privacy or cookie policies were found, indicating potential compliance gaps. Overall, the website presents a professional but basic online presence with room for improvement in privacy, security, and contact transparency.

A

Association Debian-Facile

debian-facile.org

62

Debian-Facile is a French non-profit association dedicated to supporting new users of the Debian GNU/Linux operating system. The website serves as a hub for community-driven resources including forums, a wiki, tutorials, and an IRC support channel. It targets beginners and promotes free software principles through educational content and community engagement. The association is well-established, founded in 2007, and maintains a stable online presence with a domain registered through OVH sas. Technically, the site uses basic HTML and CSS with the FluxBB forum software, which is currently outdated and undergoing migration to a more modern platform. While the site is accessible and content-rich, it lacks explicit privacy and cookie policies, and security headers are not present, indicating room for improvement in security posture. The domain registration is consistent and trustworthy, with long-term expiry and registrar protections in place. Overall, Debian-Facile provides valuable community services with a solid business credibility but should enhance its technical security and privacy compliance to align with best practices.