Security Directory

Homerun is a Netherlands-based technology company specializing in applicant tracking and human resource management software designed for modern teams. Their SaaS platform offers a user-friendly and visually appealing ATS and HR toolset that streamlines hiring, leave tracking, employee data management, and team insights. The company targets growing teams and HR professionals seeking an efficient and personal approach to recruitment and team management. Homerun positions itself as a niche provider with a strong emphasis on user experience and brand culture, supported by positive customer testimonials and high ratings on independent review platforms.

S

Selectra India

selectra.in

67

Selectra India operates a comprehensive online platform focused on providing consumers in India with detailed comparisons of mobile, broadband, DTH, and OTT plans. The website is well-structured, leveraging Drupal 10 CMS and modern web technologies to deliver a user-friendly experience. It targets Indian telecom consumers seeking to make informed decisions about their telecom services. The platform positions itself as a trusted partner in telecom decision-making, offering consulting and plan recommendations. Technically, the site uses Google Fonts, Google Tag Manager, and Google Adsense for analytics and monetization, with a cookie consent mechanism in place to comply with privacy regulations. Security posture is solid with HTTPS enforced, though some security headers and explicit privacy policies are missing. No signs of WAF or content blocking were detected, and the WHOIS data aligns well with the business claims, indicating legitimacy. Overall, the site is professional, trustworthy, and provides valuable telecom information, but could improve privacy transparency and contact availability.

F

Fundación Cajasol

fundacioncajasol.com

57

Fundación Cajasol is a well-established non-profit cultural and social foundation based in Andalucía, Spain, founded in 2006. It offers a broad range of cultural events, educational programs, and social initiatives, positioning itself as a key regional player in these sectors. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to a general audience interested in culture and education. Technically, the site is built on WordPress, hosted on Microsoft Azure DNS infrastructure, and employs common security and compliance plugins such as Wordfence and GDPR Cookie Compliance. Security posture is strong with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness.

G

Golden Snack s.r.o.

goldensnack.eu

46

Golden Snack s.r.o. is a Czech Republic-based snack manufacturer established in 2000, specializing in pellet snacks, crackers, potato chips, salt sticks, and popcorn. The company is a leading private label producer in the Czech Republic and a significant player in the EU snack market. Their product range includes healthier options under the Vital Snack brand, emphasizing BIO raw materials and reduced fat content. The website is professionally designed using WordPress and Elementor, featuring clear product information and contact details. Technical infrastructure includes modern web technologies and Google services for analytics and reCAPTCHA for form security. Security posture is adequate with HTTPS and CAPTCHA but lacks advanced security headers and published security policies. Privacy compliance is limited due to absence of privacy and cookie policies on the site. Overall, the website reflects a legitimate and established business with room for improvement in privacy and security transparency.

C

Camalot

camalot.be

52

Camalot is a specialized high-end digital cinema rental company based in Vilvoorde, Belgium, with an additional presence in Amsterdam, Netherlands. The company focuses on providing premium digital cinema equipment and related services to film production professionals. Their market position is that of a niche provider catering to a professional audience requiring advanced camera and cinema technology. The website reflects a professional business model centered on equipment rental and support services, targeting media production companies and professionals in the region. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, jQuery, and Google Fonts, built on the P5 Webtemplate framework. Hosting is provided by team.blue nl B.V., a reputable registrar and hosting provider. The site is mobile optimized with good SEO practices and structured data markup, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS with a strong SSL configuration and implements a Content Security Policy header. Google Analytics is configured with IP anonymization, enhancing privacy. However, the site lacks a visible cookie consent mechanism and does not publish explicit security or incident response policies, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Overall, Camalot's website is trustworthy and professional, with a solid security posture and good business credibility. Strategic recommendations include implementing explicit cookie consent, publishing security policies, enhancing accessibility, and maintaining vigilance on third-party scripts to ensure ongoing security and compliance.

M

Mega Fitness

mega-fitness.eu

54

Mega Fitness is a small fitness club located in Prague, Czech Republic, offering personal training, nutrition planning, and body diagnostics. The business operates in a local market with a family-friendly atmosphere and provides a fully equipped gym facility. The website is built on the Squarespace platform, leveraging modern web technologies and providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and privacy compliance documentation. Contact information is clearly presented, supporting business credibility. Overall, the website reflects a legitimate and professional small business with room for improvement in privacy and security practices.

M

Mairistem

jvs-mairistem.fr

53

Mairistem is a French software publisher specializing in digital management solutions tailored for local governments and collectivités. With over 40 years of experience and a client base exceeding 15,000 collectivités, the company offers a comprehensive suite of interoperable software products covering finance, human resources, civil status, citizen services, and territory management. Their business model combines software licensing with cloud solutions, consulting, training, and dedicated client support, positioning them as a trusted partner in the government technology sector. Technically, the website is built on Drupal 10, leveraging modern JavaScript libraries and analytics tools such as Matomo and HubSpot, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact details. The absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, but the professional presentation and extensive business information mitigate this concern. Overall, Mairistem demonstrates a mature digital presence aligned with its market position, though improvements in transparency around security policies are recommended.

S

Seniorêva

senioreva.com

43

Seniorêva is a French event organizer specializing in senior-focused events, notably the Seniorêva Salon scheduled for October 2025 in Lille. The website presents a professional and consistent brand image, targeting seniors with a clear event program and partner ecosystem. The business operates primarily in event organization and communication within the regional market of Lille, France. Technically, the site is built on Joomla CMS with modern frameworks like Bootstrap and Helix Ultimate, hosted by OVH sas, a reputable provider. The site is mobile-optimized and includes essential privacy and cookie compliance features, reflecting moderate digital maturity. Security posture is adequate with HTTPS and CSRF protections, but lacks advanced security headers and DNSSEC, which are recommended for enhancement. Overall, the site is trustworthy, with clear contact channels and social media presence, but could improve in security and compliance transparency.

T

TPF Engineering Private Limited

tpfepl.com

49

TPF Engineering Private Limited is an engineering company operating primarily in the energy sector, offering engineering services and project management solutions. The website presents a professional business presence targeting industrial and corporate clients. The technical infrastructure is based on WordPress with the Divi theme, utilizing Google Fonts and Google Analytics for tracking. The site is mobile optimized and has moderate performance. Security posture is adequate with HTTPS enabled and basic tracking opt-out mechanisms, but lacks advanced security headers and visible privacy or cookie policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy and security transparency.

iREPORT s.r.o. operates a Czech-language online music and style magazine providing news, concert photo reports, reviews, interviews, video and audio content, exclusive CD/DVD supplements, and contests. The website targets music enthusiasts primarily in the Czech Republic and offers a rich multimedia experience with frequent content updates and an active event calendar. The business model is focused on media publishing with advertising revenue streams and audience engagement through contests and social media. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Font Awesome, Google Fonts, and various tracking and advertising scripts such as Google Analytics, Hotjar, and Rubicon Project. The site is mobile optimized and uses HTTPS with a good SSL configuration. Consent management is implemented via Didomi and CPEX CMP, supporting GDPR compliance. However, the site lacks some advanced security headers and explicit contact or security policy information. From a security perspective, the site demonstrates good practices like HTTPS enforcement and cookie consent but could improve by adding more comprehensive security headers and publishing incident response contacts. The absence of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional appearance and operation of the website. Overall, the website is well-designed, content-rich, and compliant with privacy regulations, but the missing domain registration data and limited security policy transparency present moderate risks. Strategic improvements in security posture and transparency would enhance trust and compliance.

Libuše Dlabola Pražáková is an artist based in Semily, Czech Republic, showcasing her paintings and art cycles through a professionally designed portfolio website. The site targets art enthusiasts and potential collectors, providing a clear presentation of her work and contact details for inquiries. The business model is focused on promotion and potential sales of artwork, with a niche local/regional market position. Technically, the website uses Materialize CSS framework, Google Fonts, and Material Icons, delivering a responsive and visually appealing experience. The site performs moderately well with good mobile optimization and basic accessibility features. However, there is no detected CMS or hosting provider information, and no advanced technical frameworks are used. From a security perspective, the site lacks important security headers and privacy-related policies, which lowers its security posture. The absence of WHOIS data for the domain is a concern, reducing trustworthiness despite the legitimate content and contact information. No forms or tracking scripts are present, minimizing data collection risks but also indicating limited user engagement features. Overall, the website is a good quality artist portfolio with moderate technical maturity and low security compliance. Strategic improvements in security headers, privacy policies, and domain registration transparency are recommended to enhance trust and compliance.

P

Pustit k vodě

pustitkvode.cz

9

Pustit k vodě is a regional tourism website focused on promoting water-related activities and attractions in Central Bohemia, Czech Republic. The site offers comprehensive information on recreational boating, water sports, tourist destinations, cultural events, accommodation, and dining options. It targets tourists and recreational visitors interested in exploring the region from the water perspective. The website is well-branded and supported by partnerships with regional authorities and tourism organizations, enhancing its credibility and market position. Technically, the website is built on WordPress with modern web technologies including Yoast SEO for optimization, Google Tag Manager for analytics, and Lottie animations for enhanced user experience. The site is mobile-optimized and features good navigation and content structure. Security is adequately addressed with HTTPS, security headers, and cookie consent mechanisms, although no explicit security or incident response policies are published. The absence of WHOIS data for the domain is a notable concern, limiting the ability to verify domain legitimacy and ownership details. Despite this, the website's content quality, partnerships, and compliance with GDPR through privacy and cookie policies suggest a legitimate and professional operation. Overall, the site presents a moderate risk profile with recommendations to improve transparency around security policies and contact information.

A

Asocijacija Kulturanova

kulturanova.org

10

Kulturanova is a Serbian non-profit cultural association established in 2009, focused on promoting intercultural dialogue and youth creativity through artistic education, cultural production, and public policy advocacy. The organization operates multiple cultural programs and events, including the TAKT festival, targeting youth and cultural professionals primarily in Novi Sad. The website is built on WordPress with WooCommerce integration, reflecting a moderate level of digital maturity with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, though lacking advanced security headers and formal privacy or cookie policies. Overall, the site presents a professional and trustworthy image consistent with its cultural mission.

The website progettocresco.it currently displays a 403 Forbidden error page, indicating that access to the content is blocked or restricted. There is no accessible business information, contact details, or policy documents available on the site. The domain is registered since 2011 and appears legitimate in terms of registration age and status, but the lack of accessible content severely limits the ability to assess the business or technical maturity. The technical infrastructure is minimal, using basic HTML and CSS with Google Fonts, and no advanced frameworks or CMS are detected. Security posture is weak due to absence of HTTPS information and security headers. Privacy compliance is non-existent as no privacy or cookie policies are found. Overall, the site is currently non-functional for end users and lacks critical trust and security indicators.

A

Association www.bzh

nddcamp.bzh

46

NDDCamp Rennes is a specialized event organized by Association www.bzh focusing on domain name security, combining technical, legal, and economic perspectives. The event targets professionals in the domain name and cybersecurity sectors, offering conferences, roundtables, and networking opportunities. The website is professionally designed using modern web technologies and provides clear information about the event, speakers, sponsors, and registration. The technical infrastructure is solid with Bootstrap and other frontend libraries, hosted on archive-host.org. Security posture is moderate with HTTPS assumed but lacking DNSSEC and security headers; visible PHP warnings indicate backend maintenance needs. Privacy compliance is weak due to missing privacy and cookie policies despite data collection forms. Overall, the site is trustworthy but could improve security and compliance aspects.

A

Asian Species Action Partnership | ASAP

speciesonthebrink.org

63

The Asian Species Action Partnership (ASAP) website represents a collaborative non-profit initiative focused on preventing species extinction in Southeast Asia. The platform serves as a hub for over 200 organizations, providing resources, funding opportunities, training, and partnership facilitation to accelerate conservation efforts. The website is professionally designed using the Squarespace CMS, featuring clear navigation and mobile optimization. However, it lacks explicit privacy policies and direct contact information, which are important for trust and compliance. The security posture is strong with HTTPS and HSTS enabled, but could be improved with additional security headers and incident response information.

C

Chances for Nature

chancesfornature.org

49

Chances for Nature is a small non-profit organization established in 2011, dedicated to supporting people and protecting nature through environmental and social initiatives. The website is built on WordPress using the Divi theme, reflecting a moderate level of digital maturity with good design and mobile optimization. The technical infrastructure is standard for a non-profit, with HTTPS enabled and basic cookie consent mechanisms in place. However, there is room for improvement in security practices, such as enabling DNSSEC and implementing security headers. The absence of explicit privacy policies, terms of service, and contact information reduces transparency and may affect user trust. Overall, the website is functional and professional but would benefit from enhanced compliance and security documentation.

B

Buttercream Cakes & Desserts

welcometofullcircle.com

57

Buttercream Cakes & Desserts is a small retail business specializing in wedding cakes, special occasion cakes, and dessert displays primarily serving the Twin Cities area and surrounding regions. The company emphasizes high-quality, allergen-conscious products with easy pickup options and an online ordering platform. Their market position is strong locally, supported by testimonials and licensing claims. Technically, the website is built on WordPress with common plugins like Jetpack and Ecwid, hosted on WordPress.com atomic infrastructure, offering moderate performance and good mobile optimization. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing policies and consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security practices.

P

Privacyterms.io

termsandconditionstemplate.com

62

Privacyterms.io is a specialized online service providing customizable legal document templates including Privacy Policies, Terms and Conditions, and Disclaimers. The company targets website owners and small to medium businesses seeking compliance with international data protection laws such as GDPR, CalOPPA, and CCPA. Their market position is that of a niche provider offering both free and premium solutions with lawyer-drafted content. Technically, the website is built on WordPress using Oxygen Builder, leveraging modern web technologies and hosted behind Cloudflare for DNS and CDN services. The site demonstrates good mobile optimization, SEO practices, and moderate performance. Security-wise, the site enforces HTTPS and domain transfer protections but lacks advanced security headers and explicit incident response policies. No cookie consent mechanism was detected despite cookie usage for analytics. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though it could improve security posture and transparency. Strategic recommendations include enabling DNSSEC, adding security headers, implementing cookie consent, and publishing incident response information.

M

Mad Color | Graphisme & Web

madcolor.fr

48

Mad Color is a small French business specializing in graphic design, artisanal screen printing, and web development services. The company targets local clients seeking creative and digital solutions such as logos, flyers, websites, and print media. The website serves as a portfolio and contact point, showcasing various projects and emphasizing artisanal craftsmanship. Technically, the site is built on WordPress using popular themes and plugins like Bridge, Elementor, and Slider Revolution, indicating a moderate level of digital maturity. The site is mobile-optimized and includes SEO best practices but lacks some accessibility features and security headers. Security posture is adequate with HTTPS enabled but could be improved by adding security headers and ensuring plugin updates. The absence of WHOIS data and privacy/cookie policies indicates compliance and trust gaps. Overall, the site is functional and professional but would benefit from enhanced security and privacy transparency.

A

Aftermarket.pl Limited

szachownica.pl

55

The website szachownica.pl is a Polish-language online fashion blog and e-commerce affiliate platform focused on women's clothing, particularly dresses and seasonal fashion trends. It provides rich content including articles, style advice, and product recommendations, primarily targeting Polish-speaking women interested in fashion. The business operates under Aftermarket.pl Limited, with a domain registered since 2014, indicating an established presence in the retail fashion niche. Technically, the site is built on WordPress with WooCommerce, leveraging modern web technologies such as jQuery and Google Fonts, and implements SEO best practices including structured data and Open Graph metadata. Security posture is solid with HTTPS and DNSSEC enabled, though it lacks visible security headers and explicit privacy or cookie policies. No contact information or incident response channels are found, which limits direct user engagement and compliance transparency. Overall, the site is functional, well-branded, and content-rich but would benefit from enhanced privacy compliance and security header implementation.

dream.jobs is an AI-powered job search platform that enables users to upload their CVs and receive personalized job opportunities. The platform also offers services for employers to post jobs, positioning itself as a modern career portal leveraging AI technology. The website uses modern frontend technologies such as React, Next.js, and Material-UI, providing a good user experience with responsive design and clear navigation. Security posture is adequate with HTTPS enforced and no exposed sensitive data, but lacks explicit security headers and documented incident response or vulnerability disclosure policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the platform appears legitimate and professional, targeting job seekers and employers in the technology sector.

B

BLOOM'UP

bloomup.net

51

Bloom'Up is a French accredited domain registrar specializing in the acquisition and resale of recently expired domain names with strong SEO potential. The company offers services such as dropcatching, backorder programming, immediate domain purchase, and auctions, targeting SEO professionals and digital marketers seeking to leverage domain authority and traffic. The website is professionally designed, mobile-optimized, and provides clear business information including contact details and accreditation by AFNIC, enhancing trustworthiness. Technically, the website employs modern front-end technologies including Bootstrap, FontAwesome, and Owl Carousel, ensuring a responsive and visually appealing user experience. While the site uses HTTPS and secure transfer codes for domains, it lacks visible security headers and cookie consent mechanisms, indicating room for improvement in security and privacy compliance. No analytics or tracking scripts were detected, suggesting minimal user tracking. From a security perspective, the site demonstrates a good baseline with HTTPS and secure domain transfer processes. However, the absence of WHOIS data for the domain raises concerns about domain registration legitimacy or recent registration status. No critical vulnerabilities or exposed sensitive data were identified. The site would benefit from enhanced security headers, explicit incident response policies, and GDPR-compliant cookie consent. Overall, Bloom'Up presents a credible and professional business with a niche market focus. The main risk lies in the missing WHOIS data which impacts domain trustworthiness. Strategic recommendations include improving security headers, implementing cookie consent, and publishing detailed security and incident response policies to bolster compliance and user trust.

D

Dotmarket

dotmarket.eu

59

Dotmarket is a French digital marketplace specializing in the buying and selling of profitable and audited digital businesses, including e-commerce sites, SaaS platforms, and content media. The platform offers expert validation, valuation, and advisory services, positioning itself as a leading structured M&A marketplace in France. The website is professionally designed with rich content and educational resources, targeting investors and entrepreneurs in the digital business sector. Technically, the site leverages modern web technologies including Webflow CMS, Google Tag Manager, Facebook Pixel, and PostHog analytics, ensuring a robust digital infrastructure. Security posture is good with HTTPS enforced and no exposed sensitive data, though improvements can be made by adding security headers and visible privacy policies. Overall, the site demonstrates a high level of professionalism and trustworthiness, though the absence of explicit contact information and privacy disclosures slightly impacts privacy compliance. The domain WHOIS data is unavailable due to EURid privacy policies, which is typical for .eu domains and does not raise immediate concerns.

P

.BZH - L'extension internet de la Bretagne

pik.bzh

52

The website www.pik.bzh serves as a regional internet domain extension portal for Brittany, France, promoting the .bzh domain. It is built on WordPress using the Divi theme and optimized with WP Rocket. The site targets a general audience interested in Brittany and regional internet identity. Technically, the site employs modern web fonts and lazy loading scripts but lacks advanced security headers and visible privacy or cookie policies. No contact or business registration information is explicitly provided, which limits trust and compliance assessment. Security posture is basic with no evident vulnerabilities but also no advanced protections or disclosures. Overall, the site is functional and moderately optimized but requires improvements in privacy, security, and business transparency to enhance credibility and compliance.

O

Office de Tourisme Béziers Méditerranée

beziers-mediterranee.com

64

Office de Tourisme Béziers Méditerranée operates as the official regional tourism office for the Béziers Méditerranée area in France, providing comprehensive tourism information, event listings, and booking services. The website is well-branded and professionally maintained, targeting tourists and visitors seeking cultural, leisure, and outdoor activities in the region. The business model focuses on promoting local tourism and facilitating visitor engagement through digital channels. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and a cookie consent platform (Axeptio). It features responsive design, good SEO practices, and accessibility considerations. The site integrates interactive maps and booking widgets enhancing user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of explicit security headers is noted. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is addressed with visible privacy and cookie policies, and GDPR consent mechanisms. Overall, the site presents a low-risk profile with strong business credibility and digital maturity. The main concern is the lack of WHOIS data, which should be investigated to confirm domain registration legitimacy. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and verifying domain registration details.

M

My Sport Session

mysportsession.com

56

My Sport Session is an online platform based in France that enables users to discover and book a wide variety of sports and leisure activities without subscription or commitment. The service emphasizes flexibility, local availability, and ease of booking, targeting a broad audience interested in physical activities and leisure. The website is professionally designed with a consistent brand presence and includes user testimonials and social media integration to build trust. Technically, the website leverages modern web technologies including React and Google Tag Manager, with asynchronous and deferred script loading to optimize performance. The site is mobile-optimized and includes SEO best practices such as meta tags and Open Graph data. However, accessibility features are basic and could be improved. From a security perspective, the site enforces HTTPS and uses Google Tag Manager for analytics and marketing. There is a lack of visible security headers and no published privacy or cookie policies, which are important for GDPR compliance. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating recent registration or privacy protection, which impacts trustworthiness. Overall, the platform presents a good user experience and a solid technical foundation but should enhance transparency around privacy, security policies, and contact information to improve compliance and user trust. Further verification of domain registration is recommended to confirm legitimacy.

J

JOJ Group

jojgroup.sk

55

JOJ Group is the largest media group in Slovakia, offering a broad range of media broadcasting and advertising services. The company operates multiple TV stations and online media brands, targeting a general audience in Slovakia. Their business model focuses on media production, broadcasting, and advertising sales, positioning them as a market leader in the Slovak media industry. The website reflects a professional and modern digital presence with good content quality and clear branding. Technically, the site is built on WordPress with modern JavaScript libraries and includes a consent management platform for GDPR compliance. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

P

Playmain

playmain.com

47

Playmain is a small web development duo based in Indonesia, operated by a married couple who focus on crafting quality websites with an emphasis on both aesthetic design and functional code. Their website serves as a personal portfolio and family playground for their creative web design and development projects. The site is simple, with limited content and no advanced interactive features. Technically, the site uses basic web technologies including HTML5, CSS3, JavaScript, Google Fonts, and Google Analytics for tracking. However, there is no evidence of a CMS or advanced frameworks. Security posture is weak due to lack of HTTPS confirmation, absence of security headers, and no visible privacy or cookie policies. The WHOIS data is missing or indicates the domain is unregistered or expired, which raises concerns about domain legitimacy. Overall, the site is functional but lacks professional security and compliance features.

S

Sencyb

miniurl.be

45

MiniUrl.be is a French-language URL shortening service operated by Online sas since 2010, providing users with a free and simple way to shorten and share URLs. The website is well-established with a consistent brand presence and offers additional features such as QR code generation and an API for webmasters. The business model relies on advertising revenue and voluntary donations via PayPal. Technically, the site uses modern frontend technologies including Bootstrap and jQuery, integrates Google Analytics and Adsense for tracking and monetization, and implements a GDPR-compliant cookie consent mechanism. Security posture is adequate with HTTPS enforced, but could be improved by adding advanced security headers and publishing explicit security policies. No direct contact information is provided, which may impact user trust. Overall, the site is functional, compliant with privacy regulations, and serves a niche audience effectively.

O

Opéra national du Rhin

operanationaldurhin.eu

57

The Opéra national du Rhin website serves as the digital presence for a regional cultural institution specializing in opera and performing arts in France. It offers detailed event listings, ticketing options, and multimedia content to engage its audience. The site is built on modern web technologies including Roadiz CMS and Vue.js, providing a responsive and visually appealing user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and security policies are not clearly presented. The absence of public WHOIS data is consistent with EURid's privacy policies and does not detract from the site's legitimacy. Overall, the website reflects a professional and trustworthy cultural organization with room for improvement in transparency and security documentation.

F

Fédération Hiéro Mulhouse

noumatrouff.fr

55

Noumatrouff is a cultural organization and music venue based in Mulhouse, France, operating as Fédération Hiéro Mulhouse. The website serves as a portal for concerts, rehearsal studio bookings, workshops, and membership subscriptions, targeting musicians and local music enthusiasts. The business model relies on event ticketing, studio rentals, and community engagement. The site links to partner platforms for ticket sales and studio reservations, indicating a collaborative ecosystem. Technically, the website is built on WordPress with common plugins for galleries, forms, and cookie management, reflecting a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and formal privacy policies. The absence of WHOIS data limits domain trust verification, though the website content and external references suggest legitimacy. Overall, Noumatrouff presents as a professional cultural entity with room for improvement in privacy and security transparency.

V

Vacances Scolaires

vacances-scolaires.com

64

Vacances Scolaires is a specialized informational website dedicated to providing official French school holiday calendars for multiple years (2025-2027), covering metropolitan zones A, B, C, Corse, and overseas territories. The site targets parents, students, and educators seeking authoritative and up-to-date holiday schedules, offering downloadable PDFs and iCal files for easy integration into personal calendars. The business model relies primarily on advertising revenue and affiliate marketing partnerships. Technically, the site employs modern web technologies including Bootstrap 5, jQuery, FontAwesome, and Google Fonts, hosted on a reputable French hosting provider (o2switch). It integrates Google Adsense for monetization and Matomo for analytics, with a cookie consent mechanism ensuring GDPR compliance. Security posture is generally good with HTTPS enforced and basic protections, though minor backend PHP warnings and lack of explicit security headers suggest areas for improvement. The domain is newly registered in late 2023, consistent with the site's focus on future school years, and WHOIS data shows no suspicious patterns. Overall, the website is professional, trustworthy, and well-optimized for its niche audience.

Entreprendredanslorne.com is a regional business facilitation platform focused on supporting companies seeking to establish operations in the Orne department of Normandy, France. The website offers services including project accompaniment, real estate and land search, public aid identification, and networking with local actors. It positions itself as a key regional player providing a free and tailored support network for business implantation. The site is linked to regional government entities, enhancing its credibility. Technically, the website employs a modern front-end stack including Bootstrap 3.3.7, jQuery, Font Awesome, Google Fonts, and interactive components like FlexSlider and Owl Carousel. It integrates Google Analytics, Google Tag Manager, and SnapEngage chat for user engagement and analytics. Security measures include HTTPS with reCAPTCHA v3 on forms, but lack explicit security headers and cookie consent mechanisms. The security posture is moderate with good SSL configuration and secure form handling, but improvements are needed in security headers and privacy compliance. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, although the website content and contact details suggest a legitimate regional business service. Overall, the site is professional and functional but would benefit from enhanced security and compliance transparency. Strategically, verifying domain registration and adding explicit privacy and security policies would strengthen trust. Enhancing security headers and cookie consent would improve compliance and user trust. Continued monitoring of third-party scripts and analytics is recommended to mitigate potential vulnerabilities.

C

CHI Créteil

chicreteil.fr

11

The Centre Hospitalier Intercommunal de Créteil (CHI Créteil) is a large public healthcare institution serving the Créteil region in France. The website provides comprehensive information about the hospital's services, specialties, patient resources, and professional opportunities. It is well-positioned as a regional healthcare provider with a strong focus on accessibility, patient care, and medical expertise. The site also highlights research and teaching activities, indicating an integrated healthcare and academic mission. Technically, the website is built on WordPress with modern web technologies including jQuery, Slick Carousel, and Google Fonts. It uses Matomo analytics configured with privacy by design, and a robust cookie consent mechanism via Tarteaucitron, reflecting a mature approach to privacy compliance. The site is mobile-optimized and accessible, with clear navigation and professional design. From a security perspective, the site enforces HTTPS and employs cookie consent controls. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly present and should be implemented to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. The absence of a published security policy or incident response contact is noted. Overall, the website is trustworthy, professional, and compliant with GDPR and cookie regulations. The lack of WHOIS data is typical for .fr domains and does not detract from legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and maintaining regular updates to plugins and CMS to mitigate vulnerabilities.

C

ClimateLaunchpad

climatelaunchpad.org

48

ClimateLaunchpad is a globally recognized green business ideas competition that supports entrepreneurs and innovators in transforming their sustainable ideas into successful startups. Established in 2015 and co-funded by the European Union through Climate KIC, it offers training, coaching, and competitive platforms culminating in national and regional finals. The website reflects a mature digital presence with a WordPress CMS, integration of Google Tag Manager for analytics, and a responsive design optimized for mobile users. Security practices include HTTPS enforcement and domain transfer protections, although enhancements like DNSSEC and security headers could improve the security posture. Privacy compliance is well addressed with clear cookie consent and a comprehensive privacy policy. Overall, the site demonstrates high professionalism, trustworthiness, and a strong commitment to its mission of fostering green innovation worldwide.

Restaurace Maxima is a small hospitality business based in the Czech Republic, specializing in traditional gastronomy with a modern twist. The website presents a professional and visually appealing interface that highlights their daily menus, event hosting, and quality culinary offerings. The business targets local customers, families, and corporate clients seeking quality dining experiences. Technically, the website uses modern front-end technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of WHOIS data and privacy policy pages indicates gaps in transparency and compliance. Security posture is moderate with cookie consent implemented but lacking security headers and incident response information. Overall, the website is functional and trustworthy for its business purpose but would benefit from enhanced security and compliance documentation.

Z

Zdravie.sk, s.r.o.

zdravie.sk

56

Zdravie.sk is a well-established Slovak health and lifestyle portal founded in 2004, operated by Zdravie.sk, s.r.o. It offers comprehensive health information, lifestyle content, medical news, and community forums targeting a general audience in Slovakia. The website enjoys a strong market position as a popular and trusted source of health-related content. Technically, the site uses a modern tech stack including Google Fonts, Google Analytics, Facebook SDK, and multiple advertising platforms. It is hosted with Google Domains and employs HTTPS for secure communications. However, the site lacks explicit privacy and cookie policies and does not display security headers, which are areas for improvement. No contact emails or phone numbers were found in the provided content, limiting direct communication channels. Overall, the site demonstrates good content quality and business credibility but could enhance privacy compliance and security posture.

S

Species360

species360.org

61

Species360 is a reputable non-profit organization specializing in providing a global database and information system for zoos, aquariums, and wildlife conservation entities. Their platform supports animal data management and conservation efforts worldwide, positioning them as a leader in zoological data services. The website reflects a mature digital presence with a professional design, clear navigation, and comprehensive content tailored to their specialized audience. Technically, the site is built on WordPress with Elementor, leveraging modern web technologies and maintaining good performance and mobile optimization. Security posture is strong with HTTPS enforced and appropriate security headers, although DNSSEC is not enabled and no explicit security policy or incident response information is published. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the domain registration details align well with the organization's history and legitimacy, supporting a high trust score.

U

Unie českých a slovenských zoologických zahrad

ucszoo.com

56

The Unie českých a slovenských zoologických zahrad (UCSZOO) website serves as the official online presence for a recently established non-profit organization representing 18 zoological gardens across Czechia and Slovakia. The organization focuses on coordinating conservation efforts, animal exchange programs, educational campaigns, and professional development among member zoos. The website is built on WordPress using the Divi theme and includes several plugins for enhanced functionality, including translation services. The site is well-branded and professionally designed, targeting zoo professionals and the general public interested in nature conservation. However, it lacks explicit privacy and cookie policies, which are important for compliance with data protection regulations.

M

Mairie de Gurgy

gurgy.net

58

The website www.gurgy.net serves as the official municipal portal for the town of Gurgy, France, providing residents and visitors with news, administrative information, community services, and event announcements. It targets local citizens and stakeholders, offering a centralized platform for municipal communication and public service access. The site maintains a consistent and professional presentation aligned with government standards, including clear navigation and relevant content. Technically, the site employs standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and integrates third-party services like Google Analytics and Meteo France weather widgets. Cookie consent is managed via the tarteaucitron library, ensuring compliance with privacy regulations. The site is mobile-optimized and SEO-friendly, though it lacks some advanced accessibility features and security headers. From a security perspective, the site uses HTTPS and manages user consent for cookies, but it does not implement several recommended security headers or provide incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a concern, as it reduces trust in domain legitimacy despite the website's official appearance. Overall, the website is functional, trustworthy, and serves its purpose well, but improvements in security headers, WHOIS transparency, and incident response readiness are advised to enhance its security posture and trustworthiness.

B

Botnation AI

botnation.ai

63

Botnation AI is a well-established technology company specializing in no-code chatbot creation platforms enhanced with AI capabilities. Founded in 2017 and registered in Switzerland, the company offers a SaaS model targeting businesses and agencies seeking to deploy conversational AI solutions across multiple channels such as websites, social media, and messaging apps. Their platform emphasizes ease of use, integration with CRM and APIs, and includes live chat features for seamless human handover. The website demonstrates a mature digital presence with comprehensive content, strong branding, and multiple certifications including GDPR, PCI-DSS, and ISO standards, reinforcing their commitment to security and compliance. Technically, the website is hosted on AWS infrastructure with a modern tech stack including JavaScript and jQuery, optimized for performance and mobile responsiveness. SEO and accessibility are well addressed with structured data and meta tags. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is mostly met, but the absence of a cookie consent mechanism and incident response contacts are notable gaps. Overall, Botnation AI presents a trustworthy and professional online presence with a clear business model and strong market positioning in the chatbot technology sector. The site is safe for general audiences and free from adult or questionable content. Strategic recommendations include enhancing privacy controls, improving DNS security, and publishing incident response details to further strengthen trust and compliance.

V

Vaše rodinné pekařství v Šumperku

pekarstviuradnice.cz

39

Vaše rodinné pekařství v Šumperku is a small local bakery business based in Šumperk, Czech Republic, specializing in fresh bakery products baked twice daily with an option for customers to pre-order their favorite items. The website is built on WordPress and uses modern web technologies such as lazy loading for images and Google Fonts for typography. The site is mobile optimized and provides a good user experience with clear navigation and consistent branding. However, the content is basic and lacks detailed business or contact information. The absence of privacy and cookie policies indicates limited compliance with data protection regulations. Security posture is moderate with HTTPS enabled but missing security headers and no visible incident response or security policies. The WHOIS data is unavailable, which raises concerns about domain legitimacy and reduces overall trust. No advertising or tracking technologies are detected, suggesting minimal user tracking. Overall, the website serves its purpose as a local bakery's online presence but requires improvements in compliance, security, and transparency to enhance trust and professionalism.

I

Ing. Hana Cindrová

hanacindrova.cz

41

Ing. Hana Cindrová operates a small external accounting office primarily serving clients in the Olomoucký region and across the Czech Republic. The business offers comprehensive accounting, tax processing, and financial reporting services with over 17 years of industry experience. The website is professionally designed using WordPress and the Divi theme, providing clear service descriptions and contact information. Technically, the site is well-structured and mobile-optimized but lacks advanced security headers and privacy compliance features. The absence of WHOIS data limits domain trust assessment, though the site content and contact details appear legitimate. Overall, the site demonstrates a solid business presence with room for improvement in security and compliance.

E

EcoSmart Building

ecosmart-building.com

58

EcoSmart Building is a French company specializing in energy performance and indoor air quality solutions for buildings. The company offers innovative predictive supervision technologies to optimize energy consumption and maintain healthy indoor environments. Their services target building managers and businesses seeking sustainable and efficient building management solutions. The website is built on WordPress using modern plugins such as Elementor and Revolution Slider, hosted by OVH sas. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is adequate with HTTPS enabled and domain protection flags, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website presents a professional image with clear contact information but would benefit from enhanced security and privacy disclosures.

iléwatt is a regional electric vehicle charging service operated by the European Metropolis of Lille (MEL), targeting residents and EV users within the metropolitan area. The service offers a subscription model with preferential rates and a mobile app for locating chargers and monitoring charging sessions in real time. The website is professionally designed, mobile-optimized, and provides comprehensive information about the service, subscription offers, and pricing. It integrates modern web technologies including Angular and Tealium for tag management and analytics. Privacy and cookie consent mechanisms are well implemented, reflecting compliance with GDPR requirements. However, the absence of WHOIS data and lack of explicit security policy or incident response contact information slightly reduce the overall trustworthiness. The site maintains a high security posture with HTTPS and secure form practices, but could improve by adding explicit security headers and a vulnerability disclosure policy.

L

La C'ART

lacart.fr

44

La C'ART is a cultural subscription service offering access to 15 museums and art centers in the Lille metropolitan area, targeting residents and visitors interested in arts and culture. The website is well-branded, professionally designed, and provides comprehensive information about the pass, events, and partner institutions. Technically, the site uses modern web technologies including Bootstrap, jQuery, and integrates analytics tools like Matomo and Facebook Pixel. It is mobile-optimized and includes accessibility features, although some security headers could be improved. The security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks explicit security policies or vulnerability disclosure information. WHOIS data is missing, which reduces domain trust from a registration perspective, but the website content and external references indicate legitimacy. Overall, the site is a reliable and professional platform for cultural engagement in Lille.

Z

ZOO JH s.r.o.

zoonahradecku.cz

46

ZOO Na Hrádečku is a private zoological garden located in the Czech Republic, operating since 2014 with a focus on conservation, education, and public engagement. The zoo hosts over 200 animal species, including endangered ones, and offers various visitor experiences such as guided tours, animal adoptions, and educational programs. It operates without subsidies, relying on ticket sales, merchandise, and donations. The website reflects a well-established regional institution with strong community and conservation partnerships. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery libraries, hosted by a reputable Czech registrar and hosting provider. The site is mobile-optimized with good SEO practices and clear navigation, though some advanced security headers and explicit security policies are not evident. Cookie consent and privacy policies are implemented, indicating awareness of GDPR compliance. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers or incident response information. No vulnerabilities or suspicious content were detected. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site presents a trustworthy, professional online presence for a medium-sized private zoo with good content quality and privacy compliance. Strategic improvements in security policy transparency and technical security controls are recommended to enhance the security posture and trust further.

R

Ready for Boarding - travel not only by plane

readyforboardingblog.com

47

Ready for Boarding is a multilingual travel blog primarily targeting travel enthusiasts interested in experiences beyond air travel. Established around 2013, it offers travel stories, tips, and guides with a focus on Poland and Central Europe. The website is built on WordPress and integrates multiple third-party services including WooCommerce for e-commerce, Google Analytics for traffic analysis, and Facebook Pixel for advertising effectiveness. It employs a comprehensive cookie consent mechanism and privacy policy compliant with GDPR, reflecting a mature approach to privacy and user consent. Security posture is adequate with HTTPS enforced and use of Google reCAPTCHA, but lacks visible security headers and formal security policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate and consistent with a small professional travel blog. Overall, the site demonstrates good technical and content quality with room for improvement in security transparency and domain registration clarity.

K

Kavárna Stará Pošta

starapostabela.cz

57

Kavárna Stará Pošta is a small local café and bar located in Bělá pod Bezdězem, Czech Republic, offering specialty coffee (Nordbeans), local beers (Zichovec), Prosecco, smoothies, homemade desserts, and light meals. The business targets a general mature audience seeking a calm and welcoming space for socializing or relaxation. The website is built on WordPress with modern plugins like Elementor and WooCommerce, featuring a professional design and good mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. WHOIS data is unavailable, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and security best practices.