Security Directory

3

366

366.fr

48

366 is a French advertising media agency specializing in local and regional media, offering services across print, digital, multiscreen, and magazines. The company positions itself as an expert in territorial advertising, reaching millions daily. The website is professionally designed, mobile-optimized, and uses modern technologies such as WordPress, jQuery, and performance tools like WP Rocket. Analytics are handled via Matomo, and privacy tools are partially integrated. Security posture is good with HTTPS enforced and lazy loading implemented, but lacks explicit security headers and visible privacy or cookie policies. WHOIS data is missing, which raises concerns about domain registration legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced transparency and security disclosures.

E

Eurométropole de Metz

metzletudiante.eu

56

Metz L'Étudiante is a French-language digital platform dedicated to providing students in Metz with comprehensive information about studying, working, living, and student life in the city. Supported by the Eurométropole de Metz and local government entities, it serves as an official resource hub for the student community. The website is built on WordPress with modern plugins for SEO, multilingual support, and privacy-compliant analytics via Matomo. It features a cookie consent mechanism that allows granular user control, aligning with GDPR requirements. The site is well-branded, professionally designed, and optimized for mobile devices, offering a good user experience with clear navigation and relevant content.

studierendenWERK BERLIN is a large, well-established public service organization dedicated to supporting students in Berlin's universities with a broad range of services including housing, cafeteria (Mensa), financial aid (BAföG), counseling, cultural programs, childcare, and international student support. The website reflects a professional and comprehensive digital presence with clear navigation and rich content tailored to its target audience of students. Technically, the site uses modern frameworks such as Bootstrap and jQuery, integrates privacy-conscious analytics (Matomo), and employs a consent management platform (Usercentrics) to comply with GDPR. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. WHOIS data is privacy protected but consistent with a legitimate entity. Overall, the site demonstrates a mature digital infrastructure and trustworthy business model.

S

SADO-LADIES.com

sado-ladies.com

9

SADO-LADIES.com is a specialized adult entertainment website focusing on classic femdom movie content. Established in 2007, it offers a subscription-based model with over 200 hours of downloadable clips and photo galleries, targeting an adult audience interested in BDSM and fetish themes. The site maintains a consistent brand presence and updates content regularly, positioning itself as a niche leader in its market segment. Technically, the site runs on Joomla CMS with a moderate performance profile and integrates multiple analytics platforms including Google Analytics, Matomo, and Microsoft Clarity. While HTTPS is enforced and the domain is well maintained, there are gaps in security best practices such as missing security headers and lack of DNSSEC. Privacy compliance is minimal, with a privacy policy present but no cookie consent mechanism or GDPR compliance indicators. No incident response or security policy information is published, which could be improved to enhance trust. Overall, the site is functional and professional but could benefit from enhanced security and privacy measures.

N

Numericatous

numericatous.fr

52

Numericatous is a French small business founded in 2019, specializing in education and training on Linux and free software with a strong ethical and sovereign digital focus. The website offers a comprehensive range of resources including tutorials, ebooks, and online courses aimed at individuals and professionals seeking autonomy in digital usage. The business positions itself as a niche player promoting digital sovereignty and ethical computing, supported by partnerships with local and ethical technology providers. Technically, the website is built on WordPress with WooCommerce for e-commerce, hosted by a French provider LRob, and uses Matomo for privacy-respecting analytics. The site is well-optimized for performance, mobile, and accessibility, with clear navigation and professional design. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though some security headers could be improved. Privacy compliance is strong with GDPR-aligned policies and cookie consent mechanisms. Overall, Numericatous presents a trustworthy, professional, and ethically aligned digital presence with a clear business model and solid technical foundation.

C

Collabora Ltd

collabora.com.br

10

Collabora Ltd is an established technology consulting company specializing in Open Source software development, particularly in Linux kernel, web engines, graphics, and multimedia. The company offers a comprehensive range of services including consulting, development, training, integration, optimization, and support. Their market position is strong, supported by over a decade of experience and active contributions to major Open Source projects such as Linux, GStreamer, Wayland, WebKit, and LibreOffice. The website targets businesses seeking expert Open Source solutions and emphasizes delivering tailored, efficient software stacks and complete solutions. Technically, the website employs a moderate technology stack including jQuery and Matomo analytics, hosted on AWS infrastructure. The site is accessible, professionally designed, and provides clear navigation and contact information via email. However, mobile optimization and accessibility are basic, and no CMS or advanced frameworks are detected. SEO is basic but sufficient for the content presented. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies or incident response information. There is no vulnerability disclosure or security.txt file. Privacy compliance is basic with privacy and cookie policies present but no consent mechanism. The use of Matomo analytics suggests some privacy awareness. Overall, the security posture is moderate but could be improved with additional headers, policies, and consent mechanisms. The overall risk assessment is low with no critical vulnerabilities or suspicious indicators detected. Strategic recommendations include enhancing security headers, implementing cookie consent, adding security and incident response policies, and improving mobile and accessibility features to strengthen trust and compliance.

C

Collabora Ltd

collabora.co.kr

9

Collabora Ltd operates a Korean language website focused on open source consulting services, specializing in Linux, multimedia, graphics, and web engines. The company positions itself as a leader in open source projects such as Linux, GStreamer, Wayland, and LibreOffice, offering a range of services including training, integration, optimization, and turnkey solutions. The website is professionally designed with clear navigation and relevant content targeting businesses and developers seeking open source expertise. Technically, the site uses legacy jQuery, Matomo analytics, and standard web technologies, with moderate performance and basic mobile optimization. Security posture is moderate with no visible security headers and no HTTPS status provided in the data, but no critical vulnerabilities detected. Privacy and cookie policies are present, though no explicit cookie consent mechanism is implemented. WHOIS data for the domain collabora.co.kr is missing or indicates the domain is unregistered in the Korean registry, which is inconsistent with the active website presence and reduces trustworthiness. Overall, the website is credible and professional but would benefit from updated security practices and clarification of domain registration status.

A

Atmo Normandie

atmonormandie.fr

55

Atmo Normandie is a regional environmental monitoring organization dedicated to providing air quality and pollen index data for the Normandy region in France. The website serves as a public information platform targeting residents and local authorities interested in environmental health indicators. The platform uses Drupal 9 CMS and integrates Matomo analytics, reflecting a modern and privacy-conscious technical infrastructure. The website is well-structured, mobile-optimized, and provides detailed environmental data visualization for numerous communes within the region. Security posture is moderate with HTTPS implied, but lacks explicit security headers and formal privacy or cookie policies. No WHOIS data is available, likely due to privacy protection, which is common for such public service domains. Overall, the website is professional, trustworthy, and safe for general audiences.

A

Atmo Hauts-de-France

atmo-hdf.fr

53

Atmo Hauts-de-France operates as a regional air quality observatory dedicated to monitoring atmospheric pollution and raising awareness among local authorities, businesses, and citizens in the Hauts-de-France region of France. The organization provides data, maps, and health advice related to air quality, positioning itself as a key environmental public service entity in the region. The website is professionally designed using Drupal 9 CMS and integrates modern analytics tools such as Matomo and Microsoft Clarity, indicating a moderate level of digital maturity and user engagement tracking. Security posture is adequate with HTTPS implied, but lacks explicit security headers and detailed privacy or cookie policies, which are areas for improvement. Overall, the domain appears legitimate and active, though WHOIS data is privacy-protected and unavailable. The site content is safe, relevant, and targeted at a general audience interested in environmental health.

A

AtmoSud

atmosud.org

64

AtmoSud operates as the regional observatory for air quality in the Provence-Alpes-Côte d'Azur region of France, providing comprehensive monitoring, public alerts, research, and educational services. The organization targets a broad audience including citizens, associations, local governments, enterprises, and research institutions. The website reflects a professional and well-structured digital presence, leveraging Drupal 9 CMS and integrating modern analytics and cookie management tools. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security policies and vulnerability disclosures. The WHOIS data is unavailable or malformed, which slightly impacts trust but the active and consistent website content supports legitimacy. Overall, AtmoSud presents a credible and authoritative resource in the environmental monitoring sector.

A

Atmo Auvergne-Rhône-Alpes

atmo-aura.fr

58

Atmo Auvergne-Rhône-Alpes operates as a regional air quality observatory serving the Auvergne-Rhône-Alpes region in France. The organization provides comprehensive air pollution monitoring, forecasting, and public information services, positioning itself as a trusted regional authority in environmental data. Their offerings include real-time pollution indices, expert data services for businesses and authorities, and public engagement platforms such as Air Attitude and Air to Go. The website reflects a mature digital presence with modern technologies including Drupal 9 CMS, interactive mapping with Leaflet and Mapbox GL, and privacy-conscious analytics via Matomo. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, demonstrating compliance with GDPR and privacy best practices. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit HTTP security headers and incident response information suggests areas for improvement. The WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the strong official branding and partner affiliations mitigate this concern. Overall, the website is professionally designed, accessible, and provides valuable environmental data to its target audience of citizens, public authorities, and businesses. The security posture is solid though could be enhanced with additional headers and documented policies. Strategic recommendations include improving security headers, publishing incident response contacts, and maintaining regular audits of third-party scripts to sustain trust and compliance.

The website represents the official digital presence of the Brussels-Capital Region government, focusing on political strategies and priorities to promote sustainable and harmonious regional development. It serves residents and stakeholders by providing comprehensive information on government plans, including digital transformation and housing emergency initiatives. The site is well-branded, accessible, and professionally maintained, reflecting a mature digital infrastructure. Technically, the site leverages modern frameworks such as React and Next.js, with integrated analytics via Matomo and security features like Google reCAPTCHA. The performance and mobile optimization are good, and accessibility is certified by AnySurfer, indicating a strong commitment to inclusivity. From a security perspective, the site enforces HTTPS, employs standard security headers, and uses consent mechanisms for cookies, aligning with GDPR requirements. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the website is trustworthy, professional, and compliant with privacy standards, with no indications of vulnerabilities or suspicious activity. Strategic recommendations include publishing dedicated security and incident response policies and enhancing transparency around vulnerability disclosures.

L

Librairie Ombres Blanches

ombres-blanches.fr

61

Librairie Ombres Blanches is a regional bookstore based in Toulouse, France, offering a large inventory of books both in stock and available for order. The website serves as an online presence to support retail sales, provide reading advice, and promote events such as meetings and podcasts. The business targets general book readers in the Midi-Pyrénées region and operates primarily as a small retail entity with an online ordering capability. Technically, the website employs modern frontend frameworks such as Vue.js and Vuetify, along with analytics tools like Matomo and Pingdom for performance monitoring. The site is moderately optimized for mobile devices and SEO, with a good user experience and professional design. However, the absence of WHOIS data and registrant information raises concerns about domain legitimacy and transparency. Security posture is moderate, with no detected security headers and unknown SSL configuration. Privacy compliance is weak due to missing privacy and cookie policies and lack of GDPR indicators. Overall, the website is functional and professional but would benefit from improved transparency, security hardening, and privacy compliance to enhance trust and reduce risk.

D

DFK Paris – Deutsches Forum für Kunstgeschichte Paris

dfk-paris.org

56

DFK Paris – Deutsches Forum für Kunstgeschichte Paris is an academic research institute affiliated with the Max Weber Stiftung, focusing on art history with a strong emphasis on German-French cultural exchange. The website provides comprehensive information about their research projects, publications, library services, funding opportunities, and events, targeting scholars, students, and cultural professionals. The institution positions itself as a specialized, small-sized educational and non-profit entity with a clear mission in the arts and humanities sector. Technically, the website is built on Drupal 10, employing modern web standards and technologies such as Matomo for analytics and Plyr for media. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a moderate performance profile. Security-wise, HTTPS is enforced, and cookie consent mechanisms are in place, but there is room for improvement in publishing formal security policies and incident response contacts. The security posture is solid with no visible vulnerabilities or exposed sensitive data, but the absence of WHOIS data limits domain trust verification. The website is free from adult or questionable content, maintaining a professional and trustworthy online presence. Overall, the site reflects a mature digital infrastructure suitable for an academic institution, though enhancing transparency around security and incident response would strengthen trust further.

A

Ag Art cz s.r.o.

webmeeting.cz

54

WebMeeting, operated by Ag Art cz s.r.o., is a Czech-based online communication platform offering solutions for meetings, webinars, training, and conferences. It targets both business and private users within the Czech Republic, providing a localized and installation-free environment. The platform offers two main products: WebMeeting kavárna for quick, small meetings, and WebMeeting PRO for larger, professional online events. The company maintains a professional web presence with detailed contact information, client references, and social media engagement. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates analytics and marketing tools such as Matomo and Facebook Pixel. Security practices include HTTPS, reCAPTCHA, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly available. WHOIS data is unavailable, which slightly impacts trust but is mitigated by the transparent business information and active customer support channels.

L

Les Licoornes

licoornes.coop

49

Les Licoornes is a French cooperative network focused on radically transforming the economy through an entirely cooperative model. The organization collaborates with multiple cooperative partners across sectors such as renewable energy, telecommunications, shared mobility, ethical banking, and ethical commerce. Their platform aims to empower citizens to choose cooperative economic alternatives and build systemic change. The website is professionally designed, mobile-optimized, and eco-conceived, reflecting their ecological and social mission. Technically, the site runs on WordPress with privacy-conscious Matomo analytics and uses modern web standards. Security posture is good with HTTPS and domain transfer protections, though DNSSEC and explicit security headers are absent. Privacy compliance is strong with a comprehensive privacy policy but lacks a cookie consent mechanism. Contact is primarily via a web form, with no direct emails or phone numbers published. Overall, the site is trustworthy, transparent, and aligned with its cooperative mission.

M

Maison de L'Environnement

maison-environnement.fr

45

Maison de L'Environnement is a well-established non-profit association founded in 1994, focused on promoting ecological transition within the Lyon metropolitan area. The organization coordinates about fifty partner associations and offers services including event organization, a mediathèque, training, and cooperative projects. The website reflects a professional and consistent brand image, targeting both citizens and professionals interested in environmental issues. Technically, the site is built on WordPress, uses modern web technologies, and is optimized for performance and mobile devices. Privacy-conscious analytics via Matomo is implemented, though cookie consent mechanisms are absent. Security posture is good with HTTPS enforced, but lacks some security headers and explicit incident response policies. Overall, the website is trustworthy, accessible, and aligns well with the organization's mission and domain registration data.

Hilscher Gesellschaft für Systemautomation mbH is a well-established German company specializing in industrial communication solutions. Their offerings span from communication controllers and embedded modules to cloud-based industrial IoT platforms, positioning them as a market leader with over 35 years of experience. The website reflects a professional B2B technology provider targeting industrial automation professionals, machine builders, and system integrators. Technically, the site is built on TYPO3 CMS, uses modern JavaScript libraries like jQuery, and integrates privacy-conscious analytics tools such as Matomo and etracker. The presence of a comprehensive cookie consent mechanism and multi-language support indicates a mature digital presence. Security-wise, the site enforces HTTPS and uses cookie consent but lacks explicit security headers and a published security policy or incident response contacts. The WHOIS data is missing, which is unusual and slightly reduces trustworthiness, but the website content and business information appear legitimate and professional overall.

N

Nippon Sigmax Co, Ltd.

zamst.cz

55

Zamst.cz is an e-commerce website specializing in orthopedic supports and bandages for athletes, operated by RaketSport s.r.o. The brand Zamst is owned by Nippon Sigmax Co, Ltd., a company with a long history in orthopedic medical devices since 1993. The website targets sports enthusiasts and customers seeking high-quality orthopedic products, offering a range of braces for various body parts and sports. The site includes product catalogs, a blog with rehabilitation tips, and customer support contact information. Technically, the site is built on the Czech e-commerce platform Eshop-rychle.cz, uses Matomo for analytics, and integrates Elfsight widgets for enhanced user engagement. The website is well-structured, mobile-optimized, and provides cookie consent mechanisms aligned with GDPR requirements. Security posture is good with HTTPS enforced and secure forms, though it lacks some advanced security headers and explicit security policies. WHOIS data is unavailable, which limits domain trust verification, but the overall business presentation is professional and credible.

R

RaketSport s.r.o.

orthomovement.cz

59

Orthomovement.cz is a Czech Republic-based e-commerce retailer specializing in orthopedic and sport insoles designed for various activities such as running, football, golf, and outdoor sports. The company operates as an exclusive importer for the Czech and Slovak markets, offering a range of products including shoe care and rehabilitation accessories. Their website is built on the Eshop-rychle.cz platform, integrating modern web technologies and analytics tools like Matomo and Google Tag Manager, reflecting a moderate to good level of digital maturity. The site features clear navigation, product categorization, and a blog providing health and product advice, enhancing customer engagement. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of security headers and a dedicated security policy page suggests room for improvement. The WHOIS data is unavailable, likely due to privacy protection, which slightly impacts trust but is justified for this business type. Overall, the website presents a professional and trustworthy front with good compliance to privacy regulations.

The website deslivresencommuns.org serves as a digital archive and publishing platform for the non-profit association Framasoft, focusing on open access books under the project "Des Livres en Communs". It provides access to previous publications under the "Framabook" label and aims to progressively release new editions. The site targets French-speaking audiences interested in libre culture and digital commons. Technically, the site is built using the Hugo static site generator, styled with Bootstrap and Fork Awesome, and hosted by OVH sas. It employs Matomo analytics for user tracking, favoring privacy over commercial trackers. The site is mobile-optimized and well-structured, though accessibility features are basic. Security posture is moderate with HTTPS enforced and domain protections in place, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the site is trustworthy and professional but could improve in privacy transparency and security hardening.

E

ECAL/Ecole cantonale d’art de Lausanne

ecal-typefaces.ch

55

ECAL Typefaces is a digital platform operated by the Ecole cantonale d’art de Lausanne (ECAL), showcasing typefaces created by students and alumni. The website serves as a resource for designers and educators, offering previews, licensing information, and stories related to typography. The platform leverages WordPress with WooCommerce for e-commerce functionality, supported by SEO and performance optimization plugins. The site is well-structured, mobile-optimized, and uses HTTPS with a cookie consent mechanism, reflecting a mature digital presence. Security measures include Google reCAPTCHA and Matomo analytics, though some improvements in security headers and plugin dependencies are recommended. Overall, the website is trustworthy, professionally maintained, and aligned with the educational mission of ECAL.

W

webDOMU s.r.o.

webdomu.cz

55

webDOMU.cz is a Czech Republic based SaaS platform specializing in providing web solutions for housing cooperatives (bytová družstva) and homeowners associations (SVJ). Founded in 2014, the company offers a comprehensive portal that enables easy creation and management of websites tailored to the needs of these communities. Their services include online voting, document sharing, automated notifications via email and SMS, and additional financial and insurance services. The platform targets a niche market with a strong local presence and a loyal customer base of over 20,000 users. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, integrates multiple analytics tools including Google Analytics and Matomo, and uses HTTPS to secure data transmission. However, the backend CMS appears custom-built with no explicit mention of security frameworks or certifications. Security posture is solid with encrypted data transmission and secure login forms, but lacks published security policies or incident response contacts. Privacy compliance is basic with cookie consent mechanisms and terms of service available, but no dedicated privacy policy or GDPR compliance statements were found. Overall, the website is professional, trustworthy, and well-positioned in its market segment, though improvements in security transparency and accessibility could enhance its maturity.

The website www.pau.fr serves as the official digital portal for Pau Agglomération, a French municipal government entity. It provides comprehensive information and services related to daily life, urban planning, culture, social services, and community engagement for residents and visitors. The site is built on Drupal 10 and integrates Matomo analytics for privacy-conscious user tracking. The design is professional, mobile-optimized, and accessible, reflecting a mature digital presence for a government organization. Security posture is good with HTTPS and some security best practices observed, though explicit security policies and incident response information are not publicly visible. The absence of WHOIS data is a notable anomaly that warrants further verification but does not detract from the site's apparent legitimacy based on content and branding.

Z

ZOL

zol.fr

49

ZOL is a French digital agency specializing in custom web and mobile solutions, agile project management, consulting, UX/UI design, and data-driven digital transformation. Established since 2005 with a domain registered in 2008, the agency serves a diverse clientele including startups, SMEs, large groups, and communication agencies. Their market position is solid, supported by a portfolio of notable clients and a strong emphasis on bespoke digital craftsmanship. Technically, the website employs modern technologies such as PHP, Symfony, React, Docker, and integrates analytics tools like Google Tag Manager and Matomo. Hosting is provided by OVH, a reputable provider. The site is well-optimized for mobile and SEO, with a professional design and clear navigation, reflecting a mature digital infrastructure. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data confirms domain legitimacy and consistency with the business claims. Overall, the website presents a professional and trustworthy digital presence with room for improvement in privacy policy publication and security best practices. Strategic enhancements in these areas would strengthen compliance and security posture.

N

National eTwinning Support Service Spain

etwinning.es

63

The website represents the National eTwinning Support Service Spain, an official educational platform under the Erasmus+ program of the European Union. It facilitates collaboration among teachers and students across Europe through project-based learning and resource sharing. The platform is positioned as a trusted national service with a clear educational mission and a medium-sized operational scale. Technically, the site is built on WordPress with Elementor and JetEngine plugins, employing modern web technologies and privacy-conscious analytics via Matomo. The site enforces HTTPS and includes accessibility features, contributing to a good user experience. However, explicit privacy and cookie policies are not found, and contact information is not prominently displayed, which slightly impacts privacy compliance and user trust. Security posture is good but could be improved by adding security headers and formal incident response documentation. Overall, the domain registration and WHOIS data align well with the business purpose, indicating legitimacy and trustworthiness.

A

Air Attitude

airattitude.fr

54

Air Attitude is a French environmental platform founded in 2020 that encourages citizens and organizations to participate in actions aimed at improving air quality, combating climate change, and reducing energy consumption. The website serves as a community engagement tool, showcasing contributors and mapping their impact. Technically, the site is built on WordPress with Elementor and uses modern technologies including Google Maps API, Mapbox, and Matomo analytics, hosted on OVH with Cloudflare DNS. Security posture is solid with HTTPS enabled and privacy-respecting analytics, though it lacks explicit privacy and cookie policies and contact information. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and clearer contact channels.

A

Atmo France

atmo-france.org

62

Atmo France operates as the national federation coordinating regional associations responsible for monitoring air quality across France and its overseas territories. The organization provides comprehensive data, alerts, and educational resources to the general public, local authorities, businesses, and educational institutions. Their market position is that of an authoritative, government-aligned non-profit entity focused on environmental health and air quality surveillance. Technically, the website is built on Drupal 9, leveraging modern web technologies such as Bootstrap, Google Fonts, and FontAwesome for styling and responsiveness. Analytics are handled via Matomo, indicating a preference for privacy-conscious tracking. The site is mobile-optimized and accessible, with clear navigation and interactive features such as maps and indices for air quality and pollen. From a security perspective, the site uses HTTPS and includes some anti-bot measures, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is basic, with no visible privacy or cookie policies, which is an area for improvement. Overall, the website presents a trustworthy and professional front for a public-interest environmental organization. The lack of WHOIS data due to privacy protection is typical for such entities and does not detract from legitimacy. Strategic recommendations include enhancing privacy disclosures, implementing security headers, and publishing clear contact and incident response information to strengthen trust and compliance.

N

Netdev

netdev.fr

46

Netdev is a small digital agency based in Annecy, France, specializing in web creation, digital marketing solutions, and media services such as photo, video, and drone shoots. The company targets businesses seeking to enhance their online presence through expert digital solutions. The website is professionally designed using WordPress and Elementor, with good SEO and mobile optimization. The technical infrastructure includes modern analytics and marketing tools like Matomo, Google Tag Manager, and Microsoft Clarity, indicating a mature digital setup. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. Overall, the website presents a trustworthy and professional business presence with moderate risk due to lack of WHOIS transparency and some missing security documentation.

L

Loopi

loopi-velo.fr

60

Loopi is a French company specializing in sustainable and innovative tourism solutions. Their website positions them as a partner for accelerating the transition to sustainable tourism by offering unique circuits and enhancing user experience. The company targets tourism professionals and eco-conscious travelers, emphasizing heritage valorization and environmental responsibility. Technically, the website is built on WordPress using the Divi theme, with integrations such as Yoast SEO, Contact Form 7, Matomo analytics, and Google reCAPTCHA, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS and anti-bot measures, but lacks explicit security headers and formal privacy or cookie policies. The absence of public WHOIS data suggests privacy protection, which is common for small businesses but slightly reduces trust. Overall, the website is professional and functional but would benefit from enhanced privacy compliance and security transparency.

C

Collabora Limited

collabora.com

69

Collabora Limited is a well-established open source software consulting company specializing in Linux Kernel, multimedia, graphics, and web engines. The company positions itself as a leader in open source development services, targeting businesses and organizations requiring expert guidance and development in open source technologies. Their website reflects a professional and consistent brand image with comprehensive content about their services and expertise. Technically, the website uses a modern but somewhat dated JavaScript stack including jQuery and BXSlider, with Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and well-structured, providing a good user experience. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks explicit security headers and incident response information. The WHOIS data is unavailable, which raises some concerns about domain registration transparency, but the overall site professionalism and content quality support legitimacy. Privacy compliance is good with a clear privacy policy and cookie policy, though no active cookie consent mechanism is present.

PANA is a French non-profit organization operating a national digital support network for associations, providing digital accompaniment, training, and individual support. The website is built on WordPress using Themify Ultra theme and integrates Google Maps API for location-based services. The technical infrastructure is modern and includes Bootstrap and jQuery, hosted by OVH sas. Security posture is adequate with HTTPS and domain protections but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. The website is professional, well-branded, and trustworthy with multiple contact points and structured data. Overall, the site serves its target audience effectively but should improve privacy and security disclosures.

I

IO-Link Community

io-link.com

62

IO-Link Community operates a professional and comprehensive website dedicated to the globally standardized IO-Link technology for industrial automation. The site serves as a central hub for information, training, events, and community engagement focused on sensors, actuators, and communication standards. The business is well-established with a domain age since 2005 and is supported by a reputable registrar. The website is built on TYPO3 CMS with modern front-end technologies and includes GDPR-compliant privacy and cookie policies. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements can be made by enabling DNSSEC and publishing explicit security policies. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

M

Masarykova univerzita

muniss.cz

63

The website muniss.cz represents the Meziuniverzitní studentská soutěž (MUNISS), an inter-university student competition organized by Masaryk University and supported by the statutory city of Brno. It targets students from Masaryk University, Brno University of Technology, and Mendel University to collaborate on innovative projects aimed at city development. The site is professionally designed, mobile-optimized, and uses modern web technologies including Matomo analytics and a cookie consent mechanism. The domain is well-established since 2010 and aligns with the educational and civic mission presented. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers and explicit privacy policies are missing. Overall, the site is trustworthy and serves its educational purpose effectively.

V

Visit Svalbard

visitsvalbard.com

59

Visit Svalbard operates as the official tourism portal for the Svalbard archipelago, providing comprehensive information and booking services for activities, accommodations, and events. The website targets tourists seeking authentic Arctic experiences and positions itself as a leading resource for travel planning in the region. Technically, the site employs a mature technology stack including jQuery, Google Tag Manager, and Cookiebot for consent management, running on the NewMind CMS platform. The site is well-optimized for SEO, accessibility, and mobile devices, with good performance and modern security practices such as HTTPS and security headers. However, the absence of WHOIS registration data raises concerns about domain transparency, although the website content and branding strongly indicate legitimacy. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates a strong digital presence and marketing maturity but would benefit from improved domain registration transparency and clearer contact information.

E

ergo.cz

ergo.cz

50

Ergo.cz is a Czech online magazine focused on lifestyle, health, productivity, technology, and related topics. The website offers a variety of articles targeting a general Czech-speaking audience interested in ergonomic living, work efficiency, and health trends. The business model centers on content publishing supported by advertising revenue, primarily through Google Adsense. The site is relatively new, with domain registration in late 2024, and presents itself as a niche media outlet with consistent branding and good content quality. Technically, the website employs standard web technologies including JavaScript, CSS, and uses Matomo for analytics alongside Google Adsense for monetization. Hosting is provided by vas-hosting.com, and the site is served over HTTPS with a moderate performance profile. Mobile optimization and SEO practices are good, though accessibility features are basic. No CMS is explicitly detected. From a security perspective, the site benefits from HTTPS but lacks important security headers such as Content-Security-Policy and X-Frame-Options. There is no visible cookie consent mechanism despite the use of tracking and advertising scripts, which may pose GDPR compliance risks. No incident response or security policy information is published, and no vulnerability disclosure or security.txt files are found. Overall, the security posture is moderate but could be improved. The website content is safe for general audiences with no adult or explicit material detected. Contact information is limited to a contact form with no direct emails or phone numbers publicly listed. WHOIS data is consistent and legitimate, showing recent registration aligned with the website's launch. No suspicious domains or patterns are detected. Strategic recommendations include implementing a cookie consent banner, adding security headers, publishing security and incident response policies, and enhancing GDPR compliance measures to improve trust and legal standing.

O

Odiens

odiens.com

61

Odiens is a French webmarketing and media agency with offices in Nantes, Paris, and Lille. The company offers a comprehensive range of digital marketing services including SEO, SEA, social media management, media planning, programmatic advertising, web analytics, and AI-driven automation solutions. Positioned as a hybrid agency combining digital and traditional media expertise, Odiens targets businesses seeking to enhance their online visibility and conversion performance. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site is built on WordPress with modern plugins and performance optimizations, including Gravity Forms for data collection and Matomo for analytics. Security measures include HTTPS, Google reCAPTCHA on forms, and GDPR-compliant consent mechanisms. However, some security headers are missing, and WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust. Overall, the site demonstrates a strong security posture and compliance with privacy regulations, supporting its credibility as a professional agency.

Boula IPK s.r.o. is a Czech engineering and project office specializing in the preparation of project documentation for transport constructions, engineering networks, and urban planning solutions. The company also provides technical supervision and construction realization services, positioning itself as a regional service provider in Plzeň. The website reflects a professional business with clear service offerings and contact information, targeting clients in the transportation and construction sectors. Technically, the website uses a moderately modern stack including jQuery, jQuery UI, and Matomo analytics with cookie consent mechanisms, indicating a reasonable level of digital maturity and privacy awareness. The site is mobile responsive and well-structured, though some accessibility features could be improved. The CMS used is IPO by ANTEE s.r.o., a Czech content management system. From a security perspective, the site lacks visible security headers and publicly available security policies or incident response contacts. The SSL configuration could not be verified from the data provided. The use of Matomo with disabled cookies is a positive privacy practice. The absence of WHOIS data reduces transparency and trustworthiness, which is a concern for domain legitimacy. Overall, the website is functional, professional, and safe for general audiences. However, improvements in transparency, security headers, and privacy documentation are recommended to enhance trust and compliance.

A

Ag Art cz s.r.o.

ipcc.cz

61

Ag Art cz s.r.o. is a Czech-based digital agency specializing in creating custom websites, e-commerce platforms, and tailored online marketing strategies. Established in 2013, the company serves businesses seeking to enhance their online presence with professional web solutions and ongoing maintenance services. Their market position is supported by a portfolio of diverse clients and a consistent brand image. Technically, the website is built on WordPress with modern plugins and tools, including GDPR compliance mechanisms and analytics integrations. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though some security headers could be improved. Overall, the site reflects a mature digital infrastructure with good user experience and compliance standards.

F

Fédération FDN

ffdn.org

61

Fédération FDN is a French non-profit federation of associative Internet Service Providers (ISPs) focused on promoting net neutrality, freedom of expression, and supporting its members with tools and advocacy. The website is primarily in French and serves as an information hub with articles, press reviews, and event listings. Technically, the site runs on Drupal 7 with jQuery and uses Matomo for analytics, respecting Do Not Track settings. The site is mobile-optimized and well-structured but lacks some modern security headers and policies. Security posture is good with HTTPS and domain transfer protections, but DNSSEC is not enabled. No privacy or cookie policies were found, which is a compliance gap. Overall, the site is trustworthy, professional, and serves a niche community of non-profit ISPs in France.

M

Mountain Riders

mountain-riders.org

50

Mountain Riders is a French non-profit association founded in 2001, dedicated to ecological transition and sustainable development in mountain regions. The organization focuses on education, awareness campaigns, waste reduction initiatives, and professional training related to environmental protection. Their website reflects a well-established presence with clear branding, partner endorsements, and active community engagement through events and newsletters. Technically, the site is built on WordPress with a modern, responsive design and uses Matomo for privacy-conscious analytics. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers and explicit policies could be improved. Privacy compliance is partial, lacking cookie consent mechanisms. Overall, the site is trustworthy and professional, though WHOIS data is unavailable, slightly impacting domain trust.

P

PROFIBUS Nutzerorganisation e.V.

profinet.com

62

PROFINET.com is the official website for PROFINET, the leading Industrial Ethernet protocol used globally in industrial automation systems. The site is operated by PROFIBUS Nutzerorganisation e.V., a recognized standards organization based in Germany. The website serves as a comprehensive resource offering protocol information, certification details, training events, and a vibrant community forum to support industrial automation professionals and technology providers. The site is well-branded, professionally designed, and optimized for multiple languages and devices, reflecting a mature digital presence. Technically, the website is built on TYPO3 CMS, leveraging modern JavaScript libraries such as Swiper.js for interactive content and Matomo for privacy-conscious analytics. The site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR, demonstrating a strong commitment to user privacy and security best practices. However, explicit security policies, incident response contacts, and vulnerability disclosure information are not publicly available, representing areas for improvement. Security posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain is unusual and warrants further verification to confirm domain registration legitimacy. Despite this, the website's content quality, trust signals, and external partnerships strongly support its authenticity and reliability. Overall, PROFINET.com is a high-quality, authoritative resource for industrial Ethernet technology, with recommendations to enhance transparency around security policies and contact information to further strengthen trust and compliance.

Sdružení obcí povodí Stonávky is a local government association representing a microregion in the Czech Republic. The organization focuses on community coordination, project support, and providing information to residents and tourists. The website reflects a small, regionally focused non-profit entity with clear contact information and links to partner organizations. Technically, the site uses a mix of jQuery, jQuery UI, Owl Carousel, and Matomo analytics, running on the IPO CMS platform. It is mobile responsive and implements basic SEO and accessibility features. Security posture is moderate with HTTPS enforced and use of Google reCAPTCHA, but lacks advanced security headers and a published privacy policy. The absence of WHOIS data reduces domain trust, but the website content and contact details appear legitimate and professional. Overall, the site is functional and trustworthy for its intended audience but could improve in compliance and security transparency.

Základní škola a mateřská škola Morávka is a small, local educational institution in the Czech Republic with a long tradition dating back to 1761. The school provides primary and preschool education, supported by its own cafeteria and after-school care programs. The website serves as an official information portal for students, parents, and the local community, featuring news, school projects, and contact details. Technically, the site uses a custom CMS by Antee s.r.o., jQuery libraries, Owl Carousel for slideshows, Google reCAPTCHA for form security, and Matomo for analytics, indicating a moderate level of digital maturity.

O

ONF Vegetis

onf-vegetis.fr

52

ONF Vegetis is a French company specializing in sustainable management and maintenance of natural spaces, vegetation control, and wooden furniture for natural and urban environments. The company targets professionals seeking expert services in arboriculture, vegetation management, and infrastructure maintenance. The website reflects a mature digital presence with modern technologies such as Vue.js, jQuery, and GSAP, and integrates analytics tools like Matomo and Google Analytics via Google Tag Manager. Privacy and cookie policies are well implemented with a consent mechanism, demonstrating GDPR compliance. However, the site lacks a dedicated security policy and incident response information, which are recommended for enhanced trust and compliance. Overall, the website is professional, secure with HTTPS, and provides clear navigation and relevant content for its audience.

O

ONF-Agir pour la forêt

onf-agirpourlaforet.fr

54

ONF-Agir pour la forêt is a French non-profit organization dedicated to raising funds to support projects of general interest in public forests managed by the Office National des Forêts (ONF) and its partners. The website presents a professional and well-structured platform aimed at individuals and enterprises interested in sustainable forest management and biodiversity preservation. The organization positions itself as a key player in environmental conservation within France, leveraging public engagement and corporate sponsorships to finance its initiatives. Technically, the website employs a modern technology stack including Vue.js, jQuery, GSAP, and integrates analytics tools such as Matomo and Google Tag Manager. It uses a proprietary or custom CMS platform and implements cookie consent mechanisms compliant with GDPR. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. From a security perspective, the site enforces HTTPS and uses cookie consent tools, but lacks explicit security policies or incident response information. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistency with the organization's profile. Overall, the website is trustworthy, professionally maintained, and compliant with privacy regulations, making it a reliable source for donors and partners interested in forest conservation efforts in France.

I

International Fiscal Association, Česká republika

ifa-cr.cz

55

International Fiscal Association, Česká republika is a non-profit organization serving as the Czech branch of the international IFA. It focuses on tax law education, research, and networking among tax professionals, academics, and government officials. The website provides information about membership, statutes, upcoming events, and contact details. Technically, the site is built on JavaServer Faces with PrimeFaces and uses Matomo for privacy-respecting analytics. Security posture is adequate with HTTPS and session management, but lacks explicit security headers and published privacy or security policies. Overall, the site is professional and trustworthy, serving a niche audience in the tax and fiscal law domain.

R

RATP Dev Australia

ratpdevaustralia.com.au

66

RATP Dev Australia is a regional branch of the global RATP Dev group, specializing in the operation and maintenance of urban and intercity transportation systems. The company leverages the extensive experience of its parent, RATP Group, a major public transport operator with over a century of history. The website presents a professional image with detailed references to global operations, emphasizing expertise in automated metro systems and various transit modes. Technically, the site is built on Drupal 10 and integrates modern analytics tools with privacy-conscious configurations. Security posture is generally good with HTTPS and cookie consent implemented, though there is room for improvement in security headers and transparency of policies. WHOIS data is incomplete, which slightly impacts trust but does not detract from the overall legitimacy indicated by the website content and branding.

R

RATP Dev

ratpdev.it

53

RATP Dev Italy is a subsidiary of the global RATP Dev group, specializing in operating and maintaining urban and intercity transportation systems across multiple continents. The company offers a wide range of transportation services including bus, tramway, rail, metro, sightseeing, mobility on demand, paratransit, and cable car operations. The website reflects a mature enterprise with a consistent brand and professional content targeting transportation authorities and the general public. Technically, the site is built on Drupal 10 with integration of Google Analytics, Matomo, and Google Maps API, indicating a modern digital infrastructure with moderate performance and good mobile optimization. Security posture is moderate with some privacy-conscious configurations in analytics but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism but no visible privacy policy or terms of service. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

R

RATP Dev

ratpdevusa.com

64

RATP Dev USA operates as a regional branch of the global RATP Dev group, providing urban and intercity transportation services across multiple continents. The company offers a wide range of transit solutions including bus, tramway, paratransit, metro, rail, cable cars, and sightseeing services. Their market position is strong as one of the largest multi-modal urban public transit operators with over 120 subsidiaries in 17 countries. The website reflects a professional and consistent brand image targeting transit agencies and passengers. Technically, the website is built on Drupal 10 CMS and leverages modern web technologies including Google Analytics, Matomo for analytics, and Google Maps API for geolocation features. The site is moderately performant, mobile-optimized, and has good SEO and accessibility basics. However, some security best practices such as security headers are missing, and no explicit security or incident response policies are published. Security posture is adequate with HTTPS enabled and privacy-conscious analytics configurations, but the lack of WHOIS data and absence of privacy policy and contact information reduce trust. No signs of malware or phishing were detected. Overall, the site is safe and business-focused but would benefit from improved transparency and security disclosures. The risk assessment indicates moderate risk primarily due to missing WHOIS data and incomplete privacy and security disclosures. Strategic recommendations include publishing privacy and security policies, adding security headers, providing clear contact information, and establishing a vulnerability disclosure process.