Security Directory

N

Neher Systeme GmbH & Co. KG

neher.de

60

Neher Systeme GmbH & Co. KG operates a professional website focused on high-quality insect protection products including custom-fit fly screens for windows, doors, and light shafts. The company positions itself as a market leader in Germany with patented technology and a strong dealer network. The website is built on WordPress with modern plugins and frameworks, showing good technical maturity and SEO optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or privacy issues were detected. Overall, the site reflects a trustworthy and professional business with clear customer engagement channels.

ALARIS Czech Republic s.r.o. is a Czech company specializing in manufacturing and retailing high-quality shading systems including bioclimatic pergolas, screen roller blinds, aluminum sunshades, and carports. The company positions itself as a modern, design-focused brand serving residential and commercial customers seeking aesthetic and functional outdoor shading solutions. The website content is well-structured, professionally designed, and provides detailed product information and company background. Technically, the website uses modern web technologies including JavaScript, CSS, and a chatbot widget, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of security headers and explicit incident response information suggests room for improvement. The lack of WHOIS data for the domain is a notable concern, reducing trust in domain legitimacy despite the professional appearance and business information presented. Overall, the website is safe, compliant with GDPR, and trustworthy for general users.

W

Wellness resort Jánošíkov dvor

janosikovdvor.sk

56

Wellness resort Jánošíkov dvor is a hospitality business located in Slovakia, offering accommodation in traditional wooden cottages, wellness services, and a restaurant with traditional Slovak cuisine. The website positions the resort as a regional wellness destination in the Malá Fatra National Park, targeting families, couples, and corporate clients for events and teambuilding. The business is part of the Absolutum Group, indicating a structured corporate backing. Technically, the website uses modern web technologies including JavaScript libraries, lazy loading, and Google reCAPTCHA for form security. It is mobile optimized and provides multilingual support. Security posture is good with HTTPS and consent mechanisms, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

D

David Houška

lodartemis.cz

54

Artemis Boat Club, represented by David Houška, is a small-scale service provider based in Prague, Czech Republic, specializing in boat trips, excursions, and networking events. The website is professionally designed using the Wix platform and targets a general audience interested in leisure and networking activities on boats. The business operates locally within the transportation sector, focusing on experiential services rather than product sales. Technically, the website leverages Wix's infrastructure with modern web technologies, ensuring moderate performance and good mobile optimization. However, the site lacks advanced SEO and accessibility features. Security-wise, the site uses HTTPS but lacks important security headers and privacy compliance mechanisms such as cookie consent and privacy policies. The absence of WHOIS data reduces domain trustworthiness, though the visible content and structured data suggest a legitimate business presence. Overall, the website is functional and professional but requires improvements in privacy, security, and transparency to enhance trust and compliance.

M

Městský úřad Votice

mesto-votice.cz

45

The website www.mesto-votice.cz serves as the official online portal for the town of Votice, Czech Republic. It provides residents and visitors with municipal information, news, public services, event calendars, and contact details. The site is clearly targeted at local citizens and stakeholders interested in town governance and community activities. The business model is that of a government municipal service portal, focusing on transparency and public communication. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google services like Maps and Translate to enhance user experience and accessibility. The site demonstrates good mobile optimization and accessibility features, with a clear navigation structure and consistent branding. From a security perspective, the site uses HTTPS, which is a fundamental security measure. However, it lacks visible security headers and a cookie consent mechanism, which are important for GDPR compliance and enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data is a concern for domain legitimacy but does not directly impact the website's operational security. Overall, the website is a well-maintained municipal portal with good content quality and user experience. Strategic improvements in security headers, privacy compliance mechanisms, and domain registration transparency would enhance trust and security posture significantly.

M

Město Benešov

benesov-city.cz

50

The website benesov-city.cz serves as the official digital portal for the city of Benešov, Czech Republic. It provides residents and visitors with comprehensive municipal information, including news, events, public services, and administrative contacts. The site is well-positioned as a government entity portal, offering key services such as online citizen services, event calendars, and official announcements. The target audience primarily consists of local citizens and visitors seeking city-related information and services. From a technical perspective, the website employs a traditional web stack with HTML5, CSS, and JavaScript, leveraging the Vismo CMS platform. It integrates modern tools such as Google Analytics for visitor tracking and Google reCAPTCHA for form security. The site is hosted under a Czech registrar with a domain age dating back to 1998, indicating a mature and stable online presence. Mobile optimization and accessibility features are well implemented, contributing to a positive user experience. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms. Cookie consent mechanisms comply with GDPR requirements, enhancing privacy compliance. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not detected, representing an area for improvement. No vulnerabilities or exposed sensitive data were found in the analysis. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its role as a municipal information hub with good technical and security practices. Strategic recommendations include enhancing security headers, publishing a formal security policy, and considering a vulnerability disclosure program to further strengthen security posture.

N

NEXT REALITY GROUP a.s.

nextreality.cz

61

NEXT REALITY GROUP a.s. operates a professional real estate website targeting clients and partners across the Czech Republic. The company emphasizes honesty, quality client care, and professional service, offering property sales, rentals, and franchise opportunities. The website is well-structured, with clear navigation and a professional design that supports its market position as a significant player in the Czech real estate sector. Technically, the site employs modern web technologies including Google Analytics, Microsoft Clarity, and CookieHub for analytics and cookie management, alongside a chatbot for customer interaction. The site is mobile-optimized and uses HTTPS to secure communications. Security posture is generally good with enforced HTTPS and cookie consent mechanisms; however, the absence of visible security headers and explicit security policies suggests room for improvement. The WHOIS data is missing, which impacts trust and transparency, but the website content and business information appear legitimate and professional. Overall, the site is safe, GDPR compliant, and provides a positive user experience.

G

Glide Design

glidedesign.com

63

Glide Design is a Texas-based company specializing in web design, development, and SEO services, targeting businesses seeking digital marketing and website solutions. The website presents a professional design with good content quality and clear navigation, optimized for mobile devices. The technical infrastructure is based on WordPress CMS, utilizing modern analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, HubSpot, and Hotjar, indicating a mature digital presence. Security posture shows moderate maturity with the use of HTTPS and analytics scripts, but lacks visible security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, suggesting the need for verification of domain registration status. Overall, the website is functional and professional but would benefit from enhanced compliance and security transparency.

A

úvod

amateurjumptour.cz

50

Amateurjumptour.cz is a Czech-language website focused on amateur jumping tours or events, likely serving a niche community of sports enthusiasts. The site appears to be small-scale and community-oriented, with basic content and limited business information. Technically, the website is built using Sitebuilderhost CMS and hosted by Websupport, employing standard web technologies such as JavaScript and CSS. The site is mobile-optimized and moderately performant but lacks advanced SEO and accessibility features. Security posture is minimal with no visible security headers or explicit policies, though HTTPS is presumed given external resource loading from secure domains. Privacy compliance is basic, with a cookie consent banner present and a linked privacy policy, but no terms of service or incident response information is found. Overall, the domain registration is consistent with the website's profile, showing legitimacy and appropriate domain age. The site does not contain adult or explicit content and is accessible without WAF or blocking mechanisms.

E

Edacy SA

edacy.com

55

Edacy SA operates a French-language online education platform specializing in intensive 3-month bootcamp programs focused on technology, artificial intelligence, product management, UX/UI design, and entrepreneurship. The company targets individuals seeking career transformation in tech, primarily in West Africa and French-speaking regions, offering project-based learning, mentorship, and strong employability support. The website is professionally designed with clear navigation and good mobile optimization, leveraging Google Tag Manager for analytics. However, the absence of privacy and cookie policies and missing WHOIS registration data present compliance and transparency concerns. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Overall, Edacy presents a credible educational service with room for improvement in privacy compliance and security transparency.

S

SmartMailer.cz

smartmailer.cz

53

SmartMailer.cz is a Czech-based small technology company founded in 2021, offering a SaaS email marketing platform tailored for businesses, especially e-commerce users on Prestashop and WooCommerce. The platform provides easy-to-use tools for creating and managing email campaigns, newsletter automation, and detailed campaign analytics. The business model is subscription-based with tiered pricing according to the number of contacts. The website is professionally designed, multilingual, and provides clear contact and legal information, positioning SmartMailer as a trustworthy niche player in the Czech and Slovak markets. Technically, the website uses modern web technologies including JavaScript, Google Analytics, and Google reCAPTCHA for security and analytics. Hosting is inferred to be with WEDOS, a Czech hosting provider. The site is mobile optimized with good SEO practices but lacks some accessibility features. Security posture is solid with HTTPS and anti-spam measures on forms, though it lacks published security policies and some HTTP security headers. From a security and compliance perspective, the site does not publish a privacy or cookie policy, which is a notable GDPR compliance gap. The terms of service are comprehensive and available via a modal on the homepage. No incident response or vulnerability disclosure information is provided. WHOIS data is consistent with the business claims, showing no suspicious patterns. Overall, the site is safe, professional, and business-focused with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing privacy and cookie policies with consent mechanisms, adding security headers, and providing incident response contacts to enhance trust and compliance. These improvements will strengthen the security posture and regulatory adherence, supporting business growth and customer confidence.

R

HOME | #RecreateResponsibly

recreateresponsibly.org

60

The website www.recreateresponsibly.org is a community-focused platform dedicated to promoting inclusive, safe, and sustainable outdoor recreation. It positions itself as a non-profit entity encouraging responsible behavior in nature. The site is built on the Wix platform, leveraging Wix Thunderbolt and associated JavaScript libraries, indicating a moderate level of technical maturity suitable for small to medium-sized organizations. The content is well-structured with clear messaging but lacks comprehensive privacy, cookie, and terms of service policies, which are critical for compliance and user trust. Security posture is basic with no evident security headers or advanced protections, and WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

C

CentraleSupélec Alumni

centralesupelec-alumni.com

58

CentraleSupélec Alumni operates as the official alumni network for the prestigious French engineering school CentraleSupélec, offering a comprehensive platform for graduates and students to connect, share experiences, and access career opportunities. The website provides a variety of services including a member directory, event calendar, job board, and mentoring programs, positioning itself as a key resource for its community. The business model is membership-based with additional revenue from contributions and donations. Technically, the website employs modern web technologies such as Vue.js, Google Tag Manager, and Google Maps API, ensuring a responsive and interactive user experience. The platform integrates OAuth authentication with major providers, enhancing security and ease of access. While performance is moderate, the site is mobile-optimized and SEO-friendly. From a security perspective, the site enforces HTTPS and uses secure login mechanisms. However, some standard security headers like Content-Security-Policy and X-Frame-Options are not explicitly detected, representing an area for improvement. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good data protection practices. No vulnerabilities or exposed sensitive data were identified. Overall, the website is professional, trustworthy, and well-aligned with its educational and non-profit mission. The lack of WHOIS data for the subdomain is typical and does not detract from its legitimacy. Strategic recommendations include enhancing security headers, improving accessibility, and maintaining regular security audits to uphold trust and compliance.

B

Boutique CentraleSupélec

boutique-centralesupelec.com

64

Boutique CentraleSupélec is an official e-commerce merchandise store serving the CentraleSupélec community, including students, alumni, faculty, and partners. The website offers branded textiles, accessories, and goodies to reinforce the institution's identity and community belonging. The site is built on the Shopify platform, leveraging standard Shopify technologies and integrations, hosted on Google Cloud infrastructure. It features a cookie consent mechanism and privacy policy compliant with GDPR, presented in French. However, no explicit contact information or terms of service pages are found, which could be improved for transparency and trust. The domain WHOIS data shows an anomalous future creation date, which may be a data error but warrants attention. Security posture is generally good with HTTPS and domain transfer protections, but lacks DNSSEC and security headers. Overall, the site is professional, accessible, and trustworthy for its niche audience.

J

Jobijoba

jobijoba.mx

63

Jobijoba is an online job search engine operating in Mexico, aggregating job offers from various sources to provide a comprehensive employment search platform. It targets job seekers and employers, offering services such as job alerts, company profiles, and career tips. The website is professionally designed with consistent branding and good content quality, positioning itself as a leading job aggregator in the Mexican market with international presence.

J

Jobijoba

jobijoba.it

65

Jobijoba is an established Italian job search engine that aggregates job listings from multiple sources to provide users with a comprehensive job search experience. The platform targets job seekers in Italy and offers additional services such as job alerts, company profiles, and career advice. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and a consent management platform (Didomi) to comply with privacy regulations. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit security policies and incident response contacts are not publicly disclosed. Overall, Jobijoba presents a trustworthy and professional online presence with moderate user tracking balanced by GDPR-compliant consent mechanisms.

J

Jobijoba

jobijoba.ch

69

Jobijoba.ch is a Swiss-focused online job search platform that aggregates job listings and offers job seekers a comprehensive portal to find employment opportunities across various sectors and professions. The platform is part of a broader network of country-specific job sites, indicating a mature and regionally diversified business model. The website is well-structured, with clear navigation and a professional design tailored to the Swiss job market. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager, and a consent management platform to ensure compliance with privacy regulations. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security policies and incident response contacts are not publicly visible. Privacy compliance is well addressed through a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the site presents a trustworthy and professional front for job seekers and employers in Switzerland.

J

Jobijoba

jobijoba.com.br

63

Jobijoba Brasil operates as a job search engine aggregating employment opportunities from various sources including job boards, recruitment agencies, and companies, targeting job seekers in Brazil. The platform offers a comprehensive search experience with filters by job type, location, and contract type, supported by a clean and professional website design. The company maintains a consistent brand presence and provides localized content with international partner sites for other countries. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager, and a consent management platform (Didomi) to ensure compliance with privacy regulations. The hosting is managed via Gandi.net, and the site uses HTTPS with appropriate security headers, indicating a good security posture. However, explicit contact information and detailed security policies are not readily available on the homepage, which could be improved for transparency and trust. Overall, the site is well-structured, privacy-conscious, and serves its business purpose effectively.

D

Online procvičování DRILL & SKILL

drillandskill.com

40

The website 'Online procvičování DRILL & SKILL' is an educational platform primarily targeting Czech-speaking students and teachers. It offers ready-made and customizable drills across various subjects including math, chemistry, natural sciences, and geography. The platform aims to save schools money on paper and teachers time by providing efficient online practice tools. The market position is niche, focusing on educational institutions in the Czech Republic with a small-scale operation. Technically, the website uses standard web technologies such as HTML5, CSS, JavaScript with jQuery and Shadowbox.js for video content. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. There is no detected CMS or hosting provider information. The site is functional with a login form but lacks modern security headers and visible HTTPS confirmation. From a security perspective, the site shows basic security hygiene with POST method login forms but lacks critical security headers like Content-Security-Policy and anti-CSRF protections. No privacy or cookie policies are present, indicating poor privacy compliance. The WHOIS data is missing or unavailable, which raises concerns about domain legitimacy and trustworthiness despite the professional and safe content. Overall, the website is a functional educational tool with moderate technical quality but significant gaps in security, privacy compliance, and domain registration transparency. Strategic improvements in security posture, privacy policies, and domain legitimacy verification are recommended to enhance trust and compliance.

A

Naučná audiostezka v Teplicích

audioteplice.cz

50

Audioteplice.cz is a small-scale educational project offering an audio trail experience in Teplice, Czech Republic. It provides free downloadable MP3 audio guides and maps to visitors, spa guests, and locals, supported by donations through multiple payment gateways. The website content is primarily in Czech with options for German and English. Technically, the site uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. The design and navigation are functional but basic, with limited mobile optimization and accessibility features. Security posture is moderate with HTTPS implied but lacking explicit security headers and privacy compliance mechanisms such as cookie consent or privacy policies. WHOIS data is inconsistent, showing a domain creation date in the future, which undermines domain legitimacy confidence. Overall, the site is safe, family-friendly, and focused on cultural education.

V

Vyšší odborná škola, Střední průmyslová škola a Střední odborná škola, Varnsdorf, příspěvková organizace

skolavdf.cz

47

The website represents Vyšší odborná škola, Střední průmyslová škola a Střední odborná škola, Varnsdorf, a public educational institution in the Czech Republic offering secondary and higher vocational education. It targets students and prospective students with detailed program offerings, events, and student services. The institution maintains a professional online presence with clear branding and comprehensive content relevant to its educational mission. Technically, the website is built with standard web technologies (HTML5, CSS3, JavaScript) and is well-optimized for mobile devices. It uses HTTPS with a good SSL configuration and includes privacy-first cookie consent mechanisms without marketing or tracking cookies, reflecting a strong commitment to user privacy. The site lacks some advanced security headers but follows good security practices overall. Security posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data limits domain trust verification, but the presence of official contact information, certifications (ISO 9001), and GDPR compliance indicate a legitimate and trustworthy institution. No signs of malicious or adult content were found, making the site safe for general audiences. Overall, the website scores well on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding vulnerability disclosure information to further strengthen trust and security.

S

Střední škola technická

kourilkova8.cz

45

Střední škola technická is a Czech technical secondary school located in Přerov, offering a variety of technical and vocational education programs. The website reflects a well-established educational institution with a focus on practical and theoretical training in fields such as mechatronics, automechanics, optics, and more. The school maintains partnerships with notable companies, enhancing student opportunities for internships and employment. Technically, the website is built on WordPress with modern plugins and technologies, providing a good user experience and mobile optimization. Security posture is solid with HTTPS, security headers, and CAPTCHA integration, although formal security and incident response policies are not published. Privacy compliance is partial, with cookie consent implemented but no visible privacy policy page. Overall, the site is professional, trustworthy, and serves its educational audience effectively.

A

ART ECON

artecon.cz

38

ART ECON is a Czech-based educational organization with a website focused on promoting educational services or institutions, as indicated by the slogan 'Školy plné talentu'. The site uses WordPress CMS with the Divi theme and includes common tracking technologies such as Facebook Pixel, Microsoft Clarity, and Google Tag Manager. The technical infrastructure is moderate with basic mobile optimization and SEO practices. However, the site lacks critical privacy and security policies, contact information, and security headers, which lowers its overall security posture and privacy compliance. No WAF or blocking mechanisms were detected, and the content is safe for general audiences.

W

Witzenmann Opava, spol. s r.o.

witzenmann.cz

64

Witzenmann Opava, spol. s r.o. is a manufacturing company specializing in flexible metal components such as metal hoses, compensators, and bellows, serving industries including automotive, aerospace, and industrial sectors. The company is part of the Witzenmann Group with a global presence across 16 countries and 22 subsidiaries. Their website is professionally designed, multilingual, and provides comprehensive product and solution information targeting B2B customers. Technically, the site uses modern web technologies including Usercentrics for consent management and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is strong with HTTPS and consent mechanisms, though formal security policies and incident response contacts are not publicly disclosed. Overall, the domain registration and WHOIS data align well with the business identity, indicating a legitimate and trustworthy entity.

M

MORAVEC Kvalitní ponožky s.r.o.

moravec-cz.com

55

MORAVEC Kvalitní ponožky s.r.o. operates a professional e-commerce website specializing in high-quality socks and seamless underwear, targeting Czech consumers. The company emphasizes its 25 years of experience, Czech manufacturing, and product quality, positioning itself as a trusted local brand in the retail sector. The website is built on the Shoptet platform, leveraging modern e-commerce technologies and integrating marketing and analytics tools such as Google Analytics and Facebook SDK. Security measures include HTTPS enforcement and cookie consent mechanisms, although some improvements in security headers and library updates are recommended. Overall, the site is accessible, well-structured, and compliant with GDPR requirements, reflecting a mature digital presence for a small-sized retail business.

Z

Základní škola Brno, Svážná 9

zssvazna.cz

50

Základní škola Brno, Svážná 9 is a well-established primary educational institution located in Brno, Czech Republic, with a domain age dating back to 2006. The website serves as an official communication channel providing news, event calendars, practical information, and access to school-related services such as electronic grade books and school meal ordering. The target audience primarily includes parents, students, and the local community. The business model is that of a public contributory organization focused on primary education. The site maintains a consistent brand presence and offers clear contact details and social media integration, enhancing trust and engagement. Technically, the website is built on the Vismo CMS platform and employs modern web technologies including JavaScript frameworks like Vue.js, Mustache.js templating, Google reCAPTCHA v3 for form security, and Google Tag Manager for analytics. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Hosting and DNS details align with the Czech Republic, consistent with the institution's location. From a security perspective, the site uses HTTPS with good SSL configuration and integrates reCAPTCHA to protect forms. However, explicit security headers such as Content-Security-Policy and X-Frame-Options are not detected, and no published security policy or incident response contacts are found. Privacy and cookie policies are present with consent mechanisms, indicating GDPR compliance. No vulnerabilities or suspicious content were detected, and the site is free from WAF blocking or security challenges. Overall, the website demonstrates a solid security posture and good privacy compliance for an educational institution. The domain registration data supports legitimacy and trustworthiness. Strategic recommendations include enhancing security headers, publishing a security policy, and adding incident response contact information to further strengthen security and compliance posture.

Základní škola Sušice, Lerchova ulice, is a primary educational institution serving the local community in the Czech Republic. The website provides information about school activities, projects, events, and educational resources primarily targeting students, parents, and school staff. The school holds a recognized certification from Scio, indicating a commitment to educational quality. The website content is well-structured with regular updates and photographic documentation of school events, reflecting active community engagement. Technically, the website employs a basic but functional technology stack including HTML, CSS, JavaScript, and a third-party cookie consent library. Hosting is provided by Active24, a known Czech hosting provider. The site lacks advanced CMS or modern frameworks and shows basic mobile optimization and accessibility features. SEO is minimal but sufficient for the target audience. From a security perspective, the site implements a cookie consent banner but lacks visible HTTPS enforcement confirmation, security headers, or published security policies. No forms or sensitive data collection mechanisms are present, reducing immediate risk exposure. However, the absence of explicit privacy and security policies and lack of incident response contacts indicate room for improvement in compliance and security posture. Overall, the website is a functional, community-focused educational portal with moderate technical maturity and basic security measures. Strategic improvements in HTTPS enforcement, security headers, privacy policy clarity, and accessibility would enhance trust and compliance.

O

HOME | služby

obchodkapolicka.shop

56

The website www.obchodkapolicka.shop is a small-scale service-oriented site built on the Wix platform, utilizing Wix Thunderbolt framework and standard JavaScript polyfills. The site lacks substantive business content, contact information, and privacy or cookie policies, which limits its credibility and trustworthiness. Technically, the site is moderately optimized for mobile devices and uses HTTPS, but it lacks important security headers and SEO optimization, including a 'noindex' directive that prevents search engine indexing. The WHOIS data is minimal and does not provide registrar or registrant details, indicating privacy protection or incomplete registration data, which further reduces trust. Overall, the site appears functional but lacks essential compliance and trust indicators.

V

Viamédia

avispublicsdebretagne.com

54

Bretagne Marchés Publics is a regional public procurement portal serving Brittany and other regions in France. Operated by Viamédia since 2011, it provides services for public buyers to publish tenders and for companies to consult and respond to public market opportunities. The website is professionally designed, mobile-optimized, and includes modern analytics and consent management tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS registration data is a concern but does not currently impact the legitimacy of the active and professional website. Overall, the site is a trusted resource for public procurement in its region.

FOKUS – Opava, z.s. is a Czech non-profit organization established in 2007, dedicated to providing social services primarily for persons with mental illness and disabilities in the Moravian-Silesian region. The organization operates multiple service centers offering social rehabilitation, protected workshops, clinical psychology outpatient services, and community-based support. It is funded through regional and municipal grants, as well as partnerships with local government and social institutions. The website reflects a stable regional presence with detailed project updates and transparent funding acknowledgments. Technically, the website is built on legacy JavaScript libraries such as Prototype.js and Scriptaculous, with a custom HTML structure and no detected CMS. The site is moderately optimized for performance and accessibility but lacks modern features such as cookie consent mechanisms and advanced SEO optimizations. No analytics or tracking scripts are present, indicating a privacy-conscious approach. From a security perspective, the site lacks visible security headers and cookie policies, and there is no evidence of HTTPS enforcement or advanced security frameworks. However, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a long-standing domain registration consistent with the organization's history, supporting legitimacy. Overall, the website is trustworthy and professionally maintained for its non-profit purpose but would benefit from modern security enhancements, privacy compliance improvements, and technical modernization to improve user experience and security posture.

C

Charita Opava

charitaopava.cz

53

Charita Opava is a well-established non-profit Catholic organization based in the Czech Republic, providing a broad range of social and health care services including protected housing, social rehabilitation, day care, therapeutic workshops, and senior care. The organization targets residents of the Opava region, donors, volunteers, and partners, positioning itself as a trusted regional social service provider with multiple governmental and community partnerships. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the website uses a custom CMS named HandMade, with standard web technologies including HTML5, CSS3, and JavaScript. It integrates multiple Google Analytics and Tag Manager scripts for user tracking and analytics, and implements a cookie consent mechanism compliant with GDPR. The site is mobile optimized with moderate performance and basic accessibility features. From a security perspective, the website enforces HTTPS and uses cookie consent to manage user privacy preferences. However, it lacks explicit security headers and a vulnerability disclosure policy, which are recommended for improved security posture. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data confirms the legitimacy and consistency of the domain registration with the organization's identity. Overall, Charita Opava's website demonstrates a solid digital presence with good privacy compliance and business credibility. Strategic improvements in security headers, accessibility, and explicit security policies would further enhance trust and resilience.

S

Statutární město Opava

opava-city.cz

64

Statutární město Opava operates an official municipal website serving as the primary digital platform for city residents, visitors, and local businesses. The site provides comprehensive information about city governance, public services, news, events, and contact details. It targets a broad audience including citizens, municipal employees, and tourists, positioning itself as a trusted source of local government information. The business model is that of a government service portal, focusing on transparency and community engagement. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript with jQuery, Bootstrap framework, and mapping libraries like Leaflet.js. It uses WebJET CMS for content management and integrates Google Tag Manager and Google Analytics for tracking and analytics. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit privacy policy and terms of service pages, security headers, and incident response contacts, which are areas for improvement. No vulnerabilities or malicious content were detected, and the site maintains a good security posture overall. Overall, the website is a professional and trustworthy municipal portal with good content quality and technical implementation. The absence of WHOIS data limits domain transparency, but the official branding and comprehensive contact information support its legitimacy. Strategic recommendations include publishing privacy and security policies, enhancing security headers, and providing incident response contacts to strengthen compliance and trust.

U

Urssaf

urssaf.fr

57

Urssaf.fr is the official website of the French social security contribution agency, providing personalized support and online services for employers, independent workers, and associations in France. The site offers comprehensive information, declaration services, and legal documentation, positioning itself as a key government resource in the social security sector. The website is professionally designed with consistent branding and good content quality, targeting a broad audience involved in social security contributions. Technically, the site uses a modern technology stack including jQuery, Bootstrap, and the Jahia CMS platform. It is mobile-optimized, accessible, and includes privacy and cookie consent mechanisms compliant with GDPR. Performance is moderate, with a well-structured HTML and CSS foundation. Analytics and chatbot services are integrated for user engagement and data collection. From a security perspective, the site enforces HTTPS, includes CSRF protection, and follows best practices, although explicit security headers could be verified further. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which is typical for AFNIC-managed .fr domains, and does not detract from the site's legitimacy. Overall, Urssaf.fr presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing visible security headers, publishing incident response contacts, and maintaining up-to-date third-party libraries to sustain security and trust.

L

Limbus Studio

limbus.fr

53

Limbus Studio is a French-based creative agency specializing in WordPress web design, development, and maintenance services. Established since 2005, the company offers a broad range of services including branding, digital design, motion design, print, packaging, SEO, and WooCommerce support. The agency positions itself as a trusted partner with a strong client base and positive reviews, emphasizing quality and long-term client relationships. Technically, the website is built on WordPress using the Enfold theme and WooCommerce platform, enhanced with performance optimization tools like WP Rocket and RocketCDN. The site is well-structured with comprehensive metadata, schema.org structured data, and social media integration, reflecting a mature digital presence. Mobile optimization and accessibility are well addressed. Security posture is solid with HTTPS enforced, anti-clickjacking measures, and no visible vulnerabilities or exposed sensitive data. However, explicit security headers like Content-Security-Policy are not detected, and no dedicated security or incident response pages are found. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service pages. Overall, the website demonstrates professionalism and reliability, though the absence of WHOIS data and explicit privacy documentation slightly reduce trust scores. Strategic improvements in privacy transparency and security header implementation are recommended to enhance compliance and trustworthiness.

C

Cercle Communication

cerclecommunication.com

59

Cercle Communication is a small Canadian marketing and communication agency focused on providing personalized and multidisciplinary services to businesses. The website is built on the GoDaddy Website Builder platform, indicating a moderate level of digital maturity with basic technical infrastructure including HTTPS and service worker support. However, the site lacks comprehensive privacy and security policies, contact information, and advanced SEO or accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and incident response contacts. Overall, the website presents a basic but functional online presence suitable for a small agency, with room for improvement in privacy compliance and security best practices.

R

Ringhotels

ringhotels.de

58

Ringhotels is a German hospitality business specializing in hotel bookings, wellness weekends, and conference hosting across Germany. The website targets travelers seeking authentic HeimatGenuss experiences and offers a professional platform for vacation planning. Technically, the site employs modern JavaScript frameworks, integrates Google Tag Manager and Facebook Pixel for analytics and marketing, and uses Cookiebot for cookie consent management. The site is mobile-optimized and has good SEO practices but lacks explicit privacy and terms of service pages in the provided content. Security posture is adequate with HTTPS and cookie consent but could be improved by adding security headers and incident response information. Overall, the domain registration is consistent with the business claims, indicating legitimacy and trustworthiness.

B

BWH Hotels

bwh.de

55

BWH Hotels operates as a hotel brand offering individual freedom and a strong worldwide network, targeting hotel owners and operators. The website is professionally designed using TYPO3 CMS and Bootstrap, with moderate performance and good mobile optimization. Consent management scripts indicate GDPR awareness, though explicit privacy and terms of service pages are not found. Security posture is adequate with HTTPS enabled but lacks explicit security headers and visible incident response contacts. Overall, the site is trustworthy and safe with no adult or questionable content detected.

A

Association de l'aluminium du Canada

veritesurlalu.quebec

47

The website 'La vérité sur l'alu' is operated by the Association de l'aluminium du Canada, an industry association representing Canadian primary aluminium producers. The site focuses on promoting sustainable aluminium production in Quebec and Canada, highlighting the industry's low carbon footprint and economic contributions. It serves as an educational platform with interactive content such as quizzes to dispel myths about the aluminium industry. Technically, the website is built on WordPress using the Salient theme and WPBakery page builder, incorporating modern JavaScript libraries and SEO tools like Yoast. The site is hosted likely via GoDaddy, with a moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled, but lacks some security headers and explicit security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is professional and trustworthy but could improve in privacy and security transparency.

M

MapTiler AG

openmaptiles.org

53

OpenMapTiles is an open-source mapping project operated by MapTiler AG, providing vector tiles and map hosting solutions primarily for developers and GIS professionals seeking self-hosted map infrastructure. The website demonstrates a solid market position with trusted partnerships and a strong community presence on GitHub. Technically, the site uses modern JavaScript libraries and Google Tag Manager for analytics, with good mobile optimization and SEO practices, though some accessibility features could be improved. Security posture is moderate with HTTPS implied but lacking explicit security headers and published policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security documentation.

M

Mutuelle Saint-Christophe assurances

saint-christophe-assurances.fr

55

Mutuelle Saint-Christophe assurances is a French mutual insurance company providing a broad range of insurance products including auto, moto, habitation, health, and specialized insurance for teaching professionals and religious institutions. The website targets individuals and collectivities, offering resources and client spaces tailored to different customer segments. The company maintains an active presence with regional committees and community engagement events. Technically, the website is built on Drupal 11, employs modern web technologies, and integrates a privacy consent management SDK, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data limits domain legitimacy verification, but the professional presentation and comprehensive privacy policies indicate a trustworthy entity. Overall, the website demonstrates good content quality, user experience, and privacy compliance, suitable for its business domain.

C

Conseil de la protection sociale des indépendants (CPSTI)

secu-independants.fr

50

The Conseil de la protection sociale des indépendants (CPSTI) website serves as an official French government portal dedicated to providing social protection services for independent workers. It offers comprehensive information and services related to social contributions, health reimbursements, retirement planning, mediation for disputes, and social aid. The site is well-positioned as a trusted intermediary between independent workers and major social institutions such as Urssaf, Ameli, and Assurance Retraite. The target audience is clearly defined as independent workers in France, and the business model revolves around public service and support.

J

Jobijoba

jobijoba.com

63

Jobijoba is a French-based job search aggregator that consolidates employment offers from hundreds of different job sites, providing an intelligent search engine to accelerate job seekers' search process. The website targets primarily job seekers in France and offers services such as job alerts, CV management, and salary estimation. The platform is well-positioned in the French employment market with a medium-sized business footprint and consistent branding. Technically, the site uses modern JavaScript libraries, Google Tag Manager, and a consent management platform (Didomi) to ensure GDPR compliance. The site is mobile-optimized and implements good SEO practices. Security-wise, the site enforces HTTPS, uses standard security headers, and offers a cookie consent mechanism, though explicit security and incident response policies are not publicly detailed. Overall, the site is professional, trustworthy, and compliant with privacy regulations, with room for improvement in contact transparency and security policy disclosures.

D

Diplomeo

diplomeo.com

70

Diplomeo is a well-established French educational orientation platform founded in 2011, serving over 300,000 students annually. It specializes in helping users find suitable diplomas, schools, and career paths in France. The platform offers comprehensive services including diploma and school searches, career guidance, event listings, and school reviews, positioning itself as a market leader in educational orientation within France. Technically, the website employs modern web technologies such as Turbo Frames and StimulusJS, with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced security headers and formal security policies. Privacy compliance is basic, with cookie consent mechanisms present but no explicit privacy or terms of service pages detected. Overall, the website is professional, trustworthy, and content-rich, though improvements in security and privacy transparency are recommended.

V

Viamédia – L’Agence Média Bretonne qui fait Rayonner Votre Marque

viamedia-publicite.com

57

The website www.viamedia-publicite.com appears to be a small business or individual site built on the Wix platform, likely related to advertising or media services given the domain name. However, the site content is minimal and lacks substantive business information, contact details, or legal policies. The technical infrastructure relies on Wix's standard scripts and polyfills, with no advanced frameworks detected. The presence of Piano Analytics indicates some level of user tracking, but privacy and cookie policies are absent, raising compliance concerns. Security posture is weak due to lack of visible security headers and no SSL configuration details available. The domain WHOIS data is unavailable, suggesting the domain may be unregistered or privacy-protected, which undermines trust. Overall, the site exhibits low digital maturity and business credibility.

G

Groupe Télégramme

groupe-telegramme.com

10

Groupe Télégramme is a French media and services group engaged in three main sectors: Media & Communication, Employment, Recruitment & Training, and Sports & Culture. The website presents a professional image with clear branding and structured content targeting a general audience interested in these sectors. The business model focuses on providing media content, recruitment services, and cultural/sports event organization, positioning itself as a regional leader in these areas. Technically, the website is built on WordPress, leveraging modern plugins such as Slider Revolution and WPBakery Page Builder, and integrates analytics tools like Piano Analytics and Google Tag Manager. The site is mobile-optimized and includes GDPR-compliant cookie consent mechanisms, indicating a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and includes standard security headers, but lacks publicly available security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected, suggesting a moderate security posture. Overall, the website is trustworthy and professionally maintained, with room for improvement in privacy transparency and security documentation. Strategic recommendations include publishing clear privacy and security policies, establishing incident response contacts, and implementing a vulnerability disclosure policy to enhance trust and compliance.

L

La Solitaire du Figaro Paprec

lasolitaire.com

49

The website www.lasolitaire.com is a small-scale site built on the Wix platform, primarily serving French-speaking users. The site lacks substantive business content, contact information, and legal policies such as privacy or cookie policies. Technically, it uses standard Wix scripts and polyfills, indicating a basic but functional technical infrastructure. Security posture is minimal with no detected security headers or incident response information, and privacy compliance is poor due to missing policies and consent mechanisms. Overall, the site appears to be a basic Wix-hosted site with limited business presence and transparency.

O

OC Sport - Creating and delivering world-leading outdoor sports events while driving change towards a cleaner future

ocsport.com

58

The website www.ocsport.com appears to be a small business or personal site built using the Wix platform. The site currently lacks substantive business content, contact information, and privacy or cookie policies, which limits its credibility and user trust. Technically, the site uses standard Wix scripts and polyfills, with HTTPS enabled, but lacks advanced security headers and privacy compliance features. The security posture is basic with no visible vulnerabilities but also no advanced protections. Overall, the site is functional but minimal, with significant room for improvement in content, compliance, and security to enhance trustworthiness and user experience.

V

Viamédia

bretagne-marchespublics.com

53

Bretagne Marchés Publics is a regional public procurement portal serving Brittany and broader France, operated by Viamédia since 2011. The platform facilitates the publication and consultation of public tenders, targeting both public buyers and enterprises. It holds a strong market position as a trusted regional resource with clear business identity and affiliations to reputable media groups. Technically, the website employs modern JavaScript frameworks, consent management via Didomi, and analytics tools like Piano Analytics and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is robust with HTTPS, security headers, and secure login forms, although explicit security policies and incident response contacts are absent. Privacy compliance is well implemented with GDPR-aligned cookie consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for users, with recommendations to enhance security transparency and accessibility.

B

Bretagne Magazine

bretagne-magazine.fr

56

Bretagne Magazine is a well-established regional media publication focused on the Brittany region of France, offering monthly and special edition magazines that cover maritime stories, local culture, gastronomy, and regional news. The website supports subscription sales and provides rich editorial content targeted at residents and enthusiasts of Brittany. The business operates under the Groupe Télégramme umbrella, indicating a solid corporate backing and market presence. Technically, the website employs modern JavaScript libraries, consent management via Didomi, and analytics tools such as Piano Analytics and Google Tag Manager, reflecting a mature digital infrastructure. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is strong, with a comprehensive privacy policy and cookie consent banner. No critical vulnerabilities or suspicious patterns were detected, and contact information is clearly provided. Overall, Bretagne Magazine presents a trustworthy and professional online presence consistent with its business model and market position.

M

Mer et Marine

meretmarine.com

10

Mer et Marine is a French maritime news media organization providing continuous updates on maritime defense, merchant marine, shipbuilding, cruises, fishing, ports, and energy sectors. The website targets maritime professionals and enthusiasts, offering news articles, interviews, and reports. The site uses Drupal 10 CMS and integrates modern digital marketing and consent management tools such as Google Tag Manager and Didomi. The technical infrastructure is modern and supports good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy, but the website content and branding appear professional and trustworthy. Overall, the site is a reliable source of maritime news with good digital maturity but would benefit from clearer privacy policies and WHOIS transparency.