Security Directory

D

DAFilms

dafilms.cz

55

DAFilms.cz is a niche online streaming platform specializing in curated art-house, documentary, festival, and children's films primarily targeting Czech-speaking audiences. Founded in 2012, it offers a subscription-based model with a focus on unique and authorial film content not commonly found on mainstream platforms. The website presents a professional and consistent brand image with good content quality and user experience. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, Cookiebot for GDPR compliance, and reCAPTCHA for bot protection. The site is served over HTTPS with a good SSL configuration, though some security headers could be improved. Privacy compliance is strong with a comprehensive cookie consent mechanism and links to detailed privacy policies. However, explicit contact and security policies are not readily found on the homepage, which could be enhanced for trust and compliance. Overall, the site is secure, compliant, and well-positioned within its niche market.

H

Dr. Heidi Sevestre : Glaciologist, Speaker, Author

heidisevestre.com

62

The website www.heidisevestre.com appears to be a portfolio or personal site built on the Wix platform, likely showcasing photography or art. The site uses standard Wix technologies and scripts, indicating a moderate level of technical infrastructure typical for Wix-hosted sites. However, the site lacks critical business and security information such as privacy policies, cookie consent mechanisms, contact details, and terms of service. The WHOIS data is unavailable or indicates the domain may not be registered, which raises concerns about the legitimacy and trustworthiness of the domain. Security posture is basic with HTTPS enabled but missing important security headers and policies. Overall, the site is accessible without WAF or blocking mechanisms but provides minimal content and business credibility.

ZEDD is a small, French communication agency based in Grenoble specializing in responsible and sustainable communication services. The company positions itself as a pioneer in the Auvergne Rhône-Alpes region, offering consulting, creation, development, and maintenance services with a focus on eco-conception and digital responsibility. The website content is professionally presented in French, targeting organizations seeking sustainable communication solutions. Technically, the website uses modern web technologies including JavaScript, CSS, and SVG graphics, with the SPIP CMS platform. Hosting is local to Grenoble, leveraging a datacenter with a positive carbon footprint, reflecting the company's environmental values. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is moderate; HTTPS is implied but no explicit security headers or policies are present. No privacy or cookie policies are found, indicating gaps in GDPR compliance. Contact information is clearly provided, but no incident response or vulnerability disclosure mechanisms are visible. No tracking or advertising scripts were detected, suggesting minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance and security best practices to improve user trust and regulatory adherence.

G

GARVIS Solutions s.r.o.

reenio.cz

71

REENIO, operated by GARVIS Solutions s.r.o., is a Czech-based online reservation system offering a cloud-hosted SaaS platform tailored for businesses providing direct customer services such as sports facilities, wellness centers, education, and cultural events. The platform supports free and paid subscription models, integrates secure online payments, and emphasizes ease of use and customer communication. The company holds a strong market position in the Czech Republic with a focus on GDPR compliance and continuous product development.

Datadog is a leading enterprise SaaS provider specializing in cloud infrastructure monitoring, application performance monitoring, log management, and security monitoring. The website analyzed is the login portal for the EU region, reflecting a professional and secure platform designed for developers, IT operations teams, and business users. The platform leverages modern web technologies and CDN hosting to ensure fast and reliable access. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved. Privacy compliance indicators are limited in the provided content, with no visible privacy or cookie policies. Overall, the domain appears legitimate and consistent with a reputable enterprise SaaS provider, despite WHOIS privacy protection.

A

ABOUT YOU

aboutyou.com

68

ABOUT YOU is a large online fashion retail platform operating in Finland, offering over 1500 brands with fast delivery and a 30-day return policy. The website demonstrates a professional design with good content quality and consistent branding, targeting general consumers interested in fashion e-commerce. Technically, the site uses modern JavaScript libraries, asynchronous script loading, and integrates Usercentrics for consent management and Datadog for logging, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and logging mechanisms in place, though the absence of explicit security headers and published security policies suggests room for improvement. Privacy compliance is partially addressed via cookie consent mechanisms, but lacks visible privacy and terms of service documentation. Overall, the site is trustworthy and safe for general audiences, with a moderate to good AI-assessed quality and security score.

C

CHRYSALIDE

cae29.coop

52

CAE 29 is a French cooperative organization under the legal entity CHRYSALIDE, founded in 2014, providing shared enterprise and employment cooperative services primarily in the Finistère region. The website serves as an informational and engagement platform for entrepreneurs and project holders seeking cooperative business support, administrative delegation, and training. The business model focuses on collective entrepreneurship and professional autonomy within a cooperative framework, positioning CAE 29 as a regional leader in this niche. Technically, the website is built on the SPIP CMS platform, hosted by Gandi SAS, and uses standard web technologies including JavaScript and CSS. The site demonstrates moderate performance and basic mobile optimization, with good SEO practices and clear navigation. However, there is room for improvement in accessibility and modern security practices. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks DNSSEC and explicit security headers. There is no cookie consent mechanism or detailed privacy policy, which may pose compliance risks under GDPR. No incident response or security policy information is published, and no analytics or tracking services are detected, indicating minimal user tracking. Overall, CAE 29 presents a trustworthy and professional online presence with a solid business foundation. Strategic improvements in security headers, DNSSEC, privacy compliance, and incident response transparency would enhance its security posture and regulatory adherence.

O

Ostravské vodárny a kanalizace a. s.

hledejpramenvody.cz

55

The website www.hledejpramenvody.cz represents Ostravské vodárny a kanalizace a.s., a regional company focused on water supply and ecological education in Ostrava, Czech Republic. The site promotes an educational ecological project targeting 4th and 5th grade students in local schools, emphasizing environmental awareness and water knowledge. The project is supported by the city of Ostrava and offers awards and recognition to participants. Technically, the website uses modern web technologies including HTML5, CSS, JavaScript, and Swiper.js for interactive content. The site is well-structured, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate with HTTPS usage but lacks explicit security headers and published security policies. Privacy compliance is limited, with no dedicated privacy or terms pages and minimal cookie consent mechanisms. WHOIS data is unavailable, which reduces trustworthiness but the website content and contact information indicate a legitimate educational initiative. Overall, the site is professional and trustworthy for its target audience but could improve in privacy and security transparency.

C

CustomGPT.ai

customgpt.ai

65

CustomGPT.ai is a technology startup founded in 2023 specializing in creating custom GPT models tailored from user content for business applications. The company targets businesses and professionals seeking AI-powered solutions to enhance their operations. The website is built on WordPress with Elementor and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and CookieYes for cookie consent management. Hosting is provided via Amazon AWS infrastructure. The site demonstrates good design quality, mobile optimization, and SEO practices, though it lacks visible contact information and formal privacy or terms of service pages. Security posture is moderate with HTTPS enabled but missing key security headers and published security policies. The domain is privacy protected, consistent with a small tech startup, and shows no suspicious registration patterns.

R

RUSCONA Česko

ruscona.cz

48

RUSCONA.cz is a professional e-commerce platform specializing in gel nail modeling products and accessories, targeting both professional nail technicians and consumers in the Czech Republic. The website offers a wide range of UV gels, gel polishes, polygels, and related tools, supported by educational courses and a strong brand presence. The site is built on the Shoptet e-commerce platform and integrates modern analytics and marketing technologies such as Google Analytics, TikTok Pixel, Facebook SDK, and Hotjar, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response information are not publicly available. The absence of WHOIS data limits domain trust assessment, but the professional presentation and comprehensive content suggest a legitimate and established business. Overall, the site demonstrates good technical implementation, privacy compliance, and business credibility.

G

GoldPC.cz

goldpc.cz

52

GoldPC.cz is a Czech Republic-based e-commerce retailer specializing in affordable and quality computers, including notebooks, desktops, components, and accessories. The company offers a 24-month warranty and customer support via phone and email, targeting both consumers and businesses. The website is professionally designed, mobile-optimized, and integrates modern marketing and analytics tools such as Google Analytics and Facebook Pixel. Privacy and cookie policies are present, indicating GDPR compliance awareness. However, the absence of WHOIS registration data reduces domain trustworthiness and warrants further verification. Security posture is generally good with HTTPS and CSRF protections, but lacks explicit security policies and vulnerability disclosure mechanisms.

G

Garlo.cz

garlo.cz

10

Garlo.cz operates as a Czech online plant marketplace aggregator and price comparison platform, offering access to over 16,000 plants by unifying multiple garden e-shops under one roof. The website targets gardening enthusiasts and plant buyers in the Czech Republic, providing a comprehensive catalog and easy navigation to partner stores. Technically, the site leverages the Shoptet e-commerce platform, integrates multiple modern tracking and marketing tools such as Google Analytics, Microsoft Clarity, and Facebook SDK, and uses HTTPS with moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security headers and published privacy or security policies. The absence of WHOIS data reduces transparency but does not negate the site's apparent legitimacy. Overall, Garlo.cz presents a professional and trustworthy online presence in the gardening retail sector.

M

mlady-vedec.sk

mlady-vedec.sk

58

Mladý-vedec.sk is a Slovak e-commerce retailer specializing in educational and scientific toys designed for children who enjoy playful learning. The website offers a broad range of didactic products including experiment kits, building sets, and educational games. Positioned as a niche player in the Slovak market, it targets parents and educators seeking quality educational toys. The business model is primarily online retail with additional wholesale cooperation and affiliate partnerships. The site is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

M

Mincmistr.cz

mincmistr.cz

57

Mincmistr.cz is a specialized e-commerce platform based in the Czech Republic, focusing on the sale of coins, banknotes, medals, and numismatic supplies. With over 15 years of experience, it serves collectors and investors by offering a wide range of historical and modern numismatic products, investment metals, and educational content including the largest numismatic encyclopedia in the country. The website demonstrates a strong market position within its niche, supported by customer trust signals such as high ratings and product certifications. Technically, the site is built on the Shoptet e-commerce platform, utilizing modern tracking and marketing tools while maintaining good mobile optimization and accessibility. Security posture is solid with HTTPS and consent-based cookie management, though improvements in security headers and library updates are recommended. The absence of WHOIS data is likely due to privacy protection, which is justified for this business type. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

Yamaha Motorsports USA operates a professional and well-branded website focused on providing information about Yamaha motorsports products, dealer locations, pricing, and community engagement. The site targets motorsports enthusiasts and Yamaha product owners in the USA, positioning itself as a key player in the transportation sector with a long-established presence since 2001. The business model revolves around retail and brand experience enhancement through racing, training, and community programs. Technically, the website employs modern JavaScript libraries, video embedding, and accessibility tools, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and domain management best practices, though improvements such as DNSSEC and security headers are recommended. Privacy compliance is basic, with cookie consent implemented but no visible privacy or terms of service pages. Overall, the site is trustworthy and professional, with extensive analytics and advertising integrations.

L

La Fabrique - Orange Business

eolas.fr

66

La Fabrique - Orange Business is a professional digital agency and web hosting provider focused on delivering sustainable, innovative, and high-performance digital solutions tailored to business needs. Positioned under the reputable Orange Business brand, it offers a comprehensive range of services including digital marketing strategy, web and e-commerce development, cloud hosting, and managed services. The website reflects a strong market position with clear branding, certifications, and a focus on trust and security. Technically, the website employs modern JavaScript libraries, a custom CMS, and integrates privacy-conscious analytics via Matomo Tag Manager without setting cookies. The site is mobile-optimized, accessible, and SEO-friendly, with a well-structured navigation and professional design. Cookie consent management is implemented using tarteaucitron.js, ensuring GDPR compliance. Security posture is solid with HTTPS enforced and secure form handling including CSRF tokens and CAPTCHA. However, explicit security headers are not evident, and no public security or incident response policies are published. WHOIS data for the subdomain is unavailable, but the domain is a subdomain of orange-business.com, supporting legitimacy. Overall, the website presents low risk with strong trust indicators, good privacy compliance, and professional business presentation. Strategic improvements include adding security headers, publishing a security policy, and providing direct contact information for incident response.

M

Mountain Wilderness France

mountainwilderness.fr

45

Mountain Wilderness France is a well-established non-profit organization dedicated to the protection and preservation of mountain environments. Founded in 1988, it operates primarily through volunteer engagement, advocacy, and educational initiatives to promote sustainable mountain use and conservation. The website reflects a mature digital presence with comprehensive content, clear navigation, and a strong focus on community involvement and environmental stewardship. Technically, the site uses modern web technologies including Craft CMS and Vue.js, with Matomo analytics for privacy-conscious user tracking. Security posture is generally good with HTTPS and CSRF protections, but lacks some security headers and cookie consent mechanisms. The absence of WHOIS data is a notable gap that impacts domain trustworthiness, though the organization's legitimacy is supported by its content and social media presence. Overall, the site is professional, trustworthy, and well-suited for its target audience of environmental advocates and volunteers.

The analyzed URL corresponds to a Chrome internal error page (chrome-error://chromewebdata/) indicating that no actual website content is accessible. This page is used by the Chrome browser to display offline or error states and does not represent a real website or business entity. Consequently, there is no business information, contact details, or policies available for analysis. The technical infrastructure is limited to Chromium's internal scripts and styles for rendering the error page. Security posture cannot be evaluated as this is not a live website but a browser-generated page. Overall, this is not a legitimate website but a placeholder error page, and no meaningful security, compliance, or business insights can be derived.

N

Nášup, Spirála Ostrava z.ú.

nasupsidam.cz

42

Nášup, operated by Spirála Ostrava z.ú., is a Czech social enterprise focused on providing catering services in Ostrava while employing people with mental disabilities. The organization combines social impact with hospitality services, offering catering for events, companies, and private celebrations. Their mission emphasizes social inclusion and psychosocial support for disabled individuals, positioning them as a niche local player with a strong community focus. The website reflects this mission clearly with testimonials, partner logos, and detailed service descriptions. Technically, the site uses modern web technologies including Google reCAPTCHA v3 for form security and standard JavaScript libraries for UI enhancements. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and form protection, but lacks advanced security headers and published security policies. Privacy compliance is limited due to missing privacy and cookie policies. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and contact information appear legitimate and consistent with a small social enterprise. Overall, the site is functional, trustworthy, and professionally presented but could improve compliance and security transparency.

E

Patriot Program | Akce - Koncerty - Divadla - Výstavy - Gastronomie - Sport

eprogram.cz

54

Patriot Program is a regional Czech media platform focused on providing a calendar and search engine for cultural, sports, and social events primarily in the Moravskoslezský kraj region. The website offers event listings, articles, and downloadable magazines targeting a broad audience including families, seniors, and general public interested in local happenings. Technically, the site is built using modern web technologies such as React and Next.js, hosted on DigitalOcean Spaces for media content, and optimized for fast performance and mobile responsiveness. Security posture is adequate with HTTPS enforced but lacks important security headers and privacy disclosures. The absence of WHOIS data limits transparency but the website content and social media presence support legitimacy. Overall, the platform serves as a useful regional event and cultural information resource with room for improvement in privacy and security compliance.

C

Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA)

cea.fr

57

The Commissariat à l'Énergie Atomique et aux Énergies Alternatives (CEA) is a major French governmental research organization focused on scientific and technological innovation in energy, defense, digital technologies, and health. The website reflects a well-established institution with a broad scope of research and innovation activities, targeting government, industry partners, researchers, and the general public. The site is professionally designed using Microsoft SharePoint, featuring multimedia content, clear navigation, and official branding. Technically, the site employs modern web technologies including HTTPS, Matomo analytics for privacy-conscious tracking, and Google reCAPTCHA for bot protection. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant. The WHOIS data is unavailable, likely due to AFNIC policies or privacy protection, but the domain and content strongly support legitimacy. Overall, the website is a trustworthy and authoritative source for information about CEA's research and innovation activities.

B

BRGM

brgm.fr

58

BRGM is the French national geological survey and a public institution specializing in geological research and management of soil and subsoil resources and risks. It holds a prominent position as the national reference in its sector, providing scientific and technical expertise to public and private stakeholders. The website reflects a mature digital presence built on Drupal 10, with privacy-conscious analytics via Matomo and a professional design optimized for accessibility and mobile devices. Security posture is strong with HTTPS and no visible vulnerabilities, though some security headers and policies could be improved. The absence of WHOIS data is a limitation but the domain and content align with a legitimate public entity. Overall, the site is trustworthy and serves its audience well.

I

Ifremer

ifremer.fr

60

Ifremer is the French national institute dedicated to oceanographic research, focusing on marine ecosystem protection, sustainable resource management, and marine data sharing. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistent with a government research entity. Technically, the site uses Drupal CMS with modern JavaScript libraries and SVG graphics, optimized for mobile and accessibility. Security posture is strong with HTTPS, security headers, and no evident vulnerabilities, though explicit security policies and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site is trustworthy and professional, serving a broad audience including scientists, policymakers, and the public.

Kalis Media is a small Poland-based IT company specializing in custom web development services primarily targeting the Norwegian market. They focus on programming advanced WordPress themes and Shopify stores with interactive animations and custom functionalities. Their business model revolves around delivering tailored web solutions, including SaaS applications and website redesigns, emphasizing usability and maintainability. The company has a strong portfolio and positive client testimonials, positioning them as a niche expert in their field. Technically, the website employs a modern technology stack including PHP, JavaScript, GSAP animations, and popular frameworks like Laravel and CodeIgniter. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. They use Google Tag Manager and Elfsight widgets for analytics and social media integration. However, there is room for improvement in security headers and privacy compliance. Security posture is good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of security headers and privacy/cookie policies are notable gaps. No WAF or blocking mechanisms were detected, allowing full content access. WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is professional, trustworthy, and technically sound but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve user trust.

G

Grill & Golf events z.s.

minigolfporuba.cz

40

Minigolf Poruba is a small hospitality and leisure business located in Ostrava-Poruba, Czech Republic, offering minigolf, beverage sales, equipment rental, and event hosting services. The website is professionally designed with clear navigation and good mobile optimization, targeting students, families, and local residents interested in recreational activities. The business is operated by Grill & Golf events z.s., with clear contact details and partner affiliations enhancing credibility. Technically, the site uses modern tracking tools like Google Tag Manager and Facebook Pixel, with HTTPS properly configured, but lacks some security headers and privacy policies, indicating room for compliance improvement. The absence of WHOIS registration data reduces domain trustworthiness, though the website content and business information appear legitimate. Overall, the site scores well in content quality and business credibility but needs enhancements in privacy compliance and security best practices.

M

MOVE Ostrava

movefest.cz

53

MOVE Fest Ostrava is a cultural festival focused on contemporary dance, new circus, and physical theatre, serving the Moravian-Silesian region of the Czech Republic. The website presents the festival as a regional cultural event with over 10 years of history, targeting a general audience interested in performing arts. The business model centers on event organization and cultural promotion. Technically, the website is built on the Wix platform, utilizing standard Wix technologies and scripts, with moderate performance and good mobile optimization. However, the site lacks comprehensive privacy and cookie policies, contact information, and security headers, which impacts its security posture and privacy compliance. The absence of WHOIS data reduces trust and transparency, though the website content appears legitimate and professional. Overall, the site is functional and well-designed but requires improvements in security, privacy, and business credibility to enhance trust and compliance.

SATON s.r.o. is a medium-sized Czech company founded in 1991, specializing in construction, metal fabrication, and automotive servicing primarily in the Ostrava region. The company offers a range of services including new construction, renovations, steel and stainless steel fabrication, and vehicle servicing. Their website reflects a professional and consistent brand image targeting local businesses and customers needing construction and related services. Technically, the website is built using modern SvelteKit technology with good mobile optimization and moderate performance. However, it lacks some advanced SEO and accessibility features. Security-wise, the site uses HTTPS and integrates Sentry for error tracking but lacks important security headers and formal security policies, which lowers its security posture. Privacy and cookie policies are absent, indicating compliance gaps with GDPR. Overall, the domain registration is consistent with the business claims, and the website content is safe and professional.

O

Ostravské vodárny a kanalizace a. s.

ovak.cz

57

Ostravské vodárny a kanalizace a. s. is a regional utility company providing water supply and sewage services primarily in the Ostrava region of the Czech Republic. The company offers a range of services including water network management, sewage infrastructure, smart metering, and laboratory testing. Their website reflects a professional and well-structured digital presence with clear navigation and relevant content targeted at residents and businesses in their service area. Technically, the site uses modern JavaScript libraries, Google Analytics with privacy-conscious consent settings, and is mobile optimized. Security posture is adequate with HTTPS and reCAPTCHA, but lacks some security headers and explicit privacy policies. WHOIS data is unavailable, which limits transparency but the overall site and business information support legitimacy. Strategic improvements in privacy compliance and security best practices are recommended.

D

Data For Good

dataforgood.fr

39

Data For Good is a French non-profit organization established in 2015, dedicated to leveraging technology for social and environmental good. The organization focuses on building citizen-driven tech counterpowers addressing climate change, social justice, and democratic transparency. Their website showcases multiple projects, volunteer engagement opportunities, and donation campaigns, positioning them as a reputable entity in the civic tech and non-profit sector in France. Technically, the website is built on modern frameworks such as Next.js and React, hosted on Scaleway cloud infrastructure, and employs good security practices including HTTPS and security headers. However, the site lacks explicit privacy and cookie policies, which impacts its privacy compliance score. No direct contact emails or phone numbers are provided, with communication primarily via web forms. Overall, the site is professional, trustworthy, and well-structured but could improve in privacy transparency and direct contact availability.

M

Mary's Meals Slovenija

marysmeals.si

59

Mary's Meals Slovenija is a small non-profit organization dedicated to providing nutritious school meals to children in impoverished regions, aiming to improve education and reduce hunger. The website serves as a local chapter platform for fundraising, awareness, and donor engagement, aligned with the global Mary's Meals movement. Technically, the site is built on the Shopify platform, leveraging its e-commerce and content management capabilities, with good mobile optimization and accessibility. Security posture is solid with HTTPS, hCaptcha protection, and no visible vulnerabilities, though it lacks a dedicated security policy or incident response information. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-positioned to support its charitable mission.

M

Mary's Meals Portugal

marysmeals.pt

73

Mary's Meals Portugal is a non-profit organization dedicated to providing daily school meals to children in impoverished communities, thereby improving educational attendance and outcomes. The website serves as a platform for awareness, donations, volunteer engagement, and event promotion. Technically, the site is built on the Shopify platform using the Dawn theme, leveraging modern web technologies and ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced, use of hCaptcha for form protection, and no visible vulnerabilities, although explicit security headers could be improved. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site presents a trustworthy and professional image aligned with its charitable mission.

M

Mary's Meals Canada

marysmeals.ca

64

Mary's Meals Canada is a non-profit charitable organization dedicated to providing daily nutritious meals to children in impoverished communities to encourage education and break the cycle of poverty. The website serves as a platform for fundraising, volunteer engagement, and awareness, targeting donors and supporters primarily in Canada but linked to a global network of partner sites. The site is professionally designed with clear navigation, rich content, and consistent branding, reflecting a mature digital presence. Technically, the website employs modern web technologies including Google Analytics, Facebook SDK, Stripe for payments, and consent management tools, hosted on AWS Cloudfront CDN. The site is mobile-optimized and accessible, with good SEO practices. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though explicit security headers and a public security policy are absent. The absence of WHOIS data limits domain registration transparency, but the presence of charity registration numbers and consistent business information supports legitimacy. No WAF or blocking mechanisms were detected, and the site contains no adult or questionable content, making it safe for general audiences. Overall, the website demonstrates a strong balance of business credibility, technical implementation, and privacy compliance, with room for improvement in explicit security policies and domain registration transparency.

R

renault

renault.dz

74

Renault Algeria operates an official regional website dedicated to showcasing and selling new Renault vehicles, as well as providing after-sales services including maintenance, warranty, and service appointments. The website targets the general Algerian public interested in Renault automobiles and related services. It reflects the brand's strong market position as a major automotive player in Algeria, supported by the global Renault Group. The site offers vehicle configurators, distributor locators, and promotional offers, enhancing customer engagement and service accessibility. Technically, the website employs modern web technologies such as React, integrates Google Analytics and Tag Manager for tracking, and uses OneTrust for cookie consent management. The site is responsive and optimized for mobile devices, with good SEO and accessibility basics. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks publicly visible security policies or incident response information. Privacy compliance is partially addressed through cookie consent, but explicit privacy and terms of service documents are not found. Overall, the website is professional, trustworthy, and well-branded, though it could improve transparency by publishing detailed privacy and security policies and providing clear contact information. The domain registration details align well with the Renault brand, confirming legitimacy and consistency.

R

renault

renault.ma

70

Renault Maroc operates a professional and comprehensive automotive website targeting the Moroccan market, offering new vehicles including electric, hybrid, and utility models. The site provides extensive information on financing, insurance, after-sales services, and vehicle accessories, positioning Renault as a major automotive brand in Morocco. Technically, the website is built on modern frameworks like React, uses optimized media formats, and implements cookie consent mechanisms, reflecting a mature digital infrastructure. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. The domain WHOIS data is unavailable, which slightly impacts trustworthiness, but the overall site professionalism and branding consistency support legitimacy. Strategic recommendations include publishing security policies and improving transparency on contact information to enhance trust and compliance.

T

Trustia Czech Republic, s.r.o.

festivalevolution.cz

45

Festival Evolution is a Czech Republic-based event organizer focused on promoting healthy lifestyle and personal development through festivals, conferences, and workshops. The website serves as a platform to inform visitors and exhibitors about the festival, its partners, and related events. The business operates in the event organization sector with a regional market position and targets a general audience interested in wellness and personal growth. The company behind the website is Trustia Czech Republic, s.r.o., which is credited as the author in the metadata. The website content is well-structured, informative, and consistent with the festival's theme.

33Across Inc. operates a digital advertising and traffic monetization platform, recently migrating its services to a new platform at platform.33across.com. The website analyzed is a transitional landing page informing users of the move and providing a login link to the new platform. The business targets digital marketers, advertisers, and publishers with services focused on traffic monetization and advertising analytics. The company appears to be a medium-sized technology firm based in the United States with a consistent brand presence. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and Typekit fonts. The page is minimalistic, serving primarily as a redirect notice, with basic mobile optimization and moderate performance. No advanced frameworks or CMS were detected. Security features are minimal with no visible security headers or HTTPS verification in the provided content, indicating room for improvement in security posture. Security evaluation shows a lack of privacy and cookie policies, no incident response contacts, and no security certifications displayed. The absence of security headers and explicit privacy compliance reduces the overall security score. However, no critical vulnerabilities or malicious content were detected. The domain registration aligns well with the company identity, supporting legitimacy. Overall, the website serves a limited purpose as a redirect notice with basic content and security features. Strategic improvements in privacy compliance, security headers, and richer content would enhance trust and user experience.

G

Google LLC

google.co.za

73

Google LLC is a global leader in internet-related services and products, including its flagship search engine, advertising platforms, cloud computing, software, and hardware. As a subsidiary of Alphabet Inc., Google holds a dominant market position with a broad target audience ranging from individual users to enterprises worldwide. The company’s business model primarily revolves around advertising revenue and technology services. The website reflects Google's brand consistency and professionalism, offering excellent content quality and user experience.

E

E-commerce + Print on Demand

tpop.com

67

TPOP is a French-based e-commerce platform specializing in print-on-demand services with a strong emphasis on eco-responsibility and local European production. The platform enables entrepreneurs and small to medium-sized businesses to quickly create online stores without upfront inventory costs, integrating seamlessly with popular platforms like Shopify, Etsy, and WooCommerce. The website demonstrates a high level of digital maturity with modern technologies, multilingual support, and a user-friendly design optimized for mobile devices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The domain WHOIS data is unavailable, which slightly impacts trust but is mitigated by strong external trust signals such as customer testimonials and social media presence. Overall, TPOP presents a professional, trustworthy, and well-structured online presence suitable for its target market.

E

E-commerce + Print on Demand

tpop.fr

69

TPOP is a French-based e-commerce platform specializing in print-on-demand services with a strong emphasis on eco-responsibility and no upfront stock costs. The platform enables users to create online stores quickly and easily, offering physical, digital, and print-on-demand products with local European production. The company positions itself as a sustainable and user-friendly alternative in the e-commerce market, integrating with popular platforms like Shopify, Etsy, and WooCommerce. The website demonstrates a high level of digital maturity, employing modern web technologies such as Bootstrap, jQuery, and Weglot for multilingual support, alongside analytics and user feedback tools. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response contacts are absent. The lack of WHOIS data introduces some uncertainty about domain registration legitimacy, but the professional presentation and trust indicators like Trustpilot reviews and social media presence support credibility. Overall, TPOP presents a trustworthy and technically sound e-commerce solution with room for improvement in transparency and security disclosures.

O

OpenStreetMap

osm.org

11

OpenStreetMap is a globally recognized open source mapping platform that provides free, editable maps created by a community of contributors. It holds a strong market position as a leading provider of open geospatial data and mapping services. The website offers a comprehensive suite of tools including map editing, search, directions, GPS trace uploads, and community engagement features, targeting a broad audience from casual users to professional mappers. Technically, the site employs modern JavaScript frameworks such as Leaflet.js and Turbo (Hotwire), with hosting provided by Fastly, ensuring fast performance and excellent mobile optimization. Security measures include HTTPS enforcement, CSRF protection, and use of Content Security Policy nonces, although some standard security headers are missing. Privacy compliance is basic, with a privacy policy and terms of use present but lacking explicit cookie consent mechanisms or GDPR-specific statements. No contact emails or phone numbers are provided on the main page, and no vulnerability disclosure or security.txt files are found. Overall, the site is professional, trustworthy, and safe for general audiences, with a high AI score reflecting strong content quality, technical implementation, and business credibility.

C

CPI Hotels, a.s.

qualityhotelbrnoexhibitioncentre.com

60

Quality Hotel Brno Exhibition Centre is a medium-sized hospitality business located in the Czech Republic, offering hotel accommodation, conference facilities, restaurant services, and wellness amenities. It is part of the CPI Hotels group, which adds to its market credibility and brand strength. The website is professionally designed with excellent content quality and clear navigation, targeting business travelers, event organizers, and tourists. The business model focuses on providing quality services for corporate and leisure guests with a strong emphasis on comfort and regional cuisine. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations for Google Tag Manager, cookie consent management, and marketing/analytics tools like Sojern and Zoomletter. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. However, no CMS or hosting provider details were detected. From a security perspective, the site uses HTTPS and cookie consent mechanisms effectively, but lacks explicit security policy documentation and incident response contacts. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data for the domain is a notable concern, reducing trust slightly, but the overall security posture is solid. Overall, the website presents a low-risk profile with strong business credibility and compliance with privacy regulations. Strategic improvements include publishing a dedicated security policy, enhancing incident response transparency, and adding security headers to further harden the site.

A

Alechko Studio Ltd

asdesigning.com

9

AS Templates operates as a specialized marketplace offering premium Joomla!, WordPress, and HTML templates to web designers and businesses seeking professional website themes. The platform boasts a large active community and a significant volume of downloads and purchases, positioning itself as a reputable player in the web design template market. Their business model focuses on providing both free and premium templates with quick-start installation packages, catering to a broad audience from individual designers to enterprises. Technically, the website employs a classic web stack including Bootstrap for responsive design, jQuery for scripting, and integrates Google Analytics and Google Tag Manager for user behavior tracking. The site is mobile-optimized with good navigation and SEO practices, though the use of an outdated jQuery version presents a potential security risk. The absence of a cookie consent mechanism indicates partial privacy compliance. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit security policies. No sensitive data exposure was detected, but the outdated JavaScript library and missing WHOIS data reduce trustworthiness. The WHOIS information is incomplete, which raises concerns about domain registration legitimacy despite the professional presentation of the site. Overall, the website is functional, professional, and serves its business purpose well but would benefit from technical and security improvements, including updating libraries, enhancing privacy compliance, and clarifying domain registration details to strengthen trust and security posture.

G

Grand Café

grand-cafe.cz

51

Grand Café operates as a specialized e-commerce retailer focused on coffee products, coffee machines, and related accessories primarily serving the Czech Republic market. The website presents a professional and comprehensive catalog of products including various coffee brands, coffee machines, capsules, syrups, and barista tools. The business targets coffee retailers, cafes, offices, and individual consumers seeking quality coffee products and equipment. The platform also offers customer support and servicing options, enhancing its value proposition. Technically, the website is built on the eshop-rychle.cz platform, utilizing modern JavaScript libraries and analytics tools such as Matomo and Google Tag Manager. The site is mobile-optimized with good navigation and SEO practices. Security posture is solid with HTTPS enforced and consent mechanisms for cookies, although some security headers could be improved. No WAF or blocking mechanisms interfere with content accessibility. From a security and compliance perspective, the site shows good privacy compliance with a visible privacy policy and cookie consent. However, no explicit security policy or incident response contacts were found. The WHOIS data is privacy-protected, which is common for e-commerce businesses, and no suspicious patterns were detected. Contact information is available with clear phone numbers but no public email addresses were found in the HTML. Overall, Grand Café presents a trustworthy and professional online presence with a strong focus on coffee retail and service. Strategic recommendations include enhancing security headers, publishing explicit security policies, and improving accessibility features to further strengthen trust and compliance.

S

Statutární město Jihlava

jihlava.cz

47

The website jihlava.cz serves as the official digital portal for the city of Jihlava, Czech Republic. It provides comprehensive information and services related to municipal administration, social services, education, transport, tourism, and citizen engagement. The site targets residents, tourists, and local businesses, positioning itself as a trusted source of official city information and services. The business model is that of a government entity providing public services and transparent communication to its constituents. Technically, the website employs a custom CMS platform (vismo®), uses modern web standards including HTML5, CSS3, and JavaScript, and integrates Google Translate for multilingual support. The site is mobile-optimized and accessible, with good SEO practices and moderate performance. Hosting and domain registration are consistent with an official municipal entity. From a security perspective, the site enforces HTTPS and implements a GDPR-compliant cookie consent mechanism. However, it lacks a publicly visible dedicated security policy or incident response contact information. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid but could be improved by adding security headers and formalizing incident response disclosures. Overall, jihlava.cz is a professionally maintained government website with high trustworthiness and compliance with privacy regulations. Strategic recommendations include publishing a security policy, providing incident response contacts, and enhancing security headers to further strengthen the site's security and transparency.

The Smithsonian Institution website represents a large, authoritative educational and cultural organization providing extensive museum, research, and educational resources. The site is well-designed, mobile-optimized, and rich in content, targeting a broad audience including the general public, educators, and researchers. Technically, it uses a modern Drupal 10 CMS with various analytics and marketing tools integrated, maintaining good performance and accessibility standards. Security posture is strong with HTTPS and security headers in place, though no explicit vulnerability disclosure or incident response policies were found. WHOIS data is unavailable, likely due to .edu domain registry policies, but the website's legitimacy is supported by consistent branding and official external links. Overall, the site scores highly on content quality, technical implementation, security, privacy compliance, and business credibility.

A

Apple Inc.

webkit.org

71

WebKit.org is the official website for the WebKit open source web browser engine, primarily developed and maintained by Apple Inc. The site serves as a hub for developers and users interested in WebKit technology, providing downloads, documentation, blog posts, and policies. It holds a strong market position as the engine behind Safari and other Apple applications, targeting web developers and technology professionals. The business model revolves around open source development supported by Apple, emphasizing transparency and community contribution. Technically, the website is built on WordPress CMS with a custom theme, hosted on AWS infrastructure. It employs modern web technologies including SVG graphics, JavaScript, and CSS3, and is optimized for mobile devices with good accessibility and SEO practices. The site uses HTTPS with a valid SSL configuration and DNS hosted on AWS nameservers, though DNSSEC is not enabled. Analytics are performed via Shynet, a privacy-focused tracking service, but no cookie consent mechanism is present. From a security perspective, the site demonstrates good practices such as domain status locks and published security policies. However, it lacks some advanced security headers and explicit incident response contact details. No vulnerabilities or suspicious content were detected. Privacy compliance is partial, with a comprehensive privacy policy but no cookie consent banner. Overall, the site is professional, trustworthy, and secure, with room for improvement in privacy and security transparency. The overall risk assessment is low, with recommendations to enable DNSSEC, implement cookie consent, add security headers, and publish a security.txt file to enhance vulnerability disclosure and incident response. These steps would further strengthen the site's security posture and compliance, reinforcing trust among its developer and user community.

I

Igalia, S.L.

igalia.com

10

Igalia, S.L. is a Spain-based open source consultancy specializing in innovative software development projects across multiple technology domains including browsers, multimedia, embedded Linux, and compilers. The company holds a strong market position with recognized expertise in WebKit, Chromium/Blink, Firefox, and GNU/Linux solutions, serving a global clientele. Their business model focuses on consultancy and software development services with a medium-sized organizational footprint. Technically, the website employs modern AMP HTML technology, ensuring fast performance and excellent mobile optimization. The site integrates analytics tools such as Piwik and Ahrefs, and demonstrates good SEO and accessibility practices. However, there is room for improvement in security headers and cookie consent mechanisms. From a security perspective, the site uses HTTPS and avoids exposing sensitive data or vulnerable libraries. The absence of WHOIS data is a concern for domain legitimacy but is mitigated by the professional and consistent website content and active community engagement. No forms collecting sensitive data were found, reducing privacy risks. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic improvements in security policies, cookie consent, and domain registration transparency would enhance trust and compliance.

Brian Kardell's website serves as a personal professional platform highlighting his role as a Developer Advocate at Igalia and his contributions to web standards and extensibility. The site features his writings, talks, and art, targeting web developers and technology enthusiasts interested in web standards and innovation. The business model is centered on personal branding, thought leadership, and community engagement rather than commercial transactions. Technically, the website employs modern web technologies including custom web components and CSS, hosted with DNS services via Cloudflare and domain registration through Squarespace. The site is moderately performant, mobile-optimized, and accessible, though it lacks some advanced SEO and security headers. There are no forms or data collection mechanisms, minimizing privacy risks. From a security perspective, the site uses HTTPS (implied by Cloudflare usage), but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies are present, which limits GDPR compliance. No contact information or incident response channels are provided, which could hinder security communication. The domain registration is consistent and stable, supporting the site's legitimacy. Overall, the website is a well-maintained personal professional site with good content quality and business credibility but has room for improvement in privacy compliance and security hardening. Strategic recommendations include adding privacy and cookie policies, enabling DNSSEC, implementing security headers, and providing contact information for security incidents.

D

Design for Real Life

dfrlbook.com

9

Design for Real Life is a professionally presented website dedicated to a book authored by Eric Meyer and Sara Wachter-Boettcher, focusing on compassionate and inclusive design principles. The site targets UX professionals and designers, offering free reading sections and book purchase options. The technical infrastructure is modern, leveraging Netlify hosting and JavaScript enhancements, with good mobile optimization and accessibility. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy and well-designed but would benefit from enhanced security and privacy measures.

S

Storck Canada

toffifee.ca

63

The website www.toffifee.ca represents the Canadian online presence of the Toffifee confectionery brand, owned by Storck. It provides product information, brand history, and consumer engagement content targeted at Canadian customers. The site is built on TYPO3 CMS and uses modern JavaScript libraries and Piwik PRO for analytics. The website is well-designed, mobile-optimized, and provides clear navigation and relevant content. Privacy and cookie policies are present and GDPR compliant, with a cookie consent mechanism implemented. However, no direct company contact emails or phone numbers are found on the homepage, only a contact form. The WHOIS data for the domain is unavailable, which limits the ability to verify domain registration legitimacy and age, but the website content aligns with the known brand, mitigating some concerns. Security posture is good with HTTPS enforced and no exposed sensitive data, though additional security headers and explicit security policies could improve the security maturity.