Security Directory

S

Storck Canada

merci.ca

35

The merci.ca website represents the Canadian presence of the merci brand, a well-known European chocolate confectionery owned by Storck. The site offers product information, personalization options, crafting ideas, and links to social media and partner brands. The business model focuses on retail sales of chocolates as gifts, targeting a general consumer audience in Canada. The website is professionally designed with consistent branding and good content quality, supporting a positive user experience. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and uses Piwik PRO for analytics with user consent mechanisms, indicating a mature digital infrastructure. The site is mobile optimized and accessible, with good SEO practices. However, some performance optimizations could be considered to improve loading speed. From a security perspective, the site enforces HTTPS and includes cookie consent banners, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain reduces trust assessment confidence, though the website content aligns with a legitimate brand. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements in security transparency and WHOIS data availability would enhance trust and security posture.

T

Timac Agro Nederland BV

timac-agro.nl

59

Timac Agro Nederland BV is a specialized company operating in the agricultural sector, focusing on plant nutrition and animal hygiene and nutrition products. The company is positioned as a specialist within the Dutch agricultural market and is a subsidiary of Groupe Roullier. Their website reflects a professional and consistent brand presence, targeting agricultural professionals and businesses in the Netherlands. The business model is primarily B2B, offering specialized products and expert advice to the agricultural industry. Technically, the website is built on WordPress CMS with modern plugins such as Yoast SEO, WPBakery Page Builder, and Slider Revolution. It integrates marketing automation tools like SharpSpring and uses Google Analytics for visitor tracking. The site is moderately performant, mobile-optimized, and SEO-friendly, with basic accessibility features. From a security perspective, the website enforces HTTPS and implements GDPR-compliant cookie consent mechanisms. While some security headers are not explicitly detected, no critical vulnerabilities or exposed sensitive data were found. The domain registration data is consistent with the business claims, showing a domain age appropriate for the company's history and no use of privacy protection, which supports legitimacy. Overall, the website demonstrates a good security posture, solid privacy compliance, and credible business information. Recommendations include enhancing security headers, enabling DNSSEC, and publishing a formal security policy to further strengthen trust and compliance.

B

Babalác

babalac.sk

58

Babalác is a Slovak e-commerce retailer specializing in high-quality children's toys including Montessori, wooden toys, and magnetic building sets. The website targets parents and caregivers seeking educational and safe toys for young children. It maintains a niche market position with a focus on quality and customer satisfaction, supported by product reviews and bestseller indicators. The business model is primarily online retail with additional content such as a blog to engage customers. Technically, the website is built on the Shoptet e-commerce platform, leveraging modern JavaScript libraries and integrations with Google Analytics, Facebook Pixel, Hotjar, and other marketing tools. The site is mobile-optimized with good SEO and basic accessibility features. Performance is moderate with CDN usage and asynchronous script loading. Security posture is strong with HTTPS enforced, standard security headers, CSRF protection on forms, and no exposed sensitive data. Cookie consent mechanisms comply with GDPR, and privacy policies are comprehensive and accessible. However, the site lacks a dedicated security policy or incident response contact information, which could enhance trust and compliance. Overall, the website presents a low-risk profile with good business credibility and technical maturity. Strategic recommendations include publishing a security policy, establishing incident response contacts, enhancing accessibility, and maintaining up-to-date third-party libraries to mitigate potential vulnerabilities.

P

PlenkyLevně.cz

plenkylevne.cz

58

PlenkyLevně.cz is a Czech Republic-based e-commerce retailer specializing in baby diapers, particularly the Dada brand, along with related baby care products such as wet wipes and monthly diaper packs. The website targets parents and caregivers seeking affordable and convenient baby care solutions. The business operates a niche online retail model with a clear focus on product variety by size and type, supported by a professional and user-friendly website. The site demonstrates compliance with GDPR and includes standard e-commerce features such as customer support contacts and cookie consent mechanisms. Technically, the website is built on the Shoptet e-commerce platform, leveraging modern JavaScript libraries, Google Analytics, Facebook SDK, and other marketing and tracking tools. The site is mobile-optimized with good navigation and SEO practices, although some accessibility features could be enhanced. Security posture is solid with HTTPS enforced and CSRF protections on forms, but could benefit from additional HTTP security headers. Overall, the website presents a trustworthy and professional online retail presence with no signs of blocking or WAF interference. The lack of WHOIS data due to privacy protection is common and does not detract from the site's legitimacy. Strategic recommendations include improving security headers and accessibility compliance to further strengthen the site's security and user experience.

Š

Šperky Olivie.cz

olivie.cz

56

Olivie.cz is a Czech-based e-commerce retailer specializing in silver and gold jewelry, offering a wide range of products including rings, earrings, bracelets, necklaces, and pendants. The website targets general consumers interested in quality jewelry for various occasions, supported by a loyalty program and affiliate marketing. The company maintains a professional online presence with clear contact information and comprehensive privacy and cookie policies, indicating compliance with GDPR regulations. Technically, the site is built on the Shoptet platform, leveraging modern analytics and marketing tools such as Google Analytics, Facebook SDK, TikTok Pixel, and Klaviyo, reflecting a mature digital marketing strategy. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. The lack of WHOIS data reduces domain trustworthiness slightly, but the overall business and technical indicators suggest a legitimate and professionally managed online retailer.

S

Shen Yun Tickets

shenyuntickets.com

46

Shen Yun Tickets operates as a specialized ticketing platform dedicated to facilitating the purchase of tickets for Shen Yun Performing Arts shows worldwide. The platform emphasizes ease of use, security, and a streamlined user experience without requiring account registration. The website is professionally designed with clear navigation and multilingual support via Google Translate, targeting patrons globally interested in Shen Yun performances. Technically, the site uses modern web technologies including HTTPS, Google Fonts, and Google Tag Manager for analytics, hosted likely via GoDaddy infrastructure. Security posture is adequate with HTTPS and domain locks but lacks advanced security headers and DNSSEC. Privacy compliance is basic with presence of privacy and cookie policies but no active consent mechanisms. Business credibility is supported by consistent domain registration data and clear business focus. Overall, the site is functional, trustworthy, and safe for general audiences.

C

Callendar | anticiper les conséquences du changement climatique

callendar.tech

60

The website www.callendar.tech is a small-scale technology-oriented site built on the Wix platform. It appears to be in an early or minimal content stage, with no explicit business description, contact information, or policy documents visible. The technical infrastructure relies on Wix's Thunderbolt framework and standard JavaScript polyfills, indicating a modern but basic digital maturity. Security posture shows some JavaScript hardening practices but lacks explicit security headers and formal policies, which limits compliance and trust. Overall, the site presents a low to moderate risk profile but requires significant improvements in transparency, privacy compliance, and security best practices to enhance credibility and user trust.

S

Spinfest Entertainment Ltd

spinfest.ch

64

Spinfest Casino is an online gambling platform launched in 2023, targeting players primarily in the Czech Republic. It offers a wide variety of casino games including slots, live casino, and jackpots, supported by a Curacao gaming license. The platform emphasizes fast transactions, including cryptocurrency payments, and provides a user-friendly interface with clear bonus offers. The website is professionally designed with good SEO and mobile optimization, leveraging Cloudflare for performance and security. However, contact options are limited to email, and no phone or physical address is provided. Security posture is solid with HTTPS and Cloudflare protection, but could benefit from enhanced security headers and a formal security policy. Privacy compliance is basic, with privacy and cookie policies present but lacking explicit consent mechanisms. Overall, the site is legitimate and trustworthy within the online gambling sector but should improve transparency and security practices to enhance user trust and regulatory compliance.

P

Paysafecard

casinopaysafecard.cz

58

The website casinopaysafecard.cz operates as an affiliate marketing platform focused on promoting online casinos that accept Paysafecard as a payment method, targeting Czech players. It provides informational content about casino bonuses, games, and payment safety, positioning itself as a niche player in the Czech online gambling market. The site uses modern web technologies and Cloudflare for hosting and security, ensuring good performance and HTTPS encryption. However, it lacks direct company contact information, terms of service, and cookie consent mechanisms, which impacts its compliance and trustworthiness. The affiliate links all redirect to a single external domain, indicating a focused but limited business model. Security posture is adequate with HTTPS and Cloudflare protection but could be improved with additional security headers and policies.

P

Plinko

plinkohra.cz

57

Plinkohra.cz is a newly established Czech-language website dedicated to the Plinko gambling game, providing detailed information, game mechanics, strategies, and links to online casinos offering Plinko. The site targets Czech players interested in online gambling and offers both demo and real-money play options. It maintains a consistent brand presence with social media channels and includes basic trust signals such as privacy policy, terms of service, and RNG certification. Technically, the site uses modern web standards, Cloudflare for DNS and CDN, and structured data for SEO. Security posture is generally good with HTTPS and Cloudflare protection, though minor concerns exist around the use of eval() in inline scripts and lack of explicit security policies. Privacy compliance is partial, with privacy and terms pages present but no cookie consent mechanism. Overall, the site scores moderately well in content quality, technical implementation, security, privacy, and business credibility, but improvements are recommended in security best practices and privacy compliance.

R

Orlické hory - ubytování | výlety | zážitky v Orlických horách

region-orlickehory.cz

58

The website www.region-orlickehory.cz serves as a regional tourism portal focused on the Orlické hory mountain area in the Czech Republic. It provides visitors with comprehensive tourist information, accommodation options, and tips for outdoor activities such as hiking, cycling, and skiing. The site facilitates online accommodation reservations, targeting tourists and visitors interested in this region. The business model centers on tourism promotion and accommodation booking services, positioning itself within the hospitality industry. The content is primarily in Czech and is well structured for its audience, though no explicit business registration or contact details are provided in the accessible content. Technically, the website is built on the Webnode CMS platform and employs a variety of third-party scripts including Google Analytics, Google Tag Manager, SumoMe, ShareThis, and Mailchimp for marketing and analytics purposes. The site uses Amazon CloudFront as a CDN for static assets. Performance is moderate with basic mobile optimization and accessibility features. SEO is adequately addressed with proper meta tags and keywords. From a security perspective, the site lacks visible security headers and does not present privacy or cookie policies, which are critical for GDPR compliance and user trust. The WHOIS lookup failed to retrieve domain registration details, which raises concerns about domain legitimacy and transparency. No WAF or blocking mechanisms were detected, and the site content is accessible without restrictions. The absence of contact information and security policies limits the site's trustworthiness from a security and compliance standpoint. Overall, the website is functional and relevant for its tourism purpose but requires improvements in security posture, privacy compliance, and transparency to enhance trust and meet regulatory standards.

R

Region Krkonoše – Ubytování | Výlety | Zážitky

region-krkonose.cz

51

The website www.region-krkonose.cz serves as a regional tourism information portal focused on the Krkonoše National Park area in the Czech Republic. It provides visitors with essential information for planning trips, including accommodation options, excursions, active leisure activities, and local experiences. The site targets tourists and visitors interested in exploring the Krkonoše region, positioning itself as a local resource for travel planning and leisure activities. Technically, the website is built on the Webnode CMS platform and utilizes various third-party services such as Google Analytics, Google Tag Manager, SumoMe, and Mailchimp for analytics and marketing purposes. The site is delivered via AWS Cloudfront CDN, ensuring moderate performance and availability. Security-wise, the website employs HTTPS with IP anonymization in Google Analytics, but lacks important security headers and formal privacy or cookie policies, which are critical for compliance and user trust. The absence of WHOIS registrant data suggests privacy protection or non-public registration, which is common for small regional sites but reduces transparency. Overall, the site is functional and provides relevant content for its audience but would benefit from enhanced security practices and privacy compliance to improve trust and regulatory adherence.

R

Region-Tour.cz, s.r.o.

region-ceskesvycarsko.cz

53

Region-ceskesvycarsko.cz is a tourism information portal dedicated to the České Švýcarsko region in the Czech Republic. It provides comprehensive details on accommodation options, tourist attractions, activities, and travel tips, targeting tourists and visitors interested in exploring this natural and cultural region. The site is operated by Region-Tour.cz, s.r.o., a small hospitality-focused business with a regional market position. Technically, the website is built on the Webnode CMS platform, leveraging modern JavaScript libraries and third-party services such as Google Analytics, Mailchimp, and Sumo for marketing and analytics. The site is served over HTTPS with Cloudfront CDN, ensuring secure and performant content delivery. However, the absence of WHOIS data and lack of privacy and terms of service pages indicate gaps in transparency and compliance. Security posture is moderate with HTTPS and cookie consent implemented but lacking security headers and incident response information. Overall, the website is functional, content-rich, and safe for general audiences but would benefit from enhanced security and compliance measures.

P

Panter spol. s r. o.

sennheiser.cz

52

Panter spol. s r. o. operates as the authorized distributor and reseller of Sennheiser audio products in the Czech Republic and Slovakia. The website serves as a commercial platform showcasing a broad range of audio equipment including headphones, microphones, conference systems, and accessories. The company targets both consumer and professional markets, positioning itself as a trusted local leader with a strong partnership ecosystem. The business model focuses on direct sales, authorized servicing, and support for audio technology products.

D

Deezer

deezer.com

66

Deezer is a well-established global music streaming service founded in 2007, headquartered in Paris, France. It offers a comprehensive platform for music lovers to stream millions of songs, playlists, and podcasts. The company targets a broad audience of general music listeners and operates a subscription and ad-supported business model. Deezer maintains a strong market position with consistent branding and a professional online presence. Technically, the website employs modern web technologies including JavaScript frameworks, Segment analytics, and Survicate surveys, ensuring a fast, mobile-optimized, and accessible user experience. The site uses HTTPS with strong security headers, indicating a mature security posture. Privacy compliance is robust with clear privacy and cookie policies and GDPR adherence. However, the WHOIS data for the domain is unavailable, which is unusual for a major brand and slightly reduces trustworthiness. There is no publicly available explicit security policy or incident response information, which could be improved. Overall, Deezer's website is professional, secure, and user-friendly, with minor gaps in transparency regarding domain registration and security disclosures. Strategic recommendations include publishing detailed security and incident response policies, providing vulnerability disclosure channels, and clarifying domain registration details to enhance trust and compliance.

S

SimplyBook.me

simplybook.me

68

SimplyBook.me is a mature SaaS provider specializing in online appointment booking systems tailored for service-based industries worldwide. Founded in 2011, the company offers a comprehensive platform including booking websites, widgets, mobile apps, payment processing, and integrations with major social media and payment providers. Their market position is strong, supported by ISO 27001 certification and GDPR compliance, appealing to businesses seeking reliable scheduling solutions. Technically, the website is well-structured, mobile-optimized, and leverages modern technologies such as Google Tag Manager and Iubenda for privacy compliance. Hosting is provided by Linode, ensuring robust infrastructure. Security posture is solid with HTTPS enforcement, security headers, and certifications, though DNSSEC is not enabled and no explicit incident response contacts or vulnerability disclosure pages were found. Overall, the site demonstrates high professionalism, trustworthiness, and compliance, making it a credible and secure platform for appointment scheduling.

I

iQsoft

iqsoft.cz

44

iQsoft is a small Czech Republic-based web design agency established in 2001, offering services such as web design, e-shops, SEO, custom applications, webhosting, and site administration. The company targets local businesses and individuals seeking digital presence solutions. The website content is basic but relevant, showcasing references and contact information clearly. Technically, the site uses older JavaScript libraries like jQuery 1.6.2 and jQuery UI 1.8.16, hosted likely on Forpsi servers, with moderate performance and basic mobile optimization. Security posture is moderate but could be improved by updating libraries, adding security headers, and enforcing HTTPS. Privacy compliance is weak due to missing privacy and cookie policies and lack of consent mechanisms despite Google Analytics usage. Overall, the site is legitimate and stable but requires improvements in security and compliance to enhance trust and reduce risk.

D

DialOnce

dial-once.com

66

DialOnce is a French technology company specializing in AI-powered omnichannel customer service agents designed to automate and enhance client interactions across multiple sectors including banking, insurance, transport, and public services. The company positions itself as a leader in the French market with over 10 years of expertise and a strong portfolio of enterprise clients. Their solutions include omnichannel AI agents, visual IVR (SVI Visuel), and augmented advisor tools integrated with CRM and CCaaS platforms. Technically, the website demonstrates a mature digital infrastructure leveraging modern web technologies such as Cloudinary for media, HubSpot for marketing and analytics, and Cookiebot for consent management. The site is well-optimized for mobile and SEO, with fast performance and good accessibility. Security posture is strong with HTTPS, reCAPTCHA Enterprise, and cookie consent, though explicit security policies and incident response contacts are not published. The domain is recently registered with privacy protection, consistent with a professional tech company. Overall, DialOnce presents a credible, professional, and trustworthy digital presence with strong business and technical foundations.

D

Devo Fine Art Print

devofineartprints.com

67

Devo Fine Art Print operates an e-commerce platform specializing in limited edition, signed collectible art prints related to the band DEVO and renowned photographers. The website is built on Shopify, leveraging its secure and scalable infrastructure to provide a professional online shopping experience. The business targets collectors and fans seeking exclusive memorabilia with authenticity guarantees. Technically, the site uses modern web standards, Shopify's payment and analytics tools, and is optimized for performance and mobile devices. Security posture is strong with HTTPS and standard security headers, though explicit privacy and security policies could be enhanced. Overall, the site presents a trustworthy and niche-focused retail presence with room for improvement in privacy compliance and direct contact transparency.

H

Hello Merch

hellomerch.com

67

Hello Merch is a well-established e-commerce company specializing in band merchandise, web stores, order fulfillment, screen printing, and drop shipping services. Founded in 2008, it targets bands, musicians, creative artists, and businesses seeking merchandise solutions without relinquishing rights. The company leverages the Shopify platform, integrating multiple third-party marketing and analytics tools to enhance customer engagement and operational efficiency. The website demonstrates good design quality, mobile optimization, and SEO practices, supported by structured data and secure HTTPS connections. However, it lacks explicit privacy and cookie policies, which are critical for compliance and user trust. Security posture is generally good with HTTPS and CAPTCHA protections but could benefit from enhanced security headers and published incident response information. WHOIS data aligns well with the business claims, showing consistent registration details and domain age appropriate for the company's history. Overall, the site is professional, trustworthy, and functional, with room for improvement in privacy compliance and security transparency.

I

INCAM

incamnetwork.ca

50

INCAM is a Canadian non-profit organization established in 2004, dedicated to advancing research and knowledge in traditional, complementary, and integrative medicine. The organization serves as a collaborative hub for researchers, educators, practitioners, and students across Canada, aiming to integrate evidence-based complementary healthcare practices into the national healthcare system. INCAM offers membership services, research funding competitions, community forums, and educational events such as conferences and webinars. The website reflects a professional and consistent brand image aligned with its mission and target audience. Technically, the website is built on WordPress with modern optimization and analytics tools including NitroPack and MonsterInsights. It employs responsive design and SEO best practices, ensuring good performance and accessibility. However, some privacy and security best practices could be improved, such as adding explicit privacy and cookie policies and enhancing security headers. From a security perspective, the site uses HTTPS and does not expose sensitive data. The absence of WHOIS data suggests domain privacy protection, which is reasonable for a non-profit entity. No critical vulnerabilities or adult content were detected. Overall, the site presents a trustworthy and credible online presence for INCAM. Strategically, INCAM should focus on enhancing privacy compliance by publishing clear policies and implementing consent mechanisms. Strengthening security headers and providing incident response information would further improve trust and security posture.

P

Patrioti MSK, z. s.

patriotimsk.cz

48

Patrioti MSK is a well-established Czech non-profit organization focused on developing and supporting entrepreneurs primarily in the Moravskoslezský region and Prague. The organization fosters a business community through events, networking, mastermind groups, and educational initiatives. Their market position is strong regionally, supported by a comprehensive digital presence including podcasts and event platforms. Technically, the website is built on WordPress with modern SEO and user experience practices, showing good mobile optimization and performance. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site demonstrates good compliance with GDPR and provides clear business and contact information, enhancing trust and credibility.

D

D.H.R. distribution films & rencontres

cooperativedhr.fr

45

D.H.R. distribution films & rencontres is a small independent film distribution entity based in France, focusing on documentary and fiction films that promote social reflection and cultural debates. The website presents a niche market position with a clear focus on socially conscious cinema and community engagement through events and screenings. The business model revolves around independent film distribution with economic independence and collaboration with related societies such as A Vif Cinémas and AKTIS Cinéma. Technically, the website is built on an outdated Joomla! 1.5 CMS platform, which poses security risks and limits modern web capabilities. The site uses basic JavaScript libraries like MooTools and lacks modern security headers and privacy compliance mechanisms. Security posture is moderate due to HTTPS usage but weakened by the outdated CMS and missing security headers. No privacy or cookie policies were found, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional but requires modernization and improved security and privacy practices to enhance trust and compliance.

L

Laïta

laita.com

71

Laïta is a well-established cooperative dairy company based in the Grand Ouest region of France, founded in 1997. The website serves as the official portal for the cooperative, providing information about its dairy production and cooperative services. The business is positioned as an important regional player in the manufacturing sector, specifically dairy production. The website demonstrates a good level of digital maturity with modern technologies such as Cookiebot for GDPR-compliant cookie consent and Matomo for privacy-respecting analytics. Hosting is managed via Eolas infrastructure with domain registration dating back to 1997, indicating a stable and credible online presence. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although some security headers could be added to enhance protection. Privacy compliance is strong, with clear cookie consent mechanisms and privacy policy references. However, explicit contact information and detailed security policies are not present on the site, which could be improved to enhance trust and transparency.

L

Laïta Professionnel

laitapro.fr

49

Laïta Professionnel is a French B2B company specializing in dairy products for professionals in catering, food industry, bakery, and pastry sectors. The website presents a professional image with comprehensive product ranges and brand information. The company leverages the cooperative Laïta's expertise and brand recognition to serve its target audience effectively. Technically, the site is built on Drupal 10, uses modern JavaScript libraries, and implements cookie consent mechanisms to comply with privacy regulations. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be added for enhancement. WHOIS data is unavailable, likely due to privacy protection, but the website's professionalism and content quality support its legitimacy. Overall, the site is well-structured, user-friendly, and compliant with GDPR requirements.

Flexisoftware s.r.o. is a Czech-based IT service provider specializing in professional server and network solutions, cloud services, and application development. With over 18 years of experience, the company positions itself as a reliable and professional partner for businesses seeking comprehensive IT infrastructure management and outsourcing. Their service portfolio includes server management, network design, web and application development, and specialist outsourcing, targeting primarily B2B clients. The website reflects a mature digital presence with clear branding, client testimonials, and a portfolio showcasing diverse projects. Technically, the site uses modern web technologies including Bootstrap, Swiper, and jQuery, and is hosted via WEDOS, a reputable Czech hosting provider. Security measures include HTTPS enforcement and Google reCAPTCHA v3 on forms, enhancing protection against automated abuse. However, the absence of a published privacy policy and terms of service pages represents a compliance gap. Overall, the website is professional, trustworthy, and well-structured, supporting the company's market position as a stable IT service provider.

The website at mountainlotusdigital.com/lander is a minimal landing page with very limited content, primarily serving as a placeholder. The domain is registered with GoDaddy.com, LLC since 2021, indicating a relatively new business or project. There is no visible business information, contact details, or policies on the page, which limits the ability to assess the company's market position or services. Technically, the site uses basic JavaScript and includes Google Adsense scripts, but lacks modern SEO, accessibility, and security features. Security posture is weak due to absence of DNSSEC, security headers, and no visible HTTPS enforcement details. Overall, the site appears to be in an early or inactive stage with minimal digital maturity.

W

Wix.com Ltd.

wixstats.com

10

Wix.com Ltd. operates a leading platform in website creation, offering a drag and drop website builder with customizable templates for businesses, portfolios, online stores, and blogs. The company holds a strong market position as a technology enterprise with a global user base. The website demonstrates a mature technical infrastructure built on proprietary Wix technologies, React, and modern JavaScript polyfills, hosted on Wix's own infrastructure. Security posture is robust with HTTPS enforcement, hardened fetch and XHR requests, and secure cookie handling, although explicit privacy and cookie policies are not present in the analyzed content. Overall, the site is professional and trustworthy but could improve transparency around privacy and compliance.

M

Mister Mix Dog

mistermixdog.cz

58

Mister Mix Dog is a Czech-based e-commerce business specializing in premium cold-pressed dog food and natural supplements. The company targets dog owners seeking high-quality nutrition products tailored to various dog life stages and health needs. The website demonstrates a professional and consistent brand presence with clear navigation and comprehensive product offerings. Technically, the site leverages modern web technologies and the Shoptet e-commerce platform, providing a responsive and user-friendly experience. Security posture is solid with HTTPS, security headers, and consent mechanisms, though the absence of a published security policy and incident response details suggests room for improvement. The lack of WHOIS data for the domain is a notable concern for domain legitimacy verification but does not detract from the apparent business authenticity. Overall, the site is well-positioned in its niche with good privacy compliance and marketing integration.

S

Super zoo

superzoo.cz

49

Super zoo is a large Czech Republic-based retail and e-commerce company specializing in pet supplies. The website offers a wide range of products for various pets, supported by a network of over 200 physical stores and an online shop. The company targets pet owners seeking quality pet food, accessories, and related services. The site features comprehensive product categories, brand showcases, and customer support channels including phone, email, and online chat. Privacy and cookie consent mechanisms are implemented in compliance with GDPR regulations. Technically, the website uses modern JavaScript frameworks and integrates monitoring and analytics tools such as New Relic and Google Tag Manager. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security policies and incident response information are not published. The domain WHOIS data is unavailable, likely due to privacy protection, which is common for commercial sites but reduces transparency. Overall, the site is professional, user-friendly, and trustworthy, serving a large customer base in the pet retail sector.

B

BROKER VISION s.r.o.

pojistenata.cz

9

POJIŠTĚŇATA.cz is a Czech Republic-based insurance brokerage specializing in health insurance for domestic pets, primarily dogs. The company operates under BROKER VISION s.r.o., providing tailored insurance products with flexible options such as choice of veterinarian and travel insurance for pets. The website demonstrates a solid market position within the niche pet insurance sector, leveraging partnerships with established insurers like Generali Česká pojišťovna and Česká podnikatelská pojišťovna. The business targets pet owners seeking comprehensive health coverage for their animals, emphasizing ease of claims and customer service.

L

LesMobiles

lesmobiles.com

10

LesMobiles.com is a well-established French media website specializing in mobile phone news, reviews, buying guides, and promotions. It operates under the Bemove group and targets French-speaking consumers interested in smartphones and related technology. The site offers comprehensive content including independent tests, detailed guides, and reconditioned phone offers, positioning itself as a trusted resource in the mobile phone market. Technically, the website uses modern web technologies such as Google Tag Manager, Swiper.js, and web fonts, with excellent mobile optimization and good SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks some advanced security headers and a published security policy. Privacy compliance is strong with clear privacy and cookie policies and consent mechanisms. However, the WHOIS data for the domain is missing, which raises some concerns about domain registration legitimacy. Overall, the website is professional, trustworthy, and user-friendly, but domain registration details should be verified for full trust assurance.

Y

YAPEAL

yapeal.ch

68

YAPEAL is a Swiss FinTech company providing embedded finance and digital business account solutions, licensed by FINMA. The website presents a professional and modern digital platform targeting businesses seeking integrated financial services such as business accounts, cards, and payment solutions. The technical infrastructure is built on Umbraco CMS with modern JavaScript and CSS technologies, and includes cookie consent management via Cookiebot. Security posture is strong with HTTPS and security headers properly implemented, though explicit privacy and terms policies are not found on the main site. Contact is primarily via forms and demo booking links, with no direct emails or phone numbers visible. Overall, the website reflects a credible and trustworthy FinTech business with good digital maturity.

D

Dreamonkey

dreamonkey.com

67

Dreamonkey is a small technology company based in Italy specializing in software development services including business software, web applications, augmented reality apps, mobile apps, and professional websites. The company targets businesses seeking custom software solutions and maintains a niche position in the regional market. The website is built using modern technologies such as Vue.js and employs Amazon Registrar for domain registration and hosting infrastructure. The site demonstrates good design quality and mobile optimization, providing a professional user experience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is functional and credible but would benefit from improved privacy disclosures and security hardening.

KENTAUR Saddlery s.r.o. is a Czech Republic-based manufacturer specializing in high-quality equestrian products, including a wide range of saddles and accessories. Established in 1998, the company targets equestrian enthusiasts and riders, offering products proudly made in Czechia. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its niche market. Social media presence on Facebook and Instagram supports community engagement and brand visibility. Technically, the website employs standard web technologies such as HTML5, CSS3, and JavaScript, with integration of Google Analytics and Google Tag Manager for user tracking and analytics. The site appears mobile-optimized with moderate performance and basic accessibility features. However, no CMS or advanced frameworks are detected, suggesting a custom or lightweight implementation. From a security perspective, the site uses HTTPS (implied by the domain), but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No forms or data collection mechanisms are present on the homepage, reducing immediate risk exposure. The WHOIS data confirms a long-standing domain registration consistent with the business location and claims, enhancing trustworthiness. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance, enhanced security headers, and explicit policies to strengthen its security posture and regulatory adherence.

A

ABOUT YOU

aboutyou.sk

61

ABOUT YOU is a large online fashion retail platform operating in Slovakia, offering over 1500 brands with services such as free delivery and a 30-day return policy. The website demonstrates a good level of digital maturity, employing modern technologies including Usercentrics for consent management and Datadog for logging and monitoring. The site is well-designed, mobile-optimized, and provides a professional user experience. Security posture is solid with HTTPS enabled and integration of logging services, though there is room for improvement in security headers and explicit incident response contacts. Privacy compliance is partially addressed through consent mechanisms but lacks visible privacy and terms of service documentation. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

Tech Quest Africa is a newly established Nigerian company specializing in software development and digital skills training. The company positions itself as a strategic partner for businesses seeking custom software solutions and individuals aiming to acquire in-demand tech skills. Their offerings include a training academy, business process automation, and custom software development services. The website demonstrates a modern technical infrastructure using JavaScript frameworks and integrates Google Analytics for user insights. While the site is well-designed and mobile-optimized, it lacks some advanced security headers and cookie consent mechanisms, which are important for compliance and user trust. The domain registration is consistent with the business profile, enhancing credibility. Overall, the company shows promise but should enhance its security and privacy posture to align with best practices.

O

OpenClassrooms

openclassrooms.com

67

OpenClassrooms is a well-established online education platform founded in 2008, offering courses and mentorship programs to a global audience. The platform targets students and professionals seeking to develop skills and advance their careers through accessible online learning. The business model combines free and premium content with personalized mentorship, positioning OpenClassrooms as a significant player in the education sector, particularly in France and internationally. Technically, the website employs modern JavaScript frameworks and integrates multiple analytics and marketing tools such as Datadog RUM, Hotjar, Blueshift, and Satismeter. Hosting and DNS services are provided via Cloudflare, ensuring good performance and security. The site demonstrates good mobile optimization and basic accessibility features, with room for improvement in SEO and security headers. From a security perspective, the site enforces HTTPS, uses clientTransferProhibited domain status, and implements a comprehensive cookie consent mechanism via TrustArc. However, it lacks DNSSEC, a published security policy, incident response contacts, and a vulnerability disclosure program. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture with opportunities for enhancement. Overall, OpenClassrooms presents a trustworthy and professional online presence with strong business credibility and compliance with privacy regulations. Strategic improvements in security transparency and technical hardening would further strengthen its risk profile and user trust.

M

Maddyness

maddykeynote.com

10

Maddyness is a prominent French media company specializing in technology and entrepreneurship, with a strong focus on artificial intelligence. The website www.maddykeynote.com promotes MKIA, an event designed to translate AI trends into actionable initiatives for economic leaders. The platform features a rich program, notable speakers, and partnerships with major industry players, positioning Maddyness as a key influencer in the French tech ecosystem. Technically, the website is built on Webflow, leveraging modern web technologies and multimedia integrations such as YouTube embeds and CMS sliders. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site employs HTTPS and standard security headers, with no visible vulnerabilities or exposed sensitive data. However, the absence of a cookie consent mechanism and dedicated security or incident response policies suggests room for improvement in privacy compliance and security transparency. Overall, the website presents a professional and trustworthy front, though the lack of WHOIS registration data for the domain raises concerns about domain legitimacy. Verification of domain registration is recommended to fully establish trustworthiness.

P

PSModuly.cz

psmoduly.cz

55

PSModuly.cz is a specialized e-commerce business focused on developing and selling PrestaShop modules, serving primarily PrestaShop e-shop owners and developers. The company has a strong market position in the Czech Republic with over 170 modules available, backed by long experience since 2012 and official recognition as a member of the PrestaShop Committers team. Their business model revolves around direct sales of modules with support and updates, complemented by partnerships for hosting and newsletter services. Technically, the website is built on the PrestaShop CMS platform, leveraging modern web technologies such as JavaScript libraries, Google Fonts, and analytics tools. The hosting is provided by a known Czech hosting partner, OpenServis, ensuring reliable infrastructure. Security posture is solid with HTTPS enforced, security headers present, and GDPR-compliant cookie consent mechanisms. However, there is no explicit security policy or incident response information published, which could be improved. Overall, the website is professional, trustworthy, and well-optimized for its target audience, with moderate user tracking and good privacy compliance.

Ú

Úklid J+J

uklidjj.cz

57

Úklid J+J is a professional cleaning company operating primarily in the Czech Republic, offering a wide range of cleaning services including upholstery, carpets, sofas, windows, blinds, and vehicle interiors. The company targets both residential and commercial customers across multiple cities such as Hradec Králové, Trutnov, and Prague. Their market position is that of a regional service provider with a focus on quality and customer satisfaction, supported by testimonials and detailed service pricing. Technically, the website is built on the Webnode CMS platform, hosted via Cloudfront CDN, and employs modern web technologies with good mobile optimization and SEO practices. Security-wise, the site uses HTTPS and has a cookie consent mechanism but lacks some advanced security headers and explicit GDPR compliance details. The absence of WHOIS data reduces domain trust, but the website content and business information appear legitimate and professional. Overall, the site demonstrates a moderate to good digital maturity with room for security and privacy improvements.

G

GALERIE RENSTEIN

galerierenstein.cz

9

Galerie RENSTEIN is a small art gallery based in Jinočany, Czech Republic, offering a curated selection of artworks, catalogs, and scarves through an online e-shop. The website serves as a digital storefront and informational platform for the gallery's exhibitions and sales. The business targets art enthusiasts and collectors interested in unique and decorative art pieces. The gallery operates primarily on a local scale with an online presence to extend its reach. Technically, the website is built on the Webnode CMS platform, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and Amazon Cloudfront CDN for content delivery. The site is mobile-optimized and includes basic SEO and accessibility features. Performance is moderate, with a clean design and clear navigation, although some advanced security headers are missing. From a security perspective, the site uses HTTPS with a valid SSL certificate, ensuring encrypted communication. A cookie consent banner is implemented, indicating some level of privacy compliance. However, the absence of a privacy policy, terms of service, and WHOIS registrant data reduces transparency and trust. No explicit security headers were detected, and no contact emails or phone numbers were found, limiting direct communication channels. Overall, the website presents a professional and safe platform for its intended audience but lacks some critical compliance and security elements. Strategic improvements in privacy documentation, security headers, and contact transparency would enhance trust and compliance posture.

U-Contact PME is a French business portal designed to facilitate connections between very small and small-to-medium enterprises (TPE/PME) and the Coopérative U, a significant player in the retail cooperative sector. The website serves as an informational and transactional platform, offering access to various commercial activities such as consumer goods, fresh products, textiles, and bazaar items. It targets suppliers and partners seeking to engage with Coopérative U's network. Technically, the site is built on modern frameworks including Nuxt.js and Bootstrap, ensuring a responsive and user-friendly experience. The presence of privacy and cookie policies, along with HTTPS enforcement, reflects a commitment to compliance and security. However, explicit security policies and incident response information are not publicly available, indicating areas for improvement. Overall, the site demonstrates a solid security posture with no detected vulnerabilities or suspicious content, supporting its role as a trusted business portal.

U-emploi.com is the official employment portal for the Coopérative U retail network in France, providing job listings and career information for positions in supermarkets and related retail sectors. The site targets job seekers interested in joining the cooperative's stores such as Super U, Hyper U, and U Express. It offers a modern, well-structured platform built on Vue.js and Nuxt.js frameworks, with good mobile optimization and basic accessibility compliance. The site integrates cookie consent mechanisms and uses reputable analytics and marketing tools, reflecting a mature digital presence. Security posture is solid with HTTPS and domain transfer protections, though improvements like DNSSEC and enhanced security headers are recommended. No direct contact emails or phone numbers are exposed on the homepage, but social media channels are prominently linked, enhancing trust and engagement. Overall, the website is professional, trustworthy, and well-aligned with the cooperative's business model and audience.

S

Storck Nederland B.V.

werthers-original.nl

66

Werther's Original is a well-established confectionery brand specializing in caramel products such as creamy caramels, soft toffees, caramel popcorn, and sugar-free variants. The website serves as a brand and product showcase with recipe ideas and company history, targeting general consumers interested in caramel sweets. The brand is part of Storck, a recognized confectionery company, and maintains consistent branding and professional content presentation. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and includes a cookie consent mechanism compliant with GDPR. Security posture is moderate with HTTPS usage and cookie consent but lacks explicit security policies or incident response information. Overall, the site is trustworthy, well-structured, and provides a positive user experience.

S

Storck Nederland B.V.

merci.nl

75

The merci.nl website serves as the official Dutch portal for the merci chocolate brand, operated under Storck Nederland B.V. It provides comprehensive product information, brand marketing, and personalization services targeted at consumers in the Netherlands. The site is well-structured, professionally designed, and optimized for mobile devices, reflecting a mature digital presence. Technically, the site leverages TYPO3 CMS and modern JavaScript libraries, including RequireJS, Lodash, and jQuery, with analytics powered by Piwik PRO. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response details are absent. Overall, the site demonstrates a high level of trustworthiness and compliance with GDPR, supporting a positive user experience and brand credibility.

I

Séjour et week-end en Charente et Charente-Maritime

infiniment-charentes.com

58

The website 'infiniment-charentes.com' serves as the official tourism portal for the Charente and Charente-Maritime regions in France. It provides visitors and locals with comprehensive guides on activities, events, and local attractions, positioning itself as a practical and authentic resource for sustainable tourism. The site targets residents and tourists seeking cultural, natural, and leisure experiences in these French regions. Technically, the website is built using modern web technologies including React and utilizes Matomo for privacy-conscious analytics. Hosting is provided by OVH sas, a reputable provider, and the domain is well-maintained with appropriate registration status. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. From a security perspective, the site employs HTTPS and has domain status protections to prevent unauthorized transfers or deletions. However, it lacks DNSSEC, explicit security headers, and formal vulnerability disclosure mechanisms. Privacy compliance is minimal, with no visible privacy or cookie policies or consent mechanisms, which could be improved to meet GDPR standards. Overall, the website is professional and trustworthy for its intended purpose but would benefit from enhanced privacy disclosures and security best practices to strengthen user trust and regulatory compliance.

S

Stará pekárna / Old Bakery

1starapekarna.cz

57

The website www.1starapekarna.cz represents a small hospitality business operating a historic boutique accommodation named 'Old Bakery' located in Znojmo, Czech Republic. The business emphasizes cultural heritage, offering guests an authentic stay in a building with a history dating back to the 13th century. Key services include lodging in restored apartments, yoga and relaxation offerings, event hosting, and a gift shop featuring local art and delicacies. The site is professionally designed with good content quality and clear navigation, targeting tourists interested in cultural and historic experiences. Technically, the website is built on the Webnode CMS platform, hosted via AWS Cloudfront CDN, and uses modern web technologies including JavaScript and CSS. It employs HTTPS with a strong SSL configuration and integrates Google Tag Manager for analytics. The site is mobile optimized and provides a moderate performance experience. However, it lacks some security best practices such as security headers and explicit privacy and cookie policies. From a security perspective, the site shows a basic but adequate posture with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data due to privacy protection limits domain trust verification. There are no visible incident response or vulnerability disclosure policies, which could be improved to enhance security transparency. Privacy compliance is minimal, with no clear GDPR-related policies or cookie consent mechanisms. Overall, the website is a legitimate and professionally presented small hospitality business with room for improvement in privacy compliance and security best practices. Strategic recommendations include implementing security headers, publishing privacy and cookie policies with consent mechanisms, and providing incident response contact information to strengthen trust and compliance.

S

SEASPIRACY

seaspiracy.org

58

SEASPIRACY is an official website promoting the Netflix Original documentary focused on exposing the impact of fishing industries on the world's oceans and challenging sustainable fishing claims. The site is built on the Wix platform, leveraging modern JavaScript polyfills and security hardening scripts to ensure a stable user experience. The website demonstrates good design quality, mobile optimization, and clear branding consistent with its association to Netflix. However, it lacks visible privacy, cookie, and terms of service policies, as well as contact information, which impacts its privacy compliance and user trust aspects. Security posture is moderate with HTTPS enforced but missing explicit security headers. WHOIS data is unavailable, likely due to privacy protection, but the domain appears legitimate based on content and branding.

Enedis is a French public service company responsible for operating, modernizing, and maintaining the electricity distribution network across France. The company provides 24/7 services including network operation, installation connections, and meter reading. It holds a leading position in the French energy sector as the national distribution network manager. The website reflects a mature digital presence with professional design, clear navigation, and mobile optimization, built on Drupal CMS with modern web technologies. Security posture is strong with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with comprehensive privacy and cookie policies including consent mechanisms. Overall, the website and business presence indicate a trustworthy and legitimate entity with a focus on public service and energy distribution.