Security Directory

S

Storck

werthers-original.at

65

Werther's Original is a well-established confectionery brand specializing in caramel products such as bonbons, soft toffees, caramel popcorn, and sugar-free variants. The website reflects a mature digital presence with a focus on product variety and brand heritage, targeting general consumers interested in quality caramel confectionery. The site is part of the larger Storck group, a recognized player in the retail confectionery sector. Technically, the website is built on TYPO3 CMS and uses modern JavaScript frameworks, ensuring a good user experience with mobile optimization and clear navigation. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, though it lacks some advanced security headers and explicit security policies. The absence of WHOIS data limits domain registration transparency but does not detract significantly from the site's legitimacy given the brand's reputation. Overall, the site scores well on content quality, technical implementation, and privacy compliance, with room for improvement in security best practices and contact information transparency.

S

Storck

toffifee.at

72

The website www.toffifee.at is a professionally designed brand site for Toffifee, a confectionery product under the Storck company umbrella. It provides product information, recipes, and brand engagement content targeted primarily at Austrian consumers and families. The site uses TYPO3 CMS and modern JavaScript libraries to deliver a responsive and user-friendly experience. Privacy and cookie consent mechanisms are implemented in compliance with GDPR requirements. However, no direct contact emails or phone numbers are present on the homepage, with contact facilitated via a form on a dedicated page. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved and explicit security policies are absent. WHOIS data is unavailable, limiting domain registration trust analysis, but the brand consistency and external links to Storck-related domains support legitimacy.

S

Storck

merci.at

72

Merci.at is the official Austrian website for the merci chocolate brand, owned by the Storck group. The site serves as a product showcase and marketing platform, offering detailed product information, personalization options, and promotional content targeted at Austrian consumers. The website demonstrates a mature digital presence with a professional design, consistent branding, and multilingual support via alternate hreflang links. Technically, the site is built on TYPO3 CMS with modern JavaScript frameworks and uses Piwik PRO for analytics, respecting user consent for tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers are not evident in the HTML source. The absence of WHOIS data limits domain trust verification, but the strong brand association and external partner links support legitimacy. Overall, the site is well-structured, user-friendly, and compliant with GDPR requirements.

S

Storck

merci.us

66

merci is a European chocolate brand marketed in the United States by Storck. The website serves as a brand and e-commerce platform offering a variety of chocolate products including personalized chocolate covers. The brand positions itself as a premium gift option for heartfelt moments of appreciation. The website is professionally designed with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses TYPO3 CMS and modern JavaScript libraries, with integration of SmartCart for e-commerce functionality. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and incident response information are absent. The lack of WHOIS data reduces transparency but does not detract significantly from the overall legitimacy given the strong brand presence and consistent content. Strategic recommendations include enhancing security headers, publishing a security policy, and improving WHOIS transparency.

S

Storck

werthers-original.us

71

Werther’s Original is a well-established confectionery brand specializing in caramel products, operating under the parent company Storck. The website showcases a variety of caramel products and brand storytelling aimed at a general consumer audience in the United States. The digital infrastructure is built on TYPO3 CMS with modern JavaScript frameworks and includes e-commerce capabilities via SmartCart. Privacy and cookie policies are implemented with consent mechanisms, reflecting a commitment to compliance. However, the absence of WHOIS data limits domain trust verification. Security posture is moderate with room for improvement in security headers and incident response transparency. Overall, the website is professional, accessible, and trustworthy with a good user experience.

S

Storck Slovakia

merci.sk

63

The website www.merci.sk is the official Slovak regional site for the merci chocolate brand, operated under the parent company August Storck KG. It serves as a product showcase and marketing platform offering detailed product information, personalized chocolate creation options, and downloadable content such as ringtones and wallpapers. The site targets general consumers in Slovakia interested in confectionery products. Technically, the site is built on TYPO3 CMS with a modern JavaScript stack including RequireJS and Piwik PRO for analytics. The site is mobile optimized with good navigation and professional design, supporting a positive user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security headers and incident response policies are absent. Privacy compliance is supported by a clear privacy policy and cookie banner consistent with GDPR requirements. Overall, the site is trustworthy and professionally maintained with no signs of suspicious or adult content.

K

Knoppers

knoppers.sk

65

Knoppers is a well-established confectionery brand specializing in breakfast bars and wafers, operating under the parent company Storck. The website serves primarily as a brand marketing and product information platform targeting general consumers in Slovakia and surrounding regions. It features a modern design with good navigation and multimedia content to engage visitors. Technically, the site is built on TYPO3 CMS and leverages modern JavaScript libraries and Piwik analytics, indicating a moderate to advanced digital maturity. Security posture is solid with HTTPS enforced and cookie consent implemented, though explicit security policies and headers could be improved. Overall, the site is trustworthy, professional, and compliant with GDPR requirements, but lacks some advanced security disclosures and terms of service documentation.

S

Somfy

somfypro.no

72

Somfypro.no is a professional B2B e-commerce platform dedicated to Somfy products and services in Norway, targeting professional customers with a broad portfolio including smart home solutions, solar energy products, shading, garage doors, alarms, and cameras. The website demonstrates a mature digital presence with a modern tech stack including React-based Front-Commerce framework, Algolia search integration, and Google Maps API. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing a good user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit incident response policies could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, supporting trust and compliance. The domain WHOIS data is not publicly available due to Norid policies, but the website's professional branding and social media presence indicate legitimacy. Overall, the site is a reliable and professional platform for Somfy's Norwegian market.

S

Somfy

somfypro.dk

70

Somfypro.dk is a professional B2B website dedicated to Somfy's home and building automation products and services in Denmark. The site offers a comprehensive catalog of motors, controls, sensors, and accessories, targeting professional installers and businesses. The platform supports order management, customer support, and integration with Somfy's smart home ecosystem. Technically, the site uses modern JavaScript frameworks, Algolia search, and Google Maps API, with performance monitoring via New Relic. The website is well-structured, mobile-optimized, and secured with HTTPS, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, but direct contact emails and phone numbers are not publicly listed, relying on contact forms instead. WHOIS data is unavailable due to privacy protection, which is common for commercial entities but limits domain trust verification. Overall, the site demonstrates a mature digital presence suitable for its professional audience.

V

Vorwerk & Co. KG

cookidoo.de

64

Cookidoo.de is the official Thermomix® recipe portal operated under the Vorwerk & Co. KG brand, targeting German-speaking Thermomix users and cooking enthusiasts. The platform offers extensive recipe collections, meal planning, and shopping list features, supporting a subscription-based business model. The website demonstrates a high level of digital maturity with modern web technologies, responsive design, and integrated search capabilities via Algolia. Security posture is strong with HTTPS enforced and cookie consent implemented, though explicit security policies and vulnerability disclosures are absent. Overall, the site is professional, trustworthy, and well-positioned in its niche.

V

Vorwerk

vorwerk.de

73

Vorwerk is a well-established German company specializing in premium household appliances, notably the Thermomix® kitchen appliance and Kobold vacuum cleaners. The website reflects a strong market position with comprehensive product offerings, customer engagement through product demonstrations, and a dedicated recipe portal. The brand targets consumers seeking innovative and high-quality home appliances. Technically, the website is built on Adobe Experience Manager, leveraging modern JavaScript libraries and analytics tools such as Google Tag Manager and Adobe Helix RUM. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security policies and incident response information are not publicly disclosed. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the website demonstrates a mature digital presence with strong branding and trust indicators, though WHOIS data is unavailable, which slightly limits domain registration trust analysis.

V

Vorwerk

thermomix.de

73

Vorwerk is a well-established company specializing in kitchen appliances, prominently featuring the Thermomix product line. The website demonstrates a mature digital presence with a professional design, clear navigation, and integration of modern web technologies such as Adobe Experience Manager and Google Tag Manager. The content is focused on product sales, demonstrations, and customer engagement through recipe portals and accessories. Security posture is moderate with HTTPS usage and no visible vulnerabilities, though explicit security headers and privacy policies are not clearly presented on the analyzed page. The absence of WHOIS data limits domain trust verification but the website's branding and content quality suggest legitimacy. Strategic recommendations include enhancing privacy compliance, adding clear contact and security policies, and improving security headers to strengthen trust and compliance.

V

Vorwerk & Co. KG

cookidoo.es

66

Cookidoo.es is the official Spanish-language recipe platform for Thermomix®, operated by Vorwerk & Co. KG. It offers a subscription-based service providing thousands of recipes, meal planning, and shopping list management tailored for Thermomix® users. The platform targets cooking enthusiasts in Spain and maintains strong brand consistency with official Thermomix® branding and a professional, user-friendly website. Technically, the site uses modern web technologies including Algolia for search and OneTrust for cookie consent, ensuring good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy policies and incident response contacts are not found on the analyzed page. Overall, the domain registration aligns well with the business identity, indicating high legitimacy and trustworthiness.

V

Vorwerk

cookidoo.pl

65

Cookidoo.pl is the official Polish platform for Thermomix® recipes, operated under the Vorwerk brand. It offers a comprehensive digital service including thousands of recipes, meal planning, and shopping list management, targeting Thermomix® users in Poland. The platform operates on a subscription business model and maintains a strong market position as the official source for Thermomix® culinary content. Technically, the website employs modern web technologies including JavaScript frameworks, Algolia search, and Snowplow analytics, ensuring a fast, mobile-optimized, and accessible user experience. Privacy and cookie policies are well implemented with GDPR compliance and user consent mechanisms in place. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Overall, the site is professional, trustworthy, and safe for general audiences.

V

Vorwerk

cookidoo.fr

64

Cookidoo.fr is the official French recipe platform for Thermomix®, operated by Vorwerk. It offers a comprehensive digital service including thousands of recipes, meal planning, and shopping list features tailored for Thermomix® users. The platform targets French-speaking consumers interested in cooking with Thermomix® appliances, providing a subscription-based model for access to premium content. The website demonstrates a high level of digital maturity with modern web technologies such as Algolia search and OneTrust cookie consent integration, hosted on professional infrastructure with AWS DNS services. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and policies are not visible in the provided content. Privacy compliance is moderate due to the absence of visible privacy policy and terms of service links on the analyzed page. Overall, the site is professional, trustworthy, and well-branded, with no signs of malicious or adult content.

L

Léo Chiron

leochiron.fr

57

Léo Chiron is a freelance full-stack web developer and webmaster based in France, with over 8 years of experience. The website serves as a professional portfolio showcasing his expertise in web development, SEO, WordPress, and site maintenance. The business targets clients needing custom website creation, e-commerce platforms, and ongoing site support. Technically, the site uses a modern tech stack including PHP, JavaScript, SQL Server, and integrates Google services such as Maps, reCAPTCHA, and Tag Manager. The hosting is provided by o2switch, a French hosting provider. Security posture is solid with HTTPS and reCAPTCHA protection on forms, but lacks explicit security headers and published privacy or cookie policies, which are compliance gaps. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

V

Vorwerk

cookidoo.it

63

Cookidoo.it is the official Italian recipe platform for Bimby® (Thermomix) users, operated by Vorwerk. It offers a comprehensive digital service with thousands of recipes, meal planning, and shopping list features tailored for Bimby® appliances. The platform targets Italian consumers and cooking enthusiasts, leveraging a subscription-based business model to deliver curated culinary content. The website demonstrates a mature digital infrastructure with modern web technologies, responsive design, and strong localization. Privacy and cookie compliance are well-implemented using OneTrust, and analytics are managed responsibly with user consent. Security posture is strong with HTTPS and DNSSEC enabled, though explicit security policies and incident response details are not publicly disclosed. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

N

NEO handpan

handpan-vyroba.cz

46

The website handpan-vyroba.cz represents a small Czech manufacturing business specializing in the handcrafting of handpans, a unique musical instrument. The business is branded as NEO handpan and led by maker Jiří Káš. The site provides detailed information about the manufacturing process, emphasizing quality materials and manual craftsmanship. The target audience includes musicians and enthusiasts interested in high-quality, artisanal handpans. Technically, the site is built on WordPress 6.8.3, hosted on a Czech hosting provider, and uses modern web technologies such as CanvasJS and SVG icons. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies. No contact emails or phone numbers are explicitly provided, which limits direct communication channels. Overall, the site is legitimate, consistent with the business profile, and free from suspicious elements or blocking mechanisms.

C

CanvasJS

canvasjs.com

68

CanvasJS is a specialized technology company providing a high-performance HTML5 JavaScript charting library designed for developers and businesses requiring advanced data visualization solutions. The company offers a broad range of chart types and supports multiple popular frameworks such as React, Angular, and jQuery, positioning itself as a versatile and developer-friendly solution in the data visualization market. The business is a subsidiary of Fenopix and has been operational since 2013, with a domain registration dating back to 2011, indicating a stable and established presence. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap and jQuery, and integrates Google Analytics for user tracking. The site is optimized for performance and mobile responsiveness, with good SEO practices implemented via Yoast SEO. Hosting and DNS services are provided by GoDaddy and Cloudflare respectively, ensuring reliable uptime and performance. From a security perspective, the site enforces HTTPS with strong domain status protections and includes standard security headers. However, DNSSEC is not enabled, which is a recommended improvement. No explicit security policies or incident response contacts are published, suggesting room for enhancement in transparency and security governance. The site does not expose sensitive data and uses asynchronous loading for analytics scripts to minimize performance impact. Overall, CanvasJS presents a professional, trustworthy, and technically sound web presence with strong business credibility. Strategic recommendations include enabling DNSSEC, publishing formal security and incident response policies, and considering a vulnerability disclosure program to further enhance trust and security posture.

F

Fluxite

fluxite.fr

45

Fluxite is a French technology company founded in 2023 that provides a turnkey website solution aimed at small businesses or individuals seeking a quick, easy-to-manage website without subscription fees. Their offering includes rapid installation, extensive customization options, human support, and two years of maintenance. The website is built on WordPress, hosted by o2switch, and uses modern technologies including Matomo and Google Analytics for traffic analysis, along with a GDPR-compliant cookie consent mechanism. The site is professionally designed with consistent branding and good user experience, targeting French-speaking users. Security posture is solid with HTTPS and privacy-focused analytics, though some security headers and explicit policies could be improved. No critical vulnerabilities or suspicious elements were detected. Overall, Fluxite presents a credible and trustworthy business with a clear market niche between no-code and fully custom websites.

M

Mouvement Colibris

colibris-lemouvement.org

50

Mouvement Colibris is a well-established French non-profit organization focused on promoting ecological and social solidarity through community engagement, education, and activism. The website serves as a hub for information, resources, and connections to various partner projects and educational platforms. The organization targets individuals and groups interested in sustainable living and social change. Technically, the website is built on Drupal 7, uses HTTPS, and integrates privacy-conscious analytics via Matomo. While the site is generally well-designed and mobile-optimized, it lacks modern security headers and up-to-date CMS versions, which could pose risks. Privacy compliance is incomplete due to missing privacy and cookie policies. Security posture is moderate with good SSL but missing DNSSEC and security headers. No incident response or vulnerability disclosure information is published. The domain registration is consistent and trustworthy, supporting the legitimacy of the organization. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security hardening to reduce risks and improve user trust.

M

MIRAMAP

miramap.org

57

MIRAMAP is a French non-profit organization dedicated to supporting and consolidating the movement of AMAPs (Associations for the Maintenance of Peasant Agriculture) across France. The organization promotes local, ecological, and solidarity-based agriculture by connecting producers and consumers through AMAP networks. MIRAMAP acts as a national representative and facilitator for these local networks, providing tools, events, and advocacy to strengthen sustainable food systems. The website reflects a mature and well-established entity with a domain registered since 2009, consistent with its organizational history. Technically, the website is built on WordPress using the Astra theme, leveraging common plugins such as Contact Form 7, Leaflet.js for interactive maps, and Matomo for analytics. The site is hosted by OVH sas, a reputable provider, and employs HTTPS with a valid SSL certificate. Mobile optimization and SEO practices are good, though some accessibility features could be improved. Cookie consent is managed via CookieYes, indicating attention to privacy compliance, although a dedicated privacy policy page is not explicitly found. From a security perspective, the site uses HTTPS and Google reCAPTCHA on forms, but lacks DNSSEC and several recommended security headers. No direct incident response or vulnerability disclosure policies are present, which could be areas for improvement. No suspicious or malicious content was detected, and the site is safe for general audiences. Overall, MIRAMAP presents a credible, professional, and trustworthy online presence for a non-profit agricultural movement. Strategic recommendations include enhancing security headers, enabling DNSSEC, and publishing clear privacy and security policies to improve compliance and trust further.

T

Terre de Liens

terredeliens.org

63

Terre de Liens is a well-established French non-profit organization dedicated to preserving agricultural land and supporting sustainable farming practices. The organization operates through a network of associations, an investment solidarity enterprise, and a public utility foundation. Their website reflects a mature digital presence with good content quality, clear navigation, and a focus on community engagement and transparency. Technically, the site uses modern JavaScript frameworks and analytics tools, hosted under reputable providers with HTTPS enabled. However, explicit privacy policies and terms of service are not readily found, and security headers are not visibly implemented, indicating areas for improvement in compliance and security posture. Overall, the domain registration data supports the legitimacy and trustworthiness of the organization.

A

Autour du 1er mai

autourdu1ermai.fr

44

Autour du 1er mai is a French non-profit cultural association dedicated to cinema, popular education, and collective projects aimed at societal improvement. The website serves as a portal for film-related resources, including a cinema and society database, filmographies, and event information. It also coordinates the TESSA project and participates in the CoreDem network, indicating active collaboration within the cultural sector. The target audience is general public interested in cinema and social issues. The organization has a long-standing presence since 2006, supported by a domain age of over 17 years and multiple partner affiliations. Technically, the website is built on the SPIP CMS platform, using standard web technologies such as HTML5, CSS, JavaScript, and jQuery. It employs Matomo analytics, a privacy-respecting tool, and is hosted by OVH, a reputable provider. The site demonstrates good mobile optimization and SEO practices but lacks some advanced accessibility features. Performance is moderate, with no critical technical issues detected. From a security perspective, the site uses HTTPS and privacy-conscious analytics but lacks explicit security headers and a cookie consent mechanism. There is no visible security policy or incident response contact information, which could be improved to enhance trust and compliance. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the website's claims, showing a legitimate and stable registration. Overall, the website is professional, trustworthy, and serves its niche well. Strategic recommendations include implementing cookie consent, adding security headers, publishing a security policy, and improving accessibility to strengthen compliance and security posture.

M

mairie-me

mairie-me.org

64

The website mairie-me.org appears to be a community engagement platform aimed at inhabitants of a commune or municipality, encouraging them to propose ideas and act collectively to improve local living conditions. The business model focuses on local governance participation, targeting residents as the primary audience. The website is built on the Bubble.io platform, utilizing modern JavaScript libraries and Google Fonts, with hosting provided by OVH sas. The technical infrastructure is moderate in performance and basic in mobile optimization and accessibility. Security posture is basic with HTTPS enabled and a cookie consent mechanism in place, but lacks DNSSEC and security headers, and no explicit security or incident response policies are published. The WHOIS data raises concerns due to a domain creation date set in the future, which questions the legitimacy and operational status of the domain. Overall, the website content is safe and suitable for a general audience with no adult or explicit content detected.

S

SIPPEREC

sipperec.fr

42

SIPPEREC is a French public syndicate specializing in energy and digital services for member municipalities, holding a leading market position in electricity concession, renewable energy production, and digital infrastructure in the Île-de-France region. The website is built on TYPO3 CMS and employs modern web technologies including Matomo for privacy-conscious analytics and Tarteaucitron.js for cookie consent management. The site is well-structured, mobile-optimized, and provides comprehensive content relevant to its target audience of local governments and residents. Security posture is solid with HTTPS enforced and no exposed sensitive data, though security headers are not visibly implemented. Privacy compliance is strong with clear policies and consent mechanisms. WHOIS data is unavailable, which slightly reduces trust but is common for French domains under AFNIC. Overall, the site presents a professional and trustworthy digital presence for a public sector entity.

B

Bordeaux Métropole

bordeaux-metropole.fr

61

Bordeaux Métropole is the official metropolitan government entity serving 28 communes around Bordeaux, France, providing a wide range of public services including urban planning, transport, waste management, water, economic development, and environmental initiatives. The website serves residents, professionals, associations, and visitors with comprehensive information and digital services. Technically, the site is built on Drupal 10 with modern frontend technologies like Swiper.js, offering good mobile optimization, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response contacts are not published. The absence of WHOIS data is typical for some ccTLDs or privacy-protected domains and does not detract from the site's legitimacy given its government nature. Overall, the site is professional, trustworthy, and well-maintained, supporting the metropolitan community effectively.

H

Hespul

hespul.org

60

Hespul is a French non-profit association with over 30 years of experience specializing in renewable energy, particularly solar photovoltaic technology, and energy efficiency. The organization focuses on accelerating the energy transition through project development, education, and community engagement. Their website reflects a mature digital presence with a clear mission and professional content targeting professionals and communities interested in sustainable energy solutions. Technically, the site uses modern web technologies including Foundation framework, FontAwesome icons, and Matomo analytics, hosted on a reputable registrar's infrastructure. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and cookie consent mechanisms. The absence of direct contact emails or phone numbers is a minor limitation, with contact primarily via web forms. Overall, the domain registration data aligns well with the organization's claims, supporting legitimacy and trustworthiness.

E

Emmaüs

label-emmaus.co

62

Label Emmaüs is an ethical and solidarity-driven e-commerce platform affiliated with the Emmaüs association in France. The website offers a variety of second-hand and vintage products including clothing, books, vinyls, reconditioned smartphones, and artisan goods, targeting consumers interested in responsible consumption and social causes. The platform positions itself as a militant e-shop, emphasizing sustainability and social impact. Technically, the site employs modern JavaScript frameworks such as Alpine.js and HTMX, along with Tailwind CSS for styling, and integrates advanced monitoring and analytics tools like New Relic and Klaviyo. The website is well-optimized for mobile devices and includes comprehensive privacy and cookie policies with active consent management, reflecting good GDPR compliance. Security-wise, the site uses HTTPS with appropriate security headers and content security policies, though it lacks a publicly available security policy or incident response information. Overall, the domain registration data aligns with the website's claims, supporting its legitimacy and trustworthiness.

E

eko & co

discre.to

57

Discre.to is a French-based small technology company offering 'discreto', an open source GDPR-compliant consent management tool focused on user privacy and anonymity. The website provides extensive documentation, configuration options, and integration with popular analytics and advertising services, emphasizing anonymized data collection and user control. The company, eko & co, sponsors the project and offers consulting and donation options. Technically, the site uses modern web technologies including JavaScript, Sass, and Webpack, and is hosted likely on OVH. Security practices include respecting Do Not Track headers and anonymizing IP addresses, though explicit security headers and policies are not publicly detailed. Overall, the site is professional, trustworthy, and well-aligned with GDPR principles, though it lacks explicit privacy and terms of service pages.

Technimax is a Czech-based e-commerce company specializing in the sale of refurbished IT hardware, primarily Dell and HP computers, notebooks, monitors, printers, and servers. The company targets small and medium-sized businesses seeking high-quality, cost-effective IT solutions with extended warranty options up to five years. Their website demonstrates a professional and well-structured online presence with detailed product categorization and clear contact information, supporting their market position as a specialist in refurbished IT equipment in the Czech Republic. Technimax emphasizes quality assurance with an A+ grading system for their products and offers professional servicing and rapid complaint handling.

A

Auto Hotárek s.r.o.

autohotarek.cz

59

Auto Hotárek s.r.o. operates a specialized e-commerce platform and physical retail stores in the Czech Republic, focusing on automotive accessories and parts. The company targets vehicle owners seeking tailored and universal car accessories, offering a broad product catalog and expert services. Their market position is that of a trusted specialist with a strong local presence, supported by recognized certifications such as the Heureka Shop of the Year awards. Technically, the website employs modern JavaScript frameworks and integrates multiple marketing and analytics tools, including Google Tag Manager, Facebook SDK, and Adform, hosted behind Cloudflare infrastructure. The site is mobile-optimized with good SEO and accessibility features. Security posture is solid with HTTPS enforced and secure form handling, though some security headers could be improved. Privacy compliance is addressed with cookie consent and detailed privacy policies, supporting GDPR requirements. Overall, the website is professional, trustworthy, and well-maintained, though the absence of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include enhancing security headers, publishing explicit security policies, and monitoring domain registration status to ensure continued legitimacy.

G

Goldea.cz

goldea.cz

59

Goldea.cz is a Czech-based e-commerce retailer specializing in high-quality home textiles including bedding, curtains, towels, and table linens. The company emphasizes Czech craftsmanship, custom tailoring, and natural materials, positioning itself as a trusted brand with a strong customer satisfaction record. Founded in 2016 and operated by MIONET s. r. o., Goldea.cz serves primarily the Czech market with localized content and regional language support. The website is professionally designed with excellent content quality and user experience, supporting clear navigation and mobile responsiveness. Technically, the site employs modern JavaScript frameworks and integrates multiple analytics and marketing tools with a compliant cookie consent mechanism. Security posture is good with HTTPS and error monitoring, though some HTTP security headers and explicit security policies are absent. The WHOIS data for the domain is unavailable, which reduces trustworthiness from a domain registration perspective but does not detract from the professional presentation and business legitimacy evident on the site. Overall, Goldea.cz is a well-established retail platform with solid digital maturity and privacy compliance, though domain registration transparency should be improved.

R

REScoop.eu

rescoop.eu

42

REScoop.eu is a well-established European federation representing over 2,500 energy communities and 2 million citizens engaged in the energy transition. The organization operates primarily in the energy sector, focusing on cooperative principles and community-driven renewable energy projects. Their services include project support, networking, training, advocacy, financing, and coaching, positioning them as a key player in the European community energy landscape. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content relevant to their audience. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates third-party services such as Mailchimp for newsletter management and Google Tag Manager for analytics. The site demonstrates good performance and accessibility standards, though explicit CMS or hosting details are not disclosed. Privacy compliance is robust with clear privacy and cookie policies and an active consent mechanism. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable due to privacy protection, which is common and justified for a non-profit federation in Europe. Overall, the site presents a low risk profile with a strong trustworthiness rating. Strategically, REScoop.eu should consider enhancing their security posture by publishing security policies, implementing security headers, and providing vulnerability disclosure information to further build trust and compliance. Continued focus on privacy and transparent data practices will support their community-oriented mission and regulatory adherence.

The Fondation Charles Léopold Mayer pour le Progrès humain (FPH) is a Swiss non-profit foundation established in 1982, dedicated to supporting civil society organizations advocating for social and ecological transition. Funded by the estate of Charles Léopold Mayer, the foundation operates with a long-term vision to promote participatory, fair, and sustainable societal development. The website presents clear information about the foundation's history, aims, and governance, targeting philanthropic partners and civil society actors. Technically, the website is built using the SPIP CMS with custom CSS and JavaScript, including Matomo analytics for privacy-conscious user tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some improvements could be made in accessibility and SEO optimization. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries. However, no explicit security headers or incident response policies are visible, and cookie consent mechanisms are absent, which could be improved for better GDPR compliance. Overall, the security posture is moderate with room for enhancement. The domain WHOIS data aligns well with the website content, showing a consistent and legitimate registration for a Swiss foundation. No WAF or blocking mechanisms were detected, allowing full content access and analysis.

V

Vorwerk

recipecommunity.co.uk

64

Cookidoo® is the official Thermomix® recipe platform operated under the Vorwerk brand, offering a comprehensive digital service for Thermomix® users in the UK. The platform provides thousands of recipes, meal planning tools, shopping list management, and cooking tutorials, positioning itself as a leading culinary resource for its target audience. The business model is subscription-based, focusing on delivering value through curated and user-friendly content. Technically, the website employs modern web technologies including custom web components, Algolia search, and a cookie consent mechanism via OneTrust, ensuring a good user experience across devices with solid SEO and accessibility features. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers and policies are not prominently published. Privacy compliance is partially addressed through cookie consent but lacks visible privacy and terms of service documentation on the analyzed page. The domain registration is consistent and legitimate, supporting the platform's credibility. Overall, the website is professional, trustworthy, and well-positioned in its market segment.

B

Brownells France

brownells.fr

58

Brownells France operates as a specialized e-commerce retailer focused on firearms accessories, spare parts, and gunsmithing tools, serving primarily the French market. The website demonstrates a professional design with clear navigation and a comprehensive product catalog targeting shooting sports enthusiasts, hunters, and armory professionals. The company emphasizes customer satisfaction with trust signals such as high customer ratings and a long-standing market presence. Technically, the site leverages modern JavaScript libraries, the ePages platform, and integrates marketing and analytics tools like Microsoft Clarity and APSIS, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and incident response disclosures are missing. The absence of WHOIS data is a notable gap, slightly impacting trustworthiness, but the overall business credibility remains good based on content and operational indicators.

M

Městská část Praha 18

praha18.cz

45

The website praha18.cz serves as the official digital portal for the municipal district Praha 18 (Letňany) in the Czech Republic. It provides residents and visitors with comprehensive information about local government services, social support, public notices, events, and contact details. The site also promotes a mobile application to enhance citizen engagement and accessibility. The business model is that of a government service portal focused on transparency and community interaction. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies such as HTML5, CSS3, and JavaScript. It integrates Google Analytics and Google reCAPTCHA for analytics and form security, respectively. The site is hosted on reputable Czech providers and employs HTTPS with strong SSL configuration. The design is responsive and accessible, with good SEO practices and clear navigation. From a security perspective, the site demonstrates good practices including HTTPS enforcement, GDPR-compliant cookie consent with granular options, and use of reCAPTCHA to prevent spam. However, it lacks explicit security policies, incident response contacts, and security headers which could enhance its security posture. No vulnerabilities or suspicious content were detected. Overall, praha18.cz is a trustworthy and professionally maintained municipal website with a strong focus on user accessibility and compliance. Strategic improvements in security policy transparency and header implementation could further strengthen its security and trustworthiness.

I

iQLANDIA

iqlandia.cz

61

iQLANDIA.cz is a well-established modern science and entertainment center based in Liberec, Czech Republic, founded in 2011. It operates multiple venues including science centers, a planetarium, and a fab lab, targeting families, children from age 3, schools, and corporate clients. The website reflects a professional and consistent brand with rich content focused on educational and entertaining experiences. Technically, the site uses Concrete CMS, modern JavaScript libraries, and embeds multimedia content such as YouTube videos. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS enforced, but lacks explicit security headers and visible privacy or cookie policies, indicating room for compliance improvement. Analytics are implemented via Google Tag Manager, suggesting moderate user tracking. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and trustworthiness.

E

ESPRIT BOHEMIA s.r.o.

espritbohemia.cz

66

ESPRIT BOHEMIA s.r.o. operates as a Czech publishing company specializing in magazines such as TVOŘÍME s láskou, RITUALS, ESTETIKA, PERFECT WOMAN, Sofie, and Sofie Bydlení. The company targets a general audience interested in lifestyle and family-oriented content, offering subscriptions and e-commerce sales of their publications. The website is professionally designed and provides clear navigation and relevant content for its niche market. Technically, the site is built on the Webnode CMS platform, leveraging Amazon Cloudfront CDN for content delivery and integrating modern tracking and consent management tools such as Google Tag Manager and Iubenda. The site is mobile optimized and uses HTTPS for secure communications.

V

Vorwerk & Co. KG

cookidoo.cz

67

Cookidoo.cz is the official Czech platform for Thermomix® recipes, operated by Vorwerk & Co. KG. It offers a comprehensive digital subscription service providing thousands of recipes, meal planning, and shopping list features tailored for Thermomix® users. The platform is well-established since 2014 and serves the Czech market with localized content and language support. Technically, the website leverages modern web technologies including Algolia for search, OneTrust for cookie consent, and Snowplow for analytics, hosted on AWS infrastructure, ensuring good performance and scalability. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security contact and incident response information are not publicly disclosed. Privacy compliance is robust with clear policies and consent mechanisms aligned with GDPR. Overall, the site demonstrates high professionalism, trustworthiness, and user experience quality.

V

Vorwerk

vorwerk.com

62

Vorwerk is a globally recognized manufacturing company specializing in household appliances such as Thermomix and Kobold. The website serves as a country selector landing page, directing users to localized portals tailored for various international markets. The company targets consumers and distributors interested in high-quality home appliances, leveraging a direct sales business model with a strong global footprint. The website's content is primarily in German, reflecting its German origin, and provides a gateway to multiple country-specific sites, indicating a well-established international presence. From a technical perspective, the website employs basic JavaScript and inline CSS to facilitate country selection. The absence of advanced frameworks or CMS detection suggests a custom or minimalistic approach. Performance and mobile optimization are moderate, with basic accessibility and SEO features. However, the lack of visible security headers, HTTPS confirmation, and privacy-related policies indicates room for significant improvement in digital maturity and security posture. Security evaluation reveals critical gaps including missing HTTPS enforcement, absence of security headers, and no published privacy or cookie policies. The WHOIS data is unavailable, limiting domain legitimacy verification and raising concerns about transparency. No contact information or incident response channels are evident, which could impact user trust and compliance with data protection regulations. Overall, the website presents a moderate risk profile primarily due to incomplete security and compliance implementations. Strategically, Vorwerk should prioritize implementing robust security measures such as HTTPS, security headers, and clear privacy and cookie policies. Enhancing transparency through accessible contact and incident response information will improve trustworthiness. Technical modernization and comprehensive compliance adherence will support sustained market leadership and customer confidence.

R

Retargeted

retargeted.co

56

The website retargeted.co serves as a management panel login interface for a retargeting service platform. The site is built using modern web technologies such as React and Next.js and is hosted behind Cloudflare, which provides performance and security benefits. The content is minimal, focusing solely on user authentication with no public-facing business or compliance information. The lack of privacy, cookie, and terms of service policies, as well as absence of contact details, limits transparency and user trust. Technically, the site demonstrates a moderate level of digital maturity with a modern tech stack and mobile optimization. However, the absence of explicit security headers and compliance documentation indicates room for improvement in security posture and regulatory adherence. The use of Cloudflare Insights suggests some level of analytics and monitoring, but privacy compliance appears weak. From a security perspective, the site uses HTTPS and Cloudflare services but lacks visible security best practices such as CSP and HSTS headers. No vulnerabilities or exposed sensitive data were detected in the provided content, but the absence of a vulnerability disclosure policy or security contact reduces incident response readiness. Overall, the site is functional for its purpose but requires enhancements in privacy compliance, security hardening, and business transparency to improve trustworthiness and regulatory alignment.

Crossdesk Systems operates a web-based login portal primarily built on legacy ASP.NET Web Forms technology, serving as an access point for its users or clients. The website content is minimal, focusing solely on user authentication without public-facing business descriptions or policies. The domain is well-established, registered since 2007, indicating a mature presence in its sector. However, the lack of visible privacy, cookie, or terms of service policies suggests limited public compliance transparency. Technically, the site uses jQuery and standard ASP.NET mechanisms with basic client-side scripting for UI enhancements and session initialization. The absence of modern security headers and advanced security features indicates room for improvement in security posture. No analytics or marketing tools are detected, reflecting a minimalistic approach to user tracking and advertising. Security-wise, the site employs basic protections such as frame busting and password masking but lacks comprehensive HTTP security headers and explicit GDPR compliance indicators. The domain registration status and DNS setup are consistent with a legitimate business, but the site would benefit from enhanced security controls and privacy disclosures. Overall, the website is functional but basic, with moderate trustworthiness based on domain age and registration. Strategic improvements in security, privacy compliance, and user experience would enhance its credibility and resilience against threats.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) with embedded offline dinosaur game scripts and styles. No actual website content, business information, or user-facing data is present. The page serves as a placeholder or error display within the Chrome browser when a requested website is unreachable or offline. Consequently, there is no business presence, market positioning, or commercial services to evaluate. The technical infrastructure is limited to client-side JavaScript and HTML5 canvas elements for the embedded game, with no server-side or hosting details available. Security posture is minimal due to the lack of accessible content and absence of security headers or policies. Overall, the page is not a functional website but an internal browser error page, resulting in a low trust and credibility score.

D

Digital Pharmacist

digitalpharmacist.com

72

Digital Pharmacist is a healthcare technology company specializing in providing digital pharmacy software solutions. Their platform offers pharmacies customized websites, digital marketing services, IVR systems, mobile applications, and secure messaging to enhance pharmacy operations and patient engagement. The company targets pharmacies and pharmacy professionals, positioning itself as a comprehensive digital partner in the pharmacy sector. The website demonstrates a moderate level of digital maturity with a WordPress CMS infrastructure, Divi theme, and integration of marketing and analytics tools such as HubSpot and Google Analytics. Security posture is generally good with HTTPS enabled and secure messaging features, but lacks some security headers and explicit privacy and cookie policies. The absence of WHOIS data for the domain raises concerns about domain registration transparency, which impacts overall trust. Strategic recommendations include publishing clear privacy and cookie policies, implementing security headers, and providing explicit contact information for incident response. Overall, the website is professional and trustworthy but could improve in privacy compliance and domain registration transparency.

E

ESPRIT BOHEMIA s.r.o.

perfectwoman.cz

58

The website perfectwoman.cz represents the Czech lifestyle magazine PERFECT WOMAN, published by ESPRIT BOHEMIA s.r.o. The magazine targets active and confident women, offering content on fashion, beauty, health, relationships, family, career, and travel. The business model revolves around magazine publication with subscription and advertising revenue streams. The company has a stable market presence of approximately 19 years, indicating a well-established brand in the Czech media sector. Technically, the site is built on the Webnode CMS platform, leveraging Amazon Cloudfront CDN for content delivery. The site uses modern web technologies including JavaScript and CSS3, and is optimized for mobile devices with good SEO practices. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, demonstrating basic privacy compliance. However, it lacks explicit privacy policy and terms of service pages, security headers, and incident response contacts, which are areas for enhancement. The absence of WHOIS data limits domain trust verification, though the website content and business information appear professional and legitimate. Overall, the site is a good-quality, professional media platform with moderate technical and security maturity. Strategic improvements in privacy documentation, security headers, and domain transparency would enhance trust and compliance.

A

Asociace kosmetických a kadeřnických oborů ČR

akocr.cz

9

The website represents the Asociace kosmetických a kadeřnických oborů ČR, an association supporting entrepreneurs and professionals in the cosmetics and hairdressing industry in the Czech Republic. It aims to enhance the prestige of the industry and promote education and expertise among its members. The site is built using modern web technologies such as Nuxt.js and FontAwesome, hosted via a Czech registrar Wedos, and presents a professional and consistent brand image. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled but lacks explicit security headers and detailed security policies. Privacy compliance is limited due to the absence of a dedicated privacy policy, although a cookie consent mechanism is present. Overall, the site is trustworthy and serves its niche audience effectively.

The website represents the official Weleda Beauty & Store in the Czech Republic, specializing in retailing natural and BIO cosmetics alongside holistic beauty salon services. The business leverages the heritage of the Swiss Weleda brand and targets consumers seeking high-quality natural beauty products and personalized care. The site is professionally designed with good content quality and clear navigation, optimized for mobile devices. Technically, it uses modern web technologies including Turbo and Ruby on Rails frameworks, with Google Analytics and Tag Manager for tracking. However, there are gaps in privacy compliance and security best practices, such as the absence of privacy and cookie policies, lack of DNSSEC, and missing security headers. No contact information is explicitly provided on the analyzed page, which may impact user trust and compliance. Overall, the security posture is moderate but could be improved with better header configurations and policy disclosures.

F

FCC

fcc.es

71

FCC is a global leader in citizen services, specializing in environmental services, integral water management, infrastructure, concessions, and real estate. The company maintains a strong market position with a comprehensive corporate website that reflects its business scope and sustainability commitments. The website is built on modern technologies including Liferay CMS, Bootstrap, and React, ensuring a responsive and accessible user experience. Security measures such as HTTPS, Google reCAPTCHA, and GDPR-compliant cookie consent mechanisms are implemented, although explicit security headers could be enhanced. Overall, the site demonstrates a mature digital presence aligned with enterprise standards.