Security Directory

O

OBI Česká republika

obi.cz

67

OBI Česká republika operates as a leading home improvement retailer in the Czech market, offering a wide range of products and services including online shopping, in-store purchases, wood cutting, and tool rental. The company targets consumers and DIY enthusiasts, leveraging a strong brand presence and a comprehensive e-commerce platform. The website demonstrates a mature digital infrastructure with modern technologies such as Vue.js, Google Tag Manager, and Hotjar, ensuring a fast, mobile-optimized, and accessible user experience. Security measures are robust, with HTTPS enforced and multiple security headers implemented, although no public incident response or vulnerability disclosure policies were found. Overall, the website reflects a professional and trustworthy retail operation with good privacy compliance and user engagement.

O

OBI

obi.sk

66

OBI Slovensko operates as a major retail brand specializing in home improvement, garden, construction, kitchen, and bathroom products and services. The website targets general consumers in Slovakia, offering both online shopping and in-store services such as wood cutting and tool rental. The company maintains a strong market position as a leading home improvement retailer in the region. Technically, the website leverages modern frameworks like Vue.js, integrates multiple analytics and marketing tools, and uses performance optimizations such as Baqend SpeedKit and Imgix CDN for images. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit privacy and cookie policies are not found in the provided content. Overall, the site is professional, well-branded, and trustworthy, but could improve transparency on privacy and incident response.

O

OBI Italia

obi-italia.it

68

OBI Italia is a prominent retail and e-commerce company specializing in DIY, home improvement, and gardening products targeted at the Italian market. The website offers a comprehensive product catalog, promotions, and services such as home delivery and equipment rental, positioning itself as a market leader in Italy. The digital infrastructure is modern, leveraging Vue.js and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Security posture is strong with HTTPS, security headers, and secure forms, though explicit security policies and incident response details are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for consumers.

K

Kleine Zeitung GmbH

kleinezeitung.at

78

Kleine Zeitung GmbH operates a prominent regional news website serving Styria, Austria, providing current news, sports, culture, and regional events. The company has a long history dating back to 1904 and maintains a strong market position as a leading regional media outlet. Their business model combines advertising revenue with subscription services, notably the Kleine Pur subscription that offers an ad-light experience. Technically, the website employs modern JavaScript frameworks such as Vue.js and integrates multiple third-party analytics and advertising platforms, including Chartbeat, Cxense, and Tinypass, alongside a GDPR-compliant consent management system by Didomi. The site is well-optimized for mobile and SEO, with good accessibility features. Security-wise, the site enforces HTTPS, uses security headers, and manages cookie consent effectively, though it lacks a publicly available security policy or incident response contact. Overall, the site demonstrates a mature digital presence with strong trust signals and compliance with privacy regulations.

A

Ardevar Ltd

gomblingo.com

66

Gomblingo is an online gambling platform launched in 2022, operated by Ardevar Ltd, targeting Finnish and international users with a multi-language website. The platform offers a wide range of services including online casino games, live casino, sports betting, virtual sports, and e-sports betting, supported by various promotions and bonuses. The website is professionally designed with good navigation and mobile optimization, leveraging modern technologies such as Vue.js and Cloudflare DNS/CDN services. Security posture is solid with HTTPS enforcement and standard security headers, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is supported by a comprehensive privacy policy and cookie consent mechanisms. The domain registration is transparent and consistent with the business claims, enhancing trustworthiness. Overall, the platform is a legitimate, adult-oriented gambling service with moderate to good technical and security maturity.

E

Estúdio Visio

estudiovisio.com.br

55

Estúdio Visio is a small creative duo based in Brazil specializing in design and technology projects, including UX/UI, prototyping, web development, CMS, and brand identity. Their market position is that of a niche creative agency serving businesses seeking innovative digital branding and web solutions. The website demonstrates a modern technical infrastructure built on Nuxt.js, Vue.js, Tailwind CSS, and Sanity CMS, hosted on Nsone nameservers. The site is well-designed, mobile-optimized, and provides a professional portfolio showcasing recent work. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security documentation.

K

KOMETA

kometatype.com

64

KOMETA is an independent type design studio specializing in progressive retail and custom typefaces. The company operates a professionally designed website showcasing its retail font collections and bespoke typography services. The target audience includes designers, studios, and brands seeking unique and future-facing fonts. The business model is focused on retail font sales and custom typography projects, positioning KOMETA as a niche player in the type foundry market. Technically, the website is built using modern frameworks such as Nuxt.js and Vue.js, hosted and registered via Cloudflare, ensuring good performance and security basics like HTTPS. However, DNSSEC is not enabled, and security headers are not detected, indicating room for improvement in security hardening. Privacy compliance is weak, with no visible privacy or cookie policies, and no GDPR indicators. Contact information is not explicitly provided, which may affect user trust and compliance. Overall, the website is functional and professional but would benefit from enhanced privacy, security policies, and contact transparency.

L

Les Compotes

lescompotes.fr

49

Les Compotes is a small hospitality and coworking business located in Strasbourg, France, offering shared office spaces and a specialty coffee café experience. The website is professionally designed using modern web technologies such as Vue.js and Nuxt.js, hosted by a reputable provider, and includes a cookie consent mechanism. However, it lacks explicit privacy and terms of service policies, which are important for GDPR compliance and user trust. Contact information is limited to a contact form without direct email or phone contacts. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Overall, the website presents a trustworthy and professional image but would benefit from enhanced privacy and security disclosures.

T

The Smurfs' Society

thesmurfssociety.com

61

The Smurfs' Society is a niche Web3 project focused on delivering an immersive, fully on-chain NFT and gaming experience centered around the Smurfs brand. The platform targets Web3 enthusiasts and NFT collectors, offering a custom marketplace, gaming utilities, and community engagement. The website is professionally designed using modern frameworks such as Nuxt.js and Vue.js, hosted on Cloudflare infrastructure, and integrates analytics and cookie consent mechanisms to ensure compliance and performance. Security posture is strong with HTTPS enforcement and standard security headers, though improvements like DNSSEC and a formal security policy could enhance trust further. Overall, the project presents a credible and well-executed Web3 business with a clear market position and consistent branding.

I

IUCN

iucncontributionsfornature.org

47

The website iucncontributionsfornature.org is a platform operated by IUCN aimed at enabling members to document conservation and restoration actions aligned with global environmental frameworks such as the Nature 2030 Programme. The platform targets conservation organizations and stakeholders interested in biodiversity and climate-related nature-based solutions. The business model is non-profit and focused on environmental data collaboration. Technically, the site is built on modern frameworks like Nuxt.js and Vue.js, with Cloudflare DNS and uses Fathom Analytics for minimal tracking. However, the site currently suffers from a critical server-side issue returning a 500 Internal Server Error on the /get-started page, significantly impacting user experience and content accessibility. Security posture is moderate with HTTPS enabled but lacks security headers and DNSSEC. Privacy compliance is basic with a privacy policy and terms of service present but no cookie consent mechanism. Contact information is limited to an email address. Overall, the site demonstrates consistent branding and alignment with IUCN's mission but requires urgent technical fixes and security enhancements.

V

VERMONT Services Slovakia s. r. o.

vermont.cz

63

Vermont.cz is a professional e-commerce website representing a premium international fashion brand offering clothing and accessories for men, women, and children. The site features multiple well-known trademarks and brands, providing a comprehensive online shopping experience supported by physical stores in the Czech Republic. The business model focuses on retail sales with value-added services such as free shipping over a threshold and gift vouchers. Technically, the website employs modern JavaScript frameworks like Vue.js and Inertia.js, integrates multiple marketing and analytics tools including Google Tag Manager and Facebook Pixel, and maintains good SEO and mobile optimization standards. Security-wise, the site enforces HTTPS, implements key security headers, and uses cookie consent mechanisms, though it lacks explicit security policy and incident response disclosures. The absence of WHOIS data for the domain is a notable gap in trust assessment but does not detract from the professional presentation and operational maturity of the business. Overall, Vermont.cz presents a secure, user-friendly, and content-rich platform suitable for its retail audience.

France.fr is the official tourism website for France, providing comprehensive information about French destinations, culture, and travel experiences. It targets international tourists and travelers interested in exploring France's wonders. The site is well-branded, multilingual, and professionally designed, reflecting its role as a government-backed informational portal. Technically, the website leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, ensuring a responsive and engaging user experience. It integrates Google Tag Manager for analytics and Axeptio for cookie consent management, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and avoids exposing sensitive data, but lacks some security headers and explicit security policies. The absence of WHOIS data is notable but may be due to registry policies for .fr domains. Overall, the site is trustworthy and professional but could improve privacy compliance and security transparency.

Z

Ziaja

ziaja.pl

66

Ziaja.com is the official online store for Ziaja, a Polish skincare and cosmetics brand established in 2000. The website serves as an e-commerce platform targeting general consumers interested in skincare products. The site is built using modern web technologies including Vue.js and Vue Storefront, hosted by OVH sas, a reputable hosting provider. The technical infrastructure reflects a moderate level of digital maturity with good mobile optimization and user experience. However, the site lacks visible privacy and cookie policies, and no explicit security headers were detected, indicating room for improvement in security posture. The domain registration data is consistent with the business's claimed history, enhancing trustworthiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security measures.

I

ITCOMDOMAINS.COM

it.com

76

ITCOMDOMAINS.COM operates as a specialized domain registry platform offering .it.com domain registrations at competitive prices. The service targets businesses and individuals seeking affordable alternatives to traditional .com domains, emphasizing SEO benefits, free SSL certificates, and Cloudflare DNS support. The website presents a professional and consistent brand image with clear navigation and multilingual support, catering to a global audience. Technically, the site leverages modern frameworks such as Nuxt.js and Vue.js, integrates Google Tag Manager and reCAPTCHA for analytics and security, and implements privacy consent mechanisms aligned with GDPR requirements. Security posture is solid with HTTPS enforced and bot protection in place, though additional security headers and explicit policies could enhance defenses. The absence of WHOIS data for the domain get.it.com suggests the domain is unregistered or reserved, which may impact trustworthiness from a domain registration perspective. Overall, the platform demonstrates a good balance of business credibility, technical maturity, and privacy compliance, suitable for its niche market.

Z

Zoznam, s.r.o.

vysetrenie.sk

59

The website vysetrenie.zoznam.sk is a Slovak health and wellness media portal operated by Zoznam, s.r.o., a recognized media company in Slovakia. It provides a wide range of health-related content including articles, interviews, quizzes, and practical tools such as health calculators and listings of medical facilities. The site targets the general public interested in health, lifestyle, and medical information. Its business model is primarily content publishing supported by advertising revenue, positioning it as a significant player in the Slovak online media landscape focused on health topics. Technically, the website employs a modern technology stack including Google Tag Manager, jQuery, Vue.js, and multiple advertising and analytics platforms such as Google Ad Manager, Gemius, and Yieldbird. The site is mobile optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with asynchronous loading of scripts to enhance user experience. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers. It uses a comprehensive consent management platform (Didomi) to comply with GDPR requirements, reflecting a mature privacy posture. However, explicit security policies and incident response contacts are not published, and there is no security.txt file for vulnerability disclosure. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the website presents a low-risk profile with strong legitimacy and trustworthiness, supported by consistent WHOIS registration data matching the business identity. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility, and maintaining regular audits of third-party scripts to sustain security and compliance standards.

Z

Zoznam, s.r.o.

feminity.sk

57

Feminity.sk is a Slovak lifestyle media website operated by Zoznam, s.r.o., offering content focused on fashion, beauty, health, horoscopes, and celebrity news. The site targets a broad audience of modern Slovak men and women interested in lifestyle topics. Technically, the website employs modern JavaScript frameworks such as Vue.js, integrates multiple third-party analytics and advertising services, and uses a CDN for content delivery. It demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, uses standard security headers, and implements GDPR-compliant cookie consent mechanisms, though it lacks a dedicated security policy or incident response contact information. Overall, the domain registration aligns well with the business identity, indicating legitimacy and trustworthiness.

Z

Zoznam s.r.o.

sportky.sk

58

Športky.sk is a Slovak-language sports news portal operated by Zoznam s.r.o., providing comprehensive coverage of sports such as football, hockey, tennis, and cycling. The site targets Slovak sports fans with up-to-date results, event calendars, and multimedia content. It holds a solid market position as part of the established Zoznam media brand. Technically, the website employs modern JavaScript frameworks including Vue.js and jQuery, integrates Google Analytics and Tag Manager for tracking, and uses Didomi for GDPR-compliant cookie consent management. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, HTTPS is enforced and basic security headers are present, though some headers like HSTS and X-Content-Type-Options should be confirmed or added. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear cookie policy and consent mechanism. However, explicit contact details and terms of service pages are not directly found on the site, which could be improved for transparency. Overall, the website is professional, trustworthy, and well-maintained, suitable for its audience and business model.

Z

Zoznam s.r.o.

dromedar.sk

57

The website dromedar.zoznam.sk is a Slovak travel magazine operated by Zoznam s.r.o., offering travel articles, tips, and cultural content aimed at Slovak-speaking travel enthusiasts. The site is well-branded, professionally designed, and provides a rich content experience with clear navigation and mobile optimization. Technically, it employs modern JavaScript libraries such as jQuery and Vue.js, integrates multiple analytics and advertising platforms, and uses a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the site demonstrates good privacy compliance and business credibility, with WHOIS data confirming legitimacy and consistency with the brand.

W

WSN Community

wsn.community

57

The website at https://wsn.community/fr/pro/login is currently inaccessible beyond a minimal loading spinner, indicating that a Web Application Firewall (WAF) or other security mechanism is blocking full content access. Due to this, no meaningful business information, contact details, or policies are available for analysis. The site uses modern JavaScript frameworks such as Vue.js and Vuetify, but no metadata or structured data is present. The WHOIS data is restricted and does not provide registrant or domain creation details, limiting trust assessment. Overall, the site appears to be in a blocked or pre-load state, preventing comprehensive evaluation.

ENGIE Home Services is a leading French company specializing in home maintenance and energy-related services. The company offers a broad range of services including heating system maintenance, plumbing, and energy efficiency consulting, targeting residential customers across France. The website reflects a strong market position with professional branding and clear service offerings. Technically, the site is built using modern frameworks such as Nuxt.js and Vue.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and security headers implemented, though the absence of published security policies and incident response information suggests room for improvement. The lack of WHOIS data is unusual but does not detract significantly from the overall legitimacy given the professional presentation and market presence. Strategic recommendations include publishing formal security and incident response policies and enhancing transparency around analytics and tracking.

S

Socleo

panierlocal.org

58

Socleo is a French technology company specializing in SaaS software solutions dedicated to simplifying management tasks for farmers, processors, and distributors involved in local product short circuits. Established in 2006, it holds a pioneer position in its niche market with a strong user base across France and Belgium. The website clearly communicates its business model, subscription pricing, and personalized onboarding services, supported by numerous customer testimonials and partner endorsements. Technically, the site employs modern JavaScript frameworks like Vue.js and CKEditor, ensuring a responsive and performant user experience optimized for mobile devices. Security posture is solid with HTTPS enforcement and CSRF protections, though it lacks some advanced security headers and formal security policies. Privacy compliance is evident with accessible privacy and cookie policies, and GDPR adherence is implied. Overall, the site is professional, trustworthy, and well-structured, with no signs of blocking or WAF interference.

D

Denník N

projektn.sk

64

Denník N is a Slovak independent daily newspaper offering digital news content primarily through a subscription model. It holds a strong market position as a leading independent media outlet in Slovakia, targeting a general audience interested in quality journalism. The website is professionally designed, mobile-optimized, and uses modern technologies including WordPress CMS, Vue.js framework, and integrates various analytics and marketing tools such as Google Analytics, Gemius, and OneSignal for push notifications. Payment processing is handled via TrustPay, indicating a mature e-commerce infrastructure. Security posture is robust with HTTPS enforced and standard security headers present, though no explicit security policy or incident response page is publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates high professionalism and trustworthiness with no detected vulnerabilities or suspicious activities.

S

SASU CIRCE CONSEILS

circe-conseils.fr

53

Circé Conseils is a small French communication studio specializing in project guidance, brand identity creation, communication strategy, and website development. The company positions itself as a boutique service provider offering personalized and impactful communication solutions to professionals and businesses. The website is built using modern technologies such as Nuxt.js and Vue.js, hosted on Netlify, and demonstrates good mobile optimization and user experience. Security posture is adequate with HTTPS and cookie consent mechanisms, though explicit security headers and policies could be improved. The domain registration is consistent with the business information, indicating legitimacy. Overall, the website reflects a professional and trustworthy business with a clear market niche.

R

ROZBUBLAJ ZÁBAVU | ROBBY BUBBLE

robbybubble.sk

53

Robby Bubble is a Slovak-based brand specializing in non-alcoholic sparkling beverages designed for children’s parties and family celebrations. The website presents a colorful, well-structured digital presence built on modern web technologies such as Vue.js and Nuxt.js, hosted by Active24 with DNSSEC enabled, indicating a secure and reliable infrastructure. The brand emphasizes fun, fruit-flavored bubbly drinks that appeal to children and families, positioning itself as a popular choice in its regional market. However, the website lacks explicit privacy and terms of service policies, which are critical for compliance and user trust. Security practices are generally good, with HTTPS enforced and security headers present, but there is room for improvement in privacy compliance and incident response readiness.

S

SOARE SEKT a.s.

muchasekt.sk

52

Mucha Sekt is a Slovak-based premium sparkling wine brand operated by SOARE SEKT a.s., leveraging the artistic legacy of Alfons Mucha to position itself in the niche market of cultural and artistic beverage experiences. The website showcases a well-structured product portfolio, emphasizing quality and heritage, targeting adult consumers interested in premium alcoholic beverages. The digital infrastructure is built on modern JavaScript frameworks such as Vue.js and Nuxt.js, providing a responsive and visually appealing user experience. However, some compliance gaps exist, notably the absence of explicit privacy policy and terms of service pages, which are critical for GDPR adherence. Security posture is moderate with HTTPS enforced but lacking security headers and vulnerability disclosure mechanisms. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

C

Cotravaux

reseau-cotravaux.org

39

Cotravaux operates as a French non-profit network focused on voluntary work and international volunteer projects. Their website serves as a centralized resource hub offering training materials, communication tools, regional information, and political updates relevant to volunteers and associated organizations. The platform targets a specialized audience involved in voluntary and community work, positioning itself as a niche resource provider within the non-profit sector. Technically, the website is built on the YesWiki CMS platform, leveraging Bootstrap, FontAwesome, jQuery, and Vue.js for frontend functionality. The site is hosted on infrastructure associated with Amen, a known hosting provider. The website demonstrates moderate performance and good mobile optimization, with basic accessibility and SEO features. The presence of a login form indicates user interaction capabilities. From a security perspective, the site enforces HTTPS and uses secure form submission methods. However, it lacks advanced security headers such as Content-Security-Policy and HSTS, and DNSSEC is not enabled for the domain. No cookie consent mechanism or privacy policy is explicitly presented, which may impact GDPR compliance. The WHOIS data aligns well with the website's profile, showing consistent registration details and domain age appropriate for the organization's history. Overall, the website is professional and trustworthy with clear contact information and active social media presence. Security and privacy practices could be improved to enhance compliance and protection. The site is safe for general audiences with no adult or questionable content detected.

S

Soare Sekt Slovakia, s.r.o.

soaresekt.sk

50

Soare Sekt Slovakia, s.r.o. is a medium-sized Slovakian company specializing in the production and distribution of alcoholic and non-alcoholic sparkling wines and beverages. It operates under the parent company Soare Sekt a.s. and benefits from a strong brand portfolio including Mucha Sekt, Moscato de Luxe, and Robby Bubble. The company targets adult consumers in Slovakia and international markets, emphasizing quality and tradition dating back to 1991. The website is professionally designed using modern web technologies such as Nuxt.js and Vue.js, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, although explicit security headers and incident response contacts are absent. Privacy policies are comprehensive and GDPR compliant, including detailed data processing and retention information. Overall, the site reflects a trustworthy and mature digital presence aligned with the company's business operations.

N

N Press s.r.o.

dennikn.sk

64

Denník N is a well-established independent Slovak news media company founded in 2014, offering a broad range of journalistic content including articles, podcasts, and subscription services. The website demonstrates a mature digital presence with a modern tech stack including WordPress CMS, Vue.js framework, and integration with multiple analytics and advertising platforms. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. Privacy compliance is evident with clear privacy and cookie policies and GDPR adherence. The business model is subscription-driven supplemented by advertising and merchandise sales. Overall, the site is professional, trustworthy, and well-positioned in the Slovak media market.

S

Soare sekt a.s.

soaresekt.cz

61

Soare sekt a.s. is a well-established Czech wine company founded in 1991, offering a broad portfolio of alcoholic and non-alcoholic wine products under multiple brands. The company holds a strong market position in the Czech Republic and exports internationally, supported by a German parent company. The website is built on modern frameworks (Nuxt.js and Vue.js) and features comprehensive privacy and cookie policies, including GDPR compliance and an age verification mechanism for alcohol-related content. Security posture is adequate with HTTPS and cookie consent but lacks some advanced security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and user-friendly, targeting adult consumers and wine enthusiasts.

R

ROZBUBLEJ ZÁBAVU | ROBBY BUBBLE

robbybubble.cz

54

Robby Bubble is a well-established brand specializing in non-alcoholic sparkling beverages designed for children and family parties. The website presents a professional and visually appealing platform targeting Czech and Slovak markets, emphasizing fun and fruit-flavored party drinks. The domain has been registered since 2001, indicating a mature presence in the market. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with Google Tag Manager integrated for analytics. However, explicit privacy policies and terms of service are missing, which could impact compliance and user trust. Security headers and advanced security policies are not evident, suggesting room for improvement in security posture.

A

Adbros s.r.o.

adbros.cz

58

Adbros s.r.o. is a well-established Czech digital agency founded in 2005, specializing in web and mobile application development, digital marketing, data integration, and custom software products. The company serves a B2B market with a strong portfolio including major clients like Philip Morris International and McDonald's Cup. Their website reflects a professional and modern digital presence, leveraging advanced technologies such as NuxtJS and Vue.js. Security posture is solid with HTTPS and security headers implemented, though explicit security policies and incident response contacts are not publicly available. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanism. Overall, the company demonstrates a mature digital infrastructure and trustworthy business operations.

P

PENNY Market Česká republika

penny.cz

67

PENNY Market Česká republika operates as a major retail supermarket chain in the Czech Republic, providing grocery and household products to a broad consumer base. The website serves as a digital storefront and information portal, featuring store locations, promotions, and company information. It is part of the REWE Group, a large European retail conglomerate, which supports its market position and brand recognition. The site targets general consumers in the Czech market with a focus on retail grocery shopping. Technically, the website employs modern frontend technologies such as Vue.js and uses Google Fonts and Material Icons for UI consistency. The site is mobile-optimized and demonstrates moderate performance with good SEO and accessibility basics. Security best practices are observed with HTTPS enforcement and standard security headers, though some advanced security disclosures and policies are absent. The security posture is solid with no detected vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies, including consent mechanisms aligned with GDPR requirements. Contact information is clearly provided, enhancing business credibility. However, the lack of WHOIS transparency due to privacy protection limits domain registration visibility. Overall, the website presents a professional, trustworthy, and secure digital presence for PENNY Market in the Czech Republic. Strategic improvements could include publishing explicit security policies, incident response contacts, and vulnerability disclosure mechanisms to further enhance trust and compliance.

S

SOARE SEKT a.s.

muchasekt.cz

49

Mucha Sekt is a Czech-based producer and retailer of premium sparkling wines inspired by the art of Alfons Mucha. The company operates a well-designed, modern website built on Nuxt.js, showcasing a diverse product portfolio including Brut, Demi Sec, Rosé, Ice variants, and Prosecco. Their market presence is supported by distribution through major Czech retail chains and online platforms. The website demonstrates a mature digital infrastructure with mobile optimization, modern JavaScript frameworks, and integrated marketing tools such as Google Tag Manager and Facebook Pixel. Security measures include HTTPS enforcement and an age verification popup to restrict underage access, reflecting compliance with alcohol sales regulations. However, the absence of explicit privacy policy and terms of service pages indicates areas for compliance improvement. Overall, the website and domain registration data reflect a legitimate, stable business with a strong brand identity and good technical implementation.

A

ARCHA+

archa-plus.cz

58

ARCHA+ is a multifunctional cultural space operating since 2024 in the premises of the original Divadlo Archa in Prague. The organization offers a diverse program of contemporary arts including music, theater, and dance, targeting a broad audience interested in cultural events. Supported by municipal and governmental bodies, ARCHA+ positions itself as a key cultural institution in Prague with a focus on education and community engagement. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing, all implemented with GDPR-compliant consent mechanisms. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and well-optimized for users.

C

Caisse d'Assurance Vieillesse des Pharmaciens (CAVP)

cavp.fr

61

The CAVP website represents a professional French pension fund dedicated to pharmacists, providing comprehensive retirement and social benefit services. The site is well-structured, content-rich, and targets pharmacists at various career stages, including active, retired, and collaborators. The business operates under the umbrella of CNAVPL, indicating a government-affiliated entity with a clear mission to manage pharmacists' retirement schemes. Technically, the website employs modern frontend technologies such as Vue.js and Webpack, ensuring a responsive and user-friendly experience. The use of Matomo analytics reflects a privacy-conscious approach to user tracking. The site is served over HTTPS with no detected blocking or WAF challenges, indicating good security hygiene. However, some security headers are missing, and explicit security policies are not publicly disclosed. The security posture is solid with encrypted communications and cookie consent mechanisms compliant with GDPR. The absence of WHOIS data limits domain registration trust analysis, but the website's professional presentation and consistent branding support its legitimacy. Contact channels include phone, email, and online forms, enhancing user accessibility. Overall, the website is a reliable and professional platform for its target audience, with recommendations to enhance security headers and publish incident response policies to further strengthen trust and compliance.

A

Acronis International GmbH

acronis.com

80

Acronis International GmbH is a well-established global provider of cybersecurity and data protection solutions, specializing in backup software and services for consumers, businesses, and managed service providers (MSPs). Founded in 2003, the company has positioned itself as a leader in the technology sector, offering award-winning products that protect sensitive information across various platforms. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. Technically, the website employs modern web technologies including Vue.js, Matomo analytics, and Google Tag Manager, ensuring a responsive and performant user experience. Security best practices are evident with HTTPS enforcement, robust security headers, and no visible vulnerabilities or exposed sensitive data. Privacy and cookie policies are comprehensive and GDPR compliant, supporting the company's commitment to data protection. The security posture is strong, though the absence of a public vulnerability disclosure policy and explicit incident response contacts suggests areas for improvement. The WHOIS data is incomplete, likely due to privacy protection, but the overall trust indicators and structured data confirm the legitimacy of the domain and business. The website is free from adult or questionable content, targeting a general professional audience. Overall, Acronis demonstrates a high level of digital maturity and security awareness, making it a trustworthy and professional platform for its users.

F

Framasoft

framateam.org

56

Framateam is a French non-profit association's service providing a free, privacy-focused, open source team chat platform based on Mattermost. It targets teams and communities seeking ethical and user-controlled communication tools. The website is well designed, content-rich, and consistent with the organization's mission. Technically, it uses modern JavaScript frameworks and enforces HTTPS with a Content-Security-Policy header, though DNSSEC is not enabled and no cookie consent mechanism is present. Security posture is good but could be improved with published incident response policies and vulnerability disclosure mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the service.

T

The Web Platform Podcast

thewebplatformpodcast.com

59

The Web Platform Podcast is a niche media business producing a weekly podcast focused on JavaScript and web standards. Founded in 2016, it targets developers and web technology enthusiasts, providing in-depth discussions on web platform development. The website is professionally designed with consistent branding and clear navigation, distributed via major podcast platforms and supported by social media channels. Technically, the site uses modern web technologies including Vue.js and integrates Google Analytics and Tag Manager for user tracking. Hosting is supported by Google Cloud DNS services, with domain registration managed by Squarespace Domains. Security posture is moderate with HTTPS enabled but lacks DNSSEC and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Overall, the site is trustworthy and functional but would benefit from enhanced security and privacy compliance measures.

R

Renault

renew.ma

46

Renew Maroc operates as an official online platform for certified used Renault vehicles in Morocco, offering a comprehensive range of services including vehicle sales, financing, trade-in, assistance, and insurance. The website is professionally designed with clear navigation and targets Moroccan consumers interested in purchasing certified used Renault cars. Technically, the site leverages modern frameworks such as Vue.js and Nuxt.js, and integrates Google Tag Manager for analytics, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and domain registration transparency, though improvements are recommended in security headers and privacy compliance mechanisms. Overall, the platform presents a trustworthy and professional presence in the Moroccan automotive market.

A

Anycoders s.r.o.

anycoders.cz

54

Anycoders s.r.o. is a Czech-based full-service digital agency specializing in custom software development, web and e-commerce solutions, and digital marketing services. Founded in 2015 and headquartered in České Budějovice, the company serves clients primarily in the Czech Republic and across Europe. Their market position is strengthened by multiple certifications including Google Partner and partnerships with platforms like Sklik, Heureka, and Shoptet. The company offers a broad range of services from web development to advanced analytics and marketing strategies, targeting businesses seeking digital transformation and e-commerce growth. Technically, Anycoders employs a modern technology stack including Vue.js, Spring Framework, Symfony, GraphQL, Docker, and more, indicating a mature and scalable infrastructure. The website is well-optimized for performance, mobile responsiveness, and SEO, reflecting a high level of digital maturity. Security posture is strong with HTTPS enforced and multiple security headers present, though the absence of a published security policy and incident response details suggests room for improvement. The website demonstrates good privacy compliance with clear privacy and cookie policies, consent mechanisms, and GDPR adherence. Contact information is comprehensive, including emails, phone numbers, and a contact form. However, the lack of WHOIS data for the domain introduces uncertainty regarding domain registration legitimacy, which slightly impacts the overall trust score. Overall, Anycoders presents as a professional and trustworthy digital agency with robust technical capabilities and compliance practices. Strategic recommendations include publishing detailed security policies, incident response contacts, and vulnerability disclosure information to further enhance trust and security posture.

B

Bababam

bababam.com

7

Bababam is a podcast streaming platform targeting general audiences, primarily French-speaking users, offering simple and direct access to podcasts. The website is built using modern frontend technologies such as Vue.js and Nuxt.js, indicating a contemporary technical infrastructure. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and longevity. The site lacks essential compliance documents such as privacy and cookie policies, and no contact information is provided, which impacts business credibility and user trust. Security posture appears basic with no detected security headers or SSL configuration details available. Overall, the platform provides a good user experience and content quality but requires significant improvements in compliance, security, and business transparency to enhance trust and reliability.

P

Porsche Inter Auto CZ spol. s r.o.

porsche-brno.cz

11

Porsche Inter Auto CZ spol. s r.o. operates as a major authorized automotive dealership and service provider in the Czech Republic, specializing in Volkswagen, Audi, Škoda, and Porsche brands. The company is part of the larger Porsche Inter Auto group based in Austria, which is a leading automotive sales and service entity in Europe. Their website showcases a comprehensive portfolio of new and used vehicles, service offerings, and accessories, targeting customers seeking premium automotive products and services. The site is professionally designed, mobile-optimized, and integrates modern web technologies such as Nuxt.js and Google Tag Manager for analytics and marketing purposes. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, although some security headers could be improved. Privacy compliance is well addressed with accessible GDPR and cookie policies. Overall, the website reflects a mature digital presence aligned with the company's market position and business model.

S

Share the Experience

sharetheexperience.org

54

Share the Experience is a well-established photo contest platform dedicated to America's national parks and federal recreational lands. It targets amateur photographers and outdoor enthusiasts, providing a community-driven platform for sharing and celebrating photography related to natural and federal lands. The website demonstrates a consistent brand and clear business purpose, supported by a domain registered since 2006, indicating a mature presence in its niche. Technically, the site leverages modern JavaScript frameworks such as Vue.js and Bootstrap 5, along with various libraries for media handling and geolocation, reflecting a contemporary and interactive user experience. The platform integrates social media login via Facebook and employs Google reCAPTCHA to mitigate bot activity. Security posture is adequate with HTTPS enforced and domain transfer protections, though it lacks some advanced security headers and DNSSEC. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is trustworthy and professionally maintained, though improvements in security headers and privacy transparency are recommended.

D

Dreamonkey

dreamonkey.com

67

Dreamonkey is a small technology company based in Italy specializing in software development services including business software, web applications, augmented reality apps, mobile apps, and professional websites. The company targets businesses seeking custom software solutions and maintains a niche position in the regional market. The website is built using modern technologies such as Vue.js and employs Amazon Registrar for domain registration and hosting infrastructure. The site demonstrates good design quality and mobile optimization, providing a professional user experience. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies, which should be addressed to meet GDPR requirements. Overall, the website is functional and credible but would benefit from improved privacy disclosures and security hardening.

P

ProjectionLab

projectionlab.com

72

ProjectionLab is a small finance-focused SaaS company founded in 2019 that provides modern financial and retirement planning tools aimed at individuals and financial advisors. Their platform enables users to simulate financial futures and plan for early retirement and financial independence. The website is professionally designed using modern frontend technologies such as Vue.js and Vuetify, with good mobile optimization and clear navigation. The technical infrastructure includes integrations with analytics and marketing tools like Plausible, Google Tag Manager, Customer.io, and FirstPromoter, and cookie consent is managed via OneTrust and CookiePro, indicating a mature approach to privacy compliance. Security posture is solid with HTTPS enforced and spam referer mitigation scripts, though there are opportunities for improvement such as enabling DNSSEC and publishing explicit security policies and vulnerability disclosures. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business. The website content is safe for general audiences and free of adult or questionable material.

U-emploi.com is the official employment portal for the Coopérative U retail network in France, providing job listings and career information for positions in supermarkets and related retail sectors. The site targets job seekers interested in joining the cooperative's stores such as Super U, Hyper U, and U Express. It offers a modern, well-structured platform built on Vue.js and Nuxt.js frameworks, with good mobile optimization and basic accessibility compliance. The site integrates cookie consent mechanisms and uses reputable analytics and marketing tools, reflecting a mature digital presence. Security posture is solid with HTTPS and domain transfer protections, though improvements like DNSSEC and enhanced security headers are recommended. No direct contact emails or phone numbers are exposed on the homepage, but social media channels are prominently linked, enhancing trust and engagement. Overall, the website is professional, trustworthy, and well-aligned with the cooperative's business model and audience.

V

Vuetify

vuetifyjs.com

64

Vuetify is a well-established open source UI component framework for Vue.js, founded in 2016. It targets frontend developers seeking a comprehensive and design-ready component library. The website reflects a mature project with strong community engagement, sponsorship, and a professional digital presence. Technically, the site leverages modern web technologies including Vue.js, Vuetify framework, Cloudflare CDN, and integrates third-party services like Google Analytics and CosmicJS CMS. The site is performant, mobile-optimized, and accessible with good SEO practices. Security posture is strong with HTTPS, security headers, and Cloudflare protection, though DNSSEC is not enabled and no explicit security policy or vulnerability disclosure is published. Privacy and cookie policies are present and linked to a reputable provider, indicating GDPR compliance. Contact information is limited to a company email address, with no phone or physical address disclosed. Overall, the site is trustworthy, professional, and well-maintained, suitable for its target audience.

N

Nuxt

nuxt.com

57

Nuxt is a well-established open source progressive web framework designed to simplify full-stack development with Vue.js. The website presents a professional and modern interface targeting web developers and software engineers interested in building high-quality web applications. The business model includes open source offerings complemented by official certifications and enterprise solutions, positioning Nuxt as a leading technology framework in its market segment. The technical infrastructure leverages modern JavaScript technologies including Vue.js, TypeScript, and advanced bundlers like Vite and RSPack, hosted on Cloudflare for performance and security. The website is fast, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Security posture is strong with HTTPS enforced and domain registration consistent with a reputable technology entity. However, the site lacks visible privacy and cookie policies, as well as explicit security policies or incident response contacts, which are areas for improvement. Overall, Nuxt demonstrates a high level of professionalism and trustworthiness with minimal security concerns.

P

PortlandLabs

concretecms.com

74

Concrete CMS is an established open source content management system designed for teams including content creators, developers, and designers. The platform offers a robust website builder with built-in tools to simplify content editing and management. PortlandLabs, the company behind Concrete CMS, positions itself strongly in the technology sector with a focus on enterprise and government clients, including the U.S. Army. The business model includes open source software distribution, hosting services, and a marketplace for themes, add-ons, and integrations. The website demonstrates excellent content quality, professional design, and clear navigation, targeting professional teams and organizations seeking secure and compliant CMS solutions. Technically, the website employs modern web technologies such as jQuery, Vue.js, Bootstrap, and Moment.js, running on the Concrete CMS platform. It integrates multiple analytics and marketing tools including Google Analytics, Matomo, ZoomInfo, and Pipedrive LeadBooster. The site is mobile optimized and accessible, with good SEO practices evident from meta tags and structured data. Hosting appears to be managed by PortlandLabs with offerings ranging from starter plans to custom enterprise SLAs. Security posture is strong with HTTPS enforced and certifications including ISO 27001, SOC 2, and HIPAA compliance prominently featured. The platform supports role-based access control, workflow approvals, and version control to enhance security and collaboration. However, the site lacks explicit HTTP security headers and a published vulnerability disclosure or security.txt file, which are recommended for further strengthening security transparency. Overall, the website is trustworthy and professional with high-quality content and a mature technical infrastructure. The main risk factor is the absence of WHOIS domain registration data, which is unusual for a business of this profile and slightly reduces trust. Strategic recommendations include implementing security headers, publishing incident response contacts, and enhancing transparency on data retention and vulnerability disclosures.

P

Padlet

padlet.com

70

Padlet is a well-established SaaS company founded in 2004, specializing in visual collaboration tools for creative work and education. The platform serves a large global user base of 40 million, targeting educators, students, and creative professionals. Their business model is freemium with tiered subscription plans for individuals, teams, classrooms, and schools. The website reflects a mature market position with strong branding and user engagement through social media and positive reviews on multiple platforms. Technically, Padlet employs modern web technologies including Vue.js and Cloudflare services for DNS and CDN. The site is well optimized for performance, mobile responsiveness, and accessibility. Analytics are implemented via RudderStack, indicating a moderate level of user tracking. The website is professionally designed with clear navigation and comprehensive content. From a security perspective, Padlet enforces HTTPS, uses security headers, and maintains a clientTransferProhibited domain status, indicating good domain security practices. However, DNSSEC is not enabled, and there is no visible vulnerability disclosure or security.txt file. Privacy compliance is partially addressed with a comprehensive privacy policy, but lacks an explicit cookie consent mechanism. Contact information for security incidents or data protection officers is not publicly available. Overall, Padlet presents a high level of business credibility and technical maturity with minor gaps in privacy compliance and security transparency. Strategic recommendations include enabling DNSSEC, implementing cookie consent, publishing vulnerability disclosure information, and providing clearer contact channels for security and privacy matters.