Security Directory

E

ekolo.cz s.r.o.

ekolo.cz

47

Ekolo.cz s.r.o. operates a leading Czech e-commerce and physical retail platform specializing in electric bicycles and related accessories. Established in 2007, the company has built a strong market position with over 18 years of experience, offering a wide range of products including over 700 e-bike variants from 16 manufacturers. Their services include sales, rental, and servicing of e-bikes, targeting cycling enthusiasts and urban commuters primarily in the Czech Republic. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive product information. Technically, the site leverages modern JavaScript libraries such as Swiper.js, Google Tag Manager, and integrates security features like Google reCAPTCHA to protect user interactions. Hosting is inferred to be on DigitalOcean with CDN support for performance. Security posture is strong with HTTPS enforced and secure form handling, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies, GDPR adherence, and consent mechanisms. Contact information is transparent and includes multiple channels. Overall, the site demonstrates high professionalism, trustworthiness, and digital maturity.

L

Luxembourg - Let's Make It Happen (LMIH)

lmih.lu

47

Luxembourg - Let's Make It Happen (LMIH) is an official government-backed platform designed to inspire and connect actors involved in promoting Luxembourg internationally. The website offers a rich selection of multimedia tools, branding guidelines, and partnership opportunities to support the promotion of Luxembourg's values and talents. It targets both national and international audiences including ministries, public administrations, businesses, and associations. The platform is positioned as a central resource for Luxembourg's national branding efforts, leveraging modern web technologies and a multilingual approach to maximize reach and engagement. Technically, the website is built on WordPress 6.8.1 with a modern tech stack including Yoast SEO, jQuery, Select2, Swiper.js, and Matomo analytics for privacy-conscious tracking. It employs HTTPS with good SSL configuration and integrates Google reCAPTCHA v2 for form security. Accessibility features and SEO optimizations are well implemented, contributing to a positive user experience across devices. However, explicit privacy and cookie policy pages are not detected in the provided content, which is a compliance gap. From a security perspective, the site follows best practices such as HTTPS enforcement and CAPTCHA protection on forms. The use of Matomo analytics and Axeptio cookie consent indicates a privacy-aware approach. Nonetheless, the absence of security headers and vulnerability disclosure policies suggests room for improvement in security posture. No vulnerabilities or suspicious activities were detected in the analysis. Overall, the website presents a professional, trustworthy, and well-structured platform aligned with its government branding mission. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, and establishing a vulnerability disclosure mechanism to enhance compliance and security maturity.

M

Molfar Intelligence Firm

molfar.com

70

Molfar Intelligence Firm is a Ukrainian private intelligence agency specializing in OSINT investigations and business consulting across finance, government, law, and IT sectors. Established in 2012 and operational since 2019, the firm serves a global clientele with expertise in over 60 countries, focusing on markets such as CIS, USA, UK, China, and Israel. Their key offerings include background checks, litigation support, risk consulting, market research, strategic communication, military intelligence, and OSINT training through their institute. Technically, the website is built on Webflow with modern JavaScript libraries and analytics tools, hosted with Cloudflare DNS, and employs HTTPS with domain transfer lock for security. Privacy and cookie policies are comprehensive and GDPR compliant, with user consent mechanisms in place. Security posture is strong with no critical vulnerabilities detected, though DNSSEC is not enabled. Overall, the site demonstrates high professionalism, trustworthiness, and technical maturity.

H

heap studio

heap.lu

50

Heap studio is a small creative digital agency based in Luxembourg specializing in web development, design, branding, and consulting services. The company positions itself as a success-oriented studio focused on delivering purposeful and targeted results for clients, primarily businesses and organizations seeking digital creative solutions. Their portfolio showcases a variety of projects emphasizing brand identity, UX/UI design, and front-end and back-end development. Technically, the website is built on WordPress with modern tools such as Yoast SEO and GSAP animations, hosted by Infomaniak, a reputable provider. The site demonstrates good mobile optimization, SEO practices, and a professional design, though accessibility features are basic. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks security headers and formal policies. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the website is trustworthy and professional but could improve in compliance and security transparency.

A

Associazione Nazionale Ufficiali Aeronautica

anua.it

58

The Associazione Nazionale Ufficiali Aeronautica (ANUA) is a non-profit organization dedicated to supporting members of the Italian Air Force and promoting their interests. The website serves as an information hub with news, events, and resources for its members and the broader Aeronautica Militare community. It maintains a professional online presence with consistent branding and regularly updated content. Technically, the site is built on WordPress using modern plugins such as Elementor and Yoast SEO, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the site is trustworthy and well-maintained, serving its niche audience effectively.

C

Crème fraîche

creme-fraiche.lu

59

Crème fraîche is a Luxembourg-based video contest platform targeting young people aged 12 to 30, focusing on promoting creativity and film-making through organized contests and events. The website provides detailed information about contest editions, winners, and related cultural activities, positioning itself as a niche media and cultural event organizer in Luxembourg. The platform leverages modern web technologies including Drupal 10 and Alpine.js to deliver a responsive and engaging user experience, optimized for mobile devices and accessibility. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security policies and headers could be improved. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible platform. Overall, the website demonstrates good professionalism and trustworthiness, supported by active social media channels and clear business focus.

F

Festival des Cabanes

cabanes.lu

56

The Festival des Cabanes website represents a youth-focused architecture competition organized in Luxembourg, targeting young people aged 12 to 26. The event is supported by recognized local organizations such as the Service national de la jeunesse and the Ordre des Architectes et Ingénieurs-conseils, positioning it as a niche cultural and educational initiative. The website content is professionally presented, with clear information about the event, its objectives, and timelines, supporting good user engagement and trust. Technically, the site is built on WordPress with modern front-end technologies and is mobile-optimized, though performance is moderate and accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks important security headers and formal privacy and cookie policies, which are critical for GDPR compliance. Overall, the site is trustworthy and well-suited for its purpose but would benefit from enhanced privacy compliance and security hardening.

Т

ТОВ "АІН"

ain.ua

72

AIN.ua is a leading Ukrainian online media platform specializing in IT, business, startups, and investment news. Established in 1999, it holds a strong market position as the oldest and most trusted media outlet in its niche within Ukraine. The website offers a wide range of content including news articles, analytical reports, interviews, and special projects targeting IT professionals, entrepreneurs, investors, and the broader business community. Its business model primarily revolves around digital publishing supported by advertising and sponsored content. Technically, the website employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Microsoft Clarity for analytics, and Facebook Pixel for marketing. It uses asynchronous loading for performance optimization and is mobile-optimized with good SEO practices. The platform appears to be custom-built without reliance on common CMS platforms, indicating a tailored infrastructure. Performance is moderate with good mobile responsiveness and basic accessibility features. From a security perspective, the site enforces HTTPS and uses several tracking and advertising scripts responsibly. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not visibly declared, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms. Contact information is limited but includes a feedback email for technical issues. Overall, AIN.ua presents a professional, trustworthy, and content-rich platform with a solid security posture and compliance framework. Strategic recommendations include enhancing security headers, publishing a formal security policy, and expanding contact channels to improve incident response readiness and user trust.

K

Kappa Data

kappadata.eu

68

Kappa Data is a value-added distributor specializing in innovative network connectivity, security, and IoT solutions. Established in 1998 and operating across five countries with 75 employees, the company serves resellers and end customers by providing technical support and knowledge sharing. The website reflects a professional and consistent brand presence with clear navigation and relevant business content. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and providing good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy and cookie policies are present, indicating basic GDPR compliance. Overall, the site is trustworthy and well-maintained, supporting the company's regional market position.

I

Ingroup

ingroup.lu

48

Ingroup is a prominent marketing and digital solutions provider based in Luxembourg, operating through multiple specialized brands that offer comprehensive communication, advertising, branding, media, and distribution services. The company positions itself as a major player in the Greater Region, targeting businesses seeking to maximize their visibility and impact through integrated 360° solutions. The website reflects a professional and consistent brand image with clear navigation and regularly updated news content. Technically, the site is built on WordPress with modern plugins and libraries, hosted by OVH, and optimized for mobile and SEO. Security measures include HTTPS, Google reCAPTCHA on contact forms, and a robust cookie consent mechanism, although some security headers and policies could be improved. Overall, the site demonstrates a mature digital presence with good privacy compliance and business credibility.

E

Empat.tech

empat.tech

70

Empat.tech is a Ukrainian-based technology company specializing in custom software and mobile app development services, targeting startups and enterprises globally. Established in 2013, the company has completed over 300 projects across 23 markets, serving clients including Fortune 500 companies and Y Combinator alumni. Their service portfolio includes mobile app development, fintech software, product development, and dedicated developer hiring, positioning them as a trusted partner in the technology sector. The website reflects a professional and consistent brand image with strong trust signals such as client testimonials, press mentions, and industry recognitions.

C

Cactus

cactus.lu

58

Cactus is a well-established retail supermarket chain based in Luxembourg, offering a broad range of products including fresh food, household goods, and additional services such as restaurants, home delivery, and customer loyalty programs. The website is professionally designed using Drupal 10 and incorporates modern frontend technologies and analytics tools, indicating a mature digital presence. Security posture is moderate with HTTPS usage and anonymized IP tracking in analytics, but lacks explicit security headers and published privacy policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness from a registration perspective, though the website content and branding strongly suggest a legitimate business. Overall, the site provides a good user experience with clear navigation and mobile optimization.

T

The Lawfare Institute

lawfaremedia.org

69

The Lawfare Institute operates a professional, non-profit multimedia platform dedicated to providing in-depth, non-partisan analysis on national security law and policy. The website offers a rich mix of articles, podcasts, videos, and research projects, positioning itself as a trusted source in its niche. Technically, the site is built on the Sitefinity CMS, leveraging modern JavaScript libraries and CDN hosting to ensure fast, responsive, and accessible user experiences. Security posture is strong with HTTPS enforced and sandboxed embedded content, though some security headers could be improved. Privacy compliance is moderate, with a privacy/support page present but no explicit cookie or terms of service pages detected. Overall, the site demonstrates high professionalism and trustworthiness, supported by its affiliation with the Brookings Institution. WHOIS data is unavailable, likely due to privacy protection, but this is consistent with the organization's profile.

V

Valamar

valamar.com

61

Valamar is a prominent hospitality company operating holiday hotels and resorts primarily in Croatia and Austria. Their website showcases a wide range of properties catering to diverse holiday types including family, premium, lifestyle, camping, and wellness. The company targets tourists seeking quality accommodation and holiday experiences in popular destinations such as Dubrovnik, Makarska, Hvar, and others. The website is built using modern technologies like SvelteKit and integrates advanced marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is strong with HTTPS, security headers, and consent management implemented, though explicit security policies and incident response details are not publicly available. The absence of WHOIS registration data is a concern but does not detract significantly from the overall professionalism and trustworthiness of the site. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance transparency and trust.

W

Waltti Solutions

waltti.fi

66

Waltti Solutions Oy is a Finnish company specializing in digital ticketing and payment solutions for public transportation. Their offerings include a mobile ticketing app, travel card management, and contactless payment integration, serving multiple Finnish cities. The company holds a strong market position as a leading provider in this niche, with a business model targeting both end-users and municipal transport authorities. The website reflects a mature digital presence with good content quality and user experience, supporting their business objectives effectively. Technically, the site is built on WordPress with modern libraries and demonstrates good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent compliance, though some security headers could be improved. Overall, the domain registration data aligns well with the business, indicating high legitimacy and trust. The site is free from blocking or WAF challenges, allowing full content access and analysis.

N

NextGi

nextgi.com

68

NextGi is a small technology company founded in 2008, specializing in managed IT and security services with a strong emphasis on cybersecurity and customer support. Their website presents a professional and consistent brand image, targeting small to medium businesses seeking comprehensive IT solutions including managed security, VoIP, cloud hosting, and network optimization. The company leverages partnerships with major technology providers such as AWS, Microsoft, and Bitdefender, enhancing their market credibility. Technically, the website uses modern JavaScript libraries and analytics tools, is hosted behind Cloudflare, and employs HTTPS for secure communications. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there are gaps in privacy compliance and security best practices, notably the absence of privacy and cookie policies, security headers, and incident response information. From a security perspective, the domain registration is consistent and trustworthy, with no signs of suspicious activity. The company demonstrates a security-first approach in its service offerings but should improve its website security posture by implementing recommended headers and compliance documentation. Overall, the website is functional and professional but could benefit from enhanced privacy and security transparency. The risk assessment indicates moderate security maturity with no critical vulnerabilities detected but highlights compliance gaps that could expose the company to regulatory risks. Strategic recommendations include publishing privacy and cookie policies, adding security headers, and providing incident response contacts to strengthen trust and compliance.

E

European Prison Litigation Network

prisonlitigation.org

63

The European Prison Litigation Network (EPLN) is a specialized non-profit organization dedicated to defending and advancing prisoners’ fundamental rights across Europe. It operates as a network of around 30 civil society organizations and bar associations, focusing on legal advocacy, research, and policy engagement to improve prison conditions and reduce incarceration. The website reflects a professional and well-structured digital presence, supporting multiple languages and providing comprehensive legal resources and publications. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant cookie consent mechanisms. Security posture is generally strong with HTTPS enforced and no visible vulnerabilities, though the absence of explicit security headers and WHOIS transparency are minor concerns. Overall, EPLN presents a credible and trustworthy online presence aligned with its advocacy mission.

3

33-тя окрема механізована бригада

33ombr.com

60

The website represents the official online presence of the 33rd Separate Mechanized Brigade of the Ukrainian Armed Forces. It provides comprehensive information about the brigade's history, structure, equipment, and recruitment opportunities, targeting Ukrainian citizens and supporters. The site is professionally designed with consistent branding and clear navigation, supporting its role as a trusted military information portal. Technically, it is built on WordPress with modern plugins and libraries, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic, lacking cookie consent mechanisms. Overall, the site is legitimate, trustworthy, and serves its informational and recruitment purposes effectively.

D

Deutsch-Ukrainische Gesellschaft

deutsch-ukrainische-gesellschaft.de

52

The Deutsch-Ukrainische Gesellschaft (DUG) is a small non-profit organization dedicated to fostering and deepening German-Ukrainian relations across politics, science, culture, and civil society. The organization offers expert dialogues, publications, cultural events, and exchange programs to promote mutual understanding and support Ukraine's integration into European and Euro-Atlantic structures. The website reflects a professional and consistent brand image, targeting stakeholders interested in German-Ukrainian cooperation. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, Contact Form 7, and GDPR Cookie Compliance, ensuring good SEO and privacy compliance. The site uses HTTPS with Google reCAPTCHA for form security and includes a cookie consent mechanism, indicating a mature digital infrastructure. Performance and mobile optimization are good, though some security headers could be improved. From a security perspective, the site demonstrates solid practices including HTTPS enforcement and GDPR compliance. However, no explicit security policy or incident response contacts are published, and security headers are not detected, suggesting room for enhancement. No vulnerabilities or suspicious content were found. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations, serving its niche audience effectively. Strategic improvements in security headers and transparency around security policies would further strengthen its posture.

U

UDICE

udice.org

54

UDICE is a French alliance of 13 major universities focused on promoting research excellence, enhancing higher education performance, and developing attractive innovation ecosystems. The website presents a professional and consistent brand image, targeting academic institutions and stakeholders in higher education and research. The business model is non-profit and collaborative, positioning UDICE as a key player in the French academic landscape. Technically, the website is built on WordPress using Elementor and Yoast SEO, with integration of Google Analytics and Tag Manager for user tracking. The site is mobile-optimized and performs moderately well, though accessibility features are basic. The SSL configuration is excellent, ensuring secure HTTPS connections. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks security headers and a formal security policy or incident response information. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected, which is a gap given GDPR relevance. Overall, the site is trustworthy and professional, though transparency is reduced by the absence of WHOIS data and limited security disclosures. Strategic improvements in security headers, privacy compliance, and incident response communication would enhance the site's security maturity and user trust.

F

FIVA (Fédération Internationale des Véhicules Anciens)

fiva.org

64

FIVA (Fédération Internationale des Véhicules Anciens) is a globally recognized non-profit organization dedicated to the protection, preservation, and promotion of historic vehicles. Established in 1966 and active in over 80 countries, FIVA serves millions of historic vehicle enthusiasts worldwide and holds a consultative partnership with UNESCO. The organization offers membership services, event support, advocacy on legislation, and maintains a comprehensive document library to support the historic vehicle community. Their website reflects a professional and well-structured digital presence, emphasizing community engagement and education. Technically, the website employs modern JavaScript libraries such as Livewire (Laravel), GSAP, and Swiper.js, alongside Google reCAPTCHA v3 for form security. The site is mobile-optimized, fast-loading, and includes SEO best practices. Security posture is strong with HTTPS enforced and cookie consent mechanisms in place, although explicit security policies and incident response contacts are not published. Analytics and marketing tools like Google Analytics and Facebook Pixel are used with user consent. The WHOIS data for the domain is unavailable or malformed, which limits the ability to fully verify domain registration legitimacy. Despite this, the website's professional design, clear contact information, and active social media presence support its credibility. No adult or questionable content is present, making the site safe for general audiences. Overall, FIVA's website demonstrates a mature digital infrastructure suitable for its global non-profit mission, with room for improvement in transparency around security policies and domain registration details.

W

Wiener Städtische Versicherungsverein

wst-versicherungsverein.at

48

Wiener Städtische Versicherungsverein is a medium-sized Austrian non-profit organization dedicated to promoting art, culture, and social engagement. The website reflects a well-established entity with a clear focus on cultural exhibitions, social initiatives, and community involvement. Their market position is that of a reputable cultural non-profit with partnerships in the arts and academic sectors. The website is built on a modern WordPress platform with relevant plugins for SEO and user interaction, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in publishing explicit security policies and headers. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving a general audience interested in cultural and social topics.

M

Membrana Media

membrana.media

69

Membrana Media is a specialized technology company offering an AI-powered tech suite designed to maximize profit for digital publishers through video and banner monetization solutions. Their product portfolio includes Headline Video, Daily Highlights, Video Platform, AdWall, and White Label solutions, targeting media companies seeking to enhance audience engagement and monetization. The website is professionally designed, mobile-optimized, and uses modern web technologies such as Webflow CMS, Google Tag Manager, and Microsoft Clarity for analytics and user behavior tracking. Privacy and cookie consent mechanisms are implemented, reflecting compliance with GDPR requirements. Security posture is solid with HTTPS enabled and no exposed sensitive data, though explicit security policies and incident response information are absent. WHOIS data is privacy protected, which is common for tech companies, and no suspicious patterns were detected. Overall, the site presents a credible and professional business presence with room for improvement in security transparency and direct contact information.

E

Excited Agency

excited.agency

66

Excited Agency is a professional product design and branding agency specializing in digital products such as websites, SaaS platforms, and mobile applications. The company targets startups and established companies worldwide, offering comprehensive design services that enhance user experience and brand identity. Their portfolio includes award-winning projects, indicating a strong market position and expertise in the technology sector. Technically, the website is built on modern web technologies including Webflow CMS, Google Analytics, Microsoft Clarity, and Google reCAPTCHA, ensuring a robust digital presence with good performance and mobile optimization. Security-wise, the site uses HTTPS and implements privacy and cookie consent mechanisms, though explicit security headers and incident response information are not publicly disclosed. Overall, the website demonstrates high professionalism, good privacy compliance, and a trustworthy business model, although WHOIS data is privacy protected, which is common for agencies. Strategic recommendations include enhancing security headers, publishing security policies, and providing direct contact information for improved trust and compliance.

O

Open Access Scholarly Publishing Association (OASPA)

oaspa.org

62

The Open Access Scholarly Publishing Association (OASPA) operates a professional and well-structured website focused on supporting open scholarship through membership services, advocacy, and resources. The organization targets institutions and individuals involved in open access publishing, positioning itself as a key non-profit entity in the education sector. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and privacy-conscious analytics, ensuring good performance, accessibility, and SEO. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site presents a low-risk profile with strong business credibility and compliance with privacy regulations.

O

Online Factory s.r.o.

smartform.cz

50

Smartform.cz is a Czech-based technology company operated by Online Factory s.r.o., specializing in form data validation and enrichment services. Their offerings include postal address autocompletion and validation, company data validation, email verification, name validation, and reverse geocoding. The company targets a broad audience ranging from small e-commerce shops to large enterprises, providing SaaS solutions with API integration and subscription pricing. The website demonstrates a strong market position with over 1000 companies relying on their services, including notable clients, and offers a professional, well-branded online presence.

L

Lokálny trh

lokalnytrh.sk

56

Lokálny trh is an established Slovak online platform founded in 2014 that maps and catalogs local food and beverage producers, providing consumers with an interactive map and search tools to discover regional producers. The platform also supports producers, retailers, and event organizers by offering free online profiles and promotional tools. The website demonstrates a good level of digital maturity with modern technologies such as Algolia search, Google Analytics, Facebook SDK, and responsive design. Security posture is solid with HTTPS, DNSSEC, and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the platform serves a niche retail market in Slovakia with a focus on local and regional products, maintaining a trustworthy and professional online presence.

S

SIA Laivunams

laivunams.lv

52

SIA Laivunams operates an e-commerce platform specializing in the sale of boats, motors, SUP boards, and related accessories, primarily serving the Latvian market. The company positions itself as a regional retailer with a focus on quality products and customer service, offering additional services such as boat rental and repair. The website is built on a modern Angular framework, incorporating popular libraries such as Swiper.js and Google Tag Manager for analytics. The technical infrastructure reflects a moderate to good level of digital maturity with responsive design and SEO optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and incident response information suggests room for improvement. Privacy compliance is partially addressed with a privacy policy present, but lacks cookie consent mechanisms. Overall, the website presents a professional and trustworthy front for the business, with clear contact information and consistent branding.

R

Rieker Holding AG

remonte.us

62

Remonte Shoes operates as an e-commerce retailer specializing in footwear products, leveraging the Shopify platform for its online presence. The website is professionally designed with a focus on user experience and mobile optimization, targeting general consumers interested in shoes. The technical infrastructure is modern, utilizing Shopify's modular theme, Cloudflare DNS, and various third-party marketing and analytics tools. Security posture is adequate with HTTPS enabled and domain transfer protections in place; however, there is room for improvement in DNS security and HTTP security headers. Privacy and compliance documentation are notably absent or not easily discoverable, which may pose risks in regulatory adherence. Overall, the domain registration data aligns well with the business identity, supporting legitimacy. Strategic enhancements in privacy transparency and security hardening are recommended to bolster trust and compliance.

D

DRAXIS ENVIRONMENTAL S.A.

draxis.gr

53

DRAXIS Environmental is a medium-sized technology company based in Greece specializing in environmental engineering and digital transformation solutions. Their offerings include air pollution monitoring, climate intelligence, circular economy research, IoT data management, remote sensing, and AI-driven environmental simulations. The company targets organizations seeking innovative environmental and sustainability solutions. The website is built on WordPress using Elementor and integrates modern technologies such as Google Analytics and multilingual support. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks published privacy policies, terms of service, and security headers. Contact information is not explicitly provided on the site, which may impact user trust. Overall, the site is professional and content-rich, reflecting a credible business presence.

L

Local Gear Inc.

locally.com

65

Locally.com is a platform operated by Local Gear Inc. that connects shoppers, brands, and local retailers to facilitate online-to-offline commerce, enabling consumers to shop online and pick up or receive products locally. Founded in 2013, the company positions itself as a leading decentralized shopping network bridging digital and physical retail. The website demonstrates a modern technical infrastructure using lightweight JavaScript frameworks and CDN-hosted assets, providing a good user experience with mobile optimization and clear navigation. Security posture is moderate with HTTPS implied but lacking explicit security headers and cookie consent mechanisms. The absence of WHOIS data for the domain introduces some trust concerns, though the professional website and consistent branding mitigate these. Overall, Locally.com presents a credible retail technology business with room for improvement in security and privacy compliance.

C

ConveyThis

conveythis.com

63

ConveyThis is a technology company specializing in AI-powered automatic website translation and multilingual SEO solutions. The company offers a SaaS platform that enables website owners and businesses to translate their websites into over 100 languages quickly and efficiently, with a strong focus on SEO compliance and user experience. Their market position is that of a global leader in localization services, supported by fast proxy technology and extensive CMS and e-commerce platform integrations. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and jQuery, and integrates marketing and analytics tools like Google Tag Manager and MailerLite. The site demonstrates excellent design quality, mobile optimization, and SEO best practices, providing a fast and accessible user experience. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and formal security policies or incident response contacts. The absence of privacy and cookie policies and missing WHOIS registrant data slightly reduce trustworthiness. Overall, the security posture is good but could be improved with additional transparency and policy disclosures. The overall risk assessment is moderate-low risk with recommendations to enhance privacy compliance, security transparency, and WHOIS data availability to strengthen trust and compliance posture.

F

FRISCHBETON s.r.o.

frischbeton.cz

69

FRISCHBETON s.r.o. is a large Czech concrete manufacturing company operating under the STRABAG SE construction group. It produces concrete mixtures and related products across the Czech Republic and Slovakia, positioning itself as one of the largest producers in the market. The website reflects a professional business presence with clear branding and comprehensive information about products, certifications, and compliance. Technically, the site uses a mix of legacy and modern web technologies, including jQuery, Bootstrap, and OneTrust for cookie consent, hosted on a Lotus Domino CMS platform. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in incident response transparency and vulnerability disclosure. Overall, the site is accessible, well-structured, and compliant with GDPR requirements.

H

Heidelberg Materials, a.s.

transportbeton.cz

45

Heidelberg Materials CZ operates as a major provider of transport concrete and related construction materials across the Czech Republic. The company offers comprehensive services including production, delivery, and pumping of concrete, as well as manufacturing of various mortars and screeds. It is part of the larger Heidelberg Materials group, which is a recognized leader in the building materials industry. The website reflects a professional corporate presence with clear branding and a focus on serving construction professionals such as builders, developers, and architects. Technically, the site uses modern JavaScript libraries, Google Tag Manager for analytics, and a proprietary CMS, delivering a moderately fast and mobile-optimized experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though additional security headers could enhance protection. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the strong corporate branding and content quality. Overall, the site is well-positioned to support the company's business objectives and maintain trust with its audience.

H

HC VÍTKOVICE RIDERA

hc-vitkovice.cz

48

HC VÍTKOVICE RIDERA operates an official website serving as the primary digital platform for the Czech ice hockey club. The site provides comprehensive information including news articles, match schedules, team rosters, ticket sales, and fan engagement features. It targets hockey fans and the local community, positioning itself as a reputable sports club with a medium-sized presence in the Czech Republic. Technically, the website employs modern web standards with responsive design, custom fonts, and JavaScript libraries such as Swiper.js for interactive elements. Security-wise, the site enforces HTTPS, includes cookie consent mechanisms, and implements standard security headers, reflecting a good security posture. However, explicit security policies and incident response contacts are not publicly available, indicating room for improvement in transparency and compliance. Overall, the website is professional, trustworthy, and well-maintained, with no signs of blocking or malicious content.

S

Sabiedriba ar ierobezotu atbildibu "Lafivents"

lafi.lv

38

LAFI is a leading Latvian company specializing in building climate and technical solutions, with nearly 30 years of experience in the local and international markets. Their core services include installation and maintenance of heating, ventilation, and sewage systems, as well as building management. The company operates multiple subsidiaries, enhancing its service portfolio and market reach. The website reflects a professional and consistent brand image, targeting Latvian businesses and property owners seeking technical building solutions. Technically, the site is built on WordPress with modern SEO and analytics tools, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration data aligns well with the business identity, supporting legitimacy and trustworthiness.

M

Město Vamberk

vamberk.cz

49

Město Vamberk operates an official municipal website serving the residents and visitors of the town of Vamberk in the Czech Republic. The site provides comprehensive local government information including news updates, official documents, event calendars, and contact details for municipal offices. It also links to several managed organizations and local services, reinforcing its role as a central information hub for the community. The website is well-structured with clear navigation and is optimized for mobile devices, reflecting a moderate level of digital maturity. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Swiper.js, hosted on a CMS platform likely provided by GC System. The site uses HTTPS and includes a cookie consent mechanism, indicating attention to privacy compliance. However, the absence of WHOIS data and lack of explicit security policies or incident response information suggest areas for improvement in transparency and security governance. From a security perspective, the site benefits from HTTPS and some security best practices but lacks comprehensive security headers and a vulnerability disclosure policy. No critical vulnerabilities were detected in the visible content. The cookie consent banner and privacy policy indicate GDPR awareness, but further enhancements in security documentation and incident response readiness are recommended. Overall, the website is a trustworthy and professional municipal portal with good content quality and user experience. The missing WHOIS data is a concern but does not detract significantly from the site's legitimacy given its official nature. Strategic improvements in security policies and transparency would enhance trust and compliance.

M

Město Týniště nad Orlicí

tyniste.cz

62

Město Týniště nad Orlicí operates an official municipal website serving residents and visitors with local government information, news, events, and public services. The site positions itself as a trusted source for municipal updates and community engagement, supported by clear contact details and social media presence. The business model is typical for a local government entity, focusing on public service delivery rather than commercial activities. Technically, the website uses a proprietary CMS called Public4u, supplemented by common JavaScript libraries such as jQuery and Swiper.js. The site is mobile-optimized and provides a moderate performance experience. SEO and accessibility features are basic but functional. HTTPS is enforced, ensuring secure communication. From a security perspective, the site demonstrates good baseline practices such as HTTPS and cookie consent mechanisms. However, the absence of security headers and lack of explicit security or privacy policies indicate room for improvement. The missing WHOIS data is a notable gap, reducing confidence in domain legitimacy, though the website content and official contact information mitigate this concern. Overall, the website is a reliable and professional municipal portal with moderate technical sophistication and a generally good security posture. Strategic improvements in security headers, policy transparency, and WHOIS data availability would enhance trust and compliance.

O

Obec Olešnice v Orlických horách

olesnice.net

52

Obec Olešnice v Orlických horách operates as the official municipal website for the small municipality located in the Královéhradecký region of the Czech Republic. The site provides residents and visitors with local government information, community news, event calendars, and tourism-related content. The website is well-structured, professionally designed, and mobile optimized, reflecting a good level of digital maturity for a small government entity. Technically, the site leverages common and reliable web technologies such as jQuery, Bootstrap, and Leaflet for mapping, ensuring a responsive and accessible user experience. Security posture is moderate; HTTPS is used, and a cookie consent mechanism is implemented, but the absence of security headers and privacy policy documents indicates room for improvement. The WHOIS data for the domain is missing, which raises concerns about domain legitimacy and registration status, although the website content and contact information appear consistent with an official municipal entity. Overall, the site is trustworthy and safe for general audiences but would benefit from enhanced transparency and security practices.

M

Město Rokytnice v Orlických horách

rokytnicevoh.cz

40

Město Rokytnice v Orlických horách is the official municipal government website serving the small city located in the Královéhradecký region of the Czech Republic. The site provides comprehensive information about the city administration, local governance, public services, cultural organizations, and tourism opportunities. It targets residents, visitors, and stakeholders interested in local government activities and community events. The website supports year-round tourism and community engagement through detailed sections on waste management, social services, and local news updates. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Swiper.js, and other JavaScript libraries to deliver a responsive and accessible user experience. The site is mobile-optimized and features clear navigation with structured menus and content sections. Performance is moderate, with no critical errors or broken elements detected. However, the CMS appears to be a custom or proprietary system, which may limit flexibility. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, demonstrating awareness of privacy regulations. However, it lacks explicit privacy policy and security incident response pages, and security headers are not fully implemented. No vulnerabilities or exposed sensitive data were detected, but the absence of WHOIS data for the domain raises concerns about domain registration legitimacy. Overall, the website is professional and trustworthy in content and presentation but would benefit from enhanced transparency regarding privacy policies and domain registration information. Strategic improvements in security headers and incident response disclosures would strengthen its security posture and compliance standing.

D

Dřevobox.cz

drevobox.cz

54

Dřevobox.cz is a Czech Republic-based e-commerce retailer specializing in wooden products and custom engraving services. The website offers a wide range of wooden goods including boxes, furniture, kitchen utensils, decorations, and fashion accessories, targeting general consumers interested in quality wooden items and personalized gifts. The business model is primarily online retail with a focus on craftsmanship and customization. The site is well-branded and professionally designed, providing clear navigation and a comprehensive product catalog.

C

Centralplast s.r.o.

centralplast.cz

59

Centralplast s.r.o. is a Czech manufacturing company specializing in custom plastic products, including luxury pools, rainwater tanks, boats, and industrial containers. With over 30 years of tradition, the company serves customers across Europe, positioning itself as a trusted provider of high-quality, tailor-made plastic solutions. The website reflects a professional and consistent brand image, targeting both B2B and B2C audiences interested in bespoke plastic manufacturing. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, and popular libraries like Swiper.js for UI components. It integrates Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and provides a good user experience with clear navigation and multilingual support. From a security perspective, the site uses HTTPS and includes Google reCAPTCHA in its forms, enhancing protection against automated abuse. However, it lacks several important security headers such as X-Frame-Options and a robust Content-Security-Policy, which are recommended to improve security posture. Privacy compliance is partially addressed with a comprehensive privacy policy and GDPR consent on forms, but no explicit cookie consent mechanism was detected. Overall, Centralplast's website demonstrates a solid business credibility and technical foundation with room for security and privacy improvements. The domain registration data aligns well with the company's history and location, supporting legitimacy. No signs of malicious activity or content safety concerns were found.

Z

Zabbix

zabbix.com

77

Zabbix is a globally recognized enterprise-class open-source network and application monitoring solution. The company offers a comprehensive suite of products including on-premise software, a fully managed cloud platform, professional services, and extensive training and certification programs. Their market position is strong, supported by a large deployment base and trusted by Fortune 500 companies and government entities. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site uses modern JavaScript libraries and tracking tools, with good performance and mobile optimization. Security posture is solid with HTTPS enforced and published security policies, though some security headers could be improved and a cookie consent mechanism is missing, which may affect GDPR compliance. Overall, the business credibility is high, supported by case studies, partner programs, and active community engagement. The WHOIS data is unavailable or protected, which is a minor concern but does not detract from the overall trustworthiness given the company's established reputation.

C

Canada Cup

canadacup.com

62

Canada Cup is a well-established, non-profit organization operating Canada's largest international softball tournament since 1998. The organization focuses on providing elite-level competition and exposure for young female athletes, supported by a strong volunteer base and community engagement. The website reflects a mature digital presence with integrated ticketing, registration, and live streaming services, targeting athletes, volunteers, and spectators. Technically, the site is built on WordPress with Elementor and Yoast SEO, leveraging modern web technologies and third-party platforms for event management. Security posture is solid with HTTPS and domain locking, though improvements are recommended in DNS security and privacy compliance. Overall, the site is professional, trustworthy, and content-rich, serving its audience effectively.

C

Centrum pro rodinu a sociální péči

crsp.cz

46

CRSP Brno is a well-established non-profit organization based in the Czech Republic, dedicated to supporting families through educational, counseling, leisure, and spiritual programs. Founded in 1992 and affiliated with the Brno Diocese, it serves a broad audience including families, parents, and individuals facing challenging life situations. The organization offers a diverse range of services including courses, family support, and facility rentals, positioning itself as a trusted community resource. Technically, the website is built on WordPress using modern tools such as Elementor and Nimble Builder, with SEO and analytics integrations like Yoast SEO, Google Analytics, and Facebook Pixel. The site demonstrates good mobile optimization, accessibility, and performance, with proper use of HTTPS and security headers enhancing its security posture. Security-wise, the site follows best practices with encrypted connections and cookie consent mechanisms, though it lacks publicly available security policies or incident response contacts. The absence of WHOIS data reduces transparency but does not significantly detract from the site's legitimacy given its content and affiliations. Overall, the website presents a professional, trustworthy, and user-friendly platform for its target audience. Strategic improvements could include publishing explicit security and incident response policies, enhancing direct contact information, and addressing the WHOIS data gap to improve trust and compliance.

M

Město Bakov nad Jizerou

vcasbakov.cz

61

Volnočasový areál Bakov nad Jizerou is a municipally operated leisure and accommodation facility located in the Czech Republic. It offers a variety of recreational services including sports facilities, children's playgrounds, natural swimming areas, and seasonal accommodation options such as cottages and apartments. The website serves as an information portal for visitors and local residents, providing event calendars, booking options, and contact details. The business model is focused on community service and tourism support, positioning itself as a local hub for leisure activities. Technically, the website is built on the Public4u CMS platform and utilizes common JavaScript libraries such as jQuery and Swiper.js for interactive elements. The site is mobile-optimized with good navigation and SEO practices. However, there is room for improvement in accessibility and performance optimization. The absence of advanced analytics or tracking scripts suggests a minimalistic approach to user data collection. From a security perspective, the site uses HTTPS but lacks important security headers that could enhance protection against common web threats. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is addressed through a GDPR and cookie policy page with a consent mechanism, indicating awareness of regulatory requirements. The lack of WHOIS data is a concern for domain legitimacy verification but does not directly impact the operational security of the website. Overall, the website presents a trustworthy and professional front for a local government-operated leisure facility. Strategic improvements in security headers, WHOIS transparency, and accessibility could further strengthen its digital maturity and user trust.

K

Kraj sveta

krajsveta.sk

50

Kraj sveta is a regional tourism promotion website focused on the Košice region in Slovakia. It offers visitors curated local experiences, bucket lists, and accommodation booking options through trusted partners like Booking.com. The website targets tourists interested in exploring the region's natural, cultural, and gastronomic attractions. Technically, the site is built on WordPress with modern plugins such as Yoast SEO and Oxygen Builder, ensuring good SEO and mobile responsiveness. However, it lacks visible privacy and cookie policies despite using tracking technologies like Google Analytics and Facebook Pixel, which poses compliance risks. Security posture is moderate with HTTPS enabled but missing security headers and incident response information. Overall, the site is legitimate and professionally presented but would benefit from enhanced privacy compliance and security best practices.

H

Helix Cleaner s.r.o.

helixaircleaner.eu

47

Helix Cleaner s.r.o. is a Czech company specializing in advanced photocatalytic air purification technology designed for a variety of environments including industrial, healthcare, public, and private spaces. Their patented Helix air purifier uses titanium dioxide photocatalysis activated by UV-A light to effectively eliminate harmful particles, bacteria, viruses, and odors without the need for filters. The website presents a professional and consistent brand image with clear messaging targeting businesses and households seeking high-efficiency air cleaning solutions. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and popular libraries such as Swiper.js and Google Tag Manager. It features responsive design optimized for mobile devices and includes a comprehensive cookie consent mechanism supporting GDPR compliance. The site uses HTTPS with strong SSL configuration, secure forms with CSRF tokens, and no exposed sensitive data, reflecting a good security posture. Security-wise, while the site enforces HTTPS and cookie consent, it lacks explicit security policy or incident response information. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data. The domain is registered with a reputable registrar, and the website content aligns with the business claims, supporting legitimacy. Overall, the website scores well on content quality, technical implementation, security, privacy compliance, and business credibility. Strategic improvements include publishing security and incident response policies, enhancing security headers, and adding a vulnerability disclosure policy to further strengthen trust and compliance.

A

Asociace českých filmových klubů

lfs.cz

43

The website lfs.cz represents the 51st Letní filmová škola Uherské Hradiště, a well-established cultural film festival organized by the Asociace českých filmových klubů. The festival is scheduled for July 25-31, 2025, and the website serves as the primary digital platform for festival information, ticketing, program schedules, and participant guidance. The site targets film enthusiasts, cultural audiences, and industry professionals, positioning itself as a key event in the Czech Republic's media and cultural sector. The business model revolves around event organization, ticket sales, and cultural promotion, supported by partnerships and sponsorships.

A

AGENTURA VELRYBA s.r.o.

vizovicketrnkobrani.cz

46

Vizovické Trnkobraní is a well-established cultural and entertainment festival held in Vizovice, Czech Republic, organized by AGENTURA VELRYBA s.r.o. The website serves as the primary digital presence for the event, providing information about the festival, ticket sales, program details, and partner acknowledgments. The business model revolves around event organization, sponsorship, and ticketing, targeting a general audience with a focus on regional cultural engagement. The site reflects a medium-sized enterprise with a consistent brand and good content quality.