Security Directory

T

THINline s.r.o.

thinline.cz

66

THINline s.r.o. is a Czech technology company specializing in providing comprehensive online solutions including web design, web hosting, e-marketing, and custom information systems. The company operates multiple subsidiary brands such as Cesky-Hosting.cz, Spolehlive-Servery.cz, and WebSynergy.cz, serving a client base of approximately 30,000 daily users. Their market position is that of a well-established medium-sized service provider in the Czech Republic, focusing on reliable and professional internet services for businesses. Technically, the website is built on a custom CMS platform (WebSynergy) and employs modern web technologies including Google Analytics and Google Tag Manager for tracking. The site is mobile-optimized with good SEO and accessibility features, though some improvements in security headers could enhance the technical posture. Performance is moderate with a professional design and clear navigation. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, no explicit security policy or incident response information is found, and WHOIS data is unavailable, which slightly reduces trustworthiness. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a professional and trustworthy business front with solid privacy compliance and user experience. The main risk lies in the lack of WHOIS transparency and missing security headers, which should be addressed to improve domain legitimacy and security posture.

P

PechaSan spol. s r.o. and G-System spol. s r.o.

tzb-cz.cz

57

The website www.tzb-cz.cz represents a professional wholesale business specializing in technical building equipment, including heating, sanitary installations, fireplaces, and stoves. The business operates primarily in the Czech Republic through two companies, PechaSan spol. s r.o. and G-System spol. s r.o., under the umbrella of the GC SKUPINA group. The site targets professional installers and trade customers, offering a broad product portfolio, consulting services, training, and a loyalty bonus program. The business model is B2B wholesale with a strong regional presence and established market position. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Slider Revolution, and it integrates Google Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security measures include HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not published. From a security perspective, the site demonstrates good practices with no detected vulnerabilities or malicious content. Privacy compliance is well addressed with a cookie consent mechanism and a comprehensive privacy policy. However, the absence of WHOIS data reduces domain transparency and trustworthiness, which is a notable concern. Overall, the site is professional and trustworthy but could improve transparency and security communication. Strategic recommendations include publishing a formal security policy, providing incident response contact details, enhancing accessibility, and establishing a vulnerability disclosure policy to strengthen security posture and trust.

W

Weblider s.c.

strefakalendarzy.pl

43

Weblider s.c. operates the website strefakalendarzy.pl, a specialized printing company focused on producing a wide range of advertising calendars for businesses and individual customers primarily in Poland. The company offers various calendar types including wall, desk, book, poster, and planner calendars, complemented by custom graphic design services. The website is well-structured, professionally designed, and provides comprehensive product information and ordering options, including phone, email, and online forms. Technically, the site is built on WordPress with SEO optimization via Yoast and uses Google Analytics and Google Ads for marketing and tracking. Security measures include HTTPS and reCAPTCHA on forms, but lack security headers and a privacy policy page, which are areas for improvement. The domain is registered with OVH SAS since 2010, consistent with the business's operational history. Overall, the website presents a trustworthy and professional image with moderate technical maturity and good business credibility.

A

AnFas, spol. s r. o.

jakdostat.cz

47

The website www.jakdostat.cz is dedicated to promoting a specialized book focused on improving collaboration between clients and graphic designers, studios, or agencies. The business behind the site is AnFas, spol. s r. o., a small Czech company. The site provides basic information about the book, ordering options, and a discussion forum, targeting clients seeking to optimize their design partnerships. The market position is niche, with a focus on design collaboration culture and quality improvement. Technically, the website uses an older jQuery version (1.4.2) and integrates Google Analytics and Google Tag Manager for user tracking. The site lacks modern CMS indicators and does not show evidence of advanced frameworks or hosting details. Performance and mobile optimization are basic, with minimal accessibility features. No forms or interactive inputs are present, reducing attack surface but also limiting user engagement. From a security perspective, the site does not present HTTPS or security headers in the provided data, which lowers its security posture. No privacy or cookie policies are found, indicating poor privacy compliance. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency. No vulnerabilities or exposed sensitive data were detected, but the site would benefit from improved security best practices. Overall, the website is functional for its purpose but lacks modern security, privacy, and technical standards. The domain's missing WHOIS data and lack of compliance documentation reduce trustworthiness. Strategic improvements in security headers, HTTPS enforcement, privacy policies, and domain registration transparency are recommended to enhance credibility and user trust.

I

Identity Online

identityonline.cz

50

Identity Online is a Czech Republic-based SaaS platform focused on providing cloud-based brand management and marketing content collaboration tools. The platform targets marketers, PR professionals, sales teams, and partners who require centralized, consistent, and secure access to brand assets and marketing materials. The website presents a professional image with detailed case studies and client references, indicating a niche market position with a focus on brand consistency and operational efficiency. Technically, the site uses modern JavaScript libraries such as jQuery, Video.js, and Swiper.js, along with Google Analytics and Tag Manager for tracking. The site is mobile optimized and offers a good user experience, though accessibility and SEO could be improved. Security posture is moderate, with HTTPS presumably enabled but lacking visible security headers and formal privacy or terms documentation. The absence of WHOIS data is a concern for domain legitimacy but does not directly contradict the business presence. Overall, the site is trustworthy and professional but would benefit from enhanced security and compliance transparency.

S

STORMWARE s.r.o.

stormware.cz

11

STORMWARE s.r.o. is a well-established Czech software company specializing in economic and accounting software solutions, primarily through its flagship product POHODA. The company targets entrepreneurs and medium to large enterprises, offering a comprehensive suite of products including payroll, tax, and mobile invoicing software. Their market position is strong within the Czech Republic, supported by extensive customer support, training, and a professional online presence. Technically, the website is built on ASP.NET with modern JavaScript libraries and frameworks, ensuring good performance and mobile optimization. Security measures include HTTPS, a strict Content-Security-Policy, and cookie consent mechanisms, reflecting a mature security posture. However, the absence of WHOIS data limits domain trust verification. Overall, the site is professional, secure, and compliant with GDPR, making it a trustworthy platform for its users.

I

iPodnik cloud s.r.o.

ipodnik.cz

10

iPodnik cloud s.r.o. is a Czech-based cloud service provider specializing in modern private cloud solutions built on Microsoft platforms. With over 14 years of experience and a customer base exceeding 4000, the company offers a range of services including hosting for accounting software Pohoda, Microsoft 365 applications, Power BI reporting, and custom cloud server configurations. Their market position is solid within the Czech and Slovak regions, targeting small to medium enterprises and accounting firms seeking secure and efficient cloud infrastructure. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive service descriptions. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, including Google Tag Manager, Facebook Pixel, and reCAPTCHA v3 for form security. Security posture is good with HTTPS enforced and some security best practices observed, though improvements in security headers and explicit privacy policy publication are recommended. The absence of WHOIS data reduces domain trust slightly but does not detract significantly from the overall legitimacy given the business indicators and content quality. Overall, iPodnik demonstrates a strong business and technical foundation with room for enhanced privacy compliance and security hardening.

S

Story by Jakub

storybyjakub.com

10

Story by Jakub is a Czech-based motivational and health awareness platform centered around Jakub Žák, an athlete and speaker who promotes cardiovascular health and personal development through motivational lectures, charity projects, and media content. The website serves a niche audience interested in health, motivation, and sports, leveraging partnerships with notable organizations such as Cardion and Toyota Brno. Technically, the site is built on WordPress with modern plugins and integrates analytics and social media effectively, though it lacks some privacy compliance elements such as explicit privacy and cookie policies. Security posture is adequate with HTTPS and no visible vulnerabilities, but could be improved with additional security headers and formal policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

M

Manifesta Comunicació Corporativa

observatorirenovables.cat

9

The Observatori Energies Renovables de Catalunya (OBERCat) is a specialized informational platform focused on renewable energy developments within Catalonia, Spain. Operated by Manifesta Comunicació Corporativa, the website serves as a regional observatory providing news, data, and educational content related to sustainable energy. The platform targets professionals, stakeholders, and the general public interested in renewable energy trends and policies in the region. The business model appears to be informational and educational, likely supported by regional or governmental entities. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies such as Google Analytics for visitor tracking via the MonsterInsights plugin. The site is mobile-optimized with a moderate performance profile. However, some technical improvements could enhance security and privacy compliance, including enabling DNSSEC, adding security headers, and publishing comprehensive privacy and cookie policies. From a security perspective, the website uses HTTPS correctly, ensuring encrypted communications. No immediate vulnerabilities or exposed sensitive data were detected. However, the absence of security headers and lack of incident response or vulnerability disclosure information indicate room for improvement in security posture. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Overall, the website is a credible and professionally presented resource within its niche but would benefit from enhanced privacy and security practices to improve trust and compliance. Strategic recommendations include implementing DNSSEC, publishing privacy and cookie policies with consent mechanisms, adding security headers, and establishing clear incident response contacts.

S

SolarPower Europe

solarpowereurope.org

10

SolarPower Europe is a leading European solar industry association focused on advocacy, market insights, and fostering collaboration across the solar PV value chain. The organization provides comprehensive reports, campaigns, and events to support the energy transition towards renewables, storage, and grid flexibility. Their website demonstrates a mature digital presence with modern technologies such as Nuxt.js, Google Analytics, and YouTube integration, delivering a rich user experience optimized for mobile and desktop users. Security posture is solid with HTTPS and no visible vulnerabilities, although some security headers and explicit security policies could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. The absence of WHOIS data limits domain trust verification, but the professional content and transparency support legitimacy. Overall, the website is a trustworthy and authoritative source for solar energy information and industry engagement.

W

webDOMU s.r.o.

webdomu.cz

55

webDOMU.cz is a Czech Republic based SaaS platform specializing in providing web solutions for housing cooperatives (bytová družstva) and homeowners associations (SVJ). Founded in 2014, the company offers a comprehensive portal that enables easy creation and management of websites tailored to the needs of these communities. Their services include online voting, document sharing, automated notifications via email and SMS, and additional financial and insurance services. The platform targets a niche market with a strong local presence and a loyal customer base of over 20,000 users. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, integrates multiple analytics tools including Google Analytics and Matomo, and uses HTTPS to secure data transmission. However, the backend CMS appears custom-built with no explicit mention of security frameworks or certifications. Security posture is solid with encrypted data transmission and secure login forms, but lacks published security policies or incident response contacts. Privacy compliance is basic with cookie consent mechanisms and terms of service available, but no dedicated privacy policy or GDPR compliance statements were found. Overall, the website is professional, trustworthy, and well-positioned in its market segment, though improvements in security transparency and accessibility could enhance its maturity.

I

International Fiscal Association

ifa.nl

57

The International Fiscal Association (IFA) is a well-established non-governmental and non-sectoral international organization focused on the study and advancement of international and comparative fiscal law. Founded in 1938 and based in the Netherlands, IFA serves a global audience of tax professionals, academics, government officials, and judiciary members. The website reflects a professional and authoritative presence with comprehensive content about its congresses, research, awards, and membership services. Technically, the site employs modern web technologies including Bootstrap, jQuery, and Google Analytics, and it is optimized for mobile devices with good SEO practices. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent mechanisms, though it lacks explicit security policy and incident response information. Overall, the site is trustworthy, well-branded, and compliant with privacy regulations.

B

Bureau DGC

bureaudgc.com

46

Bureau DGC is a small Paris-based graphic design studio founded in 2016, specializing in book design, visual identity, spatial design, website, and digital media. The company targets artists, publishers, architects, urbanists, and brands, positioning itself as a niche creative agency with a professional portfolio showcasing diverse projects. The website reflects a consistent brand identity and provides clear contact information, though it lacks social media presence and phone contact details. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with Google Analytics and Google Tag Manager for tracking. The site is hosted by OVH sas, a reputable provider. Mobile optimization is good, but accessibility and SEO optimizations are basic. No CMS or advanced frameworks are detected. From a security perspective, the site uses HTTPS but lacks DNSSEC and security headers, which are important for enhancing security posture. There are no visible privacy or cookie policies, nor incident response contacts, indicating compliance gaps especially regarding GDPR. The domain registration data is consistent and trustworthy, supporting the legitimacy of the business. Overall, the website is professional and functional but would benefit from improved security practices and privacy compliance measures to enhance trust and regulatory adherence.

The website ibuildmytime.com serves as a personal and professional portfolio for Léa Guillon, a creative professional specializing in graphic arts, coding, and poetry. The site showcases a variety of printed and digital creative works including books, posters, websites, drawings, texts, and installations. The business operates as a small creative entity based in France, founded in 2022, targeting a general audience interested in artistic and digital content. The market position is niche, focusing on bespoke creative services rather than mass-market offerings. Technically, the website employs a modern JavaScript technology stack including jQuery, LazyLoad libraries, Swiper for sliders, and Video.js for video content. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is hosted by OVH sas, a reputable hosting provider, and uses HTTPS, though DNSSEC is not enabled. Mobile optimization is good, but accessibility and SEO features are basic. No CMS is detected, indicating a custom-built site. From a security perspective, the site lacks several best practices: no DNSSEC, no security headers detected, and no disclosed security or incident response policies. Privacy and cookie policies are absent, and no GDPR compliance indicators are present. Contact information is limited to an email address, with no phone or physical address provided. Despite these gaps, no critical vulnerabilities or malicious content were detected, and the domain registration is transparent and consistent with the business profile. Overall, the website is functional and professionally presented but would benefit from enhanced privacy compliance, security hardening, and clearer business information to improve trust and regulatory adherence.

L

LevneiPhony.cz

levneiphony.cz

56

LevneiPhony.cz is an e-commerce business specializing in the sale of affordable used and refurbished Apple iPhones and related accessories, targeting consumers primarily in the Czech Republic. The website offers a variety of iPhone models in different conditions, including new, unpacked, nearly new, and used, with warranty and money-back guarantees, enhancing customer trust. The business model focuses on providing premium quality devices at significantly reduced prices, appealing to budget-conscious customers seeking Apple products. The site is well-structured with clear navigation and product categorization, supporting a positive user experience.

E

EastBiz.com, Inc.

incparadise.net

59

EastBiz.com, Inc., operating the IncParadise.net website, is a specialized service provider focused on business incorporation and registered agent services primarily in Nevada and Wyoming. The company offers a comprehensive suite of services including corporation and LLC formation, registered agent services, mail forwarding, and business account setup. With a domain age dating back to 2009 and clear business contact information, the company positions itself as a trusted and established player in the niche market of US business formation services. Technically, the website is built on WordPress and leverages a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, and other marketing and analytics tools. The site is well-structured with good SEO practices and mobile optimization, although some accessibility features could be enhanced. Hosting and DNS are managed through reputable providers including GoDaddy and Cloudflare. From a security perspective, the site enforces HTTPS and uses reCAPTCHA on forms, but lacks several important HTTP security headers and does not have DNSSEC enabled. There are no visible vulnerabilities or exposed sensitive data, but improvements in security headers and DNS security are recommended to strengthen the security posture. Overall, the website is professional, trustworthy, and provides clear business information and contact channels. The extensive use of tracking and marketing tools indicates active customer engagement and lead generation efforts. The risk profile is low with no signs of malicious activity or content safety concerns.

P

Planet Express

planetexpress.com

66

Planet Express is a medium-sized logistics and package forwarding service provider established in 2001, offering US address provision and international package forwarding with consolidation services. The company targets international shoppers and businesses seeking to shop in US stores and ship globally. The website is built on WordPress with modern SEO and analytics integrations, providing a good user experience and mobile optimization. Security posture is strong with HTTPS, security headers, and domain registration protections, though it lacks explicit security policies and incident response contacts. Privacy compliance is well addressed with comprehensive policies and a cookie consent mechanism. Overall, the site is professional, trustworthy, and technically sound, supporting its business operations effectively.

C

Centrální evidence psů ČR

evidencepsu.cz

47

Evidence psů is a Czech Republic based online platform dedicated to the registration of dogs via microchip in the national dog registry. It offers services including dog registration, sale of unique dog tags with QR codes, a lost and found dog database, and a blog with dog-related information. The platform targets dog owners in the Czech Republic and positions itself as a national registry with additional value-added services. Technically, the website employs modern web technologies such as Google Analytics, Facebook Pixel, Google reCAPTCHA, and Smartsupp chat, ensuring a responsive and user-friendly experience. The site is hosted on HTTPS with cookie consent mechanisms and privacy policies aligned with GDPR requirements. Security posture is good with HTTPS and form protections, though explicit security headers are missing. The absence of WHOIS data for the domain reduces trust from a domain registration perspective, but the professional presentation and comprehensive contact information support legitimacy. Overall, the website is well-structured, secure, and compliant, serving a niche market effectively.

A

AiVision, s.r.o.

aivision.cz

53

AiVision, s.r.o. is a Czech Republic based technology company specializing in web development, e-commerce solutions, and IT services with over 21 years of market presence. The company offers a comprehensive portfolio including website creation, web design, database applications, SEO, hosting, and WordPress security services. Their market position is that of an established local provider focused primarily on Prague and surrounding regions. Technically, the website employs modern frameworks such as Bootstrap and jQuery, integrates Google Analytics and Facebook SDK for marketing and tracking, and uses Google reCAPTCHA for form security. The site is mobile optimized and provides a professional user experience with clear navigation and relevant content. Security posture is moderate with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and detailed security policies. WHOIS data is unavailable, which slightly impacts domain trustworthiness, though business legitimacy is supported by consistent contact information and client references. Overall, the site demonstrates good digital maturity and business credibility with room for improvement in security transparency and WHOIS data availability.

S

SOMFY Group

somfy-group.com

68

SOMFY Group is a global leader in home and building automation, specializing in motorization and control solutions for openings and closures. The company operates in over 59 countries and emphasizes sustainability and digital innovation. Their website reflects a mature digital presence with comprehensive corporate content, including annual reports and sustainability initiatives. Technically, the site uses modern frameworks like Bootstrap and integrates multiple analytics and tracking tools, hosted likely via Akamai CDN. Security posture is good with HTTPS enforced and a dedicated cybersecurity reporting channel, though explicit security headers are not detected. Privacy compliance is strong with clear cookie consent and privacy policies in French, aligned with GDPR. The domain WHOIS data is unavailable, which slightly reduces trust but the overall site professionalism and content quality support legitimacy.

D

Del Monte Foods Corporation II Inc.

delmontefoodservice.com

65

Del Monte Foodservice is a well-established B2B foodservice supplier offering a wide range of produce, broths, and snacks to professional foodservice customers. The company leverages its long history and brand recognition to maintain a strong market position. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content tailored to its target audience. Technically, the site is built on Drupal 9 with integrations of HubSpot forms and Google Analytics, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no obvious vulnerabilities, though explicit security headers and incident response information are absent. Privacy compliance is well addressed with clear privacy and cookie policies. Overall, the site presents a trustworthy and professional digital presence, though WHOIS data absence warrants further verification.

D

Del Monte Foods

delmontefoods.com

68

Del Monte Foods is a well-established food manufacturing and retail company with a rich history spanning over 135 years. The company offers a portfolio of well-known brands focused on wholesome and quality food products, targeting general consumers and grocery buyers primarily in the United States. Their business model centers on manufacturing and brand management with a strong emphasis on sustainability and corporate responsibility. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content that supports their market position. Technically, the website is built on the Drupal CMS platform, utilizing modern web technologies including jQuery, Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing. The site is mobile optimized and includes accessibility features such as the UserWay widget. Performance is moderate, with good SEO and meta tag implementation. However, some security headers are not explicitly present, and there is no visible cookie consent mechanism, which could be improved for compliance. From a security perspective, the site enforces HTTPS and uses secure analytics scripts, but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective, though the website content and branding strongly indicate legitimacy. Overall, the security posture is good but could benefit from enhanced header policies and privacy compliance features. The overall risk assessment is low, with recommendations to improve privacy compliance by adding cookie consent, publish security policies, and enhance security headers. These steps will strengthen trust and regulatory adherence while maintaining a professional and secure online presence.

R

Risewell

mojetehotenstvi.cz

46

MojeTehotenstvi.cz is a Czech-language community website focused on pregnancy, childbirth, parenting, and related health topics. It offers forums, pregnancy diaries, articles, multimedia content, and clubs for mothers and parents. The site is built on Drupal 8 and integrates Google Analytics and Adsense for tracking and monetization. However, the site suffers from spammy user-generated posts promoting online pharmacies, which undermines content quality and trust. No privacy or cookie policies are clearly presented, and WHOIS data is unavailable, indicating privacy protection or registration issues. The technical infrastructure is moderate with responsive design but lacks visible security headers and comprehensive privacy compliance. Overall, the site serves a niche audience but requires improvements in security, content moderation, and compliance to enhance trust and user safety.

C

Chronic Disease Awareness Day

chronicdiseaseday.org

44

Chronic Disease Awareness Day is a nonprofit advocacy initiative led by Good Days, focusing on raising awareness and improving care access for chronic disease patients across the United States. The organization collaborates with numerous national health advocacy partners to host events, engage communities, and influence policy. The website reflects a mature digital presence with clear branding, event information, and social media integration, targeting patients, advocates, and policymakers. Technically, the site is built on WordPress with modern plugins and SEO tools, hosted via GoDaddy, and employs HTTPS with a good security posture, though improvements like DNSSEC and enhanced security headers are recommended. Privacy compliance is limited by the absence of explicit privacy and cookie policies, which should be addressed to meet regulatory standards. Overall, the site is professional, trustworthy, and serves its advocacy mission effectively.

F

Five9

five9.com

73

Five9 is a leading enterprise provider of cloud contact center software and AI-powered customer experience solutions. The company targets businesses seeking to enhance their customer service operations through reliable, scalable, and intelligent cloud-based platforms. Their market position is strong, supported by a professional website, high customer ratings, and a clear focus on AI integration in contact centers. The website is built on Drupal 10 and incorporates modern analytics and optimization tools, reflecting a mature digital infrastructure. Performance and mobile optimization are good, supporting a positive user experience. Security posture is solid with HTTPS enforced and no exposed sensitive data, though explicit security headers and public security policies could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, indicating attention to regulatory requirements. Overall, Five9 presents a trustworthy and professional online presence, though the absence of WHOIS data limits domain registration trust verification.

B

BRAIN-TEAM

brain-team.fr

42

BRAIN-TEAM is a French healthcare coordination network specializing in rare neurological diseases. It connects multiple reference centers and provides support programs for patients and caregivers, as well as facilitating research and education. The website is professionally designed, primarily in French, and targets patients, healthcare professionals, and researchers. It maintains partnerships with European Reference Networks and other rare disease organizations, positioning itself as a key player in the French rare diseases healthcare ecosystem. Technically, the website is built on WordPress with a modern theme and several plugins for sliders, maps, GDPR compliance, and multilingual support. Hosting is provided by OVH, a reputable French provider. The site is mobile-optimized and uses HTTPS with Google Analytics for traffic monitoring. SEO is supported by structured data and meta tags. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site enforces HTTPS and has a cookie consent mechanism compliant with GDPR. However, no explicit privacy policy or terms of service pages were found in the provided content, and no security.txt or incident response contacts are published. Security headers are not evident, which could be improved to enhance protection. No vulnerabilities or suspicious content were detected. Overall, the website is trustworthy and professional, serving an important healthcare niche. Strategic improvements in privacy documentation, security headers, and incident response transparency would strengthen its security posture and compliance.

T

The Siegel Rare Neuroimmune Association

wearesrna.org

66

The Siegel Rare Neuroimmune Association (SRNA) is an international nonprofit organization dedicated to advocating for individuals affected by rare neuroimmune disorders such as ADEM, AFM, MOGAD, NMOSD, ON, and TM. The organization focuses on education, advocacy, and accelerating research to find cures. Their website reflects a professional and consistent brand presence with multilingual support and active social media engagement. The target audience includes patients, families, healthcare professionals, and researchers. Technically, the site is built on WordPress with a modern tech stack including Google Analytics, Hotjar, and New Relic for monitoring. The site is mobile optimized and SEO friendly, though accessibility features are basic. Security posture is adequate with HTTPS and domain transfer protection, but lacks some security headers and explicit incident response information. Privacy compliance is partial, with cookie consent mechanisms but no explicit privacy policy found in the provided content. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the organization.

M

Mircem

mircem.fr

45

Mircem is a French national reference center specializing in rare inflammatory diseases of the brain and spinal cord. The organization focuses on data registry, public and professional education, and therapeutic guidance, positioning itself as a key healthcare resource within France and Europe through affiliations with Brain Team and the European Reference Network. The website reflects a professional healthcare entity targeting patients, families, and medical professionals, with content primarily in French and an English language option. Technically, the site is built on WordPress with a modern tech stack including Bootstrap and various plugins for SEO, multilingual support, and forms. Hosting is provided by Infomaniak Network SA, a reputable provider. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security policies and vulnerability disclosure mechanisms. Overall, the site is trustworthy, well-branded, and serves its niche effectively.

C

Chronic Disease Fund, Inc DBA Good Days®

mygooddays.org

52

MyGoodDays.org is the official website of Good Days, a national non-profit charitable organization dedicated to supporting patients with chronic illnesses by providing resources for life-saving and life-extending treatments. The organization operates a patient assistance program, collaborates with healthcare providers and donors, and maintains a strong presence in the non-profit healthcare sector. The website reflects a mature digital presence with a clear mission, comprehensive content, and multiple trust certifications, positioning it as a reputable entity in its field. Technically, the site is built on WordPress with Elementor and integrates modern analytics and user engagement tools such as Google Analytics, Hotjar, and Five9 chat. The site is mobile optimized and SEO friendly, though some accessibility features are basic. Security posture is generally good with HTTPS enforced and domain protections in place, but improvements are recommended in DNSSEC deployment and security headers. Privacy compliance is partial, with a privacy policy present but lacking a cookie consent mechanism. Overall, the site is professional, trustworthy, and well-maintained, serving its target audience effectively.

G

Global Genes

globalgenes.org

68

Global Genes is a well-established non-profit organization founded in 2010, dedicated to empowering the rare disease community globally. Their website serves as a comprehensive platform offering patient services, advocacy events, educational resources, and research facilitation tools. The organization targets individuals, caregivers, advocates, clinicians, and researchers involved in rare diseases, positioning itself as a trusted leader in this niche. The site’s content is rich, professionally presented, and highly relevant to its audience, reflecting a strong commitment to community support and education. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and various analytics and marketing tools such as Google Analytics, Hotjar, and Google Tag Manager. Hosting and DNS services are managed via GoDaddy and Cloudflare, ensuring reliable performance and moderate loading speeds. The site is mobile optimized and accessible, with good SEO practices implemented. From a security perspective, the site enforces HTTPS and employs domain status protections to prevent unauthorized changes. However, it lacks DNSSEC, Content-Security-Policy headers, and a publicly available security policy or incident response information, which are areas for improvement. No critical vulnerabilities or suspicious activities were detected, and privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. Overall, Global Genes presents a secure, credible, and professionally managed online presence with minor security enhancements recommended to further strengthen its posture. The organization’s transparency, trust signals, and comprehensive resources contribute to a high level of trustworthiness and user confidence.

The Autoimmune Encephalitis Alliance is a specialized non-profit organization dedicated to supporting patients, caregivers, healthcare professionals, and researchers involved with autoimmune encephalitis. Their mission focuses on collaborative research, clinical care, education, and community support to find a cure and improve patient outcomes. The website reflects a mature organization with a clear market position in the healthcare non-profit sector, offering key services such as patient support, professional resources, research grants, and community engagement. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and Gravity Forms. It employs Google Analytics and Tag Manager for tracking and uses Google reCAPTCHA to secure forms. The site is mobile-optimized with good SEO practices and structured data for enhanced search visibility. Hosting and domain registration are stable and consistent with the organization's history. From a security perspective, the site uses HTTPS with a valid SSL configuration and implements reCAPTCHA on forms to prevent abuse. However, it lacks security headers and DNSSEC, and does not publish a security policy or incident response contacts. Privacy compliance is limited as no privacy or cookie policies were found, which is a notable gap for GDPR and other regulations. Overall, the website is professional, trustworthy, and content-rich, but could improve its privacy and security posture to enhance compliance and user trust. Strategic improvements in security headers, privacy disclosures, and incident response transparency are recommended to strengthen the organization's digital maturity and risk management.

The website kolobezky-kickbike.cz represents ULTIMA TRADING, s.r.o., a small Czech company specializing in the retail and wholesale of Kickbike scooters and related accessories. The company has a long tradition in the scooter market, offering a wide range of products including sport, cross, city, and mushing scooters. The site provides rich content including product catalogs, blog stories, and company history, targeting outdoor enthusiasts and urban commuters. Technically, the site uses a classic jQuery-based stack with additional libraries for UI and media presentation, integrated with Google Analytics and Facebook Pixel for marketing and tracking. Security posture is adequate with HTTPS enforced but lacks modern security headers and uses an outdated jQuery version, which could pose vulnerabilities. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Contact information and company details are clearly presented, enhancing business credibility. However, the absence of WHOIS data for the domain reduces trust from a domain registration perspective, though the website content and business information appear legitimate and professional.

M

MIDPOINT Institute

midpoint-institute.eu

56

MIDPOINT Institute is a well-established talent incubator focused on advancing European film and series professionals, especially from Central and Eastern Europe. The organization offers a variety of project development programs, skills training, and networking platforms to support emerging audiovisual talents. The website reflects a professional and consistent brand presence, with clear contact information and comprehensive program details. Technically, the site uses modern JavaScript libraries and tracking tools with a strong emphasis on privacy compliance, including cookie consent management. Security posture is good with HTTPS enforced, though there is room for improvement in HTTP security headers and published security policies. Overall, the website and organization appear legitimate and trustworthy, with strong alignment between business claims and digital presence.

H

Hotel a Pension SEEBERG

seeberg.cz

56

Hotel a Pension SEEBERG is a family-run hospitality business located in Františkovy Lázně, Czech Republic, offering accommodation, wellness, dining, and leisure services. The website reflects a well-established small business with a focus on comfort, wellness, and eco-friendly experiences. The company targets tourists, families, and wellness seekers, positioning itself as a romantic and relaxing destination with a 30-year history. Technically, the website uses modern JavaScript libraries and frameworks such as jQuery, OwlCarousel, and Foundation, and integrates Google Analytics, Facebook Pixel, and Google Tag Manager for marketing and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and rich multimedia content. Security-wise, the site enforces HTTPS and has cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. WHOIS data is not publicly available, indicating privacy protection, which is common for small businesses but slightly reduces trust. Overall, the website is professional, trustworthy, and compliant with basic privacy regulations, but could improve security posture and transparency.

D

DOMOPLAN a.s.

pekarenskydvur.cz

58

Residence Pekárenský dvůr is a premium residential real estate development project located in Brno, Czech Republic, developed by DOMOPLAN a.s. The project offers 239 residential units with a focus on lifestyle, greenery, and exclusive resident services, positioning itself as a high-quality living environment close to the city center. The website is professionally designed with rich multimedia content, detailed project timelines, and comprehensive contact information, targeting prospective buyers and investors in the real estate market. Technically, the website employs modern web technologies including jQuery, OwlCarousel, and the Foundation framework. It integrates multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, AdForm, and Microsoft Clarity, all managed through a robust cookie consent mechanism ensuring GDPR compliance. The site is mobile-optimized and provides a good user experience with clear navigation and professional branding. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent for tracking scripts. However, explicit security headers are not detected, and there is no visible security policy or incident response contact information. The absence of WHOIS data for the domain reduces transparency and trustworthiness, though the website content and business information appear legitimate and professional. Overall, the website demonstrates a solid digital presence for a real estate developer with good privacy compliance and user engagement features. The main risks relate to domain registration opacity and minor security best practice gaps. Strategic improvements in security headers, incident response transparency, and domain WHOIS data would enhance trust and security posture.

L

LoopWay s.r.o.

loopway.cz

53

LoopWay s.r.o. is a Czech Republic-based real estate development company specializing in sustainable and community-focused housing projects. The company emphasizes respect for local culture and environment, aiming to create self-sufficient villages and healthy living spaces. Key leadership includes investor Petr Vomastek and architect Richard Myslivec, highlighting a blend of business acumen and architectural expertise. The website reflects a professional and consistent brand image with clear business messaging and active social media presence. Technically, the website employs modern front-end technologies such as jQuery, Foundation framework, SVG animations, and Google Fonts. Google Analytics is used with IP anonymization to respect user privacy. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, there is room for improvement in accessibility and SEO optimization. From a security perspective, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure information is provided, which could be improved to enhance trust and compliance. The absence of WHOIS data is a notable concern, reducing domain trustworthiness and requiring further verification. Overall, the website is professional and trustworthy in content and presentation but would benefit from enhanced security practices, privacy compliance, and domain registration transparency to strengthen its risk posture and credibility.

U

URBAU a. s.

urbau.cz

57

URBAU a. s. is a Czech Republic-based real estate development company specializing in residential projects with over 10 years of industry experience. The company focuses on understanding customer needs and delivering projects that are both commercially successful and provide quality living environments. Their website showcases multiple ongoing projects with detailed descriptions and visual content, targeting real estate investors and home buyers in the region. Technically, the website employs modern JavaScript libraries such as jQuery and OwlCarousel, uses the Foundation framework, and integrates Google Analytics with privacy-conscious settings like IP anonymization. The site is mobile-optimized and presents a professional design with clear navigation. Security-wise, the site uses HTTPS and avoids exposing sensitive data, but lacks visible security headers and published security or incident response policies. The absence of privacy and cookie policies represents a compliance gap. WHOIS data is unavailable, which reduces trust in domain legitimacy, though the website content and presentation support business credibility. Overall, the site scores well on content and business credibility but should improve privacy compliance and security transparency.

D

Dr. Max Holding

drmax.eu

58

Dr. Max Holding operates as a leading pharmaceutical group headquartered in Prague, Czech Republic, with a significant presence across 17 European countries. It is the second largest pharmacy chain in Europe and focuses on retail pharmacies, e-commerce, wholesale distribution, and marketing services for strategic partners. The website reflects a mature business with a clear market position and a broad service offering in the healthcare sector. Technically, the site uses modern JavaScript libraries such as jQuery and Owl Carousel, and integrates Google Analytics and Tag Manager with IP anonymization, indicating a moderate level of digital maturity. However, the absence of visible security headers and explicit privacy and cookie policies suggests room for improvement in security posture and privacy compliance. The WHOIS data is privacy protected, which is typical for large enterprises, but limits direct verification of domain registration details. Overall, the website is professional and trustworthy but would benefit from enhanced security and compliance transparency.

D

DOMOPLAN a.s.

domoplan.cz

57

DOMOPLAN a.s. is a Czech Republic-based real estate developer specializing in premium residential buildings and holiday apartments. The company emphasizes quality architecture, sustainability, and community development, positioning itself as a recognized leader in the Czech real estate market with multiple industry awards. Their business model includes property sales, leasing, and investment fund management, targeting buyers and investors interested in high-quality living spaces. Technically, the website employs modern JavaScript libraries and tracking tools such as Google Analytics, Smartlook, and Google Tag Manager, with a responsive and well-structured design optimized for mobile devices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers could be improved. Privacy compliance is strong with a comprehensive privacy policy and GDPR adherence. Overall, the website projects professionalism, trustworthiness, and a mature digital presence.

G

G4 REALITY

g4reality.cz

49

G4 REALITY is a small regional real estate agency based in Rosice u Brna, Czech Republic, specializing in the sale and rental of houses and apartments primarily in the surrounding areas including Rosice, Ivančice, Moravský Krumlov, and Brno venkov. The company offers comprehensive real estate services including professional property valuation, legal services, and mortgage consulting through partnerships with recognized specialists. The website reflects a professional and trustworthy business presence with clear contact information and positive client testimonials. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, the absence of WHOIS data and some security headers slightly reduce trustworthiness from a security perspective. Privacy compliance is partially addressed with a privacy policy but lacks a cookie consent mechanism. Overall, the site is well-designed, content-rich, and serves its target audience effectively.

V

Visit Svalbard

visitsvalbard.com

59

Visit Svalbard operates as the official tourism portal for the Svalbard archipelago, providing comprehensive information and booking services for activities, accommodations, and events. The website targets tourists seeking authentic Arctic experiences and positions itself as a leading resource for travel planning in the region. Technically, the site employs a mature technology stack including jQuery, Google Tag Manager, and Cookiebot for consent management, running on the NewMind CMS platform. The site is well-optimized for SEO, accessibility, and mobile devices, with good performance and modern security practices such as HTTPS and security headers. However, the absence of WHOIS registration data raises concerns about domain transparency, although the website content and branding strongly indicate legitimacy. Privacy policies and cookie consent mechanisms are well implemented, supporting GDPR compliance. Overall, the site demonstrates a strong digital presence and marketing maturity but would benefit from improved domain registration transparency and clearer contact information.

M

My Online Schooling

myonlineschooling.co.uk

72

My Online Schooling is a British international online school established in 2016, providing accredited UK education from Key Stage 2 to A-Level. The school offers live virtual lessons, after school clubs, SEND support, and pastoral care to a global community of over 1,000 pupils from more than 80 countries. The website is professionally designed, mobile-optimized, and rich in relevant educational content, targeting parents and students seeking flexible, high-quality online schooling. The business model focuses on delivering British curriculum education through an online platform with subject-specialist teachers and flexible timetables. Technically, the website uses a modern tech stack including Google Analytics, Facebook Pixel, HubSpot forms and chat, and Finalsite CMS. The site performs moderately well with good SEO and accessibility features. Security posture is adequate with HTTPS enforced and no exposed sensitive data, though explicit security headers are not fully verified. Privacy and cookie policies are present with consent mechanisms, supporting GDPR compliance. The website demonstrates strong trust indicators such as accreditations, multiple office locations, and active social media presence. However, the WHOIS lookup for the domain www.myonlineschooling.co.uk failed due to a domain naming rules violation, indicating potential registration issues or that the domain is a subdomain or alias. This discrepancy lowers the domain legitimacy score and suggests caution. Overall, the website is trustworthy and professional, but the domain registration inconsistency should be investigated further. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and resolving domain registration inconsistencies to improve trust and compliance.

I

ITOPF

itopf.org

71

ITOPF is a globally recognized non-profit organization specializing in promoting effective spill response for oil, chemicals, and hazardous substances. The organization serves industry and government entities worldwide, providing expert advice, contingency planning, training, and claims analysis related to accidental ship-source pollution. ITOPF maintains a strong market position as a primary source of technical information and support in the environmental protection sector. Technically, the website is built on the TYPO3 CMS platform, leveraging modern JavaScript libraries and frameworks such as FancyApps UI Carousel and Google Analytics with Tag Manager for tracking and consent management. The site demonstrates good performance, mobile optimization, and accessibility standards, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and employs consent-based analytics tracking. However, it lacks explicit security headers and a published security policy or incident response contacts, which are recommended for enhanced security posture. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, ITOPF's website is professional, trustworthy, and well-maintained, with comprehensive content and clear navigation. The absence of WHOIS data limits domain registration analysis, but the organization's legitimacy is supported by consistent branding, detailed service offerings, and active content updates. Strategic recommendations include implementing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and security.

HugeDomains.com operates as a reputable online marketplace specializing in the sale of premium domain names, offering customers options to purchase domains outright or via payment plans. The company has been active since 2005 and positions itself as a trusted intermediary with a focus on secure transactions and customer satisfaction. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive information about domain purchasing and transfer processes. Technically, the site employs modern web technologies including jQuery, Google Analytics, and reCAPTCHA, ensuring a secure and user-friendly experience. Security posture is strong with HTTPS enforced and SSL encryption, although some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the site demonstrates a high level of business credibility and trustworthiness.

The website 'DATAPLÁN' serves as a strategic management and sustainable development portal for municipalities and regions within the Czech Republic, operated under the National Network of Healthy Cities (Národní síť Zdravých měst ČR). It provides tools and data to support public administration and community planning, focusing on sectors such as energy and transport. The platform targets local government officials and regional authorities, positioning itself as a national resource for strategic development. Technically, the site employs modern web technologies including jQuery, Font Awesome, and Google Analytics, and is built on the ActionApps TOOLKIT CMS. The site is moderately optimized for performance and mobile devices, with good SEO practices but basic accessibility features. Security posture is adequate with HTTPS enabled and secure login forms, but lacks important security headers and privacy compliance mechanisms such as cookie consent and privacy policy pages. WHOIS data is unavailable due to privacy restrictions, but the website branding and content indicate legitimacy as a government-affiliated platform. Overall, the site is professional and functional but could improve in privacy compliance and security hardening.

The website ultomirishcp.com serves as the official healthcare professional (HCP) resource for ULTOMIRIS®, a pharmaceutical product by Alexion Pharmaceuticals, Inc. It provides comprehensive information on the drug's indications, prescribing information, safety warnings including boxed warnings, dosing, administration, and patient support programs. The site targets healthcare professionals with detailed scientific and regulatory content, positioning ULTOMIRIS as a leading long-acting terminal complement inhibitor approved for multiple indications. The business model focuses on education, support, and access facilitation for healthcare providers and patients. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Microsoft Clarity, Facebook Pixel, and Bing Ads for analytics and marketing. Hosting is via Amazon AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices, with a professional and consistent design. However, explicit privacy and cookie policies are not clearly found, and security headers are not evident in the provided data. From a security perspective, the site uses HTTPS and enforces domain registration protections but lacks DNSSEC and visible security policies or vulnerability disclosure mechanisms. The presence of a REMS program and boxed warnings indicates regulatory compliance and risk management. No WAF or blocking mechanisms were detected, and no critical vulnerabilities were found in the analysis. Overall, the website is a high-quality, professional pharmaceutical resource with strong business credibility and technical implementation. Privacy compliance could be improved by adding explicit policies and cookie consent mechanisms. Security posture is solid but could benefit from enhanced headers and DNSSEC. The site is safe for general audiences and effectively supports its healthcare professional user base.

T

tech&fest

tech-fest.fr

65

Tech&Fest is a well-established technology and innovation festival based in Grenoble, France, targeting a broad audience including researchers, entrepreneurs, students, and professionals. The event focuses on themes such as economic and digital sovereignty, sustainability, and technological advancements. The website is professionally designed, mobile-optimized, and provides comprehensive event information, partner details, and multimedia content. Technically, the site leverages modern JavaScript frameworks (React), integrates multiple analytics and marketing tools, and is hosted on a reliable platform with good performance and security configurations. Security posture is strong with HTTPS, security headers, and privacy compliance mechanisms in place, although a dedicated security policy and incident response information are absent. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

V

Veřejné zakázky přímo z Vašeho oboru

verejna-soutez.cz

61

The website www.verejna-soutez.cz provides specialized services focused on public procurement tenders primarily for businesses in the Czech Republic. It offers subscription-based notifications of new tenders, smart analysis of tenders, telephone consultations, and detailed reports to help clients gain competitive advantages in public contracts. The site is part of the Tender Service group, with multiple regional and language variants, indicating a broad market presence in Central Europe. Technically, the site is built on a modern Angular framework with PrimeNG components, integrating analytics tools such as Google Analytics and Microsoft Clarity. The site is mobile-optimized and provides a professional user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and cookie consent mechanisms but lacks explicit security headers and detailed security policies. The absence of WHOIS data for the domain reduces trust and raises questions about domain registration legitimacy. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

JellyPot is a Czech-based content-first CMS platform built on the .NET framework, designed to provide flexible content modeling and management capabilities. It targets developers, designers, and content editors who require a customizable and headless CMS solution. The website showcases a professional design with detailed product descriptions, client testimonials, and references to reputable clients, indicating a solid market presence in the technology sector. Technically, the site uses modern JavaScript libraries such as jQuery and integrates Google Tag Manager and Google Analytics for tracking. The platform emphasizes flexibility in design and coding, supporting multiple output formats including HTML, XML, and JSON. Security-wise, the site lacks visible security headers and a published privacy policy, but it does implement a cookie consent mechanism. The absence of WHOIS registration data is a notable concern, potentially indicating domain privacy or data unavailability, which slightly impacts trustworthiness. Overall, the site is well-structured and professional but would benefit from enhanced transparency and security practices.

A

APM | Associazione Nazionale Piccoli Musei

piccolimusei.com

50

The Associazione Nazionale Piccoli Musei is a cultural non-profit organization dedicated to promoting and supporting small museums in Italy. Founded by Prof. Giancarlo Dall’Ara, it focuses on enhancing the unique characteristics of small museums, emphasizing their close ties to local communities and territories. The website serves as a hub for information, events, publications, and networking for small museums, positioning itself as a niche cultural association within Italy. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and Slider Revolution, providing a good user experience and mobile optimization. Security measures include HTTPS and reCAPTCHA, though some security headers are missing and no explicit privacy or terms of service pages were found. The WHOIS data is unavailable, which raises questions about domain registration legitimacy, though the website content and social media presence suggest a legitimate operation. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security practices.