Security Directory

A

AXIMA, spol. s r. o.

axima-obchod.cz

63

AXIMA, spol. s r. o. is a Czech-based medium-sized company specializing in wholesale distribution of electrotechnical materials and industrial automation components. With over 24 years of market presence, it serves primarily B2B customers in the Czech Republic and Slovakia, offering a wide range of products including power supplies, connectors, sensors, and safety equipment. The website reflects a professional and well-structured digital presence with clear product categorization and manufacturer partnerships. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics and Google Tag Manager, and is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced but lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. Privacy and cookie policies are not explicitly found, indicating room for compliance improvement. WHOIS data is unavailable, limiting domain trust verification, but the website content and contact information suggest a legitimate business. Overall, the site scores well in content quality and business credibility but should enhance privacy compliance and security headers to improve trust and compliance.

B

Blue Panther s.r.o.

blue-panther.cz

43

Blue Panther s.r.o. is a Czech-based company specializing in measurement equipment, calibration services, audits, and professional training primarily targeting industrial maintenance, metrology laboratories, healthcare technology, and energy sectors. The company maintains a solid market position supported by partnerships with reputable brands such as Fluke and Kyoritsu and holds ISO 9001 certification, indicating a commitment to quality management. Their business model focuses on B2B sales and services, offering a comprehensive portfolio including equipment supply, calibration, audits, and educational seminars. Technically, the website employs a mix of legacy and modern technologies including jQuery 1.10.2, Klaro for cookie consent, Algolia for search, and multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and Smartsupp chat. The site is well-structured, mobile-optimized, and includes GDPR-compliant cookie consent mechanisms. However, some technical debt is noted with the use of an outdated jQuery version and absence of explicit security headers. From a security perspective, the site enforces HTTPS and uses consent-based tracking scripts, reflecting good privacy practices. No critical vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data for the domain is a concern for domain legitimacy verification, although the website content and business information appear professional and trustworthy. No explicit security policy or incident response contacts were found, suggesting room for improvement in transparency and preparedness. Overall, Blue Panther s.r.o. presents a professional and trustworthy online presence with good compliance and security posture, albeit with some technical and domain registration concerns. Strategic improvements in security headers, updating legacy libraries, and clarifying domain registration details would enhance trust and resilience.

U

UVEX ARBEITSSCHUTZ GMBH

uvex-safety.com

72

UVEX ARBEITSSCHUTZ GMBH operates the uvex safety website, a professional platform offering a wide range of personal protective equipment (PPE) designed and certified in Germany. The company targets business clients, safety professionals, and retailers, positioning itself as a leading manufacturer and distributor of occupational safety products including helmets, glasses, gloves, footwear, and respirators. The website reflects a mature digital presence with comprehensive product information, dealer locator tools, and advisory content.

H

Heckel

heckel-securite.fr

57

Heckel is a French manufacturer specializing in safety footwear, offering a broad range of products from lightweight safety sneakers to shoes designed for extreme environments. The company is part of the uvex group, a well-established entity in the safety and sports equipment sectors. The website demonstrates a professional digital presence with a modern TYPO3 CMS infrastructure, CDN hosting, and integration of analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Privacy and cookie compliance are well implemented, reflecting adherence to GDPR standards. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits full trust assessment but the overall website professionalism and branding consistency support legitimacy.

F

Formulayt

gatedcontent.com

64

Formulayt is an enterprise-focused SaaS platform specializing in scalable web form management and compliance for marketing operations teams. The company offers a solution that enables rapid deployment, governance, and updating of web forms integrated with major marketing automation platforms. The website presents a professional and polished digital presence with strong branding and customer trust signals, including testimonials and logos of reputable clients. Technically, the site is built on WordPress with modern performance and analytics tools, hosted with Cloudflare DNS and registrar services. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is partially addressed via a detailed cookie consent banner, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the domain registration is consistent with the business timeline and shows no suspicious patterns.

I

Influ2 | Contact-Level Advertising

influ2.com

73

Influ2 operates as a technology company specializing in contact-level advertising, offering a SaaS platform that enables highly targeted advertising campaigns for B2B marketers. The website presents a professional and modern design, integrating multiple marketing and analytics tools such as HubSpot, Google Analytics, Microsoft Clarity, and Hotjar, indicating a mature digital marketing infrastructure. However, the absence of WHOIS data raises concerns about the domain's registration legitimacy, which should be verified to ensure trustworthiness. Security posture is moderate with no visible critical vulnerabilities, but the lack of explicit privacy and cookie policies suggests compliance gaps. Overall, the website is functional and business-oriented but would benefit from enhanced transparency and security best practices.

C

Combell

combell.nl

69

Combell is a well-established hosting specialist operating primarily in the Netherlands, offering a comprehensive suite of services including professional webhosting, cloud hosting, dedicated servers, domain registration, SSL certificates, email hosting, and website building tools. The company targets a broad audience ranging from starters and small to medium enterprises (KMO) to large enterprises, positioning itself as a premium hosting provider with a strong emphasis on security and customer support. The website reflects a mature digital presence with consistent branding and high-quality content, supporting its market position effectively. Technically, the website leverages modern web technologies such as Font Awesome, Google Fonts, Google Analytics, Google Tag Manager, Visual Website Optimizer, Hotjar, and Iubenda for cookie compliance. The site is hosted by Combell itself, indicating control over infrastructure. Performance is moderate with excellent mobile optimization and good accessibility and SEO practices. The presence of security headers, HTTPS enforcement, and CSRF tokens indicates a strong security posture, although there is room for improvement in publishing explicit security policies and incident response information. Security-wise, the site demonstrates good practices including HTTPS, security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of a public security policy or vulnerability disclosure program suggests an opportunity to enhance transparency and incident readiness. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms, aligning with GDPR requirements. Overall, Combell presents a low-risk profile with a professional and trustworthy online presence. Strategic recommendations include publishing dedicated security and incident response policies, establishing a vulnerability disclosure program, and continuing to enhance privacy and security transparency to maintain and strengthen customer trust.

D

Deliveroo

deliveroo.co.uk

73

Deliveroo is a well-established UK-based online food delivery platform founded in 2012, offering a wide range of services including food, groceries, pharmacy, and gift deliveries. It operates a large-scale digital marketplace connecting consumers with local restaurants and delivery riders, positioning itself as a leading player in the transportation and e-commerce sectors. The website demonstrates a high level of digital maturity, utilizing modern web technologies such as React and Next.js, supported by robust analytics and marketing tools. The platform is optimized for performance, mobile responsiveness, and accessibility, providing an excellent user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policy documentation and vulnerability disclosure mechanisms are not publicly evident. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms, reflecting adherence to GDPR requirements. Overall, the website and business exhibit high professionalism, trustworthiness, and operational legitimacy.

M

Morava není v Čechách

moravanenivcechach.cz

46

The website 'Morava není v Čechách' is a small non-profit initiative aimed at raising awareness about the incorrect use of the term 'Čechy' (Bohemia) to describe the entire Czech Republic, including Moravia and Silesia. It educates the public and collects reports of such misuses via a web form. The site targets Czech citizens interested in regional identity and cultural accuracy. Technically, the site is built using AMP technology and hosted by Wedos, ensuring fast loading and excellent mobile optimization. The use of Google Analytics and Tag Manager indicates moderate digital maturity. Security posture is basic with HTTPS enabled but lacks advanced security headers and explicit privacy or cookie policies, which are compliance gaps. Overall, the site is trustworthy but could improve privacy compliance and security best practices.

K

Kreatura - kreativní agentura

kreatura.cz

46

Kreatura is a small creative agency based in Brno, Czech Republic, specializing in meaningful visual communication projects and offering proprietary CMS and mass mailing solutions. The website reflects a professional and client-focused business with clear contact information and a consistent brand presence. Technically, the site uses a mix of jQuery, Google Analytics, Google Tag Manager, and Google Maps API, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit security headers and incident response information. Overall, the site is trustworthy and compliant with GDPR, though WHOIS data is unavailable, likely due to privacy protection. Strategic improvements in security headers and transparency could enhance trust further.

M

Medef

medef.com

58

Medef is the premier network of entrepreneurs in France, focusing on job creation and sustainable growth. The organization advocates for entrepreneurship and defends free enterprise, positioning itself as a leading business federation in the French market. The website reflects a professional and consistent brand image, targeting entrepreneurs and business stakeholders in France. Technically, the site employs modern web technologies including Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and Weglot for multilingual support. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is strong with HTTPS enforced and use of reCAPTCHA, though explicit security headers and policies are absent. Privacy compliance is well addressed with visible cookie consent and GDPR-aligned privacy policies. However, the absence of WHOIS registration data raises some concerns about domain legitimacy, though the website content and branding strongly support its authenticity. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and security policies.

D

Département de France

departements.fr

44

Départements de France is an official association representing French departmental elected officials, providing thematic commissions, news, resources, and advocacy services. The website serves as a comprehensive informational platform targeting government stakeholders and the public interested in departmental affairs. It holds a strong market position as the authoritative voice for French departments. Technically, the site is built on WordPress with Elementor and Yoast SEO, hosted by OVH, and integrates modern web technologies and analytics tools. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms, though it lacks dedicated security and incident response pages. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

G

GIVERSDON s.r.o.

azcasopis.cz

42

The website azcasopis.cz represents a specialized professional magazine named A-Z ELEKTRO, focusing on electrical engineering, automation, energy, software, lighting, and related technologies. It targets professionals and companies within these technical sectors primarily in the Czech Republic. The business operates as a small-sized publishing entity with a history dating back to 2009, offering industry news, magazine publications, advertising, and subscription services. The site demonstrates consistent branding and good content quality with regular updates and industry partnerships.

O

OL4you - Olomoucký lifestylový magazín

ol4you.cz

49

OL4you.cz is a regional lifestyle magazine serving the Olomouc region in the Czech Republic, operating since 2012. It offers lifestyle, culture, beauty, and local event content through its website and printed editions. The site targets local residents and visitors interested in regional lifestyle and cultural happenings. Technically, the website uses modern web technologies including Google Tag Manager, Google Analytics, Facebook SDK, and the Nette Framework, providing a good user experience with mobile optimization and clear navigation. Security posture is solid with HTTPS enforced and secure script loading, though it lacks some security headers and explicit privacy and cookie policies. The absence of public WHOIS data suggests privacy protection, which is typical for media websites. Overall, the site is professional and trustworthy but could improve privacy compliance and security headers.

A

Apartmány Milovice

apartmanymilovice.cz

45

Apartmány Milovice is a small hospitality business providing apartment rentals near Mikulov in the South Moravia region of the Czech Republic. The website presents a professional and well-structured digital presence showcasing their accommodation offerings, amenities such as a pool, wine cellar, and bike storage, targeting tourists and visitors seeking a comfortable stay in a scenic area. The business appears legitimate with consistent WHOIS data and clear contact information.

D

Dřevoprogram Břeclav s.r.o.

drevoprogram.cz

39

Dřevoprogram Břeclav s.r.o. is a small, family-owned carpentry business based in the Czech Republic, specializing in custom manufacturing of doors, windows, stairs, gates, furniture, and other wood products. The company emphasizes quality materials and craftsmanship, serving a local customer base with a 25-year history. The website reflects a professional but modest digital presence, with clear contact information and social media integration. Technically, the site uses a combination of jQuery, Bootstrap, and other JavaScript libraries, hosted likely by WEDOS, with a custom CMS backend. While the site loads well and is mobile-optimized, there are some technical issues such as a broken Google Maps integration and use of an outdated jQuery version. Security posture is moderate, with no visible security headers and missing privacy and cookie policies, indicating compliance gaps. Overall, the site is trustworthy but would benefit from improved security and privacy practices.

S

Sportway Media Group

sportwaymediagroup.com

10

Sportway Media Group is a Swedish-based media company specializing in AI-automated sports video and data production. Founded in 2022, it offers end-to-end automated video production services for live sporting events, focusing on lower-tier leagues and youth sports. The company partners with sports federations, broadcasters, and content owners to produce, market, and monetize sports content and associated brands. Their subsidiaries include sportway.se, livearenasports.com, and mygame.no, indicating a scalable and integrated business model in the sports media industry. The website is professionally designed, SEO optimized, and GDPR compliant, reflecting a mature digital presence for a relatively young company.

M

MEDIA MARKETING SERVICES a.s.

fajnradio.cz

57

Fajn Rádio is a Czech media company operating multiple radio streams and digital content platforms including podcasts and music playlists. The website presents a professional and consistent brand image targeting general music listeners in the Czech Republic. Their business model centers on media broadcasting and digital engagement with advertising and listener clubs as key revenue streams. Technically, the site uses a modern JavaScript stack with frameworks like Foundation and libraries such as jQuery, Slick Carousel, and MixItUp, supported by Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and SEO-friendly with good accessibility features. Security posture is solid with HTTPS enforced, CSRF tokens, and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or privacy compliance issues were detected. Overall, the site is trustworthy and professionally maintained, with clear contact information and GDPR-compliant privacy practices.

R

RevNGo.com - Book here, pay at the Hotel!

revngo.com

65

RevNGo.com is an established online travel accommodation booking platform founded in 2014, targeting travelers seeking hotels, apartments, and wellness packages primarily in Central Europe. The website offers a multilingual experience with a large inventory and emphasizes guaranteed lowest prices and pay-at-hotel convenience. Technically, the site uses a modern tech stack including Google Tag Manager, analytics, and personalization tools, hosted on Amazon AWS infrastructure. The site is well-optimized for desktop and mobile with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain locking, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy or terms of service. Overall, the site is professional and trustworthy but could improve transparency and security documentation.

S

Szallas.hu - Úgy is lett!

szallas.hu

10

Szallas.hu is a well-established Hungarian online accommodation booking platform founded in 2000, offering a wide range of lodging options including hotels, guesthouses, apartments, and wellness packages primarily targeting Hungarian and regional travelers. The website demonstrates a professional design with consistent branding and good content quality, supporting its position as a leading player in the Hungarian hospitality market. Technically, the site employs a modern tech stack with multiple analytics and marketing tools such as Google Analytics, Facebook Pixel, Microsoft Clarity, and Visual Website Optimizer, alongside cookie consent mechanisms to comply with privacy regulations. Security-wise, the site enforces HTTPS and uses error monitoring tools like Sentry, but lacks visible security headers and explicit security policies, indicating room for improvement in security posture. Overall, the domain age and WHOIS data corroborate the site's legitimacy and long-term operation. The site is free from adult or questionable content and does not exhibit any WAF or blocking mechanisms, allowing full accessibility and analysis.

Î

Île de la Réunion Tourisme

reunion.fr

58

The website www.reunion.fr serves as the official tourism portal for La Réunion, providing comprehensive information for travelers including accommodation, activities, cultural visits, and practical travel details. It targets tourists interested in exploring the island's natural beauty, culture, and adventure opportunities. The site is multilingual, supporting French, German, and English, enhancing accessibility for international visitors. Technically, the site is built on WordPress with a custom Woody theme and integrates modern JavaScript libraries and analytics tools such as Google Analytics, Microsoft Clarity, and Google Tag Manager. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience.

D

Destination Pays Bigouden

destination-paysbigouden.com

62

Destination Pays Bigouden is a regional tourism website promoting the Pays Bigouden area in France. It offers comprehensive information on local experiences, accommodations, restaurants, events, and practical visitor information. The site targets tourists and families interested in exploring the region's culture and natural attractions. Technically, the website uses Drupal CMS with AngularJS and integrates multiple third-party services including Google Maps, YouTube, and marketing automation tools. The site is well-structured, mobile-optimized, and provides a good user experience with multilingual support. Security posture is adequate with HTTPS and reCAPTCHA Enterprise, but could be improved by adding more security headers and publishing explicit security policies. Privacy compliance is partial, with a cookie consent mechanism but no clear privacy policy page. WHOIS data is unavailable, which raises some legitimacy concerns despite the professional appearance and content quality of the site. Overall, the website is a credible and useful tourism resource but should address WHOIS transparency and privacy policy gaps to enhance trust.

C

Champsaur Valgaudemar – Un territoire 4 saison aux portes du Parc national des Ecrins

champsaur-valgaudemar.com

58

The website www.champsaur-valgaudemar.com serves as a regional tourism portal for the Champsaur Valgaudemar area in France, offering comprehensive information on local attractions, accommodations, activities, and events. It targets tourists and outdoor enthusiasts interested in mountain experiences year-round. The site is built on WordPress with a modern tech stack including jQuery, Leaflet.js for maps, and integrates Google Analytics and Facebook Pixel for tracking. The design is professional and content-rich, providing a good user experience with clear navigation and mobile optimization. Security posture is solid with HTTPS and security headers implemented, though explicit privacy and terms of service pages are missing, which impacts compliance and trust. The WHOIS data is unavailable, raising concerns about domain registration transparency, but the active and professional website presence suggests legitimate operation. Overall, the site is functional and trustworthy for tourism purposes but would benefit from enhanced privacy disclosures and incident response information.

N

Nancy Tourisme

nancy-tourisme.fr

45

Nancy Tourisme operates as the official tourism office for the Grand Nancy area in France, focusing on promoting the city's rich cultural heritage, including its UNESCO sites and Art Nouveau architecture. The website provides comprehensive information on events, accommodations, dining, and experiences tailored to tourists and visitors interested in exploring Nancy. The site is well-branded and professionally maintained, reflecting a strong market position as a trusted local tourism authority. Technically, the website is built on WordPress using a custom Woody theme and integrates modern JavaScript libraries for enhanced user experience, including Leaflet for maps and Swiper for interactive content. The site is mobile-optimized and employs standard SEO and accessibility practices, though some accessibility features could be improved. Security-wise, the site uses HTTPS with good SSL configuration and includes essential security headers. Cookie consent mechanisms and privacy policies are implemented, indicating GDPR compliance. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy, though the website content and branding strongly suggest authenticity. No critical security vulnerabilities or adult content were detected, making the site safe for general audiences.

S

SYDO Ghost - Error

sydoghost.cz

43

The website sydoghost.cz currently displays a database connection error, indicating backend issues that prevent normal content delivery. The site appears to be a small-scale or personal project with minimal content and no visible business or contact information. The technical infrastructure includes legacy Bootstrap 2.2.2, Google Analytics, Google Tag Manager, and Live Helper Chat integration, but lacks modern security practices such as HTTPS enforcement and security headers. The WHOIS data is consistent and shows the domain was registered in 2013 with a Czech registrar, suggesting legitimacy but the website itself lacks professionalism and operational stability. Security posture is weak due to exposed errors, lack of HTTPS, and absence of privacy or cookie policies. Overall, the site presents a low trust profile and requires significant improvements to be considered secure and compliant.

GEMOS CZ spol s r.o. operates the website usekovarychlost.cz, providing specialized traffic monitoring and management systems, particularly focusing on section speed measurement technology. The company targets transportation authorities and municipalities, offering B2B solutions including weight measurement systems, smart speed indicators, and navigation tools. The business is positioned as a niche player within the Czech Republic's transportation technology sector, with a domain age consistent with its operational history since 2014. Technically, the website employs standard web technologies such as Bootstrap and jQuery, with Google Analytics and Tag Manager for tracking. However, the site lacks visible HTTPS enforcement and security headers, indicating room for security improvements. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the website is professional and functional but requires enhancements in security and privacy to meet modern standards.

Č

Český florbal & eSports.cz, s.r.o.

ceskyflorbal.cz

61

Český florbal is the official governing body for floorball in the Czech Republic, providing comprehensive information and services related to national competitions, youth development, and national teams. The website serves as a central hub for players, clubs, officials, and fans, offering schedules, news, training resources, and event information. The organization holds a strong market position as the authoritative source for floorball in the country. Technically, the website employs modern web technologies including Google Tag Manager, Facebook Pixel, Google Analytics, and reCAPTCHA v3, alongside frameworks like Nette. The site is well-optimized for mobile devices, features good accessibility, and maintains a professional design with clear navigation. Performance is moderate, with room for optimization. From a security perspective, the site enforces HTTPS and uses consent mechanisms for cookies, but lacks some recommended security headers such as Content-Security-Policy and X-Frame-Options. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is good, with clear privacy and cookie policies present. Overall, the website presents a low risk profile with strong business credibility and good digital maturity. The absence of WHOIS data limits domain trust verification, but the site’s content and external partnerships support its legitimacy. Strategic improvements in security headers and performance optimization are recommended.

G

GARVIS Solutions s.r.o.

rezervace.online

69

REENIO, operated by GARVIS Solutions s.r.o., is a Czech-based online reservation system offering a cloud-hosted SaaS platform tailored for businesses providing direct customer services such as wellness centers, sports facilities, and cultural events. The platform features flexible booking options, automated notifications, integrated online payments, and a user-friendly interface optimized for desktop and mobile devices. It holds a strong market position in the Czech Republic with a growing customer base and recognized certifications including GDPR readiness and payment provider certifications. Technically, the website employs modern web technologies including Bootstrap, Font Awesome, and cloud hosting on Microsoft Azure, ensuring fast performance and mobile responsiveness. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and secure payment integrations, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable service provider in its domain.

MAS Střední Vsetínsko, z. s. is a non-profit association focused on supporting commercial and non-profit activities to improve the quality of life in 12 municipalities within the Střední Vsetínsko region of the Czech Republic. The organization facilitates access to European subsidies for local development and supports various sectors including public, business, and non-profit. The website reflects a regional development facilitator with a clear mission and community focus. Technically, the website is built on WordPress using common libraries such as jQuery, Bootstrap, and Smart Slider 3, hosted by REG-WEDOS. The site is moderately optimized for performance and mobile devices, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and visible privacy or cookie policies, indicating room for compliance improvement. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

S

Sdružení obcí Mikroregionu Vsetínsko

visit-valassko.cz

43

The website www.visit-valassko.cz serves as the official regional tourism portal for the Valašsko region in the Czech Republic, operated by the Sdružení obcí Mikroregionu Vsetínsko. It promotes local nature, traditions, cuisine, and recreational activities, targeting tourists and visitors interested in cultural and natural experiences. The site offers comprehensive information on places to visit, eat, stay, and events, supported by local government and tourism partners. Technically, the site uses a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and Google Maps API, with a cookie consent mechanism implemented for GDPR compliance. The website is mobile optimized with good navigation and content relevance. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks some security headers and formal privacy and terms of service pages. WHOIS data is unavailable, which reduces domain trustworthiness, but the site’s content and partner affiliations indicate legitimacy. Overall, the site is a well-maintained regional tourism platform with room for improvement in privacy and security documentation.

B

Banana Splash

banana-splash.com

61

Banana Splash is a technology company specializing in mobile web conversion optimization through a SaaS platform that enables businesses to customize messaging, perform A/B testing, and segment audiences for improved mobile revenues and leads. The company targets businesses seeking to enhance mobile user engagement and conversion rates. The website is professionally designed, mobile-optimized, and includes customer testimonials and clear contact information, indicating a credible market presence. Technically, the site is built on WordPress with a modern tech stack including Google Analytics, Tag Manager, and Facebook SDK, supporting marketing and analytics needs. Security posture is adequate with HTTPS and GDPR-compliant cookie consent, but lacks advanced security headers and explicit security policies. The absence of WHOIS registration data is a notable risk factor, reducing domain trustworthiness despite the professional site appearance. Overall, the site is functional and business-focused but would benefit from improved transparency and security documentation.

R

Rannís

erasmusplus.is

63

The website www.erasmusplus.is serves as the official Icelandic portal for the Erasmus+ program and the European Solidarity Corps, managed by Rannís, the Icelandic Centre for Research. It provides comprehensive information, news, and resources related to education, youth, and solidarity projects under the EU framework. The site targets students, educators, and youth organizations in Iceland, offering guidance on applications and program participation. The business model is government-funded, focusing on information dissemination and support rather than commercial activities. Technically, the site is built on the Eplica CMS platform, a specialized Icelandic content management system, and uses common web technologies such as jQuery, Google Analytics, and Google Tag Manager. The site is mobile-optimized with good accessibility and SEO practices, though performance is moderate. Hosting appears to be provided by Hugsmiðjan ehf., a known Icelandic hosting provider. From a security perspective, the site enforces HTTPS and anonymizes IP addresses in analytics, but lacks visible security headers and a cookie consent mechanism, which are areas for improvement. No vulnerabilities or sensitive data exposures were detected. The absence of WHOIS data for the domain reduces trust from a domain registration standpoint, though the website content and contact information strongly indicate an official and legitimate entity. Overall, the site is professional, trustworthy, and safe for general audiences, but could enhance privacy compliance and security posture by adding cookie consent, security headers, and publishing security policies.

W

WordPress Download Manager

wpdownloadmanager.com

48

WordPress Download Manager is a well-established WordPress plugin provider specializing in file and document management as well as digital product e-commerce solutions. The company, operating under W3 Eden, Inc., offers a comprehensive suite of features including membership management, access control, and multiple payment gateway integrations. With over 10 million downloads, it holds a strong market position within the WordPress ecosystem, targeting site owners and developers who require robust digital asset management and sales capabilities. The website is professionally designed, mobile-optimized, and provides extensive documentation and support channels, enhancing user experience and trust. Technically, the site leverages WordPress CMS with modern technologies such as Bootstrap, jQuery, and CDN hosting via Cloudfront for performance optimization. Integration with Google Analytics and payment APIs like Stripe and PayPal indicates a mature digital infrastructure. Security practices include HTTPS enforcement, password protection, and social lock features, although explicit security headers and incident response policies are not prominently documented. The security posture is solid with no evident vulnerabilities or exposed sensitive data, but the lack of WHOIS transparency for the domain raises some concerns about registration legitimacy. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a high level of professionalism and technical maturity, though improvements in domain registration transparency and security policy visibility are recommended. Strategically, the company should focus on enhancing domain registration transparency, formalizing security incident response procedures, and publishing a vulnerability disclosure policy to strengthen trust and compliance. Continuous monitoring of third-party scripts and security headers will further improve the security posture and user confidence.

D

Demänová Rezort

demanovarezort.sk

64

Demänová Rezort is a hospitality resort business based in Slovakia, offering hotel-like services, relaxation, and entertainment to tourists and leisure travelers. The website is professionally designed using WordPress with Elementor and optimized for multiple languages targeting regional visitors. The technical infrastructure includes modern analytics and tracking tools with a cookie consent mechanism, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. The absence of privacy and terms of service pages, as well as contact information, represents compliance and trust gaps. Overall, the website is functional and credible but would benefit from enhanced transparency and security practices.

C

Continental Aftermarket

continental-aftermarket.com

64

Continental Aftermarket is a division of Continental AG, a leading global automotive supplier. The website serves as a comprehensive portal for their aftermarket products and services, targeting automotive professionals, workshops, and distributors. It offers extensive product categories including batteries, brakes, tires, workshop equipment, and specialized vehicle components, supported by training and service programs. The brand is well-established with multiple subsidiaries and a strong market presence in Germany and internationally. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and a consent management platform to ensure compliance with privacy regulations. The site is mobile-optimized, uses HTTPS with a Content Security Policy, and integrates reCAPTCHA Enterprise for form security. The CMS appears to be TYPO3, a robust enterprise content management system. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSP headers, and consent management. However, DNSSEC is not enabled, and additional security headers could be added to enhance protection. No explicit security policy or incident response contacts are publicly available, and no vulnerability disclosure mechanism was found. Overall, the website is professional, trustworthy, and compliant with GDPR. The domain registration data aligns with the business profile, indicating legitimacy. There are no signs of malicious content or security issues. Strategic improvements could focus on enhancing security headers, publishing security policies, and enabling DNSSEC to further strengthen the security posture.

Glia Media is a specialized medical marketing and communications agency with a focus on neuroscience and healthcare sectors. Established in 2012 and operating as a division of Mayfield Brain & Spine, the company offers a range of services including medical marketing, illustration, writing, academic publication support, event planning, and patient education. Their website reflects a professional and consistent brand presence targeting healthcare professionals and organizations seeking expert communications support. Technically, the website employs a modern but straightforward technology stack including Bootstrap, jQuery, and Google Analytics. It is hosted by Bluehost Inc., a reputable hosting provider. The site is mobile optimized and SEO friendly, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. The WHOIS data shows a consistent and legitimate domain registration with no privacy protection, supporting trustworthiness. Overall, the website is professional and functional with moderate security and privacy posture. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

V

Vildenberg

vildenberg.cz

42

Vildenberg is a small hospitality business operating a brewery and restaurant in Šumice, Czech Republic. The website provides information about their beer products, brewery tours, and restaurant menu, targeting local customers and visitors interested in regional beer experiences. The site is built on WordPress with common web technologies and includes tracking via Google Analytics and Google Tag Manager. However, it lacks critical privacy and cookie policies, contact information, and WHOIS transparency, which impacts trust and compliance. The website is accessible without WAF or security challenges and uses HTTPS, but security headers are missing, and no incident response or security policies are disclosed. Overall, the site is functional but basic in content quality and technical implementation.

GEMOS CZ spol s r.o. is a Czech company specializing in smart traffic monitoring and management systems, offering a range of products including dynamic traffic lights, speed indicators, red light violation detection, and navigation solutions. The company targets municipalities and transportation authorities, positioning itself as a niche technology provider within the Czech Republic. The website reflects a professional business model focused on B2B technology solutions in the transportation and energy sectors. Technically, the website employs standard web technologies such as Bootstrap and jQuery, with integration of Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for performance and mobile devices, though accessibility and SEO features are basic. No CMS or hosting provider details were identified. The website is fully accessible with no blocking or WAF detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks important security headers and formal privacy or cookie policies. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, impacting overall trustworthiness. Overall, the website is functional and professional but would benefit from enhanced security practices, improved privacy compliance, and verification of domain registration details to strengthen trust and compliance posture.

E

ELEKTRO Skalka s.r.o

e-elektro.cz

49

ELEKTRO Skalka s.r.o operates the e-commerce website www.e-elektro.cz, specializing in the sale of vacuum cleaner bags, HEPA filters, and related household electronic accessories primarily targeting customers in the Czech Republic. The company positions itself as a niche retailer with a focus on vacuum cleaner parts and small electrical appliances, offering a broad catalog of products with clear pricing and availability. The website is professionally designed with good navigation and mobile optimization, supporting customer engagement through contact forms, phone, and email. Privacy and cookie policies are implemented with GDPR compliance in mind, including consent mechanisms.

S

SackyVysavace.cz

sackyvysavace.cz

56

SackyVysavace.cz is a Czech Republic based specialized e-commerce retailer focused on vacuum cleaner bags, filters, and accessories. The website offers a broad catalog of products with clear categorization and supports online ordering with options for delivery and 24/7 personal pickup at a physical location in Prague. The business targets consumers and small businesses needing vacuum cleaner supplies. Technically, the website uses a mix of modern JavaScript libraries and tracking tools, including Google Analytics and Tag Manager, with a proprietary or custom e-commerce platform (Shopion.cz). The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and published security policies. WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective, but the website content and contact details appear legitimate and professional. Overall, the site is safe, compliant with GDPR, and suitable for general audiences.

B

Úvodní stránka | BEST

bestvisio.cz

65

BESTVISIO.cz is a Czech Republic based small business specializing in providing innovative digital tools for customers to select and visualize paving and fencing products. Their offerings include online configurators for paving and fences and a virtual reality application that allows users to preview fencing options in real environments using mobile devices. The website is professionally designed with good content quality and consistent branding, targeting homeowners and customers interested in outdoor home improvement products. Technically, the site uses modern web technologies including lazy loading images, responsive CSS, and integrates Google Analytics and CookieHub for tracking and cookie consent management. Security posture is moderate with cookie consent and Google reCaptcha usage but lacks visible security headers and published privacy policies. WHOIS data is unavailable, indicating privacy protection, which slightly reduces transparency but is not uncommon for small businesses. Overall, the site is safe, user-friendly, and provides useful tools for its niche market.

T

tolk.ai - Generative AI powered Chatbot and Livechat solutions

thechatbotfactory.com

65

tolk.ai is a French technology company specializing in generative AI-powered chatbots and livechat solutions designed to enhance customer relations. Their SaaS platform offers no-code deployment of AI virtual assistants, livechat agents, and analytics tools to improve customer service efficiency and business insights. The company targets businesses seeking advanced conversational AI to automate pre- and post-sales customer interactions. The website demonstrates a professional digital presence with partnerships such as Microsoft France and availability on Azure Marketplace, indicating a credible market position. Technically, the site is built on WordPress with modern plugins and analytics integrations, providing moderate performance and good mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though improvements in security headers and explicit policies are recommended. Privacy compliance is partial, lacking visible privacy and cookie policies on the main page. Overall, tolk.ai presents a trustworthy and professional business with room for enhanced transparency and security documentation.

A

Apidae Tourisme

apidae-tourisme.com

50

Apidae Tourisme operates a leading national platform for tourism data management in France, serving over 900 clients and 30,000 professional users. The company provides a cooperative SaaS platform enabling territories to collect, enrich, and distribute tourism-related data, supporting both institutional stakeholders and digital service providers. Their market position is strong as a key enabler of digital transformation in the tourism sector. Technically, the website is built on WordPress with modern JavaScript libraries and plugins, offering good performance and mobile optimization. Security measures include HTTPS, anti-spam protection, and GDPR-compliant cookie management, though additional security headers could enhance posture. The absence of WHOIS data is a concern but does not detract from the professional and trustworthy presentation of the business. Overall, Apidae Tourisme demonstrates a mature digital presence with solid business credibility and compliance.

F

FC Zlín

fczlin.com

47

FC Zlín operates an official football club website serving the Czech Republic's regional sports community. The site provides comprehensive information about the club, including team rosters, match schedules, news updates, ticket sales, and fan merchandise. The business model centers on engaging fans and partners through digital channels, supporting ticketing and merchandising revenue streams. The website demonstrates consistent branding and a professional design tailored to sports enthusiasts and local supporters. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, OwlCarousel, and Font Awesome, ensuring a responsive and user-friendly experience. Hosting and domain registration are managed transparently with Tucows Domains Inc. as registrar and DNS servers located in the Czech Republic. Performance is moderate with good mobile optimization, though SEO and accessibility features are basic. From a security perspective, the site uses HTTPS with domain transfer protections enabled but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. Privacy compliance is partial; while a terms of service and basic privacy policy exist, no cookie consent mechanism or GDPR-specific disclosures are evident. Incident response and security policy information are absent, representing a compliance gap. Overall, the website is functional and trustworthy for its audience but would benefit from improved security hardening and privacy compliance measures. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

F

FK Teplice, eSports.cz, s.r.o.

fkteplice.cz

37

FK Teplice is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club's activities, including news, match schedules, team rosters, fan engagement, and community initiatives such as CSR and esports. The domain has been registered since 1998, reflecting the club's longstanding history. Technically, the website employs modern web technologies including Google Analytics, Adsense, and Google Translate, hosted on Websupport infrastructure. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and rich content. Security posture is moderate with cookie consent implemented but lacks visible advanced security headers and explicit privacy or terms of service pages. No direct contact information or incident response details are provided, which could be improved to enhance trust and compliance. Overall, the website is a credible and functional digital asset for FK Teplice, serving its target audience effectively.

F

FK Pardubice

fkpardubice.cz

45

FK Pardubice is a Czech football club with an official website providing comprehensive information about the club, teams, matches, tickets, and fan engagement. The site targets fans and the local community, offering news, multimedia content, and official club details. The domain is well-established since 2011, supporting the club's legitimacy and presence in the regional sports market. Technically, the website uses modern JavaScript libraries, CSS frameworks, and tracking tools with proper consent mechanisms, hosted on a Czech provider's infrastructure. Security posture is good with HTTPS and cookie consent, though some security headers and policies could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

FC VIKTORIA Plzeň is a Czech football club with an established online presence dating back to at least 2001, as indicated by the domain registration. The website serves primarily as an informational platform for fans and the local community, offering basic content about the club. Technically, the site uses a combination of older web technologies such as jQuery 1.11.3 and Bootstrap 3.3.7, along with modern tracking tools like Google Analytics and Facebook Pixel. The site lacks advanced CMS integration and appears to be custom-built, with moderate performance and basic mobile optimization. From a security perspective, the website uses HTTPS but lacks important security headers and visible privacy or cookie policies, which reduces its compliance posture. There are no visible forms or contact mechanisms, limiting user interaction and data collection. The WHOIS data is consistent with the website's claims, showing a long-standing domain registration without privacy protection, appropriate for a public sports entity. Overall, the website is functional but basic, with room for improvement in privacy compliance, security hardening, and user engagement features. The absence of contact information and policies may impact user trust and regulatory compliance. Strategic enhancements in these areas would improve the site's professionalism and security posture.

F

FC Slovan Liberec

fcslovanliberec.cz

45

FC Slovan Liberec operates an official website serving as the primary digital platform for the Czech football club. The site offers comprehensive content including team news, match schedules, ticketing options, fan merchandise, and multimedia galleries, targeting football fans and local community members. The website demonstrates a consistent brand presence and integrates multiple partner and sponsor domains, reflecting a well-established sports organization. Technically, the site employs modern web technologies such as Bootstrap and jQuery, with performance and mobile optimization rated as good. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit security headers and detailed privacy policies are absent. The lack of WHOIS data is a notable gap, reducing domain trustworthiness despite the legitimate appearance of the site. Overall, the website is professional and user-friendly but would benefit from enhanced transparency in privacy and security policies.

F

FC Hradec Králové, a.s.

fchk.cz

53

FC Hradec Králové, a.s. operates an official website serving as the primary digital platform for the Czech football club FC Hradec Králové. The site provides comprehensive information including match schedules, team rosters, news updates, ticketing services, and a fanshop for merchandise. The club has a strong market presence in Czech football, with a history dating back over 120 years, positioning itself as a well-established sports entity. The website targets football fans, local community members, and sports enthusiasts, offering a user-friendly and content-rich experience. Technically, the website employs modern JavaScript libraries such as GSAP and Swiper.js for animations and interactive elements, alongside Google Analytics and Facebook Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, hosted under a Czech registrar with consistent domain registration data. Cookie consent mechanisms and GDPR compliance are well implemented, reflecting a mature approach to privacy and user data protection. From a security perspective, the website enforces HTTPS and uses cookie consent categories to manage tracking scripts responsibly. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, the website demonstrates a high level of professionalism, content quality, and trustworthiness, with a strong alignment between domain registration and business identity. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen the security posture.