Security Directory

L

Liverpool School of Tropical Medicine

lstmed.ac.uk

68

Liverpool School of Tropical Medicine (LSTM) is a prestigious educational and research institution specializing in tropical medicine and global health. Founded in 1898, it holds a leading position in its sector, offering research, education, clinical services, and public engagement. The website reflects a mature digital presence with comprehensive content targeting students, researchers, and global health partners. Technically, the site is built on Drupal 7 with a modern set of analytics and marketing tools, delivering a good user experience with mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and incident response details could be improved. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable likely due to privacy protection. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and providing explicit incident response contacts.

J

J&J Foundation

jnjfoundation.com

68

The J&J Foundation website represents a philanthropic entity likely affiliated with Johnson & Johnson, focusing on community and social initiatives. The site targets a general audience including potential donors and community partners. The business model is non-profit, with key services centered on charitable programs. The website uses modern web technologies including Google Analytics, Microsoft Clarity, and a CMS platform likely Brightspot. It is mobile optimized and uses HTTPS for secure communications. However, the absence of WHOIS registration data and lack of visible privacy policies or contact information reduce trustworthiness. Security posture is moderate with standard tracking and cookie consent mechanisms but lacks explicit security headers and incident response information. Overall, the site is functional but could improve transparency and compliance documentation.

U

United Nations Population Fund

unfpa.org

69

The United Nations Population Fund (UNFPA) is a globally recognized non-profit organization dedicated to sexual and reproductive health and rights. It operates in over 150 countries, providing critical services such as family planning, maternal health, gender-based violence prevention, and humanitarian aid. The website reflects its authoritative position with comprehensive content, multilingual support, and a clear mission statement. Technically, the site employs modern analytics and marketing tools, including Google Tag Manager, Facebook Pixel, and Fundraise Up, alongside a Drupal CMS platform. It demonstrates good performance, mobile optimization, and accessibility features. Security posture is strong with HTTPS enforcement, security headers, and consent management, although explicit incident response and vulnerability disclosure information are not publicly available. Overall, the domain and website present a high level of legitimacy and trustworthiness consistent with a major UN agency.

A

AgroBio Opava, s.r.o.

agrobio.cz

57

AgroBio Opava, s.r.o. is a well-established Czech company specializing in retailing home and garden products, primarily targeting gardeners and plant enthusiasts. With over 30 years of market presence and a domain registered since 2000, the company offers a broad range of natural products, pest control solutions, fertilizers, seeds, and gardening supplies through both an e-commerce platform and a physical store in Opava. The website is professionally designed with clear navigation and a loyalty program to engage customers. Technically, the site uses modern analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook SDK, and Hotjar, hosted partly on Amazon Cloudfront. Security posture is good with HTTPS enforced and secure login forms, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant with active consent mechanisms. Overall, the site demonstrates a mature digital presence with strong business credibility and user trust.

C

Compensa TU S.A. Vienna Insurance Group

compensa.pl

66

Compensa TU S.A. Vienna Insurance Group operates a professional insurance website targeting individual and corporate clients in Poland. The company offers a broad range of insurance products including vehicle, home, health, travel, and agricultural insurance. The website is well-structured, with clear navigation and multiple contact forms facilitating customer interaction. The presence of structured data and social media links supports a credible digital presence. Technically, the site leverages WordPress CMS with modern JavaScript libraries and analytics tools, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and secure form handling, though explicit privacy and cookie policies are not clearly found in the provided content. WHOIS data is unavailable from the .pl registry, which slightly impacts domain trust but does not undermine the evident legitimacy of the business. Overall, the site demonstrates a mature digital infrastructure suitable for a large insurance provider.

A

AXA Partners CEE

axa-assistance.pl

66

AXA Partners CEE operates the website www.axa-assistance.pl, providing travel insurance and assistance services primarily targeting Polish travelers and partners. The company offers products such as travel insurance, travel cancellation insurance, and moto assistance, positioning itself as a professional and established player in the Polish insurance assistance market. The website branding and content align with the AXA Group's global insurance brand, indicating a strong market presence and trustworthiness. Technically, the website is built on ASP.NET WebForms with a custom CMS, integrating modern analytics and cookie consent tools such as Google Tag Manager, Google Analytics, and OneTrust. The site is mobile optimized with good SEO practices and a professional design, though accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were found in the analyzed content. WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for this business type but reduces transparency. Overall, the website demonstrates a solid business and technical foundation with room for improvement in privacy policy transparency and security header implementation. The risk level is moderate with no immediate red flags, supporting a trustworthy user experience.

S

SIGNAL IDUNA

signal-iduna.pl

48

SIGNAL IDUNA Polska TU S.A. operates a professional and comprehensive insurance website targeting individuals and businesses in Poland. The company offers a broad range of insurance products including health, life, travel, and accident insurance, with dedicated services for group clients. The website demonstrates a mature digital presence with modern technologies such as WordPress CMS, jQuery, Google Analytics, and responsive design, ensuring good user experience and accessibility. Privacy and cookie policies are clearly presented, reflecting compliance with GDPR regulations. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance trust. The WHOIS data is not publicly accessible, likely due to privacy protection, which is common for corporate domains in Poland and does not raise immediate concerns. Overall, the website is professional, secure, and trustworthy, serving as a reliable digital front for the insurance business.

C

Centrum Medyczne ENEL-MED Spółka Akcyjna

enel.pl

70

Centrum Medyczne ENEL-MED Spółka Akcyjna operates a private healthcare center in Poland, providing medical consultations, diagnostics, and specialist treatments. Established in 1999, it holds a strong market position as a reputable private medical service provider. The website reflects a professional healthcare business with a clear focus on patient services and compliance with privacy regulations. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, Google Analytics, and Cookiebot for GDPR compliance. Security measures include HTTPS, reCAPTCHA, and cookie consent mechanisms, though additional security headers could enhance protection. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible online presence. Overall, the website demonstrates good digital maturity and adherence to privacy standards, supporting the company's credibility and trustworthiness.

P

Prison Officers' Medical Aid Society

pomas.ie

59

The Prison Officers' Medical Aid Society (POMAS) operates a professional website serving prison officers in Ireland, providing medical aid services including claims processing, digital GP access, and member account management. The website is built on WordPress using the Divi theme and incorporates standard web technologies such as jQuery and Google Analytics for tracking. The content is well-structured, relevant, and targeted specifically at its niche audience, with downloadable forms and comprehensive privacy information available. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy. Security posture is moderate with HTTPS enabled but lacks advanced security headers and cookie consent mechanisms. Overall, the site demonstrates a good level of professionalism and trustworthiness appropriate for a small healthcare non-profit organization.

GRAWEB s.r.o. is a small Czech creative advertising agency specializing in marketing, graphic design, printing, and web development services. The company targets local and regional businesses seeking professional advertising and web solutions. Their website demonstrates a mature digital presence with a portfolio of client references and active social media engagement. Technically, the site uses a modern JavaScript stack with analytics and marketing tools integrated, though some security best practices such as security headers and privacy policies are missing. The security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks comprehensive security policies and vulnerability disclosures. The WHOIS data is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional and professional but would benefit from improved compliance and security transparency.

E

Euronova Group

plzen.cz

47

Plzen.cz is a regional news and media portal serving the Plzeň and Karlovy Vary regions in the Czech Republic. Operated by Euronova Group, the website offers news, cultural and social event information, sports updates, and video content targeted at the general public in the region. The site has been established since 1997, indicating a mature presence in the local media market. Technically, the site runs on Joomla CMS with the Gantry5 framework, utilizing common web technologies such as jQuery, Bootstrap, and Video.js. It integrates Google Analytics and Google Tag Manager for user tracking and analytics. The website is mobile optimized and provides a clear navigation structure with consistent branding. Security-wise, the site uses HTTPS and implements a cookie consent mechanism, but lacks visible security headers and explicit privacy or security policies. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the website's claims, supporting its legitimacy.

J

Juraj Mertuš

mertus.sk

45

Juraj Mertuš is a professional Slovak woodcarver artist specializing in various artistic wood carvings including portraits and sacred art. The website serves as a portfolio and contact point, targeting art enthusiasts and cultural institutions. The site is well designed with good navigation and mobile optimization, employing modern technologies such as Bootstrap and Google Analytics. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks advanced security headers and explicit incident response policies. Privacy compliance is basic but present, with GDPR-aligned cookie consent and privacy policy pages. Overall, the website is trustworthy and professionally maintained, suitable for its niche artisan business model.

P

PDF Form - elektronické formuláře v PC a vše pro práci s PDF soubory

pdf-form.cz

46

The website www.pdf-form.cz is an e-commerce platform specializing in PDF software tools including PDF creation, editing, electronic signatures, and electronic forms. It targets users primarily in the Czech Republic who require specialized PDF software solutions. The site presents a professional and consistent brand image with a clear product catalog and user-friendly navigation. The business model is retail-focused, selling software licenses and related products online. The market position is niche, catering to PDF software users and electronic form creators. Technically, the site uses a modern tech stack including jQuery, Bootstrap, Swiper.js, and Google Analytics, and is likely built on the OpenCart CMS platform. The site is mobile-optimized and performs moderately well, with good SEO practices.

1

1000 dveří s.r.o.

1000dveri.cz

50

1000 dveří s.r.o. operates a Czech-based e-commerce and physical retail business specializing in interior doors and door frames. The company offers a wide range of products from well-known brands and provides installation and free measurement services. Their market position is that of a specialized local retailer with a solid customer base and over 2000 doors sold and installed annually. The website is professionally designed with good content quality and clear navigation, targeting Czech and Slovak customers seeking interior door solutions. Technically, the website runs on OpenCart CMS with a modern but slightly dated technology stack including jQuery 2.1.1, Bootstrap, and various JavaScript libraries for UI and analytics. The site is mobile optimized and uses HTTPS with Google reCAPTCHA for form security. Cookie consent mechanisms are implemented in compliance with GDPR, and analytics/tracking tools are used responsibly. From a security perspective, the website demonstrates good practices such as HTTPS enforcement, use of reCAPTCHA, and cookie consent banners. However, some security headers are missing or not explicitly found, and the jQuery version is outdated, which could pose risks. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, indicating legitimacy. Overall, the website presents a low risk profile with good business credibility and privacy compliance. Strategic improvements in security headers and library updates would enhance the security posture further.

O

Ofa Bamberg GmbH

ofaaustria.at

58

Ofa Austria is a branch of Ofa Bamberg GmbH, a well-established manufacturer specializing in medical compression stockings, bandages, and orthopedic products. The company emphasizes innovation, quality, and medical efficacy, targeting healthcare professionals and patients with venous and lymphatic conditions. The website is professionally designed, content-rich, and provides comprehensive product and health-related information. Technically, the site uses modern JavaScript libraries and HubSpot CMS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and privacy compliance, though explicit security headers and incident response contacts are missing. The absence of WHOIS data limits domain trust verification but does not detract significantly from the overall legitimacy. Strategic recommendations include enhancing security headers, providing direct contact information, and maintaining privacy compliance.

C

CIF Alfa s.r.o.

rosmarin.cz

46

Rosmarin.cz is a Czech business center website offering office rentals, conference rooms, and various supporting services such as parking, fitness, dining, and dental care located in Prague 7, Holešovice. The company behind the site is CIF Alfa s.r.o., operating in the real estate and hospitality sectors. The website targets businesses and professionals seeking office space with comprehensive amenities in a convenient urban location. The site demonstrates a professional design with clear navigation and relevant content, supporting a medium-sized business model focused on commercial real estate rental and service provision. Technically, the website employs common web technologies including jQuery, Google Analytics, Facebook Pixel, and other marketing and tracking tools. Hosting is provided by Český hosting. The site is mobile-optimized and shows good SEO practices, though accessibility features are basic. No CMS or advanced frameworks were detected. Performance is moderate, with room for improvement in security headers and privacy policy transparency. From a security perspective, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and explicit privacy or security policies. No forms were detected in the provided HTML, reducing exposure to input-based vulnerabilities. The WHOIS data is missing, which reduces domain transparency and trustworthiness, though the website content and business presence appear legitimate. The site uses multiple third-party tracking and advertising services, indicating extensive user tracking. Overall, the website is functional, professional, and business-focused but would benefit from improved transparency in domain registration, enhanced security headers, and explicit privacy and terms of service documentation to strengthen trust and compliance.

U

Uskur

gopunica.com

60

The website gopunica.com represents Uskur, a small technology company founded in 2020 that offers an integrated association and events management software solution. The platform targets associations and event organizers, providing a comprehensive SaaS product that includes features such as membership management, event management, abstract submissions, virtual events, and integrations like Moodle. The website content is professional and well-structured, with a clear focus on its niche market. Technically, the site employs a modern front-end stack including Bootstrap and various JavaScript libraries, hosted on Linode servers. Performance and mobile optimization are moderate to good, though accessibility and SEO could be improved. Security posture is moderate; the domain is registered with a reputable registrar and has clientTransferProhibited status, but lacks DNSSEC and security headers. Privacy compliance is weak, with no visible privacy or cookie policies and no GDPR indicators. Contact information is limited to a contact form, with no direct emails or phone numbers provided. Overall, the site is functional and professional but would benefit from enhanced security and privacy practices.

E

EGPRN

egprn.org

64

EGPRN is a European organization dedicated to general practitioners and health professionals involved in primary care and family medicine research. The website serves as a hub for membership, collaborative studies, conferences, courses, and publication archives, targeting healthcare professionals and researchers. The organization positions itself as a key network in European primary care research with a professional and consistent online presence. Technically, the website employs modern web technologies including Bootstrap, jQuery, and Google Analytics, with hosting likely behind Cloudflare. The site is mobile-optimized with good navigation and SEO practices, though accessibility features are basic. Cookie consent and privacy policies are implemented, reflecting GDPR compliance awareness. Security posture is solid with HTTPS enforced and no visible sensitive data exposure. However, the absence of explicit security headers and incident response information suggests room for improvement. WHOIS data is unavailable due to privacy protection, which is justified for this non-profit entity. Overall, the site is trustworthy and professionally maintained. Strategically, EGPRN should enhance security headers, publish clear security and incident response policies, and improve accessibility compliance to strengthen trust and resilience. Continued monitoring of third-party scripts and privacy practices is recommended to maintain compliance and security.

The Atlas of MS website is a professionally designed and maintained platform operated by the Multiple Sclerosis International Federation (MSIF), a UK-based non-profit organization. It serves as a comprehensive global resource for epidemiological data on multiple sclerosis, providing detailed visualizations, downloadable reports, and advocacy tools. The site targets healthcare professionals, researchers, policy makers, and the general public interested in MS data. Its market position is strong as a leading global data resource and advocacy tool in the MS healthcare sector. Technically, the website employs modern web technologies including Bootstrap, Font Awesome, and Google Analytics, hosted behind Cloudflare DNS services. The site is mobile-optimized with good SEO and accessibility basics, though some improvements in accessibility and security headers could be made. Performance is moderate, with asynchronous loading of analytics and tag management scripts. From a security perspective, the site uses HTTPS and Cloudflare DNS but lacks DNSSEC and explicit security headers, which are recommended for enhanced protection. No exposed sensitive data or vulnerabilities were detected in the provided content. Privacy compliance is strong, with clear links to comprehensive privacy and terms policies hosted on the MSIF domain. Contact is primarily via forms and external MSIF contact pages, with no direct emails or phone numbers disclosed. Overall, the website presents a low-risk profile with a high degree of professionalism and trustworthiness. Strategic recommendations include enabling DNSSEC, adding security headers, and publishing explicit security and incident response policies to further strengthen the security posture and user trust.

The MS Barometer website is an informational platform focused on providing data and statistics related to Multiple Sclerosis in Europe. It targets healthcare professionals, researchers, and the MS community by offering findings, comparisons, and country-specific insights. The site uses modern web technologies including React, Next.js, and Material-UI, hosted likely on DigitalOcean infrastructure. Google Analytics and Tag Manager are employed for user tracking, with a visible cookie consent mechanism ensuring basic compliance. However, the absence of explicit privacy policies, terms of service, and contact information limits its privacy compliance and business credibility. Security posture is moderate with HTTPS enforced but lacking security headers and vulnerability disclosures.

S

Takk

styrkja.is

63

The website www.styrkja.is serves as a donation platform focused on supporting a wide range of charitable and social causes within Iceland. It aggregates multiple non-profit organizations, providing users with the ability to make monthly contributions to causes such as child welfare, health, environment, and human rights. The platform positions itself as a trusted intermediary facilitating philanthropy in the Icelandic market. Technically, the site is built using modern web technologies including the Gatsby React framework, and integrates analytics and marketing tools such as Google Analytics, Facebook Pixel, and CookieHub for cookie consent management. The website demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and a published security policy or incident response contacts. WHOIS data for the domain is not publicly available, which is typical for Icelandic domains, but the site content and external references support its legitimacy. Overall, the site is professionally designed and trustworthy, with room for improvement in security transparency and privacy policy publication.

F

ForthRight

forthright.gr

44

ForthRight is a specialized digital marketing agency based in Greece, focusing primarily on medical digital marketing services. The company offers a comprehensive suite of services including SEO, website and e-shop development, content marketing, Google Adwords campaigns, social media management, and digital marketing seminars. It holds a strong market position as a leader in medical marketing in Greece, supported by client testimonials and partnerships with recognized platforms such as Google and Semrush. The website is professionally designed, mobile-optimized, and uses modern web technologies including WordPress, jQuery, and performance optimization tools like WP Rocket and Optimole. Security posture is solid with HTTPS enforced and anonymized analytics, though some security headers and privacy compliance elements like cookie consent and privacy policy pages are missing. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

Y

YouBeHero

youbehero.com

69

YouBeHero is a Greek non-profit platform established in 2017 that enables users to convert commissions from their online purchases into donations to charitable organizations without any additional cost. The platform targets socially conscious Greek consumers and supports 151 registered organizations. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and integrates Google Analytics and Tag Manager for tracking. The domain is registered with GoDaddy and uses Cloudflare DNS services, ensuring reliable hosting and DNS management. Security posture is solid with HTTPS enforced and CSRF protections, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-optimized for mobile and SEO. No critical security or content safety issues were detected.

R

Roche Müstahzarları San. A.Ş.

msplatformu.com

59

MS Platformu is a Turkish healthcare support website dedicated to providing comprehensive information and resources about Multiple Sclerosis (MS) for patients and their families. Sponsored by Roche Müstahzarları San. A.Ş., the platform offers educational content, expert video opinions, and promotes a mobile application (MS+) to assist in disease management. The website is well-positioned within the niche healthcare information market in Turkey, targeting MS patients and their relatives with medically reviewed content and support services. Technically, the website is built on Drupal 9 CMS, utilizing modern web technologies such as jQuery and Slick Slider for interactive content. It is hosted behind Cloudflare DNS services, ensuring reliable availability and performance. The site demonstrates good mobile optimization and SEO practices, though there is room for improvement in accessibility and security headers implementation. From a security perspective, the site enforces HTTPS and maintains domain registration protections but lacks DNSSEC and explicit security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies, GDPR adherence, and transparent contact information including incident response email for adverse events. Overall, MS Platformu presents a trustworthy, professional, and user-friendly resource for MS-related information in Turkey. Strategic improvements in security headers and DNSSEC adoption would enhance its security posture further, while maintaining its strong compliance and business credibility.

C

COCEMFE

cocemfe.es

51

COCEMFE is a well-established Spanish non-profit organization founded in 1980, dedicated to the inclusion and active participation of people with physical and organic disabilities. The website reflects a mature digital presence with comprehensive content covering employment, training, accessibility, education, legal advisory, accessible tourism, volunteering, and international cooperation. The organization maintains a strong market position nationally, representing millions of people and hundreds of associations. Technically, the site is built on WordPress with modern plugins and demonstrates good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and detailed privacy policies could be enhanced. The absence of WHOIS data limits domain trust verification, but the website's professional design, clear contact information, and public funding references support its legitimacy. Overall, COCEMFE's digital presence is professional, trustworthy, and aligned with its mission.

V

Vitrex Medical A/S

vitrexmg.com

51

Vitrex Medical A/S operates a professional website supplying high-quality laboratory and analytical products to the healthcare sector, targeting hospitals, laboratories, and clinics. The company positions itself as an experienced supplier with over 50 years in the industry, supported by a consistent brand presence and active social media channels. The website is built on WordPress using the Divi theme and incorporates modern SEO and analytics tools, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS and domain protection statuses, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is strong with clear cookie and privacy policies and consent mechanisms in place. Overall, the site is trustworthy and professionally maintained, though the recent domain registration date suggests a possible recent rebranding or domain change.

O

OFA Bamberg

ofa24.de

42

OFA Bamberg operates a specialized B2B online shop platform targeting distributors and wholesalers primarily in the retail sector within Germany. The website serves as a login portal restricting access to registered business partners, emphasizing a controlled wholesale business model. The company branding is consistent and professional, though public-facing content is minimal and focused on access control rather than marketing or customer engagement. The technical infrastructure leverages common web technologies including jQuery, Bootstrap, and multiple analytics and marketing tools such as HubSpot, Google Analytics, Matomo, and Smartlook, indicating a moderate level of digital maturity. Hosting appears to be managed via Deutsche Telekom infrastructure, suggesting reliable hosting services. Security posture shows some positive indicators such as CSRF token usage in forms but lacks visible security headers and explicit SSL configuration details, which could be improved. Privacy compliance is weak with no visible privacy or cookie policies despite the use of tracking technologies. Overall, the website is functional for its intended B2B audience but would benefit from enhanced transparency and security hardening.

A

Ausind S.r.l.

ausind.it

51

Ausind S.r.l. is a well-established Italian business services company affiliated with Confindustria Genova, providing a broad range of services including training, HR solutions, safety, competitiveness, and communication. The company has a strong regional presence with over 45 years of experience and holds ISO 9001:2015 certification, reflecting its commitment to quality. The website is professionally designed using Drupal 8 CMS and integrates modern front-end technologies and analytics tools, demonstrating a mature digital infrastructure. Security measures such as HTTPS, cookie consent, and captcha on forms are implemented, though some backend PHP notices indicate minor technical issues that should be addressed to improve security posture. Overall, the website is compliant with GDPR and provides clear contact information and policies, supporting trust and transparency.

The website 'Žilní poradna - léčba křečových žil a metliček' is operated by S.A.B. Medical, s.r.o., a small healthcare entity based in the Czech Republic specializing in venous insufficiency and varicose vein treatments. The site provides medical information, patient guidance, and details about treatment options such as radiofrequency, laser, and surgical methods. It serves a targeted audience of patients and individuals seeking specialized vascular care. The business model appears to be informational and advisory, potentially supported by medical product distribution partnerships. Technically, the website is built on the Estranky.cz CMS platform and uses legacy JavaScript libraries like jQuery 1.12.4 and jQuery UI 1.12.1. It integrates Google Analytics and Facebook SDK for user tracking and marketing purposes. The site shows basic mobile optimization and accessibility features but lacks advanced SEO and modern performance optimizations. No explicit security headers were detected, and privacy and cookie policies are absent, indicating compliance gaps with GDPR and related regulations. From a security perspective, the site uses HTTPS for external scripts, but the SSL configuration and security headers are unknown or missing. The absence of privacy and cookie policies, outdated libraries, and missing WHOIS domain registration data reduce the overall security posture and trustworthiness. No critical vulnerabilities or adult content were detected, but improvements are needed to enhance compliance and security. Overall, the website is functional and provides relevant healthcare content but requires significant enhancements in privacy compliance, security best practices, and technical modernization to improve trust and user experience.

G

Galén-Kompas, s.r.o.

e-kompas.cz

44

Galén-Kompas, s.r.o. operates the e-kompas.cz website, an established Czech online bookstore specializing in medical, health, and lifestyle literature. Founded in 2000, the company targets healthcare professionals, students, and general readers interested in specialized literature. The website offers categorized browsing, publisher filtering, and user account management, positioning itself as a niche player in the Czech retail book market. Technically, the site uses legacy JavaScript libraries such as jQuery 1.7.2 and jQuery UI, with Google Analytics for tracking. The platform appears custom-built without a common CMS. While the site includes a cookie consent banner and terms of service, it lacks a dedicated privacy policy page and visible advanced security headers. Security posture is moderate but could be improved by updating libraries and implementing security headers. WHOIS data confirms domain legitimacy and long-term registration consistent with the business history. Overall, the website is functional and professional but would benefit from modernization and enhanced security and privacy compliance.

V

Visual Communication, a.s.

visualcommunication.cz

60

Visual Communication, a.s. is a Czech-based holding company specializing in audiovisual communication technologies and services. With over 30 years of experience, it operates multiple subsidiaries that provide AV systems, event services, design, and media solutions primarily targeting corporate, public, educational, and cultural sectors in the Czech Republic and Central Europe. The website reflects a professional and consistent brand presence with clear subsidiary listings and business information. Technically, the site is built on WordPress using the Mioweb theme, incorporating modern JavaScript libraries like jQuery and Google Analytics for tracking. The site is mobile-optimized and offers a cookie consent mechanism compliant with GDPR requirements, although explicit privacy and terms of service pages are absent. Security posture is good with HTTPS enforced but could be improved by adding security headers and incident response information. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

Altova GmbH

altova.com

67

Altova GmbH is a technology company specializing in software development tools focused on XML, JSON, SQL, UML, and mobile app development. Their product portfolio includes desktop tools, server software, regulatory solutions, and cloud-based SaaS applications, positioning them as a comprehensive provider in data integration and enterprise app development markets. The company targets developers, IT professionals, and business users requiring robust data processing and regulatory compliance solutions. Their market position is supported by award-winning products and a consistent brand presence. Technically, the website demonstrates a mature digital infrastructure using modern web technologies such as Bootstrap, jQuery, Google Tag Manager, and Google Analytics. The site is well-optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. Structured data enhances search engine visibility and business information clarity. From a security perspective, the site uses HTTPS and secure form submissions but lacks some advanced security headers and explicit incident response or vulnerability disclosure information. Privacy and cookie policies are present but could be improved with explicit consent mechanisms. The absence of WHOIS data raises some concerns about domain registration transparency, although the website content and business legitimacy appear strong. Overall, Altova's website reflects a professional and trustworthy business with solid technical implementation and good security hygiene. Strategic improvements in security policy transparency, cookie consent, and domain registration clarity would further enhance trust and compliance.

Q

Quest Software

quest.com

89

Quest Software is a well-established enterprise technology company specializing in AI data platforms, cybersecurity, and platform modernization solutions. Their website reflects a mature digital presence with comprehensive content targeting enterprise IT professionals. The company offers a range of IT management and cybersecurity services designed to help organizations securely manage and innovate with their data. Technically, the site is built on Drupal 11, employs modern web technologies, and integrates industry-standard analytics and consent management tools, indicating a high level of digital maturity. Security posture is strong with HTTPS, security headers, and incident response contacts clearly provided, although a dedicated security policy page and vulnerability disclosure policy could enhance transparency. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, which slightly impacts transparency but not overall legitimacy.

G

G-Think media

gthink.cz

39

G-Think media is a Czech Republic based communication agency specializing in web development, SEO optimization, internet advertising, and social media marketing. The company targets small to medium businesses primarily in the Zlín region and surrounding cities. Their website demonstrates a professional digital presence with clear service offerings and client engagement features such as contact forms and consultation calls. Technically, the site is built on WordPress using popular plugins like WPBakery and Slider Revolution, with Google Analytics and Tag Manager integrated for tracking. Security posture is adequate with HTTPS enforced and cookie consent implemented, though security headers and formal privacy policies are absent. WHOIS data is unavailable, which limits domain trust verification, but the website content and contact information appear legitimate and consistent with a small local agency.

OrthoPedia Patient is an educational platform specializing in orthopedic patient education, offering accessible learning content such as videos and modules focused on orthopedic conditions and treatments. The platform targets patients, students, and healthcare learners seeking reliable orthopedic information. It occupies a niche market position within healthcare education, leveraging a digital learning management system to deliver content. Technically, the website is built on a modern LMS platform (Intellum) and integrates multiple analytics and tracking tools including Google Analytics, Snowplow, and Hotjar. The site uses HTTPS with strong SSL configuration and is hosted on Amazon S3 for media assets, indicating a robust infrastructure. The design is professional, mobile-optimized, and accessible, providing a good user experience. From a security perspective, the site employs HTTPS and cookie consent mechanisms but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. The absence of a privacy policy and terms of service on the homepage slightly reduces privacy compliance scores. WHOIS data for the subdomain is unavailable, which is typical, but no suspicious patterns were found. Overall, the website presents a low-risk profile with good technical and security posture, though improvements in privacy transparency and security policy publication are recommended to enhance trust and compliance.

Miger Advertising is a small, established advertising agency based in Rožnov pod Radhoštěm, Czech Republic, founded in 1999. The company offers a broad range of services including graphic design, printing, web design, photography, signmaking, and office supplies. Their market position appears to be local/regional with a diversified service portfolio supported by multiple related domains. The website content is professional and relevant to their business, targeting a general audience seeking advertising and printing services. Technically, the website uses older JavaScript libraries such as jQuery 1.5 and plugins like Fancybox and Cycle Lite, indicating some technical debt and potential security risks. The site includes Google Analytics for tracking but lacks modern CMS or frameworks. Performance and mobile optimization are moderate to basic, with room for improvement in accessibility and SEO. From a security perspective, the site lacks visible security headers and uses outdated libraries with known vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps with GDPR. Contact information is provided but no email addresses are visible on the site. The domain WHOIS data is consistent with the business claims, showing a long-established registration since 1999, enhancing trustworthiness. Overall, the website is functional and professional but requires updates to its technical stack, security posture, and privacy compliance to reduce risks and improve user trust. Strategic improvements in these areas will enhance the company's digital maturity and regulatory adherence.

C

Czech Hotel Awards, s.r.o.

hotelawards.cz

43

Czech Hotel Awards, s.r.o. operates a niche hospitality awards platform in the Czech Republic, focusing on recognizing hotels through votes from industry professionals and satisfied guests. The website serves as a portal for applications, nominated hotels, results, and related content including a blog and gallery. The company maintains partnerships with regional and national tourism organizations, enhancing its credibility and market presence. Technically, the site is built on WordPress with common plugins and integrates Google Analytics for visitor tracking. The design is professional, mobile-optimized, and user-friendly, supporting a positive user experience. Security posture is adequate with HTTPS enforced and secure form handling, though improvements are recommended in security headers and privacy compliance. The absence of WHOIS data limits domain trust analysis but does not detract significantly from the overall legitimacy of the business. Strategic recommendations include enhancing privacy and cookie policies, publishing security and incident response information, and implementing security headers to strengthen the security posture.

Bayer is a global enterprise operating in healthcare and agriculture sectors, with a long-standing presence in the Czech Republic since 1884. The website reflects a professional corporate identity with consistent branding and a focus on providing information about Bayer's operations in Czechia. The technical infrastructure is modern, leveraging Drupal 11 CMS, Google Tag Manager, and OneTrust for cookie compliance, indicating a mature digital presence. Security posture is strong with HTTPS enforced and clickjacking protections in place, although explicit security policies and incident response contacts are not published on the site. Privacy compliance is supported by cookie consent mechanisms, but a clearly accessible privacy policy page was not identified in the provided content. WHOIS data for the domain is not publicly available, which is unusual for a major corporation but does not detract significantly from the site's legitimacy given the brand recognition and content quality. Overall, the site is well-designed, secure, and compliant with basic privacy standards, suitable for a large multinational corporation.

Unilabs is the largest private provider of laboratory and diagnostic services in the Czech Republic, operating over 20 laboratories and 80 collection points with a workforce exceeding 1200 employees. The company offers a broad range of routine and specialized diagnostic tests including biochemistry, hematology, microbiology, immunology, pathology, genetics, and forensic genetics, also serving veterinary practices. The website reflects a professional and comprehensive digital presence with clear navigation, modern technology stack, and compliance with GDPR and cookie consent regulations. Security posture is strong with HTTPS and no visible vulnerabilities, though security headers and explicit security policies could be improved. The absence of WHOIS data reduces domain trust from a registration perspective but does not detract from the professional business presentation. Overall, Unilabs demonstrates a mature digital infrastructure supporting its market-leading position in healthcare diagnostics.

M

maxdorf

slovniky.cz

52

Slovníky.cz is a Czech online dictionary and lexicon platform operated by the company Maxdorf, established in 1998. The website offers specialized lexicons, including medical dictionaries, and links to related services such as a bookstore and an encyclopedic club. The business targets general users seeking reference materials in Czech language, operating a niche content service with a small-scale business model. Technically, the site is built with basic HTML, CSS, and JavaScript, incorporating Google Analytics for visitor tracking. The infrastructure is hosted by REG-ZONER, a Czech hosting provider, and the domain is long-established, supporting business credibility. Security posture is moderate with HTTPS enabled but lacks modern security headers and privacy compliance mechanisms. No privacy or cookie policies are present, and no contact information is provided, which limits trust and compliance. Overall, the site is functional but could benefit from modernization and enhanced security and privacy practices.

A

American Academy of Family Physicians

aafp.org

63

The American Academy of Family Physicians (AAFP) is a large, well-established professional association representing over 128,000 family physicians, residents, and students. The organization provides advocacy, education, patient and practice resources, and continuing medical education (CME) to its members. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency. It targets healthcare professionals specializing in family medicine and supports their professional development and advocacy efforts. Technically, the site uses a modern technology stack including Adobe Experience Manager CMS, various analytics and marketing tools such as Google Analytics, Adobe Analytics, HubSpot, and multiple social media pixels. The site is well optimized for mobile and accessibility, with good SEO practices and secure HTTPS implementation. Security headers and best practices are in place, though there is room for improvement in public vulnerability disclosure and incident response visibility. The security posture is strong with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR considerations. The WHOIS data is privacy protected, which is justified for this type of organization, and no suspicious patterns were detected. Overall, the website is trustworthy, professional, and secure. Strategic recommendations include enhancing transparency around security incident response, maintaining up-to-date third-party libraries, and considering publishing security certifications to further boost trust.

R

Royal College of General Practitioners

rcgp.org.uk

68

The Royal College of General Practitioners (RCGP) is a professional membership organization serving over 53,000 general practitioners (GPs) in the United Kingdom. It acts as the guardian of standards for GPs, providing education, certification, career support, and advocacy services. The website reflects a mature and well-established institution with a clear focus on healthcare professionals, particularly GPs. The organization holds a leading market position within the UK healthcare sector, offering a broad range of services including MRCGP exams, learning resources, and membership benefits. Technically, the website is built on the Kentico CMS platform and utilizes modern frameworks such as Bootstrap. It integrates multiple analytics and marketing tools including Google Analytics, Microsoft Clarity, and Plausible Analytics, all managed with appropriate cookie consent mechanisms. The site demonstrates good mobile optimization, accessibility, and SEO practices, contributing to a positive user experience. From a security perspective, the website enforces HTTPS and employs standard security headers, indicating a strong security posture. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly documented, representing areas for improvement. No critical vulnerabilities or suspicious external domains were detected. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR. The WHOIS lookup failed due to querying the 'www' subdomain instead of the base domain, but the domain is known and legitimate. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance transparency and trust.

The website 'Vakcíny a očkování' serves as a specialized Czech language portal providing comprehensive information about vaccines and vaccination practices. It targets both the general public and healthcare professionals, offering detailed articles, vaccination guides, travel vaccination advice, and a Q&A section. The site positions itself as a trusted educational resource within the healthcare sector in the Czech Republic, with a history dating back to 1999. The business model is primarily informational and educational, relying on content quality and expert guidance. From a technical perspective, the website employs a traditional tech stack including jQuery 1.12.0, Font Awesome 4.3.0, Google Analytics, and Facebook SDK for tracking and social integration. The site is mobile optimized with good navigation and SEO practices, although some technical debt is evident due to the use of outdated libraries. Performance is moderate, and accessibility is basic but functional. Security posture shows room for improvement. While HTTPS usage is implied, no explicit security headers such as CSP or HSTS were detected. The site disables copy-paste actions possibly as a content protection measure. The cookie consent mechanism is present and GDPR compliance is indicated, but no formal security or incident response policies are published. The WHOIS data is missing or inaccessible, raising concerns about domain registration legitimacy, which impacts trustworthiness. Overall, the website is a valuable resource with good content quality and user experience but requires enhancements in security practices and domain registration transparency. Strategic recommendations include implementing modern security headers, updating libraries, clarifying domain registration details, and publishing formal security policies to improve trust and compliance.

M

MEDICAL TRIBUNE CZ, s.r.o.

tribune.cz

50

MEDICAL TRIBUNE CZ, s.r.o. operates a specialized medical information portal targeting healthcare professionals in the Czech Republic. The website offers a broad range of content including news articles, specialized medical sections, educational courses, podcasts, and newsletters. The business model is subscription-based content publishing, positioning itself as a trusted source for medical professionals. The company maintains a professional and consistent brand presence with active social media channels and a clear focus on healthcare industry content. Technically, the website employs modern tracking and marketing technologies such as Google Tag Manager, Google Analytics, Facebook Pixel, and CookieYes for consent management. The site is mobile-optimized, accessible, and SEO-friendly, though no specific CMS or hosting provider was identified. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses reCAPTCHA on forms to prevent abuse. However, some security headers like Content-Security-Policy, X-Frame-Options, and X-Content-Type-Options are not explicitly present, and no published security policy or incident response contacts are found. The absence of WHOIS data reduces transparency and trustworthiness, though the website content and structure indicate a legitimate and professional operation. Overall, the website is safe, professional, and well-suited for its target audience. Strategic improvements in security header implementation, publishing security policies, and improving WHOIS transparency would enhance trust and compliance.

W

WONCA Europe

woncaeurope.org

60

WONCA Europe is a well-established academic and scientific society representing family physicians and general practitioners across Europe. The organization provides a platform for professional development, research collaboration, and advocacy through conferences, scholarships, and educational resources. Their market position is strong within the European healthcare community, supported by a network of 47 member organizations and over 120,000 physicians. The website reflects a professional and consistent brand image targeting healthcare professionals and stakeholders in family medicine. Technically, the website is built on the Punica CMS platform with Bootstrap framework and integrates Google Analytics and Tag Manager for user tracking. The site is mobile-optimized with good navigation and content quality, though performance is moderate. Security posture is adequate with HTTPS enabled and secure forms, but lacks explicit security headers and cookie consent mechanisms, which are areas for improvement. From a security and compliance perspective, the site does not expose sensitive data and maintains a professional presence, but the absence of a cookie consent banner and detailed privacy policies may impact GDPR compliance. WHOIS data is unavailable due to privacy protection or query issues, but the overall legitimacy is supported by consistent branding and clear contact information. Overall, the website is trustworthy and professionally managed, with recommendations to enhance security headers, privacy compliance, and incident response transparency to further strengthen its security posture and user trust.

The World Organization of Family Doctors (WONCA) operates a comprehensive and professionally designed website serving as a global hub for family doctors and primary care professionals. The organization represents over 500,000 family doctors worldwide and provides membership services, clinical resources, conferences, and advocacy in partnership with the World Health Organization. The website reflects a mature digital presence with clear navigation, multilingual support via Google Translate, and integration of modern web technologies such as Google Analytics and Tag Manager. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Contact information is clearly presented, enhancing trust and credibility. Overall, the site is well-positioned as a trusted resource in the healthcare non-profit sector.

H

HARPAG s.r.o.

harpag.cz

47

HARPAG s.r.o. is a Czech independent insurance broker established in 2007, providing comprehensive insurance and financial advisory services to businesses, entrepreneurs, and private individuals. The company emphasizes personalized client service, cooperation with all major insurers, and maintaining client trust through professional expertise. The website reflects a mature business with clear service offerings and client testimonials, positioning it as a trusted player in the Czech insurance market. Technically, the website uses modern frontend technologies such as Bootstrap, jQuery, and popular carousel libraries, hosted likely by WEDOS, a Czech hosting provider. The site is mobile optimized and SEO friendly but lacks some advanced accessibility features. Security posture is moderate with HTTPS usage and no visible vulnerabilities, but missing security headers and explicit incident response policies reduce the security maturity. Privacy compliance is partial, with a GDPR privacy policy document available but no cookie consent mechanism implemented. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

MH Consulting s.r.o. is a Czech-based company specializing in organizing congresses, seminars, and educational events primarily targeting healthcare professionals. The company has an established market presence since 2005, offering a portfolio of upcoming and past events with detailed information and registration capabilities. The website reflects a professional business model focused on event management services within the healthcare and education sectors. Technically, the website employs modern frontend technologies such as Bootstrap, jQuery, and FontAwesome, and integrates Google Analytics for visitor tracking. The site is mobile-optimized and provides a clear navigation structure with user account management features including login, registration, and password recovery forms. Security-wise, the site uses HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements, although it lacks explicit security headers and incident response disclosures. Overall, the website is trustworthy, with consistent WHOIS data supporting legitimacy. Recommendations include enhancing security headers and publishing formal security and incident response policies to improve security posture and compliance.

S

Sebia

sebia.com

70

Sebia is a global specialized player in the in vitro diagnostics industry, offering a broad range of diagnostic products including agarose gel electrophoresis, capillary electrophoresis, IFA, ELISA, and Alegria 2. The website targets healthcare professionals and provides detailed product information tailored to clinical needs. Technically, the site is built on WordPress with a modern tech stack including jQuery, Google Analytics, HubSpot, and Piwik PRO, indicating a mature digital infrastructure. The site is well-optimized for SEO and mobile devices, with good content quality and professional design. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and explicit privacy policies are missing. The absence of WHOIS data is a notable anomaly that slightly reduces trustworthiness but does not negate the professional appearance and business legitimacy. Overall, the site presents a credible and professional digital presence for Sebia.

A

Altium (HPST)

hpst.cz

48

The website hpst.cz represents Altium (HPST), an authorized distributor of Agilent Technologies products in the Czech Republic, specializing in analytical chemistry, molecular biology, clinical diagnostics, and laboratory consumables. The company has a well-established market presence since 1999, targeting laboratories and scientific institutions. The website is built on Drupal 10, leveraging modern web technologies including Google Tag Manager and Cookiehub for analytics and cookie consent management. The site is professionally designed with good navigation and mobile optimization, providing comprehensive product and service information. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks explicit security headers and published privacy or terms of service policies. The domain registration data is consistent and indicates a legitimate, longstanding business. Overall, the website is trustworthy and professional but could improve privacy compliance and security best practices.