Security Directory

H

Hydrotour

hydrotour.sk

63

Hydrotour is a Slovak travel agency specializing in holiday packages for 2026, including last minute and first moment offers for summer and exotic destinations. The website targets Slovak-speaking travelers seeking vacation options and presents a professional and consistent brand image. The technical infrastructure leverages modern JavaScript modules, Vue.js framework, and WordPress CMS, with integrations for Google Tag Manager and Cookiebot for privacy compliance. The site demonstrates good SEO practices and mobile optimization, providing a positive user experience. Security posture is solid with HTTPS enforced and cookie consent implemented, though lacks explicit security policy and incident response information. Overall, the site is trustworthy and compliant with GDPR, with extensive use of analytics and marketing tools.

F

Forcys

forcys.com

62

Forcys is a specialized technology company focused on delivering advanced naval underwater technology solutions that enhance situational awareness and operational capabilities for naval and defense sectors. Their offerings include sensing, communications, imaging, control, and navigation technologies, supported by a strong ecosystem of technology partners. The website demonstrates a professional digital presence with clear navigation, good content quality, and GDPR-compliant privacy and cookie policies. Technically, the site is built on WordPress with modern JavaScript libraries and includes Google Analytics for visitor tracking. Security posture is adequate with HTTPS enforced and cookie consent mechanisms, but lacks explicit security headers and an incident response contact. The absence of WHOIS registration data raises concerns about domain legitimacy or recent registration, impacting overall trust. Strategic improvements in security headers, incident response transparency, and domain registration clarity are recommended.

V

Voyis

voyis.com

54

Voyis is a specialized technology company focused on developing underwater laser scanners and imaging payloads designed to enhance capabilities in remote and challenging underwater environments. Their market position is that of a niche technology provider catering to organizations involved in underwater exploration and related sectors. The website reflects a professional digital presence built on WordPress with the Divi theme and incorporates SEO best practices via Yoast SEO. The technical infrastructure is modern and moderately performant, with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and explicit security policies. Privacy compliance is weak due to the absence of privacy and cookie policies. Business credibility is supported by consistent branding and social media presence, though direct contact information is not readily available. Overall, the website is trustworthy and professional but would benefit from enhanced privacy and security disclosures.

G

Greater Birmingham Convention & Visitors Bureau

birminghamal.org

68

The Greater Birmingham Convention & Visitors Bureau operates as a regional tourism authority promoting the Greater Birmingham area in Alabama. The website serves as a comprehensive resource for tourists, event planners, and travel professionals, highlighting local communities, events, and hospitality options. The business is well established with a domain age dating back to 1999, reflecting a mature presence in the hospitality sector. Technically, the site is built on WordPress with modern SEO and tracking tools integrated, including Google Tag Manager and social media pixels, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced DNS security and published security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms, which is a significant gap given the extensive use of tracking technologies. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security transparency.

K

King Abdulaziz Center for World Culture (Ithra)

ithra.com

63

The King Abdulaziz Center for World Culture (Ithra) is a prominent cultural and educational institution in Saudi Arabia dedicated to fostering creativity, inspiration, and talent development. The website serves as a comprehensive portal for visitors, members, and the general public, offering information on programs, events, and cultural attractions. The organization holds a strong market position as a leading cultural center with government backing and a large audience reach. Technically, the website employs a modern technology stack including Concrete5 CMS, jQuery, Select2, and various analytics and tracking tools such as Google Tag Manager, TikTok Pixel, and Microsoft Clarity. The site is mobile-optimized and integrates app presence on major platforms, indicating digital maturity. Performance is moderate with good SEO and accessibility features. From a security perspective, the site uses HTTPS and implements several best practices, though explicit security headers and policies are not fully documented. No critical vulnerabilities were detected in the content analysis, but the absence of a security policy, incident response contacts, and vulnerability disclosure mechanisms suggests room for improvement. Overall, the website is professional, trustworthy, and content-rich, but the lack of WHOIS transparency and some security documentation lowers the trust score. Strategic recommendations include enhancing domain registration transparency, publishing security policies, and improving accessibility compliance.

W

Websure

websure.digital

58

Websure is a specialized website security, maintenance, and management service targeting businesses, agencies, and individuals seeking expert-led, hassle-free website management solutions. The company emphasizes proactive threat detection, seamless updates, and scalable solutions to empower business growth. Their market position is strengthened by real human support, client testimonials, and partnerships with reputable hosting providers such as WP Engine. Technically, the website is built on WordPress with modern technologies including Tailwind CSS, Swiper.js, and CookieYes for cookie consent management. SEO and mobile optimization are well implemented, contributing to a professional digital presence. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers and a dedicated security policy page are absent. Overall, the domain WHOIS data is unavailable due to TLD restrictions or privacy protection, but the website content and business operations indicate legitimacy and professionalism.

A

Alfa Laval Corporate AB

alfalaval.com

67

Alfa Laval Corporate AB operates a comprehensive and professional website focused on industrial solutions in heat transfer, separation, and fluid handling, targeting sectors such as energy, food, water, and marine industries. The company positions itself as a global leader offering sustainable and innovative solutions with a strong emphasis on service and digital tools. The website demonstrates a mature digital infrastructure utilizing modern technologies including Adobe Launch, OneTrust for cookie consent, and Azure Application Insights for analytics. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a high level of digital maturity. Security posture is strong with HTTPS enforcement, security headers, and privacy compliance mechanisms in place, although explicit security policies and incident response information are not published. The WHOIS data is unavailable or missing, which is unusual but likely due to privacy protection or registry issues, not detracting significantly from the site's legitimacy. Overall, the website reflects a trustworthy and professional enterprise with robust content and technical implementation.

A

Airspring GmbH

airspring-water.com

49

Airspring GmbH operates a professional website presenting itself as a pioneer in independent drinking water ecosystems, offering innovative products such as Airspring Fresh and Airspring Pure. The company targets environmentally conscious consumers seeking sustainable water solutions. The website is built on WordPress with WooCommerce, integrating modern SEO and marketing tools like Yoast SEO and HubSpot. The technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, though some security headers and explicit policies are missing. The absence of WHOIS registration data is a notable concern, potentially impacting trustworthiness. Overall, the site is well-designed, user-friendly, and content-rich, supporting a positive business image.

I

ITS.be

itscongress.be

46

ITS Congress is a medium-sized, professional event focused on sustainable and smart mobility in Belgium. It serves as a key networking and knowledge-sharing platform for public and private sector stakeholders in transportation. The website is built on a modern WordPress infrastructure using Elementor, providing a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration is consistent and legitimate, supporting the trustworthiness of the site.

S

Saint Louis Chess Club

saintlouischessclub.org

58

The Saint Louis Chess Club is a well-established non-profit organization founded in 2008, dedicated to promoting chess education and community engagement through tournaments, classes, and events. The website reflects a professional and consistent brand presence with a focus on accessibility and inclusivity for chess players of all ages and skill levels. Their market position is strong within the chess education and tournament hosting sector in the United States. Technically, the site is built on WordPress with modern libraries and SEO optimizations, hosted via Cloudflare, ensuring good performance and security basics such as HTTPS. However, there is room for improvement in privacy compliance and security headers. No privacy or cookie policies were detected, and no explicit contact information was found on the homepage, which could impact user trust and regulatory compliance. The site integrates Google Analytics and Ads for marketing and tracking, balanced with a good level of advertising transparency. Overall, the site is safe, professional, and trustworthy, with a moderate to high security posture but lacking some compliance documentation.

F

FSV Zwickau

fsv-zwickau.de

48

FSV Zwickau operates a professional and comprehensive website serving as the official digital presence of the German football club. The site provides extensive information on team rosters, match results, ticketing, merchandise, and fan engagement, positioning itself as a key resource for supporters and stakeholders. The business model revolves around sports entertainment, sponsorships, and community engagement, targeting football fans and local audiences. Technically, the website is built on WordPress with a modern tech stack including Divi theme, jQuery, and various plugins enhancing user experience and content management. Performance and mobile optimization are good, though accessibility could be improved. Security posture is solid with HTTPS and cookie consent mechanisms in place, but the absence of some security headers suggests room for enhancement. Privacy compliance is strong, with clear policies and GDPR adherence. Overall, the site reflects a trustworthy and professional organization with a medium-sized operational scale.

S

Stadtwerke Lutherstadt Wittenberg GmbH

stadtwerke-wittenberg.de

60

Stadtwerke Lutherstadt Wittenberg GmbH is a regional utility provider serving the Wittenberg area in Germany, offering electricity, natural gas, heat, water, and telecommunications services to over 50,000 residents. The company operates a professional and content-rich website built on TYPO3 CMS, demonstrating a mature digital presence with good mobile optimization and accessibility features. Their online customer portal and clear contact channels enhance customer engagement and service delivery. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and certifications such as ISO and TSM, although explicit security policies and incident response information are not publicly disclosed. Overall, the website reflects a trustworthy and professional utility provider with a solid regional market position.

T

TOP MUSIC

topmusic.fr

62

Top Music is a prominent independent regional radio station serving the Alsace region in France. The website offers a comprehensive digital platform featuring live radio streams, local news, podcasts, event listings, and employment opportunities, positioning itself as a key media outlet for local audiences. The business model relies on advertising revenue and community engagement through interactive content and social media channels. Technically, the website is built on modern web technologies including Next.js and React, with integration of Google Analytics, Tag Manager, and Adsense for analytics and monetization. Media content is hosted on Amazon S3, ensuring scalable delivery. The site is mobile optimized and demonstrates good SEO and accessibility practices, although some accessibility features could be enhanced. From a security perspective, the site enforces HTTPS and implements standard security headers, contributing to a strong security posture. No critical vulnerabilities or exposed sensitive data were detected. Privacy and cookie policies are present and appear GDPR compliant, supporting user data protection and transparency. Overall, the website is professionally maintained with consistent branding and trustworthy content. The absence of public WHOIS data suggests privacy protection for domain registration, which is common and justified for media entities. The site is safe for general audiences and does not contain adult or explicit content.

G

GEZIM Intérim

gezim.fr

35

GEZIM Intérim is a well-established employment agency founded in 1971, operating primarily in the Grand Est region of France, including Alsace, Lorraine, Luxembourg, and Germany. It offers interim, fixed-term (CDD), and permanent (CDI) employment services, supported by a network of 25 agencies and over 120 collaborators. The company is part of the larger Groupe Interaction, which enhances its market position and service offerings. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content for both job seekers and employers. Technical infrastructure is based on WordPress with modern plugins and frameworks, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers could be improved. Privacy and cookie policies are present and GDPR compliant, but no explicit security policy or incident response information is found. WHOIS data is unavailable, which slightly reduces trust but the overall business credibility remains high due to consistent branding and group affiliation.

T

termin-direkt

termin-direkt.de

59

termin-direkt.de operates as a German-based SaaS platform specializing in online appointment booking and calendar management tailored for various industries including fitness, healthcare, coaching, beauty, education, and veterinary services. The platform offers automated reminders, multi-employee scheduling, and customizable booking interfaces, positioning itself as a mature and trusted solution with a significant monthly appointment volume and a broad customer base. The website is professionally designed, content-rich, and provides clear navigation and multi-language support, enhancing user experience and accessibility. Technically, the website leverages modern JavaScript libraries such as Swiper.js, integrates Google Analytics and Facebook Pixel for marketing and analytics, and is hosted on Amazon AWS infrastructure. The site is mobile-optimized and demonstrates good SEO practices. Security-wise, the site enforces HTTPS, complies with GDPR, and implements a cookie consent mechanism, though it lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or suspicious content were detected. Overall, termin-direkt.de presents a low-risk profile with strong business credibility and privacy compliance. The absence of a formal security policy and vulnerability disclosure channel represents an area for improvement. The domain WHOIS data aligns well with the website's claims, reinforcing legitimacy. Strategic recommendations include enhancing security headers, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen trust and security posture.

M

meettle GmbH

miracode.io

45

MIRAcode, operated by meetle GmbH, is a specialized technology service provider focusing on consulting and production of interactive applications, leveraging gamification and modern digital technologies such as AR, VR, and game engines like Unreal and Unity. The company targets businesses and organizations seeking innovative digital solutions to enhance engagement and learning experiences. The website demonstrates a professional and consistent brand presence with a clear portfolio of projects and services, indicating a niche market position in gaming technology solutions. Technically, the website is built on WordPress with Elementor, utilizing modern web technologies and frameworks. The infrastructure appears stable with moderate performance and good mobile optimization. However, there is room for improvement in accessibility and SEO features. The hosting provider is not explicitly stated but DNS records indicate Microsoft Online services. From a security perspective, the site uses HTTPS with a valid SSL certificate, but lacks DNSSEC and security headers, which are recommended to enhance protection. No explicit privacy, cookie, or security policies are published, and no incident response or vulnerability disclosure information is available, indicating gaps in compliance and transparency. The WHOIS data is consistent and supports the legitimacy of the domain and business. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, security best practices, and clearer contact and policy information to improve user trust and regulatory adherence.

O

Open Source Initiative

opensource.org

63

The Open Source Initiative (OSI) is a well-established nonprofit organization dedicated to advocating for and educating about open source software and licensing. Founded in 1998, OSI serves as a global steward of the Open Source Definition and supports a healthy ecosystem through programs, events, and community engagement. The website reflects a mature digital presence with professional design, clear navigation, and rich content including testimonials and partner logos. Technically, the site is built on WordPress with modern front-end libraries and uses Cloudflare DNS services. Security posture is good with HTTPS enforced and clientTransferProhibited domain status, though DNSSEC is not enabled and no explicit security.txt or incident response information is found. Privacy compliance is supported by a cookie consent banner, but no explicit privacy policy or terms of service pages were detected in the provided content. Overall, OSI demonstrates high business credibility and trustworthiness with a strong focus on open source advocacy.

S

Sportovní oblečení, obuv a doplňky | Skibikecentrum

skibikecentrum.cz

57

Skibikecentrum.cz is an established e-commerce retailer specializing in sports clothing, footwear, and accessories, offering a wide range of over 17,000 products primarily targeting customers in the Czech Republic. The website demonstrates a professional design with good navigation and mobile optimization, leveraging modern web technologies such as Google Tag Manager, Facebook Pixel, and various JavaScript libraries to enhance user experience and marketing capabilities. However, the absence of WHOIS registration data and lack of visible privacy and terms of service pages present concerns regarding transparency and compliance. Security posture is moderate with HTTPS enabled but lacking comprehensive security headers and explicit incident response information. Overall, the site appears legitimate and functional but would benefit from improved compliance documentation and security best practices.

O

OnAudience Ltd

onaudience.com

57

OnAudience Ltd is a global data provider specializing in high-quality audience and raw data solutions for digital marketing and business intelligence. Established in 2015 and operating under the parent company Cloud Technologies, OnAudience serves a broad target audience including marketers, agencies, data science teams, and publishers. The company emphasizes privacy-safe, GDPR-compliant data services with a global reach across 200+ markets. Their offerings include AI-powered audiences, data enrichment, alternative data, and cookieless solutions, positioning them as a trusted partner in the AdTech industry. Technically, the website is built on WordPress with modern integrations such as Google Tag Manager, Google Analytics, and Google reCAPTCHA Enterprise for security and analytics. The site demonstrates good performance, mobile optimization, accessibility, and SEO practices. Hosting is managed via home.pl DNS servers, and the site uses HTTPS with a secure SSL configuration. From a security perspective, OnAudience employs best practices including HTTPS, cookie consent management, and bot protection. While explicit security headers were not detected in the HTML content, the overall posture is strong with no visible vulnerabilities or exposed sensitive data. The domain registration is consistent and transparent, enhancing trustworthiness. Overall, OnAudience presents a professional, secure, and privacy-conscious digital presence with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and maintaining rigorous privacy compliance to sustain trust and market position.

RWE AG operates a comprehensive transparency platform providing detailed real-time data on electricity generation from its power plants across multiple countries, primarily Germany, the Netherlands, the UK, and the USA. The website serves as a free resource for the public and market participants, showcasing RWE's commitment to transparency and compliance with European energy market regulations. The platform uses modern web technologies including Angular and integrates consent management tools to ensure GDPR compliance. While the site is professionally designed and content-rich, the absence of WHOIS registration data for the domain raises questions about domain legitimacy, although the content and branding strongly align with RWE AG's corporate identity. Security posture is generally strong with HTTPS and consent mechanisms, but could be improved with explicit security headers and incident response information. Overall, the site is a valuable resource with moderate risk due to domain registration opacity.

O

Offshore Wind Growth Partnership

owgp.org.uk

58

The Offshore Wind Growth Partnership (OWGP) is a UK-based non-profit organisation dedicated to accelerating the development of the offshore wind supply chain. Founded in 2019, OWGP provides funding and structured business support to UK companies, helping them grow, improve productivity, and compete globally in the offshore wind sector. The organisation also serves as the Industrial Growth Plan Delivery Body, aligning its initiatives with national priorities to support net zero and energy security goals. The website reflects a professional and consistent brand presence with clear messaging targeted at businesses involved or interested in offshore wind supply chain development. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site is hosted by GoDaddy and uses HTTPS with good SSL configuration. While the site performs moderately well and is mobile optimized, there is room for improvement in accessibility and security headers. No blocking WAF or security challenges were detected, allowing full content access. From a security perspective, the site employs HTTPS and secure forms but lacks visible security headers and explicit privacy or cookie policies, which are important for GDPR compliance and user trust. There is no evidence of incident response or vulnerability disclosure mechanisms, which could be enhanced to improve security posture. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a trustworthy and professional front for OWGP, with strong business credibility and good technical foundations. Strategic improvements in privacy compliance, security headers, and incident response transparency would further strengthen the site's security posture and user trust.

N

NBank

nbank.de

67

NBank is the official investment and development bank of the German state of Niedersachsen, providing a broad range of funding programs, consulting, and support services to individuals, companies, municipalities, and institutions within the region. The website reflects a strong government affiliation with clear communication of its mission to foster growth and quality of life in Niedersachsen. The digital infrastructure is modern and well-implemented, featuring responsive design, accessibility considerations, and integration with consent management and analytics tools. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though explicit security policies and incident response information are not publicly disclosed. Overall, the website presents a trustworthy and professional front for a large government entity.

Educational Testing Service (ETS) is a globally recognized non-profit organization specializing in educational testing and talent solutions. The company provides a broad range of assessments and measurement services aimed at enabling lifelong learners to be future ready. ETS holds a leading market position in the education sector, serving educators, institutions, and test takers worldwide. Their website reflects a professional and comprehensive digital presence with clear branding and targeted content for their audience. Technically, the ETS website leverages modern technologies including Adobe Experience Manager as its CMS, Adobe Target for personalization, Google Tag Manager, and Segment Analytics for data collection and marketing optimization. The site is well-optimized for mobile devices, has good accessibility features, and employs strong SEO practices. Performance is moderate, with room for further optimization. From a security perspective, the site enforces HTTPS with excellent SSL configuration and implements key security headers such as Content Security Policy and Strict-Transport-Security. Privacy compliance is robust, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, explicit security policy and incident response information are not publicly detailed, representing an area for improvement. Overall, ETS demonstrates a high level of trustworthiness and professionalism. The lack of WHOIS data is mitigated by the organization's established reputation and consistent branding. The website is safe for general audiences with no adult or questionable content. Strategic recommendations include publishing detailed security policies, incident response contacts, and a vulnerability disclosure program to further enhance security posture and transparency.

W

Westsächsische Hochschule Zwickau

techniknacht-zwickau.de

63

The website www.techniknacht-zwickau.de serves as an informational platform for the 'Lange Nacht der Technik' event organized by the Westsächsische Hochschule Zwickau. It targets technology enthusiasts, students, and the general public interested in science and technology events. The site provides event details, images, and partner information, positioning itself as a regional educational event organizer with strong academic and community ties. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery, Swiper.js, and Magnific Popup for interactive content. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, it lacks explicit security headers and publicly available security or incident response policies. No vulnerabilities or exposed sensitive data were found. The WHOIS data aligns well with the institution, indicating high legitimacy. Overall, the website presents a low-risk profile with good content quality and privacy compliance. Strategic improvements in security headers, incident response transparency, and accessibility could further enhance its posture and trustworthiness.

T

Tricore Technical Services

tricore-ts.com

51

Tricore Technical Services is a UK-based company specializing in manpower solutions, installation, and maintenance services primarily for the renewable energy and oil & gas sectors. With over 25 years of industry experience, they position themselves as a market leader offering advanced digital project management tools and virtual reality training solutions. Their client base includes prestigious organizations, and they emphasize safety, innovation, and on-time delivery. The website is professionally designed using WordPress and Elementor, integrating modern marketing and analytics tools such as HubSpot and Microsoft Clarity. The site is mobile-optimized and SEO-friendly, providing a good user experience. However, the domain is very new and recently expired, which raises concerns about continuity and security. No explicit privacy policy or terms of service are found, though a comprehensive cookie consent mechanism is implemented. Contact information is primarily via a contact form, with no direct emails or phone numbers visible on the homepage. Security posture is generally good with HTTPS enabled, but improvements are recommended including domain renewal, DNSSEC activation, and publishing security policies. Overall, the website reflects a credible and professional business but requires attention to domain management and privacy compliance to enhance trust and security.

E

ERTICO

ertico.com

56

ERTICO is a well-established European partnership organization specializing in Intelligent Transport Systems (ITS) and smart mobility innovation. The website reflects a mature digital presence with a focus on collaboration, European projects, and industry events. The technical infrastructure is based on Drupal CMS with modern libraries such as Swiper.js and Matomo analytics, indicating a balanced approach to performance and privacy. Security posture is generally good with HTTPS enabled and domain registration protections in place, though improvements are recommended in security headers and explicit security policies. Privacy compliance is partially addressed through cookie consent mechanisms but lacks a visible privacy policy and terms of service. Overall, the website is professional, trustworthy, and safe for general audiences.

E

ERTICO - ITS Europe

itsworldcongress.com

54

The ITS World Congress Birmingham 2027 website represents a major international event organized by ERTICO - ITS Europe, focusing on intelligent transport systems and mobility innovation. The event targets a global audience of industry experts, exhibitors, and partners, offering extensive networking, exhibition, and knowledge-sharing opportunities. The website is professionally designed with clear branding, comprehensive event details, and calls to action for participation and partnership. Technically, the site is built on Drupal CMS with modern JavaScript libraries such as Swiper.js and jQuery, and integrates Matomo analytics and Mailchimp for marketing and user engagement. The site is mobile optimized and accessible, with good SEO practices and a cookie consent mechanism compliant with GDPR. Security-wise, the site uses HTTPS and implements cookie consent but lacks visible security headers and explicit security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data for the subdomain is missing, which is typical for subdomains but slightly reduces trustworthiness. Overall, the site demonstrates a strong security posture with room for improvement in security headers and incident response transparency. The overall risk is low, with recommendations to enhance security headers, publish security policies, and consider a security.txt file to improve trust and compliance. The site is safe, professional, and trustworthy for its intended audience.

S

Studio SCHNEIDER

studioschneider.cz

54

Studio SCHNEIDER is a small Czech-based creative studio specializing in graphic design, web design, photography, and mobile application design. The website presents a professional image with clear service offerings targeting clients seeking creative and digital design solutions. The business operates primarily as a service provider in the creative sector with a local market focus. Technically, the website employs modern JavaScript libraries, Google Analytics, and a cookie consent mechanism, indicating a moderate level of digital maturity. However, the absence of WHOIS data and privacy policy pages suggests gaps in transparency and compliance. Security posture is moderate with no detected blocking or WAF, but lacks security headers and explicit incident response information. Overall, the website is functional and professional but would benefit from improved compliance and security practices.

E

EnVys, a.s.

envys.cz

66

EnVys, a.s. operates a community energy platform in the Czech Republic, offering long-term stable electricity prices sourced directly from local power plants. The company targets citizens, firms, and municipalities, emphasizing sustainability and compliance with ESG and Green Deal requirements. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Blazor, jQuery, Google Analytics, Microsoft Clarity, and a chatbot for enhanced user engagement. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response details are absent. WHOIS data is unavailable due to CZ NIC privacy policies, but the presence of official documents and clear contact information supports legitimacy. Overall, the site reflects a mature digital presence suitable for a medium-sized energy company.

U

Unie odběratelů

unieodberatelu.cz

60

Unie odběratelů is a Czech non-profit association dedicated to improving the energy market by advocating for consumer rights and promoting community energy solutions. The organization positions itself as a counterbalance to large energy companies and lobbies, focusing on legislative improvements and enabling access to stable, affordable energy for its members. The website reflects a small but important entity within the Czech energy sector, targeting municipalities and energy consumers interested in communal energy initiatives. Technically, the website is built on an ASP.NET Web Forms platform using older JavaScript libraries such as jQuery 1.11.0 and jQuery UI 1.10.3, alongside modern UI components like Swiper.js. The site is moderately optimized for mobile and SEO, with a good user experience and clear navigation. However, the use of outdated libraries and lack of visible security headers indicate technical debt and potential security risks. From a security perspective, the site uses HTTPS as indicated by resource URLs, but no explicit security headers were detected. The absence of privacy and cookie policies is a compliance gap, especially under GDPR regulations. No contact emails or phone numbers are publicly listed, only a contact form, which limits direct communication channels. The WHOIS data is unavailable, which reduces domain trustworthiness, though the website content and external references support its legitimacy. Overall, the site is functional and professional but would benefit from technical and compliance improvements to enhance security posture and user trust. Strategic recommendations include updating JavaScript libraries, implementing security headers, publishing privacy and cookie policies, and improving transparency of contact information.

S

SFORP Energie s.r.o.

sforp.cz

59

SFORP Energie s.r.o. is a Czech energy consulting company specializing in helping households, businesses, and municipalities optimize their energy costs through expert advice, contract negotiation, and tariff selection. The company positions itself as an independent advisor with over 11 years of experience and a strong client base. The website is professionally designed with clear navigation, detailed case studies, and multiple contact options, including a contact form and direct phone line. Technically, the site uses ASP.NET Web Forms with jQuery and Swiper.js for UI components, delivering a responsive and user-friendly experience. Security posture is good with HTTPS enforced and secure form handling, though improvements are recommended in security headers and updating legacy libraries. Privacy compliance is partially met with a privacy policy present but lacking cookie consent mechanisms. WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and contact details support legitimacy. Overall, the site is a solid digital presence for a small energy consulting firm with room for technical and compliance enhancements.

P

P6PA+Architects

p6pa.com

41

P6PA+Architects is a premium architecture studio with a global outlook and local presence, notably in Prague and New York. The company offers architectural design and consulting services, targeting clients seeking high-quality architectural solutions. The website presents a professional portfolio and branding consistent with a niche premium service provider in the real estate sector. Technically, the site uses a combination of legacy and modern web technologies including jQuery, Google Maps API, and Swiper.js, with integration of Google Tag Manager and Facebook Pixel for analytics and marketing purposes. While the site is accessible and well-structured, it lacks visible privacy and cookie policies, explicit contact information, and WHOIS registration data, which raises concerns about transparency and compliance. Security posture is moderate with HTTPS usage implied but no security headers detected in the provided data. Overall, the site is functional and professional but would benefit from enhanced compliance and security practices.

J

JumpArena Tábor

jumparenatabor.cz

40

Jump aréna Tábor is a small, family-oriented trampoline park and activity center located in Tábor, Czech Republic. The business offers a variety of services including a large trampoline arena, a play town for young children, birthday party hosting, parkour courses, and teambuilding events. The website reflects a local leisure and entertainment business targeting families and children, with a focus on active recreation and community engagement. The company maintains an active social media presence and provides clear contact information, enhancing its accessibility and customer engagement. Technically, the website is built on ASP.NET Web Forms and uses a mix of older and modern front-end technologies such as jQuery 1.11.0, jQuery UI, Font Awesome, and Swiper.js. The site is mobile-optimized and has a moderate performance profile. However, the use of outdated JavaScript libraries introduces potential security risks. The site lacks explicit privacy and cookie policies, which is a compliance concern, especially under GDPR regulations. From a security perspective, the website uses HTTPS and includes Google Tag Manager and Google Analytics for tracking. No advanced security headers were detected, and the WHOIS data for the domain is unavailable, which reduces trustworthiness. There are no visible vulnerabilities in the content, but the outdated libraries and missing security policies suggest room for improvement. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

S

Stratmann s.r.o.

stratmann.cz

43

Stratmann s.r.o. is a Czech Republic-based transportation company specializing in road freight services, particularly the transport of liquid substrates and hazardous materials compliant with ADR regulations. Founded in 2001 and part of the international WTK Heinrich Stratmann GmbH group, the company offers a range of services including cistern transport, bulk material transport, and combined transport solutions. Their fleet exceeds 30 vehicles, and they emphasize quality and safety, holding ISO 9001 certification since 2005. The website reflects a professional business presence with clear service descriptions and contact information. Technically, the website employs a traditional tech stack with jQuery, jQuery UI, Swiper.js, and Font Awesome, hosted on HTTPS with responsive design. While the site is functional and user-friendly, it lacks modern security headers and explicit privacy and terms of service pages, which are areas for improvement. No advanced analytics or tracking scripts were detected, indicating a privacy-conscious approach. Security posture is moderate; HTTPS is enforced, and no sensitive data is exposed, but the absence of security headers and incomplete privacy documentation reduce the overall security maturity. The missing WHOIS data is a concern for domain transparency and trust but does not directly impact the business legitimacy as presented. Overall, Stratmann s.r.o. presents a credible and professional business with a solid market position in specialized transportation. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and verifying domain registration details to improve trust and compliance.

H

Hodinářství a Zlatnictví Tomáš Vyskočil - TOVYS

tovys.cz

52

Tovys.cz is a Czech Republic-based retailer specializing in watches and jewelry, operating since 1996 with a physical store in Jihlava and an online e-commerce platform. The company offers a wide range of products from over 55 global brands, including luxury and smart watches, complemented by watchmaking and goldsmith services. The website demonstrates a mature digital presence with modern technologies such as jQuery, Swiper.js, and integration of Google Analytics and Facebook Pixel for marketing and analytics purposes. Privacy compliance is well addressed with detailed GDPR policies and cookie consent mechanisms. Security posture is generally good with HTTPS and consent management, though improvements in security headers and incident response documentation are recommended. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and comprehensive contact information support business credibility. Overall, the site is well-structured, user-friendly, and trustworthy for its target audience.

P

PRVNÍ CHODSKÁ eshop

chodska.cz

59

PRVNÍ CHODSKÁ eshop operates a professional e-commerce platform specializing in construction materials such as roofing, windows, insulation, gutters, wood assortments, pergolas, and facades. The company serves a regional market in the Czech Republic with multiple physical branches, targeting construction professionals and retail customers. The website demonstrates a solid market position as a supplier with a broad product range and local availability through its branch network. Technically, the site uses a modern JavaScript stack including jQuery, Swiper.js, and integrates multiple analytics and tracking tools such as Google Analytics, Microsoft Clarity, Hotjar, and Facebook Pixel, managed via Google Tag Manager. The platform appears to be built on a proprietary or custom e-commerce CMS (K2 eShop). Security posture is adequate with enforced HTTPS and error monitoring, but lacks some security headers and published security policies. Privacy compliance is basic with a cookie consent mechanism but no visible privacy policy page. Overall, the site is professional and trustworthy but would benefit from enhanced transparency and security practices.

N

Nadace fotbalových internacionálů

fotbal-nadacefi.cz

41

Nadace fotbalových internacionálů is a Czech non-profit foundation dedicated to supporting former football representatives who contributed to the national football legacy. The foundation focuses on repaying historical debts and providing social and health support to retired players. The website reflects a well-established organization with a clear mission, supported by reputable football clubs and corporate partners. Technically, the site uses legacy ASP.NET Web Forms technology with common JavaScript libraries such as jQuery and Swiper.js, and integrates Google Analytics for visitor tracking. The site is mobile responsive and well-structured, though some technical components like outdated jQuery versions and missing security headers indicate room for improvement. Security posture is moderate with HTTPS enabled but lacking advanced headers and privacy compliance features. The absence of WHOIS data reduces domain trustworthiness, but the content and partner ecosystem support legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and privacy compliance measures.

H

Huawei

5gvcesku.cz

47

The website www.5gvcesku.cz serves as an informational and promotional platform focused on 5G technology deployment and benefits in the Czech Republic, prominently featuring Huawei as a global leader in 5G technology. It targets businesses, technology stakeholders, and the general public interested in the technological advancement and economic impact of 5G. The site provides educational content, news, and resources related to 5G, emphasizing security and innovation. Technically, the website employs a traditional web stack with jQuery, jQuery UI, Swiper.js for UI components, Google Fonts, and Google Tag Manager for analytics. The site is served over HTTPS with embedded YouTube videos and external resources loaded from trusted domains. While the site is mobile-optimized and has good navigation clarity, some libraries are outdated, and there is a lack of advanced security headers. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and does not provide privacy or cookie policies, which are important for GDPR compliance. No WHOIS data is available, which slightly reduces trustworthiness, though the professional presentation and Huawei branding mitigate concerns. No vulnerabilities or malicious content were detected. Overall, the site is a credible and professional resource for 5G information in the Czech Republic but would benefit from enhanced privacy disclosures, updated security practices, and improved transparency regarding domain registration details.

M

Minuta CZ s.r.o.

tissot-hodinky.cz

61

The website www.tissot-hodinky.cz serves as the official online presence for Minuta CZ s.r.o., the authorized distributor of the prestigious Swiss watch brand TISSOT in the Czech Republic. It offers detailed product information, news, and authorized dealer locations, targeting watch enthusiasts and consumers in the Czech market. The site is professionally designed with good navigation and content relevance, supporting a retail business model focused on brand representation and sales. Technically, the website employs modern JavaScript libraries such as jQuery, Swiper.js, and Google Analytics for user tracking and interactive features. The site appears mobile-optimized with good SEO practices but lacks explicit CMS identification and some advanced accessibility features. Performance is moderate with room for improvement in security headers and privacy compliance. From a security perspective, the site uses HTTPS and anonymizes IP addresses in Google Analytics, but no security headers were detected in the provided data. There is no visible privacy or cookie policy, which is a compliance gap under GDPR. WHOIS data is unavailable, limiting domain legitimacy verification, though the presence of clear company contact details and social media links to official brand accounts supports trustworthiness. Overall, the website is functional and professional but would benefit from enhanced security practices, explicit privacy and cookie policies, and verification of domain registration details to improve trust and compliance posture.

O

Offshore Energy

oeec.biz

65

Offshore Energy operates a professional event website promoting the Offshore Energy Exhibition & Conference scheduled for November 2025 in Amsterdam. The business focuses on organizing and hosting a major industry event targeting energy sector professionals, exhibitors, and visitors interested in offshore energy solutions. The website provides comprehensive event information, exhibitor details, ticketing options, and networking opportunities, positioning itself as a key player in the offshore energy event market. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies including Google Analytics, Microsoft Clarity, and CookieYes for privacy compliance. The site demonstrates good SEO, accessibility, and mobile optimization, with a moderate performance profile. Security measures include HTTPS enforcement, Google reCAPTCHA, and a detailed cookie consent mechanism, although some security headers and policies are not explicitly published. The security posture is solid with no critical vulnerabilities detected in the HTML content. However, the absence of a published privacy policy, terms of service, security policy, and incident response contacts represents areas for improvement. The domain registration uses privacy protection, which is justified for this event business, and the domain age aligns with the event timeline. Overall, the website is trustworthy, professional, and compliant with cookie consent regulations but would benefit from enhanced transparency in privacy and security policies to strengthen user trust and regulatory compliance.

L

LSP Renewables

lsprenewables.com

66

LSP Renewables is a specialized recruitment agency focused on the renewable energy sector, providing talent acquisition services globally with offices in Europe, Asia, and the USA. Their offerings include permanent recruitment, contract labor hire, retained search, talent advisory, and RPO services, targeting a broad spectrum of renewable energy sectors such as offshore wind, solar, subsea, and green hydrogen. The company positions itself as a market leader with a strong emphasis on quality and client service. Technically, the website is built on modern frameworks including Next.js and React, with integrations for analytics and marketing tools like Google Tag Manager and Mailchimp. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security measures include HTTPS enforcement and standard security headers, with cookie consent mechanisms in place, indicating good privacy compliance. Security posture is strong with no evident vulnerabilities or exposed sensitive data, though the absence of a public vulnerability disclosure or incident response contact is noted. The missing WHOIS registration data is a concern but does not detract significantly from the overall legitimacy given the professional web presence and business indicators. Overall, LSP Renewables presents a credible, professional, and secure online presence suitable for its business domain. Strategic recommendations include enhancing transparency around security incident response and verifying domain registration details to strengthen trust further.

L

LERAM s.r.o.

leram.cz

47

LERAM s.r.o. is a family-owned Czech company with nearly 30 years of experience primarily in the healthcare and pharmacy sectors. The company offers a comprehensive range of services including pharmaceutical manufacturing, distribution, storage, and retail pharmacy operations. Additionally, it has diversified interests in construction and gastronomy. The website reflects a professional and consistent brand image targeting business partners and customers in healthcare. Technically, the site uses modern web technologies such as Google Tag Manager, Google reCAPTCHA v3, and Three.js, with a YII PHP framework backend inferred from form validation patterns. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Security posture is strong with HTTPS enforced and reCAPTCHA protecting forms, though HTTP security headers are not explicitly detected. WHOIS data is not publicly available, likely due to privacy protection, which is common for businesses of this size and sector. Overall, the website is trustworthy, professional, and compliant with privacy regulations.

I

International Chess Federation

fide.com

64

The International Chess Federation (FIDE) operates a comprehensive and professionally designed website serving as the official global hub for chess governance, ratings, tournaments, and news. The site leverages WordPress with Elementor and integrates multiple subdomains for specialized services such as ratings, calendar, and directory. The technical infrastructure is modern and supports good mobile responsiveness and user experience. Security posture is solid with HTTPS enforced, though some security headers are missing and no explicit incident response or vulnerability disclosure policies are found. The WHOIS data for the main domain is unavailable, which is unusual for an international organization and may warrant further verification. Overall, the site is trustworthy and authoritative in its domain, with strong branding and social media presence.

E

ERTICO - ITS Europe

itseuropeancongress.com

54

The website represents a professional and well-structured event platform for the 17th ITS European Congress 2026 in Istanbul, focusing on Intelligent Transport Systems and smart mobility. It targets industry professionals, exhibitors, speakers, and partners, providing comprehensive event information and participation opportunities. The technical infrastructure is based on Drupal CMS with modern JavaScript libraries and Matomo analytics, indicating a mature digital presence. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and published privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy, though the website content and branding suggest a legitimate business operation. Overall, the site is safe, professional, and well-optimized for users, but would benefit from enhanced transparency and security documentation.

M

mPulse

thebigknow.com

71

mPulse is a healthcare technology company specializing in digital health engagement solutions. Their product suite includes predictive analytics, omnichannel engagement, health portals, content management, and acquisition and payment tools, all designed to optimize consumer health journeys. The company positions itself as a leader in the Health Experience and Insights (HXI) category, serving over 400 healthcare organizations. The website reflects a professional and consistent brand image with a focus on delivering better health outcomes through technology. Technically, the site is built on WordPress with Elementor and uses modern web technologies including jQuery, HubSpot analytics, and Google Tag Manager. Hosting is inferred to be on AWS, providing a reliable infrastructure. Security posture is good with HTTPS enabled and HITRUST certification mentioned, but there are areas for improvement such as enabling DNSSEC and adding security headers. Privacy compliance is basic, with no explicit privacy or cookie policies detected on the homepage. Contact information is primarily via a contact form. Overall, the website is trustworthy, professional, and well-optimized for its target audience.

O

Obec Nespeky

nespeky.com

50

Obec Nespeky operates an official municipal website serving the local community of Nespeky in the Czech Republic. The site provides comprehensive information including news, official notices, event calendars, and contact details, positioning itself as a trusted local government resource. The website is well-structured, mobile-optimized, and includes accessibility certification, reflecting a commitment to inclusivity and compliance with local regulations such as GDPR. Technically, the site leverages modern JavaScript libraries like jQuery, Bootstrap, Swiper, and Leaflet for interactive maps, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS usage and cookie consent mechanisms, though it lacks explicit security headers and incident response information, which are areas for improvement. The absence of WHOIS data transparency is a notable concern, slightly diminishing trust despite the professional presentation and official nature of the site. Overall, the website is reliable and serves its governmental function effectively, with recommendations to enhance security practices and WHOIS transparency.

O

Obec Senohraby

senohraby.cz

48

Obec Senohraby operates an official municipal website serving the local community in the Central Bohemian Region of the Czech Republic. The site provides comprehensive information about the municipality, including news, cultural events, administrative contacts, and public documents. It targets residents, visitors, and local government stakeholders, positioning itself as a trusted source for community engagement and information dissemination. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Swiper.js, and Google Translate integration, ensuring mobile responsiveness and accessibility. The site is built on a CMS platform likely provided by Galileo Corporation, with moderate performance and good SEO practices. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks explicit security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS registration data is a notable concern, impacting domain trustworthiness despite the legitimate content. Overall, the website is well-structured and professional, with strong privacy compliance and clear contact information. The main risk lies in the lack of domain registration transparency, which should be addressed to enhance trust. Strategic recommendations include implementing security headers, publishing detailed security policies, and resolving WHOIS data visibility.

C

CHOPOS, s.o.

chopos.cz

58

CHOPOS, s.o. is a voluntary association of municipalities in the Benešov district of the Central Bohemian Region, Czech Republic, focused on regional development and tourism. Founded in 1999, it serves 21 municipalities and operates an Information and Coordination Center to support regional management and advisory services. The website reflects a well-structured regional government/non-profit entity with clear community focus and government funding support. Technically, the site uses modern web technologies including Google Fonts, Swiper.js for sliders, and Google reCAPTCHA for form protection. The site is mobile optimized and provides a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enabled and no obvious vulnerabilities, though security headers could be improved. No explicit security or incident response policies are published. Overall, the domain registration data aligns well with the website content and business history, indicating a trustworthy and legitimate entity.

O

Obec Čtyřkoly

ctyrkoly.cz

47

The website www.ctyrkoly.cz serves as the official online presence for the municipality of Čtyřkoly in the Czech Republic. It provides residents and visitors with timely information about local news, events, municipal office activities, waste collection schedules, and community services. The site targets local citizens and stakeholders interested in municipal governance and community engagement. The business model is typical for a government entity, focusing on information dissemination and public service rather than commercial activities. Technically, the website employs a traditional web stack including jQuery, Bootstrap 4, and Swiper.js for UI components and interactivity. The CMS appears to be a custom or regional solution (GCM CMS). The site is mobile-optimized with responsive design and accessible navigation, though accessibility features are basic. Performance is moderate, with no evident critical technical issues. From a security perspective, HTTPS is used, and a cookie consent banner is implemented, indicating some privacy compliance efforts. However, no explicit privacy policy, terms of service, or security incident response information is found. WHOIS data for the domain is unavailable, which limits the ability to fully verify domain legitimacy and trustworthiness. No security headers or advanced security practices are evident in the provided data. Overall, the website is a functional and professional municipal portal with good content quality and user experience. The main risks relate to incomplete privacy and security disclosures and the lack of domain registration transparency. Strategic improvements in these areas would enhance trust and compliance.

M

Městys Davle

mestysdavle.cz

43

Městys Davle operates as a local government entity providing official information, public notices, and community services for the town of Davle in the Czech Republic. The website serves residents and visitors with relevant municipal data, tourism information, and event updates. The site is well-structured, professionally designed, and uses modern web technologies including jQuery, Swiper, and Google reCAPTCHA to enhance user experience and security. Privacy compliance is evident through GDPR-aligned privacy and cookie policies with active consent mechanisms. Security posture is solid with HTTPS and reCAPTCHA integration, though some security headers and incident response details are absent. Overall, the domain registration data supports the legitimacy and trustworthiness of the site, reflecting a mature and credible municipal web presence.