Security Directory

R

Robelshoes.at

robelshoes.at

58

Robelshoes.at is an Austrian e-commerce retailer specializing in branded footwear and accessories for women, men, and children. The website offers a broad selection of products with free shipping over a certain threshold and a 30-day return policy, positioning itself as a regional player with multiple country-specific domains. The site is built on the CREATIVE shop CMS platform and integrates modern technologies such as Google reCAPTCHA, Facebook Pixel, Google Tag Manager, and Sentry for error tracking, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and anti-bot measures in place, though some security headers are missing and privacy compliance could be improved. The absence of WHOIS data due to privacy protection slightly reduces transparency but is common for e-commerce businesses. Overall, the site is professional, secure, and user-friendly, targeting consumers in Austria and neighboring countries.

R

Robelshoes.eu

robelshoes.eu

58

Robelshoes.eu is an established European e-commerce retailer specializing in branded footwear and accessories. The website targets a broad audience across multiple European countries, offering a wide selection of products from well-known brands. The business model is focused on online retail with multi-language support and a clear product categorization structure. Technically, the site is built on the CREATIVE shop CMS platform, utilizing modern web technologies including HTTPS, Google reCAPTCHA for bot protection, and Sentry for error monitoring. While the site demonstrates good design and navigation, mobile optimization is basic and could be improved. Security posture is solid with HTTPS and some security best practices, but lacks explicit security headers and cookie consent mechanisms. WHOIS data is privacy protected, which is common for e-commerce but limits transparency. Overall, the site is professional and trustworthy with moderate risk.

R

Robelshoes.hu

robelshoes.hu

52

Robelshoes.hu is a Hungarian e-commerce retailer specializing in branded footwear and accessories, offering a wide range of quality shoes from world-renowned brands. The website targets general consumers seeking convenient online shopping with home delivery. The platform is part of a multi-country network with sister sites serving neighboring markets. Technically, the site uses a proprietary CMS (CREATIVE shop), integrates modern tracking and analytics tools such as Facebook Pixel, Google Tag Manager, and Sentry for error monitoring. Security measures include HTTPS, CSRF tokens, and Google reCAPTCHA, indicating a mature security posture. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the website is professional, trustworthy, and well-optimized for SEO and user experience, with moderate performance and good mobile optimization.

P

Primetta

primetta.de

44

Primetta is a German retail company specializing in eyewear products including sunglasses and reading aids, with a heritage dating back to 1928. The website presents a professional and consistent brand image targeting general consumers interested in stylish and functional eyewear solutions. The technical infrastructure is based on WordPress CMS with a custom theme, showing moderate performance and basic mobile optimization. Security posture is limited with no detected security headers or explicit privacy and cookie policies, indicating room for improvement in compliance and protection. Overall, the website is functional and trustworthy but would benefit from enhanced security and privacy measures to align with modern standards.

U

uvex laservision

uvex-laservision.de

59

uvex laservision is a German-based manufacturer specializing in the development, production, and distribution of laser protection products, serving industrial and medical sectors. The company positions itself as a global leader in laser safety equipment, offering a range of products accessible via an online shop. The website is professionally designed, primarily in German with English language support, and targets professionals requiring laser safety solutions. Technically, the site leverages modern web technologies including Shopware CMS, Amazon Cloudfront CDN, Google Tag Manager, and Usercentrics for cookie consent, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place; however, the absence of explicit security headers and published security policies suggests room for improvement. WHOIS data confirms domain legitimacy with consistent registration and authoritative nameservers. Overall, the site is trustworthy and professionally maintained but could enhance transparency by publishing privacy policies and security disclosures.

F

Formulayt

gatedcontent.com

64

Formulayt is an enterprise-focused SaaS platform specializing in scalable web form management and compliance for marketing operations teams. The company offers a solution that enables rapid deployment, governance, and updating of web forms integrated with major marketing automation platforms. The website presents a professional and polished digital presence with strong branding and customer trust signals, including testimonials and logos of reputable clients. Technically, the site is built on WordPress with modern performance and analytics tools, hosted with Cloudflare DNS and registrar services. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is partially addressed via a detailed cookie consent banner, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the domain registration is consistent with the business timeline and shows no suspicious patterns.

I

Influ2 | Contact-Level Advertising

influ2.com

73

Influ2 operates as a technology company specializing in contact-level advertising, offering a SaaS platform that enables highly targeted advertising campaigns for B2B marketers. The website presents a professional and modern design, integrating multiple marketing and analytics tools such as HubSpot, Google Analytics, Microsoft Clarity, and Hotjar, indicating a mature digital marketing infrastructure. However, the absence of WHOIS data raises concerns about the domain's registration legitimacy, which should be verified to ensure trustworthiness. Security posture is moderate with no visible critical vulnerabilities, but the lack of explicit privacy and cookie policies suggests compliance gaps. Overall, the website is functional and business-oriented but would benefit from enhanced transparency and security best practices.

Fingerprint is a technology company specializing in device intelligence and visitor identification across web and mobile platforms. Their platform offers industry-leading accuracy in identifying visitors, including anonymous users, positioning them as a key player in the device intelligence market. The website reflects a modern, professional digital presence built on Gatsby and hosted likely on AWS infrastructure, optimized for performance and mobile responsiveness. Security posture is generally good with HTTPS enabled and domain protections in place, though explicit security headers and policies are not evident. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the site is trustworthy and professional but would benefit from enhanced transparency around privacy and security policies.

The website reklamkaplzen.cz is a newly registered domain (created July 2024) currently serving as a parked domain with minimal content. It primarily displays a message indicating the domain is for sale, targeting potential domain buyers or investors. There is no substantive business content, contact information, or privacy and security policies present. The technical infrastructure relies on parkingcrew.net nameservers and includes advertising scripts from third-party ad networks. The site lacks HTTPS and security headers, which negatively impacts its security posture and trustworthiness. Overall, the website is not operational as a business site and serves only as a placeholder for domain sale purposes.

J

JSNŠ

jsns.cz

59

The website www.jsns.cz represents an educational initiative named Jeden svět na školách (JSNS), focused on providing free and legal documentary film screenings for schools in the Czech Republic. The platform supports educators by offering activities and projects to enrich teaching. The site targets schools and educators, positioning itself as a niche non-profit educational content provider. Technically, the website employs modern web technologies including Google Tag Manager, Cookiebot for consent management, Leaflet.js for mapping, and standard web libraries such as Font Awesome and Select2. The site is mobile optimized and demonstrates good SEO and accessibility basics. Security-wise, HTTPS is enforced with appropriate security headers, and no vulnerabilities or exposed sensitive data were detected. Cookie consent mechanisms are implemented, indicating GDPR awareness, although no explicit privacy policy or terms of service pages were found in the provided content. WHOIS data is unavailable, which reduces transparency and trustworthiness from a domain registration perspective. Overall, the website is professionally designed, secure, and serves a clear educational purpose, but would benefit from enhanced privacy disclosures and contact information to improve compliance and trust.

U

U2P

u2p-france.fr

46

U2P is a French non-profit organization representing small and medium-sized enterprises in artisanat, commerce, and liberal professions. It serves as a key advocacy body for proximity businesses in France, providing information, events, and publications to support its members. The website reflects a mature digital presence with modern technologies such as Remix framework, Google Tag Manager, and Plausible Analytics, combined with a cookie consent mechanism ensuring GDPR compliance. Security posture is good with HTTPS and standard best practices, though explicit security policies and incident response contacts are not publicly available. Overall, the website is professional, trustworthy, and well-positioned to serve its target audience effectively.

K

Kendesign

kenban.de

28

Kenban.de is a German-language web platform providing project management and task board services under the branding 'Kendesign'. The site offers user login functionality including username/password and Google OAuth authentication. The platform appears targeted at business users and project teams seeking task and time management tools. Technically, the site uses a PHP-based backend with JavaScript libraries such as FullCalendar and Gantt chart plugins, hosted on infrastructure using DomainControl nameservers. The website is mobile optimized and employs HTTPS with CSRF protection on forms, but lacks some modern security headers and cookie consent mechanisms. Privacy and cookie policies are linked externally on kendesign.de, indicating basic GDPR compliance. Overall, the site is professionally designed with consistent branding and moderate trust indicators, but SEO is limited due to noindex directives.

A

Alfred Kärcher GmbH & Co. KG

karcher.cz

10

Kärcher Česká republika operates as the official Czech branch of Alfred Kärcher GmbH & Co. KG, a leading global manufacturer and retailer of cleaning technology for both household and professional markets. The website offers a comprehensive catalog of cleaning products including window vacuums, steam cleaners, floor washers, vacuum cleaners, and pressure washers, supported by services such as repair, warranty extensions, and rental of professional equipment. The company holds a strong market position in the Czech Republic as a trusted brand with extensive product and service offerings tailored to both consumers and professionals. Technically, the website employs a modern technology stack including Bootstrap for responsive design, Adobe Dynamic Tag Management for analytics and marketing tag control, and OneTrust for GDPR-compliant cookie consent management. The site is mobile-optimized, accessible, and SEO-friendly, with structured data enhancing search engine understanding. Performance is moderate with asynchronous loading of scripts and preloading of key assets. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. Security headers are partially observed, and third-party scripts are managed via Adobe DTM. However, explicit security headers like Content-Security-Policy and incident response contacts are not clearly published, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website presents a professional, trustworthy, and compliant digital presence for Kärcher in the Czech market. The absence of WHOIS data limits domain trust assessment, but the brand consistency and compliance signals support legitimacy. Strategic recommendations include enhancing security header implementation, publishing incident response and vulnerability disclosure information, and improving transparency of contact details to strengthen trust and security posture.

O

Office de Tourisme de l'Agglomération de La Rochelle

larochelle-tourisme.com

55

The website www.nous-larochelle.fr is the official online presence of the Office de Tourisme de l'Agglomération de La Rochelle, serving as a comprehensive portal for tourism-related information, local culture, events, and sustainable initiatives in the La Rochelle region of France. It targets tourists, local residents, and visitors interested in exploring the territory through various thematic content and practical services. The business model is that of a public tourism office providing information, event ticketing, and promotion of local attractions and services. Technically, the site is built using modern web technologies including React and Next.js, hosted on Scaleway infrastructure. It demonstrates excellent performance, mobile optimization, accessibility, and SEO practices. The site uses secure HTTPS connections and implements key security headers, indicating a strong security posture. However, it lacks a publicly available security policy or incident response information. From a security and privacy perspective, the site employs privacy protection for its domain registration, which is common for public entities. It uses analytics tools such as Matomo and Google Tag Manager with moderate user tracking and includes a GDPR-compliant privacy and cookie policy with consent mechanisms. Contact information is clearly provided, including phone numbers, physical addresses, and a contact form. Overall, the website is professional, trustworthy, and well-maintained, with no signs of malicious activity or content safety concerns. Strategic recommendations include publishing a security policy, vulnerability disclosure information, and incident response contacts to further enhance trust and compliance.

O

Office de tourisme de Chalon sur Saône

achalon.com

51

The website www.achalon.com serves as the official tourism office portal for Chalon-sur-Saône, a region in Burgundy, France. It provides comprehensive tourism-related information including accommodations, restaurants, cultural events, and leisure activities. The site is multilingual (French, English, German) and features rich multimedia content such as videos and image galleries, enhancing user engagement. The business model focuses on promoting regional tourism and supporting local businesses through event promotion and visitor information services. Technically, the site is built on WordPress with a custom Woody theme and leverages modern JavaScript libraries and APIs for maps, video playback, and UI components. The site is mobile-optimized and accessible with good SEO practices. Security posture is solid with HTTPS and some best practices, though security headers could be improved. Privacy compliance is moderate with cookie consent mechanisms but lacks a clearly identified privacy policy page. WHOIS data is unavailable, raising concerns about domain registration legitimacy, which should be verified. Overall, the site is professional and trustworthy from a content and technical perspective but requires attention to domain registration and privacy documentation.

M

Maison du Tourisme Les Portes de la Champagne

lesportesdelachampagne.com

61

Maison du Tourisme Les Portes de la Champagne operates as a regional tourism office promoting the Les Portes de la Champagne area in France. The website provides information on local culture, nature activities, accommodations, restaurants, and events, targeting general tourists and visitors. The business model focuses on tourism promotion and visitor engagement through digital content and event listings. Technically, the site is built on WordPress with a custom Woody theme and uses modern JavaScript libraries such as jQuery, Leaflet, and Google Tag Manager for analytics and tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are not explicitly detected. The absence of WHOIS registration data raises concerns about domain legitimacy, but the website content and structure appear professional and trustworthy. Privacy compliance is basic, with no explicit privacy or terms of service pages found. Overall, the site is functional and credible but would benefit from enhanced transparency and domain registration verification.

B

Beaune et le Pays Beaunois Tourisme - Bourgogne

beaune-tourisme.fr

62

Beaune et le Pays Beaunois Tourisme is a regional tourism office website dedicated to promoting Beaune and the Burgundy wine region. The site offers comprehensive information on accommodations, wine tourism experiences, cultural visits, and local events, targeting tourists and visitors interested in the region. The business model focuses on destination marketing and facilitating tourism services. Technically, the website is built on WordPress with a modern tech stack including JavaScript libraries such as jQuery, Leaflet, and Google Maps API, providing a good user experience with multi-language support and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and no explicit privacy policy or security contact information is found. The absence of WHOIS registration data is a concern for domain legitimacy, but the website content and structure indicate a legitimate tourism office. Overall, the site is professional and trustworthy but would benefit from improved transparency regarding privacy and security policies.

W

World Leagues Association

worldleagues.com

52

The World Leagues Association website serves as a global representative platform for professional football leagues, fostering cooperation with political and sports bodies. The organization is well-established, with a domain registered since 2002, and presents itself professionally with a clear mission and multiple league logos. The website is built on a modern CMS (Kirby) and demonstrates good technical implementation with responsive design and SEO optimization. Security posture is adequate with HTTPS and domain transfer protection, though improvements such as enabling DNSSEC and publishing security policies are recommended. Privacy compliance is partial, with a cookie policy and consent mechanism present but no explicit privacy policy or terms of service detected. Overall, the site is trustworthy and safe, with no adult or questionable content.

B

Barum

barum-reifen.de

66

Barum is a well-established tire brand operating under the Continental umbrella, offering affordable and durable tires for passenger cars, SUVs, vans, trucks, and industrial vehicles. The website is professionally designed using Adobe Experience Manager, featuring comprehensive product information, dealer search, and customer support options. The digital infrastructure includes modern tracking and consent management tools, ensuring compliance with GDPR and cookie regulations. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though explicit security headers could be improved. The absence of WHOIS data reduces domain trustworthiness, but the brand association and website professionalism support legitimacy. Overall, the site serves its target audience effectively with good user experience and content quality.

S

SportZoo, s. r. o.

sportzoo.store

53

SportZoo, s. r. o. operates an official e-commerce website specializing in collectible sports cards and related merchandise, primarily targeting collectors and sports enthusiasts in Slovakia and neighboring countries. The website offers a variety of products including albums, boxes, and starter packs, with clear product categorization and multilingual support. The business model is retail-focused, leveraging direct online sales and marketing through digital channels. The company positions itself as a legitimate Slovak manufacturer and retailer with a consistent brand presence and customer support availability. Technically, the website is built on the Upgates e-commerce platform, utilizing modern web technologies such as Google Tag Manager, Google Analytics 4, and Facebook Pixel for marketing and analytics. The site is mobile-optimized with a responsive design and includes cookie consent mechanisms to comply with basic privacy requirements. Performance is moderate with good SEO and accessibility features, though some advanced security headers are missing. From a security perspective, the site enforces HTTPS and manages cookie consent effectively. However, it lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the legitimacy of the domain registration, matching the company’s Slovak origin and business claims. Overall, the website demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security transparency. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, and establishing formal incident response and vulnerability disclosure processes.

Wecoma Lite is a technology company offering a flexible, customizable cookie banner solution designed to help website owners comply with privacy regulations such as GDPR. The company positions itself as a provider of fast, lightweight, and fully controllable consent management tools suitable for small to enterprise-level websites. Their business model is subscription-based with transparent pricing tiers targeting different scales of website operations. The website demonstrates a modern technical infrastructure using Vue.js and Vuetify frameworks, with integration of Google Tag Manager for analytics and marketing purposes. Hosting appears to be on Azure, as inferred from CDN billing notes. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but lacks explicit security headers and published security policies. Privacy compliance is limited by the absence of visible privacy and cookie policies. Contact information is provided via email and a contact form, but no phone numbers or physical addresses are listed. Overall, the website is professional, well-designed, and trustworthy, though it could improve transparency and compliance documentation.

D

Dětský domov Liptál

ddliptal.cz

51

Dětský domov Liptál is a longstanding educational and child care institution operating under the auspices of the Zlínský kraj regional government in the Czech Republic. The organization provides residential care and educational support to children who cannot live with their parents, emphasizing a safe and nurturing environment. The website reflects this mission with clear content and a professional presentation, targeting families, children, and regional stakeholders. Technically, the site is built on the Webnode CMS platform, leveraging modern web technologies and Amazon Cloudfront CDN for hosting static assets. Google Tag Manager is used for analytics, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced, but the absence of security headers and privacy policies suggests room for improvement. The lack of WHOIS data limits domain trust verification, though the website content and regional affiliation support legitimacy. Overall, the site is functional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

G

GARVIS Solutions s.r.o.

rezervace.online

69

REENIO, operated by GARVIS Solutions s.r.o., is a Czech-based online reservation system offering a cloud-hosted SaaS platform tailored for businesses providing direct customer services such as wellness centers, sports facilities, and cultural events. The platform features flexible booking options, automated notifications, integrated online payments, and a user-friendly interface optimized for desktop and mobile devices. It holds a strong market position in the Czech Republic with a growing customer base and recognized certifications including GDPR readiness and payment provider certifications. Technically, the website employs modern web technologies including Bootstrap, Font Awesome, and cloud hosting on Microsoft Azure, ensuring fast performance and mobile responsiveness. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and secure payment integrations, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable service provider in its domain.

P

Povodňový plán České republiky

dppcr.cz

50

The website dppcr.cz serves as the official digital flood plan portal for the Czech Republic, providing comprehensive flood-related information, meteorological data, flood commission activities, and thematic maps. It targets government agencies, emergency responders, and public stakeholders involved in flood management. The site is well-structured with clear navigation and integrates links to national and European meteorological services, positioning itself as a key resource in national flood preparedness and response. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript with jQuery, and Google Fonts. It employs HTTPS and Google Analytics for tracking, though lacks advanced security headers and cookie consent mechanisms. Mobile optimization is basic but functional, and accessibility features are minimal. The hosting and domain registration are consistent with a Czech government entity, enhancing trustworthiness. From a security perspective, the site benefits from HTTPS and absence of visible vulnerabilities or sensitive data exposure. However, it lacks explicit privacy and cookie policies, security headers, and incident response contact information, which are important for compliance and user trust. The use of Google Analytics without consent mechanisms may pose privacy compliance risks under GDPR. Overall, the website is a credible and authoritative government resource with good content quality and business credibility. To improve, it should implement privacy and cookie policies with consent, enhance security headers, and provide clear contact information for security and data protection matters. These steps will strengthen compliance, user trust, and security posture.

T

TKR Jašek s.r.o.

valachnet.cz

53

TKR Jašek s.r.o. operates the VALACHNET.cz portal, providing regional telecommunications services including internet, television, telephone, mobile, and hosting primarily in the Valašsko region of the Czech Republic. The company has a long-standing presence since 1990 and targets residential and business customers within its service area. The website reflects a regional ISP with a focus on customer engagement and service announcements. Technically, the website uses a traditional tech stack with jQuery and jQuery UI libraries, serving content over HTTPS. While the site is functional and content-rich, it lacks advanced security headers and modern privacy compliance features such as a cookie consent mechanism. The site is moderately optimized for performance and accessibility but could benefit from modernization. Security posture is adequate with HTTPS enabled and no visible sensitive data exposure, but the absence of security headers and vulnerability disclosures indicates room for improvement. The lack of WHOIS data reduces domain trustworthiness, though the website content and business information appear consistent and legitimate. Overall, the site presents a trustworthy regional ISP with good business credibility but requires enhancements in security best practices and privacy compliance to align with modern standards.

G

GoPay s.r.o.

gopay.com

71

GoPay s.r.o. operates a professional payment gateway service targeting merchants and e-commerce businesses primarily in the Czech Republic and surrounding European markets. The company offers a comprehensive payment solution with over 80 features including support for Apple Pay, Google Pay, multiple currencies, and localized payment experiences in 19 languages. The website reflects a mature business with over 18,000 merchants and more than 10 years of operational history, positioning GoPay as a trusted player in the payment processing industry. Technically, the website is built with modern web technologies including HTML5 video, JavaScript, and CSS3, and integrates Google Tag Manager for analytics and marketing. The site is hosted on Amazon Web Services, indicating a robust infrastructure. The website is mobile optimized, fast loading, and includes cookie consent mechanisms compliant with GDPR, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS and PCI DSS certification is prominently displayed, indicating adherence to industry security standards. However, the absence of explicit security headers and a published security policy or incident response contact represents areas for improvement. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but the lack of WHOIS domain registration data raises concerns about domain legitimacy. Strategic recommendations include publishing a security policy, adding security headers, and clarifying domain registration details to enhance trust and security posture.

1

1C-Битрикс

b24.to

69

Bitrix24 is a comprehensive business management platform offering a wide range of tools including CRM, project management, communication, and AI-powered assistants. It targets businesses seeking integrated solutions to streamline operations and improve collaboration. The platform holds a strong market position in Russia and CIS countries, supported by a robust partner network and extensive service offerings. Technically, the website is built on the Bitrix CMS framework, leveraging modern web technologies and integrating analytics and tracking tools with GDPR compliance. Security posture is solid with HTTPS enforcement and security headers, though lacks explicit public security policies and incident response contacts. Overall, the site is professional, well-structured, and trustworthy, with minor gaps in transparency and WHOIS data availability.

W

WordPress Download Manager

wpdownloadmanager.com

48

WordPress Download Manager is a well-established WordPress plugin provider specializing in file and document management as well as digital product e-commerce solutions. The company, operating under W3 Eden, Inc., offers a comprehensive suite of features including membership management, access control, and multiple payment gateway integrations. With over 10 million downloads, it holds a strong market position within the WordPress ecosystem, targeting site owners and developers who require robust digital asset management and sales capabilities. The website is professionally designed, mobile-optimized, and provides extensive documentation and support channels, enhancing user experience and trust. Technically, the site leverages WordPress CMS with modern technologies such as Bootstrap, jQuery, and CDN hosting via Cloudfront for performance optimization. Integration with Google Analytics and payment APIs like Stripe and PayPal indicates a mature digital infrastructure. Security practices include HTTPS enforcement, password protection, and social lock features, although explicit security headers and incident response policies are not prominently documented. The security posture is solid with no evident vulnerabilities or exposed sensitive data, but the lack of WHOIS transparency for the domain raises some concerns about registration legitimacy. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. Overall, the site demonstrates a high level of professionalism and technical maturity, though improvements in domain registration transparency and security policy visibility are recommended. Strategically, the company should focus on enhancing domain registration transparency, formalizing security incident response procedures, and publishing a vulnerability disclosure policy to strengthen trust and compliance. Continuous monitoring of third-party scripts and security headers will further improve the security posture and user confidence.

A

AUMOVIO SE

aumovio.com

63

AUMOVIO SE is a technology-driven company specializing in future mobility solutions, focusing on software-defined vehicles, electric mobility, vehicle electrical/electronic architectures, safety, driver assistance, user experience, and cybersecurity. The company has a strong market position supported by a diverse portfolio of products and services and is publicly listed on the Frankfurt Stock Exchange since September 2025. The website reflects a mature digital presence with comprehensive corporate governance and investor relations information, targeting automotive industry professionals, investors, and potential employees. Technically, the website employs modern web technologies including Adobe Experience Manager components, Google Tag Manager, and consent management tools, ensuring good performance, mobile optimization, and accessibility. The site uses HTTPS and includes privacy and cookie policies with consent mechanisms, indicating compliance with GDPR and related regulations. From a security perspective, while HTTPS and consent management are in place, the absence of visible security headers and incident response information suggests room for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, though the professional site and corporate disclosures mitigate this risk. Overall, the website presents a professional, trustworthy, and well-maintained digital front for AUMOVIO SE, with recommendations to enhance security headers, publish incident response policies, and clarify domain registration details to strengthen trust and compliance.

M

Mayfield Education & Research Foundation

mayfieldfoundation.org

52

The Mayfield Education & Research Foundation is a specialized non-profit organization focused on advancing care for patients with brain and spine disorders through education and research. Established in 2011 and based in Cincinnati, Ohio, the foundation offers educational programs, supports research initiatives, and engages donors to further its mission. The website reflects a professional and consistent brand presence targeting patients, medical professionals, researchers, and donors. Technically, the website employs a modern tech stack including Bootstrap 4.3.1, jQuery, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and clear navigation, though accessibility features are basic. Hosting details are not explicit but DNS is managed via Register.com. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS and Google Tag Manager but lacks DNSSEC and visible security headers such as CSP or HSTS. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No forms or data collection fields are detected on the main page, reducing immediate risk exposure. WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced security headers, DNSSEC implementation, and explicit privacy and cookie policies to improve compliance and user trust.

B

BriberyMatters

briberymatters.com

57

BriberyMatters is a website focused on the topic of bribery, likely aiming to provide information or advocacy related to anti-bribery issues. The site is built on the Wix platform, indicating a small to medium scale digital presence with basic technical infrastructure. The website content is accessible and safe, with no adult or explicit material detected. However, the absence of WHOIS registration data raises concerns about the domain's legitimacy and ownership transparency. The site lacks critical compliance elements such as privacy and cookie policies, contact information, and security policies, which impacts its trustworthiness and business credibility. Technically, the site uses standard Wix technologies and scripts, with moderate performance and basic SEO and accessibility features. Security posture is basic with HTTPS enabled but missing advanced security headers and policies.

B

Úvodní stránka | BEST

bestvisio.cz

65

BESTVISIO.cz is a Czech Republic based small business specializing in providing innovative digital tools for customers to select and visualize paving and fencing products. Their offerings include online configurators for paving and fences and a virtual reality application that allows users to preview fencing options in real environments using mobile devices. The website is professionally designed with good content quality and consistent branding, targeting homeowners and customers interested in outdoor home improvement products. Technically, the site uses modern web technologies including lazy loading images, responsive CSS, and integrates Google Analytics and CookieHub for tracking and cookie consent management. Security posture is moderate with cookie consent and Google reCaptcha usage but lacks visible security headers and published privacy policies. WHOIS data is unavailable, indicating privacy protection, which slightly reduces transparency but is not uncommon for small businesses. Overall, the site is safe, user-friendly, and provides useful tools for its niche market.

Mobirise Ltd operates the Mobirise AI Website Generator, a technology platform that enables users to create professional websites easily using AI and drag-and-drop tools. The company targets a broad audience including small businesses, freelancers, bloggers, and e-commerce startups, positioning itself as a flexible and user-friendly alternative to other AI website builders. Technically, the website is built on modern frameworks like Bootstrap 5 and integrates analytics and advertising tools such as Google Tag Manager and Facebook Pixel. The security posture is solid with HTTPS and domain protections, though some headers and explicit security policies could be improved. Privacy compliance is adequate with clear privacy and terms pages, but lacks cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for SEO and mobile use.

M

Mairie de Megève

megeve-booking.com

61

The website megeve-booking.com serves as the official online booking platform for the Megève tourism office, specializing in accommodation and activity reservations in the Megève ski resort area in Haute-Savoie, France. It targets tourists and visitors seeking a seamless booking experience for hotels, chalets, and local activities. The platform is positioned as a trusted and official channel supported by the local municipality (Mairie de Megève), enhancing its credibility and market presence. Technically, the site employs modern web technologies including JavaScript frameworks, lazy loading for images, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. The platform is hosted under a stable domain registered in 2021 with a 5-year validity period. The website is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, it lacks DNSSEC and explicit security headers, and no dedicated security policy or incident response contact is published. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the security posture is solid but could be improved with additional security best practices. The overall risk assessment is low, with no signs of malicious activity or suspicious content. The site complies with GDPR requirements, providing privacy and cookie policies, and offers clear contact information. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a security.txt file to enhance transparency and trust.

B

Beetween

beetween.fr

41

Beetween is a French-based company founded in 2007 that provides a customizable online recruitment software solution (ATS) targeting recruiters and HR professionals. The website presents a professional and user-friendly platform with a clear focus on recruitment process optimization and collaboration. The company positions itself as a flexible and adaptable solution across various sectors and company sizes. Technically, the website is built on WordPress and integrates multiple marketing and analytics tools such as HubSpot, Microsoft Clarity, and Google Tag Manager, hosted by OVH. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks some security headers and published security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

L

LISIO

numanis.net

44

LISIO is a French technology company specializing in digital inclusion and responsible web solutions. Their offerings include SaaS products and consulting services aimed at making websites accessible, inclusive, and environmentally sustainable. The company targets website owners and organizations committed to responsible digital communication. The website is professionally designed, mobile-optimized, and rich in relevant content, demonstrating a strong market position within its niche. Technically, the site leverages modern JavaScript frameworks, Matomo analytics with privacy-conscious configurations, and cookie consent management via Axeptio. Hosting is provided by OVH, a reputable provider. Security posture is solid with HTTPS and privacy-respecting analytics, though the site lacks a published security policy and incident response details. Overall, the website is trustworthy, well-branded, and compliant with GDPR requirements.

S

Spin On

spin-on.fr

61

Spin On is a small, professional web agency based in Besançon, France, specializing in the creation of websites, e-commerce platforms, mobile applications, and custom software development. The company has been operating since 2013 and serves primarily local and regional businesses. Their website demonstrates a solid digital presence with a focus on GDPR compliance and user privacy, evidenced by the integration of Cookiebot for cookie consent management. The agency leverages modern web technologies and frameworks such as WordPress, Drupal, Prestashop, and Laravel to deliver tailored solutions to clients. Technically, the website employs a modern tech stack including JavaScript libraries like jQuery, TweenMax, and Rellax for enhanced user experience and performance optimizations such as lazy loading. Hosting is provided via DigitalOcean, a reputable cloud provider, ensuring reliable infrastructure. The site is mobile-optimized and SEO-friendly, although accessibility features are basic and could be improved. From a security perspective, the site uses HTTPS and implements a comprehensive cookie consent mechanism, but lacks explicit security headers and documented security policies. No vulnerabilities or exposed sensitive data were detected in the provided content. The use of Facebook Pixel and Google Analytics indicates moderate user tracking, balanced with GDPR compliance. Overall, Spin On presents a trustworthy and professional digital footprint with room for improvement in security hardening and accessibility. The domain registration data aligns well with the business profile, supporting legitimacy. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and improving accessibility compliance to strengthen trust and compliance posture.

A

Alibaba Cloud Computing (Beijing) Co., Ltd.

alidns.com

59

Alibaba Cloud Computing (Beijing) Co., Ltd. operates the alidns.com website, providing global public recursive DNS services as part of Alibaba Cloud's internet infrastructure offerings. The website positions itself as a reliable, fast, and secure DNS service provider, targeting both general internet users and enterprise customers. The business is well-established, with a domain age of over 15 years and strong brand association with Alibaba Group. Key services include public DNS resolution, cloud DNS authoritative services, and support for modern DNS security protocols such as DoH and DoT. Technically, the website employs modern JavaScript frameworks and Alibaba's proprietary analytics tools, ensuring good performance and mobile optimization. The hosting is managed by Alibaba Cloud, ensuring robust infrastructure and fast content delivery. However, the site lacks explicit privacy and cookie policies, which is a gap in compliance and user transparency. From a security perspective, the site uses HTTPS and modern tracking scripts but does not disclose security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data confirms the domain's legitimacy and consistency with the business entity. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and explicit security disclosures to improve user trust and regulatory adherence.

S

SK Slavia Praha

slavia.cz

46

SK Slavia Praha is a prominent Czech football club with a well-established online presence through its official website. The site serves as a comprehensive platform for fans and stakeholders, offering news, match schedules, ticket sales, team information, and fan engagement content. The business model revolves around sports media, merchandising, and ticketing services, targeting football enthusiasts primarily in the Czech Republic. The website reflects a professional brand image consistent with the club's reputation and partnerships.

M

MFK Karviná a.s.

mfkkarvina.cz

40

MFK Karviná a.s. operates an official website for their football club, primarily targeting local football fans and sports enthusiasts in the Czech Republic. The site provides basic information about the club, ticket sales, and news updates. The business model is focused on sports club promotion and fan engagement within the regional football league context. The website is modest in content and design, reflecting a small-sized organization with limited digital maturity. Technically, the website uses basic JavaScript and CSS with legacy character encoding (windows-1250). There is no evidence of modern CMS or advanced frameworks. Mobile optimization and accessibility are basic, and no advanced SEO or analytics tools are detected. The site lacks HTTPS, security headers, and privacy compliance mechanisms, indicating a low level of security and privacy maturity. From a security perspective, the absence of HTTPS and security headers is a significant vulnerability. No privacy policy or cookie consent mechanisms are present, which may expose the organization to GDPR compliance risks. The lack of contact information and incident response details further weakens the security posture. However, no malicious or adult content is detected, and the site is accessible without WAF or blocking mechanisms. Overall, the website presents moderate trustworthiness based on content alignment with the football club's identity but suffers from critical security and privacy shortcomings. Strategic improvements in HTTPS implementation, privacy compliance, and security best practices are recommended to enhance trust and protect user data.

F

FK Teplice, eSports.cz, s.r.o.

fkteplice.cz

37

FK Teplice is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club's activities, including news, match schedules, team rosters, fan engagement, and community initiatives such as CSR and esports. The domain has been registered since 1998, reflecting the club's longstanding history. Technically, the website employs modern web technologies including Google Analytics, Adsense, and Google Translate, hosted on Websupport infrastructure. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and rich content. Security posture is moderate with cookie consent implemented but lacks visible advanced security headers and explicit privacy or terms of service pages. No direct contact information or incident response details are provided, which could be improved to enhance trust and compliance. Overall, the website is a credible and functional digital asset for FK Teplice, serving its target audience effectively.

F

FK Pardubice

fkpardubice.cz

45

FK Pardubice is a Czech football club with an official website providing comprehensive information about the club, teams, matches, tickets, and fan engagement. The site targets fans and the local community, offering news, multimedia content, and official club details. The domain is well-established since 2011, supporting the club's legitimacy and presence in the regional sports market. Technically, the website uses modern JavaScript libraries, CSS frameworks, and tracking tools with proper consent mechanisms, hosted on a Czech provider's infrastructure. Security posture is good with HTTPS and cookie consent, though some security headers and policies could be improved. Overall, the website is professional, trustworthy, and compliant with GDPR requirements.

F

Fotbalový Klub Jablonec a.s.

fkjablonec.cz

47

FK Jablonec is a well-established Czech football club with a strong digital presence through its official website. The site serves as a comprehensive platform for fans and stakeholders, offering news, match information, player statistics, ticketing details, and a merchandise e-shop. The club maintains active engagement with its audience via multiple social media channels and partners with various sponsors and organizations, reflecting a solid market position within Czech football. The website's design is professional and consistent with the club's branding, targeting football enthusiasts and the local community. Technically, the site employs modern web technologies including JavaScript, Google Tag Manager, and custom CSS, hosted on a Czech hosting provider, ensuring moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and implements a detailed cookie consent mechanism aligned with GDPR requirements, though it lacks explicit security headers and incident response contact information. Overall, FK Jablonec's website demonstrates a mature digital infrastructure with room for enhanced security practices and transparency. Strategic recommendations include adding security headers, publishing a security.txt file, and providing clearer contact information for privacy and incident response. These improvements would strengthen the club's trustworthiness and compliance posture while maintaining its strong fan engagement and business credibility.

E

eSports.cz, s.r.o.

fkmb.cz

46

FK Mladá Boleslav operates an official website serving as the primary digital platform for the Czech football club. The site provides comprehensive information about the club's teams, match schedules, youth academy, partners, and multimedia content, targeting fans and the local community. The business model focuses on fan engagement, merchandising through an integrated fanshop, and promoting club partners. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience.

F

FC Hradec Králové, a.s.

fchk.cz

53

FC Hradec Králové, a.s. operates an official website serving as the primary digital platform for the Czech football club FC Hradec Králové. The site provides comprehensive information including match schedules, team rosters, news updates, ticketing services, and a fanshop for merchandise. The club has a strong market presence in Czech football, with a history dating back over 120 years, positioning itself as a well-established sports entity. The website targets football fans, local community members, and sports enthusiasts, offering a user-friendly and content-rich experience. Technically, the website employs modern JavaScript libraries such as GSAP and Swiper.js for animations and interactive elements, alongside Google Analytics and Facebook Pixel for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, hosted under a Czech registrar with consistent domain registration data. Cookie consent mechanisms and GDPR compliance are well implemented, reflecting a mature approach to privacy and user data protection. From a security perspective, the website enforces HTTPS and uses cookie consent categories to manage tracking scripts responsibly. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. The absence of a public security policy or incident response contact suggests room for improvement in transparency and readiness. Overall, the website demonstrates a high level of professionalism, content quality, and trustworthiness, with a strong alignment between domain registration and business identity. Strategic recommendations include enhancing security header implementation, publishing a security policy, and establishing a vulnerability disclosure process to further strengthen the security posture.

B

Bohemians Praha 1905

bohemians.cz

53

Bohemians Praha 1905 is a well-established Czech football club with a rich history dating back to 1905. The website serves as the official digital platform providing comprehensive information about the club, including news, match schedules, ticket sales, fan engagement, and merchandise. The site targets football fans and the local community, offering a professional and consistent brand experience. Technically, the website employs modern JavaScript libraries such as Swiper.js and Google reCAPTCHA, hosted behind Cloudflare for DNS and CDN services, ensuring moderate performance and good mobile optimization. Security measures include HTTPS enforcement and standard security headers, with a GDPR-compliant cookie consent mechanism and a basic privacy policy in place. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure information, which could be improved to enhance trust and compliance. Overall, the website is professional, trustworthy, and well-aligned with the club's business model and audience.

1

1.FC Slovácko, a. S.

fcslovacko.cz

53

1.FC Slovácko, a. S. is a professional football club based in the Czech Republic, operating an official website that serves as a hub for club information, match results, team rosters, and fan engagement. The website targets football fans and the local community, providing news, multimedia content, and links to social media and a fanshop. The club competes in the top Czech football league, positioning itself as a recognized sports entity in the region. The website infrastructure utilizes modern web technologies including JavaScript, Google Tag Manager, YouTube Player API, and the Nette Framework. It demonstrates good mobile optimization and responsive design, with a moderate performance profile. The site is hosted securely with HTTPS and integrates external content and partner links effectively, though some technical improvements in security headers and privacy disclosures are recommended. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and formal privacy or cookie policies, which are important for compliance and user trust. No vulnerabilities or suspicious content were detected. The absence of WHOIS data limits domain registration insights but the overall digital presence and partner ecosystem support legitimacy. Overall, the website is professional and trustworthy, with room for enhancement in privacy compliance and security best practices. Strategic improvements in these areas will strengthen user confidence and regulatory adherence.

F

FANSHOP

fanshopfcb.cz

57

The website fanshopfcb.cz operates as an e-commerce platform specializing in fan merchandise for FC Baník Ostrava, offering a variety of products including clothing, accessories, and wines. The site targets fans of the football club and general sports merchandise buyers primarily in the Czech Republic. The business model is focused on online retail with a niche market position serving regional fan communities. Technically, the website employs a mix of JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics for tracking, and uses external services like Mapy.cz API and Packeta for shipping. The platform appears to be built on a proprietary or custom CMS (likely K2). The site is mobile optimized with moderate performance and basic SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses secure login forms but lacks visible security headers and comprehensive privacy or terms of service documentation. No WHOIS data is available, which raises concerns about domain registration transparency. The site includes cookie consent mechanisms but does not provide explicit privacy policy details, impacting privacy compliance. Overall, the website presents a functional and professional e-commerce presence with room for improvement in security best practices, privacy transparency, and domain registration legitimacy. Strategic recommendations include implementing security headers, publishing privacy and terms policies, and verifying domain registration details to enhance trust and compliance.

Autoservis Kobolka is a small, local automotive repair and maintenance service provider based in Kutná Hora, Czech Republic. The company specializes in servicing vehicles from major European brands such as VW, Peugeot, Citroen, Fiat, Ford, Opel, and Alfa Romeo. Established in 1999, the business offers a comprehensive range of services including diagnostics, mechanical repairs, brake and axle work, engine and transmission overhauls, and additional services like tire service and vehicle towing. The website reflects a modest but functional online presence with clear contact information and basic service descriptions.

S

Statutární město Kladno

mestokladno.cz

52

The website mestokladno.cz serves as the official online portal for the statutory city of Kladno in the Czech Republic. It provides residents and visitors with comprehensive municipal information including news, events, administrative services, and contact details. The site is positioned as a trusted government resource with a clear focus on public service delivery and community engagement. The target audience primarily consists of local citizens and stakeholders interested in city governance and services. From a technical perspective, the website employs a proprietary CMS platform (Vismo) and integrates modern web technologies such as HTML5, CSS, JavaScript, and Google Analytics for performance monitoring. The site is mobile-optimized and accessible, with a clear navigation structure and compliance with privacy regulations including GDPR. Cookie consent mechanisms are implemented effectively, enhancing user privacy. Security-wise, the site benefits from HTTPS encryption and does not expose sensitive data or vulnerable libraries. However, it lacks explicit published security policies and incident response contacts, which are recommended for enhanced transparency and preparedness. No critical vulnerabilities or suspicious activities were detected. Overall, mestokladno.cz demonstrates a solid security posture and business credibility consistent with an official municipal website. Strategic improvements in security policy publication and incident response readiness would further strengthen its trustworthiness and compliance profile.