Security Directory

R

Raccourci Interactive

cloudly.space

58

Raccourci Interactive is a well-established French digital agency specializing in e-tourism solutions, including web development and mobile application creation for tourism offices. Positioned among the top 5 e-tourism agencies in France, it operates through a group structure including subsidiaries such as Idnet Marketing and Tactyl. The website reflects a professional digital presence with a focus on tourism destinations and client references. Technically, the site uses Drupal 7 CMS combined with AngularJS and Bootstrap frameworks, integrating modern mapping and analytics technologies. Security posture is strong with HTTPS enforced and IP anonymization in analytics, though additional security headers and a formal security policy could enhance protection. Privacy compliance is supported by a cookie consent mechanism, but a dedicated privacy policy page is not clearly found. WHOIS data is missing, which slightly impacts trust but the overall business credibility remains high due to transparent contact information and social media presence.

S

Saint-Gervais Mont-Blanc

saintgervais.com

61

Saint-Gervais Mont-Blanc is an official tourism website promoting the mountain village of Saint-Gervais in Haute-Savoie, France. It offers comprehensive information about mountain activities, wellness, thermal spas, and local events, targeting tourists and visitors interested in alpine experiences. The website is professionally designed, mobile-optimized, and uses modern web technologies including WordPress, Google Tag Manager, and Leaflet maps. Security posture is good with HTTPS and cookie consent mechanisms in place, though explicit privacy and terms policies are not clearly found. The WHOIS data is missing or unavailable, which is unusual but the website content and technical setup suggest legitimacy. Overall, the site is a well-maintained digital presence for regional tourism with room for improvement in privacy transparency and contact information.

H

Havas

havas.bg

41

Havas.bg is the website of Havas, a creative agency specializing in connecting people and brands through creativity, media, and innovation. The site presents a portfolio of diverse projects for notable clients such as Vivacom, Baumit, Volkswagen, and others, indicating a strong presence in the Bulgarian advertising and media market. The business model revolves around providing creative and marketing services to corporate clients, positioning itself as a medium-sized agency with a professional digital presence. Technically, the website is built on WordPress, utilizing popular plugins like LayerSlider, Slider Revolution, and Visual Composer, along with standard web technologies such as jQuery and Google Fonts. The site is mobile-optimized and moderately performant, though some accessibility and SEO enhancements could be made. HTTPS is properly implemented, but security headers are missing, which could be improved to enhance security posture. From a security and compliance perspective, the site lacks visible privacy and cookie policies, as well as contact information for data protection or incident response, which are important for GDPR compliance and user trust. The WHOIS data is privacy-protected due to GDPR, which is justified for this business type, and no suspicious domain registration patterns were found. No WAF or blocking mechanisms were detected, and the content is safe for general audiences. Overall, the website is professional and functional but would benefit from improved privacy compliance, enhanced security headers, and clearer contact information to strengthen trust and regulatory adherence.

F

Formata v.o.s.

formata.cz

45

Formata v.o.s. is a well-established Prague-based creative studio specializing in graphic design, web design, and print production services. Founded in 1997, the company serves a diverse clientele including cultural institutions and corporate clients, offering a broad range of services from branding and visual identity to web development and marketing campaigns. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the site uses modern JavaScript libraries and frameworks such as jQuery, Nette Framework, and integrates Google Maps for location display. The hosting is inferred to be with a Czech hosting provider, supporting local business operations. Security posture is moderate; while HTTPS usage is implied and form validation is implemented, the absence of security headers and privacy policies indicates room for improvement. No WAF or blocking mechanisms were detected, allowing full content accessibility. Overall, the website demonstrates a solid business presence with good technical implementation but lacks some compliance and security best practices.

L

LOBSTER Family Restaurant

lobster-restaurant.cz

45

LOBSTER Family Restaurant is a well-established family dining restaurant located in Olomouc, Czech Republic, offering quality food made from honest ingredients in a pleasant environment. The business operates additional services including a cooking school, event hosting, and food delivery, positioning itself as a community-focused hospitality provider with over 11 years of experience. The website reflects a professional digital presence built on WordPress, integrating modern technologies such as Google Tag Manager, reCAPTCHA, and CookieYes for consent management. The site is well-structured, mobile-optimized, and provides clear navigation and relevant content for its target audience. Security posture is solid with HTTPS enforced and privacy compliance evident through detailed cookie consent and privacy policy pages. However, the absence of WHOIS data limits domain trust verification, and the lack of security headers and explicit security or incident response policies suggests areas for improvement. Overall, the website is trustworthy, user-friendly, and compliant with GDPR, serving its business goals effectively.

B

BP STAVBY Morava s.r.o.

bpstavbymorava.cz

55

BP STAVBY Morava s.r.o. is a Czech Republic based construction company specializing in specialized foundation works, monolithic concrete structures, and general building deliveries. Founded in 2016, the company serves residential, commercial, and service sectors across the Czech Republic. Their market position is that of a regional specialist with a focus on advanced foundation technologies such as CFA and rotary bored piles. The website reflects a professional business with clear service offerings and active project updates. Technically, the site is built on WordPress with modern plugins for SEO and cookie compliance, integrating Google Maps and analytics for enhanced user experience and tracking. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates good digital maturity and business credibility, supporting the company's market presence effectively.

V

VHS Olomouc, a.s.

vhs-ol.cz

45

VHS Olomouc, a.s. is a regional utility company specializing in water management services within the Olomouc district of the Czech Republic. The company manages a significant portion of the water infrastructure including water supply networks, reservoirs, springs, water treatment plants, and some sewage systems. Their services target municipalities, customers, developers, and shareholders, positioning them as a key regional player in the energy and water utility sector. The website reflects a professional and comprehensive presentation of their business, services, and customer engagement portals. Technically, the website is built on WordPress and leverages modern web technologies including HTML5, CSS3, JavaScript, jQuery, and Google Maps API for interactive features. SEO is enhanced using the Yoast SEO plugin, and the site is hosted by cesky-hosting.eu. The site demonstrates good mobile optimization and moderate performance, with clear navigation and structured content. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks some security headers and explicit published security policies or incident response information. There is no cookie consent mechanism detected, which is a minor GDPR compliance gap. No vulnerabilities or suspicious activities were identified in the analysis. Overall, VHS Olomouc, a.s. maintains a secure, professional, and user-friendly online presence that aligns well with its business operations and regional market position. Strategic improvements in security headers, privacy compliance mechanisms, and incident response transparency would further enhance their security posture and trustworthiness.

P

Pronájem kanceláře Praha

prazskekancelare.com

49

Pronájem kanceláře Praha operates a professional real estate website specializing in office rentals across Prague, offering over 500 office spaces without commission. The company targets businesses and individuals seeking affordable and flexible office solutions including coworking and virtual offices. The website is well-structured, SEO optimized, and uses modern technologies such as WordPress, Bootstrap, and Google Maps API to deliver a user-friendly experience. Contact options are comprehensive, including email, phone, and a GDPR-compliant contact form. However, WHOIS data for the domain is not publicly available, which slightly impacts transparency. Security posture is good with HTTPS and reCAPTCHA usage, but could be improved with additional security headers and explicit cookie consent mechanisms.

S

SIGMA GROUP a.s.

sigma.cz

42

SIGMA GROUP a.s. is a well-established Czech manufacturing company specializing in the development, production, sales, and servicing of pumps for domestic, garden, and industrial use. Founded in 1868, it holds a leading market position as the largest Czech manufacturer of industrial pumps. The company operates multiple subsidiaries including SIGMA PUMPY HRANICE, s.r.o. and SIGMAshop.cz, targeting both industrial clients and general consumers. The website reflects a professional and consistent brand image with clear business information and multiple contact points. Technically, the site uses standard web technologies including Google Maps API and jQuery, though the jQuery version is outdated. Security posture is moderate with HTTPS implied but lacking explicit security headers and policies. Privacy compliance is basic with a cookie consent banner but no visible privacy or terms of service pages. Overall, the site is functional, trustworthy, and suitable for its business purpose but could improve in security and compliance transparency.

U

UCED

uced.cz

70

UCED is a regional energy company operating primarily in the Czech Republic and Slovakia, providing electricity and gas sales, as well as heat and electricity production. The company maintains a broad network of offices and production sites, indicating a medium-sized enterprise with a solid market presence in the energy sector. The website is professionally designed, mobile-optimized, and provides comprehensive information about its services and branch locations. Technically, the site uses modern JavaScript technologies and Google Tag Manager for analytics and marketing, with good security practices such as HTTPS and security headers in place. However, the absence of WHOIS registration data raises concerns about domain legitimacy, though the business presence and content suggest a legitimate operation. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response contact is published. Overall, the site scores well on content quality and security posture but should improve transparency on domain registration and security governance.

U

Ubytování Na Pohodu a Vinařský Dvorek

ubytovaninapohodu.cz

42

Ubytování Na Pohodu a Vinařský Dvorek is a small hospitality business offering accommodation in Milovice, southern Moravia, Czech Republic. The website presents two accommodation options with capacity for up to 32 guests, targeting tourists interested in relaxation, cycling, and local sightseeing. The business appears locally focused with clear contact details and customer testimonials enhancing trust. Technically, the website uses a modern tech stack including jQuery, Bootstrap, Google Analytics, and Google Maps API, hosted by WEDOS. The site is mobile optimized and well structured, providing a good user experience. Security posture is moderate; HTTPS is implied but no security headers or privacy policies are present, indicating room for improvement in compliance and security best practices. Overall, the website is functional and professional but lacks formal privacy and cookie policies, which impacts GDPR compliance. The domain WHOIS data is consistent and transparent, supporting legitimacy.

T

Templum Bonum s.r.o.

cafe-mikulov.cz

60

Café Dolce Vita Mikulov is a small hospitality business operating a café located in a historic building in the center of Mikulov, Czech Republic. The business offers quality coffee, local wines, desserts, ice cream treats, and light snacks, targeting local visitors and tourists. The website reflects a well-branded and consistent digital presence with clear contact information and social media integration. Technically, the site is built on WordPress using popular plugins and themes, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and incident response information. Privacy compliance is basic, with no dedicated privacy policy or terms of service pages found. WHOIS data is unavailable due to CZ NIC privacy policies, but the website provides legitimate company registration details supporting trustworthiness.

C

Communauté de Communes Pays du Mont-Blanc

ccpmb.fr

65

The Communauté de Communes Pays du Mont-Blanc operates a regional government website serving multiple municipalities in the Mont-Blanc area of France. The website provides comprehensive information on local services including transport, environment, culture, economy, tourism, and waste management. It targets residents and visitors seeking community resources and regional updates. Technically, the site is built on WordPress with a variety of plugins and integrates Google Maps and FontAwesome for enhanced user experience. The site is hosted by OVH and uses HTTPS, ensuring secure connections. Security posture is moderate with room for improvement, notably the absence of security headers and use of an outdated jQuery version. Privacy compliance is limited due to the lack of a published privacy policy and terms of service, although a cookie consent mechanism is present. Overall, the website is professional, trustworthy, and well-branded, but would benefit from enhanced security and compliance documentation.

P

Portes du Soleil

portesdusoleil.com

63

Portes du Soleil operates a professional and content-rich website promoting a major alpine ski domain spanning 8 French and 4 Swiss ski stations. The site targets skiers and tourists seeking information on ski passes, accommodations, and live resort data. Technically, the site is built on WordPress with a modern tech stack including Google Tag Manager, Leaflet maps, and various UI libraries, delivering a good user experience with mobile optimization and SEO best practices. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks explicit privacy policies, terms of service, and security headers, which are recommended for compliance and protection. The WHOIS data is missing, which raises concerns about domain legitimacy and registration transparency. Overall, the site is trustworthy and professional but would benefit from improved transparency and security hardening.

P

Pluxee Česká republika a.s.

benefity.cz

69

Pluxee Česká republika a.s., operating the Benefity.cz platform, is a well-established provider of corporate employee benefits in the Czech Republic and Slovakia since 2003. The company offers a comprehensive suite of services including leisure benefits, meal vouchers, and additional modules to enhance employee loyalty and integrate with corporate systems. The website reflects a mature digital presence with professional design, clear navigation, and extensive client testimonials, indicating strong market positioning and customer satisfaction. Technically, the website employs modern analytics tools such as Google Analytics 4 and Google Tag Manager, integrates a real-time chat system via Daktela, and uses Google Maps API for location services. The site is mobile optimized and performs moderately well, though some accessibility features could be enhanced. Security posture is good with HTTPS enforced and no visible vulnerabilities, but could benefit from additional security headers. From a security and compliance perspective, the site provides comprehensive privacy and cookie policies with GDPR compliance, multiple contact channels, and secure form implementations. However, the absence of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness, which slightly impacts the overall risk profile. Overall, the platform presents a low-risk, professional service with strong business credibility but should address domain registration transparency to enhance trust and security assurance.

CZECH TOP 100 is a well-established Czech organization focused on ranking the most significant companies in the Czech Republic and organizing related business events such as galas, conferences, and workshops. The website reflects a professional and consistent brand presence targeting the Czech business community, industry leaders, and media. The business model appears to be that of a non-profit or association supporting Czech industry and economy through rankings and partnerships. Technically, the website uses modern web technologies including Google Tag Manager, Google Analytics, Typekit fonts, and Google Maps API. The site is mobile-optimized with good design quality and navigation clarity. Performance is moderate, and accessibility is basic. SEO optimization is present but could be improved. From a security perspective, the site enforces HTTPS and uses standard analytics scripts without exposing sensitive data. However, no security headers were detected, and privacy and cookie policies are missing, which are important for GDPR compliance. The WHOIS data is missing or unavailable, which reduces trustworthiness and raises questions about domain registration transparency. Overall, the website is safe, professional, and business-focused with moderate risk due to missing WHOIS data and privacy compliance gaps. Strategic improvements in security headers, privacy policies, and WHOIS transparency are recommended to enhance trust and compliance.

C

Company Culture Market s.r.o.

cocuma.sk

57

Cocuma is a Slovakian platform dedicated to showcasing and verifying companies with strong corporate cultures. It provides job seekers and professionals with authentic company profiles, job listings, and a culture-focused magazine. The platform emphasizes transparency and trust by conducting thorough interviews and creating original content rather than relying on PR materials. Technically, the website employs modern web technologies including Google Tag Manager, Matomo analytics, and responsive design frameworks, hosted partly on Amazon S3 for media assets. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and formal policies are absent. Overall, Cocuma presents a professional, trustworthy, and user-friendly experience with moderate tracking for analytics and marketing purposes.

K

Kaiser Permanente

kaiserpermanente.org

11

Kaiser Permanente is a leading integrated healthcare organization providing customized care and coverage to consumers primarily in the United States. The website serves as a portal for health plans, medical services, wellness resources, and member support, reflecting a mature and enterprise-level digital presence. The company is well positioned in the healthcare sector with a strong brand and comprehensive service offerings. Technically, the site leverages Adobe Experience Manager and integrates multiple advanced analytics and marketing tools, ensuring a modern, performant, and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities, although explicit security policies and incident response information could be enhanced. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

C

Cetris s.r.o.

cetrishobby.cz

62

Cetris s.r.o. operates the website www.cetrishobby.cz, promoting and selling CETRIS® HOBBY boards designed for hobbyists and small construction projects. The company targets DIY enthusiasts and gardeners in the Czech Republic, offering a niche product with detailed pricing, project ideas, and direct factory sales. The website is well-structured, visually consistent, and provides clear contact information and social media links, supporting a professional business presence. Technically, the site uses Google Analytics and Google Maps APIs, with responsive design and moderate performance. Security posture is adequate but could be improved by adding security headers and explicit privacy policies. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding suggest a legitimate business. Overall, the site is safe for general audiences and provides valuable content for its target market.

T

Tržiště Pod Kaštany

trzistepodkastany.cz

46

The website trzistepodkastany.cz represents a local marketplace called "Tržiště Pod Kaštany" located in Zlín, Czech Republic. It focuses on offering a diverse range of regional food products and hosting community events that foster direct interaction between sellers and buyers. The business model is centered around a physical and digital marketplace promoting local and healthy food options, targeting local residents and tourists. The website content is well-structured, with clear navigation and a consistent brand presence, supported by social media channels on Facebook and Instagram. From a technical perspective, the site employs a variety of modern JavaScript libraries and plugins such as jQuery, fullcalendar, select2, and Google services including reCAPTCHA and Tag Manager. The site enforces HTTPS and includes a Content-Security-Policy header, indicating a baseline security posture. Performance and mobile optimization are adequate, though accessibility features could be improved. SEO is supported by proper meta tags and Open Graph data. Security-wise, the website benefits from HTTPS and basic security headers but lacks comprehensive security policies such as privacy, cookie, or vulnerability disclosure statements. No critical vulnerabilities or exposed sensitive data were detected. The absence of privacy and cookie policies represents a compliance gap, especially under GDPR regulations. Contact information is clearly provided, enhancing business credibility. Overall, trzistepodkastany.cz is a legitimate, small-scale local marketplace website with good content quality and technical implementation. To improve security posture and compliance, it is recommended to implement privacy and cookie policies, enhance security headers, and consider a vulnerability disclosure mechanism. These steps will strengthen trust and regulatory adherence while maintaining a positive user experience.

MeetDoc is a Hungarian healthcare-focused online platform that facilitates doctor search and appointment booking primarily in major Hungarian cities. The platform offers free and instant online appointment scheduling without requiring user registration, targeting patients seeking convenient access to medical professionals. The website is modest in size and scope, with a database of approximately 175 doctors, positioning itself as a niche regional service provider in the healthcare sector. Technically, the website is built using AngularJS, an older JavaScript framework, and integrates Google Analytics and Google Tag Manager for user tracking and analytics. The site loads with moderate performance and basic mobile optimization. However, it lacks modern security headers and advanced SEO or accessibility features. The absence of privacy and cookie policies, as well as contact information, indicates gaps in compliance and user trust facilitation. From a security perspective, the website uses HTTPS and has a domain with a long registration history and locked transfer status, which supports legitimacy. Nonetheless, the lack of DNSSEC, security headers, and vulnerability disclosure mechanisms suggests room for improvement in security posture. No critical vulnerabilities or adult content were detected, and the site is safe for general audiences. Overall, MeetDoc presents a functional but basic healthcare service platform with moderate technical maturity and security posture. Strategic improvements in privacy compliance, security best practices, and user trust signals would enhance its credibility and resilience in the digital healthcare market.

T

Tropical Health and Education Trust (THET)

thet.org

70

The Tropical Health and Education Trust (THET) operates as a non-profit organization focused on supporting health workers globally through partnerships, capacity building, and policy work. The website positions THET as an established entity with a clear mission and vision to improve healthcare access worldwide. Their key services include grant management, volunteer programs, and digital transformation initiatives, targeting health workers, donors, and global health stakeholders. The organization is UK-based with a charity registration number, reinforcing its legitimacy. Technically, the website is built on WordPress with modern JavaScript libraries and integrations such as Google Tag Manager, Hotjar, and Google reCAPTCHA to enhance user experience and security. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are missing. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS and employs reCAPTCHA on forms, indicating a baseline security posture. However, the absence of visible security headers and a cookie consent mechanism suggests areas for improvement in compliance and defense-in-depth strategies. The WHOIS data is unavailable due to privacy protection or query issues, but the website's content and trust signals mitigate concerns about legitimacy. Overall, the website presents a professional, trustworthy, and content-rich platform for THET's mission. Strategic recommendations include enhancing security headers, implementing explicit cookie consent, publishing incident response policies, and improving WHOIS transparency where possible.

B

Baťa region

batuvregion.cz

59

Baťa region is a culturally focused regional tourism website dedicated to promoting the Baťa region in the Czech Republic, highlighting its architectural heritage, historical sites, and cultural landmarks. The site targets tourists and locals interested in exploring the region's unique offerings through interactive maps, curated content, and social media engagement. The business model is informational and promotional, aiming to increase awareness and visitation to the Baťa region. Technically, the website employs a modern tech stack including jQuery, Swiper.js for sliders, Google Maps API for interactive location markers, Google Tag Manager for analytics, and Google reCAPTCHA v3 for form security. The site is hosted likely by Active24, with a responsive design optimized for mobile devices and good SEO practices. Cookie consent and GDPR compliance mechanisms are implemented, reflecting a mature digital infrastructure. From a security perspective, the website uses HTTPS with good SSL configuration, integrates reCAPTCHA to prevent spam, and employs cookie consent management. However, it lacks explicit security headers like CSP and security.txt for vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. The site would benefit from enhanced security policies and incident response information. Overall, the website presents a professional and trustworthy front for regional tourism promotion with good content quality and technical implementation. The risk profile is low, with recommendations focusing on improving security headers, publishing security policies, and enhancing transparency around incident response and vulnerability disclosures.

S

Statutární město Zlín

zlin.eu

66

The website https://zlin.eu/ serves as the official online presence of the statutory city of Zlín in the Czech Republic. It provides comprehensive information about the city's administration, culture, events, public services, and citizen engagement platforms. The site targets residents, local businesses, and visitors, offering services such as an official citizen portal, public notices, event calendars, and contact information for municipal departments. The business model is that of a government entity providing transparent and accessible information and services to its constituents. Technically, the website employs a modern technology stack including jQuery, Google Analytics, Google Tag Manager, Google reCAPTCHA, OneSignal push notifications, and various UI libraries such as Slick Carousel and SweetAlert2. It is hosted by Media4web, s.r.o., a Czech hosting provider. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and structured navigation. Cookie consent and privacy policies are implemented with high confidence in GDPR compliance. From a security perspective, the site enforces HTTPS with a Content Security Policy header and uses Google reCAPTCHA to protect forms. While no critical vulnerabilities or exposed sensitive data were detected, additional security headers could enhance protection. There is no explicit security incident response or vulnerability disclosure information published, which could be improved to strengthen trust and readiness. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy regulations. It effectively serves its role as a municipal information hub with a strong digital presence. Strategic recommendations include enhancing security headers, publishing a security.txt file, and providing clear incident response contacts to further improve security posture and stakeholder confidence.

The website visitzlin.eu serves as the official tourist information portal for the city of Zlín, Czech Republic. It provides comprehensive information about the city, including cultural events, historical background, practical visitor information, and local attractions. The portal targets tourists, local residents, and visitors interested in exploring Zlín and its surroundings. The business model is a government-operated informational service aimed at promoting tourism and local culture. Technically, the site employs a custom CMS with a modern JavaScript technology stack including jQuery and various UI libraries such as Slick Carousel and FullCalendar. It integrates Google services like Maps API, Analytics, Tag Manager, and reCAPTCHA for security and tracking. The site is hosted by Media4web, s.r.o., a Czech hosting provider, and uses HTTPS with a Content-Security-Policy header, indicating a good security baseline. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CAPTCHA protection on forms. However, it lacks some additional security headers and a visible cookie consent mechanism, which are important for GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is transparent and consistent with the website's official city affiliation, supporting its legitimacy. Overall, the website is a well-maintained, regionally focused government portal with good content quality and technical implementation. It could improve privacy compliance and security posture by adding cookie consent, security policies, and additional headers. The risk level is low, with no critical issues detected.

N

Nadační fond Zikmundova vila

zikmundovavila.cz

45

Zikmundova vila is a cultural heritage site located in Zlín, Czech Republic, managed by the Nadační fond Zikmundova vila, a non-profit organization founded in 2020. The website provides rich historical and cultural information about the villa, its notable past residents, and ongoing cultural programs. It targets a broad audience including tourists, cultural enthusiasts, and the general public interested in history and architecture. The organization positions itself as a key cultural institution in the region, offering guided tours, educational events, and long-term projects supported by regional and international partners.

The website visitzlin.eu serves as the official tourist information portal for the city of Zlín, Czech Republic. It provides comprehensive information about the city, including cultural events, historical background, practical visitor information, and local attractions. The portal is operated by the city's magistrate and targets tourists, local residents, and cultural enthusiasts. It holds a strong market position as the authoritative source for tourism-related content in the region. Technically, the website employs a modern JavaScript-based tech stack including jQuery, FullCalendar, Slick Carousel, and Google Maps API. It uses HTTPS with a Content-Security-Policy header and integrates Google Analytics and reCAPTCHA for analytics and bot protection. The site is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses CSP headers, but lacks several other recommended security headers. The subscription form is protected by Google reCAPTCHA. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a cookie consent mechanism and explicit security or incident response policies indicates room for improvement in privacy compliance. Overall, the website is trustworthy, professionally maintained, and aligned with its municipal purpose. Strategic recommendations include enhancing security headers, implementing cookie consent for GDPR compliance, publishing security policies, and maintaining regular security audits to ensure ongoing protection.

O

Otrokovická BESEDA, s.r.o.

tic-otrokovice.cz

9

The website www.tic-otrokovice.cz represents a local tourist information center operated by Otrokovická BESEDA, s.r.o., providing visitors with tourist information, souvenirs, and printed materials about Otrokovice and its surroundings. The site targets tourists and local visitors, offering practical information, event news, and partnerships with regional tourism entities. The business model is focused on hospitality and community engagement, supported by local government and tourism partners. Technically, the website uses modern web technologies including Google Maps API and Swiper.js for interactive content. The site is mobile-optimized with good navigation and SEO practices. However, there is a Google Maps API loading error that affects user experience. The site uses HTTPS but lacks visible security headers, which could be improved for better security posture. From a security perspective, the site implements a cookie consent mechanism aligned with GDPR requirements, but lacks explicit privacy and terms of service pages. No WHOIS data was retrievable, which reduces domain trustworthiness. No critical vulnerabilities were detected, but improvements in security headers and fixing third-party script errors are recommended. Overall, the website is functional and professional with a good level of content quality and business credibility. The main risks relate to missing WHOIS transparency and minor technical issues affecting security and user experience. Strategic improvements in these areas would enhance trust and compliance.

T

Tropical Health and Education Trust (THET)

globalhealthpartnerships.org

70

The Tropical Health and Education Trust (THET) operates as a UK-based non-profit organization dedicated to supporting health workers globally through partnerships, grant management, policy work, and volunteer programs. The website positions THET as an established entity with a clear mission and vision focused on universal health coverage and quality healthcare access worldwide. The organization targets health professionals, donors, volunteers, and policy makers, leveraging partnerships and digital transformation to advance its goals. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, Hotjar, and Google reCAPTCHA for security and analytics. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and cookie consent mechanisms could enhance compliance and security posture. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, with no visible vulnerabilities or exposed sensitive data. However, the absence of explicit security headers and incident response information suggests room for improvement. WHOIS data is unavailable due to privacy protection, which is common and justified for non-profits, but it slightly reduces trust signals. Overall, the website is professional, trustworthy, and well-maintained, with strong content quality and business credibility. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to further strengthen compliance and user trust.

I

International Organization of Multiple Sclerosis Nurses (IOMSN)

iomsn.org

47

The International Organization of Multiple Sclerosis Nurses (IOMSN) operates as a well-established non-profit professional association dedicated to supporting nurses specializing in multiple sclerosis care. Founded in 1998 and based in the USA, the organization offers membership services, educational programs, research grants, clinical guidelines, and hosts annual events to foster professional development and advocacy in MS nursing. The website reflects a mature digital presence with comprehensive content tailored to healthcare professionals and patients alike. Technically, the website is built on WordPress 4.9.28, hosted on DigitalOcean, and utilizes common plugins such as Contact Form 7 and Revolution Slider. While the site is mobile-optimized and provides a good user experience with clear navigation and relevant content, some technical debt is evident due to outdated software versions and missing security headers. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site benefits from HTTPS and domain transfer protections but lacks DNSSEC and critical security headers like CSP and HSTS. The absence of a cookie consent mechanism and outdated platform versions pose compliance and security risks. WHOIS data confirms the domain's legitimacy and long-standing registration, aligning with the organization's profile. Overall, the website is professional and trustworthy but would benefit from technical and security updates to enhance compliance and resilience. Strategic improvements in security posture and privacy compliance are recommended to maintain trust and safeguard user data.

F

Fan Avenue

fanavenue.com

46

Fan Avenue is a French e-commerce retailer specializing in merchandising and derivative products related to music, cinema, TV series, and sports. Established since 2000, the company targets fans and collectors seeking licensed merchandise. The website is built on the PrestaShop platform, hosted by OVH sas, and integrates modern web technologies including Google Fonts, Google Maps API, and Google Tag Manager for analytics. The site is well structured with clear navigation and consistent branding, supporting a good user experience primarily for French-speaking audiences. From a technical perspective, the website employs HTTPS with a valid SSL certificate and domain status protections to prevent unauthorized domain transfers or deletions. However, DNSSEC is not enabled, and several recommended HTTP security headers are missing, which could be improved to enhance security posture. Privacy compliance is basic, with a privacy policy present but lacking explicit GDPR compliance details and no cookie consent mechanism detected. Security-wise, the site shows moderate maturity with no visible vulnerabilities or exposed sensitive data. The absence of a vulnerability disclosure policy or security contact channels indicates room for improvement in incident response readiness. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security practices to meet higher compliance standards. Strategic recommendations include enabling DNSSEC, implementing comprehensive privacy and cookie policies with consent mechanisms, adding security headers, and establishing clear incident response contacts to strengthen trust and compliance.

G

Golem Club

golemclub.sk

59

Golem Club operates the largest network of fitness centers in Slovakia, offering a wide range of wellness and fitness services including group exercises, physiotherapy, and wellness treatments. The website reflects a mature business with a strong market position and a comprehensive service portfolio targeting fitness enthusiasts across multiple Slovak cities. Technically, the site employs modern web technologies such as Google Maps API, reCAPTCHA, and FontAwesome icons, ensuring a good user experience with mobile optimization and moderate performance. Security posture is solid with HTTPS enforced and use of anti-bot measures, though some security headers and explicit incident response policies are absent. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the site is professional, trustworthy, and safe for general audiences.

S

Sinclair Corporation Ltd.

sinclair-world.com

62

Sinclair Corporation Ltd. is a medium-sized company specializing in air conditioning, heat pumps, and LED lighting products, with a presence in 28 countries. The company emphasizes quality, environmental protection, and customer comfort. Their website demonstrates a professional digital presence with modern technologies such as Bootstrap, jQuery, and Google Maps integration. The site is mobile-optimized and includes comprehensive GDPR-compliant cookie consent mechanisms. Security posture is generally good with HTTPS enforced, though the absence of explicit security headers and WHOIS data gaps suggest areas for improvement. Overall, the website reflects a credible business with solid technical infrastructure but would benefit from enhanced transparency in domain registration and security policies.

P

Prusa Research a.s.

prusa3d.com

74

Prusa Research a.s. operates a professional e-commerce platform specializing in Original Prusa 3D printers, filaments, resins, and accessories. The company is well-positioned in the manufacturing sector with a strong reputation among makers, professionals, and educational institutions. Their website reflects a mature digital presence with comprehensive product offerings, educational content, and community engagement. Technically, the site leverages modern frameworks such as Next.js and React, integrates security features like reCAPTCHA Enterprise, and maintains good performance and accessibility standards. Security posture is strong with HTTPS, security headers, and privacy compliance, although WHOIS data is not publicly available, likely due to privacy protection. Overall, the site demonstrates high professionalism and trustworthiness.

Luhačovské Zálesí, o.p.s. operates as a non-profit destination management organization promoting tourism in the Zlínsko and Luhačovicko region of the Czech Republic. The website provides comprehensive information on regional attractions, events, wellness, and cultural experiences, targeting tourists and visitors interested in this area. The organization holds recognized awards such as the EDEN European Destination of Excellence 2019, enhancing its credibility. Technically, the website employs modern web technologies including Foundation framework, jQuery, Swiper.js, Owl Carousel, and integrates Google Maps and multiple marketing and analytics tools such as Google Tag Manager and Facebook Pixel. The site is mobile-optimized with good navigation and content quality, though some security headers are not explicitly detected. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks visible advanced security headers. Privacy compliance is strong with a clear GDPR policy and cookie consent banner. No WHOIS data is available, which limits domain registration trust analysis, but the website's content and partner affiliations suggest legitimacy. Overall, the site presents a professional and trustworthy digital presence for regional tourism promotion, with recommendations to enhance security headers and verify WHOIS data for improved trust and compliance.

Gymnastika Zlín z.s. is a well-established sports club based in the Czech Republic, specializing in sport gymnastics and parkour training for children, youth, and adults. The club operates a multifunctional hall and a jump park facility, offering a wide range of courses tailored to different age groups and skill levels. It holds a strong market position as one of the largest sports clubs in the Zlín region and Czech Republic, emphasizing education, physical development, and safety in its training programs. The website reflects a professional and consistent brand image with clear course offerings and partner affiliations. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Owl Carousel, and Google Maps API, providing a good user experience with mobile optimization and clear navigation. However, there is room for improvement in accessibility and SEO optimization. The website does not appear to use any analytics or tracking services, indicating a minimal user tracking approach. From a security perspective, the site uses HTTPS but lacks visible security headers and formal privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms collecting sensitive data were detected, reducing immediate risk exposure. The WHOIS data is consistent with the business claims, showing a legitimate and appropriately aged domain. Overall, the website is safe, professional, and trustworthy but would benefit from enhanced privacy compliance, security best practices, and transparency regarding data protection and incident response.

A

Affinia

affinia.co.uk

65

Affinia is a professional accountancy firm specializing in accountancy, tax, audit, corporate finance, and payroll services primarily serving clients in London and the South East of England. The firm positions itself as a leading regional player with a comprehensive suite of business advisory services tailored to various sectors including professional services, logistics, media, recruitment, and hospitality. The website reflects a mature digital presence with strong SEO, structured data, and compliance with privacy regulations including GDPR. Technically, the site is built on WordPress with modern integrations such as Google Tag Manager, Cookiebot for consent management, and Tidio chat for customer engagement. Security posture is solid with HTTPS enforcement and appropriate security headers, though there is room for improvement in publishing explicit security policies and incident response information. The absence of WHOIS data due to a domain registration error is a notable anomaly but does not detract significantly from the overall legitimacy given the professional web presence and compliance indicators. Strategic recommendations include enhancing transparency around security policies and incident response, verifying domain registration details, and maintaining vigilance on third-party script security.

V

Vita Sana Club

vitasana.cz

43

Vita Sana Club is a well-established fitness and wellness center based in Zlín, Czech Republic, operating since 2011. The business offers a comprehensive range of services including premium fitness, group classes, wellness treatments, a medical center, children's club, and an e-commerce platform for courses and merchandise. The website reflects a modern and professional brand targeting fitness enthusiasts and wellness seekers in the region. Technically, the site is built on WordPress using the FoundationPress framework, integrating modern technologies such as Google Tag Manager, Facebook Pixel, and Google Maps API. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and use of reCAPTCHA; however, it lacks some security headers and explicit privacy and cookie policies, which are compliance gaps. Overall, the domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

A

AMCA, spol. s r. o.

amca.cz

61

AMCA, spol. s r. o. is a Czech company founded in 2005 specializing in organizing academic, medical, and cultural conferences and events. It serves a professional audience including medical professionals, researchers, and academic institutions. The company has a solid market position with a history of organizing large international congresses and offers additional services such as association management. The website is professionally designed, mobile optimized, and provides clear contact information and privacy policies, although cookie consent mechanisms could be improved. Technically, the site uses ASP.NET WebForms with common libraries like jQuery and Bootstrap, and integrates Google Analytics and Google Maps APIs. Security posture is moderate with HTTPS implied but lacking explicit security headers and using an outdated jQuery version. WHOIS data is missing, which reduces domain trustworthiness, but the website content and contact details appear legitimate and professional.

A

Affinia

baxter.co.uk

65

Affinia is a professional accountancy firm specializing in accountancy, tax, audit, corporate finance, and payroll services primarily serving clients in London and the South East of England. The website reflects a mature digital presence with comprehensive service descriptions, sector expertise, and client engagement features such as a client login portal. The firm positions itself as a leading regional player with a focus on business advisory and tax planning services. Technically, the website is built on WordPress with modern integrations including Yoast SEO, Google Tag Manager, Cookiebot for cookie consent, and Tidio chat for customer interaction, indicating a good level of digital maturity and user experience optimization. Security posture is strong with HTTPS enforced, security headers present, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with clear cookie and privacy policies and a consent mechanism. However, the absence of a published security policy and incident response contact details represents an area for improvement. The WHOIS data is unavailable due to domain naming rules errors, which is unusual and slightly reduces trustworthiness, but the overall professional presentation and technical soundness mitigate this concern. Strategic recommendations include publishing security and incident response policies, adding vulnerability disclosure information, and enhancing transparency around data protection officer contacts to further strengthen trust and compliance.

A

anji s.r.o.

24safestorage.cz

45

24SAFE STORAGE is a luggage storage service operating in the heart of Prague, offering 24/7 access and secure lockers for travelers. The company targets tourists and visitors who need a safe place to store their belongings while exploring the city. Their business model focuses on convenience, security, and affordability, supported by positive customer reviews and insurance guarantees. The website is professionally designed with clear navigation and a modern tech stack including React and Next.js, integrated with Google Maps and Google Tag Manager for enhanced user experience and analytics. Security posture is strong with HTTPS, security headers, and GDPR-compliant data collection via contact forms. No critical vulnerabilities or suspicious patterns were detected, and the domain registration aligns well with the business claims, indicating legitimacy and trustworthiness.

P

PEGATRON Czech s.r.o.

pegatron.cz

46

PEGATRON Czech s.r.o. is a well-established manufacturing company based in Ostrava, Czech Republic, with over 20 years of experience. The company focuses on providing comprehensive manufacturing and service solutions to its clients, emphasizing innovation, quality, and responsibility. Their website targets business clients and potential employees, showcasing their services, career opportunities, and corporate values. Technically, the website is built on WordPress with modern plugins and scripts, including Google Tag Manager and Google Maps API, indicating a moderate level of digital maturity. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and published security policies, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, although the website content and business information appear legitimate. Overall, the site scores well on content quality and security posture but should address domain transparency and security header implementation to enhance trust and compliance.

C

COLOP CZ

razitkacolop.cz

51

COLOP CZ operates as the largest distributor and manufacturer of COLOP stamps in the Czech Republic, boasting over 30 years of experience. The company offers a comprehensive range of stamp products including company stamps, date and numbering stamps, special stamps, and related accessories. Their business model integrates e-commerce with a robust local dealer network, allowing customers to select branches via an interactive map for personal pickup or postal delivery. The website is primarily in Czech and targets businesses and individuals within the Czech market seeking stamp products and services. Technically, the website is built on the Magento e-commerce platform, utilizing modern JavaScript libraries such as jQuery, KnockoutJS, and Google Maps API for interactive dealer location mapping. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO optimization is basic but functional, with proper meta tags and structured navigation. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected in the provided data, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found in the HTML content. Privacy policies and cookie banners are present and comprehensive, indicating a good privacy posture. Overall, the website presents a professional and trustworthy front for COLOP CZ, with a solid business presence and technical infrastructure. The lack of WHOIS data due to privacy protection is common and does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, improving accessibility compliance, and auditing third-party scripts regularly to maintain security and compliance.

C

Citadele

pensija.lv

10

The website pensija.lv is a professionally designed financial services platform operated by Citadele banka, focused on pension savings and investment plans in Latvia. It offers detailed pension plan information, including the CBL Indeksu plan, which is positioned as the most profitable 2nd pillar pension plan in Latvia for 2023. The platform includes interactive pension calculators and links to official government services for pension plan enrollment, enhancing user trust and engagement. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Google Maps API, indicating a mature digital infrastructure with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and CSRF tokens present, though the absence of explicit security headers and published security policies suggests room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR requirements fully. Overall, the site is trustworthy, safe for general audiences, and well-positioned in the Latvian pension market.

E

eStudio.cz

estudio.cz

47

eStudio.cz is a Czech Republic-based small technology service provider specializing in comprehensive web design, e-commerce solutions, online marketing, and reliable web hosting. The company emphasizes long-term client relationships and offers strategic marketing and integration with information systems. Their market position is supported by over 90% client retention beyond nine years, indicating strong customer satisfaction and business stability. The website content is professionally presented, targeting businesses seeking digital presence and growth through modern online tools. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, reCAPTCHA, Swiper.js, and Smartlook for session recording. It is built on the Reflex-eshop CMS platform, optimized for mobile devices, and includes GDPR-compliant cookie consent mechanisms. Performance is moderate with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and anti-bot measures on forms, but lacks advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with clear cookie consent and a privacy policy page. Business credibility is supported by clear contact information, client references, and professional content. Overall, the website presents a trustworthy and professional digital presence with room for improvement in security headers and transparency around incident response. The absence of WHOIS data reduces domain trust slightly but does not detract from the business legitimacy based on website content.

BMW Motorrad Czech Republic operates a professional and comprehensive website dedicated to motorcycle sales, financing, accessories, and services. The site targets motorcycle enthusiasts and potential buyers in the Czech market, leveraging the strong BMW brand and offering a wide range of models and related products. The website is built on Adobe Experience Manager, indicating a mature digital infrastructure with integrated analytics and consent management. Security posture is good with HTTPS and consent mechanisms, though explicit security headers and incident response information are absent. The lack of WHOIS data limits domain trust assessment, but the branding and content strongly support legitimacy. Overall, the site is well-positioned to serve its audience with a professional and secure online presence.

C

Company Culture Market s.r.o.

cocuma.cz

58

COCUMA is a Czech Republic-based platform specializing in verifying and showcasing authentic company cultures to help job seekers find suitable employers. The website offers a gallery of verified companies, job opportunities, and a magazine focused on corporate culture. The platform emphasizes transparency and authenticity by conducting thorough interviews and creating original content rather than relying on PR materials. Technically, the website employs modern web technologies including Google Tag Manager, Matomo analytics, and various third-party widgets, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and no explicit security policy is published. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

H

HelpMR Diagnosztikai Központ

helpmr.hu

59

HelpMR Diagnosztikai Központ is a medical diagnostic center based in Székesfehérvár, Hungary, specializing in MRI, X-ray, ultrasound, and dental panoramic imaging services. Established in 2012, the center positions itself as a regional leader offering advanced diagnostic technologies and expert radiological analysis through a network of specialist radiologists. The website targets patients seeking timely and high-quality diagnostic imaging without waiting lists. Technically, the site employs modern web technologies including Google Analytics, Google Tag Manager, reCAPTCHA, and Font Awesome icons, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and anti-bot measures, but lacks explicit security headers and published security policies. Privacy compliance is basic, with no visible privacy or cookie policies, which is a notable gap. Overall, the website is professional, trustworthy, and well-structured, serving its healthcare audience effectively.

GRAWEB s.r.o. is a small Czech creative advertising agency specializing in marketing, graphic design, printing, and web development services. The company targets local and regional businesses seeking professional advertising and web solutions. Their website demonstrates a mature digital presence with a portfolio of client references and active social media engagement. Technically, the site uses a modern JavaScript stack with analytics and marketing tools integrated, though some security best practices such as security headers and privacy policies are missing. The security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks comprehensive security policies and vulnerability disclosures. The WHOIS data is missing or indicates the domain may be unregistered or expired, which raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional and professional but would benefit from improved compliance and security transparency.