Security Directory

S

Střední Čechy Convention Bureau

strednicechycb.cz

54

Střední Čechy Convention Bureau is a regional organization dedicated to promoting the Central Bohemia region as an attractive destination for MICE (Meetings, Incentives, Conferences, and Exhibitions) events. The website provides comprehensive information about venues, activities, and specialist support for event planners, targeting corporate clients and event professionals. The site is well-branded and professionally designed, reflecting a consistent regional identity with official partner logos and a clear contact point. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, WPML for multilingual support, and Contact Form 7 for user interaction. It uses Google Tag Manager and Google Analytics for tracking, alongside a cookie consent mechanism compliant with GDPR. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent with granular user controls. However, explicit security headers are not clearly detected, and the WHOIS data for the domain is missing, which raises concerns about domain registration transparency. No critical vulnerabilities or exposed sensitive data were found in the content. Overall, the website presents a trustworthy and professional front for the regional convention bureau but would benefit from improved domain registration transparency and enhanced security header implementation to strengthen trust and security posture.

S

Středočeská centrála cestovního ruchu, p. o.

strednicechy.cz

65

The website www.strednicechy.cz serves as the official regional tourism portal for Central Bohemia, Czech Republic. It provides comprehensive information about nature, cultural heritage, events, and travel experiences in the region. The site targets tourists and visitors interested in exploring Central Bohemia's attractions and offers services including event calendars, travel tips, and a Convention Bureau for business events. The site is well-branded and consistent with official regional tourism entities, enhancing its credibility. Technically, the website is built on WordPress with modern plugins and libraries such as WPML for multilingual support, Google Analytics, Hotjar, and Microsoft Clarity for analytics and user behavior tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some lazy loading images show errors that should be addressed. Security posture is good with HTTPS enforced and no obvious vulnerabilities detected, but additional security headers could be implemented to strengthen defenses. Privacy compliance is well-handled with a cookie consent mechanism and a clear cookie policy page, indicating GDPR awareness. Contact information is clearly provided, including email, phone, and physical address, supporting business credibility. However, WHOIS data is missing, which reduces trust from a domain registration perspective and warrants further verification. Overall, the website is a professional, secure, and user-friendly platform for regional tourism promotion, with minor technical and security improvements recommended to enhance trust and performance.

F

FashionNetwork.com

fashionnetwork.com

74

FashionNetwork Finland is a localized edition of the international FashionNetwork.com media platform, providing comprehensive fashion industry news, videos, podcasts, and event coverage. The platform targets fashion professionals, luxury and beauty sectors, and retail stakeholders, positioning itself as a key information source in the fashion business media space. The website demonstrates a mature digital presence with rich content and consistent branding. Technically, the site uses modern web technologies including Google Tag Manager and Analytics, with good SEO and accessibility practices. Security posture is solid with HTTPS and some security headers, though additional headers and explicit security policies could enhance trust. The absence of WHOIS data for the domain is a notable concern, limiting full verification of domain legitimacy. Overall, the site is professional and trustworthy in content and design but would benefit from improved transparency in domain registration and security policies.

FaceUp Technology operates a leading whistleblowing software platform primarily serving organizations and schools in the Czech Republic and internationally. Their solution enables anonymous feedback, ethical hotlines, case management, surveys, and AI-assisted communication to foster open and safe organizational cultures. The company positions itself as a market leader with over 3,500 clients in more than 70 countries, emphasizing compliance with GDPR, ISO 27001, and other security standards. Technically, the website is built on modern frameworks like Next.js and React, with integrations for analytics and marketing tools such as Google Tag Manager and HubSpot. Security posture is strong, featuring end-to-end encryption, local data storage, and penetration testing, although some security headers are not explicitly detected. The absence of WHOIS data suggests privacy protection or recent domain registration, which slightly impacts trust but is understandable given the sensitive nature of the business. Overall, FaceUp presents a professional, secure, and compliant digital presence with a strong focus on user trust and regulatory adherence.

K

Královéhradecký kraj

khk.cz

64

Královéhradecký kraj operates as the official regional government authority for the Královéhradecký region in the Czech Republic. The website serves as a comprehensive portal providing citizens, businesses, and local municipalities with access to a wide range of public services including social services, transportation, healthcare, education, and regional development. The site is well-positioned as a trusted source of official information and services for the region's residents and stakeholders. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Bootstrap for responsive design, Slick Carousel for interactive content, and integrates Google Analytics and Google Tag Manager for analytics and tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and shows no signs of exposed sensitive data or vulnerable libraries. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible and could be improved. The absence of WHOIS data is consistent with CZ.NIC registry policies for .cz domains and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy or incident response contact, and considering a security.txt file to facilitate vulnerability disclosures.

phpBB Limited operates the phpBB website, providing free and open source forum software widely recognized as a leading solution in the online community space. The website offers downloads, extensions, styles, and extensive community support, positioning itself as a mature and trusted platform for forum administrators and developers. The business model centers on open source distribution supported by community engagement and sponsorships. Technically, the site uses modern web technologies including jQuery, Google Analytics, and the Symfony framework, hosted by OSUOSL, ensuring reliable infrastructure and moderate performance with good mobile optimization. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy/cookie policies indicates room for improvement. The WHOIS data is unavailable, which slightly reduces trust but does not undermine the legitimacy given the active community and sponsorships. Overall, the site is professional, trustworthy, and well-positioned in its niche.

M

Museum Manufactory

museum-manufactory.com

51

Museum Manufactory is a French company specializing in the design and realization of innovative exhibition spaces and multimedia interactive mediation devices. With over 25 years of experience, it serves both public and private clients internationally, offering turnkey project services including consulting, project management, design, and innovation. The website is professionally designed, bilingual (French and English), and optimized for SEO and accessibility. Technically, it is built on WordPress with modern plugins such as Gravity Forms and Yoast SEO, hosted likely by Amenworld. Security posture is good with HTTPS and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security.txt or incident response policies are found. The domain registration is privacy protected but consistent with the business location and claims. Overall, the website presents a trustworthy and professional digital presence.

A

Artlogic

artlogic.net

62

Artlogic is a well-established SaaS platform founded in 1997, specializing in providing comprehensive business management solutions tailored for galleries, artists, and collectors. The platform offers a suite of services including inventory management, sales CRM, marketing tools, websites, and payment processing, positioning itself as a key player in the art business software market with over 5,500 clients worldwide. The website reflects a professional and consistent brand image with excellent content quality and user experience, targeting art professionals and collectors globally. Technically, the website leverages a mature technology stack including jQuery, Google Analytics, Tag Manager, Facebook Pixel, and other marketing and tracking tools, hosted primarily on AWS infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with a custom CMS (Artlogic CMS) underpinning its content management. Performance is moderate, with good use of modern web technologies and third-party integrations. From a security perspective, the site employs HTTPS with good SSL configuration, uses Google reCAPTCHA for form protection, and manages cookie consent effectively. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. DNSSEC is not enabled, which could enhance DNS security. No critical vulnerabilities or exposed sensitive data were detected. Overall, Artlogic presents a low-risk profile with strong business credibility and a solid technical foundation. Strategic recommendations include enabling DNSSEC, publishing clear security and privacy policies, and enhancing transparency around incident response and vulnerability disclosures to further strengthen trust and compliance.

M

mCanvas

mcanvas.com

72

mCanvas is a digital advertising company specializing in immersive and interactive ad experiences across smart devices including mobile and connected TV platforms. The company positions itself as a premium provider of innovative advertising solutions that leverage sensor-based technology to enhance brand engagement and recall. Their website demonstrates a strong brand presence with client testimonials, prestigious awards, and partnerships with leading agencies and brands. Technically, the site is built on Webflow, uses modern analytics and consent management tools, and implements security best practices such as HTTPS and Google reCAPTCHA Enterprise. However, the absence of explicit privacy and terms of service pages and missing WHOIS domain registration data present compliance and trust challenges. Overall, the website is professional and well-designed, targeting brands and advertisers seeking advanced digital marketing solutions.

Cubainformacion.tv is a Spanish-language media website focused on delivering news, videos, and political commentary related to Cuba and Latin America. It serves a niche audience interested in Cuban affairs, solidarity movements, and political developments. The site offers a mix of video content, news articles, radio broadcasts, and campaign promotions, positioning itself as a specialized media outlet in this domain. Technically, the website uses a custom CMS named Cubainformacion Publishing System, integrates modern video playback technologies such as Video.js and YouTube iframe API, and employs Google Analytics with IP anonymization for user tracking. The site is mobile-optimized and features a consistent branding approach with good content quality and navigation clarity. Security-wise, the site uses HTTPS and includes CSRF tokens but lacks explicit security headers and detailed privacy or cookie policies, which are areas for improvement. The absence of WHOIS data limits domain ownership verification, but the website content and technical setup appear legitimate and professional. Overall, the site is safe for general audiences and does not contain adult or explicit content.

AlwaysInDemand.com is a specialized educational and career awareness platform focused on promoting HVAC industry careers and providing scholarship opportunities through the HVAC HERO Scholarship program. The website is operated by the EGIA Foundation, a non-profit entity, and targets students and individuals interested in entering the HVAC trade. The platform offers resources, a trade school directory, and scholarship application information, positioning itself as a niche resource in the energy and education sectors. Technically, the website is built on WordPress and leverages common web technologies such as jQuery, Google Analytics, and Facebook Pixel for tracking and analytics. Hosting appears to be on Amazon AWS infrastructure, indicated by the DNS servers. The site is mobile optimized with good SEO practices and structured data implementation, although accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration and domain registration protections such as clientDeleteProhibited status. However, it lacks DNSSEC and security headers like CSP or HSTS, which are recommended for enhanced security. No privacy or cookie policies are explicitly presented, and no consent mechanisms are detected, which may pose compliance risks. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the website is professionally designed and trustworthy with moderate security posture and some compliance gaps. Strategic improvements in privacy policy publication, cookie consent, and security header implementation would enhance the site's security and compliance standing.

The EGIA Foundation is a U.S.-based non-profit organization established in 2017, dedicated to strengthening the HVAC industry workforce by providing scholarships, training, research, and recruitment resources. The foundation targets young people pursuing HVAC careers, contractors, educators, corporations, and nonprofits, positioning itself as a key player in HVAC workforce development. The website reflects a professional and consistent brand with clear messaging and a focus on community and industry collaboration. Technically, the site is built on WordPress with WooCommerce and uses modern analytics and marketing tools such as Google Analytics and Facebook Pixel. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the foundation.

V

VisualCraft GmbH

visualcraft.ch

55

VisualCraft GmbH is a small, professional design and multimedia studio based in Bern, Switzerland, specializing in UX/UI design, branding, graphic design, photography, videoproduction, and motion design. The company targets businesses and organizations seeking high-quality digital experiences and brand presentation. Their website showcases a well-structured portfolio and clear service offerings, positioning them as a niche creative agency in the Swiss market. Technically, the website is built on WordPress using Elementor and integrates modern web technologies such as Lottie animations and Google Analytics, reflecting a mature digital infrastructure. Security-wise, the site employs HTTPS with strong SSL configuration and security headers, although it lacks a dedicated security policy or incident response information. Privacy compliance is well addressed with GDPR-compliant privacy and cookie policies, including a consent mechanism. Overall, the website demonstrates high professionalism, good technical implementation, and solid business credibility, with minor areas for improvement in security transparency and accessibility.

S

Swiss Design Association

swiss-design-association.ch

44

The Swiss Design Association is a professional membership organization based in Switzerland that supports design professionals through legal advice, insurance consulting, and advocacy. It is recognized by the Swiss Federal Office of Culture, indicating a reputable position within the cultural and design sector. The website provides information about awards, events, membership benefits, and a directory of designers, targeting primarily design professionals and organizations within Switzerland. Technically, the website uses a mature technology stack including jQuery, Backbone.js, Google Analytics, and reCAPTCHA v3, running on Craft CMS. The site is mobile optimized with good navigation and consistent branding. Security posture is solid with HTTPS and anti-bot protections, but lacks visible security headers and published privacy or cookie policies, which are areas for improvement. Overall, the domain registration data aligns well with the website content, supporting legitimacy and trustworthiness.

L

Leofoto Schweiz

leofoto.ch

52

Leofoto Schweiz operates as a specialized e-commerce retailer focusing on high-quality carbon tripods and photography accessories, targeting professional photographers and enthusiasts in Switzerland. The company emphasizes product durability and quality, supported by a 10-year warranty, positioning itself as a niche market leader in its segment. The website is built on WordPress with WooCommerce, leveraging modern web technologies and SEO tools to enhance user experience and visibility. Security measures include HTTPS and reCAPTCHA, but lack explicit security policies and comprehensive privacy compliance mechanisms. Overall, the site demonstrates a solid business presence with room for improvement in privacy and security transparency.

D

Duotones LLC

duotones.ch

49

Duotones LLC is a specialized UX and interaction design agency based in Bern, Switzerland, founded in 2016. The company focuses on delivering user experience design, interaction, and interface design services for digital media and products such as web and app design. Their client portfolio includes reputable Swiss organizations like Swisscom, PostFinance, and Universität Zürich, positioning them as a trusted player in the Swiss UX market. The website reflects a professional and consistent brand image with comprehensive service offerings including innovation workshops, digital transformation consulting, and prototyping. Technically, the website is built on WordPress 5.8.12 with modern JavaScript libraries such as Three.js and GSAP, and uses Yoast SEO for optimization. The site is mobile-optimized and includes a cookie consent mechanism compliant with GDPR. Google Analytics and Google Tag Manager are used for analytics with IP anonymization enabled. Performance is moderate with good SEO and basic accessibility features. Security posture is solid with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. However, security headers are not explicitly detected, and no formal security or incident response policies are published. Privacy compliance is strong with clear privacy and cookie policies. Contact is primarily via a contact form, with no direct email or phone numbers publicly listed. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance, suitable for its business domain. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility compliance to further strengthen the security and user experience posture.

A

Appinium | Salesforce Video Solutions

appinium.com

69

Appinium is a specialized technology company offering a native Salesforce enterprise content enablement platform focused on video and multimedia tracking across marketing, sales, service, and learning domains. The company positions itself as a niche leader integrating deeply with Salesforce to provide actionable insights and engagement tracking. The website reflects a professional B2B SaaS business model targeting enterprises leveraging Salesforce for content distribution and enablement. Technically, the site is built on WordPress with modern JavaScript libraries and integrates analytics and user engagement tools such as Google Analytics, Hotjar, and Qualified chat. Security posture is solid with HTTPS enforced and reCAPTCHA protecting forms, though formal security policies and headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR considerations. Overall, the domain registration and website content are consistent and trustworthy, supporting a high legitimacy score.

B

Bestsport, a.s.

o2arena.cz

72

O2 arena, operated by Bestsport, a.s., is a premier multifunctional venue and convention center located in Prague, Czech Republic. It offers a diverse program of cultural and sporting events and provides rental spaces for various types of events. The venue is well-positioned in the hospitality and entertainment sectors, supported by a strong brand presence and partnerships with reputable companies including its parent company PPF Group. The website reflects a mature digital infrastructure built on WordPress, leveraging modern JavaScript libraries and analytics tools to deliver a fast, accessible, and user-friendly experience. Privacy compliance is robust with a detailed cookie consent mechanism and a comprehensive privacy policy. Security posture is strong with HTTPS enforced and no obvious vulnerabilities detected, though some security headers could be improved. Overall, the domain appears legitimate despite the absence of WHOIS data, likely due to privacy protection, and the site maintains high trust and professionalism.

A

Azubiyo

azubiyo.de

62

Azubiyo is a leading German online platform specializing in apprenticeship and dual study placements, offering a comprehensive job marketplace and career guidance tools such as a scientifically based career aptitude test. The platform serves students, apprentices, and companies seeking to connect for vocational training opportunities. Owned by FUNKE Works GmbH, Azubiyo holds a strong market position as one of the largest apprenticeship portals in Germany, supported by professional branding and trust signals including awards and CO2-neutral certification. Technically, the website employs modern frameworks like AngularJS and Bootstrap, integrates advanced analytics and marketing tools, and is hosted behind Cloudflare for performance and security. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates high professionalism, GDPR compliance, and user-centric design, making it a trustworthy resource for its target audience.

N

Next Generation Solution, s.r.o.

ngs.cz

42

Next Generation Solution, s.r.o. is a Czech Republic based full-service digital agency specializing in digital marketing, creative concepts, online advertising, websites, mobile applications, social media, and content creation. The company targets businesses seeking sophisticated digital solutions and has a portfolio of notable clients such as Pepsi, Škoda, and Mastercard, indicating a solid market position within the technology and marketing sector. The website is professionally designed with multimedia content and clear navigation, reflecting a mature digital presence. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, FontAwesome, and Google Analytics, demonstrating a good level of digital maturity. The site is mobile optimized and uses lazy loading for performance. However, there is no detected CMS or hosting provider information. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the website uses HTTPS and includes Google Tag Manager and Analytics scripts, but lacks explicit security headers and privacy/cookie policies, which are compliance gaps. No forms are present on the main page, reducing attack surface. WHOIS data is not publicly available, likely due to privacy protection, which is common and justified for this business type. Overall, the security posture is moderate but could be enhanced with better policy disclosures and security headers. The overall risk assessment is low to moderate with no critical vulnerabilities detected. Strategic recommendations include implementing privacy and cookie policies with consent mechanisms, adding security headers, and enhancing accessibility. These improvements will strengthen compliance, user trust, and security posture.

A

ALTOBELLI | Werbung mit Amore!

altobelli.agency

55

ALTOBELLI is a creative agency based in Germany specializing in emotional brand communication and marketing services. Founded in 2020, the agency positions itself as a partner for businesses seeking impactful and heartfelt advertising solutions. Their key services include campaigning, brand design, content production, social media marketing, and digital marketing. The website reflects a professional and modern digital presence, leveraging WordPress with advanced plugins like Slider Revolution and Elementor for rich multimedia content and user experience. The agency showcases a portfolio of notable clients and integrates social media channels to enhance engagement. Privacy and cookie compliance are well implemented, with clear consent mechanisms in place. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. Overall, ALTOBELLI presents a trustworthy and credible business profile with a strong focus on creative excellence and client collaboration.

O

Opinary

opinary.com

69

Opinary is a technology company founded in 2014 that specializes in interactive polling tools designed to engage audiences and provide data-driven insights for global brands and premium publishers. Their platform enables brands to reach over 125 million users through interactive voting tools embedded within a network of respected publishers. The company operates primarily in the technology and media sectors, targeting B2B clients such as advertisers and publishers. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support.

Panattoni Development Company Canada is a recognized commercial real estate developer specializing in industrial and office projects across central and western Canada. The company offers comprehensive services including design, development, construction, financing, leasing, and sales, positioning itself as a leader in the Canadian market with local expertise in major cities such as Toronto, Edmonton, Montreal, and Calgary. The website reflects a professional brand with consistent messaging and a clear focus on client satisfaction and quality. Technically, the site is built on WordPress using the Divi theme and integrates common tools like Google Analytics and jQuery, providing a moderate level of digital maturity. Security posture is generally good with HTTPS enabled and no visible vulnerabilities, though the absence of security headers and privacy policies indicates room for improvement. The lack of WHOIS data for the domain is a notable anomaly that impacts trustworthiness, though the site content and social media presence support legitimacy. Overall, the site is functional and professional but would benefit from enhanced compliance and security transparency.

T

Transmatico GmbH

transmatico.com

54

Transmatico GmbH is a German-based company specializing in sustainable local crossmedia advertising solutions for newspapers, magazines, and advertising papers. Their offerings include digital native advertising content preparation, landing pages, traffic management with SEO, and sales training. The company has a strong market presence with over 200 successful integrations and multiple industry awards, positioning them as a reputable player in the media advertising sector. The website is professionally designed, mobile-optimized, and provides comprehensive information about their products and client successes. Technically, the site runs on WordPress with Elementor and uses modern analytics tools like Matomo and Google Analytics, alongside a GDPR-compliant cookie consent mechanism. Security posture is good with HTTPS and security headers in place, though the absence of a public security policy and incident response contacts is noted. The WHOIS data for the domain is missing or unavailable, which raises some concerns about domain registration transparency. Overall, the website and business appear legitimate and professional, but the domain registration inconsistency slightly reduces trustworthiness.

My Contractor University is a professional online training and business coaching platform focused on HVAC contractors, powered by EGIA. It offers a comprehensive suite of services including online classes, resource libraries, business coaching, workshops, and certification programs. The platform targets HVAC business owners seeking to improve their operations and sales through structured education and coaching. Technically, the website is built on WordPress with modern integrations such as Gravity Forms, Google Tag Manager, and AddSearch, hosted likely on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and reCAPTCHA protections, though it lacks DNSSEC and some security headers. Privacy policies and terms are linked to the parent company EGIA, indicating compliance with GDPR and other regulations. Overall, the site is trustworthy, professional, and well-maintained, serving a medium-sized business audience in the energy sector.

Creative Market is a well-established online marketplace founded in 1998, specializing in high-quality digital creative assets such as stock photos, graphics, fonts, and design templates. The platform targets creative professionals, designers, marketers, and small businesses seeking unique digital content. It operates a mature e-commerce business model with a strong market position supported by a large catalog of over 3 million assets from independent creators worldwide. The website demonstrates excellent content quality, professional design, and clear navigation, providing a seamless user experience across devices.

S

Středočeská centrála cestovního ruchu

sccr.cz

49

Středočeská centrála cestovního ruchu is a regional tourism organization focused on promoting Central Bohemia as a travel destination. The website serves as a corporate portal providing information about the organization's activities, marketing campaigns, regional product sales, and tourist information centers. It targets tourists, regional partners, and media stakeholders. The organization holds a key position in the regional tourism ecosystem, collaborating with government entities and other regional partners. Technically, the website is built on WordPress with modern plugins such as Yoast SEO, WPML for multilingual support, and performance optimizations via WP Rocket. It integrates Google Analytics and Google Tag Manager for tracking and marketing purposes. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features are basic. From a security perspective, the site uses HTTPS and cookie consent mechanisms compliant with GDPR. However, explicit security headers and published security policies are absent. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable, which limits domain legitimacy verification, but the website's content and partner affiliations strongly indicate a legitimate and professional entity. Overall, the website is well-structured, professional, and trustworthy for its intended audience, with room for improvement in security transparency and accessibility.

V

Vzdělávací institut Středočeského kraje

visk.cz

54

Vzdělávací institut Středočeského kraje is a well-established educational organization founded in 2009, providing a broad range of training and seminars primarily targeting educators, public administration employees, and social service workers in the Central Bohemian Region of the Czech Republic. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its audience. Technically, the site employs modern JavaScript frameworks such as Vue.js, integrates Google Analytics and Tag Manager for analytics, and uses responsive design techniques to ensure good mobile usability. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not publicly disclosed. Overall, the domain registration data aligns well with the website's identity, supporting its legitimacy and trustworthiness.

S

Středočeský kraj

stredoceskykraj.cz

64

Středočeský kraj operates an official regional government web portal serving the Central Bohemian Region of the Czech Republic. The website provides comprehensive information about regional government activities, public services, news, projects, and contact details. It targets residents, businesses, and stakeholders within the region, offering services such as public transport information, social services, education, and grant programs. The portal is well-positioned as a trusted government information hub with a large audience and established presence since 2005. Technically, the website is built on the Liferay CMS platform with React components, leveraging modern web technologies and frameworks. It integrates third-party analytics and performance monitoring tools such as Google Analytics and AppDynamics. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site enforces HTTPS and uses nonce-based Content Security Policy for inline scripts. While explicit security headers are not fully confirmed, no critical vulnerabilities or exposed sensitive data were detected. Privacy policies and GDPR compliance information are present, though the cookie consent mechanism could be improved. No vulnerability disclosure or incident response policies are published, representing an area for enhancement. Overall, the website is a professional, secure, and credible government portal with minor gaps in privacy and security transparency. Strategic improvements in cookie consent, security policy publication, and vulnerability disclosure would further strengthen its security posture and user trust.

W

Webstudio

webstudio.team

49

Webstudio is a specialized service provider focused on bringing healthcare data to the web through interactive visualizations, graphic design, editorial work, and web development. Their market position is niche, serving state and academic sectors in the Czech Republic with a focus on healthcare and medical education projects. The website demonstrates a good level of digital maturity with modern technologies such as Google Analytics and Microsoft Clarity integrated for analytics and user behavior insights. The site is well-designed, mobile-optimized, and accessible, providing a professional user experience. Security posture is solid with HTTPS enforced and appropriate security headers, although explicit security and privacy policies are not publicly available. Overall, the domain and website appear legitimate and trustworthy, with privacy-protected WHOIS data typical for small specialized businesses.

M

Ministerstvo vnitra České republiky

mvcr.cz

56

The website https://mv.gov.cz/ is the official online presence of the Ministry of Interior of the Czech Republic, a key government entity responsible for internal affairs including public order, security, migration, and eGovernment services. The site provides comprehensive information and services targeted at Czech citizens, foreigners, and public institutions. It is positioned as a central authoritative source for internal state administration and security-related matters. Technically, the site employs legacy jQuery scripts alongside modern tracking tools such as Google Tag Manager and Analytics, with HTTPS and Content Security Policy headers ensuring a secure browsing environment. Privacy compliance is well addressed with cookie consent mechanisms and a comprehensive privacy policy in Czech. Security posture is strong with no visible vulnerabilities, though some additional security headers and modern script upgrades are recommended. Overall, the site is professional, trustworthy, and well-structured, reflecting its government status and mission.

T

The Ravestijn Gallery

theravestijngallery.com

64

The Ravestijn Gallery is a leading photography gallery based in the Netherlands, specializing in exhibitions, artist representation, exclusive artwork editions, and a bookshop. The website reflects a professional art gallery business model targeting photography collectors and art enthusiasts. The company positions itself as a prominent player in the Dutch photography art market with a focus on quality and exclusivity. Technically, the website is built on the Artlogic CMS platform, utilizing jQuery and integrates Google Analytics and Google Tag Manager for visitor tracking. The site is hosted with secure HTTPS and uses Cloudinary for image hosting. Performance is moderate with good mobile optimization and accessibility features, indicating a mature digital presence. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR. However, explicit security headers are not detected, and no dedicated security or incident response policies are publicly available. No vulnerabilities or exposed sensitive data were found. The WHOIS data is consistent with the business claims, supporting domain legitimacy. Overall, the website is professional, secure, and compliant with privacy regulations, though improvements could be made in security header implementation and transparency of security policies. The risk level is low, with recommendations focusing on enhancing security posture and compliance documentation.

G

Gorgias

gorgias.help

67

Gorgias is a technology company specializing in conversational AI platforms tailored for ecommerce businesses. Their platform integrates AI agents, helpdesk solutions, chat, and FAQ automation to enhance customer support and drive sales. Positioned as a leading solution trusted by over 15,000 brands, Gorgias targets ecommerce merchants seeking to automate and improve customer interactions. The website reflects a mature digital presence with professional design, clear messaging, and extensive use of modern marketing and analytics technologies. The technical infrastructure leverages Webflow CMS, Google Analytics, Amplitude, Facebook Pixel, and advanced A/B testing tools like VWO, indicating a high level of digital maturity and performance optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. WHOIS data is unavailable, which slightly impacts trust but the overall business credibility remains high based on website content and technology use. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance transparency and trust.

C

C/O RED | Die Kreativagentur der FUNKE Medien NRW

co-red.de

39

C/O RED is a creative agency operating under the umbrella of FUNKE Medien NRW GmbH, specializing in branding, design, and campaign services primarily for media and marketing clients in Germany. The company emphasizes clear, individual design solutions and has a strategic partnership with ALTOBELLI agency to enhance service offerings. Their website reflects a professional and modern digital presence built on WordPress with SEO and consent management tools integrated. Security posture is solid with HTTPS and consent mechanisms, though some security headers and vulnerability disclosures are missing. Overall, the site is trustworthy and well-positioned in its market segment.

.

.EC DOMINIOS ECUADOR S.A.S

dominiosecuador.ec

49

The website dominiosecuador.ec represents .EC DOMINIOS ECUADOR S.A.S, a small Ecuadorian company specializing in domain registration, hosting, email, SSL certificates, and web design services. The site targets Ecuadorian businesses and entrepreneurs seeking digital presence solutions. The company positions itself as a local provider with a focus on .EC domains and related services. Technically, the website is built on the WHMCS platform using the Lagom template, incorporating modern JavaScript libraries and tracking tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and provides a user-friendly experience with clear navigation and active customer support chat integration. Security posture is adequate with HTTPS enforced and CSRF tokens in forms, but lacks explicit security headers and published security policies. Privacy compliance is basic with a cookie consent banner and a privacy policy page, though GDPR compliance is not clearly demonstrated. WHOIS data confirms the legitimacy of the domain registration, matching the business claims and showing no suspicious patterns. Overall, the website is professional, trustworthy, and suitable for its business purpose, though improvements in security policies and technical SEO could enhance its posture.

M

Modular DS

modulards.com

69

Modular DS is a Spanish-based technology company founded in 2021 that offers a SaaS platform focused on centralized management and automation of WordPress websites. Their platform provides key services such as automated maintenance, backups, uptime monitoring, vulnerability analysis, and reporting, targeting WordPress site managers, agencies, and freelancers. The website is professionally designed, mobile-optimized, and integrates modern web technologies including WordPress CMS, WP Rocket for performance, and Google Analytics for tracking. Security posture is good with HTTPS enforced and domain transfer protection, but could be improved by enabling DNSSEC and adding security headers like Content-Security-Policy. Privacy compliance is basic with a cookie policy and consent mechanism present, but no explicit privacy policy or terms of service pages were found. Overall, the domain registration data is consistent and legitimate, supporting the business credibility. The site is free from adult or questionable content and is safe for general audiences.

R

RaveCapture

ravecapture.com

52

RaveCapture is a SaaS platform specializing in ecommerce reviews, user-generated content (UGC), and customer experience surveys. Founded in 2023 and based in the United States, it targets ecommerce merchants seeking to build trust and increase sales through authentic customer feedback and visual content. The company positions itself as a user-friendly alternative to larger review platforms, emphasizing personalized support and no-contract pricing. The website is professionally designed with comprehensive content, clear navigation, and strong branding consistency, supported by customer case studies and testimonials that enhance credibility. Technically, the website is built on WordPress using the Divi theme, integrating modern marketing and analytics tools such as Google Analytics, Google Tag Manager, and Intercom. Hosting is via Amazon AWS, and the site employs HTTPS with a good SSL configuration. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. The site lacks DNSSEC and some recommended security headers like Content-Security-Policy and Referrer-Policy. From a security perspective, the site enforces HTTPS and uses domain transfer protection, but could enhance its security posture by enabling DNSSEC and adding missing headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is generally good with a comprehensive privacy policy and terms of service, though no explicit cookie consent mechanism was found. Contact information is available, including a physical address and verified support email. Overall, RaveCapture presents a trustworthy and professional online presence with a solid technical foundation and good security practices. Strategic improvements in security headers and privacy consent mechanisms would further strengthen its posture. The domain registration details align well with the company's claimed history and operations, supporting legitimacy and trustworthiness.

M

motor-traffic.de

motor-traffic.de

54

motor-traffic.de is a German-language online news portal specializing in mobility and automotive topics, including automobiles, motorcycles, commercial vehicles, bicycles, technology, environment, and traffic. The site targets German-speaking readers interested in current mobility news and industry developments. It operates as a niche media outlet providing categorized news articles, event coverage, and RSS feeds. The business model centers on content publishing and dissemination within the transportation and media sectors. The website presents a consistent brand with good content quality and clear navigation.

W

WITTMANN MEDIA

umwelt-panorama.de

56

Umwelt-Panorama.de is a German-language online news portal specializing in environment, energy, climate protection, nature conservation, and scientific topics. Operated by WITTMANN MEDIA since at least 2015, it targets environmentally conscious German-speaking audiences with regularly updated news articles and press releases. The business model relies primarily on advertising revenue, with Google Adsense integrated prominently across the site. The website presents a professional design with clear navigation and mobile optimization, supporting a good user experience.

MOTOR-EXCLUSIVE.de is a German-language online media platform specializing in automotive and motorcycle news, reviews, and service advice. The website targets automotive enthusiasts and the German-speaking market, offering regularly updated content including news articles, vehicle reviews, and motorsport coverage. The business operates under the parent company WITTMANN-MEDIA and maintains partnerships with automotive parts suppliers, supporting its content with relevant advertising and affiliate links. Technically, the website employs a modern tech stack including jQuery and Bootstrap for responsive design, with analytics provided by Google Analytics and Blogfoster Insights. Hosting is managed by 1&1 IONOS, a reputable provider. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Some external scripts are loaded over HTTP, which introduces mixed content risks. From a security perspective, the site uses HTTPS and implements a cookie consent banner compliant with GDPR. However, it lacks explicit security headers and publicly available security or incident response policies. No contact information or terms of service pages are readily visible, which may impact user trust and compliance transparency. Overall, the website presents a professional and content-rich experience with moderate security and privacy compliance. Strategic improvements in security headers, HTTPS enforcement for all resources, and enhanced transparency in contact and policy information would strengthen its security posture and user trust.

S

Smart Home News, Produkte, Projekte - SMARTHOME-on.de

smarthome-on.de

52

SMARTHOME-on.de is a German-language niche media website focused on smart home technology, home automation, and related lifestyle topics including finance and health. The site provides news articles, product reviews, and project showcases targeting German-speaking consumers interested in smart home solutions. The business model appears to rely on content publishing combined with affiliate marketing, notably through Amazon affiliate links. The website is small in scale and serves a specialized audience with consistent branding and good content quality. Technically, the site uses a custom or unknown CMS with a technology stack based on jQuery and various UI plugins for sliders and carousels. Google Analytics is used for visitor tracking. The site is served over HTTPS with moderate performance and basic mobile optimization. SEO and accessibility are basic but functional. No major technical red flags were detected. From a security perspective, the site uses HTTPS but lacks visible security headers and does not provide privacy or cookie policies, which impacts compliance and trust. No contact information or incident response details are published. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is minimal but consistent with a small niche site. Overall, the security posture is moderate but could be improved with better policies and headers. The overall risk is moderate with no critical issues detected. Strategic recommendations include publishing privacy and cookie policies, adding security headers, improving contact transparency, and enhancing mobile and accessibility features to strengthen trust and compliance.

W

WITTMANN MEDIA

unternehmen-heute.de

56

UNTERNEHMEN-HEUTE.de is a German-language online news portal operated by WITTMANN MEDIA, focusing on business, finance, technology, politics, motor industry, and environmental news. The website provides regularly updated news articles, press releases, and multimedia content targeting German-speaking professionals and the general public interested in these sectors. The business model centers on news publishing and press release distribution, supplemented by advertising and partner promotions. The site holds a niche position within the German media landscape with a small operational size. Technically, the website employs a custom or unknown CMS with a technology stack including jQuery, Google Analytics, Google Tag Manager, CookieConsent2, Google Fonts, and embedded YouTube videos. The site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but basic. The site uses multiple external resources and CDNs for fonts, scripts, and media. From a security perspective, the website uses HTTPS (assumed but not explicitly confirmed in HTML), implements a cookie consent mechanism, and includes Google site verification. However, it lacks explicit security headers such as CSP, HSTS, and X-Frame-Options, which are recommended for enhanced security. No incident response or vulnerability disclosure policies are found. The WHOIS data indicates a consistent domain registration with no privacy protection, aligning with the website operator's identity. Overall, the website is functional, professionally designed, and trustworthy for its intended audience. Security posture is moderate with room for improvement in headers and policies. Privacy compliance is basic but present. Strategic recommendations include enhancing security headers, publishing terms of service, and adding more comprehensive contact information to improve trust and compliance.

ALLRAD-NEWS.de is a German-language online news portal specializing in all-wheel drive vehicles, SUVs, and related automotive topics. The website provides news articles, vehicle reviews, press releases, and guides targeted at automotive enthusiasts and potential buyers interested in 4x4 and SUV vehicles. The business operates as a small content publisher with advertising partnerships and a niche market focus within the transportation and media sectors. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with Google Analytics for visitor tracking and a cookie consent mechanism to comply with GDPR requirements. The site is hosted on UI-DNS nameservers and uses HTTPS with a good SSL configuration. Security posture is moderate, with room for improvement in security headers and explicit incident response contact information. Privacy compliance is good, with a visible privacy policy and cookie consent banner. Overall, the website presents a professional and trustworthy appearance with consistent branding and relevant content for its target audience.

W

white label eCommerce GmbH

radiosparbox.de

63

RadioSparBox is an e-commerce platform operated by white label eCommerce GmbH, specializing in selling tickets and vouchers for a variety of entertainment and leisure activities including concerts, festivals, sports events, and restaurants. The platform targets regional customers in Germany, offering exclusive discounts up to 50%, positioning itself as a regional niche player in the entertainment e-commerce market. The website is professionally designed with clear navigation and a good user experience, supporting multiple payment methods and integrating marketing and analytics tools with user consent mechanisms.

ZEIT Akademie is a reputable digital education platform operated by the ZEIT Verlagsgruppe, offering over 80 online courses across diverse fields for private and professional learners. The platform targets knowledge seekers and professionals up to top management, providing flexible subscription models and high-quality content delivered by expert instructors. Technically, the website is built on WordPress with WooCommerce integration, hosted on DigitalOcean, and employs modern analytics and monitoring tools such as Google Analytics, Facebook Pixel, LinkedIn Insight Tag, and New Relic. The site demonstrates good SEO and mobile optimization, with a comprehensive cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and use of security best practices, though some security headers could be improved. Overall, the website is professional, trustworthy, and well-positioned in the digital education market.

Horde is a Swiss-based strategic and creative communication agency with offices in Lausanne, Zürich, Genève, and Valais. The company offers a broad range of services including design, advertising, digital strategy, motion design, and copywriting. It serves a diverse clientele including major brands such as Migros, Swiss International Air Lines, Nespresso, and Tesla, positioning itself as a reputable medium-sized agency in the Swiss media and advertising market. The website is professionally designed, multilingual, and optimized for modern web standards, reflecting a mature digital presence. Technically, the site is built on WordPress with advanced SEO and performance optimizations, leveraging tools like Yoast SEO, WP Rocket, and Google Tag Manager. Security measures include HTTPS enforcement and Google reCAPTCHA integration, though explicit security policies and cookie consent mechanisms are absent. Overall, the site demonstrates strong business credibility and technical maturity but would benefit from enhanced privacy and security disclosures.

A

Antica Terra

anticaterra.com

57

Antica Terra is a boutique winery and hospitality business based in Amity, Oregon, with a strong focus on direct-to-consumer wine sales, exclusive membership programs, and curated wine experiences. The website reflects a professional and consistent brand image targeting wine enthusiasts and mature audiences. Technically, the site is built on WordPress with integrations such as Gravity Forms, Google Analytics, Klaviyo, and Commerce7, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and contact information. Security posture is adequate with HTTPS and form CAPTCHA, but lacks advanced security headers and DNSSEC, and no privacy or cookie policies are published, which are compliance gaps. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

S

Středočeský kraj

kr-stredocesky.cz

64

Středočeský kraj is the official regional government authority for the Central Bohemian Region in the Czech Republic. The website serves as a comprehensive portal providing residents and stakeholders with access to government services, news, projects, and contact information. It targets the general public and regional entities, offering transparent and accessible information about regional administration and initiatives. The business model is public service oriented, focusing on information dissemination and citizen engagement. Technically, the website is built on the Liferay CMS platform with modern web technologies including React and Alloy UI. It integrates analytics tools such as Google Analytics and AppDynamics for performance monitoring and user behavior analysis. The site demonstrates good mobile optimization, accessibility, and SEO practices, ensuring a positive user experience across devices. From a security perspective, the site employs HTTPS with strong SSL configuration and security headers, including Content-Security-Policy with nonce support. Forms appear to be secured via the Liferay framework's built-in protections. However, there is room for improvement in cookie consent mechanisms and explicit vulnerability disclosure policies. No critical vulnerabilities or suspicious activities were detected. Overall, the website is a trustworthy and professional government portal with a strong security posture and good compliance with privacy regulations. Strategic recommendations include implementing explicit cookie consent, publishing a vulnerability disclosure policy, and enhancing incident response contact visibility to further strengthen trust and compliance.

F

Font Squirrel

fontsquirrel.com

69

Font Squirrel is a well-established online platform specializing in providing free, high-quality fonts licensed for commercial use. The website targets graphic designers, web developers, and businesses seeking legally free fonts, offering a curated selection alongside useful tools such as a webfont generator and font identifier. The business model relies primarily on advertising revenue and affiliate partnerships with paid font vendors like Fontspring and Creative Market. The site maintains a professional appearance with clear licensing and privacy policies, supporting a trustworthy user experience. Technically, the website employs modern web technologies including JavaScript, CSS, and HTML5, with integrations for Google Analytics and multiple advertising networks. The presence of a cookie consent mechanism and HTTPS enforcement indicates a mature approach to privacy and security compliance. Performance is moderate with good mobile optimization, though accessibility features are basic. No CMS or hosting provider details were explicitly detected. From a security perspective, the site benefits from HTTPS and cookie consent but lacks explicit security headers and documented incident response or vulnerability disclosure policies. No critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data reduces domain trust slightly, but the professional site content and policies support legitimacy. Advertising practices are transparent with multiple ad networks and tracking services disclosed. Overall, Font Squirrel presents a low-risk profile with strong business credibility and privacy compliance. Strategic improvements include enhancing security headers, publishing security policies, and improving accessibility. These steps would further solidify trust and compliance in an evolving regulatory landscape.