Security Directory

V

VINO-KLUB

vino-klub.cz

73

Vino-klub.cz is a Czech Republic based luxury online wine retailer specializing in wines from Czechia, Moravia, and international sources. Established in 2006, the company operates a Magento-based e-commerce platform offering thematic wine collections targeting mature wine consumers. The website demonstrates a good level of digital maturity with modern tracking and analytics tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Cookiebot for cookie consent management. SEO is enhanced by structured data (JSON-LD) and proper meta tags. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and incident response information are absent. Privacy compliance is partial, with cookie consent mechanisms present but no explicit privacy policy or terms of service found in the provided content. Overall, the site is professional and trustworthy but could improve transparency and compliance documentation.

F

FLOSMAN a.s.

flosman.cz

39

FLOSMAN a.s. is a Czech Republic-based medium-sized company specializing in wholesale food distribution and operating its own retail network including brands like Flop and Potraviny CZ. Established in 2000, it serves southern, western, and central Czech regions as well as Vysočina and southern Moravia. The website presents a professional and consistent brand image with good content quality and clear navigation. Technically, it is built on WordPress with a range of plugins and uses Google Analytics and Tag Manager for tracking. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is trustworthy and well-positioned in its market niche.

T

Tamda Foods

tamda.eu

53

Tamda Foods is a subsidiary of the TAMDA Group, operating primarily in the retail and e-commerce sectors focused on food products for Vietnamese-speaking consumers in Europe. The website presents a professional and consistent brand image with clear navigation, membership programs, and promotional campaigns. The business model revolves around retail sales, promotions, and customer engagement through membership and store locator services. Technically, the site is built on modern frameworks such as Next.js and React, with integrations for Google Tag Manager and Facebook Pixel for analytics and marketing purposes. Hosting is provided by OVH SAS, a reputable registrar and hosting provider. Security posture is adequate with HTTPS enabled but lacks explicit security headers and formal security policies. Privacy compliance is weak due to the absence of privacy and cookie policies and no visible GDPR consent mechanisms. Overall, the site is functional and professional but would benefit from enhanced security and privacy transparency.

E

e-BAAN Net s.r.o.

banan.cz

49

Banan.cz is a Czech-based small business specializing in comprehensive web services including custom website and eshop creation, webhosting, domain management, SEO, and internet marketing. The company positions itself as a full-service provider offering tailored solutions with ongoing support and content management. Their market presence is regional with a focus on small to medium enterprises seeking professional digital solutions. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, OwlCarousel, and Google Tag Manager, indicating a moderate level of digital maturity and performance optimization. The site is mobile responsive and well-structured for SEO. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security headers and published incident response or vulnerability disclosure policies. The absence of WHOIS data for the domain reduces transparency and trustworthiness, though the website content and contact information suggest legitimate business operations. Overall, the site is professional and trustworthy but would benefit from enhanced security disclosures and WHOIS transparency.

Z

Zoologická zahrada a botanický park Ostrava, p.o.

zooostrava.cz

42

Zoo Ostrava is a large, well-established zoological garden and botanical park located in the Czech Republic, serving as a major regional attraction and educational resource. The website provides comprehensive information about the zoo's animal exhibitions, botanical collections, educational programs, events, and conservation efforts. It targets families, schools, and nature enthusiasts, offering online ticket sales and an e-shop for donations and supplies. The domain age and WHOIS data confirm the legitimacy and consistency of the business presence online. Technically, the website uses a modern tech stack including jQuery, bxSlider, FancyBox, Google Tag Manager, Google Analytics, Facebook SDK, and reCAPTCHA. The site is hosted by a reputable provider and uses HTTPS, ensuring secure communication. The design is professional, mobile-optimized, and offers good navigation and content relevance. However, it lacks explicit privacy and cookie policies and does not implement a cookie consent mechanism, which are compliance gaps. From a security perspective, the site employs HTTPS and reCAPTCHA, but lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The site uses tracking and advertising services such as Google Analytics and DoubleClick, with moderate user tracking levels but limited transparency regarding data retention and privacy compliance. Overall, Zoo Ostrava's website is trustworthy, content-rich, and professionally maintained, but would benefit from enhanced privacy compliance and security header implementation to improve user trust and regulatory adherence.

A

Aller Media Denmark

aller.dk

73

Aller Media Denmark is a leading Danish media publisher specializing in magazines and weekly publications, including well-known titles such as BILLED-BLADET, SE og HØR, and Familie Journal. The company operates with a strong market position in Denmark, offering content creation, event management, and commercial partnerships. Their digital presence is built on a WordPress platform enhanced with modern front-end technologies like Bootstrap and jQuery, ensuring a responsive and user-friendly experience. The website includes comprehensive GDPR-compliant privacy and cookie policies, leveraging Cookiebot for consent management. Security posture is solid with HTTPS enforced and no critical vulnerabilities detected, though some security headers could be improved. Overall, the site reflects a mature digital infrastructure aligned with business needs and regulatory requirements.

I

Internet Info, s.r.o.

czechinternetforum.cz

56

The Czech Internet Forum website represents a well-established annual conference organized by Internet Info, s.r.o., focusing on trends and developments in the Czech online media and digital marketing sectors. The event targets professionals and stakeholders in media, marketing, and digital content creation, offering a platform for knowledge sharing and networking. The site content is rich, professionally presented, and includes detailed program schedules, speaker profiles, partner information, and registration options. Technically, the website employs modern web technologies including Google Tag Manager for analytics, Sentry for error monitoring, and popular JavaScript libraries such as jQuery, Swiper, and Fancybox. The site is mobile-optimized with good SEO practices and a cookie consent mechanism, although it lacks explicit privacy and terms of service pages. Performance is moderate with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and integrates error tracking, but lacks visible security headers and formal security policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and business presence appear legitimate. No vulnerabilities or suspicious content were detected. Overall, the site demonstrates a solid security posture but would benefit from enhanced transparency and compliance documentation. Strategically, the site is a credible and professional platform for the Czech Internet Forum event, with strong branding and industry trust signals. Recommendations include publishing privacy and terms policies, implementing security headers, adding a security.txt file, and improving accessibility to strengthen compliance and user trust.

M

Mon Restau Responsable®

monrestauresponsable.org

59

Mon Restau Responsable® is a French initiative focused on promoting sustainable and healthy collective catering through a participative and free self-assessment platform. It targets collective restaurants in schools, universities, companies, and medico-social sectors, helping them improve ecological and social practices. The website is well-positioned in the French market with over 2300 engaged restaurants and strong partnerships with recognized organizations such as FNH and Restau'Co. Technically, the site uses modern frameworks like Next.js and Chakra UI, hosted on Vercel, ensuring fast performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not published. Overall, the site is professional, trustworthy, and compliant with privacy regulations, though WHOIS data is unavailable, slightly reducing domain trust. Strategic recommendations include publishing security policies and vulnerability disclosure information to enhance trust further.

J

J'agis pour la nature, la plateforme du bénévolat nature

jagispourlanature.org

71

J'agis pour la nature is a French non-profit platform dedicated to connecting volunteers with nature protection activities. It serves as a specialized platform to facilitate environmental volunteering, positioning itself as a pioneering service in this niche. The website is built on Drupal 10 and integrates modern analytics and consent management tools, indicating a moderate level of digital maturity. However, the absence of visible privacy policies and security headers suggests room for improvement in compliance and security practices. The website content is accessible without any WAF or security challenges, and the content is safe for general audiences. Overall, the platform appears legitimate and focused on its mission, but enhancing security and privacy transparency would strengthen trust and compliance.

F

Fondation pour la Nature et l’Homme

fnh.org

73

Fondation pour la Nature et l’Homme is a well-established French non-profit foundation recognized as a public utility, dedicated to environmental awareness and ecological action. The organization operates multiple programs focused on biodiversity preservation, sustainable agriculture, responsible food consumption, and decarbonized mobility. Their digital presence is professional and content-rich, targeting a broad audience interested in ecological and social sustainability. The website supports donations with clear tax deduction information and multiple giving options, reflecting a mature fundraising model. Technically, the website is built on WordPress with modern JavaScript frameworks such as Alpine.js and HTMX, and integrates advanced analytics tools including Google Tag Manager, Microsoft Clarity, and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, with a good performance profile. Security posture is solid with HTTPS enforced and consent management implemented, though some security headers could be explicitly verified and enhanced. No WHOIS details are available due to privacy protection, which is common and justified for non-profit entities. The website shows no signs of blocking or WAF challenges, allowing full content access. Privacy and cookie policies are comprehensive and GDPR compliant, but explicit contact emails and phone numbers are not publicly listed, relying instead on contact forms and social media channels. Overall, the foundation demonstrates a strong security and compliance posture appropriate for its sector, with a trustworthy and professional online presence. Strategic improvements could focus on enhancing security header implementation and incident response visibility.

L

Le Sens Du Web

lesensduweb.com

44

Le Sens Du Web is a small, local web design and development service provider based in Ardèche, France, founded in 2014. The company offers a range of services including custom website creation, graphic design, responsive design, SEO optimization, content writing, and translation services. Additionally, it provides automated receipt mailing services for associations. The website demonstrates a professional and consistent brand presence with a clear focus on serving local businesses and associations seeking to enhance their online presence. Technically, the site is built on WordPress using the Divi theme, incorporating modern web technologies such as jQuery and Google Analytics, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled and reCAPTCHA v3 protecting the contact form, but lacks DNSSEC and security headers, and no explicit security or privacy policies are published. Overall, the site is trustworthy and functional but could improve compliance and security practices.

威

威聯通科技股份有限公司(QNAP Systems, Inc.)

qnap.com.tw

73

QNAP Systems, Inc. is a well-established technology company specializing in NAS (Network Attached Storage), networking, and smart video solutions. The company targets both individual and enterprise customers, offering a range of products including NAS/DAS storage devices, networking hardware, and cloud storage services such as myQNAPcloud Storage and Cloud NAS. The website is professionally designed with consistent branding and is primarily presented in Traditional Chinese, indicating a focus on the Taiwan market alongside international reach. The business model centers on technology product sales and cloud service offerings, positioning QNAP as an expert in its niche.

Q

Questback

questback.com

66

Questback is a well-established technology company specializing in feedback and survey solutions with over 24 years of experience. Their platform offers comprehensive feedback systems, insights dashboards, and reporting tools targeted primarily at organizations seeking to optimize their operations through data-driven feedback. The company maintains a professional online presence with consistent branding and a focus on privacy and compliance, including GDPR adherence and ISO 27001 certification. Technically, the website is built on WordPress with modern SEO and analytics integrations, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforcement and security headers, though explicit security policies and incident response information are not publicly detailed. The absence of WHOIS data introduces some uncertainty regarding domain registration legitimacy, but overall the business credibility remains high based on website content and trust signals. Strategic recommendations include enhancing transparency around security policies and domain registration details to further strengthen trust.

S

Shen Yun Zuo Pin Inc.

shenyuncreations.com

59

Shen Yun Creations operates as a specialized streaming platform offering premium performing arts content centered on Shen Yun's dance and music productions. The platform targets a culturally interested audience seeking on-demand access to traditional Chinese performing arts, masterclasses, and behind-the-scenes content. The business model is subscription-based with options for individual video purchases, positioning itself in a niche cultural media market. Technically, the website leverages modern web technologies including React and Next.js, with cloud-based media hosting and integration of Google Tag Manager for analytics. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, with a clear consent mechanism. However, the absence of WHOIS registration data raises concerns about domain legitimacy, suggesting either a new registration or privacy protection. Overall, the site is trustworthy and professional but would benefit from enhanced transparency in domain registration and additional security headers.

S

Shen Yun Performing Arts

shenyunsymphony.com

57

Shen Yun Symphony Orchestra is a cultural performing arts organization based in New York, specializing in blending traditional Chinese music with Western symphony orchestra elements. The website promotes upcoming performances and highlights the orchestra's unique artistic mission inspired by 5,000 years of Chinese civilization. The company positions itself as a niche cultural entity with a focus on live event ticket sales and cultural preservation. Technically, the website uses modern web technologies including React, Google Fonts, and multiple third-party analytics and advertising scripts. The site is mobile-optimized and well-structured but lacks visible privacy and cookie policies, which is a compliance concern. Security posture is moderate with HTTPS enabled and domain protections in place, but DNSSEC is not enabled and security headers are missing. Overall, the website is professional and trustworthy but could improve privacy compliance and security best practices.

H

HikeOrders

hikeorders.com

49

HikeOrders is a technology company specializing in cloud-based software solutions aimed at enriching businesses of all sizes. Their product portfolio includes tools for eCommerce enhancements, accessibility compliance, and trust-building solutions. The company positions itself as a niche provider with innovative and unique offerings, supported by a professional website that highlights customer logos and certifications such as the Accessibility Initiative Certificate. Technically, the website is built on WordPress, hosted on DigitalOcean, and employs modern web technologies including Bootstrap and FontAwesome. Performance and mobile optimization are good, with SEO and accessibility considerations evident. Security posture is adequate with HTTPS enforced and domain protections in place, though improvements are recommended in security headers and DNSSEC implementation. Privacy and cookie policies are present, indicating a baseline compliance with GDPR, though no explicit cookie consent mechanism is detected. Overall, the website is professional, trustworthy, and well-maintained, with a legitimacy score reflecting consistent domain registration and transparent business information.

C

Commune de Kopstal

kopstal.lu

50

The Commune de Kopstal website serves as the official digital presence for the local government of Kopstal, Luxembourg. It provides residents and visitors with comprehensive information about municipal services, news, events, publications, and administrative procedures. The site is well-structured, professionally designed, and targets local citizens and stakeholders. The business model is typical of a government entity focused on public service delivery and community engagement. Technically, the website is built on Drupal 10, leveraging modern web technologies including Tailwind CSS and Alpine.js for frontend interactivity. It integrates Piwik PRO for analytics and Usercentrics for GDPR-compliant cookie consent management, indicating a mature digital infrastructure with attention to privacy and user experience. The site is mobile-optimized and accessible, with good SEO practices. From a security standpoint, the site enforces HTTPS and implements cookie consent mechanisms. However, there is a lack of visible security headers and no published security or incident response policies, which are areas for improvement. The absence of WHOIS data due to a failed query reduces domain registration transparency, though the official .lu domain and consistent branding support legitimacy. Overall, the website is a reliable and professional government portal with strong content and technical foundations but could enhance its security posture and transparency regarding domain registration and privacy policies.

A

A World For Us

skills.hr

72

Skills.hr is a French marketplace platform specializing in professional training programs, aggregating over 120,000 offers from more than 5,500 providers. It serves professionals and individuals seeking to enhance their skills and advance their careers. The platform emphasizes transparency by providing detailed program data, including satisfaction ratings and testimonials, and offers clear financing options. The website is part of a broader ecosystem including related projects such as Skills Mag and Digiforma, enhancing its market presence. Technically, the website leverages modern web technologies including Phoenix LiveView, JavaScript, and integrates security measures like hCaptcha and Google Tag Manager. Hosting is provided via Amazon AWS, ensuring reliable infrastructure. The site demonstrates good SEO practices and mobile optimization, though accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses bot protection mechanisms. However, it lacks explicit security policies and incident response contacts. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, Skills.hr presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in security transparency and accessibility would further enhance its posture and user trust.

D

Digiforma Certif

digiforma-certif.com

61

Digiforma Certif is a French company specializing in software solutions for managing RNCP and RS certifications, primarily serving training organizations and certification bodies. The company positions itself as a key player in the French educational certification software market, offering SaaS-based tools to streamline compliance and training management. The website is professionally designed, mobile-optimized, and provides comprehensive information about its services and certifications. Technically, the site is built on WordPress with Elementor, leveraging modern libraries and SEO tools, and includes standard security measures such as HTTPS and reCAPTCHA. However, the absence of WHOIS registration data raises concerns about domain legitimacy, which should be further investigated. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the site demonstrates a mature digital presence with moderate security posture and good business credibility.

D

Outil de veille sur la formation dédié aux OF - Digiforma Veille

digiforma-veille.com

57

Digiforma Veille operates a specialized monitoring tool dedicated to training organizations, focusing on providing relevant information and updates in the education sector. The website is built on WordPress with Elementor, integrating modern technologies such as Google Tag Manager, Cookiebot for cookie consent, and reCAPTCHA for bot protection. The site demonstrates good design quality, mobile optimization, and SEO practices, making it accessible and user-friendly for its target audience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Security measures are adequate with HTTPS and bot protection, but the lack of explicit privacy policies and contact information limits compliance and user trust. Overall, the site is safe and professional but would benefit from enhanced transparency and security documentation.

A

A world for us

aworldforus.com

57

A World For Us is a French company established since 2009, specializing in digital solutions for the professional training sector. Their portfolio includes a comprehensive ecosystem of integrated software products such as Digiforma, Digiformag, and certification management tools, serving over 5500 clients and a growing community. The company positions itself as a leader in digital transformation for training organizations, offering tools that simplify administrative, compliance, and e-learning processes. The website reflects a mature digital presence with professional branding, multilingual support, and active community engagement.

Digiformag is a French online magazine specializing in professional training, targeting training organizations and professionals in the education sector. It offers news, articles, and a community platform called OF Connect, positioning itself as a reference source in its niche. The website is well-structured, professionally designed, and optimized for SEO and mobile devices, reflecting a mature digital presence. Technically, it is built on WordPress with Elementor and uses modern tools such as Yoast SEO, WP Rocket, and various analytics and tracking services including Google Analytics, Hotjar, and Facebook Pixel. Security-wise, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security policies or incident response contacts. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, although the website content and branding suggest a legitimate business. Overall, Digiformag demonstrates a solid business and technical foundation with room for improvement in security transparency and domain registration clarity.

D

Digiforma

digiforma.com

62

Digiforma is a French company founded in 2016 specializing in SaaS software solutions for training management targeted at training organizations and centers. Their platform facilitates administrative document management including training agreements, programs, evaluations, and attendance tracking. The website demonstrates a mature digital presence with professional design, strong SEO, and multi-language support. The technical infrastructure is based on WordPress with Elementor and Gravity Forms, integrated with modern analytics and marketing tools such as Google Tag Manager, Cookiebot for GDPR compliance, and Plausible Analytics for privacy-focused tracking. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, although explicit incident response and vulnerability disclosure information is absent. The domain WHOIS data is unavailable, which slightly reduces trustworthiness but the overall business credibility remains high based on content and structured data.

P

PushOwl

pushowl.com

67

PushOwl is a SaaS company providing an omnichannel marketing platform for Shopify merchants, integrating email, SMS, and push notifications to help e-commerce stores increase sales and customer engagement. The website is professionally designed using Webflow and integrates multiple modern marketing and analytics tools such as Google Analytics, Facebook Pixel, and Microsoft Clarity. The technical infrastructure reflects a mature digital presence with good mobile optimization and accessibility. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and compliance. Security posture is moderate with HTTPS usage but missing explicit security headers and vulnerability disclosure information. Overall, the website is trustworthy and well-positioned in the e-commerce marketing sector but would benefit from enhanced compliance and security disclosures.

S

SOARE SEKT a.s.

muchasekt.cz

49

Mucha Sekt is a Czech-based producer and retailer of premium sparkling wines inspired by the art of Alfons Mucha. The company operates a well-designed, modern website built on Nuxt.js, showcasing a diverse product portfolio including Brut, Demi Sec, Rosé, Ice variants, and Prosecco. Their market presence is supported by distribution through major Czech retail chains and online platforms. The website demonstrates a mature digital infrastructure with mobile optimization, modern JavaScript frameworks, and integrated marketing tools such as Google Tag Manager and Facebook Pixel. Security measures include HTTPS enforcement and an age verification popup to restrict underage access, reflecting compliance with alcohol sales regulations. However, the absence of explicit privacy policy and terms of service pages indicates areas for compliance improvement. Overall, the website and domain registration data reflect a legitimate, stable business with a strong brand identity and good technical implementation.

N

Nux s.r.o.

nux.cz

69

Nux s.r.o. is a Czech technology company specializing in web development, online office solutions, and comprehensive internet consulting services. Established in 2004, the company has a solid market presence in the Czech Republic, targeting businesses and organizations seeking tailored digital solutions. Their offerings include custom software development, e-learning platforms, client portals, e-commerce solutions, and communication tools such as Mattermost and Jitsi. The website reflects a professional and consistent brand image with clear service descriptions and client references. Technically, the website employs modern technologies including Tailwind CSS, Google Tag Manager, and Google reCAPTCHA, indicating a mature digital infrastructure. The site is mobile-optimized and demonstrates good SEO practices, although accessibility features could be enhanced. The CMS used is a proprietary or custom system (cms1.nux.cz), and the site is served over HTTPS with a good SSL configuration. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate automated abuse. However, explicit security headers are not evident, and there is no published security policy or incident response contact information. Cookie consent is implemented, supporting GDPR compliance, but no explicit privacy policy or terms of service were found on the main page. The WHOIS data confirms the domain's legitimacy and long-term registration consistent with the company's history. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic improvements include publishing comprehensive privacy and security policies, enhancing accessibility, and implementing additional security headers to strengthen the security posture.

G

Gastonchilli

gastonchilli.cz

56

Gastonchilli.cz is a specialized e-commerce website focused on selling high-quality, handcrafted chilli products including sauces, mustards, pyres, pickled and dried peppers, and gift boxes. The company targets chilli enthusiasts primarily in the Czech Republic and Slovakia, offering unique and award-winning products such as those recognized by the Great Taste awards. The website is built on the Shoptet platform, leveraging modern marketing and analytics tools like Google Analytics 4 and Facebook SDK, with a clear cookie consent mechanism ensuring GDPR compliance. Despite the lack of publicly available WHOIS data, the site presents a professional and trustworthy front with good security practices including HTTPS and CSRF protection on forms.

R

Rodinné vinařství Skoupil

skoupil.com

50

Rodinné vinařství Skoupil is a well-established family winery based in Velké Bílovice, Czech Republic, with a history dating back to 1992. The company specializes in producing high-quality Czech wines, managing 23 hectares of vineyards, and offering approximately 150,000 bottles annually. Their business model extends beyond wine production to include hospitality services such as a family pension, restaurant, wine cellar, and event hosting including weddings and corporate events. The website reflects a professional and consistent brand image with comprehensive service offerings and a user-friendly e-commerce platform.

C

Convertim s.r.o.

convertim.com

62

Convertim s.r.o. operates a specialized SaaS platform focused on optimizing e-commerce checkout processes to increase sales and conversion rates. Their service offers one-click checkout, passwordless authentication via SMS PIN, and seamless integration with carriers and payment gateways, targeting online retailers seeking to improve user experience and cross-border sales. The website is professionally designed, multilingual, and leverages modern web technologies such as Webflow, Google Tag Manager, and Weglot for translation. Security measures include HTTPS enforcement and Google reCAPTCHA on forms, alongside a cookie consent mechanism compliant with GDPR. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the active business presence and social media profiles provide mitigating trust signals. No explicit security policy or incident response information is published, indicating room for improvement in transparency and security posture.

N

Nadační fond IOCB Tech

nf-iocbtech.cz

51

Nadační fond IOCB Tech is a Czech non-profit foundation established in 2022 focused on supporting scientific research, popularization of science, and technology transfer. The foundation aims to enhance the development of science and its practical applications, targeting scientists, researchers, students, and the general public interested in science. The website reflects a professional and consistent brand presence with clear communication of its mission and activities. Technically, the website employs modern JavaScript libraries such as Google Analytics, Google Tag Manager, and ScrollMagic, with responsive design elements likely based on Bootstrap. Hosting and domain registration are consistent with the Czech Republic location. The site performs moderately well with good mobile optimization and basic accessibility features, though SEO and accessibility could be improved. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers and formal privacy or cookie policies, which are important for GDPR compliance. No forms or sensitive data collection points were detected, reducing immediate risk exposure. Social media integration is present but tracking practices are moderate and could benefit from enhanced transparency. Overall, the website is trustworthy and professionally maintained but would benefit from adding privacy and cookie policies, security headers, and incident response information to improve compliance and security posture. These improvements would enhance user trust and regulatory adherence.

Č

Česká centra

czechcentres.cz

55

Česká centra is the official governmental organization responsible for promoting Czech culture worldwide through a network of cultural centers abroad. The website serves as a comprehensive portal for information about their international branches, cultural events, projects, and media resources. It targets international audiences interested in Czech culture, including partners, media, and the general public. The organization holds a strong market position as the official cultural representation of the Czech Republic abroad. Technically, the website employs modern web technologies including Google Analytics, Google Tag Manager, Facebook Pixel, Vimeo for video content, and Algolia for search functionality. The CMS appears to be Statamic, and the site is well-optimized for mobile devices with good SEO and accessibility features. Performance is moderate with asynchronous loading of scripts to enhance user experience. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, indicating good privacy compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible and could be improved. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is notable but likely due to registry policies for government domains. Overall, the site demonstrates a strong security posture with room for minor improvements. The overall risk assessment is low, with the website appearing trustworthy, professional, and compliant with GDPR. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility. The site is a reliable digital asset for the Czech government's cultural diplomacy efforts.

A

ARCHA+

archa-plus.cz

58

ARCHA+ is a multifunctional cultural space operating since 2024 in the premises of the original Divadlo Archa in Prague. The organization offers a diverse program of contemporary arts including music, theater, and dance, targeting a broad audience interested in cultural events. Supported by municipal and governmental bodies, ARCHA+ positions itself as a key cultural institution in Prague with a focus on education and community engagement. Technically, the website employs modern front-end technologies such as Bootstrap, jQuery, Vue.js, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing, all implemented with GDPR-compliant consent mechanisms. Security posture is solid with HTTPS and cookie consent, though some security headers and explicit policies could be improved. Overall, the site is professional, trustworthy, and well-optimized for users.

C

Culture for Future

cultureforfuture.cz

54

Culture for Future is a recently established non-profit platform based in the Czech Republic, dedicated to supporting artists and creatives in addressing climate change through their work. The website content is primarily in Czech and focuses on ecological and cultural themes, targeting artists and environmentally conscious individuals. The platform appears to be in its early stages, with a domain registered in December 2023. Technically, the website uses modern web technologies including Bootstrap and Google Tag Manager for analytics. However, there is a lack of comprehensive privacy and cookie policies, and no explicit contact information or security policies are present. The security posture is basic, with no detected security headers and limited compliance indicators. Overall, the site is functional and professionally designed but requires improvements in privacy compliance and security best practices.

L

LAKUTOTO

journallactionregionale.com

60

LAKUTOTO operates as an online gambling platform specializing in toto and togel services, offering access to multiple trusted toto sites and Bandar Toto Macau with attractive bonuses. The website targets online lottery players seeking secure and rewarding gambling experiences. Technically, the site is built on the Squarespace CMS platform, leveraging common marketing and analytics tools such as Google Analytics, Facebook Pixel, and HubSpot. The infrastructure is moderate in performance with good mobile optimization but lacks advanced security headers and cookie consent mechanisms, which impacts privacy compliance. Security posture is basic with HTTPS enabled but missing DNSSEC and security headers. Overall, the domain registration is consistent and legitimate, supporting the business claims. However, the use of suspicious external domains for login and registration links raises some concerns. Strategic improvements in security policies, privacy compliance, and transparency are recommended to enhance trust and regulatory adherence.

A

Appvizer

appvizer.fr

60

Appvizer is a French-based media and software comparison platform specializing in professional SaaS tools. It leverages AI to recommend suitable software solutions to businesses and professionals, supported by expert content and thousands of user reviews. The platform is well-positioned in the French-speaking market with localized versions in multiple languages, indicating a broad international reach. Technically, the website uses modern frameworks such as React and Astro, integrates analytics tools like Google Tag Manager and Microsoft Clarity, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS enforced and secure form handling, though explicit security headers and policies could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. Overall, the site is professional, trustworthy, and business-focused, with no signs of malicious activity or content blocking.

P

Partner & Co

semence-biologique.fr

39

SemBio, operated by Partner & Co, is a French e-commerce business specializing in the sale of certified organic seeds and seed mixtures for agricultural use. The website targets French-speaking agricultural professionals and organic farmers, offering a range of products including pure seeds and specialized blends for various farming sectors. The company positions itself as a niche supplier within the organic agriculture retail market in France. Technically, the website is built on WordPress with WooCommerce and Elementor, leveraging modern web technologies and SEO best practices. It integrates marketing and analytics tools such as Google Analytics, Google Tag Manager, and Sendinblue for newsletter and marketing automation. Security-wise, the site enforces HTTPS, implements cookie consent mechanisms, and uses security headers, reflecting a good security posture. However, it lacks a publicly available security policy or incident response contact information. The domain WHOIS data is privacy protected, which is common and justified for this business type. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, with room for improvement in security transparency and accessibility.

A

Aqua-Techniques

aqua-techniques.fr

59

Aqua-Techniques is a French retailer specializing in ecological water treatment and filtration solutions, distributing exclusive brands such as Doulton, British Berkefeld, and Sprite Showers. The company targets environmentally conscious consumers seeking water purification products for domestic use. Their website is built on the Oxatis e-commerce platform with AngularJS frontend, integrating modern marketing and analytics tools like Google Tag Manager and Google Analytics. The site is well-structured, mobile-optimized, and provides clear contact information including a dedicated phone number and contact page. Security posture is adequate with HTTPS and secure payment indicators, though some security headers and explicit policies could be improved. WHOIS data is unavailable, limiting domain legitimacy verification, but the website content and business presentation appear professional and trustworthy. Overall, Aqua-Techniques demonstrates a solid digital presence with room for enhanced security and compliance transparency.

A

Amasty

amasty.com

76

Amasty is a well-established Magento 2 extension developer and ecommerce service provider with over a decade of market presence. The company offers a broad portfolio of Magento 2 Hyva-compatible plugins and professional development services aimed at improving ecommerce store performance and functionality. Their market position is strong within the Magento ecosystem, targeting ecommerce businesses and developers seeking reliable Magento solutions. Technically, the website demonstrates modern frontend technologies including Alpine.js and Hyvä UI, with Cloudflare DNS and CDN services ensuring performance and security. The site is mobile-optimized, SEO-friendly, and provides a smooth user experience. Security posture is solid with HTTPS, domain transfer protection, and no visible vulnerabilities, although DNSSEC is not enabled and explicit security policies are not published. Overall, the website is professional, trustworthy, and compliant with privacy regulations, including GDPR. Recommendations include enabling DNSSEC, publishing security policies, and adding a vulnerability disclosure page to enhance transparency and security readiness.

F

Film at Lincoln Center

filmlinc.org

63

Film at Lincoln Center (FLC) is a well-established nonprofit organization founded in 1969 dedicated to celebrating cinema as an essential art form and fostering a vibrant film culture. The organization operates a professional website that provides detailed information about film screenings, festivals such as the New York Film Festival (NYFF), membership programs, and cultural events. The site targets cinema enthusiasts and the broader film community, offering ticket sales and membership benefits to sustain its nonprofit mission. Technically, the website leverages modern web technologies including React and Next.js frameworks, hosted likely on Vercel with Cloudflare CDN for performance and security. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured data enhancing discoverability. Security best practices are observed with HTTPS enforcement and multiple security headers, and privacy compliance is supported by clear privacy and cookie policies with consent mechanisms. The security posture is strong with no visible vulnerabilities or exposed sensitive data. However, the WHOIS data is unavailable due to a malformed response, which limits domain registration insights. Despite this, the website's professional presentation, consistent branding, and presence of trust indicators support its legitimacy. No WAF or blocking mechanisms were detected, allowing full content access. Overall, FLC's website represents a mature digital presence for a nonprofit cultural institution with strong security and privacy practices. Strategic recommendations include publishing a vulnerability disclosure policy and incident response contacts to further enhance trust and security transparency.

I

Institut français de Prague

festivalff.cz

40

The website www.festivalff.cz represents the 28th Festival francouzského filmu (French Film Festival) organized by the Institut français de Prague. It serves as a cultural platform promoting French cinema in the Czech Republic, featuring film screenings, premieres, tributes, and regional events. The site targets film enthusiasts and the general public interested in French culture. Technically, the site uses a traditional web stack with jQuery and integrates multiple third-party tracking tools such as Google Tag Manager and Facebook Pixel. The website is mobile-optimized and offers good user experience with clear navigation and professional content presentation. Security-wise, the site enforces HTTPS and uses asynchronous loading for tracking scripts but lacks advanced security headers and privacy/cookie policies, which are compliance gaps. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency, though the affiliation with a reputable cultural institute mitigates trust issues. Overall, the site is functional, professional, and trustworthy but would benefit from improved privacy compliance and security hardening.

C

Czech Film Center

filmcenter.cz

53

Czech Film Center is a government-affiliated organization dedicated to promoting Czech audiovisual production globally. It serves as a key resource for film industry professionals, providing information on films, filmmakers, festivals, and industry news. The website is professionally designed with consistent branding and clear navigation, targeting the international film community and industry stakeholders. Technically, the site employs a modern JavaScript stack including jQuery, Bootstrap, and Google services, ensuring a good user experience with moderate performance and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA integration, though it lacks some advanced security headers and explicit security policies. Privacy compliance is strong, featuring a comprehensive privacy policy and a granular cookie consent mechanism. The absence of WHOIS data reduces domain trust assessment, but the official affiliations and content quality support legitimacy. Overall, the site is a reliable and professional platform for Czech film promotion.

Č

Česká filmová a televizní akademie, z.s.

filmovaakademie.cz

51

Česká filmová a televizní akademie (ČFTA) is a prominent Czech non-profit organization dedicated to promoting Czech film and television culture. It organizes the prestigious Český lev awards and provides online access to awarded and nominated films, targeting film professionals, students, and enthusiasts. The website reflects a well-structured and professionally maintained platform with consistent branding and relevant content. Technically, the site employs established JavaScript libraries such as jQuery and integrates Google Analytics and Tag Manager for visitor tracking. While the site is mobile-optimized and SEO-friendly, some technologies like jQuery are outdated, which could pose security risks. Security posture is moderate with HTTPS enabled and cookie consent mechanisms in place, but lacks visible security headers and published incident response policies. The absence of WHOIS data limits domain trust assessment, though the website content and business information appear legitimate and professional. Overall, the site is safe for general audiences and maintains good privacy compliance with comprehensive policies.

T

Ticketware SE

cinemaware.eu

39

Ticketware SE operates a specialized ticket sales software platform targeting cultural institutions such as cinemas, theaters, museums, and cultural centers primarily in Slovakia and the Czech Republic. The company offers an integrated solution for online ticket sales, seat reservations, ticket printing, and entry control, serving over 450 clients with monthly sales exceeding one million tickets. The website reflects a professional business presence with clear branding and relevant content tailored to its target audience. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, Facebook SDK, and Google reCAPTCHA v3 for bot protection. The site is mobile optimized and uses HTTPS with a good SSL configuration. However, it lacks some security headers and explicit privacy and cookie policies, which are important for compliance and user trust. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and CAPTCHA integration but misses formal security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or suspicious patterns were detected. The WHOIS data aligns well with the website’s business claims, supporting legitimacy. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance and security policy transparency to improve user trust and regulatory adherence.

M

Město Kutná Hora

kutnahora.cz

64

Město Kutná Hora operates an official municipal information portal serving citizens, entrepreneurs, and tourists. The website provides comprehensive information about city administration, cultural events, tourism, and local services. It holds a strong market position as the authoritative source for Kutná Hora city information, leveraging official branding and UNESCO heritage association. The portal supports multiple languages and integrates social media channels to enhance engagement. Technically, the website employs a modern frontend stack including Bootstrap, jQuery, and various JavaScript libraries for UI components and analytics. The CMS identified is Marwel, a specialized platform. The site is mobile optimized with good SEO and accessibility features, though some improvements in security headers and incident response transparency are recommended. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with GDPR-aligned cookie management and privacy policy presence. Overall, the website is a trustworthy, well-maintained municipal portal with moderate technical sophistication and good user experience. The absence of WHOIS data slightly reduces domain trust but does not detract from the legitimacy of the site. Strategic improvements in security policy publication and header implementation would enhance the security posture further.

Divadlo na Vinohradech is a prominent repertory drama theatre located in Prague, Czech Republic, with a rich history dating back to the early 20th century. The theatre offers a wide range of Czech and international plays, focusing on quality dramatic works and strong storytelling. It serves a general audience interested in cultural and theatrical experiences, providing ticket sales, subscriptions, club memberships, and gift vouchers as part of its business model. The website reflects a well-established cultural institution with consistent branding and professional content.

M

Městský úřad Brandýs nad Labem-Stará Boleslav

brandysko.cz

49

The website brandysko.cz serves as the official online presence of the municipal government of Brandýs nad Labem-Stará Boleslav, Czech Republic. It provides comprehensive information about the city, its administration, public services, cultural events, and community resources. The site targets local residents, visitors, and stakeholders seeking municipal information and services. The business model is focused on public service delivery and information dissemination, positioning itself as a trusted and authoritative source for the local community. Technically, the website is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics and Google Tag Manager for visitor analytics, with a clear cookie consent mechanism in place to comply with GDPR. The site is mobile-optimized and accessible, with good SEO practices and clear navigation. From a security perspective, the site enforces HTTPS and manages cookie consent effectively. However, it lacks explicit security headers and a published security policy or incident response information. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing registration consistent with a municipal entity. Overall, the website demonstrates a solid security posture and compliance with privacy regulations, providing a professional and trustworthy user experience. Strategic improvements could include enhancing security headers, publishing a security policy, and adding vulnerability disclosure mechanisms to further strengthen trust and resilience.

Z

Zámek Zruč nad Sázavou

zamek-zruc.cz

56

Zámek Zruč nad Sázavou is a cultural and historical site located in the Czech Republic, offering castle tours, exhibitions, cultural events, and visitor experiences primarily targeting tourists, families, and school groups. The website presents a professional and well-structured digital presence with good content quality and clear navigation. The technical infrastructure includes modern web technologies such as HTTPS, Google Analytics, Facebook Pixel, and a CMS platform called Solidpixels, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement by adding security headers and formal security policies. The absence of WHOIS data limits domain trust verification, but the website's content and external references support its legitimacy as a cultural institution. Overall, the site is safe, family-friendly, and compliant with privacy regulations.

Divadlo v Celetné is a cultural and theatrical venue based in Prague, Czech Republic, offering a variety of theatrical performances and cultural events. The website serves as an information and ticketing portal for visitors and theatre enthusiasts, showcasing upcoming programs, news, and partner collaborations. The business operates primarily as a local cultural institution with a focus on community engagement and arts promotion. Technically, the website is built on WordPress 6.8.3, utilizing common web technologies such as jQuery and FontAwesome. It integrates multiple analytics and marketing tools including Google Analytics, Google Tag Manager, Hotjar, and Facebook Pixel, indicating a moderate level of digital maturity. The site is mobile-optimized with good navigation and content quality, though accessibility features are basic. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data in its HTML content. However, it lacks visible security headers and publicly available privacy or cookie policies, which are important for GDPR compliance and user trust. The absence of WHOIS data limits domain legitimacy verification, though the presence of official partner logos and active social media accounts supports its authenticity. Overall, the website presents a professional and trustworthy front for a small cultural institution but would benefit from enhanced privacy compliance, improved security headers, and transparency in domain registration to strengthen its security posture and user trust.

P

PaS de Theatre s.r.o.

shakespearova.cz

43

The website represents PaS de Theatre s.r.o., a small cultural event organizer specializing in Shakespeare festivals in Ostrava and other Czech and Slovak cities. It offers event information, ticket sales via Ticketmaster, and audience engagement through newsletters and social media. The site is professionally designed with consistent branding and clear navigation, targeting a general audience interested in theatrical performances. Technically, it employs modern web technologies including Google Analytics, Facebook SDK, and Bootstrap, ensuring good mobile optimization and SEO. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks explicit security policies or incident response contacts. The absence of WHOIS data due to privacy protection is justified given the business type and does not detract from the site's legitimacy. Overall, the site is trustworthy and well-maintained, serving its niche effectively.

P

PPF a.s.

ppf.cz

72

PPF Group is a well-established international investment group founded in 1991 in the Czech Republic, operating in 25 countries across Europe, North America, and Asia. The company manages a diversified portfolio spanning telecommunications, media, financial services, e-commerce, real estate, biotechnology, and mobility sectors. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content targeting investors, partners, and the public. Technically, the site uses modern frameworks such as Next.js and React, supported by DatoCMS, and integrates Google Tag Manager and reCAPTCHA Enterprise for analytics and security. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not publicly disclosed. The domain WHOIS data is privacy protected, consistent with European domain registration norms, and the website content aligns with the company's stated business profile. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.