Security Directory

Č

Česká asociace farmaceutických firem

caff.eu

50

Česká asociace farmaceutických firem (ČAFF) is a professional industry association representing pharmaceutical companies in the Czech Republic, focusing on generics, biosimilars, and value-added medicines. The organization serves as a key advocate and information hub for its members and stakeholders, maintaining strong ties with European pharmaceutical bodies such as Medicines for Europe. The website reflects a medium-sized organization with a clear focus on healthcare industry stakeholders, providing member services, certification, and public information. The content is primarily in Czech with some English support, targeting industry professionals, media, and members.

E

Economist Impact

economistimpact.com

66

Economist Impact is a specialized division of The Economist Group focused on partnering with corporations, foundations, NGOs, and governments to drive change in key global themes such as sustainability, health, and globalisation. The organization leverages a combination of independent research, bespoke content creation, advertising, sponsorship, and large-scale events to influence policy and business decisions worldwide. The website reflects a mature digital presence with professional design, clear navigation, and multimedia content that supports its mission. Technically, the site is built on modern web frameworks including React and Next.js, uses Contentful as a CMS, and integrates advanced monitoring and analytics tools such as New Relic. The presence of a consent management platform indicates attention to privacy compliance, particularly GDPR. Performance and mobile optimization are strong, contributing to a positive user experience. From a security perspective, the site uses HTTPS and monitoring tools but lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or suspicious elements were detected in the content or scripts. The WHOIS data for the subdomain is not publicly available, which is typical for subdomains, and the domain is strongly associated with the reputable Economist brand. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and providing vulnerability disclosure information to further strengthen trust and compliance.

L

Loblaw Companies Ltd.

loblaw.ca

66

Loblaw Companies Ltd. is a leading Canadian retail company specializing in grocery, health, beauty, financial services, and fashion. The website showcases a comprehensive portfolio of brands and services aimed at serving Canadian consumers with a focus on affordability, health, and lifestyle. The company operates an extensive network of stores and subsidiaries, positioning itself as a dominant player in the Canadian retail market. Technically, the website is built on modern web technologies including React and Next.js, with integrations for analytics and authentication such as Google Analytics, Google Tag Manager, and Okta. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs multiple security headers, and uses secure authentication mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, supporting strong privacy practices. Overall, the website presents a professional, trustworthy, and secure digital presence for Loblaw Companies Ltd. The lack of WHOIS data is attributed to privacy protection, which is justified for a large enterprise. Strategic recommendations include publishing a vulnerability disclosure policy and enhancing incident response transparency to further strengthen security posture.

Rek.ai, operated by Sandskogen AI Aktiebolag, is a Swedish technology company specializing in artificial intelligence solutions for website personalization. Founded in 2018, the company targets businesses seeking to enhance user experience through AI-driven personalized content and analytics. Their market position is that of a niche AI personalization provider primarily serving the Scandinavian region. The website reflects a modern technical infrastructure built on React and Next.js frameworks, with Cloudflare DNS services and Cookiebot for privacy compliance. The site is professionally designed, mobile-optimized, and provides clear navigation and business-focused content. Security posture is solid with HTTPS enforced and domain transfer protections, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is supported by a comprehensive cookie consent mechanism, but lacks a dedicated privacy policy or terms of service pages. Contact information is available via a contact page but lacks direct emails or phone numbers in the visible content. Overall, the website is trustworthy, business-oriented, and safe for general audiences.

Rivile is a well-established Lithuanian software company specializing in accounting and business management solutions, including cloud-based ERP and desktop applications. The company targets businesses in Lithuania, offering modular software products that cover a wide range of business needs such as payroll, POS, and document digitization. Their market position is strong, supported by over 20 years of operation and a large client base. Technically, the website is built on modern frameworks like Next.js and React, with good performance and mobile optimization. Security measures include HTTPS, Google reCAPTCHA, and a comprehensive cookie consent mechanism, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates professionalism, compliance with GDPR, and a trustworthy digital presence.

R

Revolut

revolut.com

73

Revolut is a leading global fintech company providing a comprehensive suite of financial services including personal and business accounts, international money transfers, currency exchange, savings, investments, cryptocurrency, and insurance products. With over 65 million customers worldwide and strong regulatory authorizations from the UK's Financial Conduct Authority, Revolut holds a significant market position in the digital banking and fintech space. The website reflects a mature digital presence with excellent content quality, user experience, and mobile optimization. Technically, the website leverages modern web technologies such as React and Next.js, delivering fast performance and strong SEO optimization. Security measures are robust, including HTTPS enforcement and multiple security headers, alongside a proactive fraud detection team and a responsible disclosure program. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR adherence is evident. Overall, Revolut demonstrates a strong security posture with no critical vulnerabilities detected. The absence of WHOIS data is likely due to privacy protection, which is common for fintech companies to mitigate spam and abuse risks. The website is trustworthy, professional, and well-aligned with industry best practices, making it a reliable platform for financial services users.

M

MEDDI hub a.s.

meddi.com

65

MEDDI hub a.s. operates a telemedicine platform that enables patients and healthcare professionals to connect securely via calls, video calls, and chat. The platform supports multiple devices and languages, offering services such as online consultations, prescriptions, confirmations, and second opinions. The company holds partnerships with reputable medical institutions and maintains ISO 27001 certification, underscoring its commitment to security and compliance. The website is professionally designed, mobile-optimized, and provides comprehensive privacy and cookie policies with consent mechanisms. Technically, the site uses modern frameworks like Next.js and React, integrates Google Tag Manager for analytics, and enforces HTTPS with strong encryption practices. While WHOIS data is unavailable, the overall trust indicators and business presence suggest legitimacy. Security posture is strong, though improvements in publishing explicit security headers and incident response contacts are recommended.

O

Okredo

okredo.com

64

Okredo is a specialized business data provider focusing on delivering company ratings, credit limits, corporate values, and financial indicators to support business growth. The company targets businesses seeking reliable credit and financial insights primarily in Lithuania and selected European countries. Their market position is that of a niche data-as-a-service provider with a clear focus on financial data and credit risk management. The website is built on modern technologies including Next.js and React, integrating secure payment processing via Stripe and comprehensive cookie consent management through Cookiebot. The technical infrastructure reflects a mature digital presence with fast performance and good mobile optimization. Security posture is strong with HTTPS enforcement, security headers, and no visible vulnerabilities. Privacy compliance is well addressed with GDPR-aligned cookie consent and a comprehensive privacy policy hosted by Cookiebot. However, the site lacks explicit terms of service and security policy pages, and no direct contact information is provided on the main page, which could be improved to enhance business credibility. Overall, the website is professional, trustworthy, and well-structured, supporting Okredo's business objectives effectively.

J

Jackpotpiraten

jackpotpiraten.de

72

Jackpotpiraten is a German online slot gaming platform specializing in legal PayPal-based slot games such as Merkur and Novoline. The website positions itself as a trusted and legal online casino alternative, offering promotions like free spins with low deposit requirements. Technically, the site is built on modern frameworks like Next.js and React, leveraging Cloudflare for DNS and CDN services, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit privacy and terms of service documents are not found in the provided content. No WAF or blocking mechanisms interfere with content access. Overall, the platform targets adult German users interested in online gambling, maintaining a professional and consistent brand presence.

C

CaptchaFox

captchafox.com

52

CaptchaFox is a Germany-based technology company specializing in GDPR-compliant captcha and bot protection services for websites and mobile applications. Founded in 2020, it positions itself as a privacy-first alternative in the bot mitigation market, emphasizing compliance with European data protection standards and adaptive bot detection technologies. The website reflects a professional SaaS business model targeting companies seeking to protect their digital assets from malicious bot traffic while maintaining user privacy. Technically, the website is built using modern frameworks such as Next.js and React, hosted on bunny.net, and optimized for performance and accessibility. The site demonstrates good SEO practices and mobile responsiveness, with rich SVG graphics and structured data enhancing its digital maturity. However, explicit privacy and cookie policies are not directly found in the provided content, which could be improved to enhance transparency. From a security perspective, the site uses HTTPS and has domain transfer protections in place. There is no evidence of security.txt or vulnerability disclosure mechanisms, and security headers are not detected in the provided data. The absence of explicit contact information and security policies suggests areas for improvement in incident response readiness and user trust. Overall, CaptchaFox presents a credible and professional online presence with a strong focus on privacy and compliance. Strategic enhancements in policy disclosures, security headers, and contact transparency would further strengthen its security posture and compliance standing.

E

Euroleague Basketball

euroleaguebasketball.net

66

Euroleague Basketball operates as the official digital platform for the Euroleague basketball competitions, providing comprehensive media coverage including live matches, news, statistics, video highlights, and fan engagement features such as fantasy challenges. The website is well-designed, mobile-optimized, and uses modern web technologies like Next.js and React, hosted likely on Vercel. The platform integrates multiple advertising and analytics services, indicating a mature digital marketing strategy. Security posture is generally good with HTTPS enforced, but lacks explicit security headers and visible privacy/legal policies, which are areas for improvement. The WHOIS data is missing or inaccessible, which raises some concerns about domain registration transparency, though the website content and branding appear professional and trustworthy. Overall, the site serves a specialized audience of basketball fans and stakeholders in European basketball with high-quality content and user experience.

W

Wines from Czech Republic

wineofczechrepublic.cz

63

The website www.vinazmoravyvinazcech.cz serves as a regional informational and promotional platform focused on wines from the Moravia and Bohemia regions of the Czech Republic. It targets wine enthusiasts, tourists, and consumers interested in Czech wines, offering details about wine varieties, events, and related content. The site uses modern web technologies such as React and Next.js, providing a good user experience with responsive design and clear navigation. However, the absence of WHOIS registration data and lack of visible privacy, cookie, and contact policies reduce its trustworthiness from a security and compliance perspective. No security headers or SSL configuration details were available, and no explicit security or incident response contacts were found. Overall, the site is functional and informative but would benefit from enhanced transparency and security practices.

The Technical University of Košice (TUKE) is a well-established public university in Slovakia, offering a broad range of higher education and research programs in innovative technical fields. The website reflects a strong market position as a leading educational institution with a large student body and international collaborations, including Erasmus+ and the Ulysseus European University alliance. The digital presence is modern, leveraging Next.js and React technologies, with excellent mobile optimization and user experience. Security posture is robust with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not published. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with the university's mission and audience.

3

Events in Jablonec | 365 Jablonec

365jablonec.cz

47

The website 365jablonec.cz serves as a local event listing platform for Jablonec nad Nisou, Czech Republic, providing up-to-date information on cultural, sports, educational, and leisure events. It targets a general audience interested in local happenings and offers features such as event search and organizer information. The site uses modern web technologies including React and Next.js, indicating a contemporary technical infrastructure with good mobile optimization and SEO practices. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy or cookie policies, which are areas for improvement. The absence of WHOIS data raises concerns about domain legitimacy and trustworthiness, impacting the overall risk profile. Strategic recommendations include enhancing security headers, publishing privacy and cookie policies, and providing clear contact and incident response information to improve compliance and trust.

The website www.priserkyvhlave.cz is an educational platform in Czech language focused on teaching about monsters through interactive games and resources, primarily targeting schools and children. It is a project supported and co-financed by the European Union and the Czech Ministry of Interior, indicating a non-commercial, public service nature. The site uses modern web technologies such as React and Next.js, providing a good user experience with responsive design and clear navigation. However, the site lacks visible privacy, cookie, and terms of service policies, and no contact information is provided, which limits transparency and user trust. From a technical perspective, the site is built on a modern JavaScript framework with client-side rendering and moderate performance. No analytics or tracking scripts were detected, suggesting minimal user tracking. Security posture is limited due to the absence of security headers and no visible SSL configuration details. The WHOIS data for the domain is unavailable, likely due to privacy protection or domain registration issues, which negatively impacts the trustworthiness assessment. Overall, the website is safe and suitable for general audiences, with no adult or explicit content detected. The lack of WHOIS transparency and privacy policies are the main concerns. Strategic recommendations include implementing comprehensive privacy and cookie policies, improving security headers, providing clear contact and incident response information, and verifying domain registration details to enhance trust and compliance.

S

Sitejabber

sitejabber.com

63

Sitejabber is a leading online platform specializing in consumer business reviews and ratings, serving over 200 million customers and featuring reviews for more than 130,000 businesses. Positioned as a trusted resource, it offers consumers insights to make informed purchasing decisions and provides businesses with a platform to engage with customers. The company emphasizes trust, consumer protection, and transparency, supported by its award-winning status and Google Partner certification. Technically, Sitejabber employs modern web technologies including React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. Security is robust with HTTPS enforcement and comprehensive security headers, although public incident response and vulnerability disclosure policies are not evident. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, Sitejabber demonstrates a mature digital presence with high professionalism and trustworthiness, though WHOIS data unavailability slightly impacts domain transparency.

Matyáš Herman is an independent fullstack developer specializing in React, Node.js, PHP, and modern web technologies, targeting brands and businesses seeking modern website solutions. The website serves as a personal portfolio showcasing skills and services. The technical infrastructure is based on modern frontend frameworks such as React and Next.js, providing a responsive and visually appealing user experience. However, the site lacks advanced security headers and privacy compliance documentation, which are areas for improvement. The absence of WHOIS data reduces domain trustworthiness, but the active social media presence supports legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and compliance features.

E

eVstupenka

evstupenka.cz

68

eVstupenka.cz is a well-established online ticketing platform primarily serving the Liberec region in the Czech Republic. Founded in 2006, it offers a comprehensive catalog of cultural events including theater, concerts, musicals, festivals, and other entertainment options. The platform supports online ticket sales, subscription packages, and gift vouchers, targeting local residents and visitors interested in cultural activities. The website demonstrates a consistent brand presence and provides a user-friendly experience with clear navigation and mobile optimization. Technically, it leverages modern web technologies such as React and Next.js, integrated with DatoCMS for content management, and employs Google Tag Manager and Analytics for tracking.

Global Concept Consulting is a well-established communication agency based in Brussels, Belgium, with over 20 years of experience delivering strategic communication, public affairs, media relations, event management, branding, video production, and web development services. The company has a strong international presence, working on projects in more than 80 countries and maintaining close proximity to European institutions. Their market position is reinforced by awards such as the German Brand Awards and partnerships with European and United Nations agencies. Technically, the website is built on a modern React and Next.js framework with a headless WordPress CMS backend, hosted via OVH sas, providing a solid digital infrastructure with good mobile optimization and moderate performance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and privacy compliance elements such as privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is professional, trustworthy, and well-branded, though it would benefit from enhanced privacy compliance and security best practices.

A

Amusnet

amusnet.com

70

Amusnet is a well-established gaming provider founded in 2012, specializing in online casino games, live casino, and land-based slot cabinets. The company holds a strong market position supported by numerous industry awards and a broad network of partners. Their business model focuses on B2B services, delivering innovative gaming solutions and reliable support to operators worldwide. The website reflects a mature digital presence with a modern tech stack based on Next.js and React, hosted via Cloudflare, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and domain transfer protections, although improvements are recommended in DNSSEC and security headers. Privacy compliance is currently lacking, with no visible privacy or cookie policies, which is a notable gap. Overall, Amusnet demonstrates high business credibility and trustworthiness but should enhance privacy and security transparency to align with best practices.

M

Mito Group

mito.group

76

Mito Group is a well-established independent digital agency based in Hungary, specializing in digital product development, communication campaigns, and integrated marketing services for multinational companies across Europe. The company operates through four interconnected business units, offering a broad range of services from creative development to data-driven marketing and CRM solutions. Their client portfolio includes major brands such as Magyar Telekom, Wizz Air, Mastercard, Nokia, and others, indicating a strong market position and trust in their capabilities. Technically, the website is built on modern frameworks like Next.js and React, hosted likely on AWS Cloudfront, and employs advanced tools such as Google Tag Manager and reCAPTCHA Enterprise for analytics and security. The site is well-optimized for performance, mobile responsiveness, and accessibility, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, uses security headers, and implements privacy and cookie policies with consent mechanisms, demonstrating good security hygiene. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or vulnerability disclosure page suggests room for improvement in transparency and incident response readiness. Overall, Mito Group presents a professional, trustworthy, and secure online presence consistent with its business claims. The domain WHOIS data is privacy protected but aligns with the company's Hungarian base and business history. Strategic recommendations include enhancing security transparency, adding vulnerability disclosure mechanisms, and publishing data protection officer contact details to further strengthen compliance and trust.

O

Optimove Inc.

optimove.com

69

Optimove Inc. is a technology company specializing in AI-driven Positionless Marketing platforms that empower marketers to independently execute personalized, multichannel campaigns at scale. The company is recognized as a visionary leader in multichannel marketing by Gartner and serves enterprise clients across retail, e-commerce, iGaming, forex, and social gaming sectors. Their platform includes AI decisioning, customer engagement, digital personalization, gamified marketing, and predictive AI tools. Technically, the website is built on modern frameworks like React and Next.js, with strong mobile optimization and fast performance. Security posture is robust with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly detailed. The absence of WHOIS data is a minor trust concern but is offset by strong branding, client testimonials, and compliance with GDPR. Overall, Optimove presents a professional, credible, and technically mature online presence suitable for enterprise marketing clients.

M

MVKM s.r.o.

mvkm.cz

53

MVKM s.r.o. is a Czech Republic based marketing agency specializing in performance marketing, PPC campaigns, SEO, social media management, and video production. The company targets businesses seeking measurable marketing results and ROI, positioning itself as a small but professional agency with over 20 satisfied clients and a high client satisfaction rate. The website is modern, well-designed, and mobile-optimized, reflecting a mature digital presence. Technically, the site uses modern frameworks like Next.js and React, with service workers for enhanced performance. Security posture is good with HTTPS and secure forms, but lacks explicit security headers and published security policies. Privacy compliance is limited, with no dedicated privacy policy page found, though a cookie consent banner is present. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for this business type. Overall, the site is professional and trustworthy, with room for improvement in privacy and security transparency.

Lasvit is a Czech-based company specializing in bespoke glass design, manufacturing unique lighting installations and architectural glass products. Established in 2007, it blends traditional craftsmanship with innovative design to serve a global clientele including architects, designers, and luxury commercial and residential customers. The company maintains a strong market position in the high-end bespoke glass industry with a focus on artisanal quality and design excellence. Technically, the website is built on modern frameworks such as Next.js and React, ensuring fast performance, mobile optimization, and good SEO practices. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is professional, trustworthy, and well-maintained, though the absence of WHOIS data and some security policy disclosures slightly reduce trust scores.

K

KELER KSZF Zrt.

kelerkszf.hu

62

KELER KSZF Zrt. operates as a leading clearing house in Hungary and Central and Eastern Europe, providing clearing, central counterparty, risk management, and guarantee services primarily for financial and energy markets. The company is EMIR authorized and has nearly 20 years of experience, serving multiple market platforms including Budapest Stock Exchange and various energy exchanges. The website reflects a professional business presence with clear service offerings and market focus. Technically, the site uses modern frameworks such as Next.js and React, with Google Tag Manager for analytics and cookie consent management. Security posture is strong with HTTPS and security headers, though explicit privacy and terms policies are missing. WHOIS data confirms domain legitimacy and consistency with business claims. Overall, the site is well-structured and trustworthy but could improve privacy compliance and contact transparency.

K

KELER Zrt.

keler.hu

64

KELER Zrt. is a leading central securities depository and clearing house in Central and Eastern Europe with over 30 years of experience. The company provides comprehensive financial market infrastructure services, including securities custody, clearing, and facilitating Target2-Securities benefits. The website reflects a professional and modern digital presence built on React and Next.js frameworks, integrated with Sense/Net CMS and Google Tag Manager for analytics and marketing. Security posture is strong with HTTPS enforcement and standard security headers, though explicit security policies and incident response information are not publicly detailed. Privacy compliance is well addressed with a cookie consent mechanism and a clear privacy policy. Overall, the website demonstrates high business credibility and technical maturity, supporting KELER's market position as a trusted financial institution.

C

Clearstream

clearstream.com

68

Clearstream is a leading provider of post-trade infrastructure and securities and fund services, operating as part of the Deutsche Börse Group. The company serves international and domestic capital markets with a comprehensive suite of financial services including securities custody, fund services, collateral management, and digital solutions. The website reflects a mature and professional digital presence with modern technologies such as React and Next.js, and integrates analytics and cookie consent mechanisms to comply with privacy regulations. Security posture is strong with HTTPS enforcement, secure forms, and standard security headers, though explicit security policies and incident response information are not publicly detailed. Overall, Clearstream's website demonstrates a high level of professionalism, trustworthiness, and compliance suitable for its enterprise-level financial services business.

T

The Procter & Gamble Company

pg.com

76

The Procter & Gamble Company operates a comprehensive and professionally designed website at us.pg.com, serving as a digital presence for its consumer goods business in the United States. The company is a global leader in manufacturing and retail of consumer products, with a strong emphasis on sustainability, innovation, and community impact. The website reflects a mature digital infrastructure using modern technologies such as React and Next.js, hosted on Azure, and integrates advanced analytics and consent management tools to ensure compliance and user experience. Security posture is strong with HTTPS enforced and no visible vulnerabilities, although explicit security headers should be verified. Privacy compliance is robust, with clear policies and consent mechanisms in place. The WHOIS data for the subdomain is unavailable, which is typical for subdomains, but the main domain pg.com is a well-established and trusted corporate domain. Overall, the website demonstrates high professionalism, trustworthiness, and technical maturity.

S

Selfstorm

creativefastaid.com

60

Selfstorm is a small media-focused business offering digital tools for brand strategists and creatives, including data research, brand strategy frameworks, demand analytics, and creative inspiration delivered via editable Google Slides. The website is built on modern technologies such as Next.js and React, with integration of Google Tag Manager for analytics. The site is well-designed, mobile-optimized, and provides a good user experience with clear navigation and professional content. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit security policies are absent. Privacy compliance is good with clear privacy and cookie policies and consent mechanisms. Overall, the website presents a trustworthy and professional digital presence suitable for its niche audience.

A

Allwyn

allwynentertainment.com

75

Allwyn is a global lottery-led entertainment company that operates across multiple countries including the United Kingdom, Austria, Czech Republic, Greece, Cyprus, and the United States. The company offers a diverse portfolio of gaming products such as lottery games, instant win games, scratch cards, iGaming, retail casinos, and sports betting. Their business model centers on creating engaging play experiences that bring hope and excitement to players while emphasizing social responsibility and community impact. The website reflects a strong market position with partnerships including Formula 1 and McLaren, highlighting their brand strength and global reach. Technically, the website is built using modern web technologies including React and Next.js, optimized for performance and mobile responsiveness. It employs Google Tag Manager and reCAPTCHA for analytics and security respectively. The site demonstrates good SEO practices, accessibility, and fast loading times, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and includes standard security headers, indicating a solid baseline security posture. However, there is no publicly available security policy or incident response information, and no vulnerability disclosure program is evident. The absence of WHOIS data for the domain is a notable transparency gap, although the website content and branding suggest legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations, but improvements in transparency around security policies and domain registration details are recommended to enhance trust and credibility.

cbData is a technology company specializing in developing proprietary IT solutions for the gaming industry, focusing on responsible gaming technologies. The company positions itself as a leader in non-gaming IT solutions tailored for the gaming sector, with ambitions for international growth. Their business model revolves around creating certified platforms and innovative software products, supported by a team-oriented culture and hybrid work options. The website reflects a professional and modern digital presence using React and Next.js technologies, targeting IT professionals interested in gaming technology careers. Security posture is moderate with room for improvement, notably in publishing privacy and cookie policies and implementing security headers. The domain registration is consistent with the company's profile, indicating legitimacy.

Mutumutu.cz is an online life insurance platform offering flexible and comprehensive coverage for illnesses, injuries, and income protection. The company operates in the Czech Republic and partners with the established insurer Komerční pojišťovna, a.s., which has over 25 years of market presence. The website is designed to facilitate quick and easy insurance calculations and purchases online, targeting individuals seeking modern and transparent life insurance solutions. The business model focuses on direct-to-consumer sales with an emphasis on technology-driven cost savings and customer rewards for healthy lifestyles. Technically, the website leverages modern frameworks such as React and Next.js, ensuring fast performance, mobile optimization, and good accessibility. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, although a dedicated security policy and incident response contacts are not published. Overall, the site demonstrates high professionalism, trustworthiness, and compliance with GDPR and cookie regulations.

J

J&T FINANCE GROUP SE

jtfg.com

66

J&T FINANCE GROUP SE is a well-established European financial group operating primarily in Central and Eastern Europe, offering a broad range of financial services including private and retail banking, asset management, investment banking, and project finance. The group has a significant market presence with subsidiaries across multiple countries and a history dating back to 1994. The website reflects a professional and consistent brand image with comprehensive information about its services and leadership. Technically, the website is built on modern web technologies such as Next.js and React, supported by a headless CMS (Kentico Kontent). It demonstrates good mobile optimization, accessibility, and SEO practices. Analytics and marketing tools like Google Tag Manager are in use, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and publicly available security policies or incident response contacts. The absence of WHOIS data for the domain is a concern, though the website content and structure suggest legitimacy. Privacy compliance is partially addressed with a cookie policy and consent mechanism, but a clear privacy policy is not prominently found. Overall, the website presents a low risk with strong business credibility but would benefit from enhanced transparency in security and privacy policies, and verification of domain registration details.

S

SOS dětské vesničky

sos-vesnicky.cz

48

SOS dětské vesničky is a well-established Czech non-profit organization dedicated to supporting vulnerable children and families through various social services including foster care, crisis centers, and educational programs. The organization has a strong market position as the oldest charity of its kind in the Czech Republic, with nearly 60 years of experience. Their website reflects a professional and trustworthy image with clear messaging and calls to action for donations and support. Technically, the site is built on modern frameworks such as Next.js and React, with good mobile optimization and accessibility. Security posture is strong with HTTPS and security headers in place, although the absence of a public privacy policy and WHOIS data are notable compliance and trust gaps. Overall, the site is safe, well-maintained, and effectively communicates its mission to its target audience of families, donors, and social workers.

(

(ant)

antstudio.cz

54

The website www.antstudio.cz represents a professional full-service digital marketing agency based in the Czech Republic, known as (ant). The agency offers a broad range of services including branding, strategy consulting, creative campaigns, performance marketing, web and e-commerce development, and training workshops. Their market position is supported by detailed case studies and client testimonials, indicating a medium-sized agency with a strong focus on delivering impactful digital marketing solutions. Technically, the website is built on modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. Security measures include HTTPS and Google reCAPTCHA v3, although some security headers and explicit privacy policies are missing. Overall, the site is professional and trustworthy, but the absence of WHOIS data and privacy compliance documentation slightly reduces the trust score.

T

Twisto

twisto.cz

50

Twisto is a Czech financial technology company offering buy now, pay later services, allowing customers to shop and pay up to 45 days later. The website is professionally designed, mobile-optimized, and uses modern web technologies such as React and Next.js. It integrates multiple analytics and tracking services including Google Tag Manager, Microsoft Clarity, TikTok, and Facebook pixels, indicating a mature digital marketing approach. Security posture is strong with HTTPS enforced and no visible sensitive data exposure, though explicit security headers and policies are not evident. The absence of WHOIS data suggests privacy protection, common for financial services, but limits domain trust verification. Privacy and cookie policies are not clearly found, which is a compliance gap. Overall, the site presents a trustworthy and professional front for its financial services in the Czech market.

C

Chakras

chakras.net

49

Chakras.net is a specialized educational website focused on the teachings of chakras and kundalini based on the Yoga in Daily Life system by Paramhans Swami Maheshwarananda. The site provides comprehensive multimedia content including lectures, symbolic explanations, and spiritual lineage information, targeting individuals interested in yoga and spiritual development. Technically, the site is built on modern web technologies such as React and Next.js, hosted on Vercel, and demonstrates good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain registration protections in place, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is addressed with a privacy policy and cookie consent mechanism implemented via CookieYes. Overall, the site is trustworthy, professional, and well-maintained, serving a niche spiritual education market.

L

Levelpath

levelpath.com

61

Levelpath is a technology company offering an AI-native procurement platform designed to simplify and enhance procurement processes for enterprises. The company positions itself as a leader in AI-driven procurement solutions, recognized by Gartner as a Cool Vendor in sourcing and procurement technology. Their platform includes modules such as Front Door to Procure, Sourcing, Pipeline, Contracts, and Risk Management, targeting enterprise customers seeking efficiency and innovation in procurement. Technically, the website is built using modern frameworks like Next.js and React, hosted likely behind Cloudflare, and integrates multiple marketing and analytics tools including HubSpot, Google Tag Manager, and Microsoft Clarity. The site is well optimized for performance, mobile responsiveness, and SEO, providing an excellent user experience. From a security perspective, the site enforces HTTPS and implements a comprehensive cookie consent mechanism with detailed categories. However, it lacks visible security headers and published security policies or incident response information. The absence of WHOIS registration data raises some concerns about domain legitimacy, though the professional web presence and business signals mitigate this risk. Overall, Levelpath presents a strong digital and business profile with room for improvement in transparency around privacy policies, security disclosures, and domain registration information. Strategic recommendations include publishing explicit privacy and security policies, enhancing security headers, and verifying domain registration details to strengthen trust and compliance.

ZaVodou.cz is a Czech online pension savings platform established in 2019, offering users the ability to save for retirement with state bonuses. The website targets individuals in the Czech Republic interested in pension savings, providing a simple and accessible online service. Technically, the site is built on a modern Next.js and React stack, hosted with Cloudflare DNS and CDN services, and integrates multiple third-party analytics and marketing tools such as Google Analytics, Hotjar, OneSignal, and Meta advertising platforms. The site implements a comprehensive cookie consent mechanism via Cookiebot, reflecting good privacy compliance practices. Security posture is solid with HTTPS and Cloudflare DNS, but lacks explicit security headers and detailed security policies. Contact information and terms of service pages are not explicitly found, which could be improved to enhance trust and compliance. Overall, the website is professional, well-branded, and serves a niche financial service market effectively.

ADIT Agency s.r.o. is a Slovak-based full-service digital agency specializing in software and hardware development, consulting, and body leasing services. Established in 2009, the company serves a diverse clientele including government bodies, healthcare institutions, utilities, and commercial enterprises. Their offerings range from information systems for public administration to innovative healthcare solutions and custom hardware design. The company maintains a strong market position supported by reputable clients and a credit guarantee from COSIMOME LLP. Technically, the website is built on modern frameworks such as React and Next.js, hosted on Vercel, ensuring fast performance and excellent mobile optimization. The site employs DNSSEC and HTTPS, reflecting good security practices. However, explicit security headers and formal privacy and cookie policies are absent, indicating areas for improvement in compliance and security transparency. From a security perspective, the site demonstrates a solid baseline with encrypted communications and GDPR compliance references in the contact form. No vulnerabilities or exposed sensitive data were detected. The absence of incident response and vulnerability disclosure information suggests a need for enhanced security governance documentation. Overall, ADIT Agency presents a professional and trustworthy digital presence with strong business credibility and technical maturity. Strategic enhancements in privacy documentation, security headers, and incident response transparency would further strengthen their security posture and compliance standing.

C

curl.to | Convert curl commands to code

curl.to

56

curl.to is a specialized developer tool website that provides an online utility for converting curl commands into code snippets in multiple programming languages. It targets developers working with APIs and web services, offering support for languages such as JavaScript, Python, PHP, Go, Ruby, C#, and Java. The site positions itself as a free resource to improve developer productivity by reducing errors and saving time during API development. Technically, the website is built using modern web technologies including React and Next.js, with Google Fonts for typography. The site appears to be moderately optimized for performance and mobile responsiveness, with a clean and professional design. However, accessibility features are basic, and no CMS or hosting provider information is evident from the HTML content. From a security perspective, the site uses HTTPS as indicated by the URL, but no explicit security headers are detected in the HTML content. There are no visible privacy, cookie, or terms of service policies, nor any contact information for security incidents or data protection officers. No analytics or advertising scripts were found, indicating minimal user tracking. The absence of these policies and contact details suggests room for improvement in privacy compliance and security transparency. Overall, the website is safe and professional with a clear focus on developer utility. The lack of privacy and security policies, as well as contact information, lowers its trustworthiness and compliance posture. Strategic improvements in these areas would enhance user trust and regulatory compliance.

T

The Goldman Sachs Group, Inc.

goldmansachs.com

78

The Goldman Sachs Group, Inc. is a globally recognized leader in investment banking, securities, asset management, and wealth management services. The website reflects its enterprise stature with professional design, comprehensive service descriptions, and a clear focus on institutional and high-net-worth clients. The firm maintains a strong market position as a leading financial services provider. Technically, the site leverages modern frameworks such as Next.js and React, hosted on Akamai CDN, ensuring fast performance and excellent mobile optimization. Security is robust with HTTPS enforced, multiple security headers, and adherence to recognized frameworks like ISO 27001 and NIST. Privacy and compliance are well addressed with clear policies and GDPR compliance indicators. Overall, the site demonstrates a mature digital presence aligned with the company's global reputation.

N

NürnbergMesse GmbH

feuertrutz-messe.de

58

FeuerTrutz is a leading European trade fair and congress focused on preventive fire protection, organized by NürnbergMesse GmbH. The website serves as a comprehensive platform for exhibitors, visitors, and media representatives, providing detailed event information, registration options, and news updates. The business is well-positioned in the fire protection industry with a strong market presence and a clear focus on networking and knowledge sharing. Technically, the website is built on modern frameworks including React and Next.js, integrated with Sitecore CMS, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and standard security headers, though some improvements in privacy compliance and security transparency are recommended. Overall, the site reflects a professional and trustworthy organization with a high legitimacy score based on domain registration data and content consistency.

W

WhatIsMyIP.io - Check Your IP Address & Location

whatismyip.io

59

WhatIsMyIP.io is a technology-focused website providing free IP address lookup and geolocation services. It offers users detailed information about their IP address, location, ISP, connection type, time zone, and currency. The site targets a general audience seeking quick and accurate IP-related data. The business operates as a small-scale service launched in late 2022, with no evident parent company or subsidiaries. The website is built on modern web technologies including Next.js and React, hosted on infrastructure provided by Hetzner Online Gmbh, and uses Cloudflare DNS services for domain resolution.

C

HTML Colors

colors.to

61

Colors.to is a small informational website focused on providing a comprehensive reference of 148 named HTML and CSS colors for web developers and designers. The site offers color names, hex codes, and RGB values, along with tools such as color palette generation from images. It supports multiple languages, enhancing accessibility for a global audience. The business model is primarily informational, targeting web development professionals and enthusiasts. Technically, the website is built using modern technologies including React and Next.js, hosted on Vercel, ensuring fast performance and excellent mobile optimization. The site uses privacy-focused analytics tools like Fathom and Plausible, and integrates advertising networks such as BuySellAds and Google DoubleClick. However, it lacks some security headers and formal privacy and cookie policies. From a security perspective, the site enforces HTTPS and uses modern frameworks but does not implement additional security headers or provide security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The domain registration is privacy protected, which is typical for small informational sites, and no suspicious patterns were found. Overall, Colors.to is a well-designed, safe, and technically sound website with moderate business credibility. To improve, it should implement privacy and cookie policies, add security headers, and provide clearer business and security information to enhance trust and compliance.

I

InnoTrans

innotrans.de

62

InnoTrans is a leading international trade fair specializing in transport technology, serving as a key platform for national and international suppliers and buyers within the transportation sector. The website reflects a professional and well-structured digital presence, leveraging modern web technologies such as Next.js and React, and integrating cookie consent mechanisms via Usercentrics to ensure privacy compliance. Hosting is managed through professional managed IP services, and the site employs HTTPS with good SSL configuration, contributing to a secure user experience. However, explicit security policies and incident response contacts are not prominently available, indicating areas for improvement in transparency and security readiness. Overall, the site demonstrates a strong market position and digital maturity appropriate for a large-scale event organizer in Germany.

S

Spotify AB

megaphone.fm

58

Megaphone by Spotify is an enterprise podcast platform designed to empower podcast publishers with tools to publish, monetize, and grow their audience. The platform leverages Spotify's advertising marketplace, the Spotify Audience Network, to optimize revenue through dynamic ad insertion and real-time ad stitching. The website presents a professional and polished digital presence, reflecting a mature technical infrastructure built on modern web technologies such as React, Next.js, and Contentful CMS. Privacy and cookie policies are clearly stated, with consent mechanisms in place, indicating good compliance with GDPR and related regulations. Security posture is strong with HTTPS enforcement and security headers, though explicit incident response and vulnerability disclosure policies are not publicly detailed. Overall, the site demonstrates a high level of business credibility and technical maturity, suitable for an enterprise-grade media technology service.

SEVT.cz is a well-established Czech e-commerce retailer specializing in school, kindergarten, and office supplies, including art materials, books, and games. Founded in 1998, it holds a strong market position as a specialist with a broad product range targeting educational institutions, parents, and office users. The website demonstrates a modern technical infrastructure using React and Next.js frameworks, hosted on Forpsi servers, and optimized for mobile and SEO. Security posture is good with HTTPS enabled and no visible vulnerabilities, though it lacks explicit security headers and privacy policies. The absence of contact emails and phone numbers on the main page limits direct communication channels. Overall, the site is professional and trustworthy but would benefit from enhanced privacy compliance and security transparency.

O

OM Ashram

omashram.com

58

OM Ashram is a spiritual and educational non-profit organization based in Rajasthan, India, focused on Yoga, Vedic culture, and humanitarian projects. The website presents a well-structured digital presence with rich multimedia content, event information, and detailed descriptions of their projects and mission. The organization targets spiritual seekers and community members interested in Yoga and cultural preservation. Technically, the site uses modern web technologies including Next.js and React, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent implemented, though some security headers could be improved. WHOIS data is missing, which slightly impacts trust but the overall professional presentation and contact information support legitimacy. Strategic recommendations include enhancing security headers, publishing explicit privacy and security policies, and adding vulnerability disclosure information.

J

J&T BANKA, a.s.

jtbank.eu

62

J&T BANKA, a.s. is a reputable private and investment bank headquartered in Prague, Czech Republic, with a strong presence across Europe including Slovakia and Croatia. The bank specializes in bespoke wealth management, investment funds, corporate bond issuance, and project financing, targeting high net worth individuals and sophisticated corporate clients. The website reflects a mature digital presence built on modern technologies such as Next.js and React, with integrated analytics via Piwik PRO. Security posture is strong with HTTPS enforcement and appropriate security headers, though explicit security policies and incident response contacts are not prominently published. Overall, the site demonstrates professionalism, trustworthiness, and compliance with banking industry standards, supporting the bank's market position and client trust.