Security Directory

I

InVivo

invivo-group.com

66

InVivo is a major French agricultural cooperative group with a strong European presence, focused on driving the agricultural and food transition towards sustainability and resilience. The company operates across multiple sectors including agriculture, international commodity trading, agro-food production, and retail, serving farmers, cooperatives, and consumers. The website reflects a mature digital presence built on Drupal CMS, with good mobile optimization and SEO practices. Social media integration is robust, supporting brand engagement. Security posture is generally good with HTTPS and cookie consent implemented, but lacks explicit security headers and published security policies. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, though the professional website content and branding mitigate some risk. Overall, the site is trustworthy and professional but would benefit from enhanced transparency on privacy and security policies.

S

SIL Global

sil.org

63

SIL Global is a well-established, faith-based nonprofit organization dedicated to language development and community empowerment worldwide. Their website reflects a professional and comprehensive digital presence, offering extensive resources, training, and services in linguistic research, literacy, translation, and language technology. The organization targets diverse global communities and language professionals, emphasizing equal access to education and socio-economic opportunities regardless of language barriers. Technically, the website is built on Drupal CMS with modern frameworks like Bootstrap and uses standard web technologies including jQuery and Font Awesome. It is mobile-optimized and accessible, with embedded multimedia content enhancing user engagement. Security posture is solid with HTTPS enforced and secure form handling, though the absence of certain security headers and explicit cookie consent mechanisms are areas for improvement. The lack of WHOIS data limits domain registration trust verification, but the presence of recognized nonprofit certifications and consistent branding supports legitimacy. Overall, the site scores well on content quality, technical implementation, and business credibility, with moderate privacy compliance.

C

Concrete CMS

concrete5.org

74

Concrete CMS is an open source content management system designed for teams including content creators, designers, and developers. It offers a website builder with built-in tools to simplify content editing and management. The company behind Concrete CMS, PortlandLabs, positions itself as a provider of secure, compliant, and enterprise-ready CMS solutions, serving notable clients such as the U.S. Army, BASF, and Home Depot. Their business model includes offering the open source CMS software alongside hosting, support, and custom development services. The website demonstrates strong branding consistency, professional design, and clear navigation, targeting medium-sized to enterprise organizations in technology and government sectors. Technically, the website leverages modern web technologies including jQuery, Bootstrap, Vue.js, and integrates analytics and marketing tools such as Google Tag Manager, Matomo, ZoomInfo, Leadfeeder, and Pipedrive LeadBooster. The CMS platform itself is Concrete CMS, hosted likely by PortlandLabs. The site is mobile optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, Concrete CMS emphasizes compliance with ISO 27001, SOC 2, and HIPAA standards, offering role-based access control, workflow approvals, and version control. The site uses HTTPS and has cookie consent mechanisms. However, explicit security headers are not detected, and there is no public vulnerability disclosure or incident response contact information, which are areas for improvement. Overall, the website is professional, trustworthy, and content safe for general audiences. The main concern is the lack of WHOIS registration data, which raises questions about domain legitimacy despite the strong business presence. Strategic recommendations include improving security header implementation, publishing vulnerability disclosure policies, and clarifying domain registration details to enhance trust.

B

Bloo Kanoo

blookanoo.com

51

Bloo Kanoo is a technology company founded in 2020 that provides a live shopping platform targeted at brands and retailers. Their service enables interactive and engaging shopping experiences, positioning them as a niche player in the live shopping technology market. The website is built on WordPress using Elementor, hosted on Amazon AWS infrastructure, and integrates modern analytics tools such as Google Tag Manager and LogRocket. The technical infrastructure is modern and moderately optimized for performance and mobile use. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is weak due to absence of privacy and cookie policies. Business credibility is moderate with professional content but missing explicit contact details and security policies. Overall, the website is functional and professional but would benefit from enhanced privacy, security, and transparency measures.

1

104人力銀行

104.com.tw

64

104人力銀行 is a leading Taiwanese online job recruitment platform providing comprehensive job search and talent acquisition services. The platform targets a broad audience including job seekers, students, fresh graduates, senior professionals, middle-aged workers, and foreigners. It holds a strong market position supported by recognized certifications and awards, reflecting its commitment to social value and work-life balance. The company operates multiple service verticals and partner domains to cater to diverse employment needs. Technically, the website employs modern frontend technologies such as Vue.js and integrates multiple analytics and advertising tools, indicating a mature digital infrastructure. The site is mobile optimized and offers a professional user experience with clear navigation and rich content. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers are not explicitly detected. Privacy compliance is supported by a comprehensive privacy policy, but lacks a visible cookie consent mechanism. Overall, the website demonstrates high business credibility and trustworthiness with consistent branding and transparent company information.

S

SHOPLINE Limited

shoplineapp.com

66

SHOPLINE Limited operates a global smart commerce platform providing total commerce solutions and customized services to businesses ranging from startups to established global brands. Their offerings support online, social media, and offline sales channels, positioning them as a comprehensive e-commerce enabler. The website reflects a mature business with over 10 years of domain history and consistent branding across multiple localized domains. Technically, the site leverages modern web technologies including AngularJS, Google Tag Manager, and multiple analytics and marketing tools, hosted on AWS infrastructure. While the site is performant and mobile-optimized, some accessibility and SEO improvements could be made. Security posture is solid with HTTPS and domain locks, but lacks DNSSEC and advanced security headers. Privacy compliance is partially met with clear privacy and terms pages but lacks cookie consent mechanisms and explicit security policies. Overall, the site is professional and trustworthy with extensive tracking and marketing integrations.

T

TEKOM CZ spol. s r.o.

netroliferadio.cz

59

Netro Life Radio is a regional FM radio station based in České Budějovice, Czech Republic, operated by TEKOM CZ spol. s r.o. The station focuses on dance and popular music, targeting listeners in the South Bohemia region. It offers both traditional FM broadcasting on 100.8 FM and online streaming services, including high-quality and mobile-optimized streams. The website is professionally designed, featuring clear navigation, multimedia content, and active social media channels. However, the absence of WHOIS data limits transparency about domain ownership and age. Technically, the website leverages modern web technologies including Google Tag Manager, Google Analytics, and a proprietary CMS platform (solidpixels.). The site is mobile-optimized and includes cookie consent mechanisms, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enforced and secure form handling, but lacks visible security headers and explicit privacy policies, indicating room for improvement. Overall, the security posture is moderate with no critical vulnerabilities detected in the visible content. The business credibility is strong due to clear company information and legal disclosures. The absence of WHOIS data and privacy policy slightly reduce trust scores. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and security policies, and improving accessibility features to strengthen compliance and user trust.

V

VIPARIS

viparis.com

70

VIPARIS is a leading European business tourism company based in Paris, specializing in hosting shows, trade shows, conventions, seminars, and conferences across 12 venues. The website presents a professional and well-branded digital presence targeting business professionals and event organizers. The technical infrastructure leverages modern JavaScript frameworks such as Vue.js and Nuxt.js, with integration of Google Tag Manager for analytics. The website is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled, but lacks visible security headers and public security policies. The absence of WHOIS data and privacy/cookie policies reduces transparency and privacy compliance confidence. Overall, the site is trustworthy and professional but could improve in privacy and security disclosures.

P

PhotoShelter

photoshelter.com

63

PhotoShelter operates as a leading digital asset management and content distribution platform, primarily targeting brands and photographers. The company offers a comprehensive SaaS solution that includes AI-powered search, real-time workflows, social content distribution, and collaboration tools. Their market position is strong within the digital asset management space, supported by professional branding and extensive marketing efforts. Technically, the website is built on WordPress and integrates multiple modern marketing and analytics technologies such as Marketo, Hotjar, and Google Tag Manager, indicating a mature digital infrastructure. The site is well-optimized for SEO, accessibility, and mobile responsiveness, providing an excellent user experience. Security-wise, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security policies, which could be improved. The absence of WHOIS data is a notable anomaly that reduces trust slightly, though the website content and branding suggest a legitimate enterprise. Overall, the risk is moderate with recommendations to enhance transparency and security posture.

S

Storck

dein-merci.de

62

The website www.dein-merci.de is an e-commerce platform specializing in personalized merci Finest Selection chocolates, allowing customers to customize packaging with photos and messages. It operates under the reputable Storck brand, targeting consumers seeking unique gift ideas. The site is built on a modern Shopify Oxygen infrastructure using React and Tailwind CSS, ensuring good performance and mobile optimization. Privacy and cookie policies are well implemented, reflecting GDPR compliance. Security posture is solid with HTTPS and cookie consent, though some security headers and incident response details are missing. Overall, the site presents a professional and trustworthy online shopping experience with no signs of malicious content or blocking mechanisms.

S

Storck & Merci Shop

storck.shop

68

Storck.shop is an e-commerce platform focused on retailing Storck branded confectionery products primarily to a German-speaking audience. The website offers a broad selection of sweets and emphasizes ease of online ordering and quick delivery. The site integrates modern digital marketing and analytics tools such as Google Tag Manager and Google Analytics, alongside a cookie consent management system powered by Cookiebot, reflecting a moderate level of digital maturity. The technical infrastructure is based on a Shopware CMS platform with standard web technologies and responsive design, providing a good user experience across devices. Security posture is adequate with HTTPS enforced and basic security best practices observed, though improvements in security headers and explicit privacy and terms documentation are recommended. Overall, the site presents a moderate risk profile with no critical vulnerabilities detected but would benefit from enhanced transparency and contact information to improve trust and compliance.

K

Krby komplet s.r.o.

krbykomplet.eu

53

Krby komplet s.r.o. is a specialized small business based in the Czech Republic, providing comprehensive heating solutions including fireplaces, stoves, chimneys, garden fireplaces, gas grills, and chimney maintenance services. Established in 2008, the company has a strong local presence with over 520 completed projects and a focus on quality and professional service primarily in the Central Bohemian Region. Their website reflects a professional and consistent brand image with clear contact information and social media presence. Technically, the site is built on Webflow, leveraging modern web technologies and content delivery networks to ensure fast performance and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of explicit privacy policies and security headers indicates room for improvement. Overall, the website is trustworthy and well-positioned for its market segment, but should enhance compliance and security transparency to further strengthen user trust and regulatory adherence.

M

Město Český Brod

cesbrod.cz

57

Město Český Brod operates an official municipal website serving the residents and stakeholders of Český Brod, Czech Republic. The site provides comprehensive information about local government services, events, public announcements, and contact channels. It maintains a consistent brand presence and integrates social media platforms to enhance community engagement. The website is built on a modern CMS framework (Nette) and uses standard web technologies including Google Analytics and reCAPTCHA for security and analytics purposes. While the site is well-structured and mobile-optimized, it lacks explicit privacy and terms of service pages, which are important for compliance and transparency. Security practices include HTTPS enforcement and cookie consent mechanisms, but no detailed security policy or incident response information is publicly available. The domain is long-established and consistent with the municipal nature of the site, indicating high legitimacy. Overall, the website is professional and trustworthy but could improve privacy compliance and security transparency.

M

Město Říčany

ricany.cz

57

Město Říčany is the official municipal government website for the town of Říčany in the Czech Republic. It serves as a comprehensive portal for citizens and local businesses, providing news updates, cultural event calendars, public service information, official notices, and contact details. The site targets local residents and stakeholders, offering a user-friendly experience with multilingual support and clear navigation. The business model is focused on public administration and community engagement, positioning itself as a trusted local government authority. Technically, the website is built on WordPress with a modern tech stack including jQuery, WPML for multilingual support, and various plugins for GDPR compliance and user interaction. The site demonstrates good performance, mobile optimization, and accessibility features. It integrates Google Analytics and Tag Manager for analytics and marketing purposes, with a clear cookie consent mechanism ensuring GDPR compliance. From a security perspective, the site enforces HTTPS and uses best practices such as cookie consent and DOMPurify for sanitization. However, some minor issues like broken lazy loading images and missing explicit security headers (CSP, X-Frame-Options) were noted. The WHOIS data is unavailable, likely due to privacy protection, but the website's professional presentation and official branding support its legitimacy. Overall, the site presents a low-risk profile with strong business credibility and good technical implementation. Strategic recommendations include enhancing security headers, fixing image loading errors, and adding a security.txt file for vulnerability disclosure to further strengthen trust and compliance.

H

Humanoid

humanoid.fr

59

Humanoid is a French media publishing company operating multiple recognized online media brands such as Frandroid, Numerama, and Lemon.fr. The company is positioned as a leader in its category, focusing on modern, independent digital journalism accessible freely to readers. The business model includes advertising, affiliate marketing, premium subscriptions, and event services. The company is part of the EBRA Group, indicating a solid corporate backing and market presence. The website is professionally designed, mobile-optimized, and well-structured, reflecting a mature digital infrastructure. Technically, the site uses WordPress CMS, Cloudflare for DNS and CDN, and integrates Google Tag Manager and New Relic for analytics and monitoring. Security posture is good with HTTPS enforced and reputable hosting, but lacks visible security headers and published privacy or cookie policies, which are areas for improvement. Overall, the website is trustworthy and professional, with no signs of malicious or adult content.

N

Nadace pro rozvoj architektury a stavitelství

stavbaroku.cz

45

Stavba roku is a Czech Republic-based non-profit foundation focused on promoting excellence in architecture and construction through various awards and competitions. The website serves as a platform to showcase these awards, provide information about the competitions, and engage with professionals and stakeholders in the construction and architectural sectors. The foundation operates with a clear mission to support architectural development and urban projects, targeting industry professionals and regional participants. The site is well-positioned in its niche with partnerships including media and construction industry leaders.

N

Netinteractive

webpublication.fr

61

Webpublication.fr is a French-based digital content creation company specializing in interactive digital publishing solutions such as catalogs, magazines, annual reports, and sales presentations. Established in 2007, it serves a broad B2B market including agencies and advertisers, positioning itself as a mature player with a solid client base and reputable testimonials. The website is built on WordPress with a modern tech stack including analytics and marketing tools, demonstrating a good level of digital maturity. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers could be improved and formal security policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, with room for enhanced transparency in security and incident response.

D

Divadlo D21

divadlod21.cz

50

Divadlo D21 is a well-established theatre organization based in Prague, Czech Republic, founded in 2012. It offers theatrical performances, educational projects, and cultural events targeting the general public and schools. The website reflects a professional cultural institution with a clear focus on community engagement and artistic offerings. Technically, the site uses a mix of JavaScript libraries including jQuery, Vue.js, and Google Analytics for tracking, with a responsive design and moderate performance. Security-wise, the site implements GDPR compliance and cookie consent mechanisms but lacks visible HTTP security headers in the provided data, indicating room for improvement in security hardening. Overall, the domain registration and WHOIS data align well with the business profile, supporting legitimacy and trustworthiness.

R

Reportér Magazín

reportermagazin.cz

55

Reportér Magazín is a well-established Czech media outlet founded in 2013, offering high-quality journalistic content including articles, interviews, audio podcasts, and photo galleries. The website targets a general adult audience interested in investigative journalism and cultural topics, operating primarily on a subscription-based business model with additional e-shop services. The domain and WHOIS data confirm legitimacy and consistent registration details. Technically, the site uses modern web technologies such as Next.js, Google Tag Manager, and DoubleClick for advertising, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response information are not publicly disclosed. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website demonstrates a high level of professionalism, trustworthiness, and user experience.

M

Martina Hoffmann

martinahoffmann.com

58

Martina Hoffmann's website serves as an online gallery and boutique for her fine art, focusing on visionary and psychedelic art styles. The site targets art enthusiasts and collectors, providing information about exhibitions, events, and an online store for purchasing artwork. The business operates as a small-scale artist gallery with a niche market presence. Technically, the website is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies including Google Analytics and Facebook Pixel for visitor tracking. The site is mobile-optimized and uses HTTPS, ensuring a secure browsing experience. However, the absence of explicit privacy and cookie policies, as well as missing WHOIS registration data, presents compliance and legitimacy concerns. Security posture is generally good with HTTPS and standard security headers, but improvements are needed in privacy compliance and transparency. Overall, the website is professional and functional but would benefit from enhanced compliance documentation and clearer domain registration information.

W

WPlook Themes

wplook.com

44

WPlook Themes is a Canadian-based small technology company specializing in premium WordPress themes and hosting solutions. Established in 2010, it serves a broad audience including nonprofits, creatives, agencies, and businesses seeking high-quality, speed-optimized WordPress themes. The company operates an e-commerce model offering yearly and lifetime access to theme bundles, hosting plans, and customization services. The website demonstrates strong branding, professional design, and clear navigation, supported by a robust technical infrastructure built on WordPress, WooCommerce, and modern web technologies. Analytics and marketing tools such as Google Tag Manager and Facebook Pixel are integrated for user tracking and advertising purposes. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements are recommended in DNSSEC adoption and security headers. Privacy compliance is partially met with a comprehensive privacy policy but lacks a cookie consent mechanism. Overall, WPlook presents a trustworthy and professional online presence with a mature digital footprint.

C

Cream Code Technology Pvt Ltd

creamcode.org

60

Cream Code Technology Pvt Ltd is a Nepal-based small IT services company founded in 2020, delivering innovative IT services and technology solutions globally. Their website showcases their offerings including WordPress themes, WooCommerce addons, and license key management, targeting businesses seeking digital transformation and online presence. The company leverages modern WordPress infrastructure with Elementor and Astra theme, integrating Google Analytics and Tag Manager for marketing insights. The website is professionally designed with good mobile optimization and clear navigation, reflecting a consistent brand image. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and privacy policies are missing. Overall, the site is legitimate and functional but could improve compliance and security transparency.

I

International Society for Traditional, Complementary & Integrative Medicine Research (ISCMR)

iscmr.org

66

The International Society for Traditional, Complementary & Integrative Medicine Research (ISCMR) is a well-established international scientific organization focused on advancing research in whole person healing and integrative healthcare. The website serves as a platform for knowledge exchange, membership services, and event promotion, targeting researchers and practitioners globally. The organization has a strong market position with multiple regional chapters and partnerships with reputable journals and research bodies. Technically, the website is built on the ClubExpress platform using ASP.NET WebForms and Telerik UI components, with integrations including Google Tag Manager and Zendesk for analytics and user engagement. The site demonstrates moderate performance and basic mobile optimization. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, which are recommended for improvement. Privacy compliance is basic with presence of privacy and terms policies but no cookie consent mechanism. Overall, the website is professional and trustworthy but could benefit from enhanced security and privacy features.

S

Society for Integrative Oncology

integrativeonc.org

45

The Society for Integrative Oncology (SIO) is a well-established non-profit organization founded in 2004, dedicated to advancing evidence-based integrative oncology care. The website serves as a comprehensive platform offering educational resources, clinical guidelines, conferences, and membership benefits targeting healthcare professionals, patients, and researchers globally. The organization maintains a strong market position as a premier multi-disciplinary integrative oncology society with international reach. Technically, the website is built on WordPress using the Yootheme theme and UIkit framework, supplemented by plugins such as CiviCRM and DJ Accessibility to enhance functionality and accessibility. Hosting and domain registration are managed through reputable providers, with HTTPS enabled and basic security practices in place. The site demonstrates good mobile optimization, accessibility, and SEO practices, though there is room for improvement in security headers and DNSSEC implementation. From a security perspective, the site uses HTTPS and domain status protections but lacks DNSSEC and explicit security headers. No privacy or cookie policies were found, which is a compliance gap. Contact information is available via email and physical address, but no phone numbers or incident response contacts are published. Analytics usage is minimal and privacy-conscious, using Plausible Analytics and Google Tag Manager. Overall, the website is professional, trustworthy, and safe for general audiences. Strategic recommendations include publishing privacy and cookie policies, enhancing security headers, enabling DNSSEC, and providing incident response information to improve compliance and security posture.

I

INSTITUTE FOR TCIM/CAM

itcim.org

54

The INSTITUTE FOR TCIM/CAM is a small non-profit organization focused on Traditional, Complementary and Integrative Medicine, providing educational resources, research dissemination, and international cooperation including NATO and cancer-related initiatives. The website serves as an information hub targeting healthcare professionals, researchers, and the public interested in alternative medicine. Technically, the site uses a combination of legacy and modern JavaScript libraries including jQuery, bxSlider, and social media SDKs, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS implied but lacking explicit security headers and privacy policies. WHOIS data is incomplete, limiting domain trust verification. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and security practices.

S

Shift4Shop

3dcart.com

72

Shift4Shop is a comprehensive SaaS eCommerce platform offering a turnkey solution for businesses to build and grow online stores. The platform provides a rich set of features including a website builder, product and order management, marketing tools, integrated payment processing with PCI compliance, and fraud protection. It targets a broad audience of eCommerce businesses seeking a premium yet affordable solution. Technically, the website employs modern analytics and marketing technologies such as Google Analytics, Facebook Pixel, and OneTrust for privacy management, and is optimized for mobile and SEO. Security posture is strong with PCI certification and fraud protection, though explicit security headers and public security policies are not evident. The WHOIS data is missing or unavailable, which slightly reduces domain trustworthiness. Overall, the website is professional, secure, and well-positioned in the eCommerce market.

W

Woopra

woopra.com

73

Woopra is a technology company specializing in customer journey and product analytics software. Their platform enables businesses to track user behavior across multiple touchpoints including marketing, sales, product usage, and support, providing actionable insights to improve customer acquisition and retention. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content targeted at product, marketing, sales, and support teams. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and OneTrust for cookie consent, ensuring compliance with privacy regulations such as GDPR. Security posture is strong with HTTPS enforcement and standard security headers, although explicit security policies and incident response contacts are not published. The absence of WHOIS data for the domain is a notable gap, limiting full trust assessment of domain registration legitimacy. Overall, Woopra presents as a credible SaaS analytics provider with a well-implemented website and good privacy compliance, but would benefit from enhanced transparency in security and domain registration details.

S

Shift4Shop

shift4shop.com

72

Shift4Shop is a well-established SaaS eCommerce platform offering a comprehensive suite of tools for building and managing online stores. The platform targets businesses of various sizes seeking an affordable yet feature-rich solution, positioning itself competitively against other eCommerce providers. Technically, the website employs modern tracking and marketing technologies, integrates with major platforms like PayPal, and demonstrates good mobile optimization and SEO practices. Security-wise, the site enforces HTTPS, holds PCI certification, and includes fraud protection, though it lacks explicit security headers and a public security policy. The WHOIS data is missing or privacy protected, which slightly reduces transparency but does not detract significantly from the site's legitimacy. Overall, the website is professional, trustworthy, and compliant with privacy regulations, making it a strong contender in the eCommerce software market.

The website www.dub.cz represents the Duchovní universita Bytí, an organization focused on spiritual philosophy and the teachings of Josef Zezulka, particularly in the field of Biotronika and alternative medicine. It serves a niche audience interested in spiritual education, events, and community engagement primarily in the Czech Republic but with multilingual support for international visitors. The site offers lectures, concerts, video content, and publications, positioning itself as a small but dedicated non-profit educational entity. Technically, the website employs a moderate technology stack including jQuery, bxSlider, Google Tag Manager, and reCAPTCHA, ensuring basic interactivity and security. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS and reCAPTCHA usage, but lacks some security headers and explicit privacy policies, which are areas for improvement. The absence of WHOIS data reduces transparency and trust slightly, but the active and professional nature of the site, along with partner references, supports its legitimacy. Overall, the site is functional, moderately secure, and serves its community well, though it would benefit from enhanced privacy and security disclosures.

N

Nicer LLC

small.chat

57

Smallchat is a SaaS company providing a Slack-integrated live chat solution that enables website owners and teams to communicate with visitors directly within Slack. The product is positioned as an easy-to-use, customizable chat widget that leverages Slack's platform to streamline customer engagement. The company operates under Nicer LLC and targets businesses that use Slack for internal communication, offering features such as auto messages, contact list management, and conversation analytics. The website is professionally designed, mobile-optimized, and provides clear information about the product and company contact details. Technically, the site is built using React and modern web technologies, with Google Tag Manager for analytics and Mailchimp for marketing communications. Security posture is good with HTTPS enforced and OAuth integration for Slack, though some security headers and policies could be improved. Privacy compliance is basic with a privacy policy and GDPR references but lacks cookie consent mechanisms. Overall, the domain is privacy protected but shows no suspicious patterns, consistent with a legitimate small SaaS business.

G

Gabriela Filippi

gabrielafilippi.cz

59

Gabriela Filippi's website serves as a personal brand platform focused on spirituality, healing arts, and cultural events primarily targeting Czech-speaking audiences interested in personal development and spiritual growth. The site offers a variety of content including podcasts, meditations, workshops, and theatrical performances, supported by an e-commerce section and event ticket sales. The business model revolves around content monetization and event participation, positioning Gabriela Filippi as a niche influencer in the Czech spiritual and cultural community. Technically, the website is built on WordPress using the Mioweb3 theme, leveraging common web technologies such as jQuery, Google Tag Manager, and Smartlook for analytics and user behavior tracking. Hosting is provided by Wedos, a Czech hosting provider, consistent with the domain registration data. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the absence of explicit security headers and vulnerability disclosure policies suggests room for improvement. Privacy compliance is well addressed with clear privacy and cookie policies in Czech language, aligned with GDPR requirements. Overall, the website presents a professional and trustworthy digital presence with good content quality and user experience, though it lacks direct contact information and advanced security policies.

D

Diochi

diochi.cz

48

Diochi.cz is an established Czech company specializing in the development, manufacturing, and sale of natural bioinformational dietary supplements. The website reflects a mature e-commerce platform with a membership club, targeting health-conscious consumers interested in natural products. The company has a long-standing domain since 2003, indicating stability and market presence. Technically, the site is built on Joomla CMS with modern JavaScript libraries and frameworks, supporting responsive design and accessibility at a basic level. Security posture is solid with HTTPS enforced, cookie consent mechanisms, and advanced login options including WebAuthn, though some security headers could be improved. Advertising and analytics are implemented with user consent, reflecting GDPR compliance. Overall, the site is professional, trustworthy, and well-positioned in its niche.

N

Natasha

natasha.cz

57

Natasha.cz is a Czech e-commerce website specializing in eco-friendly household and personal care products, with a strong emphasis on sustainability, zero waste, and local sourcing. The brand is led by founder Nataša Foltánová and has over 15 years of experience in the market. The website offers a wide range of products including cleaning agents, aromatherapy oils, baby care items, and related accessories, targeting environmentally conscious consumers. Technically, the site is built on the Shoptet e-commerce platform, utilizing modern web technologies such as jQuery, Google Analytics, and Facebook SDK, with good mobile optimization and SEO practices. Security posture is solid with HTTPS, security headers, and consent mechanisms, though there is room for improvement in publishing explicit security policies and incident response information. The absence of WHOIS data for the domain is a notable concern, impacting domain trustworthiness, but the website content and business presence appear professional and legitimate overall.

E

Ekokoza s.r.o.

ekokoza.sk

67

Ekokoza s.r.o. operates a professional e-commerce website focused on supplying natural raw materials and kits for home production of cosmetics, candles, and food products. The company targets consumers interested in ecological and DIY lifestyle products primarily in Slovakia and the Czech Republic. The website demonstrates a mature digital infrastructure with modern tracking and marketing tools, good mobile optimization, and clear navigation. Privacy and cookie policies are well implemented with GDPR compliance, enhancing user trust. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. WHOIS data aligns with the business claims, supporting legitimacy.

B

BSSHOP s.r.o.

bsshop.cz

60

BSSHOP s.r.o. is a Czech technology company specializing in the development of e-commerce platforms tightly integrated with the economic system POHODA. With over 20 years of experience and more than 650 active e-shops, the company holds a strong market position in the Czech and Slovak e-commerce sector. Their key services include e-shop creation, process automation, supplier integration, and marketing tools tailored for business clients. The website reflects a professional and business-oriented approach, targeting companies seeking robust e-commerce solutions integrated with POHODA. Technically, the website employs modern web technologies such as JavaScript, jQuery, Bootstrap, and integrates Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized with good SEO practices, though accessibility features are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit security policies. The security evaluation shows no critical vulnerabilities or exposed sensitive data, but the absence of a privacy policy and terms of service pages is a compliance gap. WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the website content and business information appear legitimate and consistent. Overall, the site is safe, professional, and trustworthy for its intended business audience. Strategic recommendations include publishing comprehensive privacy and terms policies, enhancing security headers, adding incident response contacts, and improving accessibility to strengthen compliance and user trust.

D

Divadlo RB s.r.o.

divadlorb.cz

56

Divadlo RB s.r.o. operates the Divadlo Radka Brzobohatého theatre located in the center of Prague, Czech Republic. The company provides live theatrical performances including comedies, musicals, and classic plays, targeting a general audience interested in cultural entertainment. The business model revolves around ticket sales and event hosting, supplemented by a partner cafe service. The website reflects a well-established local cultural venue with a domain age dating back to 2004, indicating a stable presence in the market. Technically, the website is built on WordPress with modern web technologies such as Bootstrap, jQuery, and Font Awesome. It integrates Google Analytics and Tag Manager for visitor tracking and uses Owl Carousel and FancyBox for UI enhancements. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Hosting and domain registration are consistent with the Czech Republic location. From a security perspective, the site enforces HTTPS and uses asynchronous loading for analytics scripts, but lacks important security headers and does not provide visible privacy or cookie policies, which are compliance gaps. No incident response or vulnerability disclosure information is available, and no security.txt file is found. The site does not expose sensitive data or show signs of vulnerabilities in the HTML content. Overall, the website is professional and trustworthy for its intended purpose but would benefit from enhanced privacy compliance and security hardening. Strategic recommendations include publishing comprehensive privacy and cookie policies with consent mechanisms, implementing security headers, and providing clear incident response contacts to improve trust and compliance.

D

Divadlo Hybernia

hybernia.eu

43

Divadlo Hybernia is a Czech theatre offering cultural performances and entertainment services, targeting a general audience interested in theatre arts. The website is built on WordPress and employs modern web technologies including Google Tag Manager, Microsoft Clarity, and FontAwesome for icons. The site is well-structured with good SEO and mobile optimization, providing a professional user experience. However, it lacks explicit privacy and cookie policies, and no direct contact information is found in the analyzed content. Security posture is moderate with HTTPS enabled but missing security headers and vulnerability disclosure mechanisms. Overall, the domain appears legitimate though WHOIS data is privacy protected, which is common for small businesses. Strategic improvements in privacy compliance and security practices are recommended.

D

Divadlo Na Fidlovačce

fidlovacka.cz

45

Divadlo Na Fidlovačce is a Czech theater company focused on providing theatrical performances and cultural entertainment. The website showcases their events and productions, targeting a general audience interested in theater arts. The business operates in the hospitality sector, specifically cultural entertainment, with a medium-sized presence in the regional market. The site uses modern web technologies including Vue.js and MonsterCMS, with integrations for Google Tag Manager and Facebook Pixel for marketing and analytics purposes. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership. Security posture is weak due to missing security headers and lack of visible security policies. Privacy compliance is minimal, with no detected privacy or cookie policies, which is a concern for GDPR adherence. Overall, the website is professionally designed and functional but requires improvements in security and privacy transparency to enhance trust and compliance.

H

Hudební divadlo Karlín

hdk.cz

55

Hudební divadlo Karlín is a musical theater company based in Prague, Czech Republic, offering a variety of theatrical performances and cultural events. The website serves as a platform for event information, ticket sales, and e-commerce related to the theater's offerings. It targets a general audience interested in musical theater and cultural activities. The business model revolves around ticket sales, merchandise, and educational programs. The site is well-branded and consistent, reflecting a medium-sized cultural institution with a solid local presence. Technically, the website employs modern web technologies including Bootstrap, jQuery, and various third-party libraries for UI components and tracking. It uses HTTPS and integrates multiple marketing and analytics tools such as Google Tag Manager, Facebook Pixel, and TikTok Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and event listings. From a security perspective, the site uses HTTPS but lacks explicit security headers and a published security policy or incident response contacts. The absence of WHOIS data for the domain reduces trust and raises questions about domain registration legitimacy. Privacy compliance is basic, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the security posture is moderate but could be improved with better transparency and technical controls. The overall risk is moderate; the site appears legitimate and functional but would benefit from enhanced privacy disclosures, security headers, and verified domain registration information to increase trust and compliance.

E

Zážitkový vlak KDS – Pronajímáme vlakovou soupravu a motorový vůz, které umožňují klientům prožít večírek originálním způsobem na kolejích. Nabízíme služby eventové agentury, jejímž hlavním cílem je nenechat klienta na holičkách.

event-zazitkovyvlak.cz

55

The website event-zazitkovyvlak.cz represents a small Czech business specializing in the rental of train sets and motor vehicles for unique event experiences, alongside event agency services. The business targets clients looking for original party venues on rails, positioning itself as a niche provider in the transportation and event management sectors. The website is built on WordPress with Elementor, indicating a moderate level of digital maturity and ease of content management. The presence of Cookiebot and Google Tag Manager shows awareness of privacy and analytics needs, although no explicit privacy policy or terms of service pages were found, which is a compliance gap. Security posture is adequate with HTTPS and consent mechanisms, but lacks advanced security headers and incident response information. Overall, the website is functional and professional but could improve in privacy and security transparency.

R

Rewora

rewora.io

66

Rewora is a technology company specializing in customer experience tools designed to boost sales and build trust through authentic product and store reviews, Q&A forums, and business intelligence analytics. The company targets e-commerce businesses seeking to increase conversion rates and customer loyalty by leveraging social proof and advanced review management features. The website presents a professional and modern digital presence with clear branding and comprehensive service descriptions. Technically, the site employs modern JavaScript frameworks such as Alpine.js and HTMX, integrates analytics tools like Google Tag Manager and Hotjar, and is hosted with Cloudflare DNS services, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some improvements like enabling DNSSEC and adding security headers are recommended. Privacy compliance is addressed with a GDPR-compliant privacy policy and cookie consent banner. However, the absence of a terms of service page and explicit security or incident response policies are gaps to address. Overall, the domain registration data aligns with the business profile, indicating a legitimate and consistent startup operation launched in 2023.

P

Parola spol. s r.o.

jihlavske-listy.cz

49

Jihlavske-listy.cz is a regional news website operated by Parola spol. s r.o., serving the Vysočina region in the Czech Republic. The site offers a broad range of local news, cultural content, sports updates, and magazines, targeting residents and readers interested in regional affairs. The business model relies on advertising and subscription services, supported by a consistent brand presence and active social media engagement. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Analytics and Tag Manager for tracking, and CKEditor for content management. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, some accessibility and SEO optimizations could be improved. From a security perspective, the site uses HTTPS and integrates Google reCAPTCHA for form protection, but lacks visible security headers which are recommended for enhanced protection. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the website content and business information appear legitimate. Overall, the site presents a professional and trustworthy regional news platform with moderate technical and security maturity. Strategic improvements in security headers, privacy policy presence, and WHOIS transparency would enhance trust and compliance.

I

Institut pro TCIM/CAM, z. ú.

mkz2021praha.cz

53

The website www.mkz2021praha.cz serves as the official portal for the International Health Congress 2021 held in Prague, focusing on traditional, complementary, and integrative medicine (TCIM). It provides extensive information about the congress, including participant profiles, event recordings, publications, and a dedicated information platform called Platforma 2020 Praha. The site targets healthcare professionals, researchers, and the general public interested in TCIM, positioning itself as a niche but reputable organizer in the healthcare non-profit sector. Technically, the website employs a modern but straightforward tech stack including jQuery, bxSlider, simpleLightbox, Google reCAPTCHA, and Google Tag Manager for analytics. It is mobile-optimized with good navigation and content structure, though some accessibility features could be improved. The site uses HTTPS and includes anti-bot measures on forms, but lacks advanced security headers and explicit cookie consent mechanisms. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS registration data reduces transparency and trust slightly. Privacy compliance is basic, with a privacy policy implied on the contact page but no dedicated cookie or terms of service pages. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and content-rich, supporting its mission to disseminate TCIM knowledge. Strategic improvements in security headers, privacy transparency, and WHOIS data availability would enhance trust and compliance.

E

Extravíno U Labutě

extravinoulabute.cz

40

Extravíno U Labutě is a small local wine retailer based in Říčany, Czech Republic, offering wine products through a WooCommerce-powered website built on WordPress with the Divi theme. The website targets local wine consumers and operates primarily as a retail business. Technically, the site uses common web technologies including Google Analytics and Tag Manager for tracking, but lacks advanced security headers and visible privacy or cookie policies. The site is mobile optimized and presents a good user experience with clear navigation and professional design. Security posture is moderate with HTTPS enabled but missing additional security headers and incident response information. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the domain registration data is consistent with the business claims, indicating legitimacy. Strategic improvements in privacy compliance, security headers, and contact transparency are recommended to enhance trust and compliance.

L

LABE TRI CLUB Hradec Králové z.s.

skolnitriatlon.cz

41

The website skolnitriatlon.cz represents the LABE TRI CLUB Hradec Králové z.s., a small Czech sports organization focused on organizing school and public triathlon events. The site provides event schedules, contact information, and photo galleries to engage its target audience of athletes ranging from school children to general sports enthusiasts. The business model centers on event organization in collaboration with a sports equipment rental partner, Topsports Centrum. The website is modest but functional, with a clear focus on local sports community engagement. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery, supplemented by Google Tag Manager and Facebook Pixel for marketing and analytics. Hosting and domain registration are managed by Wedos, a Czech provider, consistent with the business location. The site is mobile-optimized and offers a good user experience, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS and modern tracking tools but lacks visible security headers and formal privacy or cookie policies, which impacts its privacy compliance score. No active forms or incident response contacts are present, and no vulnerability disclosure mechanisms are found. The domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website is a good representation of a small local sports event organizer with room for improvement in privacy compliance and security best practices. Strategic enhancements in these areas would improve trust and regulatory adherence.

P

ProfiBeauty s.r.o.

profibeauty.cz

58

ProfiBeauty s.r.o. operates a specialized e-commerce website focused on hair extensions, hair care products, wigs, and related accessories primarily targeting the Czech market. Established in 2009, the company has a stable online presence with a well-structured website offering a variety of products and clear contact information. The site integrates modern web technologies including PrestaShop CMS, Google Analytics, Facebook Pixel, and reCAPTCHA, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced and basic security measures implemented, though there is room for improvement in security headers and published policies. Privacy compliance is partial, with cookie consent mechanisms present but no explicit privacy policy found. Overall, the website is professional, trustworthy, and well-positioned in its niche market.

U

UnisSoft s.r.o.

hairsoft.cz

38

HairSoft.cz is a professional website offering a comprehensive beauty salon management software solution developed by UnisSoft s.r.o. The software targets beauty salons, hairdressers, cosmeticians, and wellness providers primarily in the Czech and Slovak markets. The company emphasizes efficiency, modularity, and practical features derived from 25 years of industry experience. The website is well-designed, mobile-optimized, and rich in content including testimonials, detailed feature descriptions, and trial offers. Technically, the site uses Joomla CMS with modern frameworks and integrates marketing and analytics tools such as Google Analytics and Facebook Pixel. Security posture is good with HTTPS and CSRF protections, though some security headers and privacy compliance mechanisms are missing. WHOIS data is unavailable, which slightly reduces trustworthiness but the business information and website professionalism compensate for this. Overall, the site is a credible and valuable resource for its target audience.

F

Frisör Klier správní s.r.o.

klier.cz

62

Frisör Klier správní s.r.o. operates the largest network of hair salons in the Czech Republic, catering to both men and women with professional hairdressing services and premium hair care products. The company maintains a strong market position as a leading retail service provider in the hair care industry, supported by an e-commerce platform for product sales. Their website reflects a professional and consistent brand image, targeting a broad audience seeking quality hair care solutions. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and the Nette Framework, ensuring a robust digital presence with moderate performance and good mobile optimization. Privacy compliance is well addressed with a comprehensive privacy policy and an active cookie consent mechanism, demonstrating adherence to GDPR requirements. However, the absence of WHOIS registration data and visible security headers slightly detracts from the overall trustworthiness. No direct contact phone numbers or physical addresses were found on the homepage, though a professional contact email is provided. Overall, the website is secure, user-friendly, and business credible, with room for improvement in transparency and security hardening.

E

ELEGANCE s.r.o.

sothys.cz

68

Sothys.cz represents a luxury French professional cosmetics brand operating primarily in the Czech Republic, targeting beauty salons, wellness, and spa centers. The company, identified as ELEGANCE s.r.o., offers high-end cosmetic products and professional treatments, positioning itself as a premium player in the beauty retail sector. The website reflects a well-structured digital presence with clear branding and a focus on professional clientele. Technically, the site is built on WordPress with modern SEO and analytics tools such as Yoast SEO, Google Tag Manager, and Cookiebot for cookie consent management, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers are missing and privacy policy documentation is not clearly found, suggesting room for compliance improvement. Overall, the site is professional, trustworthy, and compliant with basic privacy standards, but could enhance transparency by publishing detailed privacy and security policies. Strategic recommendations include improving security headers, publishing privacy and incident response information, and enhancing contact availability to strengthen trust and compliance.