Security Directory

O

onvista bank - eine Marke der Commerzbank AG

onvista-bank.de

63

The onvista bank website represents a well-established online brokerage service brand under the Commerzbank AG umbrella, targeting retail investors and traders in Germany. The site offers a comprehensive range of financial products including funds, CFDs, options, certificates, and stocks, supported by a webtrading platform. The business model focuses on providing accessible and competitive online trading services with clear pricing and security information. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and includes cookie consent mechanisms, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and security-related informational content, though some improvements in security headers and incident response transparency are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR and related regulations.

D

Dopravní značení Šůs

dopravniznacenisus.cz

45

Dopravní značení Šůs is a small Czech Republic-based company specializing in horizontal and vertical traffic signage services, including pedestrian crossings, parking markings, and traffic playground reconstructions. The company targets municipalities and businesses requiring professional traffic marking solutions. Their website is built on WordPress and integrates common plugins for social media, GDPR compliance, and security features such as Google reCAPTCHA. The business presents clear contact information and maintains a consistent brand image. However, it lacks formal privacy and security policies on the website. Technically, the website uses a modern CMS with standard plugins and scripts, ensuring moderate performance and good mobile responsiveness. Security posture is adequate with HTTPS and CAPTCHA protections, but the absence of security headers and published incident response policies indicates room for improvement. GDPR cookie consent is implemented, but no privacy policy page was found, which is a compliance gap. Overall, the website is trustworthy and professional for a small local business, with no signs of malicious activity or adult content. The domain registration data aligns well with the business profile, supporting legitimacy. Strategic improvements in privacy documentation, security headers, and incident response disclosures would enhance compliance and trustworthiness.

R

Rychlebské stezky

rychlebskestezky.cz

46

Rychlebské stezky is a well-established trail center in the Czech Republic specializing in mountain biking trails, including technical stone trails and modern flow trails. The website highlights community support, partnerships with local authorities and companies, and services such as bike rental, bike school, accommodation, and gift vouchers. The business model appears to be community and partnership-driven, with a strong emphasis on trail maintenance and development supported by donations and sponsors. The domain has been registered since 2009, aligning with the business's history and credibility. Technically, the website uses modern web technologies including Bootstrap 4, jQuery, Popper.js, Font Awesome, and Google Fonts, ensuring a responsive and user-friendly experience. The site is mobile optimized and has good SEO practices, although accessibility features are basic. Security-wise, HTTPS is enabled and secure external libraries are used, but there is a lack of security headers and no visible incident response or vulnerability disclosure information. Overall, the security posture is moderate with room for improvement in privacy compliance and security best practices. The absence of privacy and cookie policies, as well as contact information for security incidents, are notable gaps. The website content is safe for general audiences, focusing on outdoor sports and community engagement without any adult or explicit content. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, establishing vulnerability disclosure and incident response contacts, and enhancing accessibility features to improve compliance and trustworthiness.

S

Stiftung Erinnerung, Verantwortung und Zukunft (EVZ)

stiftung-evz.de

47

The Stiftung Erinnerung, Verantwortung und Zukunft (EVZ) is a German non-profit foundation dedicated to fostering remembrance culture, encouraging historical education, and supporting related projects across society. The foundation operates with a clear mission to engage diverse audiences in active historical reflection and education. Their website reflects a mature digital presence, built on TYPO3 CMS, with modern JavaScript libraries and Matomo analytics for privacy-conscious tracking. The site is well-structured, mobile-optimized, and provides comprehensive information about their funding programs, organizational structure, and news updates. Security posture is solid with HTTPS enabled and no visible vulnerabilities, although some security headers could be improved. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms in place. Overall, the foundation presents a trustworthy and professional online presence consistent with its mission and organizational type.

P

Pivovar Nová Paka a.s.

novopackepivo.cz

52

Pivovar Nová Paka a.s. is a medium-sized independent brewery based in the Czech Republic with a long-standing tradition dating back to 1872. The company produces traditional bottom-fermented beers (lagers) with a characteristic full bread-like taste and offers brewery tours including tastings of specialty beers. The website reflects a well-established business with a focus on heritage and quality. Technically, the site is built on WordPress with WooCommerce for e-commerce capabilities, enhanced by popular plugins such as WPBakery and Slider Revolution. The site is mobile-optimized and uses HTTPS with Google Analytics and reCAPTCHA for security and tracking. However, explicit privacy and cookie policies are not clearly found, and WHOIS data is unavailable, limiting transparency. Security headers are not detected, suggesting room for improvement in security hardening. Overall, the site presents a professional and trustworthy image but could enhance compliance and security posture.

B

BurdaMedia Extra s.r.o.

burdastore.cz

55

Burdastore.cz is an e-commerce platform operated by BurdaMedia Extra s.r.o., specializing in magazine subscriptions and related products for the Czech market. The website showcases a variety of well-known magazine brands such as Elle, Marianne, and Apetit, positioning itself as a niche leader in media subscription sales. The business model focuses on direct-to-consumer sales of print and digital magazine subscriptions, supplemented by gift vouchers and collectible items. The site targets consumers interested in lifestyle, home, and entertainment magazines within the Czech Republic.

N

Nationale Agentur Bildung für Europa beim Bundesinstitut für Berufsbildung

europass-info.de

61

The website www.europass-info.de serves as the official German national portal for the Europass service, a free EU initiative supporting job applications, job search, and competency documentation. It is operated by the Nationale Agentur Bildung für Europa at the Bundesinstitut für Berufsbildung, positioning itself as a government-backed educational and informational service. The site targets job seekers, educational institutions, advisors, and companies, offering services such as online CV creation, mobility applications, and educational materials. The content is comprehensive, professionally presented, and regularly updated with news and testimonials, reinforcing its trustworthiness and authority in the sector. Technically, the site is built on TYPO3 CMS with modern web technologies including Bootstrap 5 and jQuery. It demonstrates good mobile optimization, accessibility, and SEO practices, though performance is moderate. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. Overall, the site exhibits a high level of professionalism, trust, and compliance with privacy regulations such as GDPR. The absence of direct contact emails or phone numbers on the homepage suggests contact details may be on dedicated pages. No advertising or tracking services are present, indicating a privacy-respecting approach. The domain WHOIS data aligns with the official nature of the site, showing consistent registration and no privacy protection, enhancing legitimacy. Strategic recommendations include adding explicit security headers, publishing a security policy and incident response contacts, and considering a vulnerability disclosure policy to further strengthen security posture and user trust.

D

DAV, a.s.

dav-ova.cz

60

DAV, a.s. is a Czech construction and demolition company with over 30 years of experience, providing comprehensive services including demolition, construction of new buildings, reconstruction, and earthworks. The company employs approximately 100 staff and operates with its own machinery and technical equipment, positioning itself as a reliable general contractor in the Czech market. The website reflects a professional and consistent brand image with clear contact information and references to certifications, enhancing trustworthiness. Technically, the website uses a modern but standard tech stack including jQuery, jQuery UI, Slick Carousel, and Lightbox. It is mobile optimized and provides a good user experience with clear navigation and relevant content. SEO and accessibility are adequately addressed, though some improvements could be made in accessibility features and performance optimization. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms compliant with GDPR. However, security headers are not explicitly detected in the HTML content, and there is no visible incident response or vulnerability disclosure information. The site does not expose sensitive data and uses common analytics and marketing tools responsibly. Overall, the website is secure, compliant, and professionally maintained, supporting the company's credibility. Recommendations include enhancing security headers, publishing incident response contacts, and considering a security.txt file to improve transparency and security posture.

T

Trigema a.s.

trigema.cz

61

Trigema a.s. is a well-established Czech real estate development and construction company founded in 1994. The company operates primarily in residential development, construction, property rental, and venture capital investments related to real estate. Their market position is strong within the Czech Republic, supported by a professional and comprehensive website that highlights their projects, values, and corporate information. The website demonstrates a mature digital presence with modern technologies, analytics, and privacy compliance mechanisms. Security posture is good with HTTPS, reCAPTCHA, and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data slightly reduces domain trust but does not detract from the overall legitimacy given the detailed business information and contact data available. Overall, Trigema presents as a credible and professional entity in the real estate sector.

The website webnem.cz is operated by DALTEN media s.r.o., a Czech company specializing in providing custom web presentation services for real estate properties. The service enables real estate agents and property sellers to create dedicated websites for their listings, enhancing marketing and SEO capabilities. The business model is subscription-based, charging monthly fees for property websites and annual fees for domain registration. The company leverages over 20 years of experience and partnerships with multiple real estate platforms, positioning itself as a trusted provider in the Czech real estate market. Technically, the website uses modern JavaScript libraries including jQuery and Google Analytics for tracking, with a responsive design optimized for mobile devices. Cookie consent management is implemented with granular user controls, ensuring GDPR compliance. Hosting and domain registration are consistent with the registrar REG-WEBGLOBE, and the domain age aligns with the company's founding date. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security headers such as CSP or HSTS. No incident response or security policy information is published, representing an area for improvement. No vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website presents a professional and trustworthy front with good content quality and business credibility. The main risks relate to the absence of published security policies and some missing security headers. Strategic improvements in these areas would enhance the security posture and compliance maturity.

A

Avril

groupeavril.com

70

Avril is a leading French industrial group specializing in oils and plant proteins, with a strong commitment to sustainability and addressing climate and demographic challenges. The company operates across multiple sectors including renewable energies, food production, specialty chemicals, agricultural solutions, incubators, and investments. Their market position is strong in France and internationally, supported by a broad portfolio of subsidiaries and brands. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content focused on their business mission and sustainability goals. Technically, the site uses modern web technologies including WordPress CMS, jQuery, and privacy-focused analytics (Matomo). Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data is unavailable, which slightly reduces domain trustworthiness, but the website content and branding strongly indicate a legitimate and established business. Overall, Avril demonstrates a solid digital maturity and business credibility with room for minor security enhancements.

V

virtual-zoom s.r.o.

e-katalogy.cz

51

The website www.e-katalogy.cz represents virtual-zoom s.r.o., a Czech-based small technology company specializing in the production and hosting of customized virtual e-catalogues, flyers, books, and magazines. Their services focus on providing interactive digital catalogues linked to e-commerce platforms, targeting businesses seeking to enhance their online product presentations. The company positions itself as a niche provider with dedicated hosting infrastructure on the Czech internet backbone, offering technical support and system upgrades. Technically, the website employs a traditional web stack with jQuery (multiple versions), OwlCarousel, Google reCAPTCHA, Google Tag Manager, and Google Analytics. While the site is functional and professionally designed with good navigation and SEO practices, some technical debt is evident due to the use of outdated jQuery versions and lack of visible security headers. Mobile optimization and accessibility are basic but adequate. From a security perspective, the site implements GDPR-compliant cookie consent mechanisms and uses Google reCAPTCHA to protect its contact form. However, the absence of explicit security headers and the presence of older JavaScript libraries pose potential risks. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is not uncommon for small businesses. Overall, the website is safe, professional, and trustworthy with moderate technical maturity. Strategic improvements in updating libraries, enhancing security headers, and improving mobile accessibility would strengthen its security posture and user experience.

A

Avril

avril.com

70

Avril is a major French industrial group specializing in oils and plant proteins, with a strong commitment to sustainability and serving the earth through addressing climate and demographic challenges. The company operates multiple subsidiaries and brands, offering services across renewable energies, food production, specialty chemicals, agricultural solutions, incubators, and investments. The website is professionally designed, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site uses modern JavaScript libraries, cookie consent management, and privacy-focused analytics (Matomo), but lacks some advanced security headers and explicit security policies. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, but the overall business credibility and trust signals are strong. Privacy compliance is well implemented with clear cookie policies and GDPR adherence. Overall, the site presents a secure and trustworthy digital front for a large industrial enterprise.

S

Sporticus

sporticus.cz

58

Sporticus.cz is a Czech Republic-based specialized retail e-commerce website focusing on outdoor and cross-country skiing equipment. The company operates both online and a physical store in Prague, offering a wide range of products including skis, boots, poles, waxing equipment, functional clothing, GPS devices, and accessories for orienteering. The website targets sports enthusiasts, particularly those interested in skiing and outdoor activities, and provides expert advice and discounts for registered customers and sports clubs. Technically, the site uses modern JavaScript libraries such as jQuery, Select2, and Slick Carousel, along with lazy loading for images, indicating a moderate level of digital maturity. The site is mobile-optimized and includes SEO best practices such as meta tags and Open Graph data. Security-wise, the site enforces HTTPS and uses deferred script loading but lacks visible security headers like CSP or X-Frame-Options, which could improve its security posture. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data for the domain is unavailable, which reduces trust in domain legitimacy, but the website content and contact information appear consistent with a legitimate small retail business. Overall, the site presents a good user experience with clear navigation and professional design but could improve privacy compliance and security headers.

S

Senner Verlag GmbH

ntz.de

53

The website www.ntz.de is a well-established regional news portal serving the Nürtingen, Wendlingen, and surrounding areas in Germany. Operated by Senner Verlag GmbH, it provides comprehensive local news coverage including sports, economy, culture, and politics. The site offers digital subscriptions, e-paper access, and advertising services, positioning itself as a key regional media player. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and implements GDPR-compliant consent management, ensuring a good level of digital maturity. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and user-friendly with good content quality and navigation. The WHOIS data is limited due to DENIC privacy policies but consistent with the business profile. No adult or malicious content is detected, and the site maintains a moderate level of user tracking with appropriate privacy controls.

P

Pacovis

pacovis.com

68

Pacovis is a well-established family-owned company specializing in providing comprehensive solutions for the food industry and gastronomy sectors across Germany, Austria, and Switzerland. With over 90 years of experience, the company offers a broad portfolio including packaging, hygiene, cleaning, protective equipment, spices, additives, and technological expertise. The website reflects a mature digital presence built on TYPO3 CMS, featuring modern JavaScript libraries and a user-friendly, mobile-optimized design. Privacy and cookie policies are well implemented, demonstrating compliance with GDPR requirements. However, the absence of WHOIS registration data raises minor concerns about domain registration transparency, though the website's content and certifications support its legitimacy.

F

Fiat

dealer-fai.cz

61

Fiat Česká republika operates as the official online presence for Fiat in the Czech Republic, offering new vehicles, promotional offers, and a comprehensive online configurator. The website targets consumers interested in Fiat's hybrid and electric vehicles, providing detailed model information and dealer locator tools. The site is well-branded and consistent with Fiat's global identity, supported by modern web technologies including Adobe Experience Manager and Google Tag Manager. Privacy and cookie policies are implemented with GDPR compliance in mind. However, the absence of WHOIS registration data for the domain raises questions about domain legitimacy, though the website content and branding strongly suggest an official source. Security posture is good with HTTPS and cookie consent mechanisms, but could be improved with additional security headers. Overall, the site provides a professional and user-friendly experience for its target audience.

A

Anton Rath Gartengestaltung GmbH

gartenrat.com

48

Anton Rath Gartengestaltung GmbH is a well-established family-owned horticulture and landscaping business based in Austria, with over 30 years of experience. The company specializes in plant nursery services, garden and landscape design, substrate production, and innovative rainwater management solutions. Their target audience includes commercial, public, and private clients seeking high-quality plants and landscaping expertise. The website reflects a professional and consistent brand image with clear contact information and a focus on sustainability and regional production. Technically, the website uses modern JavaScript libraries such as jQuery and FontAwesome, with a moderate performance and basic mobile optimization. Security posture is adequate but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is strong, with a clear cookie consent mechanism and GDPR-aligned privacy policy. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration is consistent with the business history, indicating legitimacy.

E

eSports.cz, s.r.o.

streetfloorball.cz

41

Streetfloorball.cz is a Czech sports event website operated by eSports.cz, s.r.o., focused on promoting the KFC Street Floorball League. The site provides tournament schedules, registration, news articles, galleries, and partner information, targeting floorball players and fans primarily in the Czech Republic. It maintains a consistent brand presence aligned with the Czech Floorball Association and key sponsors such as KFC. Technically, the site uses modern JavaScript libraries and responsive design, ensuring good user experience across devices. However, it lacks explicit privacy and cookie policies and does not provide direct contact information on the homepage. Security posture is moderate with HTTPS usage and no exposed sensitive data but missing security headers and incident response details. Overall, the website is professional and trustworthy but could improve compliance and security transparency.

Č

Český florbal & eSports.cz, s.r.o.

wfc2025.cz

61

Český florbal is the official governing body for floorball in the Czech Republic, operating a comprehensive website dedicated to the Women's World Floorball Championship 2025 (MS žen 2025). The organization provides event information, ticket sales, news updates, fan engagement, and volunteer opportunities. The website reflects a mature digital presence with modern technologies and strong branding consistency. Despite the absence of WHOIS registration data, the site demonstrates legitimacy through official partnerships, social media presence, and compliance with GDPR and cookie regulations. Technically, the site employs a robust tech stack including Google Tag Manager, Facebook Pixel, reCAPTCHA, and Nette Framework components, ensuring good performance and security posture. Security best practices are observed, though some security headers could be enhanced. Overall, the site is professional, trustworthy, and well-optimized for users across devices.

H

Huemer Kompost GmbH

huemerkompost.at

56

Huemer Kompost GmbH is a specialized Austrian company focused on producing and selling high-quality organic compost, soils, and substrates for gardening and landscaping. With over 30 years of experience, they hold a strong market position supported by certifications such as Güteklasse A+ and multiple awards including the KompOskar. Their business model includes direct sales, delivery services, and B2B offerings targeting gardeners, architects, municipalities, and private consumers. Technically, the website is built on WordPress with WooCommerce and several plugins, providing a good user experience and mobile optimization. Security posture is adequate with HTTPS and secure forms, though improvements in security headers are recommended. Privacy compliance is basic, with a privacy policy present but lacking a cookie consent mechanism. Overall, the website is professional, trustworthy, and well-aligned with the company's business claims.

D

D\D Landschaftsplanung

dnd.at

48

D\D Landschaftsplanung is a specialized landscape planning firm based in Vienna, Austria, focusing on urban green space and landscape architecture projects. The company maintains a professional web presence showcasing projects, news, and contact information, targeting clients and professionals interested in landscape architecture. The website employs a modern technical stack including Bootstrap 5 and jQuery, with responsive design and basic accessibility features. Security posture is moderate with HTTPS implied and cookie consent implemented, but lacks explicit security headers and documented incident response policies. Privacy compliance is strong with a comprehensive privacy and cookie policy in German and English. Overall, the website is trustworthy and professionally maintained, though improvements in security headers and incident response documentation are recommended.

S

SIGN+DESIGN GmbH

signunddesign.com

71

SIGN+DESIGN GmbH is a well-established German advertising agency based in Schwalmtal, offering a broad range of services including strategy, digital and print media, web design, graphic design, photography, videography, augmented reality, and rental of construction site signs. The company positions itself as a trusted partner with over 20 years of experience and a strong market presence in Germany. Their website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital infrastructure. Technically, the site runs on WordPress with modern JavaScript libraries and is hosted by IONOS SE, a reputable provider. Security posture is good with HTTPS enabled and domain transfer protection, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the business demonstrates high credibility with transparent contact information and positive trust signals.

C

ClayTec GmbH & Co. KG

claytec.de

53

ClayTec GmbH & Co. KG is a medium-sized, family-owned German company specializing in the production and distribution of sustainable clay-based building materials. With over 40 years of experience, the company positions itself as a leader in circular and climate-friendly construction solutions, targeting construction professionals, architects, and environmentally conscious consumers. The website reflects a professional and comprehensive digital presence, offering detailed product information, application techniques, and a partner network. Technically, the site is built on WordPress with modern JavaScript libraries and SEO optimizations, ensuring good performance and mobile responsiveness. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie management. Overall, the site demonstrates high professionalism, trustworthiness, and business credibility.

B

btf Innovationen für den Bau GmbH

btf-innovationen.de

46

btf Innovationen für den Bau GmbH is a specialized manufacturer and distributor of innovative building sealing and insulation products, focusing on impact sound insulation, moisture barriers, and waterproofing solutions for floors, walls, and roofs. The company targets construction professionals and distributors primarily in Germany, positioning itself as a niche innovator with strong partnerships. The website is built on TYPO3 CMS and employs modern web technologies, providing a professional and user-friendly experience with multilingual support. Security posture is solid with HTTPS and CAPTCHA protections, though some improvements in security headers and cookie consent mechanisms are recommended. Overall, the site reflects a credible and trustworthy business with comprehensive product information and clear contact channels.

V

Vorlíček

vorlicek-okna.cz

53

Vorlíček is a Czech-based manufacturer and retailer specializing in high-quality plastic windows, doors, and related building products such as shading systems, ventilation, pergolas, and garage doors. The company emphasizes custom solutions tailored to energy savings and comfortable living, with a strong focus on innovation and customer satisfaction. The website reflects a mature business with over 25 years of experience and a solid regional presence in the Czech Republic. Technically, the website uses modern JavaScript libraries and tracking tools, including jQuery, OwlCarousel, Microsoft Clarity, and Google Analytics, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and provides cookie consent mechanisms but lacks advanced security headers and incident response contact information. The absence of WHOIS data limits domain trust verification, but the website content and business indicators suggest legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

V

VORLÍČEK - PLAST s.r.o.

radceprodum.cz

44

The website www.radceprodum.cz serves as an informational guide focused on helping customers select the right windows and doors for their homes. It is operated by VORLÍČEK - PLAST s.r.o., a Czech company with over 25 years of experience in the manufacturing and retail of windows, doors, and related products. The site targets homeowners and builders in the Czech Republic, providing detailed advice and technical information to support purchasing decisions. The business model centers on product education and brand promotion, positioning itself as a trusted regional player in the home improvement sector. Technically, the website employs modern web technologies including jQuery, Google Analytics, Smartlook, and cookie consent management via Orejime. The site is mobile-optimized with good SEO practices and moderate performance. While no CMS or hosting provider details are evident, the technical stack supports a professional user experience with animations and interactive elements. From a security perspective, the site enforces HTTPS and implements cookie consent with opt-in mechanisms for analytics and marketing cookies, demonstrating GDPR compliance. However, no explicit security headers were detected in the provided data, and no incident response or vulnerability disclosure information is available. The WHOIS data is missing or privacy-protected, limiting domain ownership verification and reducing trustworthiness somewhat. Overall, the website is professionally designed and content-rich, with good privacy compliance and moderate security posture. The main risks relate to the lack of WHOIS transparency and absence of explicit security policies or contact information. Strategic improvements in these areas would enhance trust and security posture significantly.

V

Vorlíček Okna a dveře

oknavorlicek.cz

53

Vorlíček Okna a dveře is a Czech-based manufacturer and supplier specializing in high-quality plastic and aluminum windows, doors, shading technology, ventilation systems, pergolas, and garage doors. Established in 1997, the company serves residential and commercial building markets primarily within the Czech Republic. Their business model integrates manufacturing, direct sales, consultation, installation, and after-sales service, positioning them as a reputable medium-sized player with a strong regional footprint. The website reflects a professional and consistent brand image with detailed product categorization and customer references, supporting their market credibility. Technically, the website employs modern JavaScript libraries such as jQuery and OwlCarousel, alongside analytics and tracking tools including Google Tag Manager, Microsoft Clarity, and Adform. The site is mobile-optimized with good SEO practices and clear navigation, though some accessibility features appear basic. Performance is moderate, with room for optimization. The absence of explicit CMS or hosting provider details limits deeper infrastructure insights. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, no explicit privacy policy or terms of service were found, and security headers are not detected, which could expose the site to certain risks. The WHOIS data for the domain is unavailable, raising concerns about domain registration transparency and trustworthiness. No incident response or vulnerability disclosure information is present, suggesting limited formal security governance. Overall, the website is functional, professional, and business-focused but would benefit from enhanced transparency in domain registration, explicit privacy and security policies, and improved security header implementation. These improvements would strengthen trust and compliance posture, reducing potential risks and enhancing customer confidence.

F

Floweb Oy

ekukka.fi

55

eKukka.fi is a well-established Finnish online flower marketplace operated by Floweb Oy, founded in 2011. It aggregates nearly 400 Finnish florists, offering consumers nationwide access to fresh flowers with options for home delivery or store pickup. The website is positioned as the largest flower shop network in Finland, targeting Finnish consumers seeking convenient and reliable flower delivery services. The business model focuses on e-commerce and marketplace aggregation, supported by a strong brand presence and trust certifications such as Avainlippu.

EasyVeggieIdeas.com is a UK-based media website operated by Artichoke Media Limited, specializing in vegetarian recipes and related lifestyle content such as cruelty-free beauty and eco living. The site offers a large collection of free recipes curated by professional cooks and chefs, targeting vegetarians, vegans, and eco-conscious consumers. The business model is primarily content publishing supported by advertising and newsletter subscriptions, positioning itself as a niche media player in the vegetarian lifestyle market. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, DoubleClick advertising, and jQuery libraries. It features responsive design optimized for mobile devices and includes cookie consent mechanisms compliant with GDPR. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the site uses HTTPS and implements CSRF tokens in forms, but lacks explicit security headers such as Content-Security-Policy or X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with clear privacy and cookie policies. However, the absence of WHOIS data for the domain reduces transparency and trustworthiness. Overall, the website is professional, content-rich, and user-friendly with a solid privacy posture. The main risk lies in the lack of domain registration transparency, which should be addressed to improve trust. Strategic recommendations include enhancing security headers, publishing a security policy, and providing clearer direct contact information.

B

Buy Better Food

buybetterfood.eu

51

Buy Better Food is a Europe-wide coalition advocating for sustainable food procurement in public institutions such as schools, hospitals, and elderly care homes. The coalition comprises over 100 members and focuses on promoting healthy, environmentally friendly, and socially responsible food systems by 2030. The website serves as an information hub, campaign platform, and resource center for stakeholders interested in sustainable food policies. Technically, the website is built on Drupal CMS with modern JavaScript libraries such as jQuery and Slick Carousel. It employs privacy-conscious analytics via Matomo with Do Not Track and cookie disabling enabled. The site is mobile-optimized and presents content clearly with good navigation and professional design. From a security perspective, the site uses HTTPS with a good SSL configuration and avoids exposing sensitive data. However, it lacks explicit security headers and a cookie consent mechanism, which are recommended for compliance and enhanced security. No incident response or vulnerability disclosure information is published, which could be improved to strengthen trust. Overall, the website is trustworthy, professional, and aligned with its non-profit advocacy mission. It effectively communicates its goals and engages its audience through events, petitions, and media coverage. Strategic improvements in privacy compliance and security policies would further enhance its posture.

AnimaList is a Croatian non-profit newsletter platform operated by the animal rights association Prijatelji životinja. The website focuses on promoting veganism, animal welfare, and environmental sustainability through educational content, activism updates, and event announcements. The organization targets animal rights advocates and environmentally conscious individuals primarily in Croatia. Technically, the site is built on WordPress with common plugins and uses HTTPS, but lacks advanced security headers and privacy compliance features such as a privacy policy or cookie consent. The WHOIS data is privacy protected, which is typical for non-profits, but limits transparency. Overall, the website is functional, content-rich, and trustworthy but could improve in privacy compliance and security best practices.

1

10dencehispahard S.L.

tecnologa.cat

56

La Tecnòloga is a small digital media company operating a Catalan-language technology magazine founded in 2019. The website provides technology news, in-depth analysis, interviews, and book reviews targeting Catalan-speaking technology enthusiasts and the general public interested in technology and society. The company is registered as 10dencehispahard S.L. in Spain, consistent with the website's regional focus. The site is built on WordPress with standard plugins and integrates Google Analytics and social media feeds for audience engagement. The technical infrastructure is moderate in performance with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS enabled and domain protections in place, but lacks DNSSEC and security headers. Privacy compliance is basic with a privacy policy present but no cookie consent mechanism or GDPR explicit indicators. Contact information is limited to an email address and social media links, with no phone or physical address provided. Overall, the website is professional and trustworthy within its niche but could improve security and privacy practices.

The website liesen.lu is an official educational platform managed by SCRIPT, a Luxembourg government entity focused on reading initiatives in primary schools. It serves as an information hub providing catalogs, reading projects, pedagogical materials, and related educational content targeted at educators and schools in Luxembourg. The site is well-branded with government logos and maintains a consistent educational focus. Technically, the site is built on Drupal 9 CMS, leveraging modern frontend libraries such as Font Awesome and jQuery. It employs tarteaucitron.js for cookie consent management and uses Matomo for privacy-conscious analytics. The hosting appears to be managed by Restena Foundation, a known Luxembourg educational network provider. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit public security policies. No vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website's government and educational nature, indicating legitimacy and trustworthiness. Overall, the site presents a low-risk profile with good privacy compliance and business credibility. Strategic improvements could include adding explicit security headers, publishing security policies, and enhancing incident response transparency.

S

STT Viestintäpalvelut

viestintapalvelut.fi

56

STT Viestintäpalvelut is a Finnish media communication service provider specializing in enhancing brand visibility through comprehensive media communication tools, press release distribution, communication planning, and visual communication services. The website is professionally designed using HubSpot CMS and integrates modern marketing and analytics technologies such as Google Analytics, Hotjar, and HubSpot's own lead and messaging tools. While the technical infrastructure is solid with HTTPS and cookie consent mechanisms in place, the site lacks explicit privacy and terms of service pages, as well as visible contact information, which slightly impacts its privacy compliance and business credibility scores. Security posture is generally good but could be improved by adding security headers and incident response information.

I

Info-Zenter Demenz

demenz.lu

37

Info-Zenter Demenz is a national information and consultation center in Luxembourg specializing in memory disorders and dementia. The organization provides free services and resources to affected individuals, their families, healthcare professionals, and the general public. The website is professionally designed, well-structured, and offers comprehensive content in French, with multilingual support. It maintains a strong presence through social media and government support, positioning itself as a trusted resource in the healthcare non-profit sector. Technically, the website is built on WordPress with modern technologies including Google Tag Manager, reCAPTCHA, and accessibility tools. It demonstrates good mobile optimization, SEO practices, and performance. The hosting and domain registration appear professional and consistent with the organization's profile. From a security perspective, the site uses HTTPS, has implemented cookie consent mechanisms, and employs reCAPTCHA to protect forms. While explicit security policies and incident response contacts are not found, no vulnerabilities or suspicious activities are detected. Privacy compliance is well addressed with clear policies and consent management. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include enhancing security headers, publishing a formal security policy, and maintaining regular audits of third-party scripts to further strengthen security posture.

OA.Works is a US-based non-profit organization dedicated to developing free and open source tools that facilitate open access to academic research. Their portfolio includes products such as ShareYourPaper, InstantILL, OAbutton, and OA.Report, which serve researchers, libraries, and funders by simplifying open access deposit, interlibrary loans, paywall bypassing, and policy compliance reporting. The organization maintains strong partnerships with reputable institutions including the Gates Foundation and IFLA, enhancing its credibility and market position within the open access community. Technically, the website employs modern web technologies, is mobile-optimized, and hosted via Cloudflare, ensuring good performance and accessibility. Security posture is solid with HTTPS enforced and domain registration protections, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is well addressed with comprehensive policies and GDPR considerations. Overall, OA.Works presents a professional, trustworthy, and mission-driven digital presence with a strong focus on community and open access advocacy.

B

Bauer CZ

bauerhockey.cz

36

Bauer CZ operates a professional e-commerce website specializing in hockey equipment and apparel targeted primarily at hockey players and enthusiasts in the Czech Republic. The company offers a wide range of products including hockey sticks, skates, helmets, gloves, protective gear, training equipment, and clothing. The website demonstrates a consistent brand presence and good content quality, supporting its position as a recognized retailer in the hockey sports sector. Technically, the website employs modern web technologies such as jQuery, Google Tag Manager, Cookiebot for cookie consent, and Facebook SDK for social media integration. The site is HTTPS secured and uses structured data (JSON-LD) to enhance SEO and provide clear business information. Mobile optimization and user experience are good, with a clear navigation structure and search autocomplete features. From a security perspective, the website enforces HTTPS and uses cookie consent mechanisms, but lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or suspicious content were detected. Privacy compliance is partial, with cookie consent present but no visible privacy policy or terms of service pages in the provided content. Overall, Bauer CZ presents a trustworthy and professional online retail platform with moderate to good security posture and technical implementation. Strategic improvements in privacy policy publication, security headers, and incident response transparency would enhance compliance and trustworthiness.

B

BK Mladá Boleslav

bkboleslav.cz

46

BK Mladá Boleslav operates a professional and content-rich website serving as the official digital presence of the Czech ice hockey team. The site offers comprehensive information including team news, match schedules, ticket sales, merchandise, and fan engagement features. The business model focuses on sports entertainment and community engagement with a strong local and national fan base. Technically, the website employs modern web technologies such as Bootstrap and jQuery, integrates Google Analytics for user tracking, and maintains good mobile responsiveness and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data aligns well with the website's identity, supporting legitimacy and trust. Overall, the site is professional, trustworthy, and well-maintained, serving its audience effectively.

I

IFYS, s.r.o.

forecasts.cloud

50

Forecasts.cloud is a Czech Republic-based meteorological technology company specializing in tailored predictive weather models for business sectors including energy, insurance, marketing, retail, agriculture, construction, and transportation. The company leverages machine learning and extensive data to provide hyperlocal forecasts and actionable insights to improve operational efficiency and reduce costs. Their market position is that of a niche B2B service provider with over 15 years of experience and a unique AI-driven product offering. Technically, the website employs modern JavaScript libraries such as jQuery, Slick Carousel, and Nette Forms, hosted on VSHOSTING infrastructure. The site is mobile-optimized with good design quality and clear navigation, though SEO and accessibility features are basic. No CMS is detected, and no analytics or tracking scripts are present, indicating a privacy-conscious or minimal tracking approach. From a security perspective, the site uses HTTPS with domain transfer and update protections enabled. However, no security headers or privacy/cookie policies are published, which are notable compliance and security gaps. No incident response or vulnerability disclosure information is available. The WHOIS data is consistent with the business claims, enhancing legitimacy. Overall, the website is professional and trustworthy but would benefit from improved privacy compliance and enhanced security headers. The absence of privacy and cookie policies and lack of incident response contacts are the main weaknesses. Strategic improvements in these areas would strengthen the security posture and regulatory compliance of the business.

S

Scaserv

leseni-bedneni.cz

47

Scaserv operates a Czech Republic-based business specializing in the rental of construction equipment including scaffolding, formwork, mobile fencing, stairs, walkways, waste chutes, mobile toilets, and containers. The company targets construction professionals and individuals requiring temporary building structures, offering both short- and long-term rental options with online inquiry capabilities and multiple physical branches in major Czech cities. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information, enhancing user experience and trust. Technically, the website employs modern JavaScript libraries such as jQuery, integrates Google Tag Manager and Analytics for tracking, and uses Google reCAPTCHA v3 for bot protection. Cookie consent mechanisms are implemented in compliance with GDPR, and the site uses HTTPS with a presumably strong SSL configuration. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices with encrypted connections and user consent for cookies, but lacks detailed security policies and incident response contacts. The absence of WHOIS data for the domain reduces trust from a domain registration standpoint, though the website content and contact details appear legitimate and professional. Overall, the site presents a solid business presence with good technical implementation and privacy compliance, but would benefit from improved transparency in security policies and domain registration information to enhance trustworthiness and security posture.

N

Neznámé Krkonoše

neznamekrkonose.cz

46

Neznámé Krkonoše is a small regional tourism website focused on promoting lesser-known locations in the Krkonoše mountains of the Czech Republic. The site provides travel tips, accommodation listings, event information, and partners with regional organizations to enhance visitor experience. The business model centers on content provision and partner sponsorships, targeting tourists interested in exploring this specific region. Technically, the website is built on WordPress with common plugins such as Modern Events Calendar Lite and Contact Form 7, enhanced by Google reCAPTCHA and Google Analytics for security and analytics respectively. The site is hosted likely by WEDOS, a Czech hosting provider, and uses HTTPS with good SSL configuration. Security posture is moderate with HTTPS and spam protection but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with a cookie consent banner but no visible privacy policy or terms of service pages. Overall, the website is functional and professional for its niche but could improve in privacy and security transparency.

S

SCASERV a.s.

scaserv.cz

48

SCASERV a.s. is a well-established Czech company specializing in the sale and rental of scaffolding, formwork, and construction site equipment. With a history linked to companies active since 1992 and formal establishment in 2012, SCASERV holds a leading position in the Czech and Slovak markets. The company offers a comprehensive range of products and services including transport, assembly, and project support, targeting both business clients and private individuals. The website reflects a professional digital presence with clear navigation, rich content, and multiple contact points. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for form security, and a cookie consent mechanism ensuring GDPR compliance. However, the absence of WHOIS data and security headers slightly reduces trustworthiness. Overall, the security posture is good with HTTPS enforced and no visible vulnerabilities, but there is room for improvement in publishing explicit security policies and enhancing HTTP security headers.

K

Káva Chicco d'Oro

chicco-doro.cz

37

Káva Chicco d'Oro CZ is a small-sized retail and wholesale distributor specializing in premium Chicco d'Oro coffee products and coffee machines in the Czech Republic. The website serves as an official distribution channel, providing product information, a blog with coffee-related content, and links to an e-commerce shop. The company maintains a consistent brand presence with clear contact details and active social media engagement. Technically, the site is built on WordPress with modern plugins and tracking tools, offering a good user experience with mobile optimization and SEO best practices. Security posture is moderate with HTTPS enabled but lacks advanced security headers and visible privacy compliance mechanisms. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and a stable market presence.

M

Městská část Brno-Bystrc

bystrc.cz

57

Městská část Brno-Bystrc operates as the official municipal district government website for the Brno-Bystrc area in the Czech Republic. It provides residents and visitors with comprehensive information about local governance, public services, community news, events, and administrative procedures. The site is well-branded with official logos and links to related government portals, reinforcing its legitimacy and trustworthiness. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript libraries such as jQuery and GLightbox, and includes a carousel for featured content. It employs HTTPS for secure communication and integrates Matomo analytics configured to respect user privacy by disabling cookies and honoring DoNotTrack signals. The site is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. From a security perspective, the site demonstrates good baseline practices with HTTPS and privacy-conscious analytics. However, it lacks explicit security headers and formal privacy or cookie policies, which are important for compliance with GDPR and other regulations. The absence of WHOIS data limits domain trust verification, though the official content and branding mitigate concerns. No vulnerabilities or exposed sensitive data were detected. Overall, the website is a professional and trustworthy municipal portal with room for improvement in privacy compliance and security hardening. Strategic recommendations include adding comprehensive privacy and cookie policies, implementing security headers, and publishing a vulnerability disclosure policy to enhance transparency and user trust.

C

Czater

chater.app

62

Chater is a Polish-based technology company offering a comprehensive SaaS platform that integrates multiple customer communication and marketing automation tools such as live chat, callback, video chat, chatbot, e-assistant, and e-calendar. The platform targets businesses seeking to streamline customer engagement and improve sales and service efficiency. With over 25,000 customers, Chater positions itself as a trusted all-in-one solution provider in the customer service technology market. The website is professionally designed, mobile-optimized, and SEO-friendly, leveraging WordPress and modern web technologies. Security posture is solid with HTTPS, cookie consent, and spam protection on forms, though explicit security and privacy policies are not found in the provided content. WHOIS data confirms legitimacy with consistent registrant information matching the business location and branding.

G

Grupa PTWP

toolex.pl

46

TOOLEX is a leading Polish trade fair event focused on metalworking, tooling, and industrial technologies, organized by Grupa PTWP. The event attracts thousands of industry professionals and exhibitors, providing a platform for showcasing innovations and networking. The website reflects a mature digital presence with structured data, clear event information, and professional branding. Technically, the site uses modern JavaScript libraries and tracking tools with proper HTTPS and security headers, indicating a good security posture. However, explicit security policies and incident response contacts are not published, which could be improved. Overall, the site is trustworthy, well-structured, and compliant with privacy regulations, serving its target audience effectively.

S

Studio Wyposażenia Wnętrz

studioww.pl

55

Studio Wyposażenia Wnętrz is a small, established Polish company based in Płock, specializing in custom office and school furniture since 1996. The company offers a broad range of furniture solutions including ergonomic chairs, metal cabinets, and window coverings, targeting businesses and institutions in the local region. Their market position is supported by long-term experience and authorized distributor status. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and Google APIs, providing a responsive and user-friendly experience. However, some accessibility and security best practices could be improved. Security posture is moderate with HTTPS enabled but lacking explicit security headers and formal vulnerability disclosure mechanisms. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is professional and trustworthy but would benefit from enhanced compliance and security measures.

P

Ptak Warsaw Expo

warsawexpo.eu

44

Ptak Warsaw Expo is a large, well-established trade and congress center in Poland, recognized as a leader in organizing trade fairs and events in Central Europe. The website presents a professional and consistent brand image, targeting exhibitors, event organizers, and visitors interested in trade fairs and congresses. The business model focuses on venue hosting and event organization, with a strong market position supported by extensive event statistics and social media presence. Technically, the website is built on WordPress with modern plugins and tracking tools, offering good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though improvements in security headers and explicit policies are recommended. Overall, the site is trustworthy and professionally maintained, with no signs of blocking or suspicious activity.