Security Directory

C

Carrier

carrier.com

75

Carrier is a globally recognized leader in intelligent climate and energy solutions, serving both residential and commercial markets as well as cold chain logistics. The website reflects a mature enterprise with a strong focus on innovation, sustainability, and customer-centric solutions. The digital infrastructure employs modern technologies including Bootstrap, Google Tag Manager, and OneTrust for privacy compliance, indicating a well-maintained and professional online presence. Security posture is robust with HTTPS enforcement and security headers, although explicit security policies and incident response information are not publicly detailed. Overall, the site is trustworthy and professionally managed, though WHOIS data is unavailable from the provided raw output, which warrants further verification. Strategic recommendations include enhancing transparency around security and incident response, and publishing clearer contact information for support and security inquiries.

V

Viessmann Climate Solutions

viessmann-climatesolutions.com

67

Viessmann Climate Solutions is a well-established global provider of efficient climate and renewable energy solutions, with a history dating back over 100 years. The company offers a comprehensive portfolio including heating, cooling, ventilation, and digital services, targeting both residential and commercial customers. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site uses modern technologies such as Adobe Experience Manager, Google Tag Manager, and Usercentrics for consent management, indicating a good level of digital maturity. Security posture is solid with HTTPS and consent mechanisms, though some security headers could be improved. The absence of WHOIS data for the domain is a notable anomaly that reduces trust slightly but does not outweigh the strong corporate branding and content quality. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

V

Viessmann

viessmann.sk

65

Viessmann Slovakia operates a comprehensive website focused on climate solutions including heating, cooling, ventilation, and energy management. The company is a well-established enterprise with a strong market position in the energy sector, offering a wide range of products and services tailored to both residential and commercial customers. The website reflects a high level of professionalism, with excellent content quality, clear navigation, and consistent branding. Technically, the site uses modern frameworks and technologies such as Adobe Experience Manager, Google Tag Manager, and Usercentrics for consent management, ensuring a good user experience and compliance with privacy regulations. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities. However, explicit security policies and incident response contacts are not publicly detailed, representing an area for improvement. Overall, the domain registration and WHOIS data align well with the business claims, supporting the legitimacy and trustworthiness of the site.

Z

zariadim.sk

zariadim.sk

46

zariadim.sk is a Slovak online platform that connects customers with verified service providers across various sectors including home, garden, family, automotive, health, and business services. The platform features extensive user-generated content such as references and job postings, indicating a mature and active user base. The website integrates multiple subdomains targeting specific service categories, enhancing user experience and market segmentation. Technically, the site leverages modern web technologies including jQuery, Bootstrap, and the Nette PHP framework, supported by analytics and marketing tools like Google Analytics, Facebook Pixel, Hotjar, and Zopim chat. Security posture is adequate with HTTPS enforced, but could benefit from enhanced security headers and a formal vulnerability disclosure policy. Privacy compliance is partial, with a privacy policy and terms of service present but lacking cookie consent mechanisms. Overall, the site demonstrates a solid business presence with moderate risk and room for security and privacy improvements.

D

Digital Garden - Tvorba web stránok Bratislava

digitalgarden.sk

45

Digital Garden is a Slovak-based creative agency specializing in professional web design, web development, SEO optimization, online marketing, and corporate identity branding. The company targets businesses and individuals seeking comprehensive digital solutions to enhance their online presence and sales channels. The website is built on WordPress, leveraging popular plugins such as Yoast SEO, Contact Form 7, and Slider Revolution, indicating a modern and maintainable technical infrastructure. The site is mobile-optimized and includes social media integration, enhancing its digital maturity. Security posture is solid with HTTPS enforced and reCAPTCHA implemented, though some security headers are missing and no explicit security or incident response policies are published. Privacy compliance is partial, with a cookie consent banner present but no dedicated privacy policy or terms of service pages found. Overall, the website presents a professional and trustworthy image consistent with a small technology service provider in Slovakia.

B

bart.sk s.r.o.

bart.sk

64

bart.sk s.r.o. is a well-established Slovak technology company specializing in the development of custom digital products, including e-commerce platforms, web and mobile applications, and AI implementations. With over 27 years of experience, the company serves both B2B and B2C clients, positioning itself as a trusted partner in digital transformation. Their website showcases detailed case studies, client testimonials, and a strong social media presence, reflecting a mature and professional business model. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates advanced analytics and marketing tools such as Google Analytics, Google Tag Manager, Facebook Pixel, and Google reCAPTCHA v3. The site is mobile-optimized, fast-loading, and SEO-friendly, indicating a high level of digital maturity and technical competence. From a security perspective, the site enforces HTTPS, uses reCAPTCHA to protect forms, and implements a comprehensive cookie consent mechanism aligned with GDPR requirements. The presence of ISO 9001 certification further underscores their commitment to quality and information security. However, the absence of explicit security headers and a public incident response or vulnerability disclosure policy suggests areas for improvement. Overall, bart.sk demonstrates a strong security posture and business credibility with no critical vulnerabilities detected. The website is safe for general audiences and complies well with privacy regulations. Strategic recommendations include enhancing security headers, publishing incident response information, and adding a vulnerability disclosure policy to further strengthen trust and compliance.

A

AJ Produkty

ajprodukty.sk

63

AJ Produkty is a well-established European company specializing in office, warehouse, and industrial furniture and equipment. Founded in 1975 in Sweden, it has expanded to 19 countries, including Slovakia, where this localized website operates. The company offers a broad product range with over 15,000 items, focusing on ergonomic and functional solutions for various business environments. Their market position is strong, supported by a consistent brand presence and comprehensive customer service including warranties and free shipping offers. Technically, the website employs modern web technologies such as React, Google Tag Manager, and Cookiebot for consent management. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Analytics and error monitoring tools are integrated, indicating a mature digital infrastructure. From a security perspective, the site uses HTTPS with strong SSL configuration and a Content Security Policy header. Cookie consent is implemented with opt-in mechanisms, and no critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, which could be improved. Overall, the website presents a low-risk profile with good privacy compliance and business credibility. Strategic recommendations include publishing security and incident response policies, implementing a vulnerability disclosure program, and enhancing accessibility features to further strengthen trust and compliance.

C

ContentFruiter s.r.o.

contentfruiter.sk

59

ContentFruiter s.r.o. is a Slovak-based professional content marketing agency established in 2014. The company specializes in content marketing projects with guaranteed growth, offering services such as functional content marketing, comprehensive online marketing audits, workshops, video content creation, and web solutions. The website demonstrates a strong market position with multiple client case studies and testimonials, targeting businesses seeking effective content marketing strategies. Technically, the website is built on WordPress with a modern tech stack including Google Analytics, OneSignal push notifications, and MailerLite for marketing automation. The site is well-optimized for SEO and mobile devices, with good performance and accessibility standards. Security posture is solid with HTTPS, DNSSEC, and no visible vulnerabilities, although additional security headers could enhance protection. Privacy and cookie policies are present and GDPR compliant, but no explicit security or incident response policies are published. Overall, the website is professional, trustworthy, and well-maintained, reflecting a mature digital presence.

A

American Physical Society

aps.org

11

The American Physical Society (APS) is a well-established nonprofit organization dedicated to advancing physics through fostering a global and inclusive scientific community. The website reflects APS's leadership position in the physics domain, offering extensive services including peer-reviewed journals, conferences, membership benefits, and advocacy efforts. The content is professionally curated, targeting physicists, researchers, educators, and students worldwide. Technically, the website employs modern web technologies such as React and Next.js, integrated with a headless CMS (Sanity) and enhanced by Google Tag Manager and Osano for consent management. The site is well-optimized for performance, mobile responsiveness, and accessibility, indicating a mature digital infrastructure. From a security perspective, the site enforces HTTPS, implements key security headers, and provides a cookie consent mechanism aligned with GDPR compliance. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly evident, representing areas for improvement. Overall, the APS website demonstrates a strong security posture and high business credibility, with minor gaps in transparency around security governance. The domain WHOIS data is unavailable due to privacy protection, which is justified for this type of organization. The site is safe, trustworthy, and professionally maintained, serving its community effectively.

The American Institute of Physics (AIP) operates as a federation of physical science societies, providing a broad range of services including scientific publications, advocacy, research resources, and educational support. The organization targets physical scientists, researchers, students, and STEM professionals, positioning itself as a leading non-profit entity in the physical sciences domain. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content relevant to its audience. Technically, the site leverages modern web technologies such as WebComponents, MathJax for scientific rendering, and integrates third-party services like Google Tag Manager and Facebook SDK for analytics and marketing. The content management system identified is Brightspot CMS, supporting a structured and scalable content delivery. Performance and mobile optimization are good, with accessibility features implemented to a reasonable standard. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR. However, explicit security headers and a published security policy or incident response information are not evident, representing areas for improvement. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website demonstrates a high level of professionalism, trustworthiness, and compliance with privacy standards, supporting the legitimacy of the organization. The absence of WHOIS data due to privacy protection is typical for organizations of this nature and does not detract from the trust assessment. Strategic recommendations include enhancing security headers, publishing security and incident response policies, and providing clear security contact channels.

S

Session Rewind

sessionrewind.com

61

Session Rewind is a technology SaaS company founded in 2020 that provides affordable session recording, heatmaps, error tracking, and dashboard analytics to optimize website user experience. Positioned as a cost-effective alternative to established players like FullStory and Hotjar, it targets solopreneurs, startups, and enterprises seeking actionable insights into user behavior. The website demonstrates a professional design with clear navigation and consistent branding, supporting a positive user experience and trustworthiness. Technically, the site leverages modern JavaScript frameworks (Vue.js), integrates analytics tools like Heap and Google Tag Manager, and uses Cloudflare for DNS, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and standard security headers present, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is basic with a comprehensive privacy policy and cookie policy present but lacking a consent mechanism. Overall, the site is safe, business-focused, and credible with no signs of malicious activity or suspicious content.

D

Dash Social

dashhudson.com

10

Dash Social is a Canadian-based technology company founded in 2013 that offers a comprehensive social media management platform. Their SaaS solution integrates AI-powered tools for content performance prediction, creator and influencer management, social analytics, campaign reporting, scheduling, and social commerce. The company targets brands, marketers, and social media managers seeking to optimize social media engagement and ROI. The website demonstrates a mature digital presence with rich content, customer testimonials, and partner badges from major platforms like TikTok, Meta, and Pinterest, indicating strong market positioning. Technically, the website is built on Webflow CMS and leverages modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for interactive features. It employs Google Tag Manager and HubSpot for analytics and marketing automation. The site is mobile-optimized, fast-loading, and SEO-friendly. Security practices include HTTPS enforcement and a cookie consent mechanism with opt-in compliance, though explicit security headers are not detected. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or data source limitations. The presence of a suspicious external script domain warrants further review. Overall, the site maintains good privacy compliance and business credibility but could improve transparency in domain registration and security disclosures. Strategically, Dash Social should enhance its security posture by publishing a vulnerability disclosure policy, adding security headers, and providing incident response contacts. These steps will strengthen trust and compliance. The technical infrastructure is solid but could benefit from continuous monitoring of third-party scripts and further accessibility improvements.

Clearpay UK operates as the regional brand of Afterpay, providing buy now pay later payment solutions integrated with retail stores. The website serves as a country and language selection portal directing users to localized Afterpay/Clearpay services. The business is positioned as a leading BNPL provider in the UK and internationally, targeting consumers seeking flexible payment options. The website content is professional, consistent, and focused on financial services without extraneous or adult content. Technically, the site is built on modern web technologies including Next.js and React, with extensive use of third-party marketing and analytics tools such as Google Tag Manager, Marketo, Facebook Pixel, and AppsFlyer. The site is mobile optimized and performs moderately well, with good SEO and accessibility basics. Security posture is strong with HTTPS and Content Security Policy implemented, though some additional security headers could enhance protection. No WHOIS data was available due to a query error related to the subdomain usage, but the domain is a known and legitimate brand. No privacy or cookie policies were found on this specific page, nor contact information, which slightly reduces privacy compliance and business credibility scores. No security vulnerabilities or adult content were detected, and no WAF or blocking mechanisms were present. Overall, the website is a secure, professional, and trustworthy portal for Clearpay/Afterpay services with room for improvement in privacy transparency and contact availability.

FRANZ JOSEF KAISER, operated by GASTON, s.r.o., is a premium food brand focused on high-quality products such as tuna, seafood, olives, oils, pasta, and related specialties. The website serves as a marketing and informational platform offering recipes and product details to a general consumer audience primarily in the Czech Republic. The brand holds a recognized consumer trust certification (Superbrands Consumer 2025), indicating a positive market position within its niche. Technically, the website is built on WordPress with modern plugins and frameworks, providing a good user experience with multilingual support and GDPR-compliant cookie management. Security posture is solid with HTTPS and consent mechanisms, though some improvements in security headers and contact transparency are recommended. The absence of WHOIS data introduces some uncertainty regarding domain legitimacy, but the professional presentation and compliance measures mitigate this risk. Overall, the site is functional, trustworthy, and well-positioned for its market segment.

U

uvex safety

uvex-safety.de

71

uvex safety is a well-established manufacturer and provider of personal protective equipment (PPE) and occupational safety products, primarily targeting business customers and safety professionals. The company offers a broad portfolio including safety helmets, protective eyewear, hearing protection, respiratory masks, gloves, footwear, and workwear. The website reflects a mature digital presence with comprehensive product information, dealer locator tools, and digital PSA solutions, positioning uvex safety as a key player in the manufacturing sector focused on workplace safety in Germany and beyond. Technically, the website is built on TYPO3 CMS with modern JavaScript frameworks and leverages Amazon Cloudfront CDN for fast content delivery. It employs Google Tag Manager for analytics and tracking, and implements cookie consent management compliant with GDPR. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a high level of digital maturity. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes standard security headers. Cookie consent and privacy policies are comprehensive and transparent. However, the absence of publicly available WHOIS data for the domain www.uvex-safety.com introduces some uncertainty regarding domain registration transparency. No security policy or incident response information is explicitly published, and no vulnerability disclosure mechanism is evident. Overall, the website presents a professional, trustworthy, and secure digital front for uvex safety’s business operations. The main risk lies in the lack of WHOIS transparency, which should be addressed to enhance trust. Strategic recommendations include publishing explicit security policies, establishing a vulnerability disclosure program, and providing direct security contact channels.

MYBACKNUMBER.com is an e-commerce website specializing in official judo back numbers for international federations such as IJF, EJU, and DJB. The site targets judo athletes, clubs, and federations, offering customized back numbers and club registration services. The business operates primarily in Germany and appears to be a niche market leader in its segment. The website is professionally designed with clear navigation and consistent branding, supporting a small-sized retail business model focused on sports equipment. Technically, the website employs a classic JavaScript stack including Prototype.js and Scriptaculous, with integrations for Google Tag Manager and Hotjar for analytics and user behavior tracking. The site shows moderate performance and basic mobile optimization. SEO practices are good with proper meta tags and structured navigation. However, no modern CMS or hosting provider details are evident. From a security perspective, the site uses HTTPS and secure login forms but lacks visible security headers and cookie consent mechanisms, which are important for GDPR compliance. No security policy or incident response contacts are published, and WHOIS data is missing, which raises concerns about domain registration legitimacy. The site does not expose sensitive data or show obvious vulnerabilities but would benefit from enhanced security practices. Overall, the website is functional, professional, and trustworthy from a user perspective but has gaps in domain registration transparency and privacy compliance. Strategic improvements in security headers, cookie consent, and WHOIS data verification are recommended to strengthen trust and compliance.

K

KWON KG - Kampfsportartikel

kwon.com

41

KWON KG operates an e-commerce platform specializing in martial arts and security equipment, targeting martial arts practitioners primarily in Germany. The website offers a broad range of products including gear for Taekwondo, Karate, Judo, MMA, and other combat sports. The business model focuses on online retail with additional services such as product individualization and multilingual support. The company appears to be a medium-sized retailer with a consistent brand presence and a professional website design. Technically, the website uses modern web technologies including JavaScript and Google Tag Manager for analytics. The CMS is likely Shopware, inferred from URL and CSS patterns. The site is mobile-optimized with good SEO practices but lacks some accessibility features. Performance is moderate, and HTTPS is enforced, ensuring secure data transmission. From a security perspective, the site has a solid SSL configuration but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No WHOIS data is available for the domain, which raises concerns about domain registration legitimacy and reduces overall trust. Contact information is provided via phone and WhatsApp, but no company emails or physical addresses were found. Overall, the website is functional and professional but would benefit from improved transparency in privacy and security policies, better WHOIS registration clarity, and enhanced security headers to strengthen trust and compliance.

I

IPPON-SHOP.COM

ippon-shop.com

64

IPPON-SHOP.COM is a specialized e-commerce platform established since 2003, serving martial arts practitioners including Judoka, Karateka, and BJJ fighters. The site offers a wide range of high-quality martial arts products, including their own brand IPPON GEAR, and targets both individual consumers and clubs. Technically, the website is built on the Shopware CMS platform, utilizing modern web technologies and tracking tools such as Google Analytics and Facebook Pixel. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and comprehensive product categorization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks some explicit security headers which could enhance protection. The absence of WHOIS data for the domain is a notable concern, impacting domain legitimacy verification. Overall, the website presents a professional and trustworthy front for its business, but domain registration details should be verified to strengthen trust.

I

INSPIRE CZ s.r.o.

clubspire.cz

62

CLUBSPIRE.cz is a Czech-based software solution specializing in comprehensive management systems for fitness and sports centers. The platform offers a wide range of modules including reservation systems, membership management, email marketing, access control, and point of sale functionalities. With a client base of over 200 sports centers, CLUBSPIRE positions itself as a reliable and efficient tool for business managers in the fitness industry. The website reflects a professional and consistent brand image, supported by active content updates and social media engagement. Technically, the website employs a modern technology stack including Java-based backend architecture, Google reCAPTCHA for form security, and Google Analytics for user tracking. The site is optimized for multiple platforms including Windows, Linux, and Apple, and demonstrates good mobile responsiveness and SEO practices. Security measures such as HTTPS and consent-based cookie management are implemented, though some security headers could be enhanced. From a security perspective, the site shows a solid posture with encrypted communications and protection against automated abuse via CAPTCHA. However, the absence of published security policies and incident response contacts suggests room for improvement in transparency and preparedness. The lack of WHOIS data limits the ability to fully verify domain legitimacy, though the professional presentation and active business operations mitigate some concerns. Overall, CLUBSPIRE.cz is a credible and well-maintained business website with good technical and security foundations. Strategic enhancements in security policy publication, WHOIS transparency, and accessibility would further strengthen its trustworthiness and compliance posture.

IFET.fr is the official website of IFET, a French training organization specializing in educating local elected officials, their collaborators, and public agents. The organization is recognized and certified by the French Ministry of the Interior and holds the Qualiopi certification, underscoring its credibility and compliance with national training standards. The website provides detailed information about upcoming training sessions, certification attestations, and contact details for engagement. The target audience is primarily local government officials and associated personnel seeking professional development in governance and public administration. Technically, the site is built on Drupal 9, leveraging modern web technologies and standard analytics tools such as Google Analytics and Google Tag Manager, with a cookie consent mechanism in place to comply with GDPR requirements. The site is mobile-optimized and accessible, with a professional design and clear navigation.

CONCILIUM is a French consulting firm specializing in digital transformation and digital support services for businesses, public institutions, foundations, and associations. Established since 2015, the company offers tailored consulting in digital projects, e-marketing, e-commerce, social media management, event digitalization, GDPR compliance, and training. The firm positions itself as a trusted advisor in the digital transformation space with a strong presence in Paris and across France. The website reflects a professional and consistent brand image with clear service offerings and client references. Technically, the site is built on WordPress using Elementor and Yoast SEO, integrating modern web technologies and analytics tools such as Google Analytics and Tag Manager. Security posture is good with HTTPS enabled, though additional security headers could enhance protection. Privacy compliance is basic with no explicit privacy or terms of service pages found, but a cookie consent mechanism is present. Overall, the site is well-designed, accessible, and trustworthy, with no signs of malicious activity or content blocking.

S

SIAGI

siagi.com

64

SIAGI is a French mutual guarantee society specializing in facilitating credit access for small businesses such as artisans, local shops, liberal professions, and farmers. It offers a comprehensive range of credit guarantees and collaborates closely with all banks in the market, positioning itself as a key player in the financial support ecosystem for small enterprises. The website presents a professional image with clear navigation, testimonials, and detailed service offerings, targeting bankers, brokers, entrepreneurs, and general visitors interested in credit guarantees. Technically, the site uses modern JavaScript libraries including Mapbox for mapping, Google Tag Manager for analytics, and Bootstrap for responsive design, indicating a moderate level of digital maturity. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the active and professional web presence and social media profiles mitigate some of these concerns. Security posture is adequate but could be improved by implementing security headers and explicit privacy and cookie policies. Overall, SIAGI's website is a credible resource for its target audience but would benefit from enhanced transparency and security practices.

Acaballado® z.s. is a small Czech non-profit organization dedicated to organizing cultural and historical events, primarily focusing on historical reenactments and promoting historical awareness. The website serves as a platform to inform visitors about upcoming events, archives, and organizational information. The organization targets a general audience interested in cultural heritage and history, particularly within the Czech Republic. The business model is centered on event organization and community engagement without commercial sales evident on the site. Technically, the website is built on WordPress 6.5.7, utilizing popular plugins such as Yoast SEO and libraries including jQuery, Bootstrap, and Slick Carousel. It integrates Google Tag Manager, Google Analytics, and Facebook SDK for analytics and marketing purposes. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site uses HTTPS with an excellent SSL configuration but lacks visible security headers and formal security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is legitimate and professionally maintained for a small non-profit. The lack of WHOIS data is consistent with privacy protection common in such organizations. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

C

Centrála cestovního ruchu – Jižní Morava, z.s.p.o.

ccrjm.cz

45

The Tourist Authority South Moravia operates as a regional non-profit organization dedicated to promoting tourism in the South Moravia region of the Czech Republic. Their website serves as an information hub for tourists, partners, and media, offering details about regional events, promotional materials, and conference support through the Brno Convention Bureau. The organization positions itself as a key player in regional tourism development and marketing. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Tag Manager, and Yoast SEO, indicating a mature digital infrastructure. The site is mobile-optimized and incorporates cookie consent mechanisms to comply with GDPR. Performance is moderate, with room for improvement in accessibility and security headers. From a security perspective, the site uses HTTPS and has implemented cookie consent with granular options, reflecting good privacy practices. However, the absence of WHOIS data and security headers suggests areas for enhancement. No critical vulnerabilities or exposed sensitive data were detected in the provided content. Overall, the website is professional and trustworthy, serving its purpose effectively. The main risk lies in the lack of transparent domain registration data, which should be addressed to improve trustworthiness and compliance.

C

Centrála cestovního ruchu - Jižní Morava

morawypoludniowe.pl

47

The website www.morawypoludniowe.pl serves as the official regional tourism portal for South Moravia, Czech Republic, promoting the area's natural beauty, historical sites, gastronomy, and wine culture. It targets tourists and enthusiasts interested in exploring this unique wine region with curated trip proposals, event calendars, and rich multimedia content. The site is well-positioned as a regional leader in tourism promotion, supported by official partners and government entities. Technically, the website employs modern frontend technologies such as Bootstrap and jQuery, integrates Google Tag Manager for analytics, and uses a cookie consent mechanism compliant with GDPR. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features could be enhanced. The absence of explicit CMS or hosting details limits deeper infrastructure insights. From a security perspective, the site enforces HTTPS and includes a cookie consent banner, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or suspicious elements were detected in the content or scripts. WHOIS data is unavailable, likely due to registry privacy policies, but the website's trust signals and partner affiliations support its legitimacy. Overall, the site presents a professional, trustworthy, and content-rich platform for regional tourism promotion. Strategic improvements in security headers, accessibility, and transparency policies would further enhance its security posture and compliance.

T

Tourismuszentrale Südmähren

sued-maehren.de

47

Tourismuszentrale Südmähren operates as the official regional tourism authority promoting South Moravia, a renowned wine-growing and cultural region. The website provides comprehensive tourism information, including excursions, events, regional guides, and accommodation options, targeting tourists interested in nature, history, gastronomy, and cultural experiences. The business model focuses on regional tourism promotion and information dissemination, positioning itself as a trusted source for visitors to South Moravia. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Analytics, and Google Tag Manager, hosted on Active24 servers. The site is mobile-optimized with good SEO practices and a cookie consent mechanism ensuring GDPR compliance. Performance is moderate with good user experience and navigation clarity. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is good with a clear cookie policy and consent mechanism, though a dedicated privacy policy page could enhance compliance. Overall, the website is professional, trustworthy, and safe for general audiences. It effectively supports the regional tourism business with clear contact information and social media presence. Strategic improvements in security policy transparency and incident response readiness would further strengthen its security posture.

T

Tourist Authority South Moravia

south-moravia.com

50

The website www.south-moravia.com serves as the official tourism promotion platform for the South Moravia region in the Czech Republic. It offers comprehensive information about the region's attractions, experiences, trips, and events, targeting tourists and travelers interested in nature, wine, culture, and gastronomy. The site is well-branded and professionally designed, reflecting its role as a regional tourism authority. Technically, the site employs modern frameworks such as Bootstrap and jQuery, integrates Google Analytics and Tag Manager for tracking, and implements a cookie consent mechanism compliant with GDPR. Security posture is generally good with HTTPS enforced, but lacks some security headers and formal incident response or vulnerability disclosure policies. The WHOIS data is missing or inaccessible, which raises some concerns about domain registration transparency, though the website content and partner affiliations support its legitimacy. Overall, the site is a reliable and professional resource for tourism information with room for security and compliance improvements.

D

Deliveroo

deliveroostudents.co.uk

75

Deliveroo is a well-established online food and grocery delivery platform operating primarily in the UK and multiple international markets. The analyzed page focuses on a student partnership offering free delivery and exclusive discounts through the Deliveroo Plus Silver subscription, targeting students aged 18 and over enrolled in higher education. The company leverages a modern technology stack including React and Next.js, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, security headers, and consent management in place, although explicit security policies and incident response contacts are not publicly detailed. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations, making it a reliable platform for its target audience.

U

UVEX ARBEITSSCHUTZ GMBH

uvex-sportstyle-rx.com

68

The website www.uvex-sportstyle-rx.com represents UVEX ARBEITSSCHUTZ GMBH's specialized product line for prescription sports eyewear. It targets sports enthusiasts requiring high-quality, safe, and stylish prescription glasses for various sporting activities. The site is professionally designed, mobile-optimized, and uses modern technologies including TYPO3 CMS and Amazon Cloudfront CDN. Privacy and cookie consent mechanisms are well implemented, reflecting GDPR compliance. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response contacts are absent. WHOIS data is missing, which slightly reduces trust but the overall professional presentation and consistent branding support legitimacy. Recommendations include publishing explicit security and incident response policies and improving accessibility features.

U

uvex group

uvex.de

66

The uvex group is a well-established manufacturer and retailer specializing in safety, sports, and protective equipment. The company operates multiple strong brands and targets both professional and consumer markets with a focus on occupational safety and sports gear. Their market position is solid, supported by a large-scale business model and a broad portfolio of subsidiaries. The website reflects a mature digital presence with a modern technology stack centered around TYPO3 CMS and cloud-based content delivery. Privacy and cookie compliance are well implemented, including a consent management platform. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Overall, the site is professional, trustworthy, and well-optimized for performance and mobile use.

R

Robel.sk

robelshoes.sk

59

Robel.sk is a Slovak-based e-commerce retailer specializing in branded footwear and accessories for women, men, and children. The company operates multiple country-specific domains, indicating a strong regional presence in Central and Eastern Europe. Their business model focuses on online sales complemented by in-store reservation and pickup options, with a customer-friendly 30-day return policy. The website is professionally designed with good navigation and multilingual support, targeting consumers seeking quality branded shoes and related products. Technically, the site uses a modern tech stack including Google Tag Manager, Facebook Pixel, Sentry for error tracking, and Cloudfront CDN, running on the CREATIVE shop CMS platform. Security practices are solid with HTTPS, CSRF protection, and reCAPTCHA integration, though cookie consent mechanisms and terms of service pages are missing, which could be improved for better GDPR compliance. Overall, the domain registration details align well with the business claims, supporting legitimacy and trustworthiness.

C

Catrin

catrin.com

50

Catrin is a Czech advanced technology and research institute focused on developing new technologies for clean energy and sustainable environment, promoting societal health and well-being. The website reflects a professional research organization with strong academic and commercial partnerships, publishing in prestigious journals and securing significant EU funding. The technical infrastructure is based on WordPress CMS with modern JavaScript libraries and includes cookie consent and analytics tools, indicating a mature digital presence. Security posture is good with HTTPS and cookie consent implemented, though security headers and explicit incident response policies are absent. Overall, the website is trustworthy and well-maintained, though the lack of WHOIS data slightly reduces domain trustworthiness.

I

International Military Sports Council

milsport.one

52

The International Military Sports Council (CISM) operates as a prominent non-profit international organization dedicated to promoting military sports and fostering friendship through sport among armed forces worldwide. With 138 member countries, it organizes a wide range of military sports events, championships, and academic activities, positioning itself as a leading entity in the military sports domain. The website reflects this mission with comprehensive event coverage, news updates, and multilingual regulatory documents, targeting military personnel and associated organizations globally. Technically, the website employs a CMS named MasterEdit and integrates modern web technologies including Google Analytics and Tag Manager for tracking, alongside standard JavaScript libraries like jQuery. The site demonstrates moderate performance with good mobile optimization and basic accessibility features. SEO practices are adequately implemented with proper meta tags and structured data. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, but lacks visible advanced security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is unavailable, likely due to privacy protection, which is common for international non-profits but slightly impacts trust assessment. Overall, the website is professional, content-rich, and trustworthy, serving its niche audience effectively. Strategic improvements in security transparency and accessibility could enhance its posture further.

S

Slovenský olympijský a športový výbor

olympic.sk

60

The Slovenský olympijský a športový výbor (Slovak Olympic and Sports Committee) operates a comprehensive and professionally designed website serving as the official portal for Slovak Olympic sports news, events, athlete information, and partner relations. The site targets Slovak sports enthusiasts, athletes, and partners, providing timely updates and resources related to Olympic activities. Technically, the website is built on Drupal 10, leveraging modern web technologies and integrating analytics and advertising tools responsibly. Security posture is strong with HTTPS, security headers, and secure form handling, though there is room for improvement in publishing explicit security policies and incident response information. Privacy compliance is well addressed with clear privacy and cookie policies aligned with GDPR requirements. Overall, the website demonstrates a high level of professionalism, trustworthiness, and digital maturity appropriate for a national sports governing body.

V

VfB Stuttgart

vfb.de

53

VfB Stuttgart operates a comprehensive official website serving as the primary digital platform for the football club. The site offers extensive content including news, team rosters, match schedules, ticketing, merchandise sales, and fan engagement features. The club maintains a strong market position in German football with a large fan base and professional digital presence. Technically, the website employs modern JavaScript frameworks, consent management tools, and integrates advertising and analytics services while maintaining good mobile optimization and accessibility standards. Security posture is solid with HTTPS enforced and secure login forms, though some security headers and explicit incident response policies are absent. Overall, the site is professional, trustworthy, and compliant with GDPR regulations, making it a reliable source for fans and stakeholders.

F

FC Slavia Hradec Králové

fcslaviahk.cz

47

FC Slavia Hradec Králové is a local Czech football club with a well-structured website providing comprehensive information about the club, teams, match results, news, and recruitment. The site targets football fans, players, and the local community, offering rich content and active engagement through news and social media. The business model focuses on sports club operations and community involvement. Technically, the website uses modern frontend technologies including Bootstrap, Google Analytics, and Smartlook for user behavior tracking. The hosting and domain registration are consistent and stable, indicating a legitimate and established presence. Security posture is adequate with HTTPS enabled, but lacks advanced security headers and formal privacy and cookie policies, which are compliance gaps. Overall, the site is professional, content-rich, and trustworthy but would benefit from enhanced privacy compliance and security hardening.

S

Staylive AB

staylive.io

60

Staylive AB is a Swedish technology company specializing in providing white-label streaming platforms for content creators, sports federations, leagues, and clubs. Their platform enables clients to build custom streaming services with features such as live and on-demand content, payment integration, mobile app publishing, and full ownership of content and users. Positioned as a stable and secure solution, Staylive serves a medium-sized market segment with notable partnerships and client testimonials, including a recent acquisition by Two Circles, enhancing their market presence. Technically, Staylive's website is built on Webflow and integrates modern analytics and marketing tools such as Google Analytics, Google Tag Manager, and LinkedIn Insight. The platform supports multi-device streaming including iOS, Android, and Apple TV. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. Performance is moderate, with room for improvement in security headers and privacy documentation. From a security perspective, Staylive employs HTTPS with SSL encryption and complies with payment security standards (PA-DSS PCI). Cookie consent is implemented with an opt-in mechanism, reflecting basic GDPR compliance. However, explicit privacy policies, terms of service, and security incident response contacts are not clearly presented, representing areas for enhancement. No critical vulnerabilities or suspicious indicators were detected. Overall, Staylive presents a professional and trustworthy online presence with strong business credibility and a solid technical foundation. The lack of WHOIS transparency is mitigated by the company's evident market position and parent company association. Strategic improvements in security policies, privacy documentation, and accessibility would further strengthen their digital maturity and compliance posture.

S

Staylive AB

staylive.se

54

Staylive AB is a Swedish-based technology company specializing in providing white-label streaming platforms for content owners, sports federations, leagues, and event organizers. Their platform enables customers to launch their own branded streaming services with monetization options such as subscriptions and one-time payments. The company emphasizes full ownership of content and user data, live and on-demand streaming capabilities, and mobile app publishing across major platforms. Staylive is positioned as a stable and secure streaming solution with notable clients and partnerships in the sports and media sectors, and is now part of the parent company Two Circles. Technically, the website is built on Webflow with integrations including Google Analytics, Google Tag Manager, and Finsweet Cookie Consent for privacy compliance. The platform supports modern web standards and mobile optimization, though some accessibility features could be improved. The website employs SSL encryption and claims compliance with payment security standards (PA-DSS PCI), but lacks explicit security headers and detailed privacy or security policies. From a security perspective, the site uses HTTPS and cookie consent mechanisms, but does not publish a security policy or incident response contacts. WHOIS data is incomplete and privacy protected, which is common for tech companies but reduces transparency. No critical vulnerabilities or suspicious content were detected. Overall, the site demonstrates a good security posture but could enhance transparency and compliance documentation. The overall risk assessment is moderate with recommendations to improve security headers, publish comprehensive privacy and security policies, and enhance accessibility. The business shows credible market presence and technical maturity suitable for its industry and target audience.

S

Sector s.r.o.

funny.sk

36

Funny.sk is a Slovak entertainment website operated by Sector s.r.o., focusing on humorous content including jokes, funny images, and videos. It holds a solid position in the Slovak media market as a popular humor portal with a broad content catalog and active social media presence. The site leverages a custom CMS platform associated with the sector.sk network and integrates multiple Google services for analytics and advertising. The technical infrastructure is moderately modern, with some outdated libraries that pose potential security risks. Security posture is adequate with HTTPS enforced but lacks comprehensive security headers and formal privacy or cookie policies. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and updated security practices.

S

Sector s.r.o.

kinema.sk

41

Kinema.sk is a Slovak media website operated by Sector s.r.o., focusing on film news, reviews, trailers, and related content targeted at Slovak-speaking film enthusiasts. The site offers a rich content experience with podcasts, film databases, and curated cinema tips, positioning itself as a niche player in the Slovak film media market. Technically, the site uses a custom CMS with modern JavaScript libraries such as jQuery, Google Analytics, and PushAlert for notifications. While the site enforces HTTPS and uses standard tracking tools, it lacks visible security headers and explicit privacy or cookie policies, indicating areas for compliance improvement. No contact emails or phone numbers are explicitly provided, which may affect user trust and support accessibility. WHOIS data confirms the domain is registered to Sector s.r.o., consistent with the website's business focus and location. Overall, the site is professionally designed with good content quality but requires enhancements in privacy compliance and security best practices.

K

Kytary.cz

kytary.cz

74

Kytary.cz is a well-established Czech e-commerce retailer specializing in musical instruments and related accessories. Founded in 2000, it holds a strong market position in the Czech Republic with the largest stock availability and competitive pricing. The website offers a broad range of products including guitars, keyboards, drums, sound equipment, and lighting, targeting musicians and music enthusiasts primarily in the Czech market. Their business model focuses on online sales with value-added services such as extended warranties, free delivery over a threshold, and installment payment options. Technically, the website employs a modern tech stack including jQuery, Bootstrap, Google Analytics, and Facebook SDK, hosted on Czech hosting providers. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS, security headers, and use of reCAPTCHA, though explicit security policies and incident response information are not published. Overall, the site is professional, trustworthy, and compliant with GDPR, though improvements in security transparency and accessibility could be made.

F

Footshop a.s.

footshop.cz

66

Footshop a.s. operates a prominent e-commerce platform specializing in sneakers, clothing, and accessories, primarily targeting the Czech Republic and Central European markets. The website offers a broad selection of popular brands such as adidas, Nike, Converse, and Vans, supported by a loyalty program and multiple physical stores. The business model focuses on retail sales through both online and offline channels, positioning Footshop as a leading retailer in its niche. The website's content is professionally curated, with clear navigation and comprehensive product categorization, appealing to a general audience interested in fashion and footwear. Technically, the website employs modern web technologies including React, Webpack, and Google Tag Manager, ensuring a responsive and performant user experience. The presence of service workers and performance monitoring scripts indicates a commitment to maintaining site speed and reliability. The platform appears to be built on PrestaShop CMS, a common choice for e-commerce sites, and integrates third-party services for analytics and cookie consent management. From a security perspective, the site enforces HTTPS with strong SSL configuration and implements key security headers to protect users. Privacy and cookie policies are clearly presented, with mechanisms for user consent, aligning with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected in the analysis. However, the absence of a dedicated security policy or incident response contact suggests areas for improvement in transparency and readiness. Overall, Footshop.cz demonstrates a mature digital presence with strong business credibility and a solid security posture. The lack of WHOIS data due to privacy protection is common and does not detract from the site's legitimacy. Strategic recommendations include publishing explicit security and incident response policies, enhancing accessibility features, and maintaining vigilance on third-party scripts to sustain security and compliance.

I

Infinite Eye

infinite-eye.com

55

Infinite Eye is a Glasgow-based web design and development agency established in 2001, offering strategy, bespoke website design, WordPress development, and e-commerce solutions primarily to UK organizations. The company positions itself as a specialist with a strong portfolio and a fully remote operational model. Technically, the website is built on WordPress with WooCommerce integration, leveraging modern tools such as Google Tag Manager, Google Optimize, and reCAPTCHA for analytics, optimization, and security. The site is well-designed, mobile-optimized, and provides a professional user experience. Security posture is generally good with HTTPS enforced and secure form handling, but lacks some security headers and explicit cookie consent mechanisms. WHOIS data is missing or unavailable, which raises some concerns about domain registration legitimacy despite the professional online presence. Overall, the website is credible and functional but would benefit from enhanced security and privacy compliance measures.

S

Slovenský plynárenský priemysel, a.s.

spp.sk

64

Slovenský plynárenský priemysel, a.s. (SPP) is the largest energy supplier in Slovakia with a history spanning over 165 years. The company provides natural gas and electricity to households and businesses, emphasizing reliability, fairness, and ecological solutions such as photovoltaics and virtual batteries. The website targets Slovak domestic and corporate customers, offering comprehensive product and service information, calculators, and customer support portals. Technically, the site is built on WordPress with modern SEO and analytics tools integrated, ensuring good performance and mobile optimization. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response details are not published. WHOIS data confirms the legitimacy and consistency of the domain registration with the company's identity. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting SPP's market leadership in the Slovak energy sector.

N

Nadácia SPP

nadaciaspp.sk

70

Nadácia SPP is a Slovak non-profit foundation established in 2002, focused on supporting activities and projects in health protection, culture, education, volunteering, and regional development. It operates various grant programs and partnership projects aimed at improving community welfare across Slovakia. The foundation is affiliated with SPP, a major energy company, enhancing its credibility and market position. The website reflects a mature digital presence with clear branding, comprehensive content, and a user-friendly interface targeting non-profit organizations, communities, and institutions in Slovakia. Technically, the website is built on WordPress using Oxygen Builder, with modern JavaScript libraries like jQuery and integration of Google Tag Manager for analytics. It employs GDPR-compliant cookie management and contact forms for newsletter subscriptions, indicating a good level of digital maturity and privacy awareness. The site is mobile-optimized and accessible, with good SEO practices. From a security perspective, the site uses HTTPS with strong SSL configuration and cookie consent mechanisms. While some security headers are not explicitly detected, the overall posture is solid with no visible vulnerabilities or exposed sensitive data. However, the absence of a published security policy or incident response contact is noted. Overall, Nadácia SPP's website is professional, trustworthy, and compliant with privacy regulations, supporting its mission as a reputable non-profit foundation. Strategic recommendations include enhancing security headers, publishing a security policy, and adding vulnerability disclosure information to further strengthen trust and security posture.

V

V24 Media s.r.o.

vogue.cz

58

Vogue.cz is the Czech and Slovak edition of the internationally renowned Vogue fashion magazine, operated by V24 Media s.r.o. The website serves as a comprehensive fashion and lifestyle portal offering news, trends, beauty tips, and cultural content targeted at fashion-conscious audiences in the Czech Republic and Slovakia. It supports subscription services and advertising partnerships, positioning itself as a leading media brand in the regional fashion industry. Technically, the site is built on modern web technologies including React and Next.js, with integrations for fonts, cookie consent, and analytics, reflecting a mature digital infrastructure. Security posture is strong with HTTPS enforcement and standard security headers, though no explicit security policy or incident response information is published. Privacy compliance is well addressed with a detailed privacy policy and cookie consent mechanism. Overall, the site is professional, trustworthy, and content-rich, though the lack of WHOIS data slightly reduces domain trustworthiness. Strategic recommendations include publishing security policies and incident response contacts to enhance transparency and trust.

N

NextPage Media

heroine.cz

64

Heroine.cz is a Czech online media platform focused on women's issues, feminism, culture, psychology, and social topics. It offers a mix of free and premium content including articles, podcasts, and a printed magazine available via subscription and e-shop. The website is professionally designed with consistent branding and targets Czech-speaking women interested in progressive social discourse. The platform is operated by NextPage Media and maintains a moderate market position within niche feminist media in the Czech Republic. Technically, the site uses a modern Ruby on Rails framework with integrations for Google Analytics, Microsoft Clarity, Gemius, and advertising networks such as Google Adsense and Seznam SSP. Security posture is good with HTTPS, CSRF protection, and bot mitigation via Cloudflare Turnstile captcha. However, explicit privacy and cookie policies are not clearly found in the provided content, which impacts privacy compliance scoring. WHOIS data is unavailable, which reduces trustworthiness but the professional content and social media presence support legitimacy. Overall, Heroine.cz is a credible media outlet with room for improvement in privacy transparency and WHOIS data availability.

H

HRMixer.cz

hrmixer.cz

48

HRMixer.cz is a Czech Republic-based media platform specializing in modern recruitment, talent sourcing, and HR marketing. It serves HR professionals and recruiters by providing news, interviews, podcasts, and educational content, including events like the Recruitment Academy and GoodCall. The website is professionally designed using Joomla CMS and integrates multiple tracking and analytics tools with a cookie consent mechanism. While the site uses HTTPS and some security best practices, it lacks explicit privacy and terms of service pages, and some JavaScript libraries are outdated, which could pose security risks. The WHOIS data is consistent with the business profile, indicating legitimacy. Overall, the site is a trusted resource in the Czech HR media space but could improve privacy compliance and security headers.

I

Nejlevnější IQOS ILUMA, koupit v akci se slevou, návody a novinky

iqfan.cz

53

The website www.iqfan.cz is a Czech language platform focused on providing information, reviews, tips, and purchasing guidance related to IQOS tobacco heating devices, particularly the IQOS ILUMA series. It targets Czech-speaking users interested in IQOS products, offering discount codes and links to dealers and e-shops. The site maintains a moderate market position within the niche retail sector for tobacco alternatives. Technically, the site is built on ASP.NET Web Forms, uses jQuery 1.12.4, and integrates Google Analytics and Tag Manager for tracking. The design is professional and mobile-optimized, though accessibility features are basic. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and privacy policies. No WHOIS data is available, which limits domain trust verification. Overall, the site is content-rich and functional but would benefit from enhanced privacy compliance and security hardening.