Security Directory

A

AUMOVIO SE

aumovio.com

63

AUMOVIO SE is a technology-driven company specializing in future mobility solutions, focusing on software-defined vehicles, electric mobility, vehicle electrical/electronic architectures, safety, driver assistance, user experience, and cybersecurity. The company has a strong market position supported by a diverse portfolio of products and services and is publicly listed on the Frankfurt Stock Exchange since September 2025. The website reflects a mature digital presence with comprehensive corporate governance and investor relations information, targeting automotive industry professionals, investors, and potential employees. Technically, the website employs modern web technologies including Adobe Experience Manager components, Google Tag Manager, and consent management tools, ensuring good performance, mobile optimization, and accessibility. The site uses HTTPS and includes privacy and cookie policies with consent mechanisms, indicating compliance with GDPR and related regulations. From a security perspective, while HTTPS and consent management are in place, the absence of visible security headers and incident response information suggests room for improvement. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is missing or unavailable, which raises some concerns about domain registration transparency, though the professional site and corporate disclosures mitigate this risk. Overall, the website presents a professional, trustworthy, and well-maintained digital front for AUMOVIO SE, with recommendations to enhance security headers, publish incident response policies, and clarify domain registration details to strengthen trust and compliance.

C

Continental Aftermarket

continental-aftermarket.com

64

Continental Aftermarket is a division of Continental AG, a leading global automotive supplier. The website serves as a comprehensive portal for their aftermarket products and services, targeting automotive professionals, workshops, and distributors. It offers extensive product categories including batteries, brakes, tires, workshop equipment, and specialized vehicle components, supported by training and service programs. The brand is well-established with multiple subsidiaries and a strong market presence in Germany and internationally. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and a consent management platform to ensure compliance with privacy regulations. The site is mobile-optimized, uses HTTPS with a Content Security Policy, and integrates reCAPTCHA Enterprise for form security. The CMS appears to be TYPO3, a robust enterprise content management system. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSP headers, and consent management. However, DNSSEC is not enabled, and additional security headers could be added to enhance protection. No explicit security policy or incident response contacts are publicly available, and no vulnerability disclosure mechanism was found. Overall, the website is professional, trustworthy, and compliant with GDPR. The domain registration data aligns with the business profile, indicating legitimacy. There are no signs of malicious content or security issues. Strategic improvements could focus on enhancing security headers, publishing security policies, and enabling DNSSEC to further strengthen the security posture.

M

Mayfield Education & Research Foundation

mayfieldfoundation.org

52

The Mayfield Education & Research Foundation is a specialized non-profit organization focused on advancing care for patients with brain and spine disorders through education and research. Established in 2011 and based in Cincinnati, Ohio, the foundation offers educational programs, supports research initiatives, and engages donors to further its mission. The website reflects a professional and consistent brand presence targeting patients, medical professionals, researchers, and donors. Technically, the website employs a modern tech stack including Bootstrap 4.3.1, jQuery, and Google Tag Manager for analytics. The site is mobile-optimized with good SEO practices and clear navigation, though accessibility features are basic. Hosting details are not explicit but DNS is managed via Register.com. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS and Google Tag Manager but lacks DNSSEC and visible security headers such as CSP or HSTS. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. No forms or data collection fields are detected on the main page, reducing immediate risk exposure. WHOIS data aligns well with the website's claims, supporting legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced security headers, DNSSEC implementation, and explicit privacy and cookie policies to improve compliance and user trust.

R

RCS Brno - radiostanice.cz, a.s.

radiostanice.cz

56

RCS Brno - radiostanice.cz, a.s. is a Czech-based company specializing in the sale, installation, and servicing of radiocommunication devices such as professional and citizen band radios, accessories, and related equipment. With over 25 years of experience, the company serves individuals, businesses, and organizations, offering tailored communication solutions to improve operational efficiency. The website reflects a mature e-commerce platform with a professional design and comprehensive product offerings. Technically, the site uses modern tracking and analytics tools, including Google Analytics 4, Microsoft Clarity, and Smartsupp Live Chat, integrated via Google Tag Manager. Privacy and cookie policies are well implemented with user consent mechanisms, indicating good compliance with GDPR requirements. However, the absence of WHOIS registration data limits the ability to fully verify domain legitimacy. Security posture is solid with HTTPS and form validation but could benefit from enhanced security headers and published security policies. Overall, the site is trustworthy, professional, and well-positioned in the Czech telecommunications retail market.

T

Tomza

tomza.cz

41

Tomza is a Czech-based packaging service provider established in 2012, offering comprehensive packaging production, design, assembly, and logistics services. The company positions itself as a reliable partner with social enterprise characteristics, targeting businesses requiring packaging solutions. The website is built on WordPress using the Divi theme and includes modern SEO and performance optimizations. Security posture is solid with HTTPS, security headers, and reCAPTCHA on forms, though explicit security policies and incident response information are absent. Privacy compliance is strong with GDPR-aligned privacy and cookie policies and a consent mechanism. Overall, the site is professional, well-branded, and trustworthy, with moderate technical performance and good mobile optimization.

A

American Heart Association

heart-veterans.jobs

71

The American Heart Association website dedicated to veterans careers provides a comprehensive platform for employment opportunities, veteran resources, and organizational information. The site targets military veterans seeking to transition into civilian healthcare and non-profit roles, emphasizing support and inclusion. The organization holds a strong market position as a leading non-profit in cardiovascular health advocacy, supported by multiple certifications and awards. Technically, the site employs modern frameworks such as Nuxt.js, integrates Google Tag Manager for analytics, and uses responsive design to ensure accessibility across devices. Security posture is solid with HTTPS enforcement and user privacy respected through clear policies and cookie consent mechanisms, though explicit security headers and incident response details are absent. Overall, the site is professional, trustworthy, and well-aligned with its mission, offering a safe and informative user experience.

GEMOS CZ spol s r.o. is a Czech company specializing in smart traffic monitoring and management systems, offering a range of products including dynamic traffic lights, speed indicators, red light violation detection, and navigation solutions. The company targets municipalities and transportation authorities, positioning itself as a niche technology provider within the Czech Republic. The website reflects a professional business model focused on B2B technology solutions in the transportation and energy sectors. Technically, the website employs standard web technologies such as Bootstrap and jQuery, with integration of Google Analytics and Google Tag Manager for tracking. The site is moderately optimized for performance and mobile devices, though accessibility and SEO features are basic. No CMS or hosting provider details were identified. The website is fully accessible with no blocking or WAF detected. From a security perspective, the site uses HTTPS and avoids exposing sensitive data, but lacks important security headers and formal privacy or cookie policies. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration transparency, impacting overall trustworthiness. Overall, the website is functional and professional but would benefit from enhanced security practices, improved privacy compliance, and verification of domain registration details to strengthen trust and compliance posture.

A

ARICOMA

aricoma.cz

70

ARICOMA is a leading enterprise IT services provider based in the Czech Republic, offering a broad range of end-to-end IT solutions to commercial firms and public sector entities across Europe. Their market position is strong, branding themselves as the #1 in enterprise IT, with key services including business applications, digital solutions for modern states, IT infrastructure, cybersecurity, cloud services, and comprehensive IT support. The company is part of the KKCG group, indicating a solid corporate backing. Technically, the website is built on Kentico CMS and leverages modern web technologies and marketing tools such as Google Tag Manager, Microsoft Clarity, and various social media pixels, reflecting a mature digital infrastructure. Security posture is good with HTTPS enforced and reCAPTCHA implemented, though some security headers are missing and no explicit incident response contacts are provided. Privacy compliance is well addressed with a comprehensive GDPR policy and cookie consent mechanisms. Overall, the website is professional, well-designed, and trustworthy, though the lack of WHOIS data for the domain introduces some uncertainty about domain registration legitimacy.

AVE CZ odpadové hospodářství s.r.o. is a leading Czech company specializing in waste management, municipal services, environmental remediation, demolition, road maintenance, and facility management. The company positions itself as a market leader with a strong focus on ecological responsibility and community engagement. Their website reflects a professional and comprehensive digital presence, featuring detailed service descriptions, press releases, and CSR initiatives. Technically, the site is built on modern frameworks such as Next.js and React, hosted on DigitalOcean, and incorporates standard marketing and analytics tools like Google Tag Manager and Cookiebot for privacy compliance. Security posture is adequate with HTTPS enforced and cookie consent implemented, though explicit security headers are not confirmed. The absence of WHOIS data limits domain trust assessment, but the website content and business operations appear legitimate and well-established. Overall, the site demonstrates a mature digital infrastructure with good content quality and user experience, supporting the company's market position and business credibility.

E

ELEKTRO Skalka s.r.o

e-elektro.cz

49

ELEKTRO Skalka s.r.o operates the e-commerce website www.e-elektro.cz, specializing in the sale of vacuum cleaner bags, HEPA filters, and related household electronic accessories primarily targeting customers in the Czech Republic. The company positions itself as a niche retailer with a focus on vacuum cleaner parts and small electrical appliances, offering a broad catalog of products with clear pricing and availability. The website is professionally designed with good navigation and mobile optimization, supporting customer engagement through contact forms, phone, and email. Privacy and cookie policies are implemented with GDPR compliance in mind, including consent mechanisms.

S

SackyVysavace.cz

sackyvysavace.cz

56

SackyVysavace.cz is a Czech Republic based specialized e-commerce retailer focused on vacuum cleaner bags, filters, and accessories. The website offers a broad catalog of products with clear categorization and supports online ordering with options for delivery and 24/7 personal pickup at a physical location in Prague. The business targets consumers and small businesses needing vacuum cleaner supplies. Technically, the website uses a mix of modern JavaScript libraries and tracking tools, including Google Analytics and Tag Manager, with a proprietary or custom e-commerce platform (Shopion.cz). The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and published security policies. WHOIS data is unavailable, which reduces trustworthiness from a domain registration perspective, but the website content and contact details appear legitimate and professional. Overall, the site is safe, compliant with GDPR, and suitable for general audiences.

B

Úvodní stránka | BEST

bestvisio.cz

65

BESTVISIO.cz is a Czech Republic based small business specializing in providing innovative digital tools for customers to select and visualize paving and fencing products. Their offerings include online configurators for paving and fences and a virtual reality application that allows users to preview fencing options in real environments using mobile devices. The website is professionally designed with good content quality and consistent branding, targeting homeowners and customers interested in outdoor home improvement products. Technically, the site uses modern web technologies including lazy loading images, responsive CSS, and integrates Google Analytics and CookieHub for tracking and cookie consent management. Security posture is moderate with cookie consent and Google reCaptcha usage but lacks visible security headers and published privacy policies. WHOIS data is unavailable, indicating privacy protection, which slightly reduces transparency but is not uncommon for small businesses. Overall, the site is safe, user-friendly, and provides useful tools for its niche market.

B

BEST, a.s.

best.cz

65

BEST, a.s. is a well-established Czech manufacturer and retailer specializing in concrete products for terraces, gardens, and outdoor construction. With over 30 years in the market and a broad product portfolio exceeding 4,000 variants, BEST holds a leading position in its industry. The company offers a comprehensive range of products including paving stones, fences, palisades, drainage systems, and construction blocks, supported by physical showrooms and digital tools like BEST VISIO for product visualization. The website reflects a mature digital presence with professional design, clear navigation, and extensive content tailored to both professional contractors and end consumers. Technically, the website employs modern web technologies including Google Tag Manager, reCAPTCHA, and various JavaScript libraries to enhance user experience and security. The site is mobile-optimized and implements cookie consent mechanisms compliant with GDPR. Security measures include HTTPS enforcement and spam protection on forms, though some security headers are not explicitly detected. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data for the domain is unavailable from the CZ NIC WHOIS server, which limits verification of domain registration details. Despite this, the website's professional appearance, certifications, and business information support its legitimacy. No signs of malicious activity or content blocking were detected, and the site maintains a high level of trustworthiness. Overall, BEST, a.s. demonstrates a strong business and digital maturity with good security posture and privacy compliance. Strategic improvements could include enhancing security headers, publishing a security policy, and adding incident response contacts to further strengthen trust and compliance.

Mobirise Ltd operates the Mobirise AI Website Generator, a technology platform that enables users to create professional websites easily using AI and drag-and-drop tools. The company targets a broad audience including small businesses, freelancers, bloggers, and e-commerce startups, positioning itself as a flexible and user-friendly alternative to other AI website builders. Technically, the website is built on modern frameworks like Bootstrap 5 and integrates analytics and advertising tools such as Google Tag Manager and Facebook Pixel. The security posture is solid with HTTPS and domain protections, though some headers and explicit security policies could be improved. Privacy compliance is adequate with clear privacy and terms pages, but lacks cookie consent mechanisms. Overall, the website is professional, trustworthy, and well-optimized for SEO and mobile use.

M

Mairie de Megève

megeve-booking.com

61

The website megeve-booking.com serves as the official online booking platform for the Megève tourism office, specializing in accommodation and activity reservations in the Megève ski resort area in Haute-Savoie, France. It targets tourists and visitors seeking a seamless booking experience for hotels, chalets, and local activities. The platform is positioned as a trusted and official channel supported by the local municipality (Mairie de Megève), enhancing its credibility and market presence. Technically, the site employs modern web technologies including JavaScript frameworks, lazy loading for images, and integrates Google Tag Manager and Cookiebot for analytics and privacy compliance. The platform is hosted under a stable domain registered in 2021 with a 5-year validity period. The website is mobile-optimized and SEO-friendly, providing a good user experience with clear navigation and professional design. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent mechanisms. However, it lacks DNSSEC and explicit security headers, and no dedicated security policy or incident response contact is published. No vulnerabilities or exposed sensitive data were detected in the analysis. Overall, the security posture is solid but could be improved with additional security best practices. The overall risk assessment is low, with no signs of malicious activity or suspicious content. The site complies with GDPR requirements, providing privacy and cookie policies, and offers clear contact information. Strategic recommendations include enabling DNSSEC, adding security headers, publishing a security policy, and considering a security.txt file to enhance transparency and trust.

B

Beetween

beetween.fr

41

Beetween is a French-based company founded in 2007 that provides a customizable online recruitment software solution (ATS) targeting recruiters and HR professionals. The website presents a professional and user-friendly platform with a clear focus on recruitment process optimization and collaboration. The company positions itself as a flexible and adaptable solution across various sectors and company sizes. Technically, the website is built on WordPress and integrates multiple marketing and analytics tools such as HubSpot, Microsoft Clarity, and Google Tag Manager, hosted by OVH. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks some security headers and published security policies. Privacy compliance is limited due to missing explicit privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness.

T

tolk.ai - Generative AI powered Chatbot and Livechat solutions

thechatbotfactory.com

65

tolk.ai is a French technology company specializing in generative AI-powered chatbots and livechat solutions designed to enhance customer relations. Their SaaS platform offers no-code deployment of AI virtual assistants, livechat agents, and analytics tools to improve customer service efficiency and business insights. The company targets businesses seeking advanced conversational AI to automate pre- and post-sales customer interactions. The website demonstrates a professional digital presence with partnerships such as Microsoft France and availability on Azure Marketplace, indicating a credible market position. Technically, the site is built on WordPress with modern plugins and analytics integrations, providing moderate performance and good mobile optimization. Security posture is solid with HTTPS and no exposed sensitive data, though improvements in security headers and explicit policies are recommended. Privacy compliance is partial, lacking visible privacy and cookie policies on the main page. Overall, tolk.ai presents a trustworthy and professional business with room for enhanced transparency and security documentation.

A

Apidae Tourisme

apidae-tourisme.com

50

Apidae Tourisme operates a leading national platform for tourism data management in France, serving over 900 clients and 30,000 professional users. The company provides a cooperative SaaS platform enabling territories to collect, enrich, and distribute tourism-related data, supporting both institutional stakeholders and digital service providers. Their market position is strong as a key enabler of digital transformation in the tourism sector. Technically, the website is built on WordPress with modern JavaScript libraries and plugins, offering good performance and mobile optimization. Security measures include HTTPS, anti-spam protection, and GDPR-compliant cookie management, though additional security headers could enhance posture. The absence of WHOIS data is a concern but does not detract from the professional and trustworthy presentation of the business. Overall, Apidae Tourisme demonstrates a mature digital presence with solid business credibility and compliance.

S

SK Slavia Praha

slavia.cz

46

SK Slavia Praha is a prominent Czech football club with a well-established online presence through its official website. The site serves as a comprehensive platform for fans and stakeholders, offering news, match schedules, ticket sales, team information, and fan engagement content. The business model revolves around sports media, merchandising, and ticketing services, targeting football enthusiasts primarily in the Czech Republic. The website reflects a professional brand image consistent with the club's reputation and partnerships.

F

Fotbalový Klub Jablonec a.s.

fkjablonec.cz

47

FK Jablonec is a well-established Czech football club with a strong digital presence through its official website. The site serves as a comprehensive platform for fans and stakeholders, offering news, match information, player statistics, ticketing details, and a merchandise e-shop. The club maintains active engagement with its audience via multiple social media channels and partners with various sponsors and organizations, reflecting a solid market position within Czech football. The website's design is professional and consistent with the club's branding, targeting football enthusiasts and the local community. Technically, the site employs modern web technologies including JavaScript, Google Tag Manager, and custom CSS, hosted on a Czech hosting provider, ensuring moderate performance and good mobile optimization. Security-wise, the site uses HTTPS and implements a detailed cookie consent mechanism aligned with GDPR requirements, though it lacks explicit security headers and incident response contact information. Overall, FK Jablonec's website demonstrates a mature digital infrastructure with room for enhanced security practices and transparency. Strategic recommendations include adding security headers, publishing a security.txt file, and providing clearer contact information for privacy and incident response. These improvements would strengthen the club's trustworthiness and compliance posture while maintaining its strong fan engagement and business credibility.

FC VIKTORIA Plzeň is a Czech football club with an established online presence dating back to at least 2001, as indicated by the domain registration. The website serves primarily as an informational platform for fans and the local community, offering basic content about the club. Technically, the site uses a combination of older web technologies such as jQuery 1.11.3 and Bootstrap 3.3.7, along with modern tracking tools like Google Analytics and Facebook Pixel. The site lacks advanced CMS integration and appears to be custom-built, with moderate performance and basic mobile optimization. From a security perspective, the website uses HTTPS but lacks important security headers and visible privacy or cookie policies, which reduces its compliance posture. There are no visible forms or contact mechanisms, limiting user interaction and data collection. The WHOIS data is consistent with the website's claims, showing a long-standing domain registration without privacy protection, appropriate for a public sports entity. Overall, the website is functional but basic, with room for improvement in privacy compliance, security hardening, and user engagement features. The absence of contact information and policies may impact user trust and regulatory compliance. Strategic enhancements in these areas would improve the site's professionalism and security posture.

F

FC Slovan Liberec

fcslovanliberec.cz

45

FC Slovan Liberec operates an official website serving as the primary digital platform for the Czech football club. The site offers comprehensive content including team news, match schedules, ticketing options, fan merchandise, and multimedia galleries, targeting football fans and local community members. The website demonstrates a consistent brand presence and integrates multiple partner and sponsor domains, reflecting a well-established sports organization. Technically, the site employs modern web technologies such as Bootstrap and jQuery, with performance and mobile optimization rated as good. Security posture is solid with HTTPS enforced and cookie consent mechanisms implemented, though explicit security headers and detailed privacy policies are absent. The lack of WHOIS data is a notable gap, reducing domain trustworthiness despite the legitimate appearance of the site. Overall, the website is professional and user-friendly but would benefit from enhanced transparency in privacy and security policies.

F

FK Dukla Praha

fkduklapraha.cz

51

FK Dukla Praha is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club, including team rosters, match reports, fan engagement activities, and an integrated fan shop. The club targets football fans and the local community, leveraging merchandising and ticket sales as key revenue streams. Technically, the website employs modern web technologies such as Bootstrap and jQuery, and integrates multiple analytics and marketing tools including Google Analytics and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the website uses HTTPS and implements cookie consent mechanisms, but could improve by adding explicit security headers and a vulnerability disclosure policy. The domain registration data is consistent with the club's history and location, supporting the site's legitimacy. Overall, the website demonstrates a mature digital infrastructure suitable for its business model but has room for security and compliance enhancements.

A

AC Sparta Praha

sparta.cz

66

AC Sparta Praha operates an official website serving as the primary digital platform for the football club, providing fans with news, match results, player information, and ticket purchasing options. The site targets football enthusiasts primarily in the Czech Republic and maintains a strong brand presence consistent with its long history since 1893. The domain age and WHOIS data confirm the legitimacy and stability of the online presence. Technically, the site is built on modern frameworks such as Next.js and leverages Cloudflare for DNS and CDN services, ensuring good performance and security. The use of Cookiebot for consent management and integration with major analytics and advertising platforms like Google Analytics, Facebook Pixel, and Gemius demonstrates a mature digital marketing and compliance posture. Security-wise, the site enforces HTTPS, employs security headers, and avoids exposing sensitive data, though explicit security policies and incident response contacts are not published. Overall, the website is professional, secure, and compliant with GDPR, making it a trustworthy platform for its audience.

1

1.FC Slovácko, a. S.

fcslovacko.cz

53

1.FC Slovácko, a. S. is a professional football club based in the Czech Republic, operating an official website that serves as a hub for club information, match results, team rosters, and fan engagement. The website targets football fans and the local community, providing news, multimedia content, and links to social media and a fanshop. The club competes in the top Czech football league, positioning itself as a recognized sports entity in the region. The website infrastructure utilizes modern web technologies including JavaScript, Google Tag Manager, YouTube Player API, and the Nette Framework. It demonstrates good mobile optimization and responsive design, with a moderate performance profile. The site is hosted securely with HTTPS and integrates external content and partner links effectively, though some technical improvements in security headers and privacy disclosures are recommended. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and formal privacy or cookie policies, which are important for compliance and user trust. No vulnerabilities or suspicious content were detected. The absence of WHOIS data limits domain registration insights but the overall digital presence and partner ecosystem support legitimacy. Overall, the website is professional and trustworthy, with room for enhancement in privacy compliance and security best practices. Strategic improvements in these areas will strengthen user confidence and regulatory adherence.

F

FANSHOP

fanshopfcb.cz

57

The website fanshopfcb.cz operates as an e-commerce platform specializing in fan merchandise for FC Baník Ostrava, offering a variety of products including clothing, accessories, and wines. The site targets fans of the football club and general sports merchandise buyers primarily in the Czech Republic. The business model is focused on online retail with a niche market position serving regional fan communities. Technically, the website employs a mix of JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics for tracking, and uses external services like Mapy.cz API and Packeta for shipping. The platform appears to be built on a proprietary or custom CMS (likely K2). The site is mobile optimized with moderate performance and basic SEO and accessibility features. From a security perspective, the site enforces HTTPS and uses secure login forms but lacks visible security headers and comprehensive privacy or terms of service documentation. No WHOIS data is available, which raises concerns about domain registration transparency. The site includes cookie consent mechanisms but does not provide explicit privacy policy details, impacting privacy compliance. Overall, the website presents a functional and professional e-commerce presence with room for improvement in security best practices, privacy transparency, and domain registration legitimacy. Strategic recommendations include implementing security headers, publishing privacy and terms policies, and verifying domain registration details to enhance trust and compliance.

S

Spolek ALSA

fandimestejne.cz

54

The website 'Fandíme stejně' is a Czech non-profit campaign dedicated to supporting people with Amyotrophic Lateral Sclerosis (ALS) by raising awareness and funds for the ALSA organization. It leverages partnerships with prominent sports clubs and Fortuna, a major Czech betting company, to engage the sports fan community in charitable activities. The site provides information about ALS, the campaign, donation options, and upcoming sports events tied to the initiative. Technically, the website is built on a modern SvelteKit framework, hosted on Cloudflare, and employs best practices such as HTTPS, security headers, and cookie consent management via Usercentrics. However, it lacks explicit privacy and terms of service pages and does not provide direct contact information, which are areas for improvement. The WHOIS data shows an anomalous future domain creation date, likely a data error, but the overall legitimacy is supported by the content and partnerships. The site is safe, professional, and well-optimized for mobile and SEO.

V

Vixio Regulatory Intelligence

gamblingcomplianceawards.com

51

The GamblingCompliance Awards website is a professionally maintained platform operated by Vixio Regulatory Intelligence, a UK-based company specializing in regulatory intelligence and compliance within the gambling industry. The site promotes the annual Global Regulatory Awards, which recognize excellence in compliance and responsible gambling. The business is well positioned as a leading organizer of these industry awards, targeting compliance professionals and stakeholders globally. The website provides comprehensive information about the awards, sponsors, history, and booking options, reflecting a mature and stable business model focused on event organization and sponsorship. Technically, the website is built on Drupal 10 with modern front-end frameworks like Bootstrap 4 and integrates Google Analytics and Tag Manager for tracking. Hosting appears to be on Amazon AWS infrastructure, supported by AWS DNS servers. The site is mobile optimized, accessible, and SEO friendly, with cookie consent mechanisms in place, indicating good digital maturity and compliance with privacy regulations. From a security perspective, the site enforces HTTPS and uses cookie consent banners, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected. WHOIS data confirms a consistent and legitimate domain registration aligned with the business claims. Overall, the security posture is good but could be improved by adding formal security policies and enabling DNSSEC. The overall risk assessment is low, with no critical issues found. Strategic recommendations include publishing a security policy, adding incident response and vulnerability disclosure information, enabling DNSSEC, and implementing additional security headers to enhance protection and trust. The website is trustworthy, professional, and compliant with relevant privacy and security standards.

G

Gordon Moody Association

gordonmoody.org.uk

58

Gordon Moody Association is a well-established UK-based charity dedicated to tackling gambling-related harm through residential treatment and support services. The organization positions itself as the leading UK charity in this niche, offering a range of services including counselling, self-assessment tools, professional referrals, and crisis support. Their target audience includes individuals affected by gambling addiction, their families, and healthcare professionals. The website reflects a professional and trustworthy image with consistent branding and comprehensive content focused on their mission. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, Google Tag Manager, and Tawk.to live chat. The site demonstrates good mobile optimization, accessibility, and SEO practices. Performance is moderate, with room for optimization. The use of structured data enhances search engine visibility and user experience. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks explicit security headers and a public vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and long-standing presence, aligning with the charity's history. Overall, the website presents a low-risk profile with strong business credibility and good privacy compliance. Strategic improvements in security headers and incident response transparency could further enhance their security posture.

C

Coinmate s.r.o

ushop.cz

66

Coinmate s.r.o operates a well-established European cryptocurrency exchange platform, primarily targeting customers in Czechia and Slovakia, with a focus on trading cryptocurrencies against the euro and Czech koruna. The company has been in operation since 2013, positioning itself as a trusted and local player in the crypto finance sector. Their services include quick buy options, automated recurring purchases, a professional trading platform integrated with TradingView, and API access for automated trading bots. The website is professionally designed, mobile-optimized, and provides clear navigation and relevant content for its target audience.

SGS is a globally recognized enterprise specializing in testing, inspection, and certification services across multiple industries including energy, transportation, manufacturing, and government sectors. Established in 1878 and headquartered in Switzerland, SGS holds a leading market position with a comprehensive portfolio of services that ensure quality, safety, and compliance for its clients worldwide. The website reflects this stature with professional branding, clear messaging, and a focus on business clients seeking trusted verification and certification solutions. Technically, the site employs modern frameworks such as Next.js and React, combined with Tailwind CSS for styling, ensuring a fast, responsive, and accessible user experience. The presence of advanced analytics and marketing tools like Google Tag Manager and LinkedIn Insight Tag indicates a mature digital marketing strategy with moderate user tracking balanced by privacy compliance mechanisms including cookie consent and GDPR-aligned policies. Security-wise, the site enforces HTTPS with strong security headers and no visible vulnerabilities, reflecting a robust security posture appropriate for an enterprise of its scale. However, the absence of WHOIS data limits domain registration trust analysis, though the overall professionalism and trust signals mitigate concerns. Strategic recommendations include enhancing incident response visibility, establishing a formal vulnerability disclosure program, and maintaining rigorous security audits to sustain trust and compliance.

V

Vilgain

vilgain.ch

72

Vilgain is a Swiss-based e-commerce company specializing in sports nutrition, functional foods, supplements, cosmetics, and related wellness products. The website targets health-conscious consumers primarily in the DACH region and Switzerland, offering a broad product catalog with multiple localized domains to serve various European markets. The business model focuses on direct online retail with value-added content such as expert articles and recipes, supported by strong customer trust signals including a Trusted Shops certification and a 100% money-back guarantee. Technically, the website employs modern JavaScript frameworks, lazy loading, responsive design, and integrates error monitoring via Sentry and analytics through Google Tag Manager. The site is well-optimized for mobile devices and SEO, though some accessibility features are basic. Security posture is solid with HTTPS enforced and nonce attributes for scripts, but lacks explicit security headers and published security policies. From a security and compliance perspective, the site does not expose sensitive data or vulnerable libraries in the analyzed content. However, it lacks visible privacy and cookie policies, consent mechanisms, and incident response or vulnerability disclosure information, which are critical for GDPR compliance and user trust. No contact emails or phone numbers were found in the provided HTML, limiting direct communication channels. Overall, Vilgain presents a professional and trustworthy e-commerce platform with good technical infrastructure and strong business credibility. To enhance security and compliance, it should publish comprehensive privacy and cookie policies, implement consent mechanisms, and provide clear contact information and security incident procedures.

V

Vilgain

vilgain.co.uk

73

Vilgain is a UK-based e-commerce business specializing in sports nutrition, functional foods, sportswear, and fitness equipment. The company targets athletes and health-conscious consumers, offering a range of products designed to improve athletic performance and overall health. The website is professionally designed with consistent branding and clear navigation, supporting a positive user experience. The business has a moderate market position with a focus on quality and customer satisfaction, as evidenced by trust signals such as a money-back guarantee and positive reviews on Trustpilot. Technically, the website employs modern web technologies including JavaScript, Sentry for error tracking, and Google Tag Manager for analytics and marketing. The site is mobile-optimized and uses HTTPS with a good SSL configuration, though it lacks some advanced security headers. Performance is moderate, and SEO practices are adequately implemented. Privacy compliance is weak due to the absence of explicit privacy and cookie policies and consent mechanisms. From a security perspective, the site benefits from HTTPS and nonce attributes on scripts, reducing risks of injection attacks. However, the lack of security headers and formal incident response or vulnerability disclosure policies indicates room for improvement. No critical vulnerabilities or suspicious patterns were detected. The domain registration is consistent and appropriate for the business age and scope. Overall, Vilgain presents a trustworthy and professional e-commerce platform with good technical and security foundations but requires enhancements in privacy compliance and security best practices to further strengthen its posture.

Q

Quorum

quorum.us

11

Quorum is a technology company specializing in AI-powered public affairs software designed to help government affairs professionals, advocacy groups, and public sector organizations efficiently track legislation, manage stakeholders, and execute advocacy strategies. The company positions itself as a market leader with a comprehensive suite of tools covering federal, state, local, and international policy landscapes. Their platform integrates AI capabilities to provide actionable intelligence and streamline public affairs workflows. Technically, Quorum's website is built on WordPress and leverages a modern technology stack including Google Tag Manager, Microsoft Clarity, Marketo, and Osano for consent management. The site demonstrates good performance, mobile optimization, and accessibility, with strong SEO practices. The use of multiple analytics and marketing tools indicates a mature digital marketing infrastructure. From a security perspective, the website enforces HTTPS and employs cookie consent mechanisms aligned with GDPR compliance. While some security headers are not explicitly detected, the overall security posture is strong with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is mitigated by the professional and consistent website content, strong trust signals, and legitimate business presence. Overall, Quorum presents a low-risk profile with a well-maintained digital presence, strong business credibility, and adherence to privacy and security best practices. Strategic recommendations include enhancing security headers and continuing regular audits of third-party scripts to maintain security and compliance.

Agorastore is a French online auction platform specializing in the sale of second-hand equipment, vehicles, professional materials, furniture, and real estate assets primarily from public entities and companies. The platform targets professionals and public organizations seeking to liquidate assets through auctions, positioning itself as a niche market leader in France. The website demonstrates a good level of digital maturity, employing modern web technologies such as React, Google Tag Manager, and a comprehensive consent management platform (Didomi) to ensure GDPR compliance. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. Security posture is generally good with HTTPS enforced and consent mechanisms in place, though the use of an outdated jQuery version and lack of explicit security headers suggest room for improvement. The absence of WHOIS data is a notable concern, reducing domain trustworthiness from a registration perspective. Overall, the website is functional, compliant, and trustworthy for its intended audience, but should address technical and security enhancements to strengthen its posture.

M

Megève Tourisme

megeve.com

69

Megève Tourisme operates a comprehensive and professionally designed tourism website promoting the alpine resort of Megève in France. The site targets tourists interested in skiing, outdoor activities, gastronomy, and cultural experiences. It serves as an official or semi-official portal with extensive content, event calendars, and accommodation booking links. The technical infrastructure is based on WordPress with modern plugins and analytics tools, ensuring good SEO, accessibility, and mobile responsiveness. Security posture is strong with HTTPS and security headers, though no explicit security policy or incident response contacts are published. WHOIS data is privacy-protected but the domain is active and well-maintained, supporting legitimacy. Overall, the website is a trustworthy and valuable resource for visitors planning a stay in Megève.

K

Koredge

koredge.fr

49

Koredge is a well-established French digital agency and ESN with over 25 years of experience, specializing in custom web development, digital marketing, and proprietary software tools tailored for sectors such as transport, tourism, sport, healthcare, and public administration. The company operates primarily in Besançon, Paris, and Lyon, offering a comprehensive suite of services including website creation, application development, e-commerce solutions, and cybersecurity. Their market position is strengthened by a strong portfolio of client testimonials and sector-specific expertise. Technically, the website is built on WordPress with modern frameworks like Symfony, Angular, and Ionic mentioned in their service offerings. The site employs SEO best practices, Google Tag Manager, and social media tracking pixels, indicating a mature digital infrastructure. Mobile optimization and accessibility are well addressed, contributing to a positive user experience. From a security perspective, the site uses HTTPS and asynchronous loading of tracking scripts, but lacks explicit security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. However, the absence of privacy and cookie policies and missing WHOIS data slightly reduce the overall trustworthiness. Overall, Koredge presents a professional and credible digital presence with strong business and technical foundations. Strategic improvements in privacy compliance and security transparency would further enhance their risk posture and client trust.

M

Moravské hospodářství

moravskehospodarstvi.cz

49

Moravské hospodářství is a Czech regional news media website established in 2008, providing news, economic updates, cultural events, and commentary primarily focused on Moravia and the Czech Republic. The website uses WordPress CMS with modern plugins for GDPR and cookie compliance, and it maintains a moderate to good technical infrastructure including HTTPS and Google Analytics integration. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The site is accessible without WAF or blocking mechanisms, indicating good availability. Overall, the website is professional, trustworthy, and compliant with privacy regulations, targeting Czech-speaking audiences interested in regional news and economy.

L

LUXUS.cz

luxus.cz

45

LUXUS.cz is a Czech luxury lifestyle online magazine offering premium content including interviews, event coverage, competitions, and reportages. The site targets a Czech-speaking audience interested in luxury goods and lifestyle. It maintains partnerships with reputable luxury brands and financial institutions, enhancing its market position as a trusted media outlet in the luxury segment. Technically, the website is built on Drupal 8 CMS, utilizing common JavaScript libraries and Google Tag Manager for analytics with privacy-conscious configurations. The site is mobile-optimized and presents a professional design with clear navigation. Security posture is moderate with HTTPS enabled and some privacy measures in analytics, but lacks explicit security headers and formal privacy/cookie policies. WHOIS data is unavailable, which impacts domain trustworthiness, but the website content and partner affiliations support legitimacy. Overall, the site is safe, professional, and well-positioned in its niche, though improvements in privacy compliance and security headers are recommended.

Asseco Group is a large, established IT federation operating globally with a strong focus on proprietary software solutions for sectors such as banking, insurance, public administration, healthcare, and telecommunications. The company is publicly listed on multiple stock exchanges and holds a significant market position as the 6th largest software vendor in Europe. Their website reflects a mature digital presence built on TYPO3 CMS, integrating modern analytics and marketing tools, and offering a multilingual, regionally segmented user experience. Security posture is solid with HTTPS and reCAPTCHA protections, though there is room for improvement in DNS security and published security policies. Overall, the site is professional, trustworthy, and well-structured, supporting the company's enterprise-level stature.

P

Premium Media Group

premiumsports.cz

54

Premiumsports.cz is a Czech online media platform focused on premium sports and lifestyle content, operated by Premium Media Group. The website offers a variety of articles, news, and features primarily related to golf, cycling, skiing, and other sports, targeting sports enthusiasts and premium lifestyle audiences. The business model revolves around content publishing, advertising, and subscription sales. The site demonstrates a consistent brand presence and good content quality with regular updates and professional design. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and OneSignal for push notifications. It uses several plugins for enhanced user experience and advertising management. The site is mobile optimized and SEO friendly, though performance is moderate. Hosting provider details are not explicitly found. From a security perspective, the site uses HTTPS with valid SSL certificates but lacks visible security headers and explicit cookie consent mechanisms. No sensitive data exposure or vulnerabilities were detected in the HTML content. Privacy policy is present and appears GDPR compliant, but no explicit security or incident response policies are published. The WHOIS data is unavailable, which slightly reduces domain trustworthiness but is common for some ccTLDs. Overall, Premiumsports.cz presents a professional and trustworthy media platform with room for improvement in security headers, cookie consent, and transparency of security policies. The absence of WHOIS data is a minor concern but does not significantly impact the site's credibility given its content and branding.

K

Kofola a.s.

ondrasovka.cz

54

Ondrášovka is a Czech mineral water brand offering 100% natural and flavored mineral waters. It operates under the parent company Kofola a.s., a well-established beverage manufacturer. The website showcases a strong brand presence with detailed product information, environmental and educational initiatives, and community engagement projects. The site is well-structured, visually appealing, and mobile-optimized, providing a positive user experience. Technically, the website uses modern JavaScript libraries such as jQuery, fullPage.js, and Fancybox, alongside analytics tools like Google Tag Manager, Microsoft Clarity, and Facebook Pixel, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced, but lacks some security headers and formal security policies. Privacy compliance is basic with a cookie consent mechanism but no visible privacy or terms of service pages. WHOIS data is unavailable, limiting domain registration trust assessment, but the business information and content strongly indicate legitimacy. Overall, the website is professional, trustworthy, and well-positioned in its market segment.

L

LVMH

lvmh.com

66

LVMH is a leading global luxury goods conglomerate managing a portfolio of prestigious brands across fashion, cosmetics, wines, and spirits. The company positions itself as a world leader in high-quality products, emphasizing heritage, identity, and expertise of its Houses. The website reflects this positioning with professional design, multilingual support, and comprehensive corporate information targeting luxury consumers, investors, suppliers, and press. Technically, the site leverages modern frameworks such as Next.js and React, supported by Akamai CDN for performance and global reach. Privacy and cookie compliance are robustly implemented with OneTrust and clear policies. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response information are not prominently published. Overall, the site demonstrates a mature digital presence consistent with a large enterprise luxury brand, with minor recommendations to enhance transparency on security and vulnerability disclosures.

Č

Česká manažerská asociace

cma.cz

60

Česká manažerská asociace (ČMA) is a Czech non-profit organization focused on supporting and developing the skills of managers, entrepreneurs, and leaders across professions. It positions itself as the only association in the Czech Republic dedicated exclusively to these groups, offering membership, expert teams, events, and collaboration with academic institutions and startups. The website is professionally designed, content-rich, and well-structured, targeting Czech-speaking professionals. Technically, the site runs on WordPress with modern plugins such as Yoast SEO and Complianz GDPR, and integrates Google Analytics and Tag Manager for analytics and tracking. Security posture is strong with HTTPS and cookie consent mechanisms, though additional security headers could enhance protection. The absence of WHOIS data is a concern for domain legitimacy verification, but the website's professional presentation and active social media presence support its credibility. Overall, the site demonstrates a mature digital presence with good privacy compliance and user engagement.

G

GALARD

galard.cz

46

GALARD is a Czech bespoke tailoring company specializing in custom suits, shirts, shoes, and gentleman's accessories. With over a decade of experience, it serves a discerning male clientele seeking high-quality, personalized fashion. The company operates physical salons in Prague and Brno and offers personalized services including home and office visits, express production, and fashion consultations. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site employs modern tracking and marketing tools such as Google Tag Manager and Facebook Pixel, with a cookie consent mechanism in place, indicating GDPR compliance awareness. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit incident response information. WHOIS data is unavailable, which slightly impacts domain trustworthiness but does not detract from the overall legitimacy of the business. The site is safe for general audiences and free from adult or questionable content.

E

European Arts Investments s.r.o.

europeanarts.cz

45

European Arts Investments s.r.o. operates a reputable auction house and gallery specializing in Czech and European fine art. Established in 2013, the company has built a strong market position in Central Europe, hosting prestigious live auctions and offering curated art collections. Their services include live and online auctions, pre-auction exhibitions, and virtual tours, targeting collectors, investors, and art enthusiasts. The website reflects a professional and consistent brand image with comprehensive business information and clear contact details. Technically, the site employs modern JavaScript libraries and tracking tools, with good mobile optimization and SEO practices. Security posture is moderate, with room for improvement in HTTP security headers and incident response transparency. Privacy compliance is well addressed through a detailed cookie consent mechanism and a comprehensive privacy policy. Overall, the site is trustworthy and well-maintained, supporting the company's credible market presence.

D

Domanský s.r.o.

domansky.cz

46

Domanský s.r.o. operates as an authorized automotive dealer specializing in Peugeot, Citroën, Hyundai, Toyota, and DS vehicles. The company offers a comprehensive range of services including new and used car sales, vehicle servicing, financing options such as leasing and loans, and sales of spare parts and accessories. The website reflects a well-established regional dealership with a professional online presence targeting customers primarily in the Czech Republic. The business model focuses on direct sales and after-sales services, supported by multiple brand partnerships and dedicated subdomains for each brand. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for SEO, user interaction, and analytics. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with enforced HTTPS and cookie consent mechanisms, though it lacks some advanced security headers. The absence of publicly available WHOIS data limits domain transparency but does not detract from the apparent legitimacy of the business. Overall, the site demonstrates a solid digital maturity appropriate for its industry and market position.

B

BEST, a.s.

best.info

10

BEST, a.s. is a well-established Czech manufacturer specializing in concrete products for terraces and gardens, including various types of paving stones, fences, palisades, and construction blocks. The company positions itself as a market leader with over 30 years of experience and a broad product portfolio exceeding 4,000 variants. Their business model combines manufacturing with retail and customer support services, including physical showrooms and digital tools like the BEST Visio application for product visualization. The website reflects a mature digital presence with comprehensive content, clear navigation, and strong branding consistency.

AURES Holdings a.s. is a leading European automotive retail company specializing in the sale of pre-owned cars through multiple established brands such as AAA AUTO, Mototechna, and RESULMATIC. With a history dating back to 1992 and a customer base exceeding 3.3 million, the company operates primarily in Central and Eastern Europe, holding market leadership positions in several countries. Their business model leverages advanced data analytics, machine learning, and omnichannel sales strategies to optimize sourcing, pricing, and customer engagement. Technically, the website employs modern JavaScript libraries and analytics tools, with a responsive design and good SEO practices, though some accessibility and security header improvements are possible. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting the company's credible market presence.