Security Directory

V

Vinescapes

vinescapes.com

68

Vinescapes is a specialist consultancy and service provider focused on the wine industry, offering expertise in grape growing, winemaking, vineyard management, winery design, investment advice, training, and research. The company targets wine professionals, vineyard owners, and investors primarily in the UK market. The website is built on a modern WordPress platform using Elementor and WooCommerce, integrating various third-party services such as Google Analytics, AdRoll, and Maploom API for enhanced functionality and marketing. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not published. Privacy compliance is partial, with a cookie consent mechanism present but no clear privacy policy or terms of service pages found. The absence of WHOIS registration data for the domain is a notable concern, suggesting the domain may be unregistered or privacy protected, which impacts trustworthiness. Overall, the site is professional, well-branded, and content-rich, but would benefit from improved transparency in privacy and security policies.

A

Asia Beverage Media Group Limited

cellar.asia

47

Cellar.Asia is a specialized online media publication operated by Asia Beverage Media Group Limited, focusing on the Asian wine market. The website offers wine news, reviews, educational content, and brand stories targeted at wine enthusiasts, sommeliers, and industry professionals in Asia. The business operates primarily as a content publisher and advertising platform, positioning itself as a niche leader in Asian wine media. Technically, the site is built on WordPress with modern web technologies, including Google Analytics and Tag Manager for tracking, and Cloudflare for DNS services. The site is mobile-optimized and features good SEO practices, though accessibility is basic. Security posture is solid with HTTPS and domain transfer protections, but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and well-maintained, with room for improvement in privacy and security transparency.

G

Grandes Vinos y Viñedos, S.A.

grandesvinos.com

54

Grandes Vinos y Viñedos, S.A. operates a professional winery and e-commerce platform focused on wines from the Cariñena region in Spain. The company emphasizes sustainable viticulture and cultural legacy, targeting wine consumers and enotourism visitors. The website is well-designed, mobile-optimized, and integrates modern technologies including WordPress, WooCommerce, and Google Tag Manager. Privacy and cookie policies are comprehensive and GDPR compliant, with clear consent mechanisms. Security posture is good with HTTPS and no evident vulnerabilities, though some security headers could be improved. The absence of WHOIS data for the domain is a concern for domain legitimacy verification but is offset by strong branding, certifications, and social media presence. Overall, the site presents a trustworthy and professional digital presence with moderate risk due to domain registration opacity.

Z

Zuora

zuora.com

75

Zuora is an enterprise-level technology company specializing in subscription and monetization solutions. Their platform supports businesses with subscription management, billing, payments, and revenue recognition, positioning them as an industry leader in subscription-based business models. The website reflects a mature digital presence with comprehensive content, strong branding, and a clear focus on business customers leveraging subscription or consumption-based monetization. Technically, Zuora's website is built on WordPress with modern plugins and marketing integrations, including Google Tag Manager, Marketo, and TrustArc for privacy compliance. The site is well-optimized for SEO, accessibility, and mobile responsiveness, indicating a high level of digital maturity. Security-wise, the site enforces HTTPS, implements key security headers, and uses cookie consent mechanisms, reflecting good security hygiene. However, explicit security policies and incident response information are not publicly available, which could be improved to enhance trust. The WHOIS data is unavailable, which reduces transparency but does not detract significantly from the overall legitimacy given the company's strong market presence and certifications. Overall, Zuora's website demonstrates a professional, secure, and compliant digital footprint suitable for its enterprise audience.

R

Regionální muzeum v Mikulově, p. o.

pronajmisizamek.cz

41

The website pronajmisizamek.cz is operated by the Regionální muzeum v Mikulově, a regional museum organization in the Czech Republic. It offers rental services for various historic halls and spaces within the Mikulov castle, targeting individuals and organizations seeking venues for social events, corporate celebrations, weddings, and cultural activities. The site is well-structured with detailed descriptions of each rental space and includes reservation forms for direct booking requests. Multilingual support is provided via partner domains in English and German. Technically, the site uses standard web technologies including HTML5, CSS3, JavaScript, and integrates Google Analytics and Tag Manager for visitor tracking. The design is professional and mobile-optimized, providing a good user experience. However, the site lacks explicit privacy and cookie policies, and no cookie consent mechanism is present, which are compliance gaps under GDPR. Security headers are not detected, though HTTPS is used, indicating room for improvement in security posture. WHOIS data is unavailable, likely due to privacy protection, but the website content and external references support legitimacy. Overall, the site is a credible small-scale venue rental platform with moderate technical maturity and some compliance and security improvements recommended.

A

Affidea

affidea.com

74

Affidea is a leading European healthcare provider specializing in advanced diagnostic imaging and outpatient services, operating over 315 centers across 15 countries. The company focuses on delivering personalized, high-quality care through a network of specialized medical experts and state-of-the-art technology. Their services include MRI, CT, X-Ray, Ultrasound, Mammography, Nuclear Medicine, PET/CT, laboratory analysis, and outpatient specialty consultations. The website reflects a large, well-established healthcare network with a strong presence in multiple European markets. Technically, the website employs modern web technologies such as Bootstrap, jQuery, and integrates multiple analytics and tracking tools including Google Analytics, Microsoft Application Insights, LinkedIn Insight Tag, and Facebook Pixel. The site is mobile-optimized with good SEO practices and moderate performance. Security-wise, HTTPS is enforced and some security best practices are observed, though explicit security headers and incident response information are lacking. The WHOIS data is notably absent, with no registrar or creation date information available, which raises some concerns about transparency. However, the professional presentation, extensive contact information, and multi-country presence support the legitimacy of the business. Privacy and cookie policies are not detected in the provided content, indicating an area for compliance improvement. Overall, the website is professional and trustworthy from a business and content perspective but could enhance its privacy compliance and security posture to align with best practices and regulatory requirements.

M

Model Obaly a.s.

packshop.cz

58

Packshop.cz is a well-established Czech e-commerce platform specializing in the sale of cardboard boxes, packaging materials, adhesive tapes, and related products. Operated by Model Obaly a.s., a company with over 30 years of experience and own manufacturing capabilities, the website serves both small and large business customers as well as retail buyers. The platform offers a comprehensive product catalog, loyalty programs, and co-packing services, positioning itself as a trusted supplier in the packaging industry within the Czech Republic. Technically, the website employs modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Privacy and cookie policies are implemented with GDPR compliance and user consent mechanisms. Security posture is solid with HTTPS enforced and secure form handling, though improvements in security headers are recommended. Overall, the website demonstrates a professional, trustworthy, and mature digital presence aligned with its business operations.

N

Naše krásná zahrada

nkz.cz

57

Naše krásná zahrada is a Czech media website dedicated to gardening enthusiasts, providing expert advice, plant atlases, and practical gardening tips. It operates under the parent company BurdaMedia Extra, a recognized media entity. The website targets hobby gardeners and nature lovers, offering rich content and multimedia resources to engage its audience. Technically, the site is built on Drupal 8 (Thunder) CMS and integrates multiple modern analytics and advertising technologies, including Google Tag Manager, Hotjar, and Gemius, ensuring a mature digital infrastructure. Security-wise, the site enforces HTTPS and employs a comprehensive cookie consent mechanism via Didomi, reflecting good privacy compliance practices. However, the absence of publicly available WHOIS data and explicit privacy and security policies limits full trust assessment. Overall, the site presents a professional and trustworthy platform for its niche audience.

D

Datarun

datarun.cz

66

Datarun is a Czech technology company specializing in data processing and automation solutions, targeting business clients. The website is built using modern web technologies including React and Next.js, hosted behind Cloudflare, and incorporates cookie consent mechanisms via Cookiebot. The site demonstrates a moderate level of digital maturity with good design quality and mobile optimization. Security posture is solid with HTTPS enforced and standard security headers present, though the absence of a privacy policy and contact information reduces compliance and trust levels. The domain WHOIS data is unavailable, likely due to privacy protection, which slightly impacts legitimacy assessment. Overall, the website is professional and functional but would benefit from enhanced transparency and compliance documentation.

Č

Český zahrádkářský svaz, z.s.

zahradkar.org

41

The website zahradkar.org represents a well-established Czech gardening hobby magazine published by Český zahrádkářský svaz, z.s. It targets gardening enthusiasts, seniors, and hobbyists with content including gardening tips, plant care, and related events. The business model relies on print and digital magazine sales, subscriptions, and advertising. The domain is mature and consistent with the organization's profile. Technically, the site uses common tracking and advertising technologies such as Google Tag Manager, Facebook Pixel, and Adform, but lacks advanced security headers and DNSSEC. Privacy and cookie policies are absent, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the site is functional with moderate technical sophistication but requires improvements in security and privacy compliance.

W

www.kvety.cz

kvety.cz

58

Květy.cz is a Czech language modern news and infotainment website targeting families, providing articles on current topics, trends, economy, and profiles of notable personalities. The site offers rich multimedia content including images and podcasts, supported by newsletter subscriptions. Technically, the website employs modern web technologies such as HTMX, Tailwind CSS, and integrates multiple third-party marketing and analytics tools including Google Tag Manager, Facebook Pixel, and Gemius. The site is hosted likely on AWS Cloudfront CDN, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and appropriate security headers, although explicit privacy and cookie policies are not clearly found in the provided content. WHOIS data is unavailable, which slightly reduces trust but does not negate the legitimacy indicated by the website's professional presentation and technical setup. Overall, the site is a credible media outlet with moderate to good compliance and security maturity.

M

Mediaboard.com

monitora.cz

61

Mediaboard.com is a well-established media intelligence and PR platform primarily serving the Czech Republic market. Founded in 1998, it offers a comprehensive suite of services including media monitoring, social listening, media analysis, and PR workflow tools such as Mediaboard Connect and Medialist. The platform targets PR professionals, marketing teams, and corporate communication departments, positioning itself as the leading PR tool in the Czech Republic with over 2,000 companies as clients. The website content is professionally designed, highly relevant, and well-structured, reflecting a mature digital presence. Technically, the website is built on WordPress with Elementor and leverages modern analytics and marketing technologies including Google Tag Manager, Microsoft Clarity, Dreamdata, and Cookiebot for consent management. Hosting and DNS are managed via Cloudflare, enhancing security and performance. The site is mobile-optimized and SEO-friendly, with comprehensive metadata and structured data supporting search engine visibility. From a security perspective, the site enforces HTTPS and employs domain locking mechanisms to prevent unauthorized changes. However, DNSSEC is not enabled, and there is no publicly available privacy policy or terms of service in the analyzed content, which are areas for improvement. No critical vulnerabilities or security issues were detected. The WHOIS data confirms the domain's legitimacy and long-term registration, consistent with the business claims. Overall, Mediaboard.com demonstrates a strong security posture, excellent content quality, and a credible business presence. Strategic recommendations include publishing explicit privacy and security policies, enabling DNSSEC, and providing clear contact information for incident response to further enhance trust and compliance.

Země Světa is a well-established Czech travel magazine with a strong online presence, including an e-commerce shop and subscription services. The website targets a broad audience interested in travel and culture, offering monothematic monthly issues and related products. The business is positioned as a niche media provider with a history dating back to 2002, supported by consistent branding and active social media channels. Technically, the site is built on WordPress with WooCommerce, leveraging modern themes and SEO tools, and is hosted with Cloudflare DNS services. The site demonstrates good mobile optimization and accessibility, with moderate performance. Security posture is solid with HTTPS and no visible vulnerabilities, though it lacks explicit security headers and incident response information. Privacy compliance is limited due to missing visible privacy and cookie policies. Overall, the site is professional and trustworthy but could improve transparency and compliance aspects.

B

Bluetech s.r.o.

bluetech.cz

62

Bluetech s.r.o. is a well-established Czech manufacturer specializing in the design and production of conveyor systems, including belt and chain conveyors, for a variety of industrial and agricultural applications. The company offers custom solutions tailored to client needs, supported by consulting, manufacturing, installation, and after-sales service. Their market position is that of a traditional, trusted supplier within the Czech Republic, supported by recognized ISO certifications that underscore their commitment to quality and environmental management. Technically, the website employs a modern set of analytics and tracking tools such as Google Analytics, Microsoft Clarity, and Ahrefs Analytics, integrated via Google Tag Manager. The site is served over HTTPS with a cookie consent mechanism in place, indicating a baseline level of privacy compliance. The technical implementation is solid with good mobile optimization and SEO practices, although some security headers appear to be missing, which could be improved. From a security perspective, the site demonstrates good practices like HTTPS enforcement and cookie consent but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. The absence of WHOIS data due to privacy protection is typical for this business type and does not raise immediate concerns. Overall, the security posture is moderate with room for enhancement in headers and transparency. The overall risk assessment is low; the company presents a professional and trustworthy online presence with clear business information and certifications. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and establishing a vulnerability disclosure process to further strengthen trust and compliance.

E

Emco spol s.r.o.

myslinazdravi.cz

46

Emco spol s.r.o. operates a website focused on promoting its food products that are free from palm oil, including musli, mysli, oat porridges, cookies, bars, and other cereal products. The company emphasizes health benefits and sustainability by replacing palm oil with domestic rapeseed oil since 2014. The website targets health-conscious consumers in the Czech Republic and positions Emco as a reputable brand in the retail food sector. The domain is well-established since 2008, consistent with the company's history. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with Google Tag Manager for analytics. The site is moderately optimized for mobile devices and SEO but lacks advanced accessibility features. Hosting appears to be with REG-ZONER, a Czech registrar and hosting provider. Performance is moderate with no critical technical issues detected. From a security perspective, the site uses HTTPS (assumed from URL), but no explicit security headers were detected in the provided data. There are no visible vulnerabilities or exposed sensitive data. However, the absence of privacy and cookie policies, as well as contact information, reduces the site's compliance with GDPR and general transparency. No incident response or vulnerability disclosure information is provided. Overall, the website is professional and trustworthy in terms of content and business legitimacy but lacks important privacy and security disclosures. Strategic improvements in privacy compliance, security headers, and contact transparency would enhance trust and compliance posture.

T

Trigama International s.r.o.

trigama.eu

61

Trigama International s.r.o. is a Czech Republic based medium-sized IT services company specializing in custom mobile and web application development, corporate online education, IT outsourcing, and digital transformation solutions. The company targets corporate clients and educational institutions, offering a comprehensive portfolio of services including custom development, LMS, e-learning, and consulting. The website reflects a professional and consistent brand image with strong client references and partner relationships. Technically, the site employs modern tracking and marketing technologies such as Google Analytics, Google Tag Manager, and Leady, with appropriate privacy and cookie consent mechanisms in place. Security posture is solid with HTTPS enforced and reCAPTCHA protecting contact forms, though there is room for improvement in publishing explicit security policies and incident response contacts. Overall, the website is well-structured, user-friendly, and trustworthy, supporting the company's market position as a reputable IT service provider.

D

DPD

dpd.cz

70

DPD is a leading European parcel delivery company operating in the Czech Republic as part of the Geopost group. The website offers comprehensive parcel shipping, tracking, and pickup services targeting both individual and business customers. It maintains a strong market position with a wide network of pickup points and boxes across Europe. The digital infrastructure is built on WordPress with modern technologies such as jQuery, Bootstrap, and FontAwesome, providing a responsive and user-friendly experience. Security practices include HTTPS enforcement, cookie consent mechanisms, and user warnings about phishing scams, reflecting a mature security posture. However, the absence of WHOIS data transparency and lack of explicit security policies or vulnerability disclosure programs represent areas for improvement. Overall, the website is professional, trustworthy, and well-optimized for its business purpose.

J

Jeffrey Modell Foundation

info4pi.org

72

The Jeffrey Modell Foundation is a well-established global nonprofit organization dedicated to advancing advocacy, research, education, and awareness for Primary Immunodeficiency (PI). The website info4pi.org serves as a professional platform to communicate their mission, provide resources, and engage with patients, healthcare professionals, and advocates worldwide. The organization has a strong market position as a leader in the PI healthcare nonprofit sector, supported by a domain registered since 2002 and consistent branding across multiple social media channels. Technically, the website employs modern web technologies including Google Analytics and Tag Manager for user tracking, Cloudflare DNS services, and custom fonts for a polished user experience. The site is mobile-optimized and accessible, with good SEO practices evident in metadata and structured data. Hosting and domain registration are managed by reputable providers, contributing to reliable performance. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy or cookie policies were explicitly found, indicating room for improvement in privacy compliance. No vulnerability disclosure or incident response information is provided, which could be added to strengthen trust and security posture. Overall, the website is professional, trustworthy, and well-aligned with the nonprofit's mission. Strategic recommendations include implementing explicit privacy and cookie policies, enabling DNSSEC, adding security headers, and publishing vulnerability disclosure information to enhance security and compliance.

K

Kastner & Pieš, advokátní kancelář s.r.o.

kastnerpies.cz

67

Kastner & Pieš, advokátní kancelář s.r.o. is a Czech law firm specializing in legal advisory services primarily for the life sciences, healthcare, technology, and real estate sectors. The firm offers a broad range of services including compliance, corporate law, GDPR and data protection, IT and technology law, labor law, and legislative consulting. Their target audience includes pharmaceutical companies, healthcare providers, technology startups, marketing firms, and private clients. The firm positions itself as a trusted partner for both local and international clients, emphasizing expertise in complex regulatory environments and cross-border projects. Technically, the website is built on WordPress and leverages modern web technologies such as jQuery, Google Tag Manager, Google Analytics, and Google reCAPTCHA to ensure functionality, analytics, and security. The site is well-optimized for mobile devices, features a professional design, and includes comprehensive cookie and privacy policies that comply with GDPR requirements. Contact mechanisms include email, phone, and a secure contact form with CAPTCHA protection. From a security perspective, the site uses HTTPS with a strong SSL configuration and employs reCAPTCHA to protect forms from abuse. Cookie consent is managed with a detailed banner allowing granular user control. However, the site lacks some advanced security headers which could further enhance protection. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the professional presentation and content quality support a positive trust assessment. Overall, Kastner & Pieš demonstrates a mature digital presence with strong content quality, good technical implementation, and solid privacy compliance. Strategic improvements in security headers and domain registration transparency would further enhance trust and security posture.

I

IPOPI

ipopi.org

42

IPOPI is a well-established non-profit international organization dedicated to representing and supporting primary immunodeficiency (PID) patients worldwide. The website clearly targets patients, healthcare professionals, and stakeholders in the immunology field, providing advocacy, education, and research support. The organization has a consistent brand presence and a professional website that reflects its mission and services. Technically, the website is built on WordPress using the Enfold theme, hosted by Scaleway SAS, and incorporates modern tools such as Cookiebot for consent management and Matomo alongside Google Analytics for visitor tracking. The site is mobile-optimized and SEO-friendly with structured data enhancing search visibility. Security-wise, the site enforces HTTPS and uses clientTransferProhibited status on the domain, but lacks DNSSEC and security headers, which are recommended for enhanced protection. No privacy policy or terms of service were detected in the provided content, which is a compliance gap. Overall, the website is trustworthy, professional, and compliant with cookie consent regulations but could improve transparency and security posture by publishing privacy and security policies and implementing additional security headers.

E

EURORDIS-Rare Diseases Europe

eurordis.org

71

EURORDIS-Rare Diseases Europe is a well-established non-profit organization dedicated to advocating for and empowering people living with rare diseases across Europe. The website reflects a professional and comprehensive digital presence, targeting patients, healthcare stakeholders, and advocacy groups. The organization provides resources, engagement opportunities, and information to support its mission. Technically, the website is built on WordPress with modern plugins and analytics tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security headers could be improved. The absence of WHOIS data limits full domain legitimacy verification, but the overall site quality and trust indicators suggest a credible entity. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining up-to-date software.

L

Lymphoma Action

lymphoma-action.org.uk

57

Lymphoma Action is a UK-based non-profit charity dedicated exclusively to lymphoma, the fifth most common cancer. The organization provides expert information, support services, and resources to patients, carers, and healthcare professionals. With over 30 years of experience, it holds a unique market position as the sole lymphoma-focused charity in the UK, supported by a strong digital presence and multiple trust indicators including charity registrations and security certifications. The website offers comprehensive content, including helpline services, online support meetings, clinical trial databases, and fundraising opportunities, targeting a broad audience affected by lymphoma.

P

Plasma Protein Therapeutics Association (PPTA)

plasmaweek.org

60

The International Plasma Awareness Week (IPAW) website serves as a global advocacy and awareness platform managed by the Plasma Protein Therapeutics Association (PPTA). It focuses on educating the public, honoring plasma donors, and promoting understanding of plasma-derived therapies for rare diseases. The site targets a broad audience including patients, donors, policymakers, and the general public, positioning itself as a key resource in the healthcare advocacy sector. The business model revolves around awareness campaigns, educational resources, and community engagement rather than direct commercial activities. Technically, the website is built on the Webflow CMS platform, leveraging modern JavaScript libraries such as jQuery and Swiper.js for interactive content. It integrates Google Tag Manager and Hotjar for analytics and user behavior tracking, with a cookie consent mechanism that respects user privacy preferences. The site is well-optimized for mobile devices, offers good accessibility features, and demonstrates strong SEO practices through proper metadata and structured content. From a security perspective, the site enforces HTTPS and employs privacy-conscious tracking configurations. However, explicit security headers like Content Security Policy and HSTS are not evident, and there is no visible security policy or vulnerability disclosure page. The WHOIS data is privacy protected, which is typical for advocacy organizations, and no suspicious patterns were detected. Overall, the security posture is solid but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the site presenting a professional, trustworthy, and well-maintained presence. Strategic recommendations include implementing stronger security headers, publishing a security policy, and providing a vulnerability disclosure mechanism to further enhance trust and compliance.

R

Royal College of Midwives

rcm.org.uk

63

The Royal College of Midwives (RCM) is a well-established professional organization and trade union dedicated to supporting midwifery professionals across the UK. Founded in 1997, the RCM provides membership services, professional development, policy advocacy, and workplace support. The website reflects a mature digital presence with a clear focus on healthcare and midwifery sectors, targeting professionals, students, and stakeholders in maternity services. The organization maintains a consistent brand and professional content quality, positioning itself as a trusted authority in its field. Technically, the website is built on WordPress using Elementor and Yoast SEO, indicating a modern and maintainable infrastructure. The site employs Google Tag Manager for analytics and marketing, integrated with a cookie consent mechanism to comply with privacy regulations. Performance and mobile optimization are good, though accessibility could be improved. Hosting is provided by a reputable UK registrar, and the domain age supports the organization's credibility. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent management. However, explicit security headers are not detected, and there is no visible security or incident response policy published. No vulnerabilities or suspicious content were found in the analysis. Privacy compliance is partial, with cookie consent but lacking a visible privacy policy or terms of service in the provided content. Overall, the RCM website presents a professional, secure, and credible digital presence suitable for its audience. Strategic improvements in security headers, privacy documentation, and accessibility would enhance trust and compliance further.

K

Koninklijke Nederlandse Organisatie van Verloskundigen

knov.nl

64

The Koninklijke Nederlandse Organisatie van Verloskundigen (KNOV) operates as the professional association for midwives in the Netherlands, providing comprehensive support including professional development, advocacy, education, and quality assurance in maternity care. The website reflects a well-established organization with a clear focus on serving its members and the broader healthcare community. The content is relevant, professionally presented, and targeted primarily at midwives and healthcare professionals. The organization maintains a strong market position as the leading body for midwives in the country. Technically, the website employs a moderate technology stack including jQuery, Bootstrap, Google Tag Manager, and a chat widget for user engagement. The site is mobile-optimized with good navigation and SEO practices, although some technical debt is noted with the use of an outdated jQuery version. Performance is moderate, and accessibility features are basic but present. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent mechanisms, reflecting compliance with GDPR. However, the absence of explicit security policies, incident response contacts, and security.txt files indicates room for improvement in transparency and readiness. The use of an older JavaScript library introduces a minor vulnerability risk. No critical security issues were detected. Overall, the website is trustworthy, professional, and compliant with privacy regulations. Strategic recommendations include updating third-party libraries, publishing detailed security and incident response policies, and enhancing security headers to strengthen the security posture and user trust.

M

Malta Midwives Association

maltamidwivesassociation.com

61

Malta Midwives Association is a professional healthcare organization dedicated to advancing midwifery practice and providing exceptional care to women and families in Malta and Gozo. The website serves as an informational and service booking platform targeting midwives and clients. Technically, the site is built on GoDaddy Website Builder, employs modern web fonts, and integrates Google Analytics and Adsense for tracking and advertising. The security posture is moderate with HTTPS enabled but lacks security headers and explicit privacy policies. No contact emails or phone numbers are directly visible, which limits direct communication channels. Overall, the domain registration is consistent with the business claims, indicating legitimacy. Strategic improvements in privacy compliance and security headers would enhance trust and compliance.

M

Malta Union of Midwives and Nurses (MUMN)

mumn.org

62

The Malta Union of Midwives and Nurses (MUMN) operates as a professional union representing healthcare workers in Malta, including nurses, midwives, physiotherapists, ECG technicians, and social workers. The organization focuses on safeguarding workplace rights, improving working conditions, and promoting continuous professional development for its members. The website reflects a well-structured union with active news updates, member testimonials, and initiatives such as benevolent funds and educational seminars. Technically, the site is built on modern web technologies including React and integrates Google Analytics and Tag Manager for tracking. Media assets are hosted on Microsoft Azure Blob Storage, indicating a cloud-based hosting approach. Security posture is generally good with HTTPS enforced, though some security headers are missing and no explicit incident response or vulnerability disclosure information is provided. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the website is professional, trustworthy, and serves its target audience effectively.

L

Latvijas Vecmāšu Asociācija

vecmasuasociacija.lv

45

Latvijas Vecmāšu Asociācija is a Latvian non-profit professional association representing midwives. The organization focuses on promoting professional growth, defending legal and professional interests, and enhancing the prestige of the midwifery profession in Latvia. The website serves as an information portal for members and the public, providing updates, certification information, and resources. Technically, the site is built on WordPress with modern frameworks like Bootstrap and uses SEO best practices via Yoast plugin. It employs Google Analytics and Tag Manager for visitor tracking and has implemented a cookie consent mechanism compliant with GDPR. Security posture is good with HTTPS enforced and no visible vulnerabilities, though security headers could be improved. The site lacks explicit incident response or security policy pages. Overall, the website is professional, trustworthy, and well-maintained, serving a niche professional community effectively.

J

Jordemoderforeningen

jordemoderforeningen.dk

66

Jordemoderforeningen is a well-established Danish professional association dedicated to midwives and midwifery students. Founded in 1998, it provides membership services, professional networking, employment and salary information, and publishes relevant articles and journals. The website reflects a mature digital presence with a clear focus on its target audience in Denmark's healthcare sector. Technically, the site is built on WordPress with modern SEO and accessibility practices, including structured data and responsive design. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks some advanced security headers and DNSSEC, which are recommended for enhanced protection. Overall, the domain registration data aligns well with the website's claims, supporting its legitimacy and trustworthiness.

H

Hrvatska Komora Primalja

komora-primalja.hr

57

Hrvatska Komora Primalja is the official Croatian Chamber of Midwives, providing professional membership services, education, and regulatory information to midwives in Croatia. Established in 2009, it serves as a national professional body with a clear focus on healthcare professionals specializing in midwifery. The website offers resources such as membership guidance, educational portals, job postings, and important announcements, targeting midwives and healthcare stakeholders in Croatia. The organization maintains a consistent brand presence with active social media channels and structured data enhancing its digital footprint. Technically, the website is built on WordPress using WPBakery Page Builder, with integrations including Google Tag Manager and Mailchimp for marketing and analytics. Hosting and DNS services are provided by CARNET and Cloudflare respectively, ensuring reliable performance and security. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate with no critical technical issues detected. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting compliance with GDPR requirements. However, explicit security headers are not clearly present, and no formal security or incident response policies are published. No vulnerabilities or exposed sensitive data were detected in the analyzed content. The WHOIS data aligns well with the website's Croatian healthcare identity, supporting legitimacy and trustworthiness. Overall, Hrvatska Komora Primalja presents a professional, secure, and compliant online presence suitable for its role as a healthcare professional chamber. Strategic improvements in security headers, accessibility, and published security policies would further enhance its posture and trust.

D

DMA Praha

dmapraha.cz

71

DMA Praha is a Czech Republic-based company specializing in the distribution, sale, and rental of medical and compensatory aids primarily targeting seniors and physically disabled individuals. The company offers a wide range of products including new, refurbished, and rental aids, supported by a network of physical stores and an e-commerce platform. Their market position is strengthened by 25 years of experience and a broad product catalog tailored to healthcare needs. Technically, the website employs modern web technologies including Google Maps API, Sentry for error tracking, and Google Tag Manager for analytics, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and error tracking in place, though some security headers and policies are missing. Privacy compliance is partially addressed with cookie consent mechanisms but lacks a visible privacy policy or detailed GDPR compliance statements. Overall, the website is professional, user-friendly, and trustworthy, with no signs of malicious content or adult material. The absence of WHOIS data due to privacy protection slightly reduces transparency but is justified given the business nature. Strategic recommendations include enhancing security headers, publishing security and privacy policies, and adding vulnerability disclosure information to improve trust and compliance.

A

AKTIV Zdravotnické potřeby s.r.o.

aktiv.cz

56

AKTIV Zdravotnické potřeby s.r.o. operates a Czech e-commerce website specializing in the sale and rental of healthcare and medical aid products, including wheelchairs, glucose meters, walking aids, and rehabilitation equipment. The company targets seniors, patients, and healthcare providers, positioning itself as a comprehensive supplier of both new and refurbished medical supplies. The website is professionally designed with good navigation and mobile optimization, supporting a positive user experience. Technically, the site leverages the Shoptet e-commerce platform, integrates common analytics and marketing tools such as Google Analytics and Facebook SDK, and employs standard security practices including HTTPS and CSRF protection on forms. However, the WHOIS data for the domain is unavailable, which raises some concerns about domain transparency and registration legitimacy. Privacy and cookie policies are present and appear GDPR compliant, but no explicit security policy or incident response information is provided. Overall, the website is safe, trustworthy, and well-positioned in its market segment, though improvements in transparency and security documentation would enhance its credibility.

N

Nadační fond rodiny Malých

nfrmalych.cz

47

Nadační fond rodiny Malých is a Czech non-profit foundation established in 2021, continuing over 20 years of philanthropic history by its founders. The foundation supports public benefit organizations focused on nature protection, cultural heritage, disadvantaged groups, and cultural and artistic projects. The website is professionally designed, mobile-optimized, and uses modern JavaScript libraries such as Swiper.js and Google Tag Manager for analytics. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and explicit privacy or terms of service documentation. No direct contact information or incident response contacts are visible, which could be improved for transparency and compliance. The domain registration data is consistent with the foundation's claims and location, indicating legitimacy.

E

European Multiple Sclerosis Platform

emsp.org

60

The European Multiple Sclerosis Platform (EMSP) is a well-established non-profit organization dedicated to supporting people living with multiple sclerosis across Europe. Founded in 2004, EMSP acts as a pan-European umbrella organization representing over 1.2 million people with MS. The website reflects a mature digital presence with comprehensive content about MS, advocacy projects, events, and resources. It targets patients, healthcare professionals, policymakers, and MS societies, positioning itself as a leading voice in MS advocacy and support. Technically, the website is built on WordPress with the BuddyBoss platform, leveraging modern JavaScript libraries such as Swiper.js and Leaflet.js for interactive features. It uses Google Analytics and Google Tag Manager for analytics and tracking, and employs hCaptcha for form spam protection. The site is hosted under eNom, LLC registrar with ehostpros.com name servers, and uses HTTPS with a good SSL configuration. Mobile optimization and SEO are well implemented, though accessibility could be improved. From a security perspective, the site follows good practices including HTTPS enforcement and spam protection on forms. However, DNSSEC is not enabled and some security headers are not explicitly detected, suggesting room for improvement. No vulnerabilities or exposed sensitive data were found. Privacy compliance is strong with clear privacy and cookie policies, including GDPR consent mechanisms. Overall, EMSP's website demonstrates a high level of professionalism, trustworthiness, and digital maturity. It effectively supports its mission to improve the lives of people with MS through advocacy, education, and community engagement. Strategic recommendations include enabling DNSSEC, enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture and trust.

M

Multiple Sclerosis International Federation

msif.org

57

The Multiple Sclerosis International Federation (MSIF) operates as a global non-profit network dedicated to supporting people affected by Multiple Sclerosis (MS) worldwide. With 44 member organizations and a broad international reach, MSIF provides authoritative information, advocates for improved healthcare access, supports research initiatives, and fosters community engagement. Their market position is unique as the only global federation of MS organizations, emphasizing collaboration and leadership in the MS healthcare sector. Technically, the MSIF website is built on WordPress and leverages modern web technologies including jQuery, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. The site demonstrates good performance, mobile optimization, and accessibility, supported by SEO best practices and structured data for enhanced search visibility. From a security perspective, the website enforces HTTPS, employs Cloudflare for CDN and security, and uses a consent management platform to comply with privacy regulations. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks a dedicated security policy or incident response information, which could be improved to enhance transparency and preparedness. Overall, the MSIF website presents a professional, trustworthy, and well-maintained digital presence aligned with its mission. The domain's WHOIS data is privacy protected, common for non-profits, but the site provides sufficient trust signals including charity registration and comprehensive contact information. Strategic recommendations include publishing security and incident response policies, adding vulnerability disclosure mechanisms, and enhancing data protection officer visibility to further strengthen security posture and compliance.

C

Convatec

convatec.cz

72

Convatec is a global healthcare company specializing in advanced medical products and technologies focused on chronic disease management, including wound care, ostomy care, continence care, and infusion care. The company holds a leading market position with a professional and comprehensive online presence targeting healthcare professionals and patients. The website demonstrates a mature digital infrastructure with modern analytics and marketing tools, strong privacy compliance, and good security practices. However, the absence of WHOIS registration data limits full trust verification of the domain ownership. Security posture is strong with HTTPS and security headers, but explicit security policies and incident response information are not publicly available. Overall, the website is professional, trustworthy, and compliant with privacy regulations, suitable for its healthcare audience.

Č

Černá louka s.r.o.

ostravacard.eu

54

Ostravacard.eu is a website promoting the OSTRAVACARD!!! visitor discount card for tourists staying in Ostrava, Czech Republic. The card is distributed free of charge by selected accommodation providers for stays of at least two nights and offers various discounts and benefits at partner locations. The website is professionally designed with a focus on tourism and hospitality, featuring partner logos from recognized Czech tourism organizations. Technically, the site uses modern frontend technologies including Bootstrap, jQuery, Flickity carousel, Leaflet maps, and Google Analytics for visitor tracking. The site is served over HTTPS and implements a cookie consent mechanism with opt-in for analytics cookies, indicating a basic level of privacy compliance. However, no explicit privacy policy or terms of service pages were found, and no direct contact information is provided on the homepage, which limits transparency. WHOIS data is privacy protected by EURid, which is typical for EU domains and does not raise immediate concerns. Overall, the website presents a legitimate, small-scale tourism promotion business with moderate technical maturity and a generally good security posture.

Wounds International is a well-established healthcare publishing platform specializing in wound care education and resources. Founded in 2007, it offers a variety of journals, case studies, consensus documents, events, podcasts, and a TV channel targeting healthcare professionals globally. The website is built on a modern WordPress infrastructure using Elementor and WooCommerce, supported by Cloudflare DNS and registrar services. The technical setup is robust with good mobile optimization and SEO practices. Security posture is strong with HTTPS, security headers, and no detected vulnerabilities, though DNSSEC is not enabled. Privacy and cookie policies are present and GDPR compliant, supporting user trust and regulatory adherence. Overall, the site demonstrates a high level of professionalism and business credibility in the healthcare publishing sector.

D

Danone a.s.

nutriklub.cz

68

Nutriklub.cz is a professionally maintained website operated by Danone a.s., a leading company in the healthcare and nutrition sector. The site serves as an expert guide for pregnancy, motherhood, and infant nutrition, combining e-commerce with expert advisory services. It targets parents and caregivers in the Czech Republic, offering a comprehensive product range and informational content. The website is well-branded and consistent with Danone's corporate identity. Technically, the site leverages Adobe Experience Manager as its CMS, integrates Salesforce Live Agent for customer support, and uses modern tracking and marketing tools such as Google Tag Manager and Channelsight. The site is mobile-optimized and performs moderately well, with good SEO and accessibility features. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, but lacks visible security headers and published security policies. No vulnerabilities or suspicious content were detected. Privacy compliance is well addressed with accessible privacy and cookie policies, and GDPR compliance is evident. Overall, Nutriklub.cz presents a low-risk profile with strong business credibility and a solid technical foundation. Recommendations include enhancing security headers, publishing incident response information, and continuous monitoring of third-party scripts.

V

VITAPUR spol. s r.o.

woolife.cz

51

Woolife.cz is a Czech e-commerce retailer specializing in stylish, sustainable wool clothing made primarily from merino wool. The company, operated by VITAPUR spol. s r.o., emphasizes natural materials, craftsmanship, and a long tradition dating back to 1990. The website presents a professional and consistent brand image targeting consumers interested in high-quality wool garments for all seasons. Technically, the site uses modern tools such as Google Analytics 4, Microsoft Clarity, and Cookiebot for analytics and privacy compliance, hosted on the Upgates e-commerce platform. Security posture is generally good with HTTPS enforced and cookie consent implemented, though security headers are missing and no explicit privacy policy page was found in the provided content. WHOIS data is not publicly available, likely due to privacy protection, which slightly reduces trust but is common for small retailers. Overall, the site is well-designed, user-friendly, and trustworthy for its target market.

S

Schindlerova pletárna s. r. o.

elite-cz.cz

46

Schindlerova pletárna s. r. o. operates the ELITE e-commerce website specializing in hosiery products with a rich tradition dating back to 1854 in the Czech Republic. The company targets consumers seeking quality hosiery and related products, offering both retail and wholesale options. The website is professionally designed with clear navigation and a consistent brand presence, supported by active social media channels and comprehensive customer contact information. Technically, the website leverages a mature technology stack including jQuery, Bootstrap 3.3.7, Font Awesome, and integrates Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. However, some technical improvements are recommended, such as implementing security headers and enhancing accessibility features. From a security perspective, the site enforces HTTPS and uses consent-based tracking but lacks explicit security policies and incident response information. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS registration data is a concern for domain legitimacy, though the website content and business information appear trustworthy and professional. Overall, the website presents a solid business and technical foundation with good privacy compliance and user experience. Strategic improvements in security posture and domain registration transparency would enhance trust and reduce risk.

C

Citadele

citadeleleasing.lt

57

Citadele is a financial institution operating in Lithuania, offering automobile leasing services alongside a broad portfolio of banking and financial products. The website provides detailed information about leasing options, including a leasing calculator and access to a dedicated leasing portal. The site targets private clients interested in vehicle financing, emphasizing ease of use and quick financing decisions. The presence of multiple related domains and portals indicates a mature digital ecosystem supporting their services. Technically, the website employs modern JavaScript libraries and Google Tag Manager for analytics, with a responsive design suitable for mobile users. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits domain trust verification, but the overall site professionalism and external links support legitimacy. Privacy compliance is well addressed with GDPR-aligned cookie and privacy policies. Overall, the site is a reliable digital front for Citadele's leasing services, with room for minor security enhancements.

C

Citadele

xrewards.lt

64

The website www.xrewards.lt represents the C REWARDS loyalty and discount program operated by Citadele bank for its C card users in the Baltic region. It offers customers the ability to earn points and redeem prizes, as well as access partner discounts. The site is well-branded with Citadele logos and integrates with the bank's services, targeting existing and potential bank customers. Technically, the site is built on Magento with modern JavaScript frameworks and includes Google Tag Manager for analytics. It is mobile-optimized and provides a good user experience with clear navigation and content. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers appear missing. The absence of WHOIS data limits domain trust analysis, but the site content and external links strongly indicate legitimacy. Overall, the site is professional, secure, and compliant with privacy regulations.

E

EUC Nadace

eucnadace.cz

59

EUC Nadace is a Czech non-profit foundation established in 2017, focusing on healthcare and social support services. The website is primarily in Czech and targets local audiences interested in foundation activities. The business model is typical for a small non-profit entity with a clear focus on foundation-related services. The website demonstrates consistent branding and good content quality, with a professional design and clear navigation.

M

Mediaboard.com

mediaboard.site

68

Mediaboard.com is a well-established media intelligence and PR platform offering a comprehensive suite of services including media monitoring, social media listening, media analytics, and press release publishing. The company targets PR professionals, marketing teams, and corporate communications departments, serving over 2000 clients including major global brands. The website is professionally designed, mobile-optimized, and SEO-friendly, reflecting a mature digital presence. Technically, the site is built on WordPress with Elementor and integrates multiple analytics and marketing tools such as Google Tag Manager, Microsoft Clarity, and Cookiebot for consent management. Security posture is solid with HTTPS and Cloudflare DNS, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is partial, with cookie consent implemented but no visible privacy policy or terms of service on the main site. Contact information is limited to a contact form without direct emails or phone numbers. Overall, the domain registration data supports legitimacy with a long domain age and consistent registration details.

Ž

ŽIVOT 90, z. ú.

prvnitisnova.cz

10

ŽIVOT 90, z. ú. operates the První tísňová service, providing emergency care solutions primarily for seniors and individuals with health disabilities in the Czech Republic. Established in 1990, it is the largest and founding provider of such services nationally, offering device rental, 24/7 dispatch, and personalized social support. The organization holds recognized certifications evidencing service quality. Technically, the website is built on the Solidpixels CMS platform, leveraging modern analytics and tracking tools with proper cookie consent mechanisms. Security posture is strong with HTTPS and no evident vulnerabilities, though security headers could be improved. The absence of WHOIS data limits domain legitimacy verification but the professional presentation and detailed business information support credibility. Overall, the site is well-designed, accessible, and compliant with privacy regulations.

V

Vitalitas

vitalitas.cz

60

Vitalitas is a Czech Republic-based insurance provider specializing in travel, accident, and health insurance products, particularly targeting insured persons under OZP and ZPŠ, children, youth, and foreigners. The company has a strong market presence with over 20 years of operation, offering online insurance services with a focus on convenience and tailored coverage. The website reflects a professional and consistent brand image with clear service offerings and multilingual support. Technically, the site is built on WordPress using the Genesis Framework and several plugins for SEO, GDPR compliance, and user experience enhancements. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though the site lacks explicit security policy and incident response information. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience with moderate tracking for analytics purposes.

R

Regionální muzeum v Mikulově

rmm.cz

40

Regionální muzeum v Mikulově is a regional cultural institution operating multiple heritage sites and museums in the South Moravian region of the Czech Republic. The organization provides exhibitions, educational programs, and cultural events targeting local residents, tourists, and families. The website reflects a well-established public institution affiliated with the regional government, offering comprehensive cultural services and digitalized collections. Technically, the website uses modern web technologies including Bootstrap, jQuery, Google Analytics, and Google Tag Manager, ensuring a responsive and user-friendly experience. However, some areas such as cookie consent and security headers could be improved to enhance compliance and security. The security posture is generally good with HTTPS enabled and no visible vulnerabilities, but lacks explicit security policies and incident response information. Overall, the website is professional, trustworthy, and serves its public cultural mission effectively.

P

PC Financial

pcfinancial.ca

51

PC Financial is a Canadian financial services brand offering banking and credit card products integrated with the PC Optimum loyalty rewards program. The website presents a professional and modern digital presence, leveraging advanced web technologies such as Next.js and React, and integrates multiple marketing and analytics tools to optimize user engagement and business insights. Security posture is strong with HTTPS, security headers, and no visible vulnerabilities, although explicit security policies and incident response contacts are not publicly detailed. Privacy compliance is well addressed with comprehensive privacy and cookie policies and consent mechanisms. Overall, the website reflects a mature, trustworthy financial brand with a strong focus on customer rewards and digital banking convenience.

L

Loblaws Inc.

pcoptimum.ca

69

PC Optimum is a prominent Canadian loyalty rewards program operated by Loblaws Inc., offering customers the ability to earn and redeem points across a wide network of grocery stores, pharmacies, and fuel stations. The program integrates with PC Financial Mastercard to provide enhanced rewards, targeting Canadian consumers who frequently shop at affiliated retail locations. The website demonstrates a mature digital presence with a modern React-based tech stack, integration of third-party services for analytics, marketing, and user engagement, and strong mobile optimization. Security posture is robust with HTTPS enforcement, security headers, and cookie consent mechanisms, although incident response contact details are not publicly visible. Overall, the domain and website content align with a legitimate enterprise-grade retail loyalty program.