Security Directory

S

STAEG Solutions

staegsolutions.cz

50

STAEG Solutions is a Czech Republic-based company specializing in construction, property management, and related services. The company operates as part of the larger STAEG group, with sister companies in related sectors. Their website presents a professional image with clear service offerings and client references, targeting clients in the real estate and construction sectors. Technically, the website uses a modern JavaScript stack including jQuery, Bootstrap, GSAP, and Google Maps API, indicating a mature digital infrastructure. The site is mobile optimized and includes accessibility features, though some improvements are possible. Security-wise, the site enforces HTTPS, uses cookie consent mechanisms compliant with GDPR, and obfuscates emails to reduce spam. However, it lacks explicit security headers and a published security policy or vulnerability disclosure. The absence of WHOIS data reduces trust in domain legitimacy, though the website content and business references appear credible. Overall, the site scores well on content quality, technical implementation, security posture, and privacy compliance, with room for improvement in business credibility and transparency.

S

STAEG Facility

staegfacility.cz

50

STAEG Facility is a well-established facility management company based in the Czech Republic, offering comprehensive building management, cleaning, and security services. The company positions itself as a leader in the facility management sector with a focus on quality and professional service. The website reflects a mature digital presence with modern technologies and a clear business focus. The technical infrastructure includes a variety of JavaScript libraries and frameworks, ensuring interactive and responsive user experience. Security posture is strong with HTTPS enforcement, cookie consent mechanisms, and email obfuscation, although some security headers could be improved. The absence of WHOIS data reduces transparency but does not detract from the overall legitimacy indicated by certifications and business information. Overall, the website is professional, secure, and compliant with GDPR, serving its target audience effectively.

S

Staeg, spol. s.r.o.

staegstavby.cz

49

Staeg Stavby is a well-established Czech construction and facility management company with over 26 years of experience. The company operates primarily within the Czech Republic, offering services across ground construction, facility management, and real estate development. The website reflects a strong market position supported by multiple ISO certifications and a clear commitment to security and compliance. The company maintains a professional digital presence with consistent branding and comprehensive service information. Technically, the website uses a modern technology stack including jQuery, Bootstrap, GSAP, and Google Maps API, indicating a mature digital infrastructure. Security measures such as HTTPS, cookie consent management, and email obfuscation are implemented, though some security headers are missing. The absence of WHOIS data for the domain is a notable concern, impacting trust and legitimacy scores. Overall, the website is professional, secure, and compliant, serving its target audience effectively.

H

Hľadám majstra

hladammajstra.sk

44

Hľadám majstra is a Slovak online marketplace platform that connects customers with skilled craftsmen and companies offering construction, repair, and related services. The platform features a broad range of service categories, customer reviews, and facilitates service requests, positioning itself as a trusted intermediary in the local market. The website is well-structured, mobile-optimized, and provides clear navigation and relevant content for its target audience of individuals and businesses seeking reliable service providers. Technically, the website is built on the Nette Framework with integrations of Google Analytics, Google reCAPTCHA, and Google Maps API, indicating a moderate level of digital maturity. The site uses HTTPS with good SSL configuration, though it lacks some security headers and a cookie consent mechanism, which are areas for improvement. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to protect forms, but it lacks explicit security policies and incident response information. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial, with a privacy policy present but no cookie consent banner. Business credibility is strong, supported by consistent domain registration data, contact information, and customer trust signals. Overall, the website presents a moderate risk profile with good business credibility and technical implementation but would benefit from enhanced security headers, privacy compliance improvements, and formalized security policies to strengthen its security posture and user trust.

D

Digital Deers s.r.o.

digitaldeers.com

47

Digital Deers s.r.o. is a Czech-based digital agency specializing in UX strategy, digital product design, and online business development. The company positions itself as a partner for businesses seeking to increase conversions and customer acquisition through modern digital solutions. With over 14 years of experience and a portfolio of 500+ projects, it holds notable awards such as Effie Czech Republic and WebTop100, indicating a strong market presence in the Czech Republic. The website content is professional, well-structured, and targets business clients in the technology sector. Technically, the website employs modern web technologies including Google Fonts, Google Analytics, Google Tag Manager, and Google Maps API. The site is mobile optimized with good SEO practices and a cookie consent mechanism that supports GDPR compliance. However, no explicit privacy policy or terms of service pages were found, which is a compliance gap. The site lacks visible security headers and a published security or incident response policy. From a security perspective, the site uses HTTPS and has implemented cookie consent controls, but the absence of security headers and WHOIS data raises concerns. The missing WHOIS information suggests either a recent domain registration or privacy protection, which complicates trust verification. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the security posture is moderate but could be improved with better transparency and technical controls. The overall risk assessment is moderate with recommendations to publish privacy and terms policies, implement security headers, and clarify domain registration details. The website is trustworthy and professional but would benefit from enhanced compliance and security transparency to strengthen business credibility and user trust.

C

CPI Europe

vivo-shopping.com

59

VIVO! is a retail shopping center brand operated under the CPI Europe real estate group, targeting urban families and consumers across Central Europe. The website presents a professional and modern digital presence, leveraging Nuxt.js and Vue.js frameworks with integration of Google Maps and Google Tag Manager for enhanced user experience and analytics. Security posture is adequate with HTTPS and domain transfer protections, though improvements such as DNSSEC and security headers are recommended. Privacy and cookie policies are present and linked to trusted domains, supporting GDPR compliance. Overall, the site reflects a credible and established business with a clear market position in retail real estate.

ADI interiér s.r.o. is a Czech-based medium-sized manufacturer specializing in custom interior solutions such as sanitary partitions, lockers, wall claddings, and atypical information systems primarily for public buildings and hospitality sectors. With over 20 years of market presence and more than 1,000 satisfied customers, the company maintains a strong local footprint supported by its own manufacturing facilities in Brno and a skilled workforce. The website reflects a professional business with clear service offerings and customer testimonials, indicating a stable market position within its niche. Technically, the site employs modern frontend technologies including Uikit, Google Tag Manager, and Google Maps API, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in HTTP security headers and incident response transparency are recommended. The absence of WHOIS data due to privacy protection slightly reduces transparency but does not detract significantly from the company's credibility given the consistent branding and business information presented. Overall, the website is well-structured, compliant with GDPR, and trustworthy for its target audience.

F

FRITZMEIER s.r.o.

fritzmeier.cz

35

FRITZMEIER s.r.o. is a well-established manufacturing company based in Vyškov, Czech Republic, specializing in the production of cabins, bodyworks, and safety frames primarily for agricultural, construction, and material handling machinery. With over 30 years of presence in the Czech market and a strong affiliation to the Fritzmeier Group, the company holds a significant position in its sector, supplying multiple European countries. The website reflects a professional business model focused on B2B manufacturing services with clear communication channels and corporate governance documents.

A

Antreg, a.s.

antreg.cz

45

Antreg, a.s. is a Czech manufacturing company specializing in engineering technologies including CNC machining, production of tools, special lighting technology, and slaughtering devices. Established in 1996, the company serves industrial clients and has a solid market position with reputable customers such as Aero Vodochody, Tatra, and Honeywell. The website reflects a professional and consistent brand image with clear presentation of services and certifications such as ISO EN 9001. Technically, the site uses ASP.NET WebForms with jQuery and Google Maps API, indicating a mature but somewhat dated technology stack. Security posture is moderate with HTTPS implied and CSRF tokens present, but lacks explicit security headers and privacy policies. WHOIS data is missing, which raises some concerns about domain registration transparency. Overall, the site is functional, trustworthy, and business-focused but would benefit from improved privacy compliance and security hardening.

S

STAEG Holding a.s.

staeg.cz

38

STAEG Holding a.s. is a Czech Republic based holding company specializing in real estate rental and management, accounting, auditing, and tax advisory services. The company operates multiple subsidiaries focused on construction, facility management, Slovakia operations, and solutions, positioning itself as a diversified regional player. The website reflects a professional and consistent brand image with clear business descriptions and contact information. Technically, the site uses a modern JavaScript stack including jQuery, Bootstrap, GSAP, and Google Maps API, supported by the Nette PHP framework, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforcement, GDPR-compliant cookie consent, email obfuscation, and multiple ISO certifications including ISO 9001, 14001, 45001, and NBÚ clearance. However, some security headers are missing and incident response contact details are not published. Overall, the website is trustworthy, well-maintained, and compliant with privacy regulations.

K

Karma Český Brod a.s.

karma-as.cz

57

Karma Český Brod a.s. is a Czech company specializing in the manufacturing and retail of gas appliances, fireplaces, air conditioning units, and related products. The company maintains a professional online presence with a well-structured website showcasing a broad product range and services including training for service technicians and rental offerings. Their market position appears solid within the regional energy appliance sector, targeting both consumers and businesses. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Bootstrap, and Swiper, with integration of Google Maps and Cookiebot for consent management, indicating a moderate to good level of digital maturity. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, the absence of security headers and published privacy policies suggests room for improvement. The lack of WHOIS data limits domain registration trust assessment, but the website's professional content and clear contact information mitigate concerns. Overall, the site is safe, business-focused, and trustworthy, though enhancing privacy and security disclosures would strengthen compliance and user trust.

T

Thermona, spol. s r.o.

thermona.cz

49

Thermona, spol. s r.o. is a well-established Czech manufacturer specializing in gas condensing boilers, electric boilers, and heating system accessories. Operating since 1990, the company maintains a strong market position in the energy sector within the Czech Republic and neighboring regions. Their website reflects a professional and comprehensive digital presence, offering detailed product information, multiple contact forms, and a network of certified installation and service partners. The company emphasizes quality, reliability, and customer satisfaction through extended warranty programs and accessible support channels. Technically, the website is built on an ASP.NET WebForms platform with a modern yet somewhat dated technology stack including jQuery 1.11.3 and Bootstrap 3.3.5. The site is mobile-optimized, SEO-friendly, and integrates various third-party libraries for enhanced user experience such as Google Fonts, Font Awesome, and Google Maps API. Performance is moderate, with room for modernization particularly in updating JavaScript libraries. From a security perspective, the site enforces HTTPS and employs CAPTCHA on forms to mitigate spam. Privacy and cookie policies are comprehensive and GDPR compliant, with explicit user consent mechanisms. However, the absence of explicit security headers like Content-Security-Policy and X-Frame-Options suggests opportunities for strengthening security posture. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website presents a trustworthy and professional image with strong business credibility. The main limitation is the lack of WHOIS data, which slightly reduces domain trustworthiness. Strategic recommendations include updating JavaScript libraries, enhancing HTTP security headers, and verifying domain registration details to improve overall trust and security.

P

PENAM SLOVAKIA, a.s.

baker-street.sk

48

Baker Street is a Slovak premium bakery brand operated by PENAM SLOVAKIA, a.s., specializing in sourdough breads and bakery products crafted with traditional methods and quality ingredients. The website presents a professional and content-rich platform targeting general consumers interested in artisanal bakery goods. Technically, the site is built on WordPress, leveraging modern web technologies including Google Analytics, Tag Manager, and Google Maps, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit policies could be improved. Overall, the domain registration and business information are consistent and trustworthy, supporting a medium-sized retail business with a clear market position in Slovakia.

K

KREJTA solutions s.r.o.

krejta.com

45

KREJTA solutions s.r.o. is a Czech-based online marketing agency specializing in SEO, PPC, social media marketing, branding, web and e-commerce development, and related digital services. The company positions itself as a partner for businesses seeking to succeed in the competitive online environment, offering a broad portfolio of marketing and creative services. The website presents a professional image with client testimonials, case studies, and a clear service catalog, targeting business clients primarily in the Czech Republic and surrounding regions. Technically, the website is built on WordPress CMS with a modern tech stack including jQuery, Google Analytics (Universal and GA4), Facebook Pixel, Hotjar, and other marketing tools. The site is mobile-optimized with good SEO practices and structured data for organization and breadcrumbs. Performance is moderate, with room for improvement in accessibility and security headers. Security posture is adequate with HTTPS enabled and consent mechanisms for cookies, but lacks DNSSEC and some recommended security headers. No explicit privacy policy or terms of service are found on the homepage, which is a compliance gap. WHOIS data is transparent and consistent with the business identity, enhancing trust. Overall, the site is professional and trustworthy with moderate security and privacy compliance. Strategic improvements in security policies, privacy documentation, and DNS security would enhance the company's digital maturity and compliance standing.

K

KREJTA solutions s.r.o.

krejta.sk

43

KREJTA solutions s.r.o. operates as a digital marketing agency primarily serving clients in Slovakia and the Czech Republic. The company offers a broad range of marketing services including SEO, PPC, social media marketing, branding, web and e-shop development, video production, and copywriting. The website demonstrates a solid market position with multiple client testimonials and case studies, indicating a well-established presence since its domain registration in 2018. Technically, the site is built on WordPress with modern marketing and analytics tools integrated, including Google Analytics, Facebook Pixel, Hotjar, and Smartemailing, supported by a cookie consent mechanism to comply with privacy regulations. Security posture is good with HTTPS enforced and Wordfence security scripts present, though explicit security headers could be improved. The absence of explicit privacy and terms of service pages is a notable gap in privacy compliance. Overall, the site is professional, trustworthy, and well-optimized for SEO and user experience.

Strojírenský zkušební ústav, s.p. is a well-established Czech organization specializing in product testing, inspection, certification, and training services. It holds multiple accreditations and is a notified body under European legislation, positioning it as a trusted authority in manufacturing compliance and safety. The website reflects a professional and comprehensive digital presence, targeting manufacturers and businesses requiring conformity assessment services. The company operates internationally with several subsidiaries and partner offices across Europe and beyond. Technically, the website employs modern web technologies including Uikit, jQuery, Google Analytics, Microsoft Clarity, and Google Tag Manager, ensuring a responsive and user-friendly experience. The site is well-structured with good SEO and accessibility features, although some security headers could be improved. HTTPS is enforced, and user data collection is managed with consent mechanisms and CAPTCHA protections. Security posture is solid with no obvious vulnerabilities detected in the frontend. However, the absence of a published security policy or incident response information is a gap. The lack of WHOIS data for the domain is a concern for domain legitimacy verification, though the website content and accreditations strongly support the organization's authenticity. Overall, the website is professional, trustworthy, and compliant with GDPR requirements, serving its audience effectively. Strategic improvements in security transparency and domain registration clarity are recommended to enhance trust further.

P

PRO-BIO – Svaz ekologických zemědělců, z.s.

kamprobio.cz

43

The website 'Mapa členů PRO-BIO' serves as an interactive map and directory for verified organic agricultural producers, farm processors, bioproduct manufacturers, and bioproduct stores primarily in the Czech Republic. Operated by PRO-BIO – Svaz ekologických zemědělců, z.s., it targets consumers and businesses interested in organic farming and bioproducts. The business model is that of a non-profit association providing a niche service to the organic agriculture sector. The site is well-branded and content-rich, offering detailed listings of producers, which positions it as a key resource in its market segment. Technically, the website employs modern frontend technologies including Bootstrap for responsive design, jQuery for interactivity, Google Maps API for mapping, and Google Analytics for user tracking. The site is mobile-optimized and has good SEO practices, though accessibility features are basic. Performance is moderate, with room for optimization. From a security perspective, the site uses HTTPS, which is mandatory and a positive indicator. However, no security headers were detected, and there is a lack of privacy and cookie policies, which are important for GDPR compliance. No WHOIS data was found for the domain, which raises concerns about domain registration legitimacy and continuity. No contact emails or phone numbers were explicitly found, limiting direct communication channels. Overall, the website is functional and serves its business purpose well but has gaps in privacy compliance and domain transparency. Strategic improvements in security headers, privacy disclosures, and domain registration monitoring are recommended to enhance trust and compliance.

K

Kansas Department of Transportation

kandrive.org

61

The website kandrive.gov is the official Kansas Department of Transportation portal providing real-time traffic and road condition information including traffic incidents, winter road conditions, construction updates, traffic speeds, oversize load alerts, station alerts, and weather radar. It serves residents and travelers in Kansas, positioning itself as a critical government service for transportation information. The site uses modern web technologies including Google Maps API and Google reCAPTCHA to deliver interactive and secure content. The technical infrastructure is solid with good mobile optimization and accessibility, though some SEO and security header improvements are possible. Security posture is strong with HTTPS and a strict Content Security Policy, but lacks some additional headers and explicit privacy and cookie policies. No WHOIS registrant data is publicly available, consistent with .gov domain privacy norms, and the site shows no signs of malicious activity or suspicious content. Overall, the site is trustworthy and professionally maintained, though it would benefit from enhanced privacy compliance and clearer contact information.

S

STUDIO ACHT

studioacht.cz

52

STUDIO ACHT is a Czech Republic-based architectural studio established in 2000, providing architectural design services. The website is minimalistic, focusing on branding with limited textual content and no visible contact or legal pages. The technical infrastructure uses modern JavaScript frameworks such as Svelte and integrates Google Maps API, hosted behind Cloudflare DNS services. The website performance and mobile optimization are basic but functional. Security posture is moderate with HTTPS likely enabled but lacking visible security headers and formal security policies. Privacy compliance is minimal, with only a cookie consent banner present and no privacy or terms of service pages. Overall, the site appears legitimate but would benefit from enhanced transparency and security measures.

H

Hotel Arcadie Český Krumlov

hotelarcadie.cz

41

Hotel Arcadie Český Krumlov is a hospitality business located in the historic center of Český Krumlov, Czech Republic, a UNESCO World Heritage site. The hotel offers accommodation along with dining options including the Gotika restaurant and Cosa Vostra pizzeria. It targets tourists visiting this popular cultural and historical destination. The website presents a professional and consistent brand image with good content quality and clear navigation. Social media presence on Facebook and Instagram supports customer engagement. Technically, the website uses a modern but somewhat dated technology stack including Bootstrap 3 and jQuery 1.11.1, along with Google Analytics and Google Maps API. The site is mobile responsive and SEO optimized to a good degree. However, there is room for improvement in accessibility and performance optimization. From a security perspective, the site lacks visible security headers and explicit privacy or cookie policies, which impacts its compliance posture. WHOIS data is unavailable, which reduces domain trustworthiness. No blocking or WAF mechanisms were detected, and no vulnerabilities were apparent in the provided content. Overall, the security posture is moderate but could be enhanced by implementing best practices and compliance documentation. The overall risk is moderate with recommendations to improve security headers, privacy compliance, and domain transparency. Enhancing these areas will strengthen trust and reduce potential compliance risks.

H

HOTEL GLOBUS

hotel-globus.cz

46

Aureli hotel Globus is a mid-sized hospitality business located near the center of Prague, offering accommodation, dining, conference facilities, and family-friendly services. The hotel targets travelers seeking a quiet environment with easy access to city amenities and nature. The website is professionally designed, multilingual, and integrates a secure external booking platform. Technically, it uses modern web technologies including Bootstrap, Google Analytics, and Google Maps API. Security posture is adequate with HTTPS enabled and consent mechanisms for cookies, but lacks visible security headers and privacy policy documentation. WHOIS data is unavailable, limiting domain trust assessment. Overall, the site presents a credible and professional business presence with room for security and privacy improvements.

I

Inovcorp Lda

inovcorp.com

70

Inovcorp Lda is a Portuguese group of companies specializing in technology, design, management, and marketing services. Established since 2009, it has a solid market presence with diversified investments in subsidiaries such as Design Binário, Ativait, Aniwair, and Sharebuzz. The company targets businesses and professionals worldwide, offering digital solutions, brand image creation, social media management, and CRM data visualization. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the website employs modern JavaScript libraries including jQuery, Google Analytics, Google Tag Manager, and integrates Google Maps API. Hosting and DNS services are managed via Cloudflare, providing reliable infrastructure. The site is mobile-optimized and SEO-friendly, though accessibility features are basic. Performance is moderate with room for optimization. From a security perspective, HTTPS is enforced, and domain registration includes clientTransferProhibited status, enhancing domain security. However, DNSSEC is not enabled, and no explicit security headers or published security policies were detected. Cookie consent is implemented with granular user options, indicating good privacy compliance. No incident response or vulnerability disclosure policies are published, representing an area for improvement. Overall, Inovcorp demonstrates a mature digital presence with strong business credibility and moderate security posture. Strategic enhancements in DNS security, security headers, and transparency around security policies would further strengthen trust and compliance.

P

Poptavamweb.cz

poptavamweb.cz

47

Poptavamweb.cz is a small Czech web and graphic studio specializing in custom web development, mobile applications, internet technologies, and bespoke software solutions. The company presents itself professionally with a portfolio of references and clear contact information, targeting businesses and individuals seeking tailored digital services. The website is built on Ruby on Rails, indicating a modern technology stack, and integrates Google Fonts and Google Maps API for enhanced user experience. Security measures include HTTPS enforcement and CSRF protection on forms, with Google reCAPTCHA implemented to mitigate spam. However, the absence of privacy and cookie policies indicates compliance gaps, and missing WHOIS data reduces domain trustworthiness. Overall, the site is well-designed, mobile-optimized, and content-rich, suitable for its target audience.

S

SMA PowerUP

sma-powerup.com.au

62

SMA PowerUP is a trusted solar energy partner program operating in Australia, focused on providing qualified and trained partners for the installation and servicing of SMA solar inverters. The program targets home owners, business owners, and solar installers, offering training, marketing support, and warranty upgrades to enhance partner competitiveness. The website is built on TYPO3 CMS and integrates modern technologies such as Google Maps API for partner location services and consent management for privacy compliance. Security posture is adequate with HTTPS enforced and consent mechanisms in place, but lacks some security headers and explicit privacy and terms of service documentation. Overall, the domain appears legitimate and professionally maintained, though WHOIS data is limited due to Australian domain privacy policies.

F

Františkovy Lázně AQUAFORUM a.s.

hotel-metropol.cz

45

Lázeňský hotel Metropol is a medium-sized hospitality business located in Františkovy Lázně, Czech Republic, specializing in spa and therapeutic services leveraging local natural healing resources. The hotel offers accommodation, medical spa treatments, and flexible reservation options, targeting wellness tourists and spa guests. The website is built on WordPress using the Divi theme, integrating modern web technologies including Google Tag Manager, Facebook Pixel, and Cookiebot for consent management. The site is well-structured, mobile-optimized, and provides clear navigation and contact information. Security posture is good with HTTPS enforced and cookie consent implemented, though security headers and formal policies are missing. WHOIS data is unavailable, which slightly impacts trust but the professional presentation and detailed contact info support legitimacy. Overall, the site is a reliable digital presence for the spa hotel business.

N

NRG System

nrgsystem.gr

42

NRG System is a Greek company specializing in the trade, study, construction, and technical support of materials and systems for industrial automation, with a focus on custom automation applications. The company serves industrial clients and technical firms primarily in Greece, offering a broad range of products including energy measurement devices, industrial hardware, automation and control systems, wireless communication solutions, and UPS and connection boxes. The website is built on Joomla CMS with common web technologies and provides detailed contact information across three Greek locations. While the site is professionally designed and navigable, it lacks explicit privacy and cookie policies, which are critical for GDPR compliance. Security posture is moderate with HTTPS enabled and CSRF protections but missing key security headers and exposing a Google Maps API key in the source.

G

GWF AG

gwf-balance.com

54

GWF AG operates the GWF Balance platform, a technology-driven solution focused on reducing water network leakage and improving water utility efficiency. The company leverages advanced sensors, proprietary AI algorithms, and a data-rich platform to deliver measurable leakage reductions and operational savings. Positioned as a technology leader with a 125-year heritage, GWF AG targets water utilities and network operators globally, emphasizing sustainability and cost-effective interventions. Technically, the website is built on WordPress with modern JavaScript libraries such as jQuery and Swiper.js, integrated with Google Analytics and Tag Manager for tracking. The site employs robust cookie consent management via Borlabs Cookie and uses FriendlyCaptcha for form security. Hosting is supported by Azure DNS, and the site is served over HTTPS with good SSL configuration, ensuring secure communications. From a security perspective, the site demonstrates good practices including HTTPS enforcement, CAPTCHA on forms, and cookie consent compliance. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly present and could be added to enhance security. No vulnerabilities or exposed sensitive data were detected. Privacy policies and terms of service are comprehensive and GDPR compliant, supporting strong privacy posture. Overall, the website presents a professional, trustworthy, and technically sound digital presence for GWF AG. The domain is newly registered but consistent with the company's established business. Recommendations include enhancing security headers, publishing a dedicated security policy, and establishing incident response contact channels to further strengthen trust and compliance.

C

Cargo Bus

cargobus.ee

36

Cargo Bus is a transportation and logistics company operating primarily in Estonia, offering parcel delivery, bus ticket sales, and terminal services. The company has an established online presence with a website built on WordPress using the Astra theme and Elementor page builder, indicating a moderate level of digital maturity. The website is multilingual, supporting Estonian, English, and Russian languages, targeting a broad audience within the region. Technically, the site uses HTTPS and Cloudflare DNS, but lacks advanced security headers and explicit privacy or cookie policies, which are important for compliance and trust. No contact emails or phone numbers are explicitly visible, which may impact user trust and support accessibility. The domain is registered since 2010 under Zone Media OÜ, consistent with the business's regional focus and legitimacy. Overall, the website is professionally designed with good navigation and content relevance but could improve in privacy compliance and security posture.

S

SIA "Dimdiņi"

dimdini.lv

42

SIA "Dimdiņi" is a family-owned Latvian company specializing in vegetable cultivation and processing, particularly fermented and traditional Latvian cabbage products. Established in 1992, it is one of the largest vegetable growing and processing companies in the Baltic region. The company emphasizes traditional recipes combined with modern production techniques, targeting health-conscious consumers interested in natural and fermented foods. The website provides detailed information about the production process, products, recipes, and company contact details, supporting its market position as a reputable regional food manufacturer. Technically, the website uses common web technologies including jQuery, Bootstrap, Google Maps API, and Google Analytics, with moderate performance and good mobile optimization. However, there are gaps in privacy compliance and security best practices, such as missing privacy and cookie policies and lack of security headers. The WHOIS data could not be retrieved, limiting domain registration verification. Overall, the website presents a professional and trustworthy business presence but would benefit from enhanced security and compliance measures.

S

SIA Dators x Dizains

datorsxdizains.lv

51

SIA Dators x Dizains is a Latvian small business specializing in web design, graphic design, animation, and metal design services. The company presents a professional portfolio showcasing diverse creative projects including websites, logos, print materials, and metal art. Their website is built on WordPress and integrates common technologies such as jQuery, Google Analytics, and Google Maps API, indicating a moderate level of digital maturity. While the site is well-structured and visually appealing with good mobile optimization, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Security posture is moderate with no visible security headers and unknown SSL configuration, suggesting room for improvement in technical security controls. Overall, the business appears legitimate and focused on creative design services, but the absence of WHOIS data and privacy compliance documentation slightly reduces trust confidence.

P

Památník Dr. E. Holuba

holubovomuzeum.cz

56

Africké Muzeum Dr. Emila Holuba is a small cultural and educational museum located in the Czech Republic, dedicated to the ethnographic collections and legacy of Dr. Emil Holub. The museum serves a general audience interested in African history and cultural heritage, providing exhibitions and educational events. The website is professionally designed with good content quality and clear navigation, supporting a positive user experience. Technically, the site uses modern web technologies including Google Maps API and Google Fonts, with evidence of Ruby on Rails backend framework. Security posture is adequate with HTTPS and CSRF protections, but lacks published privacy and cookie policies and security headers, indicating room for improvement in compliance and security best practices. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and safe for general audiences.

E

eD group

ed.cz

61

eD group is a large technology holding operating primarily in Central Europe, focusing on IT distribution, software solutions, digital marketing, and e-commerce. The group comprises several subsidiaries specializing in various IT and technology sectors, serving a broad B2B audience. Their market position is strong, with partnerships with major global brands and a comprehensive portfolio of services. The website reflects a mature digital presence with modern technologies and good user experience. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and policies could be improved. The absence of WHOIS data limits domain trust assessment but the professional presentation and detailed business information support legitimacy. Strategic recommendations include enhancing security headers, publishing incident response policies, and adding a security.txt file.

R

Resort Vitality

resortvitality.cz

9

Resort Vitality is a hospitality and leisure complex located in the Beskydy mountains of the Czech Republic. It offers a broad range of services including luxury accommodation at Hotel Vitality, family atmosphere lodging at Penzion Ovečka, and a unique mountain hotel Mikulášská chata. The resort also provides extensive sports and relaxation facilities, gastronomy options, and event hosting capabilities, targeting both leisure visitors and corporate clients. The website reflects a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the website employs a mix of modern and legacy technologies including Google Analytics, Google Tag Manager, YouTube iframe API, and Google Maps API. It uses jQuery 1.7.1, which is outdated and may pose security risks. The site is mobile optimized and includes cookie consent mechanisms, but lacks visible privacy and terms of service pages, which are important for compliance. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, the site uses HTTPS and has a cookie consent banner, but lacks explicit security headers and updated libraries. No WHOIS data was found, which raises concerns about domain legitimacy and trustworthiness. Contact information is comprehensive, but no formal security or incident response policies are published. Overall, the security posture is moderate but could be improved with better compliance documentation and technical hardening. The overall risk is moderate with recommendations to improve privacy compliance, update technical components, and enhance security headers. The business appears legitimate based on content and partner relationships, but domain registration opacity warrants further verification.

Z

ZN Metal s.r.o.

znmetal.cz

43

ZN Metal s.r.o. is a Czech company specializing in the collection and purchase of secondary raw materials such as paper, iron, and non-ferrous metals. The company operates primarily in the Znojmo region and is part of the larger MULTICRAFT Group, which provides strong financial backing and comprehensive service capabilities. The website presents a professional image with clear contact information and detailed service offerings, targeting businesses and individuals involved in recycling and waste management. Technically, the site uses common web technologies including jQuery, Google Maps API, and Google Analytics, indicating a moderate level of digital maturity. However, the absence of WHOIS data and privacy-related policies suggests areas for improvement in transparency and compliance. Security posture is moderate with no critical vulnerabilities detected, but the lack of security headers and formal policies is noted. Overall, the site is functional and trustworthy but would benefit from enhanced privacy compliance and security best practices.

S

SK mont NJ, spol. s r.o.

skmont.cz

59

SK mont NJ, spol. s r.o. is a Czech manufacturing company specializing in atypical steel structures, outdoor lighting components, and low voltage electro-assembling works. Established in 2002, it operates as part of a larger group with multiple subsidiaries across the Czech Republic, Slovakia, and Austria. The company targets industrial and infrastructure sectors, offering production services including CNC sheet processing and anticorrosive protection. The website presents a professional image with good content quality and clear navigation, supporting its market position as a reliable manufacturer with Czech origin products. Technically, the site runs on WordPress 4.9.3 with the Enfold theme and uses standard web technologies such as jQuery and Google Fonts. While the site is mobile optimized and accessible, it uses outdated software versions that may pose security risks. Security posture is moderate with HTTPS enabled but lacks security headers and explicit privacy or cookie policies. No incident response or vulnerability disclosure information is provided. Overall, the domain registration data is consistent with the business claims, showing a long-established presence since 2002. The website is safe for general audiences with no adult or questionable content detected.

STAMPA Engineering, s.r.o. is a Slovakia-based engineering company specializing in the design and static calculation of major supporting and secondary structures primarily for the cement, energy, and petrochemical industries. The company operates as part of the larger Multicraft Group, which includes multiple subsidiaries across the Czech Republic, Slovakia, and Austria, indicating a medium-sized enterprise with a strong regional presence. Their key services include structural design, technical layout preparation, weight calculation for steel structures, and refinement of existing designs. The website reflects a professional business with clear branding and consistent messaging targeted at industrial clients. Technically, the website is built on WordPress using the Enfold theme and Avia framework, incorporating technologies such as jQuery, MediaElement.js, and Google Maps API. The site is mobile optimized with moderate performance and basic accessibility and SEO features. However, it lacks modern security headers and uses an outdated jQuery version, which could pose security risks. From a security perspective, the site uses HTTPS and does not expose sensitive data or vulnerable libraries visibly. However, it lacks privacy and cookie policies, incident response contacts, and vulnerability disclosure mechanisms, indicating compliance gaps especially concerning GDPR. No analytics or tracking scripts were detected, suggesting minimal user tracking. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, improved security headers, and updated technical components to strengthen its security posture and regulatory adherence.

Linguaschools is a well-established network of Spanish language schools located in Spain and South America, founded in 2005. The company offers a variety of Spanish courses including intensive, combined, individual, semi-intensive, exam preparation, and online options, targeting students seeking high-quality language education combined with cultural immersion. The website is professionally designed, mobile-optimized, and provides rich content in Italian with multiple language versions available. Technically, the site uses modern web technologies such as Google Tag Manager, Google Maps API, and a cookie consent tool, ensuring GDPR compliance and user tracking transparency. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and formal policies are missing. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site is trustworthy, user-friendly, and well-positioned in the education sector.

Linguaschools is a well-established education company specializing in Spanish language immersion programs in Spain and Latin America. The company operates a network of quality language schools and offers a variety of courses tailored to different student needs, including intensive, combined, individual, and online options. Their market position is strong within the niche of cultural and language immersion, supported by accreditations such as the Institut Cervantes and a multilingual website presence. Technically, the website employs modern web technologies including Google Tag Manager and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and security headers, though the absence of a public security policy and incident response information is noted. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. However, the lack of WHOIS data transparency slightly reduces overall trustworthiness. Overall, Linguaschools presents a professional, trustworthy, and user-friendly digital presence aligned with its educational mission.

Linguaschools operates as a well-established network of high-quality Spanish language schools located in Spain and Latin America, targeting language learners and cultural travelers. Founded in 2005, it offers a broad range of Spanish courses including intensive, combined, individual, semi-intensive, exam preparation, and online options, complemented by cultural activities such as surfing and dance. The company positions itself as a leading provider in its niche with a strong emphasis on cultural immersion and quality education. Technically, the website employs modern web technologies including Google Tag Manager, Google Maps API, and a cookie consent tool, hosted on a provider indicated by the nameservers yourwebhoster.com and yourwebhoster.nl. The site is mobile-optimized with good SEO practices and moderate performance. Multilingual support is robust, enhancing accessibility for international users. From a security perspective, the site uses HTTPS with no visible critical vulnerabilities or exposed sensitive data. Cookie consent mechanisms and privacy policies align with GDPR requirements. However, security headers are not explicitly detected and could be improved. No incident response or vulnerability disclosure policies are found, suggesting room for enhancement in security governance. Overall, Linguaschools presents a professional, trustworthy, and user-friendly online presence with strong business credibility and compliance posture. Strategic improvements in security headers and incident response readiness would further strengthen its security stance.

Linguaschools is a reputable network of Spanish language schools operating primarily in Spain and Latin America, offering a wide range of Spanish courses including intensive, combined, individual, semi-intensive, exam preparation, and online classes. The company emphasizes cultural immersion alongside language learning, targeting students and travelers seeking authentic experiences. The website is professionally designed, multilingual, and provides comprehensive information about courses, destinations, and staff, reflecting a mature digital presence. Technically, the website employs modern tracking and analytics tools such as Google Tag Manager and Google Analytics, integrates Google Maps for location visualization, and uses a cookie consent tool to comply with privacy regulations. The site is mobile-optimized and loads with moderate performance. However, some security headers are not explicitly detected, suggesting room for improvement in security hardening. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, indicating good privacy compliance. No critical vulnerabilities or suspicious patterns were detected. The lack of WHOIS data limits domain registration analysis, but the overall trust signals and business consistency support legitimacy. Overall, Linguaschools presents a low-risk profile with strong business credibility and good privacy practices. Strategic improvements in security headers and incident response disclosures could further enhance their security posture.

Linguaschools is a well-established provider of Spanish language travel and education services, operating a network of high-quality language schools in Spain and Latin America. The company offers a wide range of Spanish courses including intensive, combination, individual, semi-intensive, exam preparation, and online courses, complemented by cultural activities such as surfing, flamenco, and tango. The website is professionally designed, multilingual, and targets students and individuals seeking immersive Spanish learning experiences abroad. Technically, the site uses modern web technologies including Google Tag Manager and Google Maps API, with good mobile optimization and moderate performance. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit security policies. Privacy compliance is adequate with a comprehensive privacy policy but no visible cookie consent mechanism. Overall, the domain registration and WHOIS data align well with the business claims, supporting legitimacy and trustworthiness.

A

Alcedo Media, s.r.o.

ubytovanichorvatsko.cz

45

Ubytovanichorvatsko.cz is a Czech-language online travel accommodation portal specializing in Croatian holiday rentals. Operated by Alcedo Media, s.r.o., the site aggregates apartment and villa listings from multiple sources, providing users with a centralized search and booking experience. The portal also offers travel guides and practical information to assist tourists in planning their trips. The business targets Czech-speaking tourists seeking affordable and diverse accommodation options in Croatia, positioning itself as a niche regional player in the hospitality sector. Technically, the website employs a traditional web stack including jQuery, Bootstrap, and Google Maps API, with moderate performance and basic mobile optimization. Security posture is adequate but could be improved by updating outdated libraries and implementing security headers. Privacy compliance is partially addressed through cookie consent mechanisms and a cookie policy page, though a dedicated privacy policy and terms of service are lacking. Overall, the site is professional and trustworthy, with room for technical and security enhancements.

D

Domains By Proxy, LLC (registrant privacy)

tourism4sdgs.org

54

Tourism4sdgs.org is an official platform managed by the United Nations World Tourism Organization (UNWTO) dedicated to promoting sustainable tourism aligned with the Sustainable Development Goals (SDGs). The website serves as a comprehensive resource hub offering educational materials, initiatives, dashboards, and collaboration opportunities for governments, companies, academia, travelers, and international organizations. The platform is well-branded, consistent, and targets a global audience interested in sustainable development through tourism. Technically, the website is built on WordPress with modern plugins and frameworks such as Elementor, Bootstrap, and jQuery. It integrates Google Maps API and uses Google Analytics and Tag Manager for tracking. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in loading speed and technical optimization. From a security perspective, the site uses HTTPS with a valid SSL certificate and implements cookie consent mechanisms compliant with GDPR. However, DNSSEC is not enabled, and several important security headers are missing, which could be improved to enhance security posture. No critical vulnerabilities or exposed sensitive data were detected. WHOIS data shows privacy protection for the domain, which is justified given the organizational nature of the platform. Overall, tourism4sdgs.org presents a trustworthy, professional, and informative platform with a solid business and technical foundation. Strategic improvements in security headers and DNS security would further strengthen its posture and trustworthiness.

T

Telwin

telwin.it

65

Telwin is a well-established manufacturer specializing in welding machines, cutting systems, battery chargers, and starters, with a history spanning over 60 years. The website targets industrial professionals and customers seeking high-quality welding and battery equipment. The digital infrastructure employs modern technologies such as Google Tag Manager, Iubenda for privacy compliance, and various JavaScript libraries to enhance user experience and functionality. The site is well-optimized for mobile and SEO, providing a professional and trustworthy user interface. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place; however, the absence of WHOIS domain registration data raises concerns about domain legitimacy and trustworthiness. No direct contact emails or phone numbers were found, with contact primarily via web forms. Overall, the site presents a professional front but would benefit from improved transparency in domain registration and enhanced security headers.

Linguaschools operates as a reputable network of boutique Spanish language schools located in Spain and Latin America, offering a wide range of Spanish courses year-round. The company emphasizes cultural immersion alongside language education, targeting students and travelers seeking authentic experiences. Their market position is strong within the niche of high-quality language education with multiple accreditations supporting their credibility. Technically, the website employs modern tools such as Google Tag Manager, Google Analytics, and Google Maps API, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data is a notable anomaly that slightly reduces trust but does not overshadow the professional presentation and comprehensive content of the site. Overall, Linguaschools presents a trustworthy and well-structured online presence suitable for its educational business model.

S

SIA "DVJ"

clarteys.lv

48

Clarteys.lv operates as a Latvian auction house platform specializing in real estate and vehicle auctions. The company, legally registered as SIA "DVJ", provides an online marketplace for buyers and sellers to participate in auctions, submit bids, and access loan options. The platform targets individuals and businesses interested in acquiring or selling properties and vehicles through competitive bidding. The website is professionally designed, mobile-optimized, and offers clear navigation with relevant content in Latvian. Technically, the website is built on OctoberCMS and leverages modern web technologies including Google Fonts, jQuery, Google Tag Manager, Google Analytics, Yandex Metrika, and Google Maps API. The site uses HTTPS with a valid SSL certificate ensuring encrypted communications. However, the absence of security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. From a security perspective, the site shows good practices such as HTTPS enforcement and no visible sensitive data exposure. Yet, it lacks explicit security policies, incident response information, and vulnerability disclosure mechanisms. The WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the site presents a moderate security posture with recommendations to enhance headers, privacy compliance, and incident readiness. The overall risk assessment is moderate with a good business credibility score but some technical and privacy compliance gaps. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and improving WHOIS transparency to strengthen trust and compliance.

L

Latvijas Meža Attīstības Fonds

mezaattistibasfonds.lv

48

Latvijas Meža Attīstības Fonds is a Latvian forestry fund focused on acquiring and managing forest lands sustainably. The company offers services including forest land purchase, fund area management, and responsible forestry practices aimed at preserving environmental diversity and increasing forest value. Their target audience includes private forest owners and companies interested in forestry investments and management within Latvia. The website is professionally designed with clear navigation and content relevant to their business domain. Technically, the website employs modern tracking and analytics technologies such as Google Analytics, Facebook Pixel, Google Tag Manager, and Cookiebot for consent management. The site is mobile optimized and uses HTTPS with good SSL configuration. However, some security headers are missing, and no explicit security or incident response policies are published. The website demonstrates moderate user tracking balanced with GDPR-compliant cookie consent mechanisms. From a security perspective, the site benefits from HTTPS and secure form handling but lacks advanced security headers and a vulnerability disclosure policy. No critical vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content aligns well with the claimed business. Overall, the site presents a good security posture with room for improvement in security policy transparency and header implementation. The overall risk is moderate with no immediate red flags. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility features. These steps will strengthen trust and compliance while supporting the company’s professional image and operational security.

A

ART ESTHETIC

daugavpils.artesthetic.lv

52

ART ESTHETIC is a cosmetology center based in Riga, Latvia, specializing in facial and body aesthetic treatments including apparatus cosmetology, classic cosmetology, and injection therapies. The business targets individuals seeking professional skin and body care services, leveraging certified specialists with international credentials such as CIDESCO. The website is well-structured, bilingual (Latvian and Russian), and presents a comprehensive range of services with customer testimonials and social media integration, positioning it as a reputable local service provider. Technically, the website is built on WordPress using the Enfold theme, incorporating modern technologies such as Google Maps API, Google reCAPTCHA v3, Facebook Pixel, and Usercentrics for consent management. The site is mobile-optimized with good SEO practices and moderate performance. Security measures include HTTPS enforcement and anti-bot protections, though additional security headers could enhance the posture. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is addressed with clear privacy and cookie policies, and GDPR compliance is indicated. However, the absence of a dedicated security policy or incident response page suggests room for improvement in transparency and preparedness. Overall, the website and business present a trustworthy and professional image with a moderate risk profile primarily due to unavailable WHOIS data limiting domain registration verification. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and publishing security and incident response information to bolster trust and compliance.

L

LED Studio

ledstudio.cz

42

LED Studio is a well-established Czech company specializing in the supply and servicing of large-format LED display technologies for advertising, sports, and entertainment sectors. Founded in 2007, it holds a leading market position in the Czech Republic, offering a broad product portfolio including indoor and outdoor LED screens, LED mantinels, LED rings, and rental solutions. The company supports its clients with financing options, warranty services, and professional consulting. Technically, the website employs standard web technologies such as HTML5, CSS, JavaScript, and jQuery, with integrations like Google Analytics and Google Maps API. While the site is functional and professionally designed, it lacks advanced security headers and explicit privacy or cookie policies, which are critical for GDPR compliance and user trust. The security posture is moderate, with room for improvement in headers and form protections. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Strategic improvements in privacy compliance and security practices would enhance trust and reduce risk.