Security Directory

H

HELUKABEL

helukabel-thailand.com

47

HELUKABEL Thailand operates a comprehensive industrial cable supply and service website targeting sectors such as energy, transportation, and manufacturing. The company offers a wide range of cables including data, power, control, and specialized cables with international approvals, serving a global market. The website supports customer engagement through product catalogs, user registration with OTP verification, and order tracking features. Technically, the site uses modern front-end technologies including Bootstrap, jQuery, and Slick Carousel, and integrates Google Tag Manager and Facebook SDK for analytics and marketing. Security posture is moderate with HTTPS usage but lacks visible security headers and privacy compliance documentation. The absence of WHOIS registration data raises concerns about domain legitimacy, though the active and detailed website content suggests a functioning business. Privacy and cookie policies are missing, indicating compliance gaps. Overall, the site is professionally designed and mobile optimized but requires improvements in security and privacy transparency.

M

Město Slavkov u Brna

slavkovak.cz

46

Slavkovak.cz is a local leisure and tourism portal operated by the city of Slavkov u Brna, Czech Republic. It provides residents and visitors with news, event listings, information on local associations, gastronomy, accommodation, and tourist destinations. The site serves as an official community resource with a focus on promoting local culture and tourism. The business model is informational and community-driven, supported by the city administration. The website is well-branded and consistent, targeting a general audience interested in local events and tourism. Technically, the site uses a modern tech stack including UIkit for UI components, jQuery, Google Tag Manager, Google Analytics, Facebook SDK, and mapping APIs from Mapy.cz and Leaflet. The site is mobile optimized and performs moderately well, though accessibility and SEO could be improved. The presence of cookie consent and GDPR documentation indicates awareness of privacy compliance, though privacy policy details are basic. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit vulnerability disclosure or incident response policies. No WHOIS data was found, which raises concerns about domain registration legitimacy, though the site content and footer indicate official city operation. Overall, the site is trustworthy but would benefit from improved transparency and security hardening. The risk assessment is moderate with recommendations to improve security headers, add terms of service and security policies, and verify domain registration status to enhance trust and compliance.

O

Organization for Security and Co-operation in Europe

osce.org

62

The Organization for Security and Co-operation in Europe (OSCE) is a prominent intergovernmental organization dedicated to security, cooperation, and human rights across Europe and neighboring regions. The website reflects a mature digital presence with comprehensive multilingual content, clear navigation, and professional design, targeting governments, policymakers, and civil society. Technically, the site is built on Drupal CMS, leveraging modern web technologies and analytics tools such as Google Analytics and New Relic, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and multiple security headers, though explicit security policy and incident response information could be improved. Overall, the site demonstrates high trustworthiness and business credibility, with no signs of malicious activity or content safety concerns.

C

Církev adventistů s.d.

hopetv.cz

42

HopeTV is a Czech Christian internet television channel affiliated with the international Hope Channel network and operated by the Církev adventistů s.d. It provides religious video content including sermons, live church services, and thematic programs targeting the Christian community and general public interested in faith-based media. The website features a professional design with good navigation and mobile optimization, supporting a positive user experience. Technically, it employs a mix of legacy and modern web technologies including jQuery, Nette AJAX, Video.js, and Google Analytics, but some components like jQuery are outdated and may pose security risks. Security posture is moderate with HTTPS enforced but lacking security headers and updated libraries. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. The WHOIS data is unavailable, limiting domain registration trust assessment, but the website's affiliation with known organizations supports legitimacy. Overall, the site is functional and trustworthy but requires improvements in security and privacy compliance.

Harvest Group SA is a Swiss-based international commodities merchant specializing in agricultural products such as wheat, corn, soy, and barley. The company provides comprehensive services including international logistics, financing, risk management, and advisory services, positioning itself as a key player in global commodity trading and supply chain management. The website reflects a medium-sized enterprise with a professional online presence and consistent branding. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript with the Slick Carousel library for UI elements. The site is hosted under a reputable registrar and DNS provider, with HTTPS enabled ensuring secure communications. Mobile optimization and navigation clarity are good, though accessibility features are basic and SEO optimization is moderate. From a security perspective, the site benefits from HTTPS and domain transfer protection but lacks advanced security headers and DNSSEC. There is no visible security policy or incident response information, and no cookie consent mechanism is implemented, which may impact GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the website is trustworthy and professional, with clear contact information and business details. However, improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance security posture and regulatory adherence.

P

PageFly

pagefly.io

10

PageFly is a well-established SaaS company founded in 2016, specializing in providing advanced page building and customization solutions for Shopify merchants. The website demonstrates a strong market position as the leading Shopify page builder, offering extensive customization and conversion optimization features. The technical infrastructure leverages Shopify's platform combined with modern JavaScript libraries and multiple analytics and marketing tools, indicating a mature digital presence. Security posture is solid with HTTPS enforced, privacy protection on domain registration, and use of CAPTCHA and session management tools, though explicit privacy and cookie policies are missing. Overall, the website is professional, fast, and user-friendly, targeting e-commerce businesses seeking enhanced page design capabilities.

E

ELTON hodinářská, a.s.

eltonhodinarska.cz

40

ELTON hodinářská, a.s. is a Czech watch manufacturing company with a heritage dating back to 1949. The company specializes in producing PRIM brand wristwatches, as well as wall clocks, alarm clocks, and other measuring instruments. Their manufacturing process includes in-house production of mechanical movements and components, emphasizing traditional craftsmanship. The company distributes its products through branded stores in major Czech cities and selected partners. Technically, the website is built on ASP.NET with modern front-end libraries such as Bootstrap and jQuery, and integrates Google Analytics and Tag Manager for visitor tracking. The site is mobile-optimized and presents content professionally with clear navigation. Security-wise, the site uses HTTPS and implements a cookie consent banner, but lacks visible security headers and explicit privacy or security policies. WHOIS data is unavailable, which reduces transparency but does not critically impact trust given the brand's established reputation. Overall, the website reflects a medium-sized manufacturing business with a solid digital presence but could improve in security and privacy transparency.

D

Dash Social

dashhudson.com

10

Dash Social is a Canadian-based technology company founded in 2013 that offers a comprehensive social media management platform. Their SaaS solution integrates AI-powered tools for content performance prediction, creator and influencer management, social analytics, campaign reporting, scheduling, and social commerce. The company targets brands, marketers, and social media managers seeking to optimize social media engagement and ROI. The website demonstrates a mature digital presence with rich content, customer testimonials, and partner badges from major platforms like TikTok, Meta, and Pinterest, indicating strong market positioning. Technically, the website is built on Webflow CMS and leverages modern JavaScript libraries such as jQuery, GSAP, and Slick Carousel for interactive features. It employs Google Tag Manager and HubSpot for analytics and marketing automation. The site is mobile-optimized, fast-loading, and SEO-friendly. Security practices include HTTPS enforcement and a cookie consent mechanism with opt-in compliance, though explicit security headers are not detected. From a security perspective, the site shows good maturity with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS domain registration data is a notable concern, potentially indicating privacy protection or data source limitations. The presence of a suspicious external script domain warrants further review. Overall, the site maintains good privacy compliance and business credibility but could improve transparency in domain registration and security disclosures. Strategically, Dash Social should enhance its security posture by publishing a vulnerability disclosure policy, adding security headers, and providing incident response contacts. These steps will strengthen trust and compliance. The technical infrastructure is solid but could benefit from continuous monitoring of third-party scripts and further accessibility improvements.

Acaballado® z.s. is a small Czech non-profit organization dedicated to organizing cultural and historical events, primarily focusing on historical reenactments and promoting historical awareness. The website serves as a platform to inform visitors about upcoming events, archives, and organizational information. The organization targets a general audience interested in cultural heritage and history, particularly within the Czech Republic. The business model is centered on event organization and community engagement without commercial sales evident on the site. Technically, the website is built on WordPress 6.5.7, utilizing popular plugins such as Yoast SEO and libraries including jQuery, Bootstrap, and Slick Carousel. It integrates Google Tag Manager, Google Analytics, and Facebook SDK for analytics and marketing purposes. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. Performance is moderate, with no major technical issues detected. From a security perspective, the site uses HTTPS with an excellent SSL configuration but lacks visible security headers and formal security or incident response policies. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. Contact information is clearly provided, enhancing business credibility. Overall, the website is legitimate and professionally maintained for a small non-profit. The lack of WHOIS data is consistent with privacy protection common in such organizations. Strategic improvements in privacy compliance and security headers would enhance trust and regulatory adherence.

F

FK Neratovice-Byškovice

fkneratovice-byskovice.cz

45

FK Neratovice-Byškovice is a local Czech football club with an active online presence showcasing team information, match results, youth programs, and community projects. The website serves as an information hub for fans, players, and partners, featuring media content and an e-shop for merchandise. Technically, the site uses modern web technologies including jQuery, Bootstrap, and Google Analytics, with a responsive design optimized for mobile devices. Security posture is moderate with HTTPS enforced and a cookie consent mechanism implemented, but lacks visible security headers and a formal privacy policy. The absence of WHOIS data for the domain raises concerns about domain registration transparency, although the site content appears legitimate and professional. Overall, the site is functional and informative but would benefit from enhanced security practices and clearer compliance documentation.

M

Mototechna

mototechnadrive.cz

57

Mototechna Drive is a Czech Republic-based vehicle rental service provider offering both long-term and short-term car rentals. The website is built on a modern Angular framework and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. The site demonstrates good design quality, mobile optimization, and clear navigation, although the analyzed page is a 404 error page, the overall site structure is professional and consistent with the brand. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks visible security headers and explicit security policies. Privacy compliance is good with accessible privacy and cookie policies, and GDPR compliance is indicated. Business credibility is high with consistent WHOIS data and active social media presence. Overall, the site scores well but could improve in security header implementation and incident response transparency.

P

Podcast Media s.r.o.

radiovy.cz

46

RádioVy is a Czech internet radio platform operated by Podcast Media s.r.o., offering a variety of regional and thematic radio stations, podcasts, and news content. The website targets Czech-speaking audiences interested in local news, sports, and cultural programming. The business model is primarily advertising-based, with a focus on community engagement and podcast hosting. The company is small-sized and operates within the media sector in the Czech Republic. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Wavesurfer.js for audio features, and a proprietary CMS (cmscore v2.0). The site is mobile-optimized with good SEO practices and moderate performance. However, some accessibility features are basic, and there is room for improvement in security headers and performance tuning. From a security perspective, the site uses HTTPS and avoids exposing sensitive data. However, no explicit security headers were detected, and no dedicated security or incident response policies are published. The absence of WHOIS data for the domain is a concern, reducing trust in domain legitimacy. Privacy and cookie policies are present and indicate GDPR compliance, but no data protection officer or vulnerability disclosure information is found. Overall, the website is professionally designed and functional with good content quality and user experience. The main risk lies in the lack of domain registration transparency and limited security policy disclosures. Strategic improvements in security posture and domain verification would enhance trust and compliance.

E

eSportsmedia s.r.o.

fanshopfkpce.cz

46

Fanshop FK Pardubice is a Czech Republic based small retail e-commerce business specializing in fan merchandise for the FK Pardubice football club. The website offers a variety of products including clothing, accessories, and a custom jersey configurator, targeting local football fans. The business is operated by eSportsmedia s.r.o., which also appears to be the parent company and developer of the site. The company maintains a physical store located at the CFIG Arena in Pardubice, enhancing its local presence. Technically, the website uses a combination of jQuery, Slick Carousel, Fancybox, and the Nette PHP framework, indicating a moderately modern tech stack. The site is mobile optimized and includes basic SEO and accessibility features. Hosting is managed through a Czech registrar with name servers at forpsi.net. Google Analytics is implemented but misconfigured, and cookie consent is properly managed through a third-party service, reflecting a basic level of privacy compliance. From a security perspective, the site lacks explicit security headers and does not provide visible security or incident response policies. No critical vulnerabilities or blocking mechanisms were detected, but improvements are recommended to enhance security posture. The domain registration data is consistent with the business claims, and no suspicious patterns were found, supporting the legitimacy of the site. Overall, the website is professionally presented with good content quality and business credibility. Privacy compliance is basic but present. Security measures require enhancement to meet higher standards. The site is safe for general audiences and does not contain any adult or questionable content.

S

Sklopísek Střeleč, a. s.

glassand.eu

51

Sklopísek Střeleč, a. s. is a Czech-based medium-sized manufacturing company specializing in the supply of high-quality quartz sands for various industrial applications including glassmaking, foundry, filtration, and sports surfaces. The company positions itself as a reliable supplier with a focus on quality and availability, targeting industrial and commercial customers. The website reflects a professional business presence with clear product categorization and regular news updates, supporting its market position. Technically, the website employs a modern technology stack including jQuery, Bootstrap, and popular carousel libraries, along with analytics tools such as Google Analytics and Hotjar. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. However, some technical improvements could enhance accessibility and performance further. From a security perspective, the website uses HTTPS and avoids exposing sensitive data, but lacks important security headers and visible privacy and cookie policies, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, indicating room for improvement in security transparency and readiness. Overall, the website is functional and professional but would benefit from enhanced privacy compliance and security best practices to reduce risk and improve trustworthiness. Strategic recommendations include implementing privacy and cookie policies, adding security headers, and establishing a vulnerability disclosure process.

A

AAA AUTO

aaaauto.cz

69

AAA AUTO is a leading used car dealership in the Czech Republic, offering a large inventory of quality and verified vehicles with extended warranties and legal origin guarantees. The company targets consumers and businesses seeking to buy, sell, or finance used vehicles, providing both online and physical branch services. AAA AUTO maintains a strong market position supported by extensive customer trust and partnerships with major financing institutions. Technically, the website employs modern JavaScript libraries and tracking tools such as jQuery, Google Analytics, and SmartSupp Chat, delivering a professional and responsive user experience. SEO and accessibility are adequately addressed, though some improvements could be made in accessibility features. From a security perspective, the site enforces HTTPS, includes security headers, and manages cookie consent effectively. However, it lacks a publicly available security policy and incident response contact details, which are recommended for enhanced transparency and trust. Overall, the website is professional, trustworthy, and compliant with GDPR and cookie regulations. The absence of WHOIS data slightly impacts domain trust assessment but does not detract from the site's legitimacy given its strong branding and external trust signals.

J

JAKO

jakojedenteam.cz

58

JAKOjedenteam.cz is the official Czech Republic importer and retailer of the JAKO sportswear brand, offering a comprehensive range of sports clothing and equipment tailored for various sports disciplines. The website serves sports clubs, teams, and individual athletes, providing both retail and team outfitting services with customization options. The site demonstrates a professional e-commerce platform with clear navigation, product categorization by sport and team lines, and integration of marketing and analytics tools such as Google Analytics and Facebook SDK. The technical infrastructure is modern, leveraging popular JavaScript libraries and ensuring mobile responsiveness. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though improvements in security headers and explicit security policies are recommended. The absence of WHOIS data for the domain is a notable concern, impacting trust and transparency. Overall, the website presents a legitimate and professional business presence with moderate risk, primarily due to domain registration opacity.

The website www.elita.blog serves as a professional magazine and blog platform focused on technology, business, IT, and related topics primarily for a Czech-speaking audience. It is closely associated with ARICOMA, a technology company, which is evident from branding and linked parent company references. The site offers curated articles, interviews, and insights targeting professionals and enthusiasts interested in digital transformation, public administration, and innovation. Technically, the site employs modern frontend technologies including jQuery, Bootstrap, Google reCAPTCHA, and Google Tag Manager, ensuring a responsive and user-friendly experience. Security posture is adequate with HTTPS enforced and basic security practices like CAPTCHA and cookie consent implemented, though some security headers are missing. Privacy compliance is addressed through cookie consent and links to GDPR information on the parent company site. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, though the professional presentation and parent company association mitigate this concern. Overall, the site is well-positioned as a niche media outlet within the technology sector in the Czech Republic.

P

PowerPlay Studio

powerplay.studio

10

PowerPlay Studio is a Slovakia-based game development company specializing in sports games with a global player base. Founded in 2007, it has developed multiple popular titles and maintains a professional web presence with detailed information about its games, leadership, and history. The company participates in notable programs such as the Google for Startups Accelerator, enhancing its market credibility. Technically, the website is modern, mobile-optimized, and uses Google Tag Manager for analytics, though it lacks some advanced security headers and cookie consent mechanisms. The security posture is generally good with HTTPS enforced and no visible vulnerabilities, but improvements in security headers and privacy compliance are recommended. WHOIS data is unavailable due to privacy protection, which is typical for such businesses and does not raise immediate concerns. Overall, the website is professional, trustworthy, and well-positioned in the sports gaming industry.

The website clubkodomo.fr is a small French-language blog focused on Kodomo-related content, including privacy policies, cookie policies, terms of service, and judo-related articles. The site uses WordPress CMS with a modern tech stack including Bootstrap and jQuery, and is optimized for mobile with basic SEO and accessibility features. The site is served over HTTPS with a valid SSL certificate, but lacks advanced security headers and explicit security or incident response policies. No contact information or business details are provided, and WHOIS data is unavailable, which raises concerns about domain legitimacy. Overall, the site provides basic informational content with moderate technical maturity but limited business credibility and security posture.

K

Cykloobchod, eshop a cykloservis | kubicasport.eu

kubicasport.eu

53

Kubicasport.eu is an established Slovakian e-commerce retailer specializing in cycling and winter sports equipment and services, operating since 1993. The website offers a comprehensive product catalog including bicycles, e-bikes, cycling apparel, accessories, and winter sports gear, supported by a bicycle and e-bike servicing business. The platform is professionally designed with good navigation and mobile optimization, leveraging modern web technologies such as Bootstrap, Google Tag Manager, and Facebook Pixel for marketing and analytics. Security posture is adequate with HTTPS enabled and cookie consent mechanisms in place, though the absence of a privacy policy and terms of service pages represents compliance gaps. The domain registration data aligns well with the business claims, indicating legitimacy and trustworthiness. Overall, the website presents a solid digital presence with room for improvement in privacy and security documentation.

N

Nadace Partnerství

stromroku.cz

54

Nadace Partnerství operates the Strom roku website as a non-profit platform dedicated to promoting environmental awareness and community engagement through an annual tree contest. The organization has a strong market presence in the Czech Republic with over two decades of activity, supported by recognized partners such as Ondrášovka mineral water and the European Tree of the Year initiative. The website effectively communicates its mission and engages its audience with clear navigation, social media integration, and relevant content. Technically, the site uses a modern stack including AngularJS, jQuery, Bootstrap, and Kentico CMS, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. The absence of WHOIS data reduces transparency but does not significantly detract from the site's legitimacy given the strong business signals and partner ecosystem.

C

Corneliani S.p.A.

corneliani.com

74

Corneliani S.p.A. is a well-established Italian luxury menswear brand specializing in high-end clothing, shoes, and accessories. The company targets discerning male customers seeking timeless elegance and quality craftsmanship. The website serves as an official e-commerce platform offering the latest collections, gift cards, and store locator services, supporting a global audience with multiple language and country versions. The business model focuses on direct retail through an online store, complemented by physical retail presence. Technically, the website is built on the Magento Commerce platform, leveraging modern JavaScript libraries such as RequireJS, KnockoutJS, and jQuery. It integrates advanced marketing and payment tools including Google Tag Manager, Klarna, Amazon Pay, and Hotjar for analytics and user experience enhancement. The site is mobile optimized and demonstrates good SEO and accessibility practices. From a security perspective, the site enforces HTTPS, uses reCAPTCHA on login forms, and applies secure cookie settings. However, some security headers are not explicitly visible in the HTML source and could be verified or improved. No explicit security policy or incident response contact is published, which could be enhanced to improve trust and compliance. Overall, the website presents a professional and trustworthy front for Corneliani's luxury retail business. The main concern is the absence of WHOIS registration data, which is unusual for a commercial domain and slightly reduces domain trustworthiness. This may be due to privacy protection or a WHOIS server issue. Strategic recommendations include verifying domain registration details, enhancing security headers, and publishing a security policy and incident response information.

A

AXIMA, spol. s r. o.

axima-obchod.cz

63

AXIMA, spol. s r. o. is a Czech-based medium-sized company specializing in wholesale distribution of electrotechnical materials and industrial automation components. With over 24 years of market presence, it serves primarily B2B customers in the Czech Republic and Slovakia, offering a wide range of products including power supplies, connectors, sensors, and safety equipment. The website reflects a professional and well-structured digital presence with clear product categorization and manufacturer partnerships. Technically, the site uses modern JavaScript libraries and tracking tools such as Google Analytics and Google Tag Manager, and is mobile optimized with good SEO practices. Security posture is adequate with HTTPS enforced but lacks some recommended security headers like Content-Security-Policy and X-Frame-Options. Privacy and cookie policies are not explicitly found, indicating room for compliance improvement. WHOIS data is unavailable, limiting domain trust verification, but the website content and contact information suggest a legitimate business. Overall, the site scores well in content quality and business credibility but should enhance privacy compliance and security headers to improve trust and compliance.

F

Formulayt

gatedcontent.com

64

Formulayt is an enterprise-focused SaaS platform specializing in scalable web form management and compliance for marketing operations teams. The company offers a solution that enables rapid deployment, governance, and updating of web forms integrated with major marketing automation platforms. The website presents a professional and polished digital presence with strong branding and customer trust signals, including testimonials and logos of reputable clients. Technically, the site is built on WordPress with modern performance and analytics tools, hosted with Cloudflare DNS and registrar services. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be improved. Privacy compliance is partially addressed via a detailed cookie consent banner, but no explicit privacy policy or terms of service pages were found in the provided content. Overall, the domain registration is consistent with the business timeline and shows no suspicious patterns.

Č

Člověk v tísni

doucujte.cz

56

Doučujte.cz is a Czech non-profit educational platform affiliated with the reputable organization Člověk v tísni. The website focuses on supporting children in need through tutoring and provides methodological support to volunteers, non-profit workers, students, parents, and teachers. It offers curated materials, tips, and recommendations to facilitate and enhance tutoring efforts. The platform targets a broad audience involved in educational support and operates primarily in the Czech Republic. Technically, the website is built on WordPress CMS, utilizing popular plugins such as Yoast SEO for optimization, Cookiebot for cookie consent management, and Google Tag Manager for analytics. The site is well-structured with good mobile optimization and moderate performance. It employs HTTPS with a strong SSL configuration and includes cookie consent mechanisms, reflecting a reasonable level of digital maturity. From a security perspective, the site enforces HTTPS and uses cookie consent to comply with privacy regulations. However, some advanced security headers like Content-Security-Policy are not confirmed, and no security.txt or vulnerability disclosure pages are present. No exposed sensitive data or vulnerabilities were detected in the HTML content. The absence of explicit privacy policy and terms of service pages slightly impacts privacy compliance. Overall, Doučujte.cz presents a trustworthy and professional online presence for a non-profit educational initiative. The lack of WHOIS data is consistent with privacy protection practices common among non-profits. Strategic recommendations include publishing clear privacy and terms policies, enhancing security headers, and providing explicit contact information for security and privacy concerns to strengthen trust and compliance.

M

MEDIA MARKETING SERVICES a.s.

fajnradio.cz

57

Fajn Rádio is a Czech media company operating multiple radio streams and digital content platforms including podcasts and music playlists. The website presents a professional and consistent brand image targeting general music listeners in the Czech Republic. Their business model centers on media broadcasting and digital engagement with advertising and listener clubs as key revenue streams. Technically, the site uses a modern JavaScript stack with frameworks like Foundation and libraries such as jQuery, Slick Carousel, and MixItUp, supported by Google Tag Manager and Facebook Pixel for analytics and marketing. The site is mobile-optimized and SEO-friendly with good accessibility features. Security posture is solid with HTTPS enforced, CSRF tokens, and cookie consent mechanisms, though some security headers could be improved. No critical vulnerabilities or privacy compliance issues were detected. Overall, the site is trustworthy and professionally maintained, with clear contact information and GDPR-compliant privacy practices.

L

Landes Chalosse Tourisme | Vos vacances dans le Sud-Ouest

landes-chalosse.com

59

The website www.landes-chalosse.com serves as the official tourism portal for the Landes Chalosse region in southwestern France. It provides comprehensive information about local attractions, events, accommodations, dining, and activities, targeting tourists and visitors interested in exploring this cultural and natural area. The site integrates booking functionalities and promotes regional heritage and leisure options, positioning itself as a key regional tourism resource. Technically, the site is built on Drupal CMS with AngularJS enhancements, leveraging modern web technologies such as Bootstrap, jQuery, and Leaflet for interactive maps. It employs Google Tag Manager and Zendesk Chat for analytics and user engagement. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, but lacks several important security headers and explicit privacy or security policies. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Overall, the site is professionally designed and functional, serving its tourism promotion purpose effectively. The main risks relate to incomplete WHOIS information and minimal security policy disclosures. Strategic improvements in security headers, privacy documentation, and WHOIS transparency would enhance trust and compliance.

C

Continental Aftermarket

continental-aftermarket.com

64

Continental Aftermarket is a division of Continental AG, a leading global automotive supplier. The website serves as a comprehensive portal for their aftermarket products and services, targeting automotive professionals, workshops, and distributors. It offers extensive product categories including batteries, brakes, tires, workshop equipment, and specialized vehicle components, supported by training and service programs. The brand is well-established with multiple subsidiaries and a strong market presence in Germany and internationally. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Facebook Pixel, and a consent management platform to ensure compliance with privacy regulations. The site is mobile-optimized, uses HTTPS with a Content Security Policy, and integrates reCAPTCHA Enterprise for form security. The CMS appears to be TYPO3, a robust enterprise content management system. Performance is moderate with good SEO and accessibility basics. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSP headers, and consent management. However, DNSSEC is not enabled, and additional security headers could be added to enhance protection. No explicit security policy or incident response contacts are publicly available, and no vulnerability disclosure mechanism was found. Overall, the website is professional, trustworthy, and compliant with GDPR. The domain registration data aligns with the business profile, indicating legitimacy. There are no signs of malicious content or security issues. Strategic improvements could focus on enhancing security headers, publishing security policies, and enabling DNSSEC to further strengthen the security posture.

G

GALARD

galard.cz

46

GALARD is a Czech bespoke tailoring company specializing in custom suits, shirts, shoes, and gentleman's accessories. With over a decade of experience, it serves a discerning male clientele seeking high-quality, personalized fashion. The company operates physical salons in Prague and Brno and offers personalized services including home and office visits, express production, and fashion consultations. The website reflects a professional and consistent brand image with good content quality and clear navigation. Technically, the site employs modern tracking and marketing tools such as Google Tag Manager and Facebook Pixel, with a cookie consent mechanism in place, indicating GDPR compliance awareness. Security posture is generally good with HTTPS enforced, but lacks some security headers and explicit incident response information. WHOIS data is unavailable, which slightly impacts domain trustworthiness but does not detract from the overall legitimacy of the business. The site is safe for general audiences and free from adult or questionable content.

AURES Holdings a.s. is a leading European automotive retail company specializing in the sale of pre-owned cars through multiple established brands such as AAA AUTO, Mototechna, and RESULMATIC. With a history dating back to 1992 and a customer base exceeding 3.3 million, the company operates primarily in Central and Eastern Europe, holding market leadership positions in several countries. Their business model leverages advanced data analytics, machine learning, and omnichannel sales strategies to optimize sourcing, pricing, and customer engagement. Technically, the website employs modern JavaScript libraries and analytics tools, with a responsive design and good SEO practices, though some accessibility and security header improvements are possible. Security posture is solid with HTTPS and cookie consent mechanisms, but lacks explicit security policies and incident response contacts. Overall, the website is professional, trustworthy, and compliant with GDPR, supporting the company's credible market presence.

C

Carlton Football Club

carltonians.com.au

54

Carlton Football Club operates a professional and well-branded corporate hospitality website focused on the Carltonians Coterie match-day experience. The site targets business professionals and club supporters offering premium hospitality packages at major stadiums. The digital infrastructure uses modern JavaScript libraries and tracking tools, with a responsive design and good SEO practices. Security posture is solid with HTTPS and no visible vulnerabilities, though some security headers and cookie consent mechanisms are missing. WHOIS data is unavailable due to privacy policies, but the site’s branding and external links support legitimacy. Overall, the site presents a trustworthy and professional digital presence for the club's hospitality services.

F

Feedify

feedify.net

60

Feedify is a technology company specializing in push notification and web push marketing solutions aimed at e-commerce businesses and marketers. Their SaaS platform helps clients increase customer engagement and conversions through targeted push notifications. The website presents a professional design with consistent branding and clear service offerings, positioning Feedify as a niche player in the push marketing space. Technically, the site uses modern web technologies including Google Tag Manager and reCAPTCHA, hosted on a CDN, with good mobile optimization and moderate performance. Security posture is solid with HTTPS and bot protection, but lacks explicit security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is limited to a contact form without direct emails or phone numbers. WHOIS data indicates a legitimate and consistent domain registration supporting business credibility. Overall, the site is professional and safe but would benefit from enhanced privacy and security disclosures.

BeSMART.ie is an official online platform developed by the Health & Safety Authority of Ireland to assist businesses in creating safety statements and conducting risk assessments. The website targets Irish businesses across multiple sectors including agriculture, construction, and other industries, providing tailored health and safety compliance resources. It holds a strong market position as a government-backed authoritative resource, supporting over 300 business types with sector-specific guidance. Technically, the website employs a modern tech stack including jQuery, Foundation CSS framework, and various JavaScript libraries for UI enhancements and cookie management. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Cookie consent is implemented with granular user controls, reflecting good privacy compliance practices. From a security perspective, the site enforces HTTPS, uses CSRF tokens on login forms, and integrates cookie consent mechanisms. However, it lacks DNSSEC and some advanced security headers, and does not publish a security policy or vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected. Overall, BeSMART.ie presents a trustworthy, professional, and secure platform suitable for its government service role. Strategic improvements in security headers, DNSSEC, and transparency around security policies would further enhance its posture and user trust.

T

Těhotenství od A do Z | Těhotenství.cz

tehotenstvi.cz

45

The website www.tehotenstvi.cz is a Czech language informational portal focused on pregnancy, conception, childbirth, postpartum care, and baby care. It offers a wide range of articles, calculators, and online counseling services targeting pregnant women and parents. The site is well-structured with clear navigation and regularly updated content, positioning it as a reputable resource in the Czech healthcare and parenting media sector. Technically, it is built on Drupal 9 with modern front-end libraries and integrates multiple advertising and analytics services. The site uses HTTPS with good SSL configuration but lacks some security headers and a cookie consent mechanism, which are areas for improvement. The WHOIS data for the domain is missing, which reduces transparency and trustworthiness from a domain registration perspective. Overall, the site demonstrates a moderate to good security posture and privacy compliance, with recommendations to enhance security headers and explicit cookie consent. The content is safe for general audiences with no adult or explicit material detected.

R

Raccourci Interactive

cloudly.space

58

Raccourci Interactive is a well-established French digital agency specializing in e-tourism solutions, including web development and mobile application creation for tourism offices. Positioned among the top 5 e-tourism agencies in France, it operates through a group structure including subsidiaries such as Idnet Marketing and Tactyl. The website reflects a professional digital presence with a focus on tourism destinations and client references. Technically, the site uses Drupal 7 CMS combined with AngularJS and Bootstrap frameworks, integrating modern mapping and analytics technologies. Security posture is strong with HTTPS enforced and IP anonymization in analytics, though additional security headers and a formal security policy could enhance protection. Privacy compliance is supported by a cookie consent mechanism, but a dedicated privacy policy page is not clearly found. WHOIS data is missing, which slightly impacts trust but the overall business credibility remains high due to transparent contact information and social media presence.

B

Bistro Paulus

bistro-paulus.cz

42

Bistro Paulus is a modern bistro located in Olomouc, Czech Republic, founded by Michelin-starred chef Roman Paulus. The business offers a unique blend of traditional Czech cuisine with international influences, targeting a broad audience interested in quality dining experiences. The website reflects a professional and consistent brand image, providing clear information about services including lunch menus, catering, cooking schools, and private events. Technically, the site is built on WordPress using the Divi theme, incorporating modern JavaScript libraries and tracking tools such as Google Tag Manager and CookieYes for compliance. Security posture is good with HTTPS enabled and cookie consent implemented, though some security headers could be improved. Privacy policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and well-positioned in the hospitality sector.

L

Ligová fotbalová asociace

lfafotbal.cz

46

Ligová fotbalová asociace (LFA) is a professional football association representing Czech Republic's top football clubs. It aims to enhance the prestige of the highest football competitions and advocates for the interests of professional clubs. The website provides information about projects, committees, documents, media, and organizational structure, targeting football clubs, fans, and industry stakeholders. Technically, the website uses modern web technologies including Google Analytics and Facebook SDK, with a cookie consent mechanism implemented for GDPR compliance. Security posture is moderate with HTTPS enabled but lacks some security headers and explicit privacy policies. The absence of WHOIS data and registrant information reduces domain trustworthiness, and suspicious hidden links in the footer suggest potential SEO spam risks. Overall, the website is professional and functional but would benefit from improved transparency and security documentation.

T

TRACE International, Inc.

traceinternational.org

65

TRACE International, Inc. operates as a non-profit organization providing compliance tools and resources to companies aiming to adhere to anti-bribery laws such as the U.S. Foreign Corrupt Practices Act and the UK Bribery Act. Their business model is membership-based, pooling dues to develop shared compliance resources including eLearning and a member resource center. The organization is positioned as a globally recognized compliance community resource with a focus on ethical business practices. Technically, the website employs modern web technologies including Nuxt.js, jQuery, Bootstrap, and integrates third-party services such as HubSpot for marketing and analytics. The site is hosted partially on Microsoft Azure Blob Storage for media assets and demonstrates moderate performance with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits the ability to fully verify domain legitimacy, though the website content and branding suggest a professional and trustworthy organization. Overall, the website presents a solid compliance-focused resource with good content quality and technical implementation. Enhancements in security headers and transparency around security policies would strengthen its security posture and trustworthiness.

I

INTERTANKO

intertanko.com

66

INTERTANKO is a well-established international association representing independent tanker owners, focusing on safety, environmental protection, and operational excellence within the maritime tanker industry. The website serves as a comprehensive resource for members and industry stakeholders, offering guidance, publications, event information, and benchmarking tools. The organization positions itself as a leading voice in the tanker shipping sector with a medium-sized membership base and a history dating back to 1970. Technically, the website is built on Joomla CMS with modern front-end libraries such as jQuery and Bootstrap, supplemented by interactive elements like Smart Slider 3 and Slick Carousel. The site is mobile-optimized and demonstrates good performance and SEO practices. However, some accessibility features could be improved. Security-wise, the site enforces HTTPS and uses CSRF tokens in forms but lacks visible security headers and explicit incident response or security policy disclosures. The WHOIS data for the domain is missing, which raises some concerns about domain registration transparency and trustworthiness. Despite this, the website content, branding, and external trust signals such as a Comodo Secure Seal and LinkedIn presence support the legitimacy of the organization. Privacy compliance is partially addressed with a privacy policy and terms of service, but cookie consent mechanisms are absent. Overall, the website is professional and functional, serving its target audience effectively. Strategic improvements in security headers, cookie consent, and WHOIS transparency would enhance trust and compliance.

K

Kup-Kytici

kup-kytici.cz

51

Kup-Kytici.cz is an established Czech Republic based e-commerce platform specializing in online flower sales and same-day delivery services. The website offers a wide range of flower bouquets, gift add-ons, and regional delivery options, targeting consumers seeking convenient and reliable flower delivery. The platform is professionally designed with good content quality, clear navigation, and multi-language support. Technically, it leverages modern web technologies including jQuery, Bootstrap, and various analytics and marketing tools, ensuring a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data limits domain transparency but does not detract from the overall legitimacy of the business. Contact information and social media presence enhance trust. Overall, the site is a credible and functional online flower delivery service with room for security and compliance enhancements.

F

Flora Online

flora-online.sk

49

Flora Online is an established Slovak e-commerce business specializing in flower delivery services with a promise of fast delivery within 90 minutes. The company sources fresh flowers from the Dutch flower market and offers a wide range of bouquets and gift items. The website is professionally designed, multilingual, and supports multiple currencies, targeting consumers in Slovakia. The technical infrastructure includes modern analytics and marketing tools such as Google Tag Manager, Facebook Pixel, TikTok Pixel, and Klaviyo, alongside a live chat service for customer support. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. The business demonstrates good compliance with GDPR through privacy and cookie policies. Overall, the website presents a trustworthy and professional online retail platform with a strong market position in Slovakia.

F

Flora Online

flora-online.cz

49

Flora Online is an established Czech Republic-based e-commerce platform specializing in flower delivery services across the Czech Republic and Slovakia. The website offers a wide range of fresh flower bouquets, gift sets, and related products with same-day delivery options, targeting general consumers seeking convenient online flower shopping. The business has been operating since at least 2013 and provides multiple secure payment methods including PayPal, Apple Pay, and Google Pay. The site is professionally designed with consistent branding and good content quality, supporting multiple languages and currencies.

F

FC Baník Ostrava

fcb.cz

42

FC Baník Ostrava is a well-established Czech football club with a strong digital presence through its official website. The site offers comprehensive information about the club, including team rosters, match schedules, ticket sales, multimedia content, and fan engagement tools. The business model revolves around sports entertainment, merchandising, and community involvement, supported by partnerships with ticketing platforms and sponsors. The website is professionally designed with consistent branding and good content quality, targeting football fans and local supporters.

H

Havas Creative

havascreative.com

68

Havas Creative is a globally integrated advertising and communications agency established in 2012, operating through a unique village model with 73 offices worldwide. The company offers a broad range of services including creative advertising, media planning, content creation, data-driven marketing, and customer experience solutions. Their website reflects a professional and consistent brand image targeting businesses and brands seeking comprehensive marketing solutions. Technically, the website is built on WordPress with modern SEO and analytics tools, hosted by Gandi SAS, and demonstrates good mobile optimization and performance. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and no explicit security policies or vulnerability disclosures are published. Privacy compliance is supported by a OneTrust cookie consent mechanism, but no visible privacy or terms of service pages were found on the homepage. Overall, the website is trustworthy and well-maintained, with room for improvement in security transparency and privacy documentation.

A

American Council of Academic Physical Therapy

acapt.org

60

The American Council of Academic Physical Therapy (ACAPT) is a well-established non-profit organization dedicated to advancing academic physical therapy education in the United States. The website serves as a comprehensive resource hub for academic institutions, educators, and students, offering leadership, educational events, research resources, and advocacy. The organization is positioned as a leader in its niche with a clear mission and strong ties to the American Physical Therapy Association (APTA). Technically, the website is built on a mature CMS platform (Telerik Sitefinity) with a technology stack including ASP.NET, Bootstrap, and jQuery. While the site is generally well-structured and mobile-optimized, some technical debt is evident in the use of older JavaScript libraries and lack of advanced security headers. Security posture is adequate with HTTPS and domain protections but could be improved by enabling DNSSEC and implementing modern security headers. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. Overall, the site is professional, trustworthy, and safe for its intended audience.

M

MEDIA MARKETING SERVICES a.s.

hitradioorion.cz

53

Hitrádio Orion is a well-established regional radio station based in the Czech Republic, primarily serving the Moravia and Silesia regions. The website offers live streaming of multiple radio channels, podcasts, playlists, and local news content. It targets Czech-speaking listeners interested in regional music and cultural programming. The business operates on an advertising-supported model with a strong digital presence including social media channels and online engagement tools. Technically, the website employs modern web technologies such as Google Tag Manager, Facebook Pixel, and the Foundation CSS framework. It is hosted likely by the registrar REG-ACTIVE24, a known Czech provider. The site is mobile-optimized with good SEO and accessibility features, though some security headers could be improved. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting a mature approach to data protection. From a security perspective, the site uses HTTPS with a good SSL configuration and includes CSRF tokens for form security. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of a public security policy or incident response information suggests room for improvement in transparency and readiness. Overall, the security posture is solid but could benefit from enhanced HTTP security headers and formal vulnerability disclosure mechanisms. The domain is long-standing (since 2005) and WHOIS data aligns well with the website's business claims, supporting legitimacy and trustworthiness. No WAF or blocking mechanisms interfere with content access, enabling full analysis. The content is safe for general audiences with no adult or explicit material. Strategic recommendations include improving security headers, publishing a security policy, and establishing a vulnerability disclosure process to further enhance trust and compliance.

O

OANNA

oanna.be

40

OANNA is a small creative agency based in Liège, Belgium, specializing in web design, branding, digital marketing, strategy, and video production. The company targets businesses seeking comprehensive communication and marketing services to enhance their market presence. The website reflects a professional and creative approach with good content quality and consistent branding. Technically, the site uses a CMS Made Simple platform hosted by OVH, integrates multiple modern JavaScript libraries and marketing tools, and implements GDPR-compliant cookie consent mechanisms. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though lacks explicit security policies and headers. Overall, the website is trustworthy and well-positioned in its niche, with room for improvement in security transparency and contact information visibility.

The Clinical Laboratory Marketplace, operated by MultiView, is a well-established B2B online directory and marketplace serving laboratory medicine professionals. Founded in 2008, it provides categorized listings of products and services relevant to clinical laboratories, including featured companies and vendor showcases. The website targets healthcare industry professionals seeking laboratory products and services, positioning itself as a trusted resource within this niche market. The platform leverages modern web technologies such as Bootstrap, jQuery, and various carousel libraries to deliver a responsive and user-friendly experience. It integrates multiple advertising and analytics services, including Adzerk, Google Analytics, and Piwik, to support its business model and marketing efforts. Security-wise, the site uses HTTPS and benefits from domain registration protections but lacks DNSSEC and explicit security headers, which are recommended for enhanced security. Privacy compliance is basic, with a privacy policy and terms of use present but no cookie consent mechanism detected. Contact information is available via phone and contact forms, though no direct company emails or social media links are found in the analyzed content. Overall, the website demonstrates a solid technical foundation and business credibility, with room for improvement in security and privacy practices.

H

Havas CX Network

havascx.com

69

Havas CX is a global customer experience consulting network operating under the Havas Group umbrella. Founded in 2020, it brings together over 1,800 CX specialists across 19 countries to deliver meaningful customer experiences through strategy, design, and engagement services. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content tailored to business clients seeking CX transformation. Technically, the site is built on WordPress with modern frameworks and integrates analytics and consent management tools, indicating a good level of digital maturity. Security posture is solid with HTTPS and domain protections, though improvements like DNSSEC and security headers could enhance it further. Privacy compliance is well addressed with accessible policies and cookie consent mechanisms. Overall, the site projects high business credibility and trustworthiness with no critical security or content safety concerns.