Security Directory

B

BBH, advokátní kancelář, s.r.o.

bbh.cz

46

BBH, advokátní kancelář, s.r.o. is a well-established Czech law firm founded in 1999, specializing in banking, financial, insurance, corporate, IT/IP, real estate, and dispute resolution legal services. The firm targets clients requiring expert legal counsel in these sectors and positions itself as a trusted, experienced legal partner with a strong client success record. The website reflects a professional image with detailed team presentations and service descriptions, supporting its market position. Technically, the website employs a modern tech stack including jQuery and Google Analytics, hosted on websupport.cz infrastructure. It demonstrates good performance, mobile optimization, and basic accessibility. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the site uses HTTPS with excellent SSL configuration and implements cookie consent mechanisms. However, it lacks explicit security headers and a published security or incident response policy. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is partial due to the absence of a dedicated privacy policy page, though cookie consent is managed responsibly. Overall, the website is trustworthy and professional with a strong business credibility score. Strategic improvements include publishing a privacy policy, enhancing security headers, and establishing a vulnerability disclosure process to further strengthen security posture and compliance.

L

Lounais-Suomen Taxidata Oy

taxidata.fi

55

Lounais-Suomen Taxidata Oy operates as a major taxi dispatch and transportation service provider in Southwest Finland, serving multiple municipalities with a fleet of approximately 460 taxis. The company offers a variety of taxi services including normal, eco-friendly, premium, and accessible vehicles, as well as parcel and food delivery. The website reflects a well-established business with a history dating back to 1953 and a modern digital presence since 2016. The company targets both consumers and businesses in the region, emphasizing reliability, safety, and local expertise. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Tag Manager, Piwik PRO analytics, and GDPR-compliant cookie management via Complianz. The site is mobile-optimized, uses HTTPS, and integrates reCAPTCHA for form security. Performance is moderate with good SEO and accessibility basics in place. From a security perspective, the site enforces HTTPS and employs privacy and cookie consent mechanisms aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, some security headers could be improved for enhanced protection. The WHOIS data is transparent and consistent with the business identity, registered through a reputable Finnish registrar without privacy protection, supporting legitimacy. Overall, the website demonstrates a strong security posture, good privacy compliance, and professional business credibility. It effectively serves its target audience with clear contact information and service offerings. Strategic recommendations include enhancing security headers, maintaining up-to-date software, and publishing formal security policies to further strengthen trust and compliance.

T

The Open Group OSDU Forum

osduforum.org

57

The Open Group OSDU Forum is a large, industry-focused consortium dedicated to developing an open source, standards-based data platform for the energy sector. The forum facilitates collaboration among operators, developers, academic institutions, and the open source community to accelerate innovation and reduce time to market for energy technology solutions. The website serves as a hub for membership information, community engagement, training, consulting, and a catalog of compatible applications and services. Technically, the site is built on WordPress with modern frameworks and integrates Google Analytics for user tracking. Security posture is adequate with HTTPS and anti-clickjacking measures but lacks advanced security headers and DNSSEC. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism. The domain is privacy protected but consistent with the business type and age. Overall, the website is professional, trustworthy, and well-positioned as a leading industry forum.

J

Joiku Booking

joikubooking.com

61

Joiku Booking is a Finnish technology company specializing in booking and sales solutions for tourism entrepreneurs, with over 30 years of experience. Their platform enables small accommodation businesses, campgrounds, and tourism operators to manage bookings, sales channels, and online stores efficiently. The website is professionally designed, mobile-optimized, and uses modern web technologies including Ruby on Rails, Google Analytics, and Rollbar for error monitoring. Security is generally good with HTTPS enforced, but lacks explicit privacy and cookie policies, which impacts compliance. WHOIS data is missing, which raises some concerns about domain legitimacy despite the active and professional web presence.

F

Fitnesstukku

fitnesstukku.fi

61

Fitnesstukku.fi is a leading Finnish e-commerce platform specializing in fitness supplements, workout apparel, and training equipment. It holds a strong market position as the largest selection provider in Finland, targeting health-conscious consumers and fitness enthusiasts. The website offers comprehensive product categories, free delivery over a threshold, price guarantees, and customer-friendly return policies, enhancing its competitive edge. Technically, the site is built on Salesforce Commerce Cloud, leveraging modern analytics, marketing, and customer engagement tools such as Google Tag Manager, reCAPTCHA, and Dixa Messenger. The platform demonstrates good digital maturity with responsive design and structured navigation. Security posture is robust with HTTPS, security headers, and bot protection, although explicit security policies and incident response contacts are not publicly disclosed. Privacy compliance is evident with GDPR-aligned privacy and cookie policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-optimized for its target market.

E

E4YOU spol. s r.o.

e4you.cz

58

E4YOU spol. s r.o. is a Czech technology company established in 2000 specializing in developing mobile marketing systems, CRM intranets and extranets, school intranets, web design, SEO, hosting, and technical support services. The company targets businesses requiring comprehensive marketing and IT solutions, offering tailored software and hosting services. Their market position is supported by a long domain history and a client base including reputable international brands. Technically, the website uses modern JavaScript libraries, Google Analytics with consent management via Cookiebot, and demonstrates good mobile optimization and SEO practices. However, security posture is moderate due to lack of visible security headers and published security policies. Privacy compliance is partial with cookie consent but no privacy or terms policies found. Overall, the site is professional and trustworthy with clear contact information and business legitimacy. Strategic improvements in security headers, privacy documentation, and incident response disclosures are recommended.

V

Vorlíček

vorlicek-okna.cz

53

Vorlíček is a Czech-based manufacturer and retailer specializing in high-quality plastic windows, doors, and related building products such as shading systems, ventilation, pergolas, and garage doors. The company emphasizes custom solutions tailored to energy savings and comfortable living, with a strong focus on innovation and customer satisfaction. The website reflects a mature business with over 25 years of experience and a solid regional presence in the Czech Republic. Technically, the website uses modern JavaScript libraries and tracking tools, including jQuery, OwlCarousel, Microsoft Clarity, and Google Analytics, indicating a moderate level of digital maturity. Security-wise, the site enforces HTTPS and provides cookie consent mechanisms but lacks advanced security headers and incident response contact information. The absence of WHOIS data limits domain trust verification, but the website content and business indicators suggest legitimacy. Overall, the site is professional and trustworthy but would benefit from enhanced privacy and security disclosures.

V

VORLÍČEK - PLAST s.r.o.

radceprodum.cz

44

The website www.radceprodum.cz serves as an informational guide focused on helping customers select the right windows and doors for their homes. It is operated by VORLÍČEK - PLAST s.r.o., a Czech company with over 25 years of experience in the manufacturing and retail of windows, doors, and related products. The site targets homeowners and builders in the Czech Republic, providing detailed advice and technical information to support purchasing decisions. The business model centers on product education and brand promotion, positioning itself as a trusted regional player in the home improvement sector. Technically, the website employs modern web technologies including jQuery, Google Analytics, Smartlook, and cookie consent management via Orejime. The site is mobile-optimized with good SEO practices and moderate performance. While no CMS or hosting provider details are evident, the technical stack supports a professional user experience with animations and interactive elements. From a security perspective, the site enforces HTTPS and implements cookie consent with opt-in mechanisms for analytics and marketing cookies, demonstrating GDPR compliance. However, no explicit security headers were detected in the provided data, and no incident response or vulnerability disclosure information is available. The WHOIS data is missing or privacy-protected, limiting domain ownership verification and reducing trustworthiness somewhat. Overall, the website is professionally designed and content-rich, with good privacy compliance and moderate security posture. The main risks relate to the lack of WHOIS transparency and absence of explicit security policies or contact information. Strategic improvements in these areas would enhance trust and security posture significantly.

E

eSports.cz, s.r.o.

sportytv.cz

48

SPORTY TV is a Czech-based media platform operated by eSports.cz, s.r.o., offering free live streaming of various sports including volleyball, basketball, hockey, and more. The website targets general sports fans in the Czech Republic and provides additional content such as articles and TV program schedules. The business model focuses on free access to sports content, likely monetized through advertising and partnerships. Technically, the site uses modern web standards with responsive design and integrates Google Analytics for user tracking. Hosting is provided by websupport.cz, a known Czech hosting provider. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response information. Privacy compliance is basic but present, with clear privacy and cookie policies. The domain registration is transparent and consistent with the business identity, supporting legitimacy. Overall, the website is professional, safe, and well-structured, though improvements in security policies and contact transparency could enhance trust.

F

Floweb Oy

floweb.fi

51

Floweb Oy is a Finnish company specializing in developing easy-to-use e-commerce platforms tailored primarily for flower shops and bakeries. Their flagship product, eKukka.fi, is positioned as a turnkey solution for flower industry entrepreneurs, emphasizing simplicity and integrated payment services. The company holds the Avainlippu certification, underscoring its Finnish origin and commitment to domestic quality. The website reflects a professional and consistent brand image, targeting Finnish small business owners in the retail and e-commerce sectors. Technically, the website is built on WordPress using the Divi theme, hosted likely on AWS infrastructure as indicated by the DNS nameservers. The site employs modern web technologies including Google Fonts and Google Analytics for tracking. Mobile optimization and SEO practices are good, although accessibility features are basic. Performance is moderate, with room for improvement in security hardening such as implementing DNSSEC and security headers. From a security perspective, the site uses HTTPS with a valid SSL certificate, ensuring encrypted communications. However, it lacks advanced security headers and does not implement DNSSEC, which could enhance DNS security. No privacy or cookie policies are present, representing a compliance gap with GDPR and related regulations. No incident response or vulnerability disclosure information is available, which could be improved to enhance trust and transparency. Overall, Floweb Oy presents a credible and professional online presence with a clear business focus and established domain history. Strategic improvements in privacy compliance and security practices would strengthen their risk posture and customer trust.

B

Brio USA

briousa.com

61

Brio USA is a specialized manufacturer and distributor of sliding and folding door hardware and screen solutions, serving residential and commercial markets. As part of the Allegion family of brands, it maintains a solid market position with a focused product range. The website reflects a mature digital presence built on WordPress, leveraging common SEO and analytics tools, and providing clear user navigation and contact options. Security posture is good with HTTPS enforcement and cookie consent mechanisms, though improvements like DNSSEC and enhanced security headers are recommended. Overall, the site is professional, trustworthy, and compliant with privacy regulations.

K

Kotokartanosäätiö

kotokartanosaatio.fi

45

Kotokartanosäätiö is a Finnish non-profit foundation dedicated to supporting the wellbeing, functional capacity, and social inclusion of senior citizens. The organization offers a variety of community activities, including fitness facilities, educational lectures, digital guidance, group courses, meeting places, volunteer activities, and peer support. Their services are targeted primarily at the elderly population in Riihimäki, Finland, positioning them as a local leader in senior wellbeing initiatives. The website reflects a well-maintained digital presence with clear navigation and relevant content tailored to their audience. Technically, the site is built on WordPress with modern libraries such as jQuery, Slick Carousel, and FontAwesome, and it integrates Google Analytics for user tracking. The site is mobile-optimized and SEO-friendly, though some accessibility features could be enhanced. Security-wise, the site uses HTTPS and some security headers but lacks advanced policies like CSP and a cookie consent mechanism, which are recommended for GDPR compliance. No incident response or vulnerability disclosure information is published, which could be improved to enhance trust and readiness. Overall, the website is professional, trustworthy, and serves its community focus well, with room for security and privacy enhancements.

H

HELUZ GROUP

heluzgroup.cz

42

HELUZ GROUP is a large, established multinational company based in the Czech Republic, with a history dating back to 1876. The company operates primarily in manufacturing building materials such as masonry systems, chimney systems, insulating glass, and wood products. Additionally, it has diversified into real estate development, marketing services, and sports facility management. The website reflects a professional and consistent brand image with clear information about its subsidiaries and services. Technically, the website uses modern JavaScript libraries and Google Analytics, indicating moderate digital maturity. However, the absence of privacy and cookie policies and missing WHOIS data reduce transparency and compliance. Security posture is adequate with HTTPS enabled but lacks advanced security headers and incident response contact information. Overall, the website is trustworthy and professional but could improve in privacy compliance and security best practices.

L

Latvijas Pašvaldību savienība

lps.lv

46

Latvijas Pašvaldību savienība (LPS) is a key Latvian non-profit association representing local governments. The website serves as an information hub providing news, committee details, international cooperation, projects, and resources for municipalities and public sector stakeholders. It targets municipal officials and Latvian citizens interested in local governance. The site is professionally designed with consistent branding and clear navigation, supporting multiple languages and social media channels. Technically, it uses modern web technologies including jQuery, Google reCAPTCHA, Google Analytics, and Google Custom Search, ensuring a moderate to good performance and mobile optimization. Security posture is strong with HTTPS and bot protection, though lacks some security headers and published policies. Privacy compliance is partial due to missing privacy and terms of service pages. Overall, the domain and WHOIS data align well with the organization's legitimacy and business purpose.

LookWeb s.r.o. is a small Czech technology company specializing in web-related services such as domain management, email configuration support, and customer service. The company operates primarily in Prague and targets local businesses and individuals seeking web hosting and IT support services. The website is simple and functional, providing essential contact information and service links but lacks comprehensive content and policy disclosures. Technically, the site uses Google Fonts and Google Analytics, indicating a basic modern tech stack, but lacks advanced frameworks or CMS. Security posture is moderate with HTTPS assumed but no visible security headers or incident response information. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is legitimate but would benefit from improved transparency and security practices.

P

POSLEPU - POmoc SLEPým Uživatelům

poslepu.cz

40

POSLEPU is a specialized Czech website focused on digital accessibility, assistive technologies, and inclusive design primarily for users with visual impairments and other specific needs. The site provides educational content, podcasts, training, and event information, positioning itself as a trusted resource in the accessibility domain within the Czech Republic and Slovakia. The business model centers on information dissemination and community engagement rather than commercial sales. Technically, the website is built on WordPress with modern plugins for SEO and GDPR compliance, ensuring good performance, mobile optimization, and accessibility standards. The presence of structured data and Open Graph metadata enhances its digital maturity. Security-wise, the site uses HTTPS and cookie consent mechanisms effectively but lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for further strengthening. Overall, the website is professional, trustworthy, and compliant with privacy regulations, with a strong focus on accessibility and user support.

HELUZ IZOS s.r.o. is a Czech-based manufacturer specializing in insulating glass products designed to optimize energy savings by leveraging solar radiation. As part of the HELUZ GROUP, it holds a strong market position as the largest specialized insulating glass manufacturer in the Czech Republic. The company offers a comprehensive portfolio including triple and double insulating glass, decorative design glass, and value-added services such as energy savings calculators and expert consultations. The website reflects a professional and content-rich digital presence, targeting architects, builders, homeowners, and energy efficiency professionals. Technically, the site employs modern JavaScript libraries and Google Tag Manager for analytics and marketing, with good mobile optimization and SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data reduces domain registration trust but does not detract from the evident legitimacy of the business. Overall, the site is well-designed, trustworthy, and compliant with privacy regulations.

W

www.vegetariers.nl

vegetariers.nl

52

The website www.vegetariers.nl represents a well-established non-profit organization focused on vegetarianism in the Netherlands, with a history spanning approximately 130 years. It provides comprehensive guides, recipes, tips, and expert knowledge to support a vegetarian lifestyle. The site is professionally designed, mobile-optimized, and uses modern web technologies including WordPress, Gravity Forms, Google Tag Manager, and Cookiebot for consent management. The presence of structured data and SEO optimizations further enhance its digital maturity. Security posture is strong with HTTPS enforced, use of reCAPTCHA, and cookie consent mechanisms, though explicit privacy and terms of service pages are missing, which slightly impacts privacy compliance. Overall, the domain registration data aligns well with the website's claims, indicating a trustworthy and credible entity.

V

Vegan Society of Ireland

vegansociety.ie

44

The Vegan Society of Ireland is a small non-profit organization dedicated to promoting veganism as an ethical and sustainable lifestyle in Ireland. It evolved from the Vegetarian Society of Ireland, rebranding in 2022 to focus exclusively on vegan advocacy. The website serves as an authoritative platform offering membership, discounts, volunteer opportunities, events, and educational resources. The target audience includes the Irish public interested in animal rights, sustainability, and veganism. Technically, the site is built on WordPress with common plugins such as Contact Form 7 and integrates Google Analytics for visitor tracking. Hosting and domain registration are managed by Blacknight Solutions, an Irish provider, aligning with the organization's geographic focus. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is limited due to the absence of explicit privacy and cookie policies, which should be addressed to meet GDPR standards. Overall, the website is professional, trustworthy, and content-rich, but could improve in privacy transparency and security hardening.

O

Open House Europe

openhouseeurope.org

47

Open House Europe is a non-profit cultural organization founded in 2023 and coordinated by the Public institution Architektūros fondas in Lithuania. It operates a network of architecture festivals across Europe, focusing on themes such as sustainability, accessibility, inclusion, and future heritage. The organization engages the public through events, volunteer programs, and annual summits, supported by European cultural funding and media partnerships. The website reflects a professional and consistent brand presence with rich content targeting architecture enthusiasts and the general public interested in urban heritage. Technically, the website is built on WordPress with modern technologies including Bootstrap, jQuery, and Lottie animations. It uses Yoast SEO for optimization and integrates Google Analytics and MailerLite for marketing and analytics. The site is mobile-optimized and performs moderately well, with good SEO and accessibility basics. From a security perspective, the site uses HTTPS with a valid SSL certificate and employs secure form handling with nonce tokens. However, DNSSEC is not enabled, and security headers are not explicitly detected. There is no visible security or incident response policy, and no cookie consent mechanism is implemented, which may impact GDPR compliance. The WHOIS data is consistent with the organization's claims, showing a legitimate and recently registered domain. Overall, the website presents a low-risk profile with strong business credibility and good technical implementation but could improve in privacy compliance and security best practices to enhance trust and regulatory adherence.

C

College Magazine, LLC

collegemagazine.com

65

College Magazine, LLC operates a professional online media platform focused on providing college-related content authored by students nationwide. The website offers comprehensive guides on colleges, majors, internships, career advice, and student life, positioning itself as a niche educational media outlet. The platform leverages a modern WordPress infrastructure with advanced SEO and analytics tools, ensuring a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS enforcement and privacy management tools, though explicit privacy and terms pages are missing, which should be addressed to improve compliance and trust. WHOIS data is unavailable or privacy protected, slightly impacting domain trust but not detracting from the professional presentation and content quality. Overall, the site is a credible resource for college students and prospective applicants.

S

SIA PURON

puron.lv

54

SIA PURON is a licensed and insured security services company operating throughout Latvia, offering a comprehensive range of technical and physical security solutions. With over 25 years of experience and a workforce exceeding 210 employees, the company serves both private and corporate clients. Their services include alarm monitoring, mobile patrols, fire safety systems, video surveillance, and security system installation and maintenance. The company holds ISO 9001:2015 certification and maintains a significant insurance coverage, reinforcing its market credibility. Technically, the website is built on the Webflow platform, leveraging modern web technologies such as Google Tag Manager, Google Analytics, Facebook Pixel, and Cloudflare Turnstile CAPTCHA for security and analytics. The site is well-optimized for mobile devices, features good SEO practices, and provides a smooth user experience. Security best practices are observed with HTTPS enforcement and consent-based tracking, although explicit security headers could be improved. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is strong, featuring a comprehensive privacy policy, cookie consent mechanisms, and GDPR adherence. However, the site lacks explicit incident response contact details and a vulnerability disclosure policy, which are recommended for enhanced security transparency. Overall, SIA PURON presents a trustworthy and professional digital presence aligned with its business operations. The domain registration details corroborate the company's legitimacy and history. Strategic improvements in security headers and incident response disclosures would further strengthen their security posture and client trust.

A

Associazione nazionale Pionieri dell'Aeronautica

pionieriaeronautica.org

54

The Associazione nazionale Pionieri dell'Aeronautica is Italy's oldest aeronautical association dedicated to promoting and preserving the history and culture of Italian aeronautics. The website serves as an informational and cultural platform targeting enthusiasts, members, and the general public interested in aeronautical heritage. Technically, the site is built on WordPress using the Divi theme and Slider Revolution plugin, with Google Analytics integrated for visitor tracking. The site is accessible, mobile-optimized, and presents a professional design with clear navigation. Security posture is moderate, with HTTPS enabled but lacking explicit security headers and detailed privacy policies. The absence of WHOIS data limits full trust verification of the domain registration, which slightly impacts overall credibility. Strategic improvements in security headers, privacy compliance, and domain transparency would enhance trust and compliance.

M

Miamo

miamo.cz

49

Miamo is a Czech ice cream brand that blends traditional production methods with innovative flavors and modern design, targeting a broad audience of ice cream lovers. The brand is supported by TIPAFROST, a significant Czech ice cream manufacturer, indicating a solid manufacturing and distribution foundation. The website presents a professional and user-friendly interface with clear navigation, detailed product offerings, and active social media engagement. Technically, the site is built on WordPress using popular plugins for forms and GDPR compliance, with moderate performance and good mobile optimization. Security posture is generally strong with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit incident response policies. The absence of WHOIS data is a notable concern, reducing domain trustworthiness and suggesting the need for further verification. Overall, the site is well-positioned in its market segment but could improve transparency and security practices.

B

BESTA

besta.cz

56

BESTA operates as a Czech Republic-based e-commerce retailer specializing in bathroom, plumbing, and heating products. The website presents a professional and well-structured online store powered by the Shoptet platform, targeting general consumers seeking installation and heating supplies. The business appears to be a small-sized local retailer with a focused market niche. Technically, the website employs standard modern web technologies including Google Analytics, Facebook Pixel, and Biano Pixel for marketing and tracking purposes, alongside a cookie consent mechanism to comply with privacy regulations. However, the use of an outdated jQuery version and absence of explicit privacy and terms of service pages indicate areas for improvement. Security posture is moderate with HTTPS enforced but lacking explicit security headers and incident response information. The absence of WHOIS data reduces domain trustworthiness, though the website content and technical setup suggest a legitimate business presence. Overall, the site is accessible without WAF or blocking mechanisms and contains no adult or questionable content.

3

33-тя окрема механізована бригада

33ombr.com

60

The website represents the official online presence of the 33rd Separate Mechanized Brigade of the Ukrainian Armed Forces. It provides comprehensive information about the brigade's history, structure, equipment, and recruitment opportunities, targeting Ukrainian citizens and supporters. The site is professionally designed with consistent branding and clear navigation, supporting its role as a trusted military information portal. Technically, it is built on WordPress with modern plugins and libraries, ensuring good performance and SEO optimization. Security posture is solid with HTTPS and domain transfer protections, though DNSSEC is not enabled and explicit security policies are absent. Privacy compliance is basic, lacking cookie consent mechanisms. Overall, the site is legitimate, trustworthy, and serves its informational and recruitment purposes effectively.

I

Istra Inspirit

istrainspirit.hr

64

Istra Inspirit is a cultural tourism project based in Croatia that offers interactive storytelling tours and experiences focused on the rich history and legends of the Istrian peninsula. The website presents a professional and engaging digital presence with a clear focus on cultural heritage tourism. The company appears to be a small-sized business with a niche market position targeting tourists interested in immersive historical experiences. Technically, the website is built on WordPress using Elementor, with modern web technologies and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers and policies could be improved. Privacy compliance is basic with no explicit privacy policy or terms of service detected, but cookie consent is present. Overall, the website is trustworthy and professionally maintained, with active social media channels supporting its business model.

L

Luggi's Skischule & Snowboardschule Tux

luggis-skischule.at

51

Luggi's Skischule & Snowboardschule Tux is a small local ski and snowboard school located in the Zillertal region of Austria. The business offers group and private courses for all ages and skill levels, targeting tourists and families visiting the area. The website is built on TYPO3 CMS and integrates modern web technologies including jQuery and Google Analytics with privacy-conscious configurations such as IP anonymization and cookie consent opt-in. The school has announced its permanent closure in April 2025, with services transitioning to a partner ski school from December 2025. Contact information and social media presence are clearly provided, supporting customer engagement and trust.

S

Schweizer Skischule Lenk

lenksportundevents.ch

44

Schweizer Skischule Lenk is an official ski school located in the Adelboden-Lenk ski region of Switzerland, offering ski and snowboard lessons for all skill levels, including specialized children's courses and winter events. The business is positioned as a local expert in winter sports education, targeting ski enthusiasts and families visiting the Berner Oberland region. Their business model is service-oriented with online booking capabilities, supported by a professional and consistent brand presence. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries such as jQuery and Owl Carousel. It employs HTTPS with anonymized IP tracking in Google Analytics and includes a cookie consent mechanism compliant with GDPR. The site demonstrates good mobile optimization and SEO practices, although some security headers are missing, which could be improved. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business location and claims, enhancing trustworthiness. Overall, the website is secure, compliant, and professionally maintained. The overall risk is low, with recommendations focusing on enhancing security headers, adding incident response details, and maintaining up-to-date third-party libraries to further strengthen security posture and compliance.

F

Fähndrich Sport AG

faehndrich-sport.ch

54

Fähndrich Sport AG is a well-established small retail business specializing in Nordic skiing, biking, and outdoor sports equipment and training services in the Engadin region of Switzerland. Founded in 1988 as a family business, it has evolved into a recognized regional specialist with a strong local reputation. The company offers a range of services including equipment sales, rentals, group and private courses, and training planning, targeting sports enthusiasts and tourists in the area. Technically, the website is built on the TYPO3 CMS platform, leveraging modern web technologies such as jQuery and Google Tag Manager for analytics and marketing. The site is mobile-optimized, well-structured, and includes SEO best practices. Privacy compliance is robust with a clear cookie consent mechanism and GDPR-aligned privacy policy. From a security perspective, the site uses HTTPS with good SSL configuration and employs cookie consent with IP anonymization for analytics. While some advanced security headers could be added, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain's legitimacy and consistency with the business claims. Overall, the website presents a professional, trustworthy, and secure digital presence that supports the company's business goals and customer engagement effectively.

A

Arosa Bikeschool

arosa-bikeschool.ch

54

Arosa Bikeschool is a specialized local service provider offering bike lessons and guided bike experiences for children and adults in the Arosa mountain region of Switzerland. The business emphasizes family-friendly services including group and private lessons, camps, workshops, and children's animation. Their market position is that of a trusted local bike school with a family destination certification, supported by clear contact channels and online booking capabilities. Technically, the website is built on TYPO3 CMS with modern JavaScript libraries and integrates Google Analytics and reCAPTCHA for analytics and security. The site is mobile-optimized and provides a good user experience with clear navigation and content relevance. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks some advanced security headers such as CSP and HSTS. Privacy compliance is strong with a comprehensive privacy policy and cookie consent banner. WHOIS data aligns well with the business claims, showing transparency and legitimacy. Overall, the website is professional, trustworthy, and suitable for its target audience.

A

ALPEN SPORTS GMBH

alpen-sports.at

52

Alpen Sports GmbH operates a specialized ski school and sports service business located in Neukirchen am Großvenediger, Austria. The company offers ski courses for children and adults, snowboard lessons, private instruction, ski equipment rental, and a sports shop. Positioned as a local leader in winter sports education and equipment rental, Alpen Sports targets ski vacationers and families seeking professional ski training and equipment services. The website supports online booking of ski packages, enhancing customer convenience and business reach. Technically, the website is built on TYPO3 CMS with modern frontend technologies including jQuery and Bootstrap components. It integrates Google Analytics with IP anonymization and employs a cookie consent mechanism compliant with GDPR. The site is mobile-optimized with good navigation and SEO practices, though some accessibility features are basic. External integrations include social media feeds and partner links, reflecting a mature digital presence. From a security perspective, the site uses HTTPS with a strong SSL configuration and enforces cookie consent. However, it lacks explicit security headers and published security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data reduces domain trust slightly but does not detract from the professional presentation and contact transparency. Overall, Alpen Sports presents a trustworthy and professionally managed online presence suitable for its hospitality sector niche. Strategic improvements in security headers and incident response transparency would further enhance its security posture and customer trust.

B

BK Mladá Boleslav

bkboleslav.cz

46

BK Mladá Boleslav operates a professional and content-rich website serving as the official digital presence of the Czech ice hockey team. The site offers comprehensive information including team news, match schedules, ticket sales, merchandise, and fan engagement features. The business model focuses on sports entertainment and community engagement with a strong local and national fan base. Technically, the website employs modern web technologies such as Bootstrap and jQuery, integrates Google Analytics for user tracking, and maintains good mobile responsiveness and SEO practices. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The WHOIS data aligns well with the website's identity, supporting legitimacy and trust. Overall, the site is professional, trustworthy, and well-maintained, serving its audience effectively.

SPORT PROFI spol. s r. o. operates the Deštné v Orlických horách recreational and ski center, providing winter and summer outdoor activities including ski lifts, trails, bike rentals, and disc golf. The company targets tourists and outdoor enthusiasts in the Czech Republic region, offering online skipass sales and comprehensive visitor information. The website reflects a well-established regional business with a domain age dating back to 1998, indicating a mature market presence. Technically, the site is built on Angular 19.1.4 with integration of Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The design is professional, mobile-optimized, and content-rich, supporting a positive user experience. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, though security headers are not detected and no explicit security or incident response policies are published. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site demonstrates a solid digital maturity with room for security enhancements.

S

Statutární město Hradec Králové

hk800.cz

49

The website hk800.cz is the official digital platform for the 800th anniversary celebrations of the city of Hradec Králové in the Czech Republic. It serves as a comprehensive resource for cultural events, exhibitions, and community engagement activities related to the milestone. The site is operated by the city government, providing authoritative and trustworthy information to residents and visitors. The business model is centered on governmental and cultural event promotion, supported by partnerships with local businesses and media. The website demonstrates a consistent brand identity aligned with the city’s heritage and celebration theme. Technically, the site is built on Joomla CMS with a modern tech stack including Bootstrap, jQuery, and various JavaScript libraries for enhanced user experience such as carousels and lazy loading. It integrates Google Analytics, Google Tag Manager, and Facebook Pixel for analytics and marketing purposes, all managed with a cookie consent mechanism ensuring GDPR compliance. Hosting and domain registration are consistent with Czech providers, and the site shows good mobile optimization and SEO practices. From a security perspective, the website enforces HTTPS and uses cookie consent banners to comply with privacy regulations. While explicit security headers are not fully visible in the provided data, no critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the website’s purpose and geographic location, indicating legitimacy. However, the site lacks explicit security policies or incident response contacts, which could be improved. Overall, the website is a well-structured, professional, and trustworthy platform for the city’s anniversary celebrations. It balances user experience, privacy compliance, and technical soundness effectively, though there is room for enhancement in security policy transparency and advanced security headers implementation.

V

Vermoont s.r.o.

mojehradiste.cz

40

MojeHradiště.cz is a municipal portal serving the residents of Mnichovo Hradiště, Czech Republic. It functions primarily as an online gateway providing links to various official municipal services, including citizen portals, reservation systems, financial transparency tools, and local event information. The portal is operated by Vermoont s.r.o. and was established in 2020, aligning with the domain registration date. The website targets local citizens seeking convenient access to municipal resources and information. Technically, the website employs a modest technology stack including jQuery and Modernizr, with Google Analytics for visitor tracking. The site is hosted under a Czech registrar (REG-WEDOS) and uses HTTPS, although explicit SSL configuration details and security headers are not evident from the HTML content. The site demonstrates good mobile optimization and a clear, consistent design, but lacks advanced accessibility features and comprehensive SEO optimization. From a security perspective, the portal shows basic adherence to best practices, such as HTTPS usage and absence of visible vulnerable forms on the homepage. However, it lacks explicit security headers and does not provide privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is present, and no contact information is provided for security or general inquiries. The site’s content is safe, non-adult, and appropriate for a general audience. Overall, the website is a functional and trustworthy municipal information portal with room for improvement in privacy compliance, security hardening, and user contact transparency. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

S

Sūdzības.lv

sudzibas.lv

51

Sūdzības.lv is a Latvian consumer complaint and review platform established since 2007, providing a public forum for users to share experiences and rate companies across various sectors including retail, services, and e-commerce. The website serves as a trusted resource for Latvian consumers seeking information about company reputations and customer service issues. Technically, the site employs modern web technologies including HTTPS, Google Analytics, and Bugsnag for error monitoring, with a custom CMS and moderate performance. The site is mobile-optimized and offers a user-friendly interface with clear navigation and search capabilities. Security posture is adequate with HTTPS and basic best practices, though it lacks advanced security headers and formal incident response policies. Privacy compliance is addressed with visible privacy and cookie policies and a consent mechanism, aligned with GDPR requirements. Overall, the site demonstrates moderate to good business credibility and technical maturity, with room for improvement in security and transparency. No adult or explicit content is present, making it safe for general audiences.

Město Mnichovo Hradiště operates an official municipal website providing comprehensive information and services to residents and visitors. The site offers news, event calendars, public service details, and tourism information, positioning itself as the primary digital gateway for the city. The business model is focused on government communication and community engagement, targeting local citizens and tourists. The website reflects a small-sized government entity with consistent branding and good content quality. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Google Analytics, and Nette Framework components. It is mobile optimized and accessible, with moderate performance. The site uses HTTPS and implements cookie consent mechanisms, demonstrating awareness of privacy compliance. However, some security best practices such as security headers and incident response disclosures are missing. From a security perspective, the site maintains a good posture with encrypted connections and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is a notable anomaly, reducing domain registration trustworthiness, but the official contact information and consistent content strongly support legitimacy. Privacy policies and cookie management are well implemented, aligning with GDPR requirements. Overall, the website is professional, trustworthy, and serves its purpose effectively. Strategic improvements in security headers, incident response transparency, and domain registration visibility would enhance trust and resilience. The risk level is low, with no critical issues detected.

A

AIKON - Creative City s.r.o

aikon.cz

41

AIKON - Creative City s.r.o operates a Czech AI platform focused on accelerating content creation, marketing, and sales through advanced AI tools including templates, editors, assistants, and translators. The platform targets businesses, creators, and public sector entities, offering a comprehensive SaaS solution that promises up to 20x faster workflows. The website is professionally designed using WordPress and Elementor, with SEO optimization and Google Analytics integration, hosted on AWS infrastructure. Security posture is solid with HTTPS and no visible vulnerabilities, though security headers and privacy compliance measures are lacking. The domain is newly registered in early 2025, consistent with a recent business launch. Overall, the site presents a credible and modern technology offering with room for improvement in privacy and security transparency.

VoIP-Prices.com operates as a VoIP phone service price comparison platform targeting businesses seeking to replace, expand, or install new phone systems. The website facilitates lead generation by collecting detailed user requirements through a multi-step form and matches these with suppliers to provide competitive quotes. The business appears small and relatively new, founded around 2021, with domain registration consistent with this timeline. Technically, the site uses modern front-end frameworks like Bootstrap and jQuery and integrates Google Analytics for tracking. However, the site lacks critical privacy and cookie policies, and no consent mechanisms are present, which may expose it to compliance risks. Security posture is moderate with HTTPS implied but no DNSSEC or security headers detected. No incident response or security contact information is provided, limiting transparency in security management. Overall, the site is functional and business-focused but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

D

Domains By Proxy, LLC

gspeech.io

51

GSpeech.io is a technology company specializing in AI-driven text-to-speech solutions that provide realistic voice generation to enhance website accessibility. The company targets web developers, businesses, and website owners seeking to add audio accessibility features. The business operates on a SaaS model, offering AI voice generation services with a focus on accessibility and user engagement. The website is professionally designed with good navigation and mobile optimization, supporting multiple languages to cater to a global audience. Technically, the site uses modern JavaScript libraries including jQuery, Google Analytics, Google Ads, and Intercom for customer engagement and marketing. The CMS platform is Smarts Club Builder, indicating a custom or niche website builder solution. Security posture is adequate with HTTPS enabled and domain registration protections, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies and no consent mechanisms. Business credibility is moderate with clear branding and domain legitimacy, but contact information is limited to a contact form without direct emails or phone numbers. Overall, the site is functional and professional but would benefit from enhanced privacy and security transparency.

L

Lesnická práce s.r.o.

silvarium.cz

43

Silvarium.cz is a well-established Czech media portal specializing in forestry and wood industry news, targeting professionals and the general public interested in these sectors. The site offers news articles, classified ads, subscription services for forestry magazines, and video content through its Silvarium.TV platform. It maintains partnerships with recognized forestry organizations and related media outlets, reinforcing its market position as a trusted information source in the forestry domain. Technically, the website is built on Joomla CMS with a variety of extensions and uses a modern tech stack including jQuery, Uikit, and Bootstrap. It integrates Google Analytics and Tag Manager for tracking and employs CleanTalk for anti-spam protection. The site is mobile-optimized with good navigation and content structure, although some libraries like jQuery are outdated, which could pose security risks. From a security perspective, the site uses HTTPS and basic security headers but lacks advanced security policies and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected, but upgrading libraries and implementing stronger security headers are recommended. Privacy compliance is basic, with cookie consent mechanisms present but no explicit GDPR statements or data protection officer information. Overall, Silvarium.cz presents a professional and trustworthy online presence with solid business credibility and good content quality. Strategic improvements in security posture and privacy transparency would enhance its compliance and resilience against emerging threats.

R

RádiaCZ 2025

hitradio.cz

53

Hitrádio.cz is a Czech media company operating a network of radio stations with live streaming, podcasts, contests, and a listener club. The website targets a general Czech audience interested in music and entertainment. The business is established since 2003 and maintains a consistent brand presence across multiple regional radio stations. Technically, the site uses modern web technologies including Google Tag Manager, Facebook Pixel, and Foundation CSS framework, delivering a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and CSRF protection but lacks visible security headers and formal security policies. Privacy compliance is weak due to missing privacy and cookie policies despite having a consent mechanism. Overall, the domain is legitimate and consistent with the business profile, with no signs of blocking or WAF interference.

D

Dopravní podnik města Brna, a. s.

pipniajed.cz

53

The website 'Pípni a jeď!' is the official electronic ticketing platform for Dopravní podnik města Brna, the main public transport operator in Brno, Czech Republic. It offers a contactless payment system for public transport tickets using Visa, Mastercard, GooglePay, and ApplePay, enabling passengers to pay without paper tickets or registration. The platform supports automatic fare calculation, various ticket types including discounted and multi-passenger tickets, and integration with regional transport tariffs. The site targets daily commuters and occasional travelers within Brno and its immediate surroundings.

N

New Wind Production s.r.o.

sterkovnamusic.com

52

New Wind Production s.r.o. operates the Štěrkovna Open Music festival, a regional music event in the Czech Republic featuring notable Czech and Slovak artists. The website serves as a comprehensive portal for festival information, artist lineups, ticket sales, and partner engagement. The business model centers on event organization and promotion with a focus on cultural entertainment. The company maintains a professional online presence with consistent branding and clear navigation aimed at music festival attendees and the general public. Technically, the website employs modern web technologies including jQuery, Google Tag Manager, Google Analytics, and Facebook Pixel for marketing and analytics purposes. The site is mobile-optimized with good SEO practices and uses HTTPS for secure communications. Cookie consent mechanisms and privacy policies demonstrate compliance with GDPR requirements, enhancing user trust. From a security perspective, the site benefits from HTTPS and cookie consent management but lacks visible security headers and explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the website is professionally designed and functional with good privacy compliance and marketing integration. Strategic improvements in security headers, incident response transparency, and domain registration verification are recommended to strengthen the security posture and business credibility.

P

Primus Partners Pvt. Ltd.

primuspartners.in

50

Primus Partners Pvt. Ltd. is a consulting and technology solutions firm focused on delivering advisory, technology, and capital services primarily in India. The company positions itself as a key player in navigating complex business opportunities in India, targeting businesses, government entities, investors, and startups. Their services include advisory on economic potential, ESG goals, digital strategy, public policy, and transaction realization, alongside technology solutions and capital facilitation. The website demonstrates a moderate level of digital maturity with modern technologies such as Bootstrap, Video.js, and integrations with Mailchimp and Google Analytics. The site is mobile-optimized and SEO-friendly but lacks explicit privacy and cookie policies, which impacts compliance. Security posture is adequate with HTTPS and CSRF tokens but lacks security headers and incident response disclosures. Overall, the website is professional and trustworthy but could improve in privacy compliance and security transparency.

T

Teplárny Brno, a.s.

teplarny.cz

53

Teplárny Brno, a.s. is a well-established energy company based in the Czech Republic, specializing in the production and reliable supply of ecological heat, electricity, and gas primarily serving the city of Brno and its surroundings. With a history spanning approximately 95 years, the company holds a strong regional market position and offers a broad portfolio of energy-related services including electromobility, cold supply, emergency services, and energy audits. The website reflects a professional and customer-focused approach, providing clear contact channels and comprehensive service information. Technically, the website employs modern web technologies such as JavaScript, Google Tag Manager, Google Analytics, and Facebook Pixel for analytics and marketing purposes. The site is mobile-optimized with good SEO practices and a cookie consent mechanism that complies with GDPR requirements. However, no explicit security policy or incident response information is published, which could be improved to enhance transparency and trust. From a security perspective, the site uses HTTPS with good SSL configuration and implements cookie consent controls, but lacks advanced security headers and a public vulnerability disclosure channel. No critical vulnerabilities or exposed sensitive data were detected. Overall, the security posture is solid but could benefit from formalized policies and incident response details. The overall risk assessment is low, with the website demonstrating high professionalism, compliance, and trustworthiness. Strategic recommendations include publishing a security policy, adding incident response contacts, implementing security.txt, and enhancing accessibility and security headers to further strengthen the security and compliance posture.

B

Security 2.0 – Безпека 2025 – Security 2.0 – головна галузева подія України в сфері обладнання та технологій безпеки, гуманітарного розмінування, цивільного захисту та домедичної допомоги.

bezpeka.ua

58

Security 2.0 is a prominent Ukrainian industry event platform specializing in security equipment, technologies, humanitarian demining, civil protection, and first aid. The website serves as the main portal for event information, including exhibitions and demonstration sessions scheduled for 2025. The target audience includes industry professionals, government agencies, and humanitarian organizations. The business model centers on event organization and industry networking within the Ukrainian security sector. Technically, the website is built on WordPress 6.8.1 using the Kadence theme, incorporating modern JavaScript libraries such as Swiper.js and Tippy.js for UI enhancements. It integrates analytics and marketing tools including Google Analytics, Facebook Pixel, and Smartlook, indicating a moderate level of digital maturity. The site is mobile-optimized and presents a professional design with good user experience, though accessibility and SEO optimizations are basic. From a security perspective, the site employs HTTPS with good SSL configuration but lacks visible security headers and formal privacy or cookie policies, which are critical for compliance and user trust. No forms or direct contact information are present on the main page, limiting user engagement and incident response readiness. Tracking scripts suggest moderate user tracking without clear privacy compliance disclosures. Overall, the website is functional and professional but would benefit from enhanced privacy compliance, security header implementation, and clearer contact channels. These improvements would strengthen trustworthiness and regulatory adherence, reducing potential risks associated with data protection and incident management.

A

Argonium - Agencja Interaktywna & SEO

argonium.pl

50

Argonium is a well-established interactive agency based in Rzeszów, Poland, specializing in professional website creation, custom e-commerce solutions, SEO, and digital marketing services. With over 15 years of experience and a portfolio of over 100 satisfied clients, Argonium positions itself as a trusted partner for businesses seeking to enhance their online presence. Their service offerings include bespoke web development, intranet systems, graphic design, and comprehensive marketing support, targeting primarily small to medium-sized enterprises in Poland. The company emphasizes quality, customization, and client collaboration to deliver effective digital solutions. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, jQuery, and popular libraries such as Swiper.js and AOS for animations. The site is mobile-optimized, accessible, and SEO-friendly, with a custom CMS powering content management. Google Analytics is integrated with a robust cookie consent mechanism ensuring GDPR compliance. Performance is moderate with good user experience and clear navigation. From a security perspective, the site uses HTTPS with a good SSL configuration and implements cookie consent controls. However, explicit security headers are not detected, and no dedicated security policy or incident response information is published. No vulnerabilities or exposed sensitive data were found in the HTML content. The WHOIS data confirms domain legitimacy, consistent registration details, and an appropriate domain age matching the company's claimed history. Overall, Argonium's website reflects a professional, trustworthy, and mature digital presence suitable for its business model. Strategic improvements could include adding explicit security policies, publishing a vulnerability disclosure policy, and enhancing HTTP security headers to further strengthen security posture.

E

Evoluma Klaster Przemysłowy

evoluma.pl

62

Evoluma Klaster Przemysłowy is a Polish industrial cluster that connects over 50 members and partners, employing more than 5,000 people and operating in 36 export markets. The cluster focuses on fostering cooperation, innovation, and development within the industrial sector, offering networking, project support, and event organization services. The website is built on Drupal 10 and integrates modern analytics and marketing tools such as Google Tag Manager and Google Analytics. It features a cookie consent mechanism compliant with GDPR requirements, although no explicit privacy or terms of service pages were found. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but lacks published security policies or incident response contacts. WHOIS data confirms the legitimacy and consistency of the domain registration with the business claims. Overall, the website presents a professional and trustworthy digital presence for the industrial cluster.