Security Directory

P

Pinterest

pinterest.pt

72

Pinterest is a globally recognized visual discovery and social media platform that enables users to find and share ideas such as recipes, home decor, and style inspiration. The pt.pinterest.com site is a localized Portuguese version of the platform, maintaining the brand's global presence and user engagement. The business operates primarily through advertising and e-commerce integrations, positioning itself as a leader in the technology and social media sectors. The website demonstrates a mature digital infrastructure with modern technologies such as React, AWS hosting, and comprehensive security measures including HTTPS and Content Security Policy enforcement. Security posture is strong with no evident vulnerabilities or exposed sensitive data, and privacy compliance is well addressed through detailed policies and consent mechanisms. Overall, the site reflects a professional, trustworthy, and enterprise-grade online presence.

The website www.deco.proteste.pt is currently inaccessible due to a Cloudflare security challenge page that requires human verification via Turnstile captcha. This prevents access to any meaningful content, business information, or policies. The page only displays a verification message and no metadata or structured data is present. The technical infrastructure relies on Cloudflare's security services, but no further technology stack or CMS can be identified. Due to the blocking mechanism, no security posture or compliance details can be assessed. Overall, the site is currently not analyzable beyond the WAF detection.

S

skodahrou.cz

skodahrou.cz

49

skodahrou.cz is a Czech language online magazine dedicated to fans of the ŠKODA brand, offering a variety of content including news, reviews, tips, contests, and lifestyle articles related to automotive topics and beyond. The website targets automotive enthusiasts and general readers interested in transport, economy, finance, technology, health, and society. The business model is content publishing with monetization through advertising. The domain is newly registered in late 2024, consistent with the website's fresh content and market entry. Technically, the website uses standard web technologies including HTML5, CSS, and JavaScript, with Matomo analytics and Google Adsense for advertising and tracking. The site is hosted on vas-hosting.com servers and shows good mobile optimization and navigation clarity. However, no CMS or advanced frameworks were detected. Performance is moderate with room for improvement. From a security perspective, the site uses HTTPS with good SSL configuration but lacks important security headers and explicit security or incident response policies. No cookie consent mechanism is present, which may affect GDPR compliance. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is average but could be enhanced with standard best practices. The overall risk assessment indicates a legitimate, small-scale media website with moderate technical maturity and some compliance gaps. Strategic recommendations include implementing cookie consent, adding security headers, publishing security policies, and auditing third-party scripts to improve trust and compliance.

L

La Stampa

lastampa.it

65

La Stampa is a prominent Italian news media organization providing comprehensive news coverage on politics, economy, and current events in Italy and worldwide. The website serves a broad general audience with a professional digital news publishing model supported by subscriptions and advertising. Technically, the site employs modern JavaScript libraries, asynchronous loading, and third-party services for analytics and advertising, indicating a mature digital infrastructure. The site is mobile-optimized with good SEO and accessibility practices, though some accessibility features could be enhanced. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks publicly documented security policies or incident response procedures. Overall, the website is trustworthy and professionally managed, with no signs of blocking or malicious activity.

R

Radio New Zealand

rnz.co.nz

63

Radio New Zealand (RNZ) is New Zealand's public broadcaster providing comprehensive news, current affairs, audio on demand, podcasts, and documentaries. The website serves as a primary digital platform for delivering timely and relevant content to the New Zealand public, positioning itself as a trusted media source. The site features a professional design, clear navigation, and multimedia content tailored to a general audience interested in news and cultural programming. Technically, the website employs modern JavaScript frameworks and libraries, including New Relic for performance monitoring, Google Tag Manager for marketing and analytics, and D3.js for data visualization. The site is well-optimized for mobile devices and accessibility, with good SEO practices evident in meta tags and structured content. Performance is moderate, with asynchronous loading of scripts and CDN usage. From a security perspective, RNZ uses HTTPS with good SSL configuration and includes security best practices such as monitoring and error tracking. However, explicit privacy and cookie policies are not evident in the provided content, and no dedicated security or incident response pages were found. The WHOIS data for the domain is unavailable due to registry policies, but the website's public broadcaster status and content quality provide strong legitimacy. Overall, RNZ's website demonstrates a mature digital presence with strong business credibility and technical implementation. To enhance trust and compliance, it is recommended to publish clear privacy and cookie policies, implement a vulnerability disclosure mechanism, and provide explicit contact information for security incidents.

The analyzed content corresponds to a Chrome internal error page (chrome-error://chromewebdata/) which serves as a placeholder or offline error page within the browser. It does not represent an actual external website and contains no business or contact information, privacy policies, or terms of service. The page primarily includes JavaScript related to the Chrome offline dinosaur game and minimal HTML structure. Due to the nature of this content, no meaningful business or security posture can be assessed. The absence of HTTPS, security headers, or any external links further confirms that this is not a live website but a browser-generated error page.

A

American Planning Association

planning.org

69

The American Planning Association (APA) operates planning.org as the leading membership organization for professional planners in the United States. The website serves as a comprehensive resource hub offering membership services, professional certification (AICP), publications, conferences, career resources, and policy advocacy. APA holds a strong market position as the largest and most authoritative planning organization, targeting planners, students, employers, and government officials. The website's content is rich, professionally presented, and well-structured to support its diverse audience. Technically, the site employs a modern tech stack including Bootstrap, jQuery, HubSpot marketing tools, and integrates multiple analytics and advertising platforms. The site is mobile-optimized and accessible, with good SEO practices.

C

Chatwee

chatwee.com

59

Chatwee is a well-established technology company founded in 2012, specializing in live chat and instant messaging applications tailored for online communities, virtual events, and team collaboration. The company offers a SaaS model with flexible subscription and pay-per-use plans, serving a broad target audience including mental health support providers, educational webinars, and online gaming communities. Their market position is strong with over 80,000 registered websites and 50 million chat users, supported by multi-language offerings and extensive customization options. Technically, Chatwee employs a modern web technology stack including JavaScript, PHP SDK, and integrates with popular CMS platforms. Hosting is provided via Amazon AWS infrastructure, ensuring reliable performance and scalability. The website is well-optimized for mobile devices, SEO, and accessibility, with fast loading times and a professional design. From a security perspective, the site uses HTTPS and displays a SecurityMetrics certification badge, indicating a commitment to secure operations. However, there is room for improvement by enabling DNSSEC, adding security headers, publishing a security policy, and implementing a cookie consent mechanism to enhance GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. Overall, Chatwee presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic enhancements in security transparency and privacy compliance would further strengthen their risk posture and customer trust.

A

Axeptio

axeptio.eu

73

Axeptio is a specialized Consent Management Platform (CMP) providing GDPR, CCPA, Law 25, and other international privacy regulation compliance solutions. Trusted by over 80,000 websites and apps, Axeptio offers customizable consent banners, contractual consent modules, mobile SDKs, and compliance tools tailored for brands, publishers, and agencies. The company holds certifications from Google and IAB Europe, positioning itself as a leading player in the privacy compliance SaaS market. Technically, the website is built on HubSpot CMS, leveraging modern JavaScript libraries and integrations with major marketing and analytics platforms such as Google Tag Manager and HubSpot Analytics. The site is well-optimized for mobile and accessibility, with a professional design and clear navigation. Security posture is strong with HTTPS enforced and consent mechanisms implemented, though explicit security headers could be improved. WHOIS data is privacy protected, which is typical for SaaS companies, and no suspicious patterns were detected. Overall, Axeptio demonstrates a mature digital presence with strong business credibility and compliance focus.

R

Repsol

repsol.pt

69

Repsol Portugal operates as a major energy supplier providing electricity, gas, and related services to individual consumers. The website is well-branded and professionally designed, targeting retail customers with a clear focus on energy solutions and customer benefits. The technical infrastructure leverages Adobe Experience Manager CMS, integrates multiple analytics and marketing tools including Google Tag Manager, Adobe Web SDK, and Gigya, and employs security best practices such as HTTPS and reCAPTCHA. However, the absence of explicit privacy and terms of service policies on the accessible pages indicates room for improvement in compliance transparency. Overall, the security posture is strong with proper headers and no detected vulnerabilities, but privacy compliance could be enhanced by publishing comprehensive policies and contact points for incident response.

Ateliér PKO s.r.o., operating under the brand APKO, is a specialized engineering firm focused on road communications and related infrastructure services in the Czech Republic. Their offerings include road design, traffic engineering, expert opinions, safety audits, environmental assessments, and professional translations. The company targets professionals and organizations involved in transportation infrastructure projects, positioning itself as a niche service provider with a clear and consistent brand presence. Technically, the website employs standard web technologies including HTML, CSS, JavaScript, and Google Analytics for visitor tracking. While the site is moderately optimized for performance and basic mobile responsiveness, it lacks advanced accessibility features and modern frameworks. SEO is basic but sufficient for the content presented. No CMS or hosting provider details were detected. From a security perspective, the site uses HTTPS and includes Google Analytics scripts loaded securely. However, it lacks visible security headers and published security or privacy policies, which are important for GDPR compliance and user trust. No forms or input fields were detected on the analyzed page, reducing immediate risk exposure. The WHOIS data aligns well with the website content, indicating legitimacy and consistent registration information. Overall, the website is professional and trustworthy but would benefit from enhanced privacy compliance, improved security headers, and clearer incident response information to strengthen its security posture and regulatory adherence.

H

Home

castrol.com

77

Castrol's website presents a professional corporate presence focused on lubricants and specialty oils for automotive and industrial sectors. The company positions itself as a global leader embracing innovation and sustainability. The technical infrastructure includes modern tracking and video playback technologies, with good mobile optimization and SEO practices. However, explicit privacy and terms of service pages are not clearly found, and WHOIS data for the domain is unavailable, which raises transparency concerns. Security posture is moderate with HTTPS implied but lacking visible security headers in the provided data. Overall, the site is trustworthy and professional but would benefit from enhanced compliance and security transparency.

Spolek přátel Národního divadla Brno is a voluntary, non-political, and non-profit association focused on promoting theatrical arts including opera, ballet, and drama in Brno, Czech Republic. The organization collaborates closely with the National Theatre Brno and related artistic institutions to deepen public interest and knowledge in performing arts. The website serves as an informational platform showcasing news, events, and publications related to their activities. Technically, the website is built on the eStránky.cz platform using legacy JavaScript libraries such as jQuery 1.12.4 and includes Facebook SDK for social media integration. The site is accessible and provides relevant content but lacks modern technical and security enhancements.

N

E-VÝSTAVY archiv NdB

ndbrno-evystavy.cz

57

The website www.ndbrno-evystavy.cz serves as a digital archival platform showcasing scenography of Shakespearean productions at the National Theatre Brno from 1918 to 1988. It targets cultural enthusiasts and researchers interested in theatrical history. The site offers digital exhibitions with scheduled dates and archival content, positioning itself as a niche cultural resource. Technically, the site is built on the Webnode CMS platform, leveraging AWS Cloudfront CDN for content delivery, and uses modern web technologies including HTML5, CSS3, and JavaScript. The site is mobile-optimized and provides a cookie consent mechanism, but lacks visible privacy and terms of service pages. Security posture is moderate with HTTPS enforced but missing security headers and no visible incident response or security policy information. WHOIS data is unavailable, likely due to privacy protection, which is common for small cultural sites but slightly reduces trust. Overall, the site is functional, professionally designed, and serves its cultural archival purpose effectively.

The website www.ceske-knizni-novinky.cz is a Czech-language informational portal dedicated to providing extensive listings and descriptions of new book releases primarily for the year 2025 and previous years. It targets Czech-speaking readers interested in literature across various categories including women, men, children, youth, and multiple genres such as fantasy, historical, and detective books. The site aggregates content and links to a reputable external book database (CBDB.cz) for detailed book information. The business model is content aggregation and informational service with a niche focus on the Czech book market. The site is small in scale with consistent branding and good content quality.

T

test

dobre-knihy.cz

62

Dobré knihy is a prominent Czech online retailer specializing in books, audiobooks, games, toys, stationery, and gifts. The website offers a large catalog with over 90,000 titles in stock, targeting Czech-speaking customers primarily. The business model is e-commerce retail with a strong focus on book sales and related products. The site features clear navigation, product categorization, and a user-friendly shopping experience. Structured data and contact information are provided to enhance trust and usability. Technically, the website employs modern JavaScript frameworks and tracking technologies including Google Tag Manager, Microsoft Clarity, and Exponea for analytics and marketing. The site is mobile-optimized and accessible, with secure HTTPS connections and validated forms for login and shopping cart functionality. However, some security best practices such as security headers and vulnerability disclosure mechanisms are not evident. From a security perspective, the site enforces HTTPS and cookie consent mechanisms compliant with GDPR. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS registration data is a notable concern, reducing domain transparency and trustworthiness. Overall, the security posture is good but could be improved by adding security headers and publishing incident response information. The overall risk assessment indicates a legitimate and professional e-commerce platform with minor transparency and security improvements recommended. Strategic focus should be on enhancing domain registration visibility, implementing security headers, and formalizing security policies to strengthen trust and compliance.

Chatwee Sp. z o.o. is a Poland-based technology company operating the chatwee.com platform, providing chat and communication services primarily targeting businesses and website owners. Established in 2014, the company offers SaaS solutions with user account management, direct marketing, and customer support features. The website content is professional and GDPR compliant, reflecting a mature business with a clear privacy focus. Technically, the website leverages AWS infrastructure and custom JavaScript and CSS, with moderate performance and good mobile optimization. However, there is room for improvement in accessibility and SEO. Security posture is adequate with HTTPS usage and privacy policy adherence, but lacks visible security headers and a published security policy or incident response plan. Overall, the website is trustworthy and well-maintained, with transparent WHOIS data and consistent business information. No critical vulnerabilities or suspicious patterns were detected. Strategic improvements in security policy publication, DNSSEC enablement, and cookie consent mechanisms would enhance compliance and trust. The risk level is low, but continuous monitoring and enhancement of security and privacy practices are recommended to maintain high standards and user confidence.

Közösségfejlesztők Egyesülete is a Hungarian non-profit organization dedicated to community development, social programs, and professional support within civil society and local development sectors. The website serves as an informational and resource platform for community developers and related stakeholders, offering training, publications, and event information. The organization has an established presence since 2014, reflected in the domain age and content maturity. Technically, the website is built on WordPress with a modern tech stack including jQuery and standard JavaScript libraries. The site is moderately optimized for performance and mobile devices, with basic accessibility and SEO features. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and explicit incident response information. Privacy compliance is partially met with privacy and cookie policies present, though a cookie consent mechanism is missing. Overall, the website is professional and trustworthy, serving its niche audience effectively.

O

Okidoki Kommunikation AB

transportportal.se

51

Transportportal.se is a Swedish transport research portal operated by or affiliated with Okidoki Kommunikation AB and the Swedish National Road and Transport Research Institute (VTI). It aggregates and provides access to multiple transport research resources including catalogs, databases, and knowledge centers focused on public transit and transport research in Sweden. The portal targets researchers, transport professionals, and stakeholders within the Swedish transport sector. The website is well-branded, consistent, and offers good content quality with clear navigation and relevant resources. Technically, the site uses modern JavaScript libraries such as Modernizr and Masonry for UI enhancements and is hosted on Azure cloud infrastructure, as indicated by DNS records. The site is mobile-optimized and performs moderately well, though accessibility and SEO optimizations are basic. No CMS or advanced frameworks are detected, suggesting a custom or lightweight implementation. From a security perspective, the site lacks DNSSEC and security headers, and no cookie consent mechanism is present, indicating gaps in GDPR compliance and security best practices. The domain registration is consistent and legitimate, with no privacy protection, and the domain age aligns with the business history. No forms or user input fields reduce attack surface, and no vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the website is a credible and professional resource for transport research in Sweden but would benefit from enhanced security headers, GDPR compliance improvements, and cookie consent implementation to strengthen its security posture and privacy compliance.

P

PIARC (World Road Association)

piarc.org

52

PIARC (World Road Association) is a well-established international non-profit organization founded in 1909, serving as a global forum for knowledge exchange on roads and road transport policies. It has a strong market position with over 120 member governments and consultative status to the United Nations Economic and Social Council. The website reflects a mature digital presence with professional design, comprehensive content, and active engagement through seminars, congresses, and publications. Technically, the site uses modern analytics tools and JavaScript frameworks, with good mobile optimization and accessibility. Security posture is solid with HTTPS and cookie consent mechanisms, though it lacks some advanced security headers and explicit privacy and terms policies. Overall, the site is trustworthy and authoritative in its domain, though improvements in transparency and security documentation are recommended.

E

European Transport Safety Council

etsc.eu

46

The European Transport Safety Council (ETSC) operates as a Brussels-based independent non-profit organization dedicated to reducing deaths and injuries in European transport. The website serves as a comprehensive platform for advocacy, research dissemination, policy recommendations, and public engagement on road safety issues. It targets policymakers, transport safety professionals, media, and the general public interested in transport safety. ETSC holds a recognized position in the European transport safety sector, offering key services including research publications, policy advocacy, and organizing safety-related projects and events. Technically, the website is built on WordPress with a modern tech stack including JavaScript, PHP, and various plugins for SEO, caching, and analytics. It demonstrates good performance, mobile optimization, and accessibility. The site uses HTTPS with a good SSL configuration and employs security best practices such as CAPTCHA on forms and cookie consent mechanisms. However, some security headers are not explicitly detected and could be improved. From a security perspective, the site shows a mature posture with no visible vulnerabilities or exposed sensitive data. Privacy compliance is strong, with a comprehensive privacy policy, cookie consent, and GDPR adherence. Contact information is clearly provided, enhancing trust and credibility. No incident response or vulnerability disclosure policies are found, which could be areas for future enhancement. Overall, ETSC's website is professional, trustworthy, and well-aligned with its mission. It effectively balances content quality, technical implementation, security, and privacy compliance, resulting in a high AI score of 87. Strategic recommendations include enhancing security headers, publishing security policies, and maintaining regular security audits to sustain and improve its security posture.

The Victoria Transport Policy Institute is an independent Canadian research organization specializing in innovative and practical transportation solutions. Established in 1999, it offers free resources, consulting services, and publishes research to improve transportation planning and policy analysis. The website serves transportation planners, policymakers, researchers, and the public with a focus on sustainable and equitable transportation. Technically, the site is custom-built with classic HTML, JavaScript, and CSS, hosted on Island Hosting, and integrates Mailchimp for marketing. While the site content is rich and professionally presented, technical modernization opportunities exist, including improved mobile optimization and accessibility. Security posture is moderate; domain management is sound with transfer protections, but lacks DNSSEC and security headers. Privacy and cookie policies are absent, representing compliance gaps. Overall, the site is trustworthy and credible but would benefit from enhanced security and privacy practices.

G

GTO Solutions s.r.o.

jdvm.cz

48

Skutočnosť.sk is an online Slovak informational portal operated by GTO Solutions s.r.o., focusing primarily on transportation-related news, including traffic updates, toll information, fuel prices, and travel advice. The website targets Slovak-speaking drivers and travelers seeking up-to-date and practical information for navigating road transport in Slovakia and neighboring countries. The business model appears to be content publishing monetized through advertising networks such as Google Adsense. The site maintains a consistent brand presence with a clear navigation structure and regularly updated content.

The website cdvplus.cz is currently a parked domain with no active business content or services. It primarily serves as a placeholder page indicating the domain may be for sale. The site is heavily monetized through advertising scripts and tracking pixels from Google Adsense and third-party providers. There is no meaningful business information, contact details, or user engagement features present. The domain is newly registered in December 2024 and uses parking name servers, consistent with domain resale or parking services. From a technical perspective, the site uses basic HTML, CSS, and JavaScript with integration of Google Adsense Domains CAF scripts and Cloudfront CDN for content delivery. The site shows basic mobile optimization but lacks accessibility and SEO best practices. No CMS or advanced frameworks are detected. Performance is moderate but limited by the minimal content and advertising load. Security posture is weak with no visible HTTPS enforcement or security headers. There are no forms or inputs to evaluate for secure data handling. Privacy compliance is minimal with only a basic privacy policy accessible via a popup link and no cookie consent mechanism. No incident response or security policies are disclosed. The WHOIS data confirms the domain is very new and consistent with a parked domain profile. Overall, the site presents a low trust profile with poor content quality and minimal business credibility. It is recommended to implement HTTPS, add clear business and contact information, provide comprehensive privacy and cookie policies with consent mechanisms, and reduce excessive third-party tracking to improve user trust and compliance.

ELEVUP is a Czech-based technology company specializing in advanced business and software development services. Their offerings include full stack development, mobile and web development, DevOps, cloud engineering, UX/UI design, and emerging technologies such as AI, AR/VR, and IoT. The company serves a diverse client base including media, automotive, fintech, and logistics sectors, with notable clients like ŠKODA Auto and RENOMIA. The website demonstrates a modern technical infrastructure built on React and Next.js, indicating a mature digital presence. However, a client-side application error on the homepage negatively impacts user experience. Security posture is moderate with the presence of HTTPS and cookie consent but lacks explicit security headers and incident response contacts. The absence of WHOIS data raises concerns about domain registration legitimacy, though the professional certifications and client portfolio support business credibility. Strategic improvements in security practices and domain verification are recommended to enhance trust and compliance.

F

FORVIA

forvia.com

69

FORVIA is a major global technology supplier in the automotive industry, ranking as the 7th largest worldwide. The company emphasizes sustainability and innovation, offering a broad portfolio of automotive technologies including electrification, automated driving, and sustainable materials. The website is professionally designed using Drupal 10, with modern web standards and analytics via Matomo. Security posture is strong with HTTPS and security headers, though explicit security policies and incident response details are not published. WHOIS data is missing, which is unusual for a corporate domain and suggests privacy protection or recent registration. Overall, the site presents a credible and professional business presence with room for improvement in transparency and direct contact information.

I

Infor Z

quotasonline.pt

57

Quotas Online is a Portuguese SaaS platform developed by Infor Z that provides streamlined management solutions for associations, clubs, and collectives. The platform offers key services such as member management, quota billing, digital payment processing, and accounting of income and expenses, targeting small to medium-sized organizations primarily in Portugal. The website is professionally designed, mobile-optimized, and provides clear navigation and pricing information, supporting a positive user experience. Technically, the website leverages modern web technologies including JavaScript, jQuery, SweetAlert2, and integrates Tawk.to for live chat support. The platform appears to be built on ASP.NET MVC, indicating a robust backend framework. Performance and mobile optimization are good, though SEO and accessibility could be further improved. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and published security policies. From a security perspective, no critical vulnerabilities or exposed sensitive data were detected. The site does not show signs of WAF or blocking mechanisms, allowing full content access. Privacy and cookie policies are present and GDPR compliance is indicated, though incident response and vulnerability disclosure information are absent. WHOIS data aligns well with the website's business claims, supporting legitimacy. Overall, Quotas Online presents a trustworthy and professional online presence with a solid technical foundation and good privacy practices. Strategic improvements in security headers, incident response transparency, and SEO could enhance the platform's security and market competitiveness.

Fundação "la Caixa" is a well-established non-profit foundation based in Portugal with over a century of history dedicated to social and cultural initiatives. The website reflects a professional and consistent brand presence, targeting a general audience interested in social welfare and cultural projects. The foundation operates with a large organizational size and maintains a reputable market position within the non-profit sector. Technically, the website is built on the Liferay CMS platform using modern technologies such as React and integrates widely used analytics and marketing tools like Google Analytics and Google Tag Manager. The site is mobile optimized and demonstrates good SEO and accessibility practices, although accessibility could be further improved. Security-wise, the website enforces HTTPS, uses security headers, and implements a cookie consent mechanism, indicating a good security posture. However, it lacks explicit privacy policies, terms of service, and incident response information, which are recommended for compliance and transparency. Overall, the domain registration data aligns well with the website's claims, supporting its legitimacy and trustworthiness.

A

Alibaba Cloud Computing (Beijing) Co., Ltd.

pifyapp.com

60

PifyApp operates as a Shopify app provider focused on enabling merchants to build customized Shopify stores. The website serves primarily as a demo store showcasing their customization capabilities, including announcement bars and form builders. The business targets Shopify store owners seeking enhanced store personalization and promotional tools. Technically, the site is built on the Shopify platform using standard Shopify Liquid templates, JavaScript, and third-party tools like PageFly for page building. Hosting is provided by Alibaba Cloud with DNS managed via Cloudflare, ensuring reliable infrastructure. Security posture is moderate with HTTPS enabled and use of hCaptcha for form protection; however, the absence of DNSSEC and security headers indicates room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the site is functional but basic in content and security maturity, suitable for a small e-commerce SaaS provider.

D

Datová kostka

dataovozidlech.cz

49

The website dataovozidlech.cz serves as an official portal providing access to vehicle registration data for the Czech Republic. It offers open data compliant with national legislation, vehicle technical information search, individual data issuance, and statistical summaries. The site is positioned as a government or government-affiliated service, targeting researchers, businesses, and the general public interested in vehicle data. The platform is moderately sized and founded in 2019, reflecting a stable operational history. Technically, the website employs standard web technologies including HTML5, CSS3, and JavaScript, with deferred script loading to optimize performance. Hosting is provided by Active24, a known Czech hosting provider. The site is mobile-optimized with a clear and consistent branding approach. However, there is room for improvement in SEO, accessibility, and security headers implementation. From a security perspective, the site uses HTTPS (implied by domain and modern standards though SSL details are not explicit), but lacks visible security headers and formal privacy or cookie policies. No contact information for security incidents or data protection officers is provided, which limits transparency and compliance with GDPR best practices. No vulnerabilities or malicious content were detected. Overall, the website is trustworthy and professional but would benefit from enhanced privacy compliance, security hardening, and clearer contact information to improve user trust and regulatory adherence.

E

Elektromobilní platforma, z.s.

eplatforma.cz

59

The Czech E-mobility Platform is a non-profit technological platform dedicated to supporting the development of e-mobility, charging infrastructure, and related scientific research and education within the Czech Republic. It serves as a key partner to government ministries, coordinating legislative, communication, and educational efforts to advance the National Clean Mobility Action Plan. The platform's membership includes representatives from automotive, energy, scientific, research, and governmental sectors, positioning it as a central hub for electromobility initiatives in the country. Technically, the website is built on the Webnode CMS platform, leveraging modern web technologies such as HTML5, CSS3, JavaScript, and Amazon Cloudfront CDN for hosting static assets. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with no significant technical issues detected. The site employs HTTPS with a strong SSL configuration, ensuring secure communications. From a security perspective, the site benefits from HTTPS and a cookie consent mechanism, but lacks visible security headers and published privacy or security policies. No contact information or incident response channels are provided, which limits transparency and user trust. The absence of WHOIS data reduces confidence in domain registration legitimacy, although the website content and hosting appear professional and consistent with the stated mission. Overall, the platform presents a credible and professional front for e-mobility development in the Czech Republic but would benefit from enhanced transparency through published privacy policies, contact information, and security best practices. Addressing these gaps would improve trustworthiness and compliance with data protection regulations.

E

EV FireSafe

evfiresafe.com

58

EV FireSafe is a small Australian-based educational resource focused on providing free electric vehicle fire safety knowledge targeted at emergency responders. The website is professionally designed using the Wix platform and offers relevant content to a niche audience in the energy and transportation sectors. The business model centers on information dissemination and education without evident commercial transactions. Technically, the site leverages Wix's infrastructure with standard JavaScript polyfills and is hosted securely with HTTPS enabled. However, the absence of WHOIS registration data raises concerns about domain legitimacy. Security posture is moderate with HTTPS but lacks advanced security headers and privacy compliance mechanisms. Overall, the site is functional and trustworthy in content but requires improvements in compliance and domain registration transparency.

S

Spirii

spirii.com

68

Spirii is a Denmark-based company specializing in EV charging solutions and eMobility business platforms. Their offerings include a Charge Point Management System, an EV charging app, and a suite of services such as branded solutions, financial services, grid services, and operational support. The company operates across multiple European countries with dedicated offices and subsidiaries, positioning itself as an experienced and reliable player in the eMobility sector. Technically, the website is built on modern web technologies including Webflow CMS, Google Tag Manager, and Cookiebot for privacy compliance, delivering a fast, mobile-optimized, and accessible user experience. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response information are not publicly available. The WHOIS data for the domain is missing, which raises some concerns about domain registration legitimacy, but the presence of VAT registration and detailed business information supports the company's credibility. Overall, Spirii presents a professional and trustworthy digital presence with room for improvement in transparency around security policies and domain registration details.

The website evozero.com represents a pioneering product initiative by Heidelberg Materials, focusing on the world's first carbon captured net-zero cement. The business is positioned as an industry innovator in sustainable construction materials, leveraging carbon capture and storage technology to reduce CO₂ emissions significantly. The target audience includes construction partners committed to sustainability and environmental responsibility. The site provides rich multimedia content, product brochures, and detailed information about the Brevik CCS project, reinforcing its market leadership in decarbonizing cement production. From a technical perspective, the website is built using modern web technologies including Nuxt.js and Tailwind CSS, ensuring fast performance, excellent mobile optimization, and good accessibility. The site employs HTTPS with strong security headers, indicating a solid security posture. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, explicit security policies and incident response information are not published, which could be improved. The WHOIS data for the domain is unavailable, which raises some concerns about domain registration transparency. Despite this, the website content and branding strongly associate with Heidelberg Materials, a reputable multinational company, lending credibility to the site. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site demonstrates a high level of professionalism, security, and compliance, with room for improvement in transparency of security policies and domain registration details.

H

Heidelberg Materials

heidelbergmaterials.com

77

Heidelberg Materials is a global leader in the manufacturing and supply of building materials including cement, aggregates, ready-mixed concrete, and asphalt. The company emphasizes sustainability and digital innovation as core pillars of its business strategy, targeting construction industry professionals, investors, and sustainability stakeholders worldwide. The website reflects a mature digital presence built on Drupal 10, with excellent design, mobile optimization, and clear navigation. Security posture is strong with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. The absence of WHOIS data for the domain is unusual for a large enterprise and warrants further verification. Overall, the website presents a professional, trustworthy, and comprehensive corporate presence.

K

Kingdom of the Netherlands

netherlandsandyou.nl

62

The website 'Netherlands and you' serves as an official government platform representing the Kingdom of the Netherlands. It aims to connect international partners with the Netherlands by providing information on diplomatic relations, permanent representations, business support, and cultural engagement. The site targets international audiences including businesses and governmental partners, positioning itself as a trusted source of official information. Technically, the website is built on the Liferay CMS platform, utilizing modern JavaScript frameworks such as React and Alloy UI. The infrastructure supports responsive design and accessibility features, ensuring a good user experience across devices. Performance is moderate with a well-structured navigation system. From a security perspective, the site enforces HTTPS and employs secure cookies, but lacks visible security headers and publicly available security policies. No vulnerabilities or exposed sensitive data were detected. However, the absence of privacy and cookie policies, as well as contact information, indicates gaps in privacy compliance and user transparency. Overall, the website is professional and trustworthy, consistent with its government affiliation. Strategic improvements include publishing comprehensive privacy and cookie policies, implementing security headers, and providing clear contact channels for security incidents and user inquiries.

M

MagNet Bank Zrt.

magnetbank.hu

72

MagNet Bank Zrt. is a Hungarian financial institution providing a broad range of banking services including retail and corporate accounts, loans, deposits, and digital banking solutions. The bank emphasizes community banking and sustainable finance, targeting individuals, companies, and nonprofit organizations. The website reflects a medium-sized bank with a solid market position in Hungary, offering comprehensive services and community-oriented programs. Technically, the website uses modern JavaScript frameworks like Vue.js and integrates popular analytics and marketing tools such as Google Tag Manager and Facebook Pixel. The site is well-optimized for mobile and SEO, with good performance and accessibility standards. Security-wise, the site enforces HTTPS, employs multiple security headers, and integrates recaptcha for form protection, indicating a strong security posture. No critical vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and compliant with GDPR and other relevant regulations.

Pardini is a firearms manufacturer with a presence in Italy and the United States, operating through Pardini Armi Srl and Pardini USA LLC respectively. The company targets shooting sports enthusiasts and dealers, offering manufacturing and distribution services. The website is professionally branded and provides clear contact information but lacks comprehensive privacy and security policies. Technically, the site uses standard web technologies such as HTML5, CSS3, JavaScript, and jQuery, with basic mobile optimization and moderate performance. Security measures are minimal, with no HTTPS verification visible in the data and no security headers detected, though email obfuscation is implemented. The absence of WHOIS registration data for the domain www.pardini.com raises concerns about domain legitimacy, despite the professional appearance of the site. Overall, the site is functional but requires improvements in security, privacy compliance, and domain registration verification.

P

Pražský RALLYSPRINT

prazskyrallysprint.cz

48

Pražský Rallysprint is a well-established motorsport event in Prague with a history dating back over two decades. The website serves as an information hub for participants, spectators, media, and partners, providing event details, results, galleries, and contact information. The business model revolves around event organization, sponsorship, and media partnerships, positioning it as a key annual rally event in the Czech Republic. Technically, the website uses modern web technologies including jQuery and Swiper.js, with a cookie consent mechanism and basic SEO optimizations. Security posture is moderate with room for improvement in security headers and explicit policies. Privacy compliance is addressed with cookie consent and a privacy policy in Czech. Overall, the site is professional, trustworthy, and well-maintained, though lacking some advanced security and compliance features.

R

Raiffeisen stavební spořitelna a.s.

rsts.cz

70

Raiffeisen stavební spořitelna a.s. is a Czech financial institution specializing in building savings, housing loans, and related financial products. The company targets individuals and legal entities in the Czech Republic seeking financial solutions for housing and savings. The website reflects a professional and consistent brand presence with clear navigation and comprehensive service offerings. Technically, the site employs modern web technologies including JavaScript, SVG graphics, and integrates Google Tag Manager and Sentry for analytics and error tracking. Cookie consent management is robust, supporting GDPR compliance. Security posture is strong with HTTPS enforced and secure form handling, though explicit security policies and incident response contacts are not published. The domain WHOIS data is unavailable, which slightly reduces trust but the overall website professionalism and presence on social media platforms support legitimacy. Recommendations include publishing security policies and enhancing security headers.

C

Centrum dopravního výzkumu, v.v.i.

katalog-poskozeni.cz

57

The website katalog-poskozeni.cz operates as a specialized database platform primarily serving court experts and professionals in transportation accident analysis. It offers a catalog of vehicle damage and an EES catalog with real accident and crash test data, supported by reputable Czech research institutions. The site is well-branded and targeted to a niche professional audience, with clear affiliations to Centrum dopravního výzkumu and VUT Brno. Technically, the site uses modern web technologies including Bootstrap, jQuery, and Nette Forms, with a moderate performance profile and good mobile optimization. Security posture is adequate with cookie consent mechanisms and session management, but lacks explicit security headers and published privacy or security policies. The domain registration is consistent with the business origin and age appropriate for the service launch. Overall, the site is professional, trustworthy, and safe for its intended audience.

C

cdv.cz

shopcdv.cz

66

The website shopcdv.cz represents an e-commerce platform operated by Centrum dopravního výzkumu (CDV), a Czech organization specializing in transportation research and related expert services. The platform offers publications, methodologies, and professional services targeting both public and private sector stakeholders interested in transportation safety, planning, and sustainability. The business is positioned as a niche provider with a medium-sized footprint, founded in 2019, and focused on delivering research outputs into practical applications. The website is primarily in Czech with multilingual support and integrates social media channels for broader engagement. Technically, the site is built on the Shopify platform, leveraging modern web technologies including JavaScript, CSS, and HTML5. It employs hCaptcha for form security and Judge.me for customer reviews, indicating a mature digital infrastructure. Performance and mobile optimization are good, with accessibility and SEO considerations well implemented. Hosting and domain registration are consistent with the business location and sector. From a security perspective, the site enforces HTTPS with excellent SSL configuration and uses CAPTCHA to protect forms. However, explicit security headers and published security policies are lacking, and no incident response or vulnerability disclosure mechanisms are evident. Privacy compliance is strong, with clear privacy and cookie policies and consent mechanisms aligned with GDPR requirements. Overall, the website demonstrates a solid business and technical foundation with good security hygiene, though it could benefit from enhanced transparency on security policies and incident response. The risk profile is low, with no critical vulnerabilities or suspicious indicators detected.

O

ODSlocal

odslocal.pt

40

ODSlocal is a Portuguese municipal platform dedicated to the Sustainable Development Goals (SDGs), providing comprehensive data, project mapping, and good practice sharing for municipalities. The platform is supported by several institutional partners and offers resources such as reports, publications, and a newsletter to engage stakeholders. The website is well-designed, mobile-optimized, and uses modern technologies like SvelteKit and Plotly.js, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements can be made by adding security headers and incident response information. Privacy compliance is adequate with a privacy policy and terms of service available, but lacks a cookie consent mechanism. Overall, the platform presents a trustworthy and professional image suitable for its governmental and non-profit audience.

C

Câmara Municipal de Castelo Branco

barrocal-parque.pt

62

O Parque do Barrocal is a municipal natural park located in Castelo Branco, Portugal, offering visitors a unique natural and cultural experience centered on a granitic landscape shaped over 310 million years. The park provides educational and recreational services including walking paths, observation points, and audio guides, targeting tourists, local residents, and educational groups. The website is professionally designed, consistent in branding, and supported by multiple recognized awards and certifications, enhancing its credibility. Technically, the website is built on the Webflow platform using modern web technologies such as HTML5, CSS3, JavaScript, and Google Fonts. It is mobile-optimized with good SEO practices, though performance is moderate and accessibility features are basic. The site uses a cookie consent mechanism but lacks explicit security headers and detailed privacy or security policies. From a security perspective, the site uses HTTPS and implements cookie consent, but there is room for improvement in security headers and incident response information. No vulnerabilities or exposed sensitive data were detected. The domain registration aligns well with the municipal nature of the site, indicating legitimacy and trustworthiness. Overall, the website presents a low-risk profile with good business credibility and privacy compliance. Strategic improvements in security policies, headers, and incident response readiness would enhance its security posture and trust further.

C

City as a Platform

city-platform.com

62

City as a Platform is a specialized urban management platform focused on smart city solutions primarily targeting municipal governments and urban planners in Portugal. The platform offers real-time data integration and decision support tools to facilitate efficient city management and enhance communication with citizens. The website is professionally designed using the Wix platform, featuring embedded client event videos and social media links, which support its market presence and credibility. However, the absence of WHOIS registration data raises questions about domain transparency, although the site content and presentation suggest a legitimate business operation. Technically, the site uses modern web technologies but lacks advanced security headers and privacy compliance mechanisms, which are areas for improvement. Overall, the security posture is moderate with HTTPS enabled but could benefit from enhanced security policies and transparency. Strategic recommendations include implementing comprehensive privacy and cookie policies, publishing terms of service and incident response contacts, and improving security headers to strengthen trust and compliance.

HORNBACH Baumarkt AG operates a large-scale retail and e-commerce platform specializing in home improvement, garden, and construction products primarily serving the German market and neighboring countries. The website is professionally designed, well-structured, and optimized for performance and mobile devices, reflecting a mature digital infrastructure. The company leverages modern technologies including StencilJS, Usercentrics for consent management, Dynatrace for real user monitoring, and Coveo for search analytics, indicating a high level of digital maturity. Security posture is strong with HTTPS enforcement, security headers, and cookie management, although explicit security policies and incident response contacts are not prominently published. Overall, the website demonstrates high trustworthiness and compliance with GDPR, supported by comprehensive privacy and cookie policies. The domain registration data aligns well with the business claims, reinforcing legitimacy. Strategic recommendations include publishing a dedicated security policy, incident response information, and vulnerability disclosure to further enhance transparency and security culture.

F

FORVIA HELLA

hella.com

74

FORVIA HELLA is a large, internationally positioned automotive supplier specializing in high-performance lighting technology and vehicle electronics. The company also offers a broad portfolio of services and products for spare parts, workshops, and special vehicle manufacturers. The website reflects a professional corporate presence with comprehensive information for partners, investors, and job seekers. Technically, the site uses modern web technologies including JavaScript, Bootstrap, and Piwik PRO analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and privacy compliance evident through detailed policies and cookie consent mechanisms, though explicit security headers and incident response contacts are absent. The WHOIS data is missing, which slightly reduces trust but the overall site content and branding strongly support legitimacy. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving accessibility features.

T

TSC Group

tsc-group.cz

54

TSC Group is a prominent holding company based in the Czech Republic, specializing in a broad range of facility management and technical services including cleaning, laundry, technological cleaning, and paint stripping. The group oversees 12 subsidiaries, serving diverse sectors such as industrial manufacturing, healthcare, administrative offices, and outdoor maintenance. Their market position is strong as the largest group in their sector within the Czech Republic, supported by certifications like ISO 50001 and EcoVadis, and partnerships with notable sports clubs. The website reflects a professional and comprehensive digital presence with clear service offerings and strong branding consistency. Technically, the website employs modern web technologies including Google Tag Manager, Swiper.js for UI components, and the Nette framework for form validation. The site is mobile-optimized with good performance and SEO practices. Security measures include HTTPS enforcement, use of reCaptcha on forms, and a cookie consent mechanism compliant with GDPR. However, some recommended security headers like Content-Security-Policy and X-Frame-Options are not explicitly confirmed and could be improved. Overall, the security posture is solid with no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data limits domain registration insights, but the professional presentation, certifications, and subsidiary network strongly indicate legitimacy and trustworthiness. The website content is safe for general audiences, with no adult or questionable material detected. Strategically, TSC Group should focus on enhancing security headers, maintaining GDPR compliance, and continuing to leverage their strong market position and certifications to build trust and expand their service offerings.

M

Mimosa.květiny

kvetinymimosa.cz

58

Mimosa.květiny is a small local flower shop based in Blansko, Czech Republic, offering a variety of floral products including bouquets, flower delivery, workshops, and wedding arrangements. The business operates an e-commerce platform with free delivery within the Blansko area, targeting local customers seeking creative and handmade floral decorations. The website is professionally designed with consistent branding and clear contact information, supporting a positive user experience and trustworthiness. Technically, the website is built on the Webnode CMS platform and utilizes Amazon Cloudfront CDN for content delivery. It employs modern web technologies including JavaScript and CSS, and is optimized for mobile devices with good SEO practices. The site uses HTTPS with a valid SSL certificate, ensuring secure communication. Cookie consent mechanisms and privacy policies are implemented, indicating compliance with GDPR requirements. From a security perspective, the website has a good posture with HTTPS and cookie consent but lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or suspicious content were detected. However, the absence of WHOIS data for the domain reduces the ability to fully verify domain legitimacy and trustworthiness. Overall, the website presents a trustworthy and professional front for a small retail flower business with moderate technical maturity and good privacy compliance. Strategic improvements in security headers and domain registration transparency would enhance trust and security posture.

ONE.CZ s.r.o. is an accredited domain registrar operating primarily in the Czech Republic, with a domain registration dating back to 1997. The company focuses on domain registration services and related internet infrastructure offerings. The website content is minimalistic, providing limited information beyond basic branding and a partner link to another registrar site. The technical infrastructure is basic, relying on simple JavaScript and static HTML without modern CMS or frameworks. Security posture is weak due to lack of visible HTTPS enforcement, security headers, and absence of privacy or cookie policies. No contact information or incident response details are provided, limiting transparency and user trust. Overall, the website reflects a small, established business with room for significant improvements in digital maturity and security compliance.