Security Directory

2

2score s.r.o.

chnliga.cz

46

Chance Národní Liga is a well-established Czech football league media platform providing comprehensive information about the second highest football league in the Czech Republic. The website offers match schedules, team and player statistics, news updates, and live streaming links, targeting football fans and sports enthusiasts primarily in the Czech Republic. The business operates in the media and sports sector with a medium-sized presence and a history dating back to at least 2013. Technically, the site uses modern web technologies including JavaScript, Typekit fonts, and integrates Google Analytics and Facebook Pixel for tracking, with a cookie consent mechanism to comply with privacy regulations. Security posture is moderate with HTTPS usage implied but lacks visible security headers and published privacy policies, which are areas for improvement. Overall, the site is professional, user-friendly, and trustworthy, with strong social media engagement and official partnerships. However, the absence of WHOIS data limits domain registration insights, though privacy protection appears justified. Strategic recommendations include publishing privacy and terms policies, enhancing security headers, and providing clear contact information to improve compliance and trust.

D

DIN Media GmbH

dinmedia.de

73

DIN Media GmbH is a well-established German company specializing in the provision of standards, norms, technical literature, seminars, and standards management solutions. With a history dating back to 1924, the company serves professionals and organizations requiring access to national, European, and international regulatory documents. Their business model includes e-commerce sales of documents, subscriptions, network licenses, and educational services. The website reflects a mature digital presence with multilingual support and a professional design. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates third-party analytics and marketing tools such as Google Tag Manager, Bing Ads, Hotjar, and Freshdesk. The site is mobile-optimized and accessible, with a moderate performance profile. Security measures include HTTPS, CSRF tokens, and cookie consent mechanisms, though explicit security headers and incident response policies are not publicly documented. The security posture is solid with no evident vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with comprehensive privacy and cookie policies and user consent mechanisms. The domain WHOIS data aligns with the business claims, showing consistent registration and no privacy protection, supporting legitimacy. Overall, DIN Media GmbH presents a trustworthy and professional online presence with room for improvement in explicit security policy publication and enhanced security headers. The risk profile is low, and the company appears to maintain good compliance and operational standards.

B

Besteto marketing, s. r. o.

besteto.sk

63

Besteto marketing, s. r. o. is a Slovak-based marketing agency specializing in helping e-commerce businesses grow through tailored marketing strategies including PPC advertising, SEO, social media management, and product comparison services. The company holds multiple industry certifications and partners with recognized platforms, positioning itself as a trusted regional player. The website is professionally designed, multilingual, and integrates modern marketing and analytics tools, reflecting a mature digital infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though some security headers and explicit privacy policies are missing. Contact information is comprehensive, supporting customer engagement. Overall, Besteto demonstrates a solid market presence with room for improvement in formal security and compliance documentation.

B

Besteto marketing, s. r. o.

besteto.cz

59

Besteto marketing, s. r. o. is a Czech Republic based marketing agency specializing in helping e-commerce businesses grow through tailored marketing strategies including PPC, SEO, social media, and product feed management. The company holds multiple certifications and partners with notable platforms and clients, positioning itself as a trusted marketing partner in the e-commerce sector. The website is professionally designed, mobile-optimized, and provides comprehensive contact and policy information, reflecting a mature digital presence. Technically, the site leverages WordPress with modern plugins and tracking tools, ensuring good performance and SEO optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though no explicit security policy or incident response information is published. WHOIS data is unavailable, which slightly impacts domain trust assessment but does not detract from the overall legitimacy of the business as presented.

X

XGRIDS LIMITED

xgrids.com

57

XGRIDS LIMITED is a Hong Kong-based technology company specializing in high-precision 3D reconstruction, spatial computing, and handheld LiDAR scanning devices. Their product portfolio includes advanced hardware such as the Lixel L2 Pro and LixelKity K1 scanners, alongside software solutions like LixelStudio and Lixel CyberColor. The company targets professional sectors including surveying, geospatial, architecture, engineering, construction, film, public safety, energy, and mining. The website reflects a mature digital presence with multimedia content and clear product positioning. Technically, the site uses modern JavaScript frameworks (Vue.js), Google Analytics, and Google Tag Manager, indicating a moderate to advanced digital infrastructure. Security posture is good with HTTPS enforced and no visible vulnerabilities, though improvements are recommended in security headers and privacy compliance. Overall, the domain registration and business information are consistent and legitimate, supporting a high trust level.

D

DJI

dji.com

74

DJI is a leading global technology company specializing in the design and manufacture of consumer and professional drones, camera stabilizers, and related products. The website showcases a comprehensive product portfolio including consumer drones like the Mavic series, handheld camera equipment, and enterprise solutions for agriculture and industrial applications. The company maintains a strong market position with a well-branded, professional online presence targeting both consumers and professional users worldwide. Technically, the website employs modern web technologies including React and jQuery, optimized for performance and mobile responsiveness. Security posture is solid with HTTPS enforced and privacy policies clearly presented, though some security headers and explicit incident response contacts could be improved. Overall, the site demonstrates a mature digital infrastructure with good SEO and accessibility practices.

F

Freefishing

freefishing.cz

57

Freefishing.cz is a Czech Republic-based retailer specializing in fishing equipment and accessories catering to both beginners and professional anglers. The company operates an e-commerce platform complemented by a physical store in Rožnov pod Radhoštěm. Their product range includes fishing rods, reels, camping gear, baits, and various fishing accessories sourced from domestic and international manufacturers. The website demonstrates a solid market position within the Czech fishing retail sector, supported by a comprehensive product catalog and customer engagement features such as VIP programs and customer reviews. Technically, the website employs modern JavaScript libraries and analytics tools including Microsoft Clarity, Google Tag Manager, and Facebook Pixel, ensuring effective user tracking and marketing capabilities with consent management in place. Security posture is adequate with HTTPS enforced and no evident vulnerabilities, though the absence of explicit security policies and incident response information suggests room for improvement. The lack of WHOIS registration data is a notable concern impacting domain trustworthiness. Overall, the site is professionally designed, user-friendly, and compliant with privacy regulations, making it a reliable platform for fishing enthusiasts in the Czech market.

K

Please verify that you are a real user

kayak.de

51

The analyzed page is a CAPTCHA verification gateway for kayak.de, a prominent travel metasearch platform serving primarily the German market. This page is designed to prevent automated access and ensure that visitors are legitimate users before allowing entry to the main site. Due to this security mechanism, the actual business content and detailed information are not accessible on this page. The technical infrastructure includes Google reCAPTCHA Enterprise, indicating a strong focus on bot mitigation and security. However, the page lacks visible privacy, cookie, or terms of service policies, and no contact or business details are present, limiting the ability to assess compliance and business credibility fully. The security posture benefits from the CAPTCHA implementation but lacks visible security headers and other best practices on this page. Overall, the site is partially blocked by security controls, resulting in a low AI score and incomplete analysis.

D

DKO s.r.o.

dko.cz

47

DKO s.r.o. operates the DKO Jihlava website, serving as a cultural hub in Jihlava, Czech Republic. The company offers a variety of cultural events including concerts, theater performances, dance courses, and festivals, alongside venue rental services. The website targets a general audience interested in arts and culture within the region. The business model revolves around event hosting and ticket sales, positioning DKO as a key local cultural institution. Technically, the website employs modern JavaScript libraries such as Owl Carousel and integrates Google Analytics and Google reCAPTCHA v3 for analytics and spam protection. The site is mobile-optimized with good navigation and SEO practices, though no CMS or hosting provider details are evident. Performance is moderate with basic accessibility features. From a security perspective, the site uses HTTPS and includes a cookie consent mechanism compliant with GDPR. However, it lacks visible security headers and published security or incident response policies, which are areas for improvement. The absence of WHOIS data reduces domain transparency but does not necessarily indicate malicious intent given the professional website content and contact information. Overall, the website is well-structured and trustworthy for its cultural event purpose, but enhancing security policies and domain registration transparency would strengthen its risk profile and user trust.

C

CPI Jihlava Shopping a.s.

citypark.cz

54

Citypark Jihlava operates as a regional shopping center in the Czech Republic, offering a broad range of retail shops, dining options, entertainment including a cinema, and parking facilities. The website reflects a professional and user-friendly digital presence with clear navigation and relevant content targeting local shoppers and visitors. The business is part of the CPI group, a known operator of shopping centers in the region. Technically, the site employs modern web technologies, including JavaScript frameworks, cookie consent management, and analytics tools, ensuring a compliant and functional user experience. Security posture is solid with HTTPS and consent mechanisms, though there is room for improvement in publishing explicit security policies and headers. The absence of WHOIS data reduces domain registration transparency but does not detract from the apparent legitimacy of the business. Overall, the site is well-maintained, GDPR compliant, and suitable for general audiences.

R

Robinson Jihlava s.r.o.

robinsonjihlava.cz

50

Robinson Jihlava s.r.o. operates the largest family amusement park in the Vysočina region of the Czech Republic, offering a wide range of attractions, event hosting, and food services targeted primarily at families and local visitors. The website presents a professional and well-structured digital presence with clear navigation, social media integration, and contact information. Technically, the site uses modern web standards with responsive design and AJAX forms, although no specific CMS or hosting provider is identified. Security posture is solid with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and detailed privacy or security policies. The domain is long-established and consistent with the business claims, indicating legitimacy and trustworthiness.

Q

Query Digital, s.r.o.

query.cz

63

Query Digital, s.r.o. is a Czech Republic-based web studio specializing in the development, operation, and consulting of web applications. The company serves a business clientele, including notable brands, and positions itself as a small but professional and trusted service provider in the technology sector. Their website reflects a modern, well-structured digital presence built on Next.js and React, with strong mobile optimization and user experience. Privacy and cookie policies are clearly presented and GDPR compliant, enhancing trust. Security posture is good with HTTPS and consent mechanisms, though some security policy documentation and incident response contacts are missing. WHOIS data is unavailable, which slightly impacts domain trust but does not detract from the professional appearance and business legitimacy of the site.

A

AUTODROM MOST a.s.

autodrom-most.cz

54

Autodrom Most is a well-established motorsport and driving safety center in the Czech Republic, offering a wide range of services including racing events, driving courses, and public rides. The website reflects a professional business with a clear market position as a leading motorsport venue hosting international events such as the World Superbike Championship. The company operates an e-commerce platform for ticket sales and merchandise, targeting motorsport enthusiasts and drivers seeking advanced driving training. Technically, the website uses a modern CMS platform (BSSHOP) with integration of popular marketing and analytics tools like Google Tag Manager and Seznam retargeting. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Privacy and cookie policies are implemented with consent mechanisms, indicating compliance with GDPR requirements. From a security perspective, the site enforces HTTPS and has basic security best practices in place, though it lacks advanced security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content and business information appear trustworthy and professional. Overall, the website presents a low-risk profile with good business credibility and technical maturity. Strategic improvements in security transparency and domain registration disclosure would enhance trust further.

B

Bitly, Inc.

maj.to

75

Bitly, Inc. is a well-established technology company specializing in branded link management and URL shortening services. Founded in 2003, Bitly serves a broad business and marketing audience, providing tools to create custom branded short domains and links that enhance click-through rates and engagement. The company is positioned as a market leader, trusted by major brands globally. The website reflects a mature digital infrastructure, leveraging WordPress CMS, CDN hosting via AWS Cloudfront, and modern analytics and consent management tools such as Snowplow, Google Tag Manager, and OneTrust. Security practices are robust, with HTTPS enforced and domain registration locked against unauthorized changes, though DNSSEC is not enabled. Privacy compliance is strong, with comprehensive privacy and cookie policies and active consent mechanisms. No critical vulnerabilities or security issues were detected, and the content is professional, safe, and business-focused.

K

Kernkraftwerk Gösgen-Däniken AG

kkg.ch

76

Kernkraftwerk Gösgen-Däniken AG operates a nuclear power plant in Switzerland, providing reliable and climate-friendly electricity. The company emphasizes technical expertise, environmental responsibility, and economic efficiency, serving a broad audience including professionals, schools, and job seekers. The website reflects a mature digital presence with professional design, clear navigation, and multilingual support. Technically, the site uses modern JavaScript libraries and frameworks, with good mobile optimization and accessibility features. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and policies could be enhanced. Overall, the domain registration and website content align well, indicating a trustworthy and legitimate business entity.

A

Axpo Schweiz

axpo.ch

77

Axpo Schweiz operates as the largest Swiss producer of renewable energy and holds a leading international position in energy trading and marketing of solar and wind power. The website reflects a mature digital presence with comprehensive content, clear navigation, and professional design, targeting Swiss energy consumers, business clients, investors, and media. The technical infrastructure includes modern JavaScript frameworks, Google Tag Manager for analytics, and OneTrust for cookie consent, indicating a focus on privacy and compliance. Security posture is strong with HTTPS enforcement and cookie consent mechanisms, though some security headers could be improved. The absence of WHOIS data limits domain registration trust analysis but the overall website professionalism supports legitimacy. Strategic recommendations include enhancing security headers and publishing explicit security policies to further strengthen trust.

K

Kernkraftwerk Leibstadt AG

kkl.ch

57

Kernkraftwerk Leibstadt AG operates the largest and most powerful nuclear power plant in Switzerland, producing low-CO2 electricity since 1984. The website serves as an information portal for the public, stakeholders, and visitors, offering detailed insights into nuclear energy production, safety measures, and visitor services including guided tours and educational events. The company holds a strong market position within the Swiss energy sector and maintains affiliations with key regulatory and industry bodies such as ENSI and swissnuclear. Technically, the website is built on the TYPO3 CMS platform, employing modern web technologies and adhering to good practices in mobile optimization, accessibility, and SEO. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR and related privacy regulations. Analytics are implemented via Google Tag Manager, with moderate user tracking. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks explicit security headers and a published security or incident response policy, which are recommended for enhanced security posture. No vulnerabilities or suspicious content were detected. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives. Strategic improvements in security policy transparency and header implementation would further strengthen its security and compliance stance.

The website ww38.radioexpres.sk currently serves as a parked domain with advertising content and no substantive business information or services presented. The site lacks any clear company identity, contact details, or descriptive content about its purpose or offerings. The presence of multiple third-party advertising and tracking scripts indicates a business model focused on monetizing domain traffic rather than providing direct services or content. Technically, the site uses standard HTML and JavaScript with content delivery via Amazon Cloudfront CDN, but lacks modern security practices such as HTTPS enforcement and security headers. Privacy compliance is minimal, with only a basic privacy policy linked via a JavaScript popup and no cookie consent mechanism. Overall, the site exhibits low digital maturity and poor user experience.

A

Association of Learned and Professional Society Publishers

alpsp.org

63

The Association of Learned and Professional Society Publishers (ALPSP) is an international trade association supporting not-for-profit organizations and institutions involved in scholarly and professional publishing. The website presents a professional and comprehensive platform offering training, events, membership services, and publications tailored to the scholarly publishing community. The organization positions itself as a key player in the non-profit publishing sector with a strong focus on education and community engagement. Technically, the website is built on TYPO3 CMS, employs modern web technologies, and integrates Google Tag Manager for analytics and marketing. The site is well-structured, mobile-optimized, and provides clear navigation and rich content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR, but lacks explicit security headers and published security policies. The absence of WHOIS registration details limits domain trust verification, though the website's professional presentation supports its legitimacy. Overall, the site demonstrates a mature digital presence with room for improvement in security transparency and domain registration clarity.

U

University of Colorado Colorado Springs

gomountainlions.com

66

The University of Colorado Colorado Springs (UCCS) Athletics website serves as the official digital platform for the Mountain Lions sports teams, providing comprehensive information including schedules, rosters, news, and fan engagement resources. Positioned as a key resource for students, athletes, and fans, the site supports NCAA Division II athletics within the Rocky Mountain Athletic Conference. The business model focuses on delivering timely sports content and fostering community involvement through digital channels. Technically, the website leverages a modern technology stack including JavaScript frameworks, RequireJS, jQuery, and integrates with multiple third-party services such as Google Analytics, Facebook Pixel, and Google Tag Manager. Hosting is managed via AWS Cloudfront CDN, ensuring reasonable performance and scalability. The site demonstrates good mobile optimization and accessibility features, with a consistent and professional design. From a security perspective, the site enforces HTTPS and employs domain transfer protections. However, it lacks some advanced security headers like Content-Security-Policy and explicit incident response contact information. Privacy compliance is addressed with accessible privacy and cookie policies, including consent mechanisms. No critical vulnerabilities or suspicious patterns were detected, indicating a mature security posture suitable for an educational institution. Overall, the website presents a low-risk profile with strong business credibility and technical implementation. Strategic improvements in security headers and incident response transparency would further enhance trust and resilience.

The website qrbus.me is operated by MH Wertyz s.r.o., a Slovak company founded in 2021, likely providing transportation services involving QR code technology for bus routes or ticketing. The site is a web application utilizing modern JavaScript frameworks such as Quasar and OpenLayers for map rendering, hosted on Websupport.cz. The technical infrastructure is moderately modern but lacks SEO and accessibility optimizations. Security posture is basic with no DNSSEC and no security headers detected, and no privacy or cookie policies are present, indicating gaps in compliance and security best practices. Contact information and incident response details are absent, limiting user trust and support avenues. Overall, the site is functional but requires improvements in privacy, security, and user experience to enhance credibility and compliance.

H

HandyTicket Deutschland

handyticket.de

56

HandyTicket Deutschland operates a mobile application platform that enables users to purchase public transportation tickets across multiple regions in Germany. The website serves as an informational and promotional portal for the app, providing download links, partner information, and support resources. The business is positioned as a key mobility service provider in the German public transport sector, aggregating various regional transport providers into a single app experience. Technically, the website employs modern web technologies including Google Tag Manager for analytics and advertising, optimized images, and responsive design for mobile users. The site is well-structured with good SEO and accessibility basics, though some advanced accessibility features could be improved. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, but lacks visible security policies or incident response contacts. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though it could enhance transparency by publishing terms of service and security policies.

M

MPI Media Ltd

irishhealthcareawards.ie

56

The Irish Healthcare Awards 2025 website is a professionally designed platform managed by MPI Media Ltd, focusing on recognizing excellence and innovation in the Irish healthcare sector. The event is well-established with a strong market position and offers key services including awards management, sponsorship opportunities, and sector networking. The website leverages a modern technical infrastructure including Evessio CMS, multiple analytics platforms, and third-party integrations to deliver a comprehensive user experience. Security posture is generally good with HTTPS enforced and use of reCAPTCHA; however, improvements are needed in DNS security and HTTP security headers. Privacy compliance is basic, with a privacy policy present but lacking explicit cookie consent mechanisms. Overall, the site is trustworthy and serves its target audience effectively.

M

MC Research & Analytics

iptechinsider.com

50

IP Tech Insider is a specialized quarterly newsletter and IP research platform operated by MC Research & Analytics, focusing on intellectual property technology, patent trends, and case studies primarily targeting IP professionals and technology companies. The website leverages a WordPress CMS with Elementor and integrates various plugins for content presentation and user engagement, including podcasting and anti-spam measures. The technical infrastructure is modern and moderately optimized for performance and mobile responsiveness. Security posture is solid with HTTPS and anti-spam protections, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is lacking due to missing privacy and cookie policies. Overall, the domain registration data aligns well with the business claims, indicating legitimacy and transparency.

S

Supplyframe

componentsearchengine.com

61

Component Search Engine, operated by Supplyframe, is a specialized online platform offering free access to electronic component schematic symbols, PCB footprints, and 3D models. It targets electronic engineers and PCB designers who use ECAD tools, providing seamless integration with a wide range of industry-standard software. The platform is well-established, with a domain age dating back to 2015, and maintains a consistent brand presence and professional content quality. The business model focuses on providing free technical content to support design engineers, enhancing their productivity and design accuracy. Technically, the website employs modern web technologies including JavaScript, Google Analytics, Google Tag Manager, and a consent management platform (Usercentrics) to ensure compliance with privacy regulations. The site is hosted under a reputable registrar and uses DNS Made Easy for DNS services, although DNSSEC is not enabled, representing a minor security gap. The website is moderately performant, mobile-optimized, and SEO-friendly, with good user experience and navigation clarity. From a security perspective, the site enforces HTTPS and uses secure forms with CSRF tokens. However, it lacks advanced security headers and does not publish a dedicated security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is strong, with clear privacy and cookie policies and mechanisms for user consent. Business credibility is supported by clear company branding, professional content, and trust signals such as privacy policies and terms of service. Overall, the website presents a low-risk profile with a good security posture and strong compliance with privacy regulations. Strategic recommendations include enabling DNSSEC, adding security headers, and publishing a security policy to further enhance trust and security maturity.

L

London & Country Mortgages

landc.co.uk

61

London & Country Mortgages is the UK's largest fee free mortgage broker, established in 1987, offering comprehensive mortgage brokerage, protection, and conveyancing services. The company operates a professional website with strong branding, clear navigation, and extensive customer resources. Their business model relies on lender commissions rather than customer fees, positioning them as a trusted intermediary in the UK mortgage market. Technically, the website is built on Webflow with modern JavaScript libraries, optimized for performance and mobile use, and integrates advanced analytics and consent management tools. Security posture is strong with HTTPS, security headers, and cookie consent, though a dedicated security policy and incident response information are absent. WHOIS data for the www subdomain is unavailable due to domain registration rules, but the main domain is legitimate and consistent with the business claims. Overall, the website demonstrates high professionalism, trustworthiness, and compliance with privacy regulations.

C

Charwin Private Clients Limited

charwinmortgages.co.uk

65

Charwin Mortgages is a UK-based mortgage brokerage firm specializing in providing mortgage and homeowner loan services to clients across all credit profiles, including those with bad or impaired credit. The company operates under Charwin Private Clients Limited, an FCA-authorized entity, and offers a comprehensive suite of services such as remortgages, home purchases, secured loans, debt consolidation, and capital raising. Their market position is strong within the niche of credit-challenged borrowers, supported by trust indicators like Trustpilot reviews and regulatory compliance. Technically, the website is built on modern frameworks including UIkit and integrates multiple analytics and marketing tools, demonstrating a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices. Security posture is solid with HTTPS and secure forms, though some security headers could be enhanced. Privacy compliance is robust with a detailed privacy policy and cookie consent mechanism. Overall, the website presents a professional, trustworthy, and user-friendly experience with a high level of business credibility.

H

Hill's Pro Staff Feeding

hillsprofeeding.com

75

Hill's Pro Staff Feeding operates as a professional provider of feeding solutions, likely targeting the agricultural and animal feed industry. The company positions itself as a medium-sized business with a focus on B2B retail and manufacturing services. The website reflects a professional and consistent brand image, with clear navigation and relevant content aimed at industry professionals. Technically, the site employs modern JavaScript frameworks and integrates multiple analytics and marketing tools, indicating a moderate level of digital maturity. Security-wise, the website enforces HTTPS and includes essential security headers, but lacks a publicly available security policy or incident response information, which could be improved. The absence of WHOIS registration data is a significant concern, potentially impacting trust and legitimacy perceptions. Overall, the site is safe, professional, and compliant with privacy regulations, but the domain registration inconsistency warrants further investigation.

H

Hill's Retail Order

hillsretailorder.com

69

Hill's Retail Order operates a retail ordering platform with a website titled 'Hill's Retail Order'. The domain is well-established since 2000, indicating a mature presence. However, the website content is minimal with no visible business descriptions, contact information, or user-facing content in the provided HTML. The technical infrastructure includes modern JavaScript frameworks such as Angular, usage of Font Awesome for icons, and performance monitoring via Boomerang. Hosting appears to leverage Akamai CDN services. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and explicit security headers. Privacy and cookie policies are absent, and no contact or business verification information is present, limiting trust and compliance confidence. Overall, the site appears functional but lacks transparency and comprehensive user information.

B

Besteto marketing, s. r. o.

besteto.com

59

Besteto marketing, s. r. o. is a Czech-based marketing agency specializing in helping e-commerce shops grow through tailored marketing strategies including PPC, SEO, social media, and product feed management. The company positions itself as a trusted partner with multiple certifications and a portfolio of notable clients, supported by a professional and well-structured website. The business operates under the Profitak group umbrella and targets online retailers primarily in the Czech Republic. The website is modern, mobile-optimized, and rich in content, reflecting a mature digital presence. Technically, the site is built on WordPress with a modern tech stack including Google Tag Manager, MailerLite for newsletters, CookieHub for cookie consent, and Plausible Analytics for privacy-friendly tracking. The site demonstrates good SEO practices and accessibility features, though some security headers are missing. The SSL configuration is excellent, and cookie consent mechanisms are properly implemented, indicating GDPR compliance. From a security perspective, the site uses HTTPS and has implemented cookie consent but lacks explicit security.txt and incident response contacts. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces trust slightly but is mitigated by the professional site content and certifications. Overall, Besteto.cz presents a credible, professional marketing agency with a strong digital footprint and good privacy compliance. Strategic improvements in security headers and incident response transparency would enhance trust and security posture further.

H

hobbytec.se

hobbytec.se

46

The website hobbytec.se currently serves as a parked domain with minimal content primarily consisting of advertising blocks and no substantive business information or services. The domain registration data is inconsistent, showing a creation date in the future, which undermines trust and suggests the domain is not yet actively used for a legitimate business. Technically, the site uses basic HTML, CSS, and JavaScript with Google Adsense and Bodis scripts for monetization. Security posture is weak with no DNSSEC, no security headers, and no visible privacy or incident response policies. The site is accessible over HTTPS but lacks GDPR compliance mechanisms such as cookie consent banners. Overall, the site appears to be a placeholder rather than an operational business website.

D

Dovolená s nápadem

dovolenasnapadem.cz

53

Dovolená s nápadem is a Czech e-commerce website specializing in selling travel magazines and packages focused on family-friendly trips and cycling tours within the Czech Republic and neighboring countries. The site offers a variety of printed and digital magazines, including curated bundles, targeting families and tourists seeking well-planned travel experiences. The business operates on the Shoptet platform, leveraging modern web technologies and standard marketing and analytics tools such as Google Analytics and Facebook SDK. The website is well-designed with good navigation, mobile optimization, and clear product presentation. Privacy and cookie policies are present and comply with GDPR requirements, including a consent mechanism. However, no direct company contact emails or phone numbers are visible, with contact primarily via forms.

S

Seiler

seilersolutions.com

63

Seiler Solutions is a precision manufacturing company emphasizing values-driven, world-class precision services. The website presents a professional image with a focus on industrial and engineering clients, offering custom machining and precision manufacturing solutions. The technical infrastructure is based on WordPress with the Divi theme, incorporating modern web technologies such as Google Tag Manager and Typekit fonts. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security posture is moderate with no visible security headers or explicit SSL configuration details in the provided data. The absence of privacy, cookie, and terms of service policies, along with missing WHOIS registrant data, reduces overall trust and compliance standing. Strategic improvements in transparency, security headers, and privacy compliance are recommended to enhance trustworthiness and regulatory adherence.

Hill's Vet is a professional veterinary health resource website operated by Hill’s Pet Nutrition, Inc., a subsidiary of Colgate-Palmolive Company. The site provides veterinary professionals with research, practice management resources, product ordering platforms, and educational content. It targets veterinarians, vet techs, students, and clinic managers primarily in the United States. The website demonstrates a mature digital presence with integrations for identity management, analytics, and consent management, reflecting a strong commitment to user experience and privacy compliance. The content is well-structured, relevant, and professionally presented, supporting the brand's market position as a trusted veterinary resource. Technically, the website is built on Adobe Experience Manager CMS and leverages modern JavaScript libraries and third-party services such as Gigya for customer identity, TrustArc for consent management, and multiple analytics and marketing tools. The site is mobile-optimized, accessible, and performs moderately well, although some improvements in security headers and performance monitoring could be beneficial. From a security perspective, the site enforces HTTPS and employs cookie consent mechanisms, secure login flows, and session management. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain is unusual and warrants further investigation to confirm domain legitimacy. Overall, the security posture is strong but could be enhanced with additional headers and a public vulnerability disclosure policy. The overall risk assessment is low, with the website representing a credible and professional business entity. Strategic recommendations include improving security header implementation, publishing a security.txt file, and enhancing incident response contact visibility to further strengthen trust and compliance.

New Books Network is a specialized academic media platform that produces and distributes podcasts focused on new scholarly books across a wide range of disciplines. It serves a niche audience of academics, students, and intellectually curious listeners, offering curated content and author interviews. The platform is supported through Patreon memberships, affiliate book sales, and merchandise, reflecting a sustainable content-driven business model. Technically, the site is built on Craft CMS and employs modern JavaScript libraries and analytics tools, hosted by Bluehost Inc. The website demonstrates good design quality, mobile optimization, and user experience, though some SEO and accessibility features could be enhanced. Security posture is adequate with HTTPS and CSRF protections, but lacks DNSSEC and comprehensive security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the domain age and WHOIS data support the site's legitimacy and trustworthiness.

I

indiepubs

indiepubs.com

70

indiepubs.com is an e-commerce website specializing in the sale of independent books, leveraging the Shopify platform for its online store. The site targets readers and book enthusiasts interested in indie publications, offering browsing by categories and publishers. The business appears to be small-sized, founded in 2014, and operates primarily in the United States. The website demonstrates a good level of digital maturity with modern technologies, responsive design, and integration of analytics and customer support tools. Security posture is solid with HTTPS enforced and domain registration protections in place, though DNSSEC is not enabled and no explicit privacy or terms policies are visible, which are areas for improvement. Overall, the site is professional and trustworthy but could enhance compliance and transparency aspects.

R

RustyBrick, Inc.

rustybrick.com

60

RustyBrick, Inc. is a small technology service company based in New York, specializing in web design, web development, mobile app development, branding, and marketing technology solutions. The company has a professional online presence with a comprehensive portfolio showcasing various projects and client testimonials, positioning itself as an established player in the technology services market. Their target audience primarily consists of businesses seeking customized online technology solutions to improve operational efficiency and sales. The website infrastructure employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google services such as reCAPTCHA for form security and Google Analytics for user tracking. The site is mobile optimized with responsive design elements, providing a good user experience across devices. However, some accessibility features could be improved to meet higher compliance standards. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms from spam and abuse. Despite this, the absence of key security headers and lack of a published security policy or incident response contact reduces the overall security maturity. The missing WHOIS registration data raises concerns about domain legitimacy, although the professional content and active business presence mitigate some risk. Overall, RustyBrick's website is well-designed and functional with moderate technical sophistication and a good security baseline. The primary risks relate to domain registration transparency and privacy compliance, which should be addressed to enhance trust and regulatory adherence.

T

The Architectural Review Store

thearchitecturalreviewstore.com

70

The Architectural Review Store is an e-commerce platform specializing in the sale of back issues and magazines related to architecture. The website targets architects, designers, and enthusiasts interested in architectural publications. It operates on the Shopify platform, leveraging its robust e-commerce infrastructure and CDN hosting. The site demonstrates a professional design with good content quality and consistent branding. Privacy and cookie policies are implemented with GDPR compliance, and tracking is conducted via Facebook Pixel and Google Analytics. However, the absence of WHOIS registration data and explicit contact information slightly detracts from its business credibility. The site is fully accessible without any WAF or blocking mechanisms, and it maintains excellent SSL security through Shopify's infrastructure.

I

INA-INDUSTRIJA NAFTE, d.d.

inaloyaltynagradna.com

59

The website inaloyaltynagradna.com serves as a promotional platform for the INA Loyalty program's Coca-Cola related contest running from June 6 to July 31, 2025. It targets Croatian consumers who purchase Coca-Cola products at INA gas stations, encouraging them to participate in a loyalty program to win prizes such as PlayStation 5 Pro, iPhone 16, and fuel cards. The site is well-branded with consistent INA and Coca-Cola imagery and provides clear instructions and contact information. The business behind the site is INA-INDUSTRIJA NAFTE, a large energy sector company in Croatia, leveraging digital engagement to enhance customer loyalty.

S

Salesforce

visualforce.com

76

Salesforce is a global leader in AI-powered CRM software, offering a comprehensive suite of cloud-based solutions that unify sales, service, marketing, commerce, and data analytics. The company targets a broad range of industries and business sizes, with a strong emphasis on enterprise customers. Their market position is reinforced by a robust partner ecosystem and multiple well-known subsidiaries such as Tableau, Slack, MuleSoft, and Heroku. Technically, the website demonstrates a mature digital infrastructure leveraging modern web technologies, performance optimization, and extensive use of analytics and marketing tools. Security posture is strong, with HTTPS enforcement, comprehensive security headers, and adherence to industry certifications like ISO 27001 and SOC 2. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Overall, the website and business present a high level of professionalism, trustworthiness, and technical sophistication.

S

Statutární město Jihlava

jihlava-city.cz

49

The website jihlava-city.cz serves as the official digital presence of the statutory city of Jihlava in the Czech Republic. It provides comprehensive municipal information, including city news, public documents, event calendars, citizen services, and tourism resources. The site targets residents, local businesses, and visitors, positioning itself as the authoritative source for city-related information and services. The business model is that of a government municipal portal, focusing on transparency, public engagement, and service delivery. Technically, the website is built on the VISMO CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google services for translation and search functionality, enhancing accessibility and user experience. The site demonstrates good mobile optimization, accessibility, and SEO practices, although performance is moderate. Hosting and domain registration are consistent with Czech providers, supporting the site's legitimacy. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism compliant with GDPR. However, it lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. Security headers appear to be missing or not explicitly declared in the provided data, representing an area for improvement. Overall, jihlava-city.cz is a trustworthy and professional municipal website with strong content quality and privacy compliance. Strategic recommendations include implementing security headers, publishing a security policy, and establishing a vulnerability disclosure process to enhance security posture and user trust.

M

město Litvínov se sídlem Městský úřad Litvínov

mulitvinov.cz

47

The website mulitvinov.cz serves as the official online presence of the city of Litvínov, Czech Republic. It provides comprehensive information and services related to municipal administration, public services, local governance, and community events. The site targets residents and visitors seeking official information about the city, including administrative procedures, social services, cultural activities, and local news. The business model is that of a government entity focused on public service delivery and citizen engagement. The website is well-established, with a domain age dating back to 1999, reflecting a mature digital presence for the municipality. Technically, the site employs a modern CMS platform (vismo), uses HTTPS with good SSL configuration, and integrates third-party services such as Google reCAPTCHA for form security, Google Translate for multilingual support, and Facebook SDK for social media integration. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some improvements in security headers and cookie consent mechanisms are recommended. From a security perspective, the website enforces HTTPS and uses CAPTCHA to protect forms, but lacks explicit security headers and detailed security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is basic, with privacy and cookie policies present but without active consent mechanisms. The domain registration data is consistent and trustworthy, supporting the legitimacy of the site. Overall, the website presents a low-risk profile with good business credibility and technical implementation. Strategic recommendations include enhancing security headers, implementing cookie consent mechanisms, and publishing explicit security and incident response policies to improve compliance and trust.

M

Magistrát města Mostu

mesto-most.cz

49

The website www.mesto-most.cz serves as the official online portal for the city of Most in the Czech Republic. It provides comprehensive municipal information, including administrative services, event calendars, news updates, and public resources tailored for residents and visitors. The site is well-branded with official city logos and integrates social media channels to enhance community engagement. Technically, the site uses a modern CMS (vismo), incorporates Google Analytics for traffic insights, and employs Google reCAPTCHA to secure forms against spam. The presence of cookie consent and privacy policies indicates compliance with GDPR regulations. Security-wise, the site enforces HTTPS and uses standard security practices but lacks explicit security headers and a published security policy or incident response contact. The WHOIS data is unavailable, which slightly reduces domain registration trust but does not detract from the site's legitimacy given its official nature. Overall, the site is professional, user-friendly, and secure with room for improvement in security transparency and technical headers.

Joint Commission Resources (JCR) is a wholly owned not-for-profit affiliate of The Joint Commission, dedicated to helping healthcare organizations improve patient care, safety, and quality across the continuum of care. The website serves as a comprehensive resource offering advisory services, education programs, survey readiness tools, publications, and software solutions tailored to healthcare providers. JCR positions itself as a trusted healthcare quality expert with a strong market presence and affiliation with a reputable parent organization. Technically, the website is built on a modern stack including Sitecore CMS, Bootstrap framework, and advanced JavaScript libraries such as GSAP and Coveo for search functionality. It employs Google Tag Manager and Osano for consent management, reflecting a mature digital infrastructure. The site is well-optimized for mobile and accessibility, with good SEO practices and fast loading times. From a security perspective, the site enforces HTTPS, uses standard security headers, and integrates consent management for privacy compliance. However, it lacks publicly available security policies and incident response contacts, which are recommended for enhanced transparency and trust. The absence of WHOIS registration data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional branding and content. Overall, JCR's website demonstrates a high level of professionalism, security, and compliance suitable for its enterprise healthcare audience. Strategic recommendations include publishing explicit security and incident response policies and investigating the WHOIS data anomaly to ensure domain registration transparency.

I

ipartner

ipartner.sk

48

ipartner is a Slovak-based company specializing in creating exceptional products and services through creative design and technology. Their offerings include web design, software development, marketing, SEO, and graphic design, targeting both companies and individuals across various industries. The website reflects a professional and consistent brand image with good content quality and user experience. Technically, the site uses modern JavaScript libraries, Google Analytics for tracking, and is hosted on a Slovak hosting provider, ensuring moderate performance and good mobile optimization. Security posture is adequate with HTTPS enabled and GDPR-compliant privacy and cookie policies, though explicit security policies and incident response information are absent. Overall, the domain registration data aligns well with the business history, supporting legitimacy and trustworthiness.

S

Smash, s. r. o.

hellosmash.sk

47

Smash, s. r. o. is a Slovak-based small web development agency specializing in creating high-quality custom websites and digital products. Their market position is focused on delivering precision and quality to local businesses and organizations, with a portfolio that includes notable clients such as ESET. The company emphasizes mobile-first design and user experience. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integration of Google Analytics and Tag Manager for performance and marketing insights. The site is well-structured, mobile-optimized, and SEO-friendly, though accessibility features are basic. Security posture is moderate; HTTPS is assumed but security headers are not evident, and no explicit security policies or incident response information are published. Privacy compliance is good with GDPR and cookie consent mechanisms in place. Overall, the website is professional and trustworthy, though WHOIS data is unavailable due to privacy protection, which slightly reduces transparency.

O

Oertli Instrumente AG

oertli-instruments.com

56

Oertli Instrumente AG is a Swiss-based manufacturer specializing in ophthalmic surgical devices, particularly for cataract surgery. The company emphasizes Swiss quality and innovation, targeting healthcare professionals involved in eye surgeries. Their product portfolio includes surgical platforms, instruments, and consumables, with FDA 510(k) clearance for key products, indicating regulatory compliance and market readiness in the USA. The website is professionally designed, mobile-optimized, and provides comprehensive information tailored to its professional audience. Technically, the website leverages modern technologies including Pimcore CMS, Google Tag Manager, and personalization scripts. It employs HTTPS with good SSL configuration and integrates consent management for cookies, reflecting a mature digital infrastructure. However, some security headers are missing, and explicit security policies or incident response information are not publicly available. From a security perspective, the site shows good practices such as encrypted connections and no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data for the domain is a notable concern, potentially indicating privacy protection or registration issues, which slightly impacts trustworthiness. Overall, the site maintains a good security posture but could improve transparency and security header implementation. The overall risk assessment is moderate with recommendations to enhance security policies, publish incident response contacts, and verify domain registration details. These steps would strengthen trust and compliance, supporting the company’s professional reputation in the healthcare sector.

SECTOR Cert is a German-based certification and training provider specializing in nondestructive testing (NDT) and related quality assurance services. The company offers certifications aligned with DIN EN ISO 9712 and ISO 18436 standards, organizes industry events, and provides employer certification services. Their target audience includes professionals and companies within the NDT sector seeking qualification and certification services. The website content is primarily in German and reflects a medium-sized business with a focused niche market position. Technically, the website is built on the TYPO3 CMS platform and uses legacy JavaScript libraries such as jQuery 1.5.2 and MD5 hashing for login authentication, indicating some technical debt and modernization opportunities. The site is moderately optimized for performance and mobile use but lacks advanced accessibility and SEO features. No advanced security headers or modern cryptographic practices are evident, which could expose the site to certain risks. From a security perspective, the site uses HTTPS (implied by base href), but no explicit security headers were detected in the provided HTML. The login form uses MD5 hashing, which is considered weak by modern standards. The WHOIS data for the domain is unavailable, which reduces trustworthiness and raises questions about domain registration transparency. However, the website content and external links to reputable industry organizations support the legitimacy of the business. Overall, the website presents a professional but somewhat outdated technical posture with moderate security and privacy compliance. Strategic improvements in security practices, technical modernization, and enhanced privacy mechanisms would strengthen the company's digital trust and operational resilience.

S

Sportclinic

sportclinic.sk

38

Sportclinic is a specialized private orthopedic clinic based in Bratislava, Slovakia, offering advanced sports medicine and orthopedic surgical services including arthroscopic procedures and one-day surgeries. The clinic targets both professional athletes and the general population recovering from musculoskeletal injuries, leveraging modern diagnostic technologies such as MRI and CT scans. It operates as part of the Nemocnica Medissimo hospital group, enhancing its market position and service capabilities. Technically, the website employs modern web technologies including Bootstrap 5, Google Tag Manager, and Facebook SDK, providing a responsive and user-friendly experience. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though explicit security policies and incident response contacts are absent. Overall, the website is professional, trustworthy, and compliant with basic privacy standards, though improvements in privacy documentation and security transparency are recommended.

The website dsoft.company is a minimal WordPress-based blog with very limited content and no clear business description or services. It appears to be a personal or small-scale site with a single blog post and basic navigation. The technical infrastructure is standard for WordPress, hosted by BigRock Solutions Ltd, with HTTPS enabled but lacking advanced security headers or DNSSEC. There are no privacy, cookie, or terms of service policies present, and no contact or business information is provided, which limits trust and compliance. The WHOIS data shows the domain was registered in 2022 in the United Arab Emirates with no organization name, which aligns with the minimal business presence on the site. Overall, the site has a low security posture and limited business credibility.