Security Directory

T

TAYLLORCOX s.r.o.

gdpr.cz

71

GDPR.cz is a Czech informational portal and magazine focused on GDPR, data protection, and compliance topics. It provides expert articles, interviews, and practical tools such as GDPR audit self-assessment. The site targets legal professionals, companies, and GDPR consultants, positioning itself as a key resource in the Czech market. Technically, the website uses modern JavaScript frameworks like Alpine.js, integrates Google Tag Manager for analytics, and employs a cookie consent mechanism from TermsFeed, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing. The absence of WHOIS data reduces domain trust slightly but the professional content and business information support legitimacy. Overall, GDPR.cz is a well-maintained, content-rich platform with good privacy compliance and moderate tracking practices.

O

Obec Mokrá-Horákov

mokra-horakov.cz

57

Obec Mokrá-Horákov operates an official municipal website serving residents, businesses, and tourists with comprehensive local government information, services, and community updates. The site is built on Drupal 10, leveraging modern web technologies and frameworks to deliver a responsive and accessible user experience. It integrates Google Analytics for visitor insights and provides cookie consent mechanisms to comply with GDPR regulations. The website maintains a professional appearance with consistent branding and clear navigation, supporting its role as a trusted local government resource. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be enhanced. The absence of WHOIS data limits domain trust analysis, but official contact details and social media presence support legitimacy.

Z

ZŠ Bratrství, příspěvková organizace

zsbrat.cz

49

ZŠ Bratrství, příspěvková organizace, is a regional primary school located in the Czech Republic, focusing on fostering creativity, logical thinking, and mutual understanding among students. The website serves as an information portal for students, parents, and the local community, providing updates on school events, educational programs, and community projects. The school positions itself as an inclusive educational institution serving the Podhostýnsko region. Technically, the website employs common web technologies such as jQuery, FontAwesome, and Google reCAPTCHA, with integrations for social media platforms like Facebook and YouTube. The site is mobile-optimized and includes a cookie consent mechanism, reflecting a basic level of privacy compliance. Security-wise, the site uses HTTPS and some best practices but lacks visible security headers and a published incident response policy. The absence of WHOIS data for the domain is a notable concern, reducing trustworthiness and suggesting the need for further verification of domain registration status. Overall, the website is professional, content-rich, and trustworthy from a user perspective but could improve in security transparency and domain legitimacy verification.

HOLIDAY WORLD & REGION WORLD is a well-established international trade fair focused on tourism and regional travel, organized by ABF, a.s. The website presents comprehensive information about the event, including visitor and exhibitor details, partner logos, and news updates. The business holds a strong market position in the Czech tourism event sector, with a history dating back to 1998. Technically, the site is built on WordPress with modern plugins and libraries, ensuring good SEO and mobile responsiveness. Security posture is solid with HTTPS, cookie consent, and no visible vulnerabilities, though explicit security policies and incident response contacts are absent. Overall, the site is professional, trustworthy, and compliant with GDPR, serving its audience effectively.

A

Asociácia informačných centier Slovenska

aices.sk

59

Asociácia informačných centier Slovenska (AiCES) is a Slovak non-profit association that coordinates and supports tourist information centers across Slovakia. The website serves as a central hub for information about the association, its members, and tourism-related initiatives, including sustainable tourism campaigns. The site is well-positioned in the Slovak tourism sector with partnerships including the Ministry of Tourism and other regional entities. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Cookiebot for privacy compliance, and uses popular libraries like jQuery and Swiper.js for UI enhancements. Security posture is strong with enforced HTTPS and cookie consent mechanisms, though some security headers could be improved. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

R

Raab Computer s.r.o.

affc-ok.cz

48

The website www.affc-ok.cz represents a regional government or non-profit initiative focused on the Audit Family Friendly Community program in the Olomoucký kraj region of the Czech Republic. It aims to support municipalities in improving living conditions for families through audits, certifications, and educational activities. The site is professionally designed with clear navigation and content relevant to its target audience of local government bodies and municipalities. Technically, it employs common JavaScript libraries such as jQuery, FontAwesome, bxSlider, and others to enhance user experience. However, no CMS or hosting provider information is discernible. Security posture is moderate with cookie consent implemented but lacking explicit security headers and no visible incident response or vulnerability disclosure policies. WHOIS data is unavailable, which reduces domain trustworthiness but the website content and design suggest legitimacy. Overall, the site is safe, non-adult, and well-targeted for its audience.

E

ENVItech Bohemia s.r.o.

envitech.eu

56

ENVItech Bohemia s.r.o. is a Czech Republic-based company specializing in environmental monitoring services, particularly air quality measurement. Established in 1992, the company offers a comprehensive portfolio including monitoring systems, meteorological equipment, emission measurement, calibration, detection systems, and related software solutions. The company holds multiple certifications such as ISO 9001 and ISO 14001, reinforcing its credibility and compliance with industry standards. Their market position is solid within the environmental technology sector, targeting professional and governmental clients. The website reflects a medium-sized enterprise with consistent branding and a professional online presence. Technically, the website is built on the ByznysWeb.cz platform, utilizing modern web technologies including Google Analytics for tracking and FontAwesome for icons. The site is mobile-optimized with good SEO practices and clear navigation. Privacy and cookie policies are well implemented with consent mechanisms, indicating compliance with GDPR requirements. However, the absence of explicit security headers and incident response information suggests areas for security enhancement. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The lack of WHOIS data limits domain trust assessment, but the website content and certifications support legitimacy. Overall, the site demonstrates a mature digital infrastructure with room for security improvements and enhanced transparency in incident response. Strategically, the company should focus on improving security headers, publishing incident response contacts, and resolving WHOIS data visibility to strengthen trust and compliance. These steps will enhance their security posture and business credibility in the competitive environmental monitoring market.

H

Horská služba ČR, o.p.s.

horskasluzba.cz

62

Horská služba ČR, o.p.s. is a Czech non-profit organization dedicated to mountain rescue and safety services. The website serves as an official information portal providing updates on rescue operations, avalanche warnings, and safety guidelines for mountain visitors. It is supported by government funding and partnerships with recognized entities, positioning it as a trusted national mountain rescue service. The site targets outdoor enthusiasts and the general public seeking safety information in mountainous regions of the Czech Republic. Technically, the website employs modern web technologies including Leaflet.js for interactive maps and Google Tag Manager for analytics, with a basic but functional mobile experience. Security posture is solid with HTTPS and cookie consent mechanisms, though improvements in security headers and incident response disclosures are recommended. Overall, the site is professional, trustworthy, and compliant with GDPR, but the absence of WHOIS data introduces some uncertainty in domain legitimacy.

C

CGI IT Czech Republic s.r.o.

jiz50.cz

50

The website jiz50.cz represents the official platform for the 59th edition of the ČEZ Jizerská 50, a prestigious cross-country skiing race in Central Europe. The event is organized by CGI IT Czech Republic s.r.o. and targets both professional and hobby skiers. The site provides comprehensive information about the races, registration, results, partners, and charity initiatives, positioning itself as a leading event in the regional winter sports calendar. The business model revolves around event management, sponsorship, merchandise sales, and community engagement.

K

Kulturní centrum Zahrada

kczahrada.cz

42

Kulturní centrum Zahrada is a small, community-focused cultural and social center based in Prague 11, Czech Republic. It offers a broad range of cultural events including concerts, theater, film screenings, educational programs, workshops, and leisure activities targeting a diverse audience from children to seniors. The website reflects a well-maintained digital presence with clear navigation, multilingual support, and integration of event management and ticketing systems. Technically, the site is built on WordPress using the Avada theme and several popular plugins, with modern JavaScript libraries and tracking tools implemented. Security posture is solid with HTTPS, security headers, and cookie consent mechanisms in place, although no explicit security policy or incident response contacts are published. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, serving as a reliable information hub for its community.

D

Destinační společnost Hradecko

hradecko.cz

46

Destinační společnost Hradecko operates as a regional destination management organization promoting tourism, cultural heritage, and events in the Hradec Králové region of the Czech Republic. The website serves as an information hub for tourists, local businesses, and families, providing event calendars, attraction details, and regional products. The organization is supported by local government entities, enhancing its credibility and market position within the hospitality and non-profit sectors. Technically, the website employs modern web technologies including Bootstrap 5, FontAwesome, Google Fonts, and Google Translate integration, ensuring a responsive and multilingual user experience. The site features a cookie consent mechanism and basic GDPR compliance, though lacks advanced security headers and detailed security policies. Performance and accessibility are moderate to good, with room for improvement in security hardening. From a security perspective, the site uses HTTPS and includes cookie consent but does not expose sensitive data or show signs of vulnerabilities in the visible content. However, the absence of WHOIS registration data reduces domain trustworthiness and suggests either privacy protection or registration issues. No incident response or vulnerability disclosure information is provided, indicating potential gaps in security transparency. Overall, the website is professionally designed and content-rich, targeting a general audience interested in regional tourism. The main risks relate to incomplete domain registration transparency and limited security policy disclosures. Strategic improvements in security headers, incident response readiness, and WHOIS data transparency would enhance trust and compliance.

S

SEIGI

seigi.eu

44

SEIGI is a specialized technology company focused on developing and selling modules and integrations for PrestaShop and thirty bees e-commerce platforms. Their website offers a variety of extensions aimed at enhancing online store functionality and marketing capabilities. The company targets e-commerce store owners seeking to improve their platform capabilities through specialized software modules. Technically, the website employs a mature but somewhat dated technology stack including Bootstrap 3 and jQuery 1.7, supplemented by modern marketing and analytics tools such as Google Tag Manager, Facebook Pixel, Hotjar, and Matomo. While the site is well-structured and mobile-optimized, it lacks some key compliance documents such as a privacy policy and terms of service. Security posture is adequate with HTTPS enforced and cookie consent implemented, but the absence of security headers and use of outdated libraries present potential risks. Overall, SEIGI appears to be a legitimate small technology business with a focused market niche, but should improve privacy compliance and update technical components to enhance security and trust.

I

Initiative Markt- und Sozialforschung e.V.

deutschlands-marktforscher.de

54

Initiative Markt- und Sozialforschung e.V. operates a professional and informative website focused on educating the German public about market and social research. The organization promotes participation in surveys to support evidence-based decision-making in politics, business, and society. The website is well-positioned nationally with clear communication, trust signals, and a strong emphasis on privacy and data protection. Technically, the site is built on WordPress with modern plugins and tools, including Yoast SEO and Matomo analytics configured for privacy compliance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is trustworthy, accessible, and professionally maintained.

A

Alliance Of Digital Builders

aodb.com

63

Alliance Of Digital Builders (AODB) is a French digital services company specializing in secure, custom digital solutions including internet, extranet, e-commerce, cloud, and DevOps services. With approximately 18 years of experience and nearly 4000 projects, AODB holds a strong market position as a leader in Drupal solutions in France, serving notable clients including CAC 40 companies. The website reflects a mature digital infrastructure leveraging Drupal 10, React, Symfony, and cloud technologies such as AWS. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms in place, though no explicit security policy or incident response contacts are published. Overall, the site is professional, well-structured, and compliant with GDPR requirements, supporting a high trustworthiness rating.

L

Lead Media s.r.o.

dognet.sk

45

Dognet.sk operates as a leading affiliate marketing network focused on the Central and Eastern European and Balkan markets. The company, legally known as Lead Media s.r.o., has been active for over 13 years, providing performance-based marketing services primarily to e-commerce businesses and publishers. Their business model is based on CPA, ensuring advertisers pay only for real business outcomes. The website is professionally designed, multilingual, and rich in content, showcasing strong client testimonials and trust signals such as high Google and Facebook ratings. Technically, the site is built on WordPress with modern plugins and libraries, ensuring good performance and mobile optimization. Security practices include HTTPS enforcement, cookie consent mechanisms, and use of reCAPTCHA, though explicit security policies and incident response contacts are not publicly detailed. Overall, the site demonstrates a mature digital presence with strong business credibility and compliance with GDPR.

The website www.ostboehmen.info serves as the official tourism portal for the Pardubice region in the Czech Republic, providing comprehensive and updated information about tourist attractions, events, accommodations, and activities in East Bohemia. It is operated by World Media Partners, s.r.o., in cooperation with regional government and tourism organizations, positioning itself as a trusted source for visitors and tourists interested in this region. The portal offers multilingual support and integrates partner endorsements, enhancing its credibility and reach. Technically, the website employs a modern technology stack including Bootstrap for responsive design, jQuery for interactivity, Highslide for image display, and analytics tools such as Matomo and Google Analytics. It uses HTTPS with good SSL configuration and implements Google reCAPTCHA Enterprise for bot protection. Cookie consent mechanisms and privacy policies are present, indicating a baseline compliance with privacy regulations. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates a moderate security posture with encrypted communications and bot mitigation but lacks comprehensive security headers and vulnerability disclosure mechanisms. The WHOIS data is unavailable or malformed, which limits domain registration transparency, but the website's official nature and partner affiliations mitigate concerns about legitimacy. No adult or questionable content is present, making the site safe for general audiences. Overall, the site is a professionally designed, content-rich tourism portal with good usability and moderate security measures. Strategic improvements in security headers, incident response transparency, and WHOIS data availability would enhance trust and compliance.

A

Alliance Of Digital Builders

allianceofdigitalbuilders.com

63

Alliance Of Digital Builders (AODB) is a French technology company specializing in secure, custom digital solutions including internet, extranet, e-commerce, and cloud DevOps services. Positioned as a leader in Drupal solutions in France, AODB serves a diverse clientele including major corporations and government entities. Their offerings encompass web factories, digital transformation consulting, and technical assistance, supported by a modern technology stack including Drupal 10, Symfony, React, and cloud platforms. The website demonstrates strong digital maturity with comprehensive privacy and cookie policies, and integration of analytics and marketing tools such as Matomo and HubSpot. Security posture is robust with HTTPS enforcement and security headers, though explicit security policies and incident response details are absent. The domain WHOIS data is missing, which raises concerns about registration transparency despite the company's claims of longstanding market presence. Overall, AODB presents a professional and trustworthy digital presence with room for improvement in security transparency and domain legitimacy verification.

T

Technická správa komunikací hl. m. Prahy, a.s.

opravujeme.to

65

The website opravujeme.to is an official municipal platform operated by Technická správa komunikací hl. m. Prahy, a.s., providing centralized and up-to-date information on temporary traffic restrictions and roadworks in Prague. It serves residents and commuters by consolidating traffic disruption data in one accessible location, enhancing public awareness and planning. The site is well-branded with official logos and links to authoritative city and transportation websites, reinforcing its credibility. Technically, the website employs modern frontend technologies including Bootstrap, FontAwesome, Quill Editor, and Vue.js components for cookie consent management. Google Tag Manager is used for analytics, with a clear cookie consent mechanism in place, reflecting good privacy compliance. The site is mobile-optimized and presents a clean, navigable user interface with relevant content. From a security perspective, HTTPS is implied and cookie consent is implemented, but no explicit security headers or published security policies were detected. There is no visible incident response or vulnerability disclosure information, which could be improved. No vulnerabilities or sensitive data exposures were found in the content analyzed. Overall, the website demonstrates a solid business credibility and privacy compliance posture with room for enhancement in security policy transparency and technical security headers. The domain registration data aligns well with the business entity, supporting legitimacy and trustworthiness.

C

CyberForum e.V.

cyberforum.de

56

CyberForum e.V. is a well-established non-profit organization founded in 1997, serving as Europe's largest regional high-tech entrepreneur network with over 1,200 members. It focuses on connecting IT companies, startups, and research institutions primarily in the Karlsruhe region, offering services such as networking, mentoring, training, and startup acceleration through its CyberLab. The website is professionally designed using TYPO3 CMS and modern frontend technologies, providing a good user experience with clear navigation and mobile optimization. Security posture is strong with HTTPS enforced and secure form handling, though some security headers and policies could be improved. Privacy and cookie policies are present and GDPR compliant, but no explicit terms of service or vulnerability disclosure policies were found. Overall, the domain and WHOIS data align well with the business claims, indicating high legitimacy and trustworthiness.

The website www.vychodni-cechy.info serves as the official tourism portal for the Pardubický kraj region in the Czech Republic. It provides comprehensive and updated information about tourist attractions, events, accommodation, and activities in the region. The site targets tourists and visitors interested in exploring Eastern Bohemia, offering multilingual support to cater to a diverse audience. The business model is government-supported, focusing on promoting regional tourism and related services. The site is professionally designed with consistent branding and good content quality, reflecting its official status. From a technical perspective, the website employs modern web technologies including Bootstrap for responsive design, jQuery for interactivity, and Matomo for analytics. It uses HTTPS with good SSL configuration and integrates Google reCAPTCHA for form security. The site includes cookie consent mechanisms and a privacy policy, indicating attention to privacy compliance. However, some security headers are missing, and no explicit security or incident response policies are published. Security posture is moderate with strengths in HTTPS enforcement and form protection, but improvements are recommended in security headers and incident response transparency. The WHOIS data is unavailable or protected, which limits domain registration transparency but does not strongly detract from the site's legitimacy given its official nature. No adult or questionable content is present, and the site is accessible without WAF or blocking mechanisms. Overall, the website is a trustworthy and professional regional tourism portal with good technical implementation and moderate security maturity. Strategic recommendations include enhancing security headers, publishing incident response contacts, and maintaining up-to-date third-party libraries to improve security and compliance further.

D

Destinační společnost Hradecko

hradecko.eu

37

Destinační společnost Hradecko operates as a regional destination management organization focused on promoting tourism, cultural heritage, and events in the Hradec Králové region of the Czech Republic. The website serves as a comprehensive portal for tourists, families, schools, and local businesses, offering event calendars, attraction information, and regional product promotion. The organization is supported by local government entities, enhancing its credibility and regional influence. Technically, the website employs modern web technologies including Bootstrap, FontAwesome, and Google services, providing a responsive and user-friendly experience. Security posture is moderate with HTTPS usage and cookie consent mechanisms in place, but lacks advanced security headers and explicit incident response policies. The absence of WHOIS data is a notable anomaly but does not detract significantly from the site's legitimacy given the professional content and external references. Overall, the site is well-positioned as a trusted regional tourism resource with room for security and compliance enhancements.

B

BMBF Medienverwaltung

bmbf-bilddatenbank.de

61

The website bmbf-bilddatenbank.de serves as a digital asset management platform primarily for the German Federal Ministry of Education and Research (BMBF). It provides authenticated access to media resources such as photos, videos, and audio files, leveraging the open-source ResourceSpace software. The platform targets internal or authorized users, facilitating media management, annotation, and transformation services. The site is professionally branded and consistent with government digital services, though it lacks publicly accessible privacy or cookie policies on the login page. Technically, the site employs a modern JavaScript stack including jQuery, CKEditor, and various plugins for enhanced media handling and UI features. It is served over HTTPS, ensuring encrypted communications, but lacks visible security headers such as CSP or HSTS, which could improve its security posture. The site is moderately optimized for performance and mobile use, with basic accessibility features. From a security perspective, the platform demonstrates good practices like CSRF token usage in forms and no exposed sensitive data in the HTML. However, the absence of explicit privacy, cookie consent mechanisms, and security policies reduces compliance with GDPR and best practices. No WAF or blocking mechanisms are detected, and the domain appears legitimate though WHOIS data is limited. No contact information or incident response channels are publicly available. Overall, the site is a secure and professional government media management portal with room for improvement in privacy compliance and security header implementation. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

HsOptika is a Czech Republic-based company providing a specialized web-based GIS system for documenting and managing passive optical networks (PON). Their platform supports unlimited users without additional license fees and offers comprehensive features for tracking optical cables, fibers, nodes, and fiber splicing. The company has been recognized with the 'Visionary of the Year 2022' award for its technological and social contributions in telecommunications. The website is professionally designed using WordPress and Elementor, optimized for desktop and mobile users, and provides clear information about its services and benefits. However, the absence of WHOIS registration data and lack of explicit privacy and cookie policies limit the overall trust and compliance posture. The site uses HTTPS but lacks visible security headers and contact information for incident response or data protection officers.

B

Botanická zahrada hlavního města Prahy

botanicka.cz

61

Botanická zahrada hlavního města Prahy operates as a public botanical garden located in Prague, Czech Republic. It offers a wide range of services including public garden access, educational programs for schools and groups, seasonal exhibitions, an e-shop, and event hosting. The garden is positioned as a leading botanical institution in Prague, focusing on plant conservation, biodiversity, and public education. The website is professionally designed with clear navigation and rich content, targeting a general audience including families, students, and visitors interested in nature and botany. Technically, the site uses modern web technologies such as Alpine.js and integrates multiple analytics and marketing tools including Google Analytics and Facebook Pixel. The site is mobile-optimized and performs moderately well, though some accessibility features could be enhanced. Security posture is good with HTTPS enforced and no obvious vulnerabilities, but could benefit from additional security headers and published security policies. Privacy compliance is well addressed with a cookie consent banner and privacy policy present. Contact information is clearly provided, enhancing business credibility. WHOIS data is unavailable, likely due to privacy protection, but the website's professional presentation and official contact details support its legitimacy.

N

Národní pedagogický institut České republiky

rvp.cz

56

The website rvp.cz is a professionally maintained educational portal operated by the Národní pedagogický institut České republiky, serving educators primarily in the Czech Republic. It offers a wide range of teaching materials, expert articles, webinars, and community resources aimed at improving teaching quality and supporting educators. The portal is well-established, with a domain age dating back to 2004, reflecting its longstanding presence in the educational sector. The business model is non-profit and government-affiliated, focusing on educational content and community engagement rather than commercial activities. Technically, the site employs a modern technology stack including Bootstrap 5, jQuery, Google Analytics, Google Tag Manager, and reCAPTCHA v3 for security. It uses a custom CMS hosted by REG-WEBGLOBE, with good mobile optimization and moderate performance. The site implements cookie consent mechanisms compliant with GDPR and provides clear privacy and terms of service documentation. Security best practices such as HTTPS enforcement and secure login forms with OAuth social login options are in place, though explicit security headers like Content-Security-Policy could be more visible. From a security perspective, the portal demonstrates a mature posture with no detected vulnerabilities or exposed sensitive data. The use of reCAPTCHA and cookie consent indicates attention to user privacy and bot mitigation. However, the absence of a public security policy or incident response page and lack of a security.txt file suggest areas for improvement in transparency and vulnerability disclosure. Overall, rvp.cz is a trustworthy, high-quality educational resource with strong compliance and security foundations. It effectively serves its target audience of educators with relevant content and community tools. Strategic recommendations include enhancing security header visibility, publishing formal security policies, and expanding accessibility features to further improve compliance and user experience.

N

Národní pedagogický institut České republiky

projektsypo.cz

52

The website projektsypo.cz serves as a professional development support system for teachers and school directors in the Czech Republic. It is affiliated with the Národní pedagogický institut České republiky, a national pedagogical institute, indicating a government or non-profit educational focus. The platform offers resources such as webinars, methodical cabinets, ICT support, and podcasts, targeting educators and schools with beginning teachers. The project SYPO was officially ended in June 2023, but the site continues to provide valuable archived and ongoing educational content. Technically, the site is built on Joomla CMS with a modern front-end stack including Bootstrap, jQuery, and various UI libraries. It integrates Google Analytics and Google Tag Manager for tracking, along with other third-party scripts. The site is mobile-optimized and has good navigation and content structure, though accessibility features are basic. No explicit security headers were detected, and privacy and cookie policies are not clearly presented, which is a compliance gap. Security posture is moderate with HTTPS usage implied but lacking explicit security headers and incident response contacts. The absence of WHOIS data reduces domain trustworthiness, but the website content and branding strongly suggest legitimacy as an educational government-affiliated project. No adult or unsafe content is present, and the site is safe for general audiences. Overall, the site is a well-structured educational resource with moderate technical maturity and some privacy compliance shortcomings. Strategic improvements in privacy disclosures, security headers, and WHOIS transparency would enhance trust and compliance.

C

Centrum pro zjišťování výsledků vzdělávání

cermat.cz

56

Centrum pro zjišťování výsledků vzdělávání (CZVV) is a Czech governmental organization responsible for conducting and managing nationwide educational assessments, including maturita exams, unified entrance exams, and final exams. The website serves as an official portal providing information and resources for students, schools, and educational authorities. It maintains a strong market position as an authoritative entity in the Czech education sector, offering key services related to educational testing and data analysis. Technically, the website is built on Joomla CMS with common web technologies such as jQuery, Bootstrap, and FontAwesome. It integrates Google Custom Search Engine for site search functionality. The site is mobile-optimized with a moderate performance profile and basic accessibility features. The presence of cookie consent and privacy policy indicates attention to privacy compliance. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable, which is typical for government domains, but the domain's .gov.cz TLD and consistent content strongly support legitimacy. Overall, the website is professional, trustworthy, and well-suited for its governmental educational purpose. Strategic improvements in security headers and explicit security policies could enhance its security posture further.

A

Actency

actency.fr

63

Actency is a leading French digital agency specializing in Drupal-based web solutions, cloud applications, and digital factory services. With a team of 250 experts and over 18 years of experience, the company positions itself as a market leader in Drupal solutions, serving a broad range of clients including government, media, and sports federations. Their business model focuses on consulting, technical assistance, project management, and cloud & DevOps services, targeting businesses seeking scalable and innovative digital platforms. The company maintains multiple offices across France, reinforcing its regional presence and client accessibility. Technically, the website is built on Drupal 9 and incorporates modern web technologies such as Matomo for analytics, Hubspot for forms, and lazy loading for performance optimization. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data limits domain trust verification, but the website's professional content, client references, and active social media presence support its legitimacy. Privacy and cookie policies are comprehensive and GDPR-compliant, indicating a strong commitment to data protection. Overall, Actency demonstrates a robust digital presence with a focus on quality, security, and compliance.

D

DP Wired

dp-wired.de

56

DP Wired is a small digital agency based in Germany specializing in web development, e-commerce solutions, and online branding. The company leverages modern technologies such as TYPO3 CMS, Laravel, Shopware, and Shopify to deliver tailored digital experiences. Their service portfolio includes web design, responsive development, SEO/SEA, plugin development, web hosting, and social media marketing, targeting businesses primarily in the Thüringen region. The website demonstrates a high level of professionalism with comprehensive service descriptions, active blog content, and consistent branding across social media platforms. Technically, the site is built on TYPO3 CMS with integrations of Google Tag Manager and Analytics, ensuring good SEO and performance optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although some security headers could be improved. Overall, the domain registration data aligns well with the website content, indicating legitimacy and trustworthiness.

K

Královéhradecký kraj

khk.cz

64

Královéhradecký kraj operates as the official regional government authority for the Královéhradecký region in the Czech Republic. The website serves as a comprehensive portal providing citizens, businesses, and local municipalities with access to a wide range of public services including social services, transportation, healthcare, education, and regional development. The site is well-positioned as a trusted source of official information and services for the region's residents and stakeholders. Technically, the website is built on Drupal 10, leveraging modern web technologies such as Bootstrap for responsive design, Slick Carousel for interactive content, and integrates Google Analytics and Google Tag Manager for analytics and tracking. The site demonstrates good mobile optimization, accessibility features, and SEO practices, reflecting a mature digital infrastructure suitable for a government entity. From a security perspective, the site enforces HTTPS, employs cookie consent mechanisms compliant with GDPR, and shows no signs of exposed sensitive data or vulnerable libraries. However, explicit security headers like X-Frame-Options and X-Content-Type-Options are not clearly visible and could be improved. The absence of WHOIS data is consistent with CZ.NIC registry policies for .cz domains and does not detract from the site's legitimacy. Overall, the website presents a low-risk profile with strong business credibility and compliance posture. Strategic recommendations include enhancing security header implementation, publishing a dedicated security policy or incident response contact, and considering a security.txt file to facilitate vulnerability disclosures.

AlwaysInDemand.com is a specialized educational and career awareness platform focused on promoting HVAC industry careers and providing scholarship opportunities through the HVAC HERO Scholarship program. The website is operated by the EGIA Foundation, a non-profit entity, and targets students and individuals interested in entering the HVAC trade. The platform offers resources, a trade school directory, and scholarship application information, positioning itself as a niche resource in the energy and education sectors. Technically, the website is built on WordPress and leverages common web technologies such as jQuery, Google Analytics, and Facebook Pixel for tracking and analytics. Hosting appears to be on Amazon AWS infrastructure, indicated by the DNS servers. The site is mobile optimized with good SEO practices and structured data implementation, although accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration and domain registration protections such as clientDeleteProhibited status. However, it lacks DNSSEC and security headers like CSP or HSTS, which are recommended for enhanced security. No privacy or cookie policies are explicitly presented, and no consent mechanisms are detected, which may pose compliance risks. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the website is professionally designed and trustworthy with moderate security posture and some compliance gaps. Strategic improvements in privacy policy publication, cookie consent, and security header implementation would enhance the site's security and compliance standing.

HVAC Distributor University is a specialized educational platform launched in late 2024, focused on providing training and development resources for HVAC distributors and their sales teams. The platform offers a variety of services including online courses, live training sessions, resource libraries, and membership packages. It is affiliated with EGIA, a recognized industry association, which enhances its credibility and market positioning. The website is professionally designed with clear navigation and relevant content tailored to its niche audience. Technically, the site is built on WordPress, hosted by Nexcess, and uses modern web technologies such as jQuery and FontAwesome. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced, but the absence of DNSSEC and security headers slightly reduces the overall security score. Privacy compliance is partial; a comprehensive privacy policy is linked but no cookie consent mechanism is present. Contact information is clearly provided, including phone, email, and physical address, supporting business credibility. Overall, the website presents a trustworthy and professional front for its business model, with minor technical and compliance enhancements recommended.

F

FigPii

figpii.com

63

FigPii is a technology company providing an all-in-one conversion rate optimization platform that integrates A/B testing, heatmaps, session recordings, and polls & surveys. The platform targets e-commerce brands, CRO agencies, and SaaS companies seeking to improve user experience and increase revenue. The website is professionally designed with clear navigation, calls to action, and multimedia demonstrations, reflecting a mature digital presence. Technically, the site employs modern analytics and tracking technologies such as Google Tag Manager, Microsoft Clarity, and Facebook Pixel, hosted likely on AWS with Cloudflare services. Security posture is strong with HTTPS and security headers implemented, though privacy compliance could be improved by adding cookie consent mechanisms and clearer contact information. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, FigPii presents as a credible SaaS provider with room for improvement in privacy and transparency.

My Contractor University is a professional online training and business coaching platform focused on HVAC contractors, powered by EGIA. It offers a comprehensive suite of services including online classes, resource libraries, business coaching, workshops, and certification programs. The platform targets HVAC business owners seeking to improve their operations and sales through structured education and coaching. Technically, the website is built on WordPress with modern integrations such as Gravity Forms, Google Tag Manager, and AddSearch, hosted likely on AWS infrastructure. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and reCAPTCHA protections, though it lacks DNSSEC and some security headers. Privacy policies and terms are linked to the parent company EGIA, indicating compliance with GDPR and other regulations. Overall, the site is trustworthy, professional, and well-maintained, serving a medium-sized business audience in the energy sector.

EGIA is a well-established organization founded in 2003, specializing in contractor training, financing solutions, utility services, and nonprofit workforce development within the HVAC and energy sectors. The company operates multiple subsidiary platforms including Contractor University, HVAC Distributor University, OPTIMUS Financing, and the EGIA Foundation, positioning itself as a comprehensive service provider in its industry. The website reflects a mature digital presence with consistent branding and clear navigation aimed at contractors, distributors, manufacturers, and utility partners. Technically, the site is built on WordPress with WooCommerce and Gravity Forms, leveraging modern web technologies and providing a moderate performance experience with good mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA implemented, though there is room for improvement in security headers and formal security policies. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and safe for general audiences, with a strong business credibility score.

V

Vzdělávací institut Středočeského kraje

visk.cz

54

Vzdělávací institut Středočeského kraje is a well-established educational organization founded in 2009, providing a broad range of training and seminars primarily targeting educators, public administration employees, and social service workers in the Central Bohemian Region of the Czech Republic. The website reflects a professional and consistent brand presence with clear navigation and relevant content tailored to its audience. Technically, the site employs modern JavaScript frameworks such as Vue.js, integrates Google Analytics and Tag Manager for analytics, and uses responsive design techniques to ensure good mobile usability. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, although explicit security headers and incident response policies are not publicly disclosed. Overall, the domain registration data aligns well with the website's identity, supporting its legitimacy and trustworthiness.

T

TOPlist s.r.o.

toplist.cz

58

TOPlist s.r.o. operates a Czech web analytics and visitor counting service, providing online traffic auditing and advertising listings primarily targeting website owners and businesses interested in monitoring their web traffic. The company has a long-standing presence since 1997, positioning itself as a trusted local provider in the web analytics niche. The website is professionally designed with clear navigation and a focus on delivering relevant content and services. Technically, the site employs modern frontend technologies including Bootstrap, FontAwesome, jQuery, and the Ace Admin Template, ensuring a responsive and user-friendly experience. However, some technical aspects such as security headers and privacy compliance require improvement. Security posture is moderate with HTTPS enabled and obfuscated email addresses, but lacks explicit security policies and headers. Overall, the site is safe, trustworthy, and well-maintained but would benefit from enhanced privacy and security practices to align with modern compliance standards.

DIGITALECUADOR CIA LTDA is a small Ecuadorian technology company specializing in domain registration, web hosting, DNS server management, and web design services. The website targets individuals and businesses within Ecuador, offering localized services primarily through a WHMCS-powered platform. The business model focuses on providing essential internet infrastructure and web presence solutions to its regional market. The website content is primarily in Spanish with options for English and Portuguese, indicating a regional multilingual approach. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, Bootstrap framework, FontAwesome icons, and Google Fonts. The use of WHMCS indicates a mature client management and e-commerce platform. The site shows moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security measures include CSRF tokens and Google reCAPTCHA integration, but no advanced security headers or explicit SSL/TLS configuration details were found in the provided content. From a security perspective, the site demonstrates basic protections but lacks published privacy, cookie, or terms of service policies, which impacts compliance posture. No incident response or vulnerability disclosure information is available. WHOIS data aligns well with the website's business identity, supporting legitimacy. No suspicious or malicious indicators were detected. Overall, the security posture is moderate but could be improved with enhanced policies, security headers, and transparency. The overall risk assessment suggests a functional and legitimate business website with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, enhancing contact transparency, and establishing vulnerability disclosure mechanisms to strengthen trust and compliance.

T

Tito

ti.to

53

Tito is a technology company specializing in simple and powerful event registration software, offering SaaS solutions for event organizers to sell tickets and manage check-ins efficiently. The website demonstrates a modern technical infrastructure built on Vue.js and BootstrapVue frameworks, with good mobile optimization and moderate performance. Security posture is solid with HTTPS enforcement and GDPR-compliant cookie management, though explicit privacy and terms of service pages are absent. Overall, the site is professional and trustworthy, targeting event organizers and attendees with clear business focus and minimal tracking.

AUTO-PRESSE.de is a German automotive news and media portal operated by WITTMANN MEDIA, providing a wide range of content including car news, test reports, new model introductions, e-bike information, travel tips, and automotive guides. The website targets German-speaking automotive enthusiasts and consumers, positioning itself as a niche media platform with a focus on automotive transportation topics. The business model is primarily content publishing supported by advertising and affiliate partnerships with automotive parts and service providers. Technically, the website uses a combination of jQuery, Owl Carousel, Retina.js, and FontAwesome for frontend functionality and styling. The site appears to be custom-built or uses an unknown CMS, with moderate performance and good mobile optimization. SEO practices are adequate with proper meta tags and structured navigation. Cookie consent is implemented, indicating attention to privacy compliance, though no explicit terms of service or security policies are found. From a security perspective, HTTPS usage is implied but no security headers were detected in the provided data. The site lacks visible incident response or vulnerability disclosure information. No critical vulnerabilities or malware indicators were found, but security posture could be improved by adding security headers and explicit policies. Privacy compliance is good with a clear privacy policy and cookie consent mechanism. Overall, the website is accessible with no WAF or blocking mechanisms detected. The domain registration is consistent with the business age and sector, and no suspicious WHOIS patterns were found. The site is safe for general audiences with no adult or questionable content. Strategic recommendations include enhancing security headers, publishing terms of service, and expanding contact information to improve trust and compliance.

J

JungeWelt Shop

jungewelt-shop.de

51

JungeWelt Shop is a German e-commerce platform specializing in the sale of media products such as DVDs, books, postcards, and merchandise related to the JungeWelt brand. The website targets German-speaking customers interested in JungeWelt publications and associated cultural products. The business operates a niche online retail model with a focused product catalog. Technically, the site uses modern web technologies including jQuery, Bootstrap, and integrates PayPal for payments, indicating a moderate level of digital maturity. The website is mobile optimized and provides a basic but functional user experience. Security posture is adequate with HTTPS enabled and secure login forms, but lacks visible security headers and comprehensive privacy or cookie policies, which are important for GDPR compliance. No contact information or incident response details are publicly available, limiting transparency. Overall, the site is functional and moderately secure but would benefit from enhanced privacy compliance and security best practices to improve trust and regulatory adherence.

NIC.ec, operated by ECUADORDOMAIN S.A., is the official registry and registrar for Ecuador's .ec country code top-level domain. The website provides domain search, registration, and management services targeting individuals, businesses, and government entities within Ecuador. It holds multiple official accreditations such as ICANN, IANA, LACNIC, and LACTLD, reinforcing its authoritative position in the domain registration market. The site also promotes partnerships with registrar agents and offers specialized services for government and military domains. Technically, the website employs a modern tech stack including jQuery, Bootstrap, FontAwesome, Google Tag Manager, Google Analytics, Yandex Metrika, and Chatwoot for live chat support. It uses HTTPS with good SSL configuration and implements cookie consent mechanisms. The site is mobile optimized and features good navigation and content quality. However, no explicit CMS or hosting provider information is detected, suggesting a custom-built platform. From a security perspective, the site follows best practices such as HTTPS enforcement, CSRF tokens, and reCAPTCHA integration. While security headers are not explicitly visible in the HTML, the site does not expose sensitive data or show signs of vulnerabilities. The absence of a published security policy or incident response contact is noted. Extensive tracking and marketing tools are used, indicating a moderate to extensive user tracking level, with basic privacy compliance. Overall, NIC.ec presents a trustworthy and professional online presence consistent with its role as Ecuador's official domain registry. Recommendations include enhancing security header implementation, publishing a security policy and incident response contacts, and improving accessibility features to further strengthen compliance and user trust.

O

OPTIMUS Financing

optimusfinancing.com

53

OPTIMUS Financing operates as a specialized contractor financing platform focused on providing streamlined financing solutions for contractors, particularly in the HVAC sector. The platform emphasizes eliminating multiple credit pulls and achieving high approval rates by matching customers to appropriate lenders based on credit scores. The business is positioned as the exclusive lending platform of EGIA Finance, serving thousands of contractors with prime, near prime, and subprime financing options. The website reflects a professional and consistent brand image with clear calls to action for enrollment and consultation scheduling. Technically, the website is built on WordPress with WooCommerce and leverages modern web technologies including React scripts, Google Analytics, and Facebook Pixel for tracking. Hosting appears to be on AWS infrastructure, supported by AWS DNS servers. SEO is enhanced via the All in One SEO Pro plugin, and the site includes embedded video content via Vimeo. The site is mobile optimized and provides a good user experience with clear navigation. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and visible security headers, which are recommended for enhanced protection. No privacy or cookie policies were found, indicating a gap in compliance with privacy regulations such as GDPR. Contact information is clearly provided, but no formal security or incident response policies are published. No WAF or blocking mechanisms were detected, and the site content is safe and business-appropriate. Overall, OPTIMUS Financing presents a credible and professional online presence with moderate technical maturity and some security and compliance improvements needed. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies, and establishing incident response contact channels to strengthen trust and regulatory compliance.

P

Panattoni UK

panattoni.co.uk

62

Panattoni UK is a leading industrial real estate developer, recognized as the world's largest privately owned industrial developer and Europe's largest logistics property developer. The company focuses on developing logistics and industrial properties, targeting investors and commercial clients in the UK and Europe. Their market position is strong, supported by a large volume of developed square footage and a broad portfolio. Technically, the website is built on WordPress using Elementor and Yoast SEO, with modern technologies and good mobile optimization. Security posture is solid with HTTPS, Google reCAPTCHA Enterprise, and cookie consent mechanisms, though some security headers and policies are missing. Privacy compliance is partial, with cookie consent but no explicit privacy policy or terms of service found. Overall, the website is professional and trustworthy, with room for improvement in privacy and security disclosures.

F

FUNKE Publishing GmbH

globista.de

58

GLOBISTA Reisen is an online travel portal operated by FUNKE Publishing GmbH, a subsidiary of the FUNKE Mediengruppe, a major German media company. The website offers curated travel deals including cruises, city trips, family vacations, and bus tours primarily targeting German-speaking customers. The platform integrates modern web technologies such as WordPress CMS, Google Tag Manager, and Cloudfront CDN to deliver a responsive and user-friendly experience. Privacy and cookie compliance are well implemented with clear consent mechanisms and GDPR adherence. Security posture is solid with HTTPS enforced and privacy-conscious analytics configurations. Contact information and company details are transparent and consistent with the registrant data, supporting business credibility.

V

Ville de Genève

ville-geneve.ch

71

The website www.geneve.ch is the official digital portal for the City of Geneva, Switzerland, providing comprehensive information and services to residents, businesses, tourists, and other stakeholders. It offers a wide range of municipal services including administrative procedures, news updates, cultural events, and contact information for city authorities. The site is well-branded, professionally designed, and multilingual, reflecting a mature digital presence for a large government entity. Technically, the site is built on Drupal 10, leveraging modern web technologies and third-party integrations such as Google Tag Manager and Weglot for analytics and translation services. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are not explicitly detected. HTTPS is enforced, and cookie consent mechanisms are implemented in compliance with GDPR. From a security perspective, the site shows a solid posture with no visible vulnerabilities or exposed sensitive data. However, it lacks publicly available security policies or incident response contacts, which could be improved to enhance transparency and trust. The WHOIS data aligns perfectly with the official nature of the site, confirming legitimacy and consistency. Overall, the website scores highly on content quality, technical implementation, security, privacy compliance, and business credibility, making it a trustworthy and professional government portal.

S

SSLTrust

ssltrust.co.uk

65

SSLTrust is a UK-focused SSL certificate provider offering a wide range of SSL/TLS products including domain validated, business validated, extended validation, wildcard, and multi-domain certificates. The company positions itself as the UK's largest and most affordable SSL provider with strong partnerships with major certificate authorities such as DigiCert, Sectigo, and Comodo. Their business model includes direct sales, reseller programs, and value-added services like installation support and certificate management tools. The website demonstrates a mature digital presence with professional design, clear navigation, and comprehensive content tailored to businesses and service providers seeking website security solutions. Technically, the website employs modern web technologies including jQuery, Bootstrap, and integrates live chat via Tawk.to and analytics through Google Tag Manager. The site is mobile optimized and SEO friendly, though some accessibility features could be improved. Security posture is strong with HTTPS enforced and secure form handling, but lacks explicit security headers and a published security policy or incident response plan. Privacy and cookie policies are present and GDPR compliant, reflecting good privacy practices. The WHOIS data for the domain www.ssltrust.co.uk is unavailable due to a Nominet UK naming rules error, indicating the domain may be a subdomain or alias rather than a standalone registered domain. Despite this, the website content and branding are consistent with a legitimate business operation. Overall, the site scores well on content quality, technical implementation, security, privacy compliance, and business credibility, though the lack of WHOIS transparency slightly reduces trust. Strategic recommendations include enhancing security headers, publishing a formal security policy and incident response information, and clarifying domain registration details to improve trust and compliance.

S

SSLTrust

ssltrust.com

65

SSLTrust is a medium-sized Australian technology company specializing in the resale and support of SSL/TLS certificates from major Certificate Authorities such as Comodo, DigiCert, and Sectigo. They position themselves as a global leader in affordable SSL certificates with a strong customer support focus, offering a range of SSL products including domain validated, business validated, extended validation, wildcard, and multi-domain certificates. Their website is professionally designed, mobile optimized, and provides extensive educational content and customer testimonials, enhancing trust and credibility. Technically, the website uses modern web technologies including jQuery, Bootstrap, and integrates live chat via Tawk.to and analytics through Google Tag Manager. The site is HTTPS secured with no visible security vulnerabilities in the content. However, some security best practices such as security headers and cookie consent mechanisms are missing, which could be improved to enhance compliance and security posture. From a security perspective, SSLTrust demonstrates a solid posture with encrypted connections and no exposed sensitive data. The absence of a published security policy or incident response information is a gap. The WHOIS data is missing or unavailable, which reduces transparency but does not strongly detract from the site's legitimacy given the professional presentation and active business operations. Overall, SSLTrust presents a trustworthy and professional online presence with strong business credibility and technical implementation. Strategic improvements in privacy compliance and security disclosures would further strengthen their security posture and customer trust.

G

Gallup, Inc.

gallup.com

73

Gallup, Inc. is a well-established global leader in workplace consulting, public opinion polling, and strengths-based development with over 85 years of experience. The company offers a broad range of services including workplace advisory, CliftonStrengths assessments and coaching, research and polling, and educational courses. Their digital presence includes a proprietary platform (Gallup Access) and extensive research reports, targeting business leaders, HR professionals, and organizations worldwide. Technically, the website employs modern web technologies such as Google Tag Manager, Google Analytics, FontAwesome, Typekit fonts, and Bootstrap framework, indicating a mature and professional digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, providing a positive user experience. From a security perspective, the site uses HTTPS with strong SSL configuration and implements cookie consent mechanisms aligned with privacy regulations. While explicit security headers are not fully confirmed, no vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data is noted but likely due to privacy protection rather than malicious intent. Overall, Gallup's website demonstrates a high level of professionalism, security, and compliance, supporting its reputation as a trusted research and consulting firm. Strategic recommendations include enhancing transparency around security policies and incident response, and confirming security header implementations to further strengthen security posture.