Security Directory

A

ATICO

aticontrol.cz

65

ATICO is a Czech energy company specializing in the design, production, and management of energy control systems, including visualization and monitoring of energy centers. The company serves a broad range of clients from large enterprises to smaller firms, leveraging over 30 years of industry experience. Their key offerings include PLC-based energy management, SCADA visualization, and 24/7 monitoring services, positioning them as a trusted partner in the Czech and Slovak energy sectors. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to business clients. Technically, the site uses modern web technologies, enforces HTTPS, and integrates Google Analytics and reCAPTCHA for security and analytics purposes. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanisms. However, the absence of WHOIS data limits domain trust verification, and no explicit security policy or incident response contacts are published. Overall, the site demonstrates a solid security posture with room for improvement in security headers and transparency around vulnerability disclosure.

I

Institute for Musculoskeletal Health

imh.org.au

59

The Institute for Musculoskeletal Health is a specialized research organization focused on optimizing musculoskeletal health and physical activity through collaborative, patient-centered research. The website positions the institute as a medium-sized healthcare research entity based in Australia, targeting healthcare professionals, researchers, and policy makers. The digital presence is built on the Wix platform, featuring a professional design and moderate technical maturity. While the site is accessible and uses HTTPS with some security hardening scripts, it lacks explicit privacy, cookie, and terms of service policies, which impacts privacy compliance. The WHOIS data is incomplete, lacking registrant details, which reduces domain trustworthiness but does not necessarily indicate malicious intent given the professional content. Overall, the site is safe, professional, and focused on healthcare research but would benefit from enhanced transparency and privacy compliance.

N

NeuRA

neura.edu.au

54

NeuRA is an established, independent, not-for-profit medical research institute specializing in neuroscience and brain health. The organization focuses on improving lives affected by brain and nervous system disorders through scientific research, collaboration, and community engagement. Their website reflects a professional and consistent brand with comprehensive content targeting researchers, healthcare professionals, donors, and the general public interested in neuroscience. Technically, the site uses modern web technologies including React, Vite, and various analytics and tracking tools, delivering a good user experience with mobile optimization and accessibility considered. Security posture is solid with HTTPS and reCAPTCHA usage, though there is room for improvement in security headers and published policies. Overall, the domain registration data aligns well with the organization's Australian educational and non-profit status, supporting legitimacy. The site lacks visible privacy and cookie policies, which impacts privacy compliance scoring.

A

Attrac

apphero.co

54

The website apphero.co/en/timeout/ serves as a session timeout page for a campaign management SaaS platform, requiring users to log in again to continue their work. The business appears to be a small technology company founded around 2018, operating in the marketing technology sector. The page content is minimal, providing only a session expiration notice without additional business or policy information. Technically, the site uses common JavaScript libraries including jQuery and integrates with Google Analytics, Google Tag Manager, and Helpscout Beacon for analytics and customer support. The hosting infrastructure is likely AWS based on DNS records. Security posture is basic with HTTPS enabled but lacks DNSSEC and security headers. No privacy or cookie policies are present, indicating poor privacy compliance. The domain uses WHOIS privacy protection, which is typical for small SaaS businesses but reduces transparency. Overall, the site is accessible and not blocked by any WAF or security challenge.

Kajomigenerator.de is a technology-focused website providing a client login portal for a service named Kajomi Generator. The site appears to serve clients who require generation or management of specific data or content, though no detailed business description or public-facing content is provided. The website's market position and business scale appear small and focused on a niche client base. Technically, the site uses standard web technologies including HTML5, CSS, JavaScript, and an older version of CKEditor (4.5.10). The site shows basic mobile optimization and accessibility but lacks modern SEO and comprehensive technical enhancements. The presence of an API hostname using HTTPS suggests secure backend communication, but no explicit security headers or advanced frameworks are detected. From a security perspective, the site has some basic protections such as password input masking and HTTPS usage implied by API calls. However, the use of an outdated CKEditor version and absence of security headers or CSRF protections indicate potential vulnerabilities. No privacy, cookie, or terms of service policies are present, limiting compliance with GDPR and other regulations. No contact or incident response information is publicly available. Overall, the site is functional but basic, with moderate trustworthiness based on WHOIS data consistency. Strategic improvements in security hardening, privacy compliance, and business transparency are recommended to enhance credibility and reduce risk.

The website www.intersport.cz is an e-commerce platform for INTERSPORT, a retailer specializing in sportswear and sporting goods primarily targeting the Czech market. The site features a professional design with good mobile optimization and clear navigation, supporting a positive user experience. However, the absence of WHOIS data and lack of visible privacy, cookie, or terms of service policies limit the assessment of compliance and trustworthiness. Technically, the site uses modern web technologies such as HTML5, CSS3, JavaScript, and icon fonts, but lacks visible security headers and explicit security best practices. The security posture is weak due to missing HTTPS verification and security headers, which should be addressed to improve user trust and data protection. Overall, the site appears legitimate and functional but requires improvements in security and compliance documentation to enhance its credibility and reduce risk.

Z

www.zlinfest.cz

zlinfest.cz

60

The website www.zlinfest.cz represents the official online presence of the 65th International Film Festival for Children and Youth held in Zlín, Czech Republic. It serves as a comprehensive platform for festival programming, news, and event information targeting children, youth, film professionals, and enthusiasts. The site features detailed program sections, industry events, and multimedia content, supported by a mobile application for ticketing and scheduling. The festival is well-established with notable partners including government and regional cultural bodies, indicating a strong market position in the cultural media sector. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and utilizes libraries such as Splide.js for carousels and Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly with proper meta tags and social media integration. Security posture is good with HTTPS enforced and secure form handling, though explicit security headers and privacy policies are not clearly presented. From a security and compliance perspective, the absence of WHOIS data limits domain trust verification. No privacy or cookie policies were detected, which is a compliance gap under GDPR. Contact information is minimal, limited to a newsletter subscription form without explicit company emails or phone numbers. No vulnerability disclosure or incident response information is available. Overall, the site is professional and content-rich but would benefit from enhanced transparency and compliance documentation. Strategically, the festival should prioritize publishing clear privacy and cookie policies, implement security headers, and provide contact details for data protection and incident response. These steps will improve trust, compliance, and security posture, supporting the festival's reputation and digital maturity.

A

Autoritatea Naţională de Supraveghere a Prelucrării Datelor cu Caracter Personal

dataprotection.ro

55

The website dataprotection.ro represents the official Romanian National Authority for the Supervision of Personal Data Processing (ANSPDCP). It serves as the national regulator ensuring compliance with data protection laws, including GDPR, and provides resources, guidance, and complaint handling for data subjects and operators in Romania. The site targets a broad audience including the general public, data controllers, and public institutions. Technically, the website uses legacy technologies such as the YUI JavaScript library and custom CMS, with moderate performance and basic mobile optimization. Security posture is moderate with no DNSSEC and lack of security headers, but the domain is secured with HTTPS (assumed) and no critical vulnerabilities detected. Privacy compliance is good with clear privacy and cookie policies, though lacking explicit cookie consent mechanisms. Business credibility is high given the official government status and consistent WHOIS data. Overall, the site is functional and trustworthy but could benefit from modernization and enhanced security practices.

B

Bundesinstitut für Öffentliche Gesundheit (BIÖG)

bzga-essstoerungen.de

63

The website www.bzga-essstoerungen.de is operated by the Bundesinstitut für Öffentliche Gesundheit (BIÖG), a governmental public health institute in Germany focused on providing comprehensive information and support related to eating disorders. The site offers detailed educational content, counseling options, therapy guidance, and a database for finding local support centers. It targets a broad audience including affected individuals, families, and healthcare professionals. The business model centers on public health awareness and support services without commercial intent, positioning it as a trusted governmental resource in the healthcare sector. Technically, the website is built on TYPO3 CMS with a modern and accessible design, incorporating Bootstrap for responsive layouts and AblePlayer for media accessibility. It uses Matomo analytics configured for privacy compliance, including IP anonymization and consent-based data collection. The site demonstrates good mobile optimization, SEO practices, and accessibility features, reflecting a mature digital infrastructure suitable for public sector needs. From a security perspective, the site enforces HTTPS and employs a cookie consent mechanism aligned with GDPR requirements. However, it lacks publicly available security policies, incident response contacts, and security headers that could enhance its security posture. No vulnerabilities or suspicious activities were detected, and the WHOIS data aligns reasonably with the organizational identity, supporting legitimacy. Overall, the website scores well on content quality, privacy compliance, and business credibility, with moderate technical and security scores. Strategic improvements in security transparency and policy publication would further strengthen trust and resilience. The site is safe for general audiences, with no adult or inappropriate content detected.

A

Aborcyjny Dream Team

adt.pl

66

Aborcyjny Dream Team (ADT) is a well-established non-profit organization founded in 2013, focused on providing abortion support, legal aid, and education primarily in Poland. The organization operates as part of the largest abortion support network in Europe, assisting tens of thousands annually. Their website is professionally designed using modern static site generation technology (MkDocs) and integrates secure payment processing and privacy-respecting analytics. Contact information is clearly presented, including multiple emails and a phone number, alongside active social media channels. The content is comprehensive, targeting women and individuals seeking abortion-related support and information. Security posture is strong with HTTPS and no visible vulnerabilities, though cookie consent mechanisms and explicit security policies are absent, representing minor compliance gaps. WHOIS data confirms domain legitimacy and consistent registration history. Overall, ADT demonstrates a mature digital presence with high trustworthiness and user experience.

W

watson

watson.ch

71

watson.ch is a Swiss digital news platform delivering current news, in-depth background stories, and entertainment content tailored for the Swiss audience. The platform operates primarily through advertising revenue and targets a broad Swiss demographic interested in news and trends. The website demonstrates a solid market position within the Swiss media landscape, supported by consistent branding and good content quality. Technically, the site employs a modern technology stack including Google Tag Manager, Google Publisher Tags, OneSignal for push notifications, and OneTrust for cookie consent management, reflecting a mature digital infrastructure. The site is mobile-optimized and integrates multiple third-party advertising and analytics services, ensuring monetization and user engagement capabilities. Security-wise, the platform enforces HTTPS, uses cookie consent mechanisms, and has session refresh logic, but lacks explicit security policy and incident response disclosures. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though improvements in accessibility and explicit security documentation are recommended.

V

VIA Schankhalle Pfefferberg gGmbH

pfefferberg-theater.de

52

Pfefferberg Theater is a small, non-profit cultural institution based in Berlin, Germany, offering a diverse range of theatrical performances including contemporary circus, dance, family shows, and live literature readings. The organization emphasizes artistic quality and inclusivity, partnering with local gastronomy and cultural entities to enhance visitor experience. The website reflects a professional and consistent brand presence with clear navigation and relevant content for its target audience of arts and culture enthusiasts. Technically, the website employs modern web technologies including JavaScript libraries, CSS frameworks, and accessibility tools such as ReadSpeaker. It integrates third-party services like Vimeo for video content and Google Analytics for visitor tracking, while maintaining GDPR-compliant cookie consent mechanisms. The site is mobile-optimized and demonstrates good SEO and accessibility practices, although some security headers are not explicitly detected. From a security perspective, the site uses HTTPS and enforces cookie consent with granular user control, but lacks visible security policies or incident response information. No critical vulnerabilities or exposed sensitive data were found. The WHOIS data is partially consistent with the website's German location and business nature, with no suspicious patterns detected. Overall, the site presents a low-risk profile with good privacy compliance and a solid security posture. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and maintaining regular audits of third-party scripts to ensure ongoing security and compliance.

H

hauseins

hauseins.fm

45

Hauseins is a German podcast label specializing in producing and distributing journalistic podcasts covering politics, economy, science, and culture. The website presents a professional portfolio of diverse podcast shows targeting podcast enthusiasts interested in serious and entertaining content. The company appears to be a small but established player in the media sector, founded in 2017, with a consistent brand presence and positive testimonials from industry professionals. Technically, the website is built on WordPress with Elementor, leveraging modern web technologies and offering good mobile optimization and accessibility. Security posture is adequate with HTTPS enabled, but could be improved by enabling DNSSEC and adding security headers. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Contact and incident response information is not readily visible, which could be improved to enhance trust and compliance. Overall, Hauseins demonstrates a solid digital presence with room for security and privacy enhancements.

E

Europe Region of World Physiotherapy

erwcpt.eu

66

The Europe Region of World Physiotherapy website represents a regional professional organization serving 37 member organizations and approximately 200,000 physiotherapists across Europe. The site provides informational content about the organization's role and services but lacks detailed business contact information or privacy policies. Technically, the website is built on the Wix platform, leveraging standard Wix scripts and styles, with moderate performance and good mobile optimization. Security posture is basic with HTTPS enabled but missing key security headers and privacy compliance features. The absence of WHOIS registrant data due to privacy protection is typical for non-profit organizations but limits transparency. Overall, the site is professional and relevant to its target audience but would benefit from enhanced privacy, security, and contact disclosures.

A

Aleš Linhart

aleslinhart.cz

42

Aleš Linhart operates a small-scale web development service primarily targeting clients who want to create new websites or update existing ones. The website presents a professional image with client references and a clear service offering focused on web design and development. The technical infrastructure is basic but functional, using standard web technologies such as HTML, CSS, JavaScript, and jQuery, with Google Fonts integration. Mobile responsiveness and SEO basics are addressed, though accessibility could be improved. Security posture is moderate; HTTPS is assumed but no advanced security headers or policies are present. The absence of privacy and cookie policies, as well as contact details, limits compliance and trust. WHOIS data is unavailable, which raises concerns about domain legitimacy and transparency. Overall, the website is functional and professional but would benefit from enhanced security, compliance, and transparency measures.

INTERNEXT 2000, s.r.o. is a regional Czech internet service provider offering broadband internet, TV, VoIP telephony, and hosting services primarily in cities such as Zlín, Otrokovice, Uherské Hradiště, and Vsetín. The company emphasizes affordable, high-speed internet with packages up to 1 Gb/s and has been operating for approximately 29 years, indicating a well-established market presence. Their website targets residential and small business customers in the Czech Republic, providing clear service offerings and customer support channels. Technically, the website is built on WordPress with modern JavaScript libraries and integrates Google Analytics and Tag Manager for tracking. It uses HTTPS with good security headers and a cookie consent mechanism compliant with GDPR. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some accessibility features could be improved. From a security perspective, the site follows best practices such as enforcing HTTPS, implementing security headers, and avoiding exposure of sensitive data. No critical vulnerabilities or suspicious scripts were detected. Privacy compliance is strong with explicit cookie consent and a comprehensive privacy policy. However, the site lacks a published security policy or incident response contact information. Overall, the website and business appear legitimate and trustworthy, with a solid security posture and compliance framework. The absence of WHOIS data due to privacy protection is common and justified for this business type. Strategic recommendations include publishing a security policy, incident response details, and enhancing accessibility to further improve trust and compliance.

F

Fajn Rock Music - Petr Kůsa

fajnrockmusic.cz

32

Fajn Rock Music is a Czech media project established in 2007, focusing on rock music from the 1960s to current hits. It operates a radio station, a TV rock hit parade, and a radio show featuring Czech and international rock music. The platform targets rock music enthusiasts in the Czech Republic, offering event promotion and music content. The website demonstrates a consistent brand presence with active content and social media integration. Technically, it uses a custom CMS with modern web technologies including jQuery, Flowplayer, and Google Analytics, delivering moderate performance and good mobile optimization. Security posture is moderate with HTTPS usage but lacks visible security headers and formal privacy or cookie policies. No vulnerability disclosure or incident response contacts are provided. Overall, the site is safe, professional, and trustworthy but would benefit from enhanced privacy compliance and security best practices.

W

Whirlpool

whirlpool.cz

57

Whirlpool.cz is the official Czech Republic localized website for Whirlpool, a globally recognized brand specializing in household appliances such as washing machines, refrigerators, ovens, and dishwashers. The site targets Czech consumers seeking modern and energy-efficient appliances, providing product information, customer support, and retail services. The website demonstrates a professional digital presence with consistent branding and comprehensive privacy and cookie policies, reflecting compliance with GDPR requirements. Technically, the site employs modern JavaScript libraries, Google Analytics, Google Tag Manager, and New Relic for performance monitoring, alongside a cookie consent mechanism powered by OneTrust. Security best practices such as HTTPS enforcement and security headers are in place, though explicit incident response and vulnerability disclosure information are absent. Overall, the site presents a secure and trustworthy platform for consumers, though improvements in accessibility and explicit security policy publication are recommended.

T

Tefal

tefal.cz

58

Tefal.cz is the official e-commerce website for Tefal kitchen appliances and cookware in the Czech Republic, operated under the Groupe SEB umbrella. The site targets consumers seeking quality kitchen and household products, offering direct purchase options. Technically, the website employs modern JavaScript frameworks (likely Angular), integrates performance and error monitoring via New Relic, and uses third-party services such as Skeepers for marketing. The site is well-optimized for mobile and SEO, with good security practices including HTTPS and security headers. However, WHOIS data is unavailable, which slightly impacts domain trustworthiness. No explicit security policy or incident response contacts are published, representing an area for improvement. Overall, the website is professional, trustworthy, and safe for general audiences.

M

mujparking.cz

mujparking.cz

38

The website ww82.mujparking.cz appears to be a parked or placeholder domain with minimal content and no substantive business information. It primarily displays advertising blocks from Google Adsense and Bodis, indicating monetization attempts rather than an active business presence. The WHOIS data is unavailable, suggesting the domain may be unregistered or protected by privacy services, which reduces trust and transparency. Technically, the site lacks HTTPS, security headers, and any user interaction forms, reflecting a low level of digital maturity and security posture. Privacy and legal pages exist but are basic and do not demonstrate GDPR compliance or robust data protection practices. Overall, the site presents a low-risk profile but also low trustworthiness and business credibility.

D

Představujeme Vám pohodlné a bezplatné nástroje pro publikování a sdílení informací.

docplayer.cz

54

DocPlayer.cz is a Czech-based online platform offering free and unlimited document publishing and sharing services, primarily targeting students, educators, researchers, businesses, and independent authors. The platform supports multiple document formats and provides an in-browser viewing experience, enhancing user convenience. The website is well-established since 2015 and integrates Google services for fonts, analytics, and advertising, indicating a mature digital infrastructure. However, the absence of explicit privacy policies and terms of service on the main page suggests room for improvement in compliance and transparency. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and explicit incident response contacts. Overall, the site is functional, content-rich, and trustworthy for general educational and informational use.

N

Naučné-stezky.cz

naucne-stezky.cz

43

Naučné-stezky.cz is a Czech informational website dedicated to providing a comprehensive and continuously updated database of educational hiking trails throughout the Czech Republic. The site targets general users interested in nature, history, and outdoor educational activities. It offers detailed trail descriptions, metadata, and user comments, positioning itself as a niche resource in the tourism and education sector. Technically, the website is built on WordPress CMS with common plugins such as OpenStreetMap integration, AddToAny sharing, and Contact Form 7 for user interaction. Google Analytics and Google Tag Manager are used for visitor tracking. The site is moderately optimized for performance and mobile devices, with good SEO practices including structured data markup. Security-wise, the site uses HTTPS but lacks important security headers, which could be improved to enhance protection. Privacy and cookie policies are not found, indicating potential compliance gaps with GDPR and related regulations. The WHOIS data for the domain is missing, which reduces transparency and trust, though the website content and maintenance suggest legitimate use. Overall, the site is a valuable resource with good content quality but would benefit from enhanced security and privacy compliance measures.

NávštěvaLékaře.cz is a prominent Czech online healthcare portal specializing in doctor search and online appointment booking services. It positions itself as the largest platform of its kind in the Czech Republic, serving both patients and healthcare providers with a comprehensive directory of doctors, clinics, pharmacies, and emergency services. The portal boasts significant user engagement metrics including over 4 million patient bookings and a large network of cooperating doctors, underscoring its market leadership and trustworthiness in the healthcare sector. Technically, the website employs a modern technology stack including JavaScript frameworks, Google Tag Manager, Microsoft Clarity, and Facebook SDK for analytics and marketing. It uses a proprietary CMS (MKL.CMS) and integrates autocomplete and search enhancement tools to improve user experience. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, but lacks explicit security headers and publicly available security policies or incident response contacts. The absence of WHOIS domain registration data is a notable gap, reducing domain trustworthiness despite the professional appearance and content quality of the site. Overall, NávštěvaLékaře.cz presents a reliable and user-friendly healthcare service platform with strong market presence. However, it should improve transparency in domain registration and security policies to enhance trust and compliance.

M

Městská knihovna Český Těšín

knihovnatesin.cz

48

Městská knihovna Český Těšín is a municipal library serving the city of Český Těšín in the Czech Republic. The website provides access to library services including book lending, electronic databases, event information, and cultural programs. It targets a broad audience including children, seniors, handicapped individuals, schools, and parents. The library operates as a public service institution with a local community focus. The website is well-branded and consistent with municipal identity, featuring multilingual support via Google Translate and active social media channels.

B

Buildstore

buildstore.ie

64

Buildstore is a medium-sized Irish e-commerce retailer specializing in building products and materials, serving contractors, builders, and DIY enthusiasts nationwide. The company operates on the Shopify platform, offering a broad product range including rainwater systems, roofing, drainage, and garden products. Their market position is strong within Ireland as a leading online builder’s merchant with partnerships with major manufacturers. Technically, the website is built on a modern Shopify infrastructure with integrations for analytics, marketing, and customer engagement, providing a good user experience and mobile optimization. Security posture is solid with HTTPS and secure checkout, though improvements are needed in security headers and published policies. Overall, the website is professional and trustworthy but lacks visible privacy and cookie policies, which impacts compliance and user trust.

G

Green Ways sp. z o. o.

gw-int.pl

69

Green Ways sp. z o. o. is a medium-sized European company specializing in green food products, positioning itself as a leader in the green food trend across Europe. Founded in 2001, the company emphasizes high product quality, scientific backing, and a human-centered approach. Their website reflects a professional and modern digital presence, with multilingual support and clear navigation. The business model focuses on direct sales and partnerships, targeting health-conscious consumers interested in ecological and vegan products. Technically, the website employs modern web technologies including JavaScript frameworks, Google Tag Manager for analytics, and optimized image formats like WebP. The site is mobile-optimized and accessible, with good SEO practices evident from meta tags and structured content. Performance is moderate, with room for optimization. Security-wise, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, there is a lack of explicit security policy and incident response information, and no advanced security headers were detected. The absence of WHOIS data for the domain reduces trustworthiness slightly, though the website content and business information appear legitimate and consistent. Overall, the website presents a low-risk profile with strong compliance and professional business representation. Strategic improvements in security transparency and WHOIS data availability would enhance trust and security posture.

F

FidAR – Frauen in die Aufsichtsräte e. V.

wob-index.de

39

FidAR – Frauen in die Aufsichtsräte e. V. operates as a non-profit organization focused on promoting gender equality in corporate leadership within Germany. The website wob-index.de serves as an analytical platform providing studies and rankings (Women-on-Board-Index) to monitor the implementation and acceptance of legally mandated gender quotas in supervisory boards and management positions of private and public companies. The organization is recognized as a standard setter in this niche, targeting companies, policymakers, and the public interested in gender parity in governance. Technically, the website employs modern web technologies including Bootstrap for responsive design and Chart.js with Chartisan for data visualization. It is hosted on servers associated with kasserver.com and uses HTTPS to secure communications. The site is well-structured, mobile-optimized, and provides clear navigation, although it lacks some advanced accessibility features and explicit cookie consent mechanisms. From a security perspective, the site enforces HTTPS and uses trusted external libraries but does not explicitly implement security headers or publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the HTML content. Privacy compliance is supported by a comprehensive privacy policy linked externally, but no cookie banner or GDPR consent mechanism is present. Overall, the website presents a professional and trustworthy front with high content quality and business credibility. Recommendations include enhancing privacy compliance with cookie consent, adding security headers, and publishing security-related policies to improve the security posture and user trust further.

F

FUNKE Mediengruppe

morgenpost.de

65

Berliner Morgenpost, operated by FUNKE Mediengruppe, is a well-established regional news media outlet providing current news and background information on politics, economy, and sports primarily focused on Berlin and Germany. The website offers a mix of free content supported by advertising and subscription-based premium content, including e-paper and podcasts. The target audience is general public interested in regional and national news. The company maintains a strong market position as a trusted news source in the German media landscape. Technically, the website employs a modern technology stack including JavaScript and TypeScript, with integrations for consent management, analytics, advertising, and subscription management. The site is mobile-optimized, accessible, and SEO-friendly, reflecting a mature digital infrastructure. Performance is moderate with asynchronous loading of third-party scripts to optimize user experience. From a security perspective, the site enforces HTTPS and uses consent management to comply with GDPR. While explicit security headers are not fully confirmed, best practices appear to be followed with no visible vulnerabilities or exposed sensitive data. The absence of a security.txt or explicit incident response contact is noted as an area for improvement. Overall, the website presents a low risk profile with strong compliance and professional operations. Strategic recommendations include enhancing security header implementation, publishing a vulnerability disclosure policy, and improving incident response transparency to further strengthen trust and security posture.

Hans-Böckler-Stiftung is a German non-profit foundation affiliated with the German Trade Union Confederation (DGB), focusing on labor participation, research funding, and scholarships. The website serves as an information portal for its institutes and services, targeting researchers, students, and labor organizations. The foundation maintains a solid market position within the non-profit sector in Germany, supported by multiple specialized research institutes. Technically, the website employs modern web standards, including HTML5, CSS3, and JavaScript, with integration of a consent management platform (Usercentrics) and Google Tag Manager for analytics. The site is well-structured, mobile-optimized, and accessible, with good SEO practices. Security posture is moderate, with HTTPS usage and cookie consent mechanisms, but lacks explicit security headers and published security policies. Overall, the website is professional and trustworthy, though it could improve transparency by publishing privacy policies, terms of service, and incident response contacts.

D

Design Keller Internetagentur Berlin

design-keller.de

45

Design Keller Internetagentur Berlin is a small, specialized internet agency based in Berlin, Germany, offering professional web design, web programming, and content management services primarily using TYPO3 CMS. The company targets local businesses and organizations seeking customized web solutions, including SEO and consulting. The website reflects a solid market position with a portfolio of diverse client projects and a consistent brand presence. Technically, the site uses legacy and modern web technologies, with moderate performance and basic mobile optimization. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. Overall, the site is professional and trustworthy but could improve privacy compliance and technical modernization. The domain registration data aligns well with the business claims, supporting legitimacy.

R

Resort Valachy & eSports.cz, s.r.o.

valachytour.cz

53

ValachyTour is a Czech-based sports event organizer specializing in multi-discipline competitions such as cycling, running, swimming, and skiing. Established since 2012/2013, it operates a series of races in the Beskydy region, targeting athletes of all ages and fitness levels. The website serves as an information hub and registration platform, complemented by an e-commerce shop for related merchandise. The business maintains partnerships with reputable brands and regional authorities, enhancing its market credibility. Technically, the website employs modern web standards with HTML5, CSS3, and JavaScript, including libraries like fslightbox.js and cookie consent scripts. It is hosted likely by REG-ZONER, a Czech registrar and hosting provider. The site is mobile-optimized with good navigation and basic SEO features. However, it lacks some advanced accessibility features and visible security headers. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism compliant with GDPR principles. There is no explicit privacy policy or security incident contact information published, which are areas for improvement. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the website content, indicating legitimacy and stability. Overall, ValachyTour presents a professional and trustworthy online presence for its niche sports event market, with moderate technical maturity and room for enhanced privacy and security practices.

E

Edhouse

edhouse.eu

55

Edhouse is a well-established software house founded in 2006, specializing in custom software and hardware development services. The company serves both Czech and international markets with a medium-sized team of over 140 developers and specialists. Their business model focuses on delivering integrated technology solutions including software development, hardware development, and complex solutions tailored to client needs. The website reflects a professional and trustworthy brand with extensive case studies and client testimonials from reputable companies, positioning Edhouse as a reliable partner in the technology sector. Technically, the website is built using modern web technologies including jQuery and Google Tag Manager, managed via the Studio9 webManager CMS. It is well-optimized for performance, mobile responsiveness, and accessibility, with proper SEO metadata and structured navigation. The site uses HTTPS exclusively, and a cookie consent mechanism is implemented to comply with GDPR requirements. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent but lacks explicit security headers and published security policies or incident response contacts. The WHOIS data is privacy protected as per EURid policy, which is common and justified for this type of business. No vulnerabilities or suspicious content were detected. Overall, Edhouse presents a low-risk profile with a strong business credibility and a mature digital presence. Strategic recommendations include enhancing security posture by adding security headers and publishing a security policy, as well as providing direct contact information for incident response to improve transparency and trust.

V

Vaillant

vaillant.cz

58

Vaillant.cz is the Czech Republic website for Vaillant, a well-established company specializing in heating and home comfort solutions with over 140 years of experience and German technology development. The website presents a professional design with good content relevance and clear branding, targeting homeowners and businesses seeking heating solutions. Technically, the site uses modern JavaScript frameworks such as Alpine.js, integrates Google Tag Manager and Consent Manager for analytics and GDPR compliance, and is hosted under a reputable registrar. Security posture is moderate with HTTPS implied but lacks explicit security headers and published security policies. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service pages. Business credibility is high given the domain age, consistent WHOIS data, and professional presentation. Overall, the site is functional and trustworthy but would benefit from enhanced privacy disclosures and security best practices.

G

Green Ways s.r.o.

gw-int.net

71

Green Ways s.r.o. is a European leader in the green food market, specializing in high-quality, certified organic and vegan products. Founded in 2001, the company emphasizes product quality, scientific backing, and a customer-friendly approach. Their website is professionally designed, multilingual, and provides clear contact and business information, supporting their market position. Technically, the site uses modern JavaScript frameworks and Google Tag Manager for analytics, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent, but lacks advanced security headers and incident response disclosures. The absence of WHOIS registration data raises concerns about domain legitimacy, which impacts overall trustworthiness. Strategic recommendations include improving security headers, publishing security policies, and resolving WHOIS inconsistencies to enhance credibility.

C

CONTEG, spol. s r.o.

conteg.cz

68

CONTEG, spol. s r.o. is a Czech-based leading supplier of global solutions for data centers, telecommunications, industrial, and outdoor technologies. Founded in 1998, the company has grown to serve over 70 countries with multiple international subsidiaries and a strong presence in Europe and beyond. Their core offerings include design and manufacturing of data centers, telecom cabinets, cooling systems, monitoring, and custom solutions tailored to client needs. The website reflects a mature digital presence with multilingual support and comprehensive business information. Technically, the site employs modern JavaScript frameworks, Google reCAPTCHA Enterprise for bot protection, and analytics tools such as Google Analytics and Plausible, indicating a well-rounded digital infrastructure. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though the absence of a published security policy and incident response contact reduces transparency. WHOIS data is unavailable, which slightly impacts trust but does not negate the legitimacy indicated by the website content and contact details. Overall, CONTEG presents as a professional, trustworthy B2B technology manufacturer with a strong market position and international reach.

B

Bitrix Inc

bitrix24.in

73

Bitrix Inc operates Bitrix24, a comprehensive SaaS platform offering CRM, project management, collaboration, HR automation, and AI-powered assistant services. The platform targets businesses seeking integrated tools to manage sales, teams, and workflows efficiently. The website demonstrates a mature digital presence with professional design, structured content, and multi-platform support including Windows, MacOS, Android, iOS, and Linux. Technical infrastructure leverages the Bitrix CMS framework with modern JavaScript libraries and integrates multiple third-party analytics and advertising services. Security posture is adequate with HTTPS and cookie consent mechanisms, though lacks explicit security headers and published privacy or terms policies. Overall, the platform is positioned as a trusted, large-scale technology provider with a strong market presence in India and globally.

R

Rezervátor.cz

rezervator.cz

46

Rezervátor.cz is a Czech Republic-based online reservation system designed to facilitate quick and easy booking management for small to medium-sized businesses across various sectors such as equipment rental, sports, and therapy services. The platform offers key functionalities including online reservations, payment processing with card options, cancellation handling, and client documentation generation. The website demonstrates a professional and consistent brand presence with good content quality and user experience, supported by client testimonials and references to reputable partners. Technically, the website employs modern JavaScript libraries such as Swiper.js and Owl Carousel for UI components, Google Fonts for typography, and integrates Smartsupp Live Chat and Google Analytics for customer support and analytics respectively. The site is mobile-optimized with good SEO practices and uses HTTPS for secure communications. However, explicit security headers are not detected, and no dedicated security or incident response policies are published. From a security perspective, the site shows good privacy compliance with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. The absence of WHOIS data due to privacy protection limits transparency but is common for this business type. No critical vulnerabilities or exposed sensitive data were found. Overall, the site maintains a solid security posture but could benefit from enhanced security headers and published security policies. The overall risk assessment is low with recommendations to improve security transparency and incident response readiness. The business is well-positioned in its niche market with a clear value proposition and trustworthy digital presence.

Firma Handlowo-Usługowa "Wikom" is a small Polish company specializing in creating websites and BIP subject pages for organizational units, primarily in the public sector. Established in 2001, the company emphasizes legal compliance, accessibility, and user-friendly CMS solutions with AI features to prevent errors. Their market position is that of a niche provider with over two decades of experience, offering tailored web services and technical support. Technically, the website uses modern web technologies including Bootstrap and FontAwesome, with Google Tag Manager for analytics. The site is mobile optimized and accessible, though SEO optimization is basic. Security posture is good with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Overall, the website is professional, trustworthy, and compliant with GDPR and accessibility standards, making it suitable for its target audience of public organizations in Poland.

P

Powiat Tomaszowski

powiat-tomaszowski.pl

57

Powiat Tomaszowski operates an official government website serving the local community of Tomaszowski County in Poland. The site provides comprehensive information about local government activities, public services, news, and events. It targets residents, local organizations, and stakeholders seeking official information and access to administrative resources. The website is well-positioned as a trusted source for regional governance and public communication. Technically, the website employs modern web technologies including JavaScript, CSS, and service workers, with integration of Google Analytics and OpenWeatherMap for enhanced user experience. The site is hosted by a reputable Polish registrar and hosting provider, with DNSSEC enabled and HTTPS enforced, reflecting a mature digital infrastructure. Accessibility and SEO optimizations are evident, supporting broad usability. From a security perspective, the website demonstrates good practices such as HTTPS, DNSSEC, and cookie consent mechanisms. While some security headers could be improved or added, no critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong, with clear privacy and cookie policies aligned with GDPR requirements. However, no explicit incident response or vulnerability disclosure pages were found. Overall, the website presents a low-risk profile with a solid security posture and trustworthy business credibility. It effectively serves its governmental function with professional content and user-friendly design. Strategic improvements in security headers and incident response transparency could further enhance its security maturity.

B

BBBank

bbbank.de

61

BBBank is the largest cooperative private customer bank in Germany, offering modern digital banking services alongside a nationwide branch network. The website reflects a professional banking institution targeting private customers in Germany, with a focus on convenience and high-quality advisory services. The technical infrastructure uses modern JavaScript frameworks and integrates analytics and tracking tools such as Google Tag Manager and Bing tracking pixels. Security posture is adequate with HTTPS enabled and asynchronous loading of tracking scripts, but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies in the analyzed content. Overall, the website is trustworthy and professional but could improve transparency and compliance documentation.

L

Livesport s.r.o.

livescore.in

65

Livescore.in is a live sports score platform primarily focused on football, providing real-time updates to Finnish-speaking users. The website is part of Livesport s.r.o., an established media company founded in 2008, with a strong market presence in live sports information. The platform leverages modern web technologies and integrates advertising and analytics services to support its business model. Technically, the site demonstrates good performance, mobile optimization, and basic accessibility features. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy and terms of service documentation are missing. Overall, the site is professional and trustworthy, serving a general audience interested in sports scores.

W

Women in Business

womeninbusiness-mena.com

51

Women in Business is a professional network and empowerment platform dedicated to supporting women entrepreneurs across the EMEA region. The organization offers a variety of programs such as the WiB Academy, networking events, and sector-specific initiatives to foster growth, visibility, and business development for women in diverse industries including finance, healthcare, technology, and agriculture. The website reflects a mature and well-structured digital presence with a focus on community and empowerment. Technically, the site uses modern web technologies including Svelte, and is hosted by a reputable provider, IONOS SE. The site is mobile-optimized and accessible, with good SEO practices. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy compliance is weak due to the absence of privacy and cookie policies and consent mechanisms. No contact information or incident response details are provided, which limits user trust and compliance. Overall, the site is professional and trustworthy but would benefit from improved privacy and security practices.

F

FCEM Femmes Chefs d'Entreprises Mondiales

fcem.org

52

FCEM (Femmes Chefs d'Entreprises Mondiales) is a well-established global non-profit association founded in 1945, dedicated to connecting women entrepreneurs worldwide. The organization operates as a membership network with over 120 countries and millions of businesses represented. It holds consultative status with major international bodies such as the United Nations and the Council of Europe, reinforcing its credibility and influence. The website serves as a hub for information on events, awards, and educational resources, targeting women business leaders and national associations globally. Technically, the site is built on WordPress with a modern theme and includes standard plugins for analytics and cookie consent, hosted by OVH sas. Security posture is good with HTTPS and domain protections, though DNSSEC is not enabled and no explicit security policy or incident response contacts are published. Privacy compliance is well addressed with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and well-aligned with the organization's mission.

G

Gewerkschaft Erziehung und Wissenschaft (GEW)

gew.de

53

The Gewerkschaft Erziehung und Wissenschaft (GEW) is a prominent educational trade union in Germany representing approximately 280,000 professionals in education and science sectors. The website serves as a comprehensive platform offering information on union activities, collective bargaining, member services, publications, and events. It targets educators, researchers, students, and unemployed pedagogues, positioning itself as a key player in the German education labor market. The business model is non-profit, focusing on advocacy and support for its members.

E

Eisenbahn- und Verkehrsgewerkschaft (EVG)

evg-online.org

64

The Eisenbahn- und Verkehrsgewerkschaft (EVG) is a well-established German labor union representing railway and transport workers. The organization focuses on advocating for employee rights, fair tariff agreements, and workplace co-determination. The website serves as a comprehensive portal for members and prospective members, offering news, member benefits, educational resources, and political information. The union has a strong presence in Germany with multiple regional offices and active social media channels. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries and analytics tools such as Google Analytics and Matomo. The site is mobile-optimized, accessible, and SEO-friendly, providing a professional user experience. Privacy compliance is well addressed with a clear privacy policy, cookie consent banner, and GDPR adherence. From a security perspective, the site enforces HTTPS and employs secure login forms with encryption attributes. However, it lacks explicit security headers and published security or incident response policies, which could be improved. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content and branding strongly indicate a legitimate and trustworthy organization. Overall, the EVG website is a robust, professional platform supporting a major labor union in Germany. Strategic improvements in security transparency and domain registration clarity would enhance trust and compliance further.

The website represents a specialized non-public secondary school focused on sports mastery, particularly volleyball, affiliated with the Polish Volleyball Federation. It serves students, parents, and the sports community by providing educational content, sports training information, and institutional updates. The site is well-structured, professionally designed, and provides clear contact and privacy information, reflecting a mature digital presence for a small educational institution. Technically, the website uses a modern tech stack including Laravel backend and Wikom CMS, with client-side libraries such as Swiper.js and Vanilla Calendar Pro enhancing user experience. The site is mobile-optimized and accessible, though performance is moderate. Security practices include HTTPS enforcement and cookie consent mechanisms, but lack DNSSEC and explicit security headers, which are recommended for improvement. Security posture is solid but could be enhanced by adding security headers and publishing formal security policies. Privacy compliance is strong with a comprehensive GDPR-aligned privacy policy and cookie consent. No critical vulnerabilities or suspicious indicators were found. Overall, the site is trustworthy and professionally maintained. Strategically, the institution should focus on improving DNS security, enhancing security headers, and publishing incident response information to further strengthen trust and compliance. These steps will support the school's reputation and protect its digital assets.

V

Voltage Multimedia Studio

jesinfo.cz

46

Jesinfo.cz is a regional event information portal focused on the Jeseník district in the Czech Republic, providing comprehensive listings of cultural, sports, gastronomic, and other local events. The website is operated by Voltage Multimedia Studio, a small media company founded in 2014. The portal offers event calendars, categories, galleries, and administrative access for event management, targeting residents and visitors interested in local happenings. The site is professionally designed with consistent branding and clear navigation, supporting Czech and Polish languages. Technically, it uses the Noteo Engine CMS, jQuery, FontAwesome, and Google Tag Manager for analytics, hosted under the REG-GRANSY registrar. Security posture is good with HTTPS enforced and basic security headers, though additional headers could improve protection. Privacy compliance is basic, with cookie consent implemented but no explicit privacy or terms of service pages found. Contact information is clearly provided, including phone, email, and physical address, along with social media links to Facebook and YouTube. Overall, the site is trustworthy, safe, and well-positioned as a regional media portal.

M

Město Český Těšín

tesin.cz

46

The website https://tesin.cz/ serves as the official online portal for the city of Český Těšín, Czech Republic. It provides residents and visitors with comprehensive municipal information, including news updates, administrative services, event calendars, and contact details. The site is well-structured, regularly updated, and targets local citizens and stakeholders. The business model is that of a government municipal service platform, focusing on public service delivery and community engagement. Technically, the site is built on the Vismo CMS platform, utilizing standard web technologies such as HTML5, CSS, and JavaScript. It integrates Google Analytics for minimal user tracking and Google Translate for multilingual support. The site is hosted via Active24, with HTTPS enforced, and demonstrates good mobile optimization and accessibility features. SEO practices are adequately implemented with proper meta tags and structured navigation. From a security perspective, the website employs HTTPS and cookie consent mechanisms aligned with GDPR requirements. No critical vulnerabilities or exposed sensitive data were detected. However, security headers like Content-Security-Policy and X-Frame-Options are not explicitly observed and could be improved. There is no dedicated security policy or incident response information published, which is common for municipal sites but represents an area for enhancement. Overall, the site is trustworthy, professionally maintained, and compliant with privacy regulations. The domain is longstanding (since 1998) and consistent with the official nature of the business. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and considering a vulnerability disclosure mechanism to further strengthen security posture.

T

Trigea

trigeafunds.com

70

Trigea operates a real estate investment fund focused on acquiring commercial properties in prime locations, targeting both conservative and adventurous investors. The fund aims for an annual yield of 5-7%, with a track record since 2019 aligning with this goal. The website presents a professional image with clear business messaging and investor tools such as performance charts and an online investment portal. Technically, the site uses modern web technologies including JavaScript libraries and web fonts, and integrates third-party services for chat and analytics. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Security posture is moderate with HTTPS implied but lacking visible security headers and formal privacy or cookie policies. Overall, the site is functional and professional but would benefit from enhanced transparency and security disclosures.

M

MTX Group a.s.

mtxgroup.cz

48

MTX Group a.s. is a prominent industrial and trading holding company based in the Czech Republic, established in 2013. The company manages a diversified portfolio of subsidiaries operating in metals, energy commodities, packaging, trading, and industrial services sectors. It holds a strong market position in Central Europe, particularly in commodity trading and manufacturing. The website presents detailed information about its subsidiaries and business areas, targeting industrial partners, investors, and commercial clients. Technically, the website employs modern JavaScript frameworks (likely Vue.js), integrates Google Analytics and Tag Manager for tracking, and uses Google reCAPTCHA for bot protection. The site is mobile-optimized with good SEO practices and a cookie consent mechanism compliant with GDPR requirements. However, it lacks explicit privacy and terms of service pages, and security headers are not detected. From a security perspective, the site uses HTTPS and standard Google services for analytics and bot mitigation, but could improve by implementing security headers, publishing a security policy, and providing vulnerability disclosure information. No critical vulnerabilities or exposed sensitive data were detected in the content. Overall, MTX Group's website is professional, trustworthy, and business-focused, with room for improvement in privacy transparency and security best practices to enhance compliance and user trust.