Security Directory

A

Alexion

alexion.com

63

Alexion is a well-established pharmaceutical company specializing in rare disease therapies and research, operating as part of AstraZeneca Rare Disease. The website reflects a mature enterprise with a clear focus on delivering innovative treatments and patient support services globally. The content is professionally presented, targeting patients, caregivers, healthcare professionals, and researchers. Technically, the site uses modern web technologies, including Google Tag Manager and AWS DNS infrastructure, and is likely built on the Sitecore CMS platform. The website is mobile-optimized and accessible, with good SEO practices evident. Security posture is solid with HTTPS and domain protections, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is weak on the main page, lacking explicit privacy and cookie policies, which should be addressed to meet GDPR and other regulations. Overall, the domain registration data supports the legitimacy and trustworthiness of the business.

The website todofp.es serves as the official Spanish government portal for Formación Profesional (Vocational Training). It provides comprehensive information about educational offerings, how and where to study, accreditation, and related news. The platform targets students, educators, and professionals interested in vocational education in Spain, positioning itself as a trusted and authoritative source backed by the Ministry of Education, Formación Profesional y Deportes. The content is well-structured, professionally presented, and consistent with government branding. Technically, the site uses a traditional web stack with jQuery, Google Custom Search, and Twitter widgets. It is served over HTTPS, includes cookie consent mechanisms, and demonstrates good mobile optimization and accessibility. However, some security best practices such as security headers are not evident, and no advanced frameworks or CMS are detected. Performance is moderate, with room for optimization. From a security perspective, the site shows a basic but adequate posture with HTTPS and cookie consent. No vulnerabilities or exposed sensitive data were detected in the HTML content. The lack of WHOIS data limits domain registration analysis, but the domain's alignment with official government content and branding supports legitimacy. Privacy policies and terms of service are present and GDPR compliant. Overall, todofp.es is a credible, safe, and professionally maintained government educational resource. Strategic improvements could include enhancing security headers, publishing explicit security policies, and improving technical performance to further strengthen trust and compliance.

W

WANET s.r.o.

wanet.cz

55

WANET s.r.o. is a Czech Republic-based IT company specializing in external network management, website creation, SEO optimization, and smart home technology development. The company offers tailored IT services with a focus on individual client needs and provides 24/7 monitoring and security for managed networks. Their product portfolio includes smart IP weather stations and home automation systems, positioning them as a niche technology provider in their regional market. Technically, the website uses a basic but functional stack including jQuery and custom JavaScript, with a cookie consent mechanism implemented for compliance. However, the absence of a privacy policy and terms of service pages, along with missing WHOIS domain registration data, reduces overall trust and compliance posture. Security practices include CAPTCHA on contact forms but lack visible security headers and confirmed HTTPS status. Overall, the website is accessible, professionally presented, and content-rich, but improvements in security and compliance documentation are recommended.

C

CZ.NIC

jakfungujedns.cz

52

The website jakfungujedns.cz is an official educational platform operated by CZ.NIC, the Czech Republic's domain registry association responsible for managing the .CZ domain and DNS infrastructure. It provides clear, step-by-step educational content about how DNS works, targeting general internet users and those interested in internet technology. The site is well-branded with CZ.NIC logos and consistent messaging, reinforcing its authoritative position in the Czech internet ecosystem. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery 1.11.0, along with Piwik analytics for user tracking. It is hosted likely on CZ.NIC infrastructure, ensuring reliability and performance. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. However, some technical improvements are possible, such as updating JavaScript libraries and enhancing accessibility features. From a security perspective, the site uses HTTPS and implements a cookie consent mechanism, demonstrating awareness of privacy regulations. However, it lacks visible security headers and a published privacy policy, which are important for compliance and user trust. No forms or sensitive data collection are present, reducing attack surface. The WHOIS data confirms the domain is legitimately registered to CZ.NIC, consistent with the website's purpose and content. Overall, the website is trustworthy, professionally maintained, and serves its educational purpose well. Strategic improvements in privacy documentation, security headers, and technical modernization would enhance its security posture and compliance standing.

M

mypage.cz

mypage.cz

51

mypage.cz is a Czech language media and news website launched in 2024, focusing on films, series, games, and general lifestyle topics. It provides news articles, reviews, and guides targeting a general audience interested in entertainment and related subjects. The site operates primarily on advertising revenue, leveraging Google Adsense and Matomo analytics for monetization and user insights. The website is professionally designed with consistent branding and good content quality, offering a clear navigation structure and mobile optimization. Technically, it uses standard web technologies including Google Fonts, JavaScript, and CSS, hosted on infrastructure associated with REG-GRANSY and vas-hosting name servers. Security posture is adequate with HTTPS enforced and cookie consent implemented, though some security headers and policies are missing. No critical vulnerabilities or suspicious WHOIS data were found, and the domain registration is consistent with the site's new business age. Overall, the site is safe, compliant with GDPR, and suitable for general audiences.

I

ILUNION Hotels

ilunionhotels.co.uk

65

ILUNION Hotels operates as a hospitality chain offering accessible 3, 4, and 5-star accommodations primarily in Spain. The website serves as the official booking platform, providing multi-language support and a loyalty program to enhance customer engagement. The business targets a broad audience seeking accessible and quality hotel services. Technically, the site is built on Adobe Experience Manager, integrating modern analytics and cookie consent tools, indicating a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though lacking explicit security policies and vulnerability disclosures. The absence of WHOIS data for the .co.uk domain suggests the domain may be a subdomain or alias rather than a registered domain, which warrants further verification. Overall, the website is professional, secure, and compliant with privacy norms, suitable for general audiences.

I

ILUNION Hotels

ilunionhotels.de

63

ILUNION Hotels operates a professional, accessible hotel chain website targeting German-speaking customers interested in accessible and family-friendly accommodations in Spain. The site is built on Adobe Experience Manager with integrated Adobe Analytics and Google Tag Manager, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security policies and incident response contacts are not publicly visible. The domain registration is consistent with the business claims, and the website content is comprehensive and professionally presented. Overall, the site demonstrates good business credibility and technical implementation with room for improvement in privacy policy transparency and security header implementation.

C

Coalition for Seamless Access

seamlessaccess.org

60

SeamlessAccess is a non-profit service governed by a coalition of major organizations in the research and scholarly publishing sectors, providing a federated Single Sign-On solution to streamline access to scholarly collaboration tools and research infrastructure. The service targets institutions, libraries, identity providers, and researchers, enabling seamless authentication across multiple platforms. The website is professionally designed using the Hugo static site generator, with good mobile optimization and clear navigation, reflecting a mature digital presence. Security posture is solid with HTTPS enforced and domain transfer protections, though improvements are recommended in DNSSEC, security headers, and incident response transparency. Privacy compliance is generally good with a comprehensive privacy policy, but cookie consent mechanisms and terms of service are lacking. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the service.

K

KRONUS Inc.

kronus.com

55

KRONUS Inc. is a specialized healthcare company focused on providing immunoassay and autoimmune diagnostic test kits to medical professionals and laboratory facilities worldwide. With over 35 years of experience and an ISO 13485:2016 quality management certification, KRONUS positions itself as a trusted supplier in the niche market of endocrine and metabolic autoimmune disorder diagnostics. The website content clearly targets medical professionals and laboratories, emphasizing product quality and specialized services. Technically, the website employs a simple technology stack including jQuery 2.2.3 and custom CSS/JavaScript. The site is moderately optimized for performance and mobile devices, with good SEO practices evident in meta tags and structured navigation. However, the use of an outdated jQuery version and lack of modern security headers indicate areas for technical improvement. The hosting and domain registration are managed by reputable providers, supporting operational stability. From a security perspective, the website shows moderate maturity. The domain is secured with clientTransferProhibited status, but DNSSEC is not enabled, and no security headers were detected. There is no evidence of privacy or cookie policies, which presents compliance risks especially under GDPR. No incident response or vulnerability disclosure information is provided. Contact information is clearly available, supporting user trust and communication. Overall, KRONUS.com is a professional and trustworthy website with solid business credibility but with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen the company’s digital trustworthiness and regulatory posture.

F

FOND SIDUS

fondsidus.cz

46

Fond Sidus is a Czech non-profit organization dedicated to supporting children through educational projects, entertainment, and promoting healthy nutrition including fermentation and homemade fermented vegetables. The website presents a well-structured archive of projects spanning many years, indicating a sustained presence in the educational and social sector. The target audience primarily includes children, educational institutions, and individuals interested in healthy lifestyles. Technically, the website uses a proprietary or custom CMS platform (eshop-rychle.cz) and integrates Matomo analytics with user consent, reflecting a moderate level of digital maturity. However, the site lacks comprehensive privacy and cookie policies, and no contact information is explicitly provided, which limits transparency and user trust. Security-wise, HTTPS is enabled but the absence of security headers and WHOIS data opacity are notable weaknesses. Overall, the site is functional and content-rich but would benefit from enhanced privacy compliance and security hardening.

M

MND

mnd.cz

78

MND is a Czech energy supplier offering gas and electricity services primarily to households (B2C). The website provides an online price calculator and facilitates switching to MND as a supplier, positioning itself as a stable and fair energy provider in the Czech market. The digital infrastructure is built on Kentico CMS with integrated Cookiebot for GDPR-compliant cookie management and Google Tag Manager for analytics and marketing. The site is well-structured, mobile-optimized, and uses modern web technologies, reflecting a mature digital presence. Security posture is strong with HTTPS enforced, standard security headers, and no visible vulnerabilities or exposed sensitive data. Privacy compliance is robust, with clear cookie consent mechanisms and a comprehensive cookie policy. However, WHOIS data is unavailable, likely due to privacy protection, which is common for commercial entities. Overall, the website demonstrates professionalism, trustworthiness, and compliance with relevant regulations, though it lacks explicit contact information and some policy pages such as terms of service and security policy. Strategic recommendations include publishing incident response contacts, adding a security policy page, and improving accessibility features.

W

World Leagues Association

worldleaguesforum.com

10

The World Leagues Association website serves as a professional platform representing global professional football leagues. It provides information about the association's mission, media updates, event calendars, and member access. The site targets sports organizations and political bodies involved in football governance. The business model is that of a non-profit association fostering cooperation among leagues worldwide. The website is well-branded, consistent, and offers clear navigation and relevant content for its audience. Technically, the site is built on Kirby CMS with modern web technologies including JavaScript and CSS. It is mobile-optimized and includes SEO best practices such as meta tags and Open Graph data. Performance is moderate with room for improvement in accessibility and security headers. Google Tag Manager is used for analytics and tracking, with a functional cookie consent mechanism in place. From a security perspective, the site enforces HTTPS and has implemented cookie consent, but lacks visible security headers and formal security policies such as incident response or vulnerability disclosure. No critical vulnerabilities or exposed sensitive data were detected. The domain uses privacy protection for WHOIS data, which is justified for this type of organization. Overall, the security posture is adequate but could be enhanced with additional measures. The overall risk is low given the professional nature of the site and absence of suspicious indicators. Strategic recommendations include publishing privacy and terms of service policies, implementing security headers, and establishing a vulnerability disclosure process to improve trust and compliance.

C

CZ.NIC, z. s. p. o.

dnssec.cz

57

The website www.dnssec.cz is operated by CZ.NIC, the official Czech domain registry association responsible for managing the .CZ top-level domain and promoting DNS security technologies such as DNSSEC. The site provides educational content about DNSSEC, tools to test DNSSEC protection on user connections and domains, and contact information for support. It targets Czech internet users, domain owners, and ISPs, positioning itself as an authoritative source on DNS security in the Czech Republic. Technically, the site uses a straightforward technology stack including jQuery and custom JavaScript, with CSS for styling. The site is accessible, uses HTTPS, and embeds multimedia content such as YouTube videos. However, it lacks advanced security headers and comprehensive privacy or cookie policies. Mobile optimization and accessibility are basic but functional. From a security perspective, the site demonstrates good practices by using HTTPS and avoiding exposed sensitive data. However, the absence of security headers and incident response information limits its security maturity. The missing WHOIS data for the domain reduces transparency and trustworthiness from a registration standpoint, although the CZ.NIC branding and contact details support legitimacy. Overall, the site is a reliable educational resource on DNSSEC with moderate technical sophistication and a good business credibility profile. Improvements in privacy compliance, security headers, and WHOIS transparency would enhance trust and security posture.

S

SrovnaniZivotnihoPojisteni.cz ve spolupráci s Partners Financial Services, a. s.

srovnanizivotnihopojisteni.cz

58

The website srovnanizivotnihopojisteni.cz operates as a Czech insurance comparison platform specializing in life and non-life insurance products. It partners with multiple well-known insurance providers and offers users a service to compare insurance offers and receive specialist consultations. The business model focuses on lead generation and customer acquisition for insurance companies, targeting Czech individuals and businesses seeking insurance solutions. The site has been active since at least 2011 and is associated with Partners Financial Services, a reputable financial services company in the region. Technically, the website uses a traditional web stack including jQuery and Google reCAPTCHA for form security. It employs HTTPS for secure communications but lacks some modern security headers and cookie consent mechanisms. The site is moderately optimized for performance and mobile use, with basic accessibility features. SEO is implemented at a basic level with meta tags and Open Graph data. From a security perspective, the site demonstrates good practices such as HTTPS and CAPTCHA integration to prevent spam. However, the absence of explicit security headers and cookie consent reduces its compliance posture. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data is unavailable, likely due to privacy protection, but the website's professional presentation and partnerships support its legitimacy. Overall, the site presents a trustworthy and professional service with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing cookie consent, adding security headers, publishing security policies, and enhancing mobile and accessibility features to improve user trust and regulatory compliance.

P

Partners For Life Planning, a. s.

zpojisteni.cz

54

The website www.zpojisteni.cz operates as a Czech life insurance comparison portal, providing users with information and tools such as calculators to evaluate various life insurance products from multiple Czech insurers and pension funds. It is positioned as a niche player in the Czech financial services market, targeting consumers seeking life insurance and financial planning solutions. The site is owned or operated by Partners For Life Planning, a. s., as indicated in the footer content. Technically, the site uses traditional web technologies including jQuery and standard CSS, with no modern CMS or frameworks detected. The site is accessible, uses HTTPS, and includes a cookie consent mechanism, but lacks a visible privacy policy and security headers, which are important for compliance and security posture. No WHOIS data was retrievable, which limits domain trust assessment. Overall, the site is functional and provides relevant content but could improve in privacy transparency and security best practices.

R

RNDr. Jan Holpuch. Ph.D.

holpuch.cz

41

The website holpuch.cz represents a small-scale personal brand for RNDr. Jan Holpuch, Ph.D., a web designer and IT specialist based in the Czech Republic. The site serves as a simple landing page with basic contact information and a brief description of services. The business appears to be a sole proprietorship or small consultancy with a long-standing domain registration dating back to 2001, indicating stability and legitimacy. The target audience is general, likely local clients seeking web design and IT services. Technically, the website is minimalistic, built with standard HTML, CSS, and JavaScript, hosted on Forpsi servers. It lacks advanced frameworks or CMS platforms and does not include analytics or advertising scripts. The site is mobile optimized with basic SEO and accessibility features but could benefit from enhanced technical implementation and performance improvements. From a security perspective, the site lacks important security headers and explicit security policies. There is no privacy or cookie policy, which impacts GDPR compliance. No forms or data collection mechanisms are present, reducing immediate data protection risks. The WHOIS data aligns well with the website content, supporting legitimacy. Overall, the security posture is basic and could be improved with standard best practices. The overall risk is low given the limited scope and content of the site, but strategic improvements in privacy compliance, security headers, and transparency would enhance trust and professionalism.

B

BK Olomoucko

live4basketball.cz

58

Live4Basketball.cz is an e-commerce website dedicated to selling basketball-related merchandise for the BK Olomoucko team. The site offers a variety of products including team jerseys, clothing for men, women, and children, accessories, and gift vouchers. It targets basketball fans and supporters primarily in the Czech Republic. The business operates a niche online retail model focused on sports merchandise with a small-scale market presence. Technically, the website is built on the Eshop-rychle.cz platform, utilizing standard web technologies such as HTML5, CSS, JavaScript, and Google Fonts. It integrates Matomo analytics for user tracking and employs HTTPS for secure communications. The site includes cookie consent mechanisms and basic privacy compliance features, though it lacks advanced security headers and explicit incident response policies. From a security perspective, the website demonstrates a moderate security posture with HTTPS enforcement, secure login forms, and CAPTCHA on newsletter subscriptions. However, it could improve by adding security headers and publishing clear security policies. No critical vulnerabilities or malware were detected. The WHOIS data is unavailable, likely due to privacy protection, which is common for small e-commerce sites. Overall, the website is professionally designed with good content quality and user experience. It maintains trust through clear contact information and social media presence. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving privacy disclosures to strengthen compliance and trust.

PetrPM.com is a personal portfolio website for Petr Mysliveček, a creative professional specializing in graphic design, photography, and video content creation. The website serves as a showcase of artistic work inspired by music and visual arts, targeting individuals and clients interested in multimedia creative services. The business operates as a small personal brand with a niche market position, leveraging social media and online galleries to reach its audience. Technically, the website is built on a simple HTML5 template with CSS and JavaScript enhancements, including Google Analytics and Google Tag Manager for visitor tracking. Hosting is provided via Tele3.cz, with domain registration dating back to 2015, indicating a stable online presence. The site is mobile optimized and presents a good user experience, though accessibility and SEO optimizations are basic. From a security perspective, the site uses HTTPS but lacks advanced security headers and DNSSEC, which could improve its security posture. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is clearly provided, but no formal security or incident response policies are disclosed. Overall, the website is professional and trustworthy for a personal creative portfolio but would benefit from enhanced security practices and privacy compliance measures to reduce risk and improve user trust.

I

Internetové obchody - iObchody.com

iobchody.com

40

iObchody.com is an online Czech and Slovak e-commerce catalog platform listing over 5,300 internet shops across multiple categories such as electronics, home goods, fashion, and more. The site serves as a directory and referral service for online shoppers in the region. Technically, the website is basic, using legacy HTML and JavaScript with no modern CMS or frameworks detected. It lacks HTTPS encryption and security headers, which exposes users to potential risks. The site includes a cookie consent banner but lacks privacy and terms of service pages, indicating limited compliance with modern privacy standards. Security posture is weak due to missing SSL and security best practices. Overall, the site is functional but outdated and requires modernization and security improvements to enhance trust and user safety.

I

impire.cz

impire.cz

63

Impire.cz is a small Czech web development company specializing in creating custom websites, e-shops, corporate systems, SEO services, and web hosting. Established since 2010, the company has completed over 200 projects and serves clients primarily in the Czech Republic. Their market position is that of a reliable local provider with a strong focus on professionalism and client satisfaction. Technically, the website uses a modern stack including PHP, JavaScript, and the Nette framework, with good mobile optimization and moderate performance. Security posture is adequate with HTTPS and cookie consent implemented, but lacks advanced security headers and published security policies. Privacy compliance is basic, with no explicit privacy or terms of service pages found. Overall, the website is professional, trustworthy, and business-focused, with room for improvement in security and privacy transparency.

The website www.zacit.cz currently serves as a placeholder error page indicating that the original project hosted by NetStranky.cz has been terminated due to administrative and legal burdens. There is no active business content, contact information, or legal disclosures present. The domain WHOIS data is unavailable, suggesting the domain may be inactive or deregistered. Technically, the site uses outdated JavaScript libraries and lacks modern security headers or privacy compliance mechanisms. The overall security posture is minimal, with no evident vulnerabilities but also no proactive security measures. Given the lack of content and WHOIS data, the site poses low risk but also offers no business value or trust signals.

O

Otrokovické noviny

otrokovickenoviny.cz

57

Otrokovické noviny is a local Czech news publication providing monthly detailed information about the city of Otrokovice. The website is built on the Wix platform, indicating a moderate level of digital maturity with standard web technologies and basic SEO and mobile optimization. The site presents a professional design and clear navigation but lacks critical compliance elements such as privacy and cookie policies, as well as visible contact information. Security posture is basic with HTTPS enabled but missing important security headers and incident response details. The absence of WHOIS data due to privacy protection limits the ability to fully verify domain legitimacy, slightly reducing trust. Overall, the website serves its purpose as a local news source but requires improvements in compliance and security transparency.

M

M+MP spol. s r.o.

benesovdnes.cz

46

BenešovDnes.cz is a regional information portal serving Benešov and its surrounding areas in the Czech Republic. It provides a comprehensive range of services including local news, job listings, business directories, event calendars, and travel tips. The site is part of the InfoDnes.cz network, which supports regional media portals. The business model relies on advertising and paid listings, targeting local residents and businesses. The portal has a consistent brand presence and regularly updated content, positioning it as a trusted local media source. Technically, the website uses standard web technologies such as HTML5, CSS, and JavaScript, with advertising integrations from Google Adsense and Seznam SSP. The site is mobile optimized and includes basic SEO and accessibility features. However, no CMS or hosting provider details are explicitly identified. Performance is moderate with room for improvement in security headers and technical modernization. From a security perspective, the site enforces HTTPS and includes basic input validation on forms. However, it lacks advanced security headers and explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Privacy compliance is basic, with visible cookie consent and a privacy policy, but no detailed GDPR or security framework disclosures. Overall, the website is functional and professional for its purpose but shows gaps in domain registration transparency and advanced security practices. The absence of WHOIS data reduces trust slightly, though the site content and network affiliation support legitimacy. Strategic improvements in security posture and transparency would enhance trust and compliance.

Z

Zednictví Kulkus

zednictvi-kulkus.cz

50

Zednictví Kulkus is a small, regionally focused construction and renovation company based in Perná, Czech Republic, operating since 1989. The company specializes in masonry and tiling work, turnkey renovations of residential cores and bathrooms, and offers additional services such as machine plastering and poured anhydrite and concrete floors. Their market position is that of a trusted local service provider primarily serving the South Moravian region including Mikulov, Břeclav, and Brno areas. The website reflects a professional small business with clear contact information and a focus on customer satisfaction. Technically, the website uses standard web technologies including HTML5, CSS, JavaScript, and jQuery, with integration of Google Analytics and Google Tag Manager for visitor tracking. The site is hosted likely via Wedos, a Czech hosting provider, and shows basic mobile optimization and SEO practices. However, no CMS or advanced frameworks are detected, indicating a custom or static site. From a security perspective, the site lacks visible security headers and there is no explicit privacy policy or terms of service. The cookie consent mechanism is implemented, indicating some GDPR awareness. The absence of HTTPS enforcement data and security policies suggests room for improvement in security posture. No critical vulnerabilities or malicious content were detected. Overall, the website is a functional and professional representation of a small local construction business with moderate technical maturity and basic privacy compliance. Strategic improvements in security headers, privacy documentation, and HTTPS enforcement would enhance trust and compliance.

R

Robert Mročka a Lambda-comp s. r. o.

360pano.cz

46

The website 360pano.cz represents a small Czech business specializing in the creation of virtual tours and reportage photography, primarily serving hotels, companies, and municipalities. The business has been operating since at least 2009, demonstrating a stable market presence with a portfolio of satisfied clients and certifications such as Google Street View photographer status. Technically, the website uses traditional web technologies including HTML, CSS, JavaScript, and jQuery, with a focus on visual presentation through image sliders and galleries. However, the site lacks modern CMS integration and shows signs of aging technology stacks. Security posture is moderate but lacks critical elements such as HTTPS enforcement and security headers, which are essential for protecting user data and enhancing trust. Privacy compliance is minimal, with no privacy policy or terms of service found, though a cookie consent banner is implemented. Overall, the site is functional and professional but would benefit from modernization and improved security and compliance measures.

The website nmosdyourway.com serves as an educational platform providing a podcast series focused on neuromyelitis optica spectrum disorder (NMOSD) patients worldwide. Developed by Alexion Pharmaceuticals, a part of AstraZeneca Rare Disease, the site aims to support patients and caregivers through expert and patient-hosted content. The business model centers on patient education and advocacy, positioning itself as a trusted resource in the rare disease healthcare sector. The site leverages a mature technical infrastructure including Sitecore CMS and Adobe Analytics, hosted on AWS, ensuring reliable performance and moderate user tracking for analytics purposes. Privacy and cookie compliance are well implemented with clear policies and consent mechanisms linked to the parent company’s legal pages. However, direct contact information and explicit security policies are not present on the site, which could be improved to enhance user trust and incident response readiness. Overall, the site demonstrates a good security posture with HTTPS enabled and no visible vulnerabilities, but could benefit from additional security headers and transparency around security practices. The domain registration is consistent with a legitimate new campaign site, supporting the credibility of the business. The content is safe for general audiences, with no adult or explicit material detected.

I

Institute of Physics

iop.org

77

The Institute of Physics (IOP) is a well-established professional body and learned society dedicated to promoting physics in the UK and Ireland. The website serves as a comprehensive platform for physicists, educators, students, and the general public, offering membership services, educational resources, policy advocacy, events, and publications. The organization holds a strong market position as a leading physics institution with international collaborations and a focus on inclusivity and accessibility. Technically, the website is built on the Drupal CMS platform, leveraging modern web technologies including Google Tag Manager for analytics and OneTrust for cookie consent management. The site demonstrates good performance, excellent mobile optimization, and accessibility features, reflecting a mature digital infrastructure. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates cookie consent mechanisms, indicating a solid security posture. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are not publicly available, representing areas for improvement. Overall, the website is professional, trustworthy, and compliant with privacy regulations such as GDPR. The lack of WHOIS data is mitigated by the site's transparency and consistent branding. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure information, and enhancing direct security contact options to further strengthen trust and compliance.

A

Adaptic, s. r. o.

adaptic.biz

46

Adaptic, s. r. o. is a Czech-based technology service provider specializing in custom web design, internet applications, and digital marketing. Founded in 2006, the company has established a solid market presence with a portfolio of several hundred projects for notable clients such as Whirlpool, Seznam.cz, and CzechTourism. Their key services include bespoke website and application development, a proprietary CMS platform (Adaptic Admin), and comprehensive marketing solutions including SEO and PPC management. The company is led by an experienced director with nearly two decades in the industry, ensuring professional project management and quality control. Technically, the website demonstrates a mature infrastructure using PHP 7.4, MySQL, and the Nette framework with Latte templating. The site is mobile-optimized, well-structured, and employs modern web standards. Google Analytics and Tag Manager are used for visitor tracking, although no explicit cookie consent mechanism is present. The custom CMS indicates a strong internal capability for tailored solutions. Performance is moderate with good SEO and accessibility practices. From a security perspective, HTTPS is enabled, and the architecture supports secure development practices. However, the absence of explicit security headers and privacy/cookie policies represents compliance and security gaps. No vulnerabilities or exposed sensitive data were detected in the content. WHOIS data is unavailable, likely due to privacy protection, but the website provides transparent company registration and contact information, supporting legitimacy. Overall, the website and business present a trustworthy and professional front with room for improvement in privacy compliance and security hardening. Strategic enhancements in these areas would strengthen user trust and regulatory adherence.

The Académie royale de langue et de littérature françaises de Belgique (ARLLFB) is a prestigious cultural and literary institution founded in 1920, dedicated to promoting French language and literature in Belgium. The website serves as an informational portal highlighting its history, members, literary prizes, publications, and events. It targets academics, writers, philologists, and the francophone literary community. The institution holds a respected position in the cultural sector with a small organizational size and a focus on non-commercial activities. Technically, the website is built using basic HTML, CSS, and JavaScript without modern CMS or frameworks. It lacks mobile optimization and uses an outdated character encoding (iso-8859-1). The site performance is moderate, with basic SEO and accessibility features. There is no evidence of advanced analytics or tracking services. From a security perspective, the site does not enforce HTTPS in the provided data, lacks security headers, and does not publish privacy or cookie policies, indicating compliance and security gaps. No incident response or vulnerability disclosure mechanisms are evident. The WHOIS data aligns well with the institution's identity, supporting legitimacy. Overall, the website is functional and informative but requires significant improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

The Academy of Neurologic Physical Therapy Education Center operates as a specialized educational platform providing neurologic physical therapy professionals with evidence-based courses, webinars, and podcasts. It is affiliated with the American Physical Therapy Association, reinforcing its credibility and market position as a leader in neurologic physical therapy education. The website targets healthcare professionals seeking continuing education and professional development in this niche field. Technically, the website employs standard web technologies such as jQuery and Bootstrap, with a custom or proprietary CMS. The site is moderately performant, mobile-optimized, and accessible at a basic level. SEO and accessibility could be improved further. Security practices include HTTPS enforcement and CSRF tokens on forms, but lack advanced security headers and DNSSEC, indicating room for enhancement. From a security perspective, the site is reasonably secure with no immediate critical vulnerabilities detected. However, the absence of DNSSEC and security headers, along with no visible incident response or security policy pages, suggests a moderate security maturity level. Privacy compliance is partially met with a comprehensive privacy policy and terms of service, but no cookie consent mechanism is present. Overall, the website is professional, trustworthy, and serves its educational purpose well. Strategic improvements in security headers, DNSSEC, cookie consent, and enhanced accessibility would strengthen its posture and compliance. The domain registration data aligns well with the business claims, supporting legitimacy and trustworthiness.

F

Folio AS

folio.no

70

Folio AS operates a modern, simple online banking platform tailored for small businesses and self-employed individuals in Norway. The service is delivered in partnership with Sparebanken Norge, providing a full suite of banking products including business accounts, payment cards, and integrated accounting tools. The website demonstrates a strong market position with high customer satisfaction and a clear focus on ease of use and transparency. Technically, the site is built on a modern Next.js framework with React, optimized for performance and mobile responsiveness. Security posture is robust with HTTPS, security headers, and consent management in place, though explicit security policies and incident response information are not publicly detailed. Overall, Folio presents a trustworthy and professional digital presence with room for improvement in transparency around security and contact details.

M

Marketreach

marketreach.co.uk

57

Marketreach is a UK-based marketing insights and consultancy service specializing in mail marketing, affiliated with Royal Mail Group. The website provides extensive resources including success stories, research, training, and expert guidance to help brands leverage mail effectively. The technical infrastructure is modern, built on Drupal 10 with integrated tag management via Tealium, ensuring good performance and mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though some security headers and explicit incident response contacts are missing. Overall, the site is professional, trustworthy, and compliant with privacy regulations, serving marketing professionals and businesses seeking to optimize mail campaigns.

I

ILUNION Hotels

ilunionhotels.com

69

ILUNION Hotels is a well-established hospitality chain in Spain offering accessible accommodations ranging from 3 to 5 stars. The website supports multiple languages and provides direct online booking capabilities along with business and agency portals. The technical infrastructure is built on Adobe Experience Manager, complemented by OneTrust for cookie consent and Adobe Analytics for tracking. The site demonstrates good mobile optimization, accessibility, and SEO practices. Security posture is solid with HTTPS and cookie consent, though improvements can be made by adding security headers and publishing explicit security policies. Overall, the domain registration and website content align well, indicating a legitimate and professional business presence.

V

Verkehrsverbund Ost-Region

vor.at

64

Verkehrsverbund Ost-Region (VOR) operates as a major public transportation network serving Vienna, Lower Austria, and Burgenland. The website provides comprehensive services including current timetables, ticket sales, route planning via the VOR AnachB app, and customer support. The organization targets public transport users in the Austrian eastern region, positioning itself as a key regional mobility provider with a large operational footprint. The site is professionally designed, mobile-optimized, and offers clear navigation and extensive user resources.

R

REFRESHER Media, s.r.o.

refresher.sk

65

REFRESHER.sk is a well-established Slovak online media company founded in 2011, specializing in lifestyle, culture, and news content targeted at the modern generation. The website offers a rich variety of content including articles, videos, podcasts, quizzes, and premium subscription services. It maintains a strong market position as a leading lifestyle and news portal in Slovakia, supported by a consistent brand and high-quality content. Technically, the site leverages modern web technologies such as AMP, JavaScript frameworks, and Cloudflare DNS with DNSSEC enabled, ensuring fast performance and mobile optimization. Security posture is robust with HTTPS enforced, security headers likely in place, and consent management for cookies implemented. However, explicit security policies and incident response contacts are not publicly available. Overall, the site demonstrates a mature digital presence with good privacy compliance and trustworthy business credibility.

B

BlueBud-Soft Ltd.

jd-dian.com

58

The website jd-dian.com represents BlueBud-Soft Ltd., a company specializing in electronic menu software solutions tailored for small to medium-sized restaurants. Their flagship product, 简单点点, offers a tablet-based electronic menu system designed to enhance restaurant management and customer experience. The company has a stable market presence in China and some overseas markets, focusing on providing stylish, easy-to-use digital menus and related services such as membership management and cloud menu access. Technically, the website is built with standard web technologies including HTML, CSS, JavaScript, and jQuery, hosted on Alibaba Cloud. It supports mobile users via a dedicated mobile site and employs HTTPS for secure communications. However, the site lacks advanced security headers and DNSSEC, which could be improved. The site uses Baidu Analytics for user tracking but does not provide cookie consent or privacy policies, indicating compliance gaps. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. The absence of privacy and cookie policies and security incident contacts are notable gaps. The domain registration data aligns well with the business claims, showing a consistent and legitimate registration history. Overall, the website is professional and functional with good business credibility but requires enhancements in privacy compliance and security best practices to improve trust and regulatory adherence.

BETC FULLSIX is a well-established French digital and creative agency specializing in consulting, digital innovation, and data-driven marketing services. The company operates under the Havas Group umbrella and targets brands seeking comprehensive digital transformation and creative solutions. The website reflects a mature digital presence built on modern technologies such as React and Next.js, integrated with Prismic CMS for content management. The site is professionally designed, mobile-optimized, and provides clear navigation and rich content relevant to its audience. Security posture is adequate with HTTPS enabled and domain transfer protections, though improvements in DNSSEC and security headers are recommended. Privacy compliance is strong, with clear cookie and privacy policies aligned with GDPR requirements. No incident response or vulnerability disclosure information is publicly available, which could be enhanced to improve trust. Overall, the website and business demonstrate high professionalism and credibility in the digital agency market.

P

PHPStan s.r.o.

phpstan.org

62

PHPStan s.r.o. operates phpstan.org, a well-established open-source static analysis tool for PHP developers. The company offers a free core product and a premium subscription service called PHPStan Pro, which provides enhanced features such as a web UI and continuous background analysis. The website is professionally designed, mobile-optimized, and provides clear navigation and calls to action, targeting PHP developers and teams aiming to improve code quality and reduce bugs. The business model leverages open-source community engagement supplemented by premium subscriptions, positioning PHPStan as a reputable player in the PHP tooling ecosystem. Technically, the website employs modern web technologies including ES modules, CSS, and minimal JavaScript for analytics via Fathom. Hosting appears to be on Amazon AWS infrastructure, inferred from DNS nameservers. The site loads quickly, is accessible, and SEO optimized with proper meta tags and Open Graph data. However, no CMS or major frameworks are detected, indicating a custom or lightweight static site approach. From a security perspective, the site enforces HTTPS with a good SSL configuration and does not expose sensitive data or vulnerable libraries. However, it lacks DNSSEC, security headers, and published security policies or incident response contacts. Privacy compliance is weak due to the absence of privacy and cookie policies or consent mechanisms. No contact emails or phone numbers are provided, limiting direct communication channels. Overall, the website is trustworthy and professional with a strong community presence but would benefit from enhanced privacy compliance and security transparency to improve user trust and regulatory adherence.

蓝蕾（厦门）软件科技有限公司是一家成立于2011年的中国厦门港资软件研发企业，专注于餐饮行业的电子菜单软件和产品展示工具的开发与销售。公司拥有自主研发的核心产品如“简单点点”和“简单秀秀”，并通过官方在线商城进行软件销售，定位为区域性专业软件开发商，客户信赖度较高。网站内容丰富，设计专业，导航清晰，适合目标企业客户和餐饮行业用户。

Takeda Pharmaceutical Company Limited is a leading global bio-pharmaceutical company headquartered in Japan, specializing in research, development, manufacturing, and distribution of pharmaceutical products. The website targets patients, healthcare professionals, investors, and the general public, providing comprehensive corporate and scientific information in Czech language. The company emphasizes its commitment to patients, people, and the planet, reflecting its corporate responsibility and sustainability initiatives. Technically, the website is built using modern web technologies including React and Next.js, ensuring good mobile optimization, accessibility, and SEO. The site loads with moderate performance and includes structured data for enhanced search engine understanding. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms implemented. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers such as Content Security Policy and Strict-Transport-Security. No critical vulnerabilities or exposed sensitive data were detected. However, explicit security policies and incident response information are not publicly available, suggesting room for improvement in transparency. Overall, the website presents a professional, trustworthy, and secure digital presence consistent with a large pharmaceutical enterprise. The lack of WHOIS data is likely due to privacy protection and does not detract from the legitimacy of the site. Strategic recommendations include publishing detailed security policies, adding vulnerability disclosure mechanisms, and enhancing incident response contact visibility.

A

ai.mobirise.com

mobirise.ws

68

The website chatgpt.com/g/g-yg5WelQdV-ai-website-builder offers a free AI-powered website builder tool developed by ai.mobirise.com. It targets general users interested in creating websites easily by providing a generator that allows inputting site details in any language and downloading the generated site as a zip file for hosting anywhere. The site uses modern web technologies including React and Cloudflare DNS services, indicating a moderate level of digital maturity and performance optimization. Security posture is strong with HTTPS enabled and domain locked with multiple EPP status prohibitions, although DNSSEC is not enabled and some security headers are not explicitly detected. Privacy compliance is weak due to the absence of privacy and cookie policies, and no contact or incident response information is provided. Overall, the site is safe for general audiences and professionally presented but lacks some compliance and transparency features.

S

Sdružení obcí mikroregionu Valašské Klobucko

valasskeklobucko.cz

48

The website valasskeklobucko.cz serves as the official online portal for the Valašské Klobucko microregion, providing comprehensive information on tourism, local traditions, events, history, nature, accommodation, and gastronomy. It targets tourists and local residents interested in exploring or learning about the region. The business model is informational and promotional, typical for a government or non-profit regional entity. The site maintains a consistent brand presence and offers social media engagement channels to extend its reach. Technically, the website is built on the vismo CMS platform, utilizing standard web technologies including HTML5, CSS, JavaScript, and integrates Google Analytics and Tag Manager for visitor tracking. It supports mobile optimization and basic accessibility features. The site includes a cookie consent mechanism compliant with GDPR requirements, enhancing user privacy controls. From a security perspective, the site enforces HTTPS and employs cookie consent with granular options. However, it lacks visible security headers such as CSP or HSTS, and does not provide explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the content. Overall, the security posture is moderate but could be improved with additional headers and documented policies. The overall risk assessment is low, with the site appearing trustworthy and professionally maintained. Strategic recommendations include implementing security headers, publishing security and incident response policies, and continuous monitoring of third-party scripts. These steps will enhance the site's security maturity and user trust.

M

Město Luhačovice

luhacovice.eu

10

The website www.luhacovice.eu serves as the official online presence for the town of Luhačovice in the Czech Republic, providing comprehensive information for residents and visitors including local news, cultural events, tourism, and municipal services. The site is well-structured, professionally designed, and targets both local citizens and tourists interested in wellness and cultural activities. The business model is focused on municipal communication and tourism promotion, positioning the site as a trusted source of local information. Technically, the site uses a custom CMS with standard web technologies such as HTML5, CSS, JavaScript, jQuery, and Tiny Slider for UI components. It is mobile-optimized and accessible, with good SEO practices evident in meta tags and structured navigation. Performance is moderate, with room for improvement in loading speed and modern security headers. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism, indicating awareness of privacy compliance. However, it lacks advanced security headers and does not provide explicit incident response or vulnerability disclosure information. No critical vulnerabilities or suspicious content were detected, and the site maintains a good security posture for a municipal website. Overall, the website is a credible, safe, and professional municipal portal with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a vulnerability disclosure policy to further strengthen trust and security posture.

C

CzechTourism

eden-czechtourism.cz

42

The website www.eden-czechtourism.cz serves as an official platform promoting the EDEN (European Destinations of Excellence) project coordinated by CzechTourism, a government agency. It highlights sustainable tourism destinations in the Czech Republic with a focus on accessibility and cultural heritage. The site is professionally designed with consistent branding and provides detailed information about winning destinations and project goals. However, it lacks explicit privacy, cookie, and terms of service policies, and does not provide direct contact information on the main pages. Technically, the site uses legacy JavaScript libraries and basic SEO and accessibility features, with moderate performance and mobile optimization. Security posture is moderate with HTTPS usage implied but no visible security headers or advanced protections. Google Analytics is used for visitor tracking without visible consent mechanisms, indicating privacy compliance gaps. WHOIS data is unavailable, likely due to privacy protection, but the site’s affiliation with CzechTourism and European Commission projects supports its legitimacy.

APSIS Lead operates as a technology-driven marketing platform specializing in lead management and marketing automation, providing users with a secure login portal. The website content is minimal, focusing primarily on user authentication without public-facing business or compliance information. The technical infrastructure leverages common web technologies including JavaScript, jQuery, Google Fonts, and tracking tools such as Google Analytics and ProspectEye. Hosting and domain registration are managed through reputable providers, with the domain established in 2015, aligning with the company's operational timeline. From a security perspective, the site employs basic best practices such as form POST methods and domain status locks to prevent unauthorized domain changes. However, it lacks DNSSEC, visible security headers, and explicit HTTPS enforcement details, indicating potential areas for security enhancement. Privacy and cookie policies are absent, which may impact GDPR compliance and user trust. No incident response or security contact information is provided, limiting transparency in security governance. Overall, the website presents a moderate risk profile with no critical vulnerabilities detected but notable gaps in privacy compliance and security hardening. The absence of contact information and policies reduces business credibility and user confidence. Strategic improvements in security headers, privacy disclosures, and user communication channels are recommended to elevate trust and compliance standards.

N

NIDO Europe – HOME LAND DEVELOPEMENT

nidoeurope.org

45

NIDO Europe is a land development focused business operating in Europe, as indicated by the website title. The website is built on WordPress using the Salient theme, reflecting a basic but functional technical infrastructure. The site lacks comprehensive content, contact information, and privacy or cookie policies, which limits its digital maturity and trustworthiness. Security posture is minimal with no detected security headers or advanced protections, and WHOIS data is unavailable due to a malformed request or privacy protection, reducing transparency and trust. Overall, the website presents a basic online presence with room for significant improvements in security, compliance, and business credibility.

R

Regina Schneiderová

uzmrzlinare.cz

46

U Zmrzlináře is a small local ice cream business based in Valtice, Czech Republic, operating since 2019. The website serves as an informational portal providing contact details, location, and social media links to customers. The business targets local residents and visitors seeking ice cream services. The site uses a simple technical stack including Bootstrap and Google Tag Manager for analytics, hosted by WEDOS, a Czech hosting provider. The website is basic in design and content but functional for its purpose. Security posture is minimal with no advanced headers or policies detected, and privacy compliance is lacking due to absence of privacy and cookie policies. Overall, the domain registration data aligns well with the business profile, indicating legitimacy and consistency.

S

Schloss Wilfersdorf

liechtenstein-schloss-wilfersdorf.at

60

Schloss Wilfersdorf is a cultural and hospitality business centered around the historic Wilfersdorf Castle, serving as a regional tourism landmark in Austria. The website presents the castle as a family-friendly destination offering events, exhibitions, and wine-related hospitality services such as a Heurigenbetrieb and Vinothek. The site is built on the Wix platform, leveraging Wix's Thunderbolt framework and standard web technologies. While the technical infrastructure is modern and mobile-optimized, the website lacks critical privacy and security policies, contact information, and WHOIS transparency. Security posture is moderate with HTTPS enabled but missing key security headers and compliance documentation. Overall, the site is functional and professional but would benefit from enhanced privacy compliance and transparency to improve trust and security.

H

Hockey Roanne

hockeyroanne.com

45

Hockey Roanne is a local sports organization focused on hockey, as indicated by the website content and branding. The website is currently under maintenance, providing basic contact information and links to ticketing and location services. The business targets local sports fans and community members interested in hockey events. The domain is well-established since 2009, consistent with a small sports club's history. Technically, the website is built on WordPress and uses common web technologies such as CSS, JavaScript, Font Awesome, and Google Fonts. Hosting is provided by OVH sas, a reputable provider. The site currently has basic mobile optimization and SEO features but lacks advanced accessibility and performance optimizations. The site uses a coming soon/maintenance plugin, limiting content availability. From a security perspective, the domain has protective status flags but lacks DNSSEC and visible security headers. No privacy or cookie policies are published, and no incident response or vulnerability disclosure information is available. The site does not appear to use analytics or tracking services, indicating minimal user tracking. Overall security posture is basic with room for improvement. The overall risk is moderate given the limited content and lack of advanced security or privacy features. Strategic improvements in security headers, privacy compliance, and content availability would enhance trust and user experience.

N

NEOTA CZ s.r.o.

neotashop.cz

51

NEOTA CZ s.r.o. is a Czech Republic-based manufacturer and wholesaler specializing in air-to-water heat pumps and ceiling heating and cooling systems. The company targets wholesale partners and end customers seeking efficient heating solutions. Their website offers a comprehensive product catalog, detailed business information, and a blog with relevant industry content, positioning them as a reputable player in the energy sector within their region. Technically, the website is built on the Eshop-rychle.cz platform, utilizing modern web technologies including Google Tag Manager and Plausible Analytics for tracking. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the site enforces HTTPS, uses secure forms, and implements cookie consent mechanisms with CAPTCHA for newsletter subscriptions. However, it lacks explicit security policies and incident response contacts, and no WHOIS data is available for the domain, which slightly reduces trust. Overall, the website is professional and trustworthy but would benefit from enhanced transparency in security and domain registration details.