Security Directory

Cleva is a fintech startup founded in 2023 that provides US-based dollar accounts and virtual USD cards to global users, including non-US residents. The company positions itself as a solution for cross-border USD banking, enabling users to receive payments from platforms like Upwork, Deel, and Amazon, convert currencies, and make transfers with low fees. Supported by Y Combinator and featured in reputable media outlets, Cleva demonstrates a growing market presence in the fintech space. The website is built on modern technologies such as React and Next.js, hosted on AWS infrastructure, and optimized for mobile devices with good performance and SEO practices. Security posture is solid with HTTPS and domain protections, though improvements are needed in DNSSEC and security headers. Privacy compliance is weak due to the absence of privacy and cookie policies and lack of consent mechanisms. Overall, the site is professional and trustworthy but should enhance transparency and security policies to improve compliance and user trust.

G

Fluently: Your AI English Speaking Coach

getfluently.app

62

Fluently is an AI-driven English speaking coach platform offering affordable and accessible language tutoring services. The website positions itself as a cost-effective alternative to traditional human tutors, targeting English learners who want to improve speaking skills and confidence. The technical infrastructure is built using Framer with integrations of popular analytics tools such as Google Analytics, Facebook Pixel, Amplitude, and Plausible, indicating a modern digital maturity level. Security posture is strong with HTTPS enforced and appropriate security headers, but lacks visible privacy and cookie policies, as well as contact information and incident response details, which are important for compliance and trust. Overall, the site is functional and professional but would benefit from enhanced transparency and compliance documentation.

L

Liquid Instruments

liquidinstruments.com

68

Liquid Instruments is a technology company specializing in innovative software-reconfigurable hardware platforms designed for scientists, engineers, students, and professionals in test and measurement fields. Their flagship product, Moku, offers multi-instrument modes and cloud compilation services, positioning them as a niche leader in scientific instrumentation. The website reflects a professional and modern digital presence, leveraging WordPress with advanced marketing and analytics integrations such as HubSpot, Google Analytics, and Hotjar. The technical infrastructure is robust, hosted on DreamHost with a secure HTTPS configuration and a consistent branding approach. Security posture is strong with enforced HTTPS, cookie consent mechanisms, and no detected vulnerabilities, although some security headers could be enhanced. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent banner. Overall, the website demonstrates a mature digital footprint with good business credibility and technical implementation.

A

Ai Palette

aipalette.com

57

Ai Palette operates an AI-powered SaaS platform focused on accelerating product innovation and market intelligence primarily for the food and beverage industry. Their platform offers multiple AI-driven tools such as trend discovery, product concept creation, virtual validation, and a chat-driven assistant for food innovation. The website is professionally designed using WordPress with modern plugins and SEO optimizations, indicating a mature digital presence. Security posture is generally good with HTTPS enabled and anti-spam measures in place, but lacks explicit security policies and headers. Privacy compliance is weak due to absence of privacy and cookie policies and consent mechanisms. The domain WHOIS data is missing, which raises concerns about domain legitimacy despite the active and professional website. Overall, the site is functional and credible but requires improvements in privacy compliance and domain registration transparency.

P

Private by Design, LLC

texel.ai

57

Texel.ai is a US-based technology startup founded in 2022, operating as a SaaS platform that enables users to create and edit images, videos, and audio using AI-powered tools and APIs. The platform targets developers and businesses seeking fast, cost-effective AI media generation and editing solutions. The website presents a professional and modern design with clear navigation, showcasing key services and partner logos to build trust. Technical infrastructure leverages Django, Tailwind CSS, and Cloudflare DNS, with Google Analytics for user tracking. Performance and mobile optimization are good, though accessibility is basic. Security posture is solid with HTTPS and domain protections but lacks explicit security headers and published policies. Privacy compliance is weak due to missing privacy and cookie policies. WHOIS data is consistent and supports legitimacy. Overall, the site scores well on content and technical implementation but needs improvements in privacy and security transparency.

C

Cloudchipr

cloudchipr.com

66

Cloudchipr is a technology company offering a cloud optimization platform that empowers teams with AI agents to optimize cloud costs, explain anomalies, send reports, and automate workflows. The platform targets FinOps professionals, engineers, and leadership teams, providing real-time observability and management across multiple cloud providers. The website is professionally designed using Webflow CMS and integrates modern analytics and marketing tools such as Google Analytics, HubSpot, Facebook Pixel, and PostHog. Hosting and DNS are managed via Cloudflare, ensuring good performance and security. Security posture is solid with HTTPS enabled and reCAPTCHA used for forms, but lacks DNSSEC and explicit security headers. Privacy compliance is weak due to missing privacy and cookie policies and no visible consent mechanisms. Business credibility is supported by consistent WHOIS data and professional content, but contact information is not explicitly provided. Overall, the website is functional and professional but requires improvements in privacy compliance and security transparency.

S

Speedoc Singapore

speedoc.com

62

Speedoc Singapore operates as a healthcare service provider specializing in delivering medical services such as doctor home visits and telemedicine consultations within Singapore. The company positions itself as a convenient and accessible healthcare solution, bringing doctors, nurses, ambulance, and medicine directly to patients' locations. The website reflects a medium-sized enterprise with a focus on the Singapore market and healthcare sector. Technically, the site is built using modern web technologies including React and Next.js, with integration of popular analytics and marketing tools such as Google Analytics, Facebook Pixel, and LinkedIn Insight. The site is mobile optimized and presents a professional user experience with good SEO practices. Security-wise, the website enforces HTTPS and uses hCaptcha for bot protection, but lacks some security headers and explicit privacy and cookie policies, which are areas for improvement. The WHOIS data for the subdomain sg.speedoc.com is unavailable, which is typical for subdomains, but the main domain's registration details are not provided here. Overall, the website is credible and functional but could enhance privacy compliance and security posture further.

Nasdaq Baltic operates as the regional stock exchange platform for the Baltic countries of Estonia, Latvia, and Lithuania, providing trading services for shares, bonds, and funds. The website serves investors, companies, brokers, and advisers by offering real-time market data, news, and capital raising facilitation. It is part of the larger Nasdaq Inc. corporate group, reflecting a strong market position in the finance sector. The site is professionally designed with consistent branding and clear navigation, targeting financial market participants and stakeholders in the Baltic region. Technically, the website is built on WordPress with modern front-end technologies including Bootstrap, jQuery, Swiper.js, and Highstock for data visualization. It integrates Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile optimized and SEO friendly, with structured data enhancing search engine understanding. Hosting and domain registration are managed by reputable providers, ensuring stable infrastructure. From a security perspective, the site enforces HTTPS and employs domain status locks to prevent unauthorized changes. However, DNSSEC is not enabled, and no explicit security headers or incident response policies are published. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. No critical vulnerabilities or exposed sensitive data were detected. Overall, Nasdaq Baltic's website demonstrates a mature digital presence with strong business credibility and good security hygiene. Strategic improvements could focus on enhancing DNS security, publishing formal security policies, and expanding incident response transparency to further strengthen trust and compliance.

V

Váš Hosting s.r.o.

hlidam.to

66

Hlídám.to is a Czech-based professional server monitoring service operated by Váš Hosting s.r.o. The company offers uptime and performance monitoring, outage alerts, email server monitoring, and API access, targeting website owners and IT administrators in the Czech market. The website is well-structured, with clear navigation and legal compliance including privacy and cookie policies. Technically, the site uses a custom CMS with common JavaScript libraries and frameworks such as jQuery and Bootstrap, and integrates third-party analytics and advertising tools with user consent. Security posture is solid with HTTPS enforced and secure login forms, though explicit security headers are not detected. No direct company contact emails or phone numbers are publicly listed, with contact primarily via a web form. Overall, the site demonstrates a good balance of business professionalism, technical implementation, and privacy compliance.

C

Control Web Panel

centos-webpanel.com

52

Control Web Panel (CWP) is a free Linux web hosting control panel designed to simplify server management for dedicated and VPS servers without requiring extensive SSH console use. The website positions itself as a niche open-source alternative to commercial control panels, offering a broad feature set including web server management, PHP configuration, user and DNS management, email services, security features, and database administration. The business model includes free software with optional paid PRO support and additional services such as AntiDDoS Proxy and Service Monitoring. The site has an active social media presence and a long-standing domain registration dating back to 2013, supporting its legitimacy. Technically, the website runs on WordPress 4.9.23 with various plugins and uses technologies like Apache, Nginx, Varnish, PHP, and Postfix for backend services. The site includes Google Analytics for tracking and has moderate performance and basic mobile optimization. SEO practices are good with proper meta tags and structured navigation. However, some components like WordPress and jQuery are outdated, posing potential security risks. From a security perspective, the site uses HTTPS and displays a SiteLock badge indicating PCI compliance and malware scanning. It implements several security best practices such as ModSecurity with OWASP rules, CSF Firewall, and user-level security limits. However, DNSSEC is not enabled, and no explicit HTTP security headers were detected in the HTML content. The absence of a cookie consent mechanism and outdated software versions are notable compliance and security gaps. Overall, the website is functional, professional, and moderately secure but would benefit from updates to software components, enhanced security headers, and improved privacy compliance mechanisms. The domain registration data is consistent with the website's claims, supporting its trustworthiness. Strategic improvements in security and privacy compliance will enhance the site's credibility and reduce risk.

L

Lappset GmbH

lappset.de

57

Lappset GmbH operates as a manufacturer and supplier of innovative playground and sports equipment, targeting organizations and communities interested in promoting active play and social interaction. The website presents a professional and consistent brand image with good content quality and user experience, primarily in German. Technically, the site is built on WordPress, leveraging modern tools such as Google Tag Manager, Google Analytics, and Cookiebot for consent management and analytics. Security posture is adequate with HTTPS enabled and use of reCAPTCHA, though some security headers are missing and no explicit security policy or incident response information is provided. Privacy compliance is supported by a comprehensive cookie consent mechanism, but no explicit privacy policy or terms of service pages were detected in the provided content. Overall, the website is trustworthy and well-maintained, with room for improvement in transparency and security best practices.

E

Ettevõtja infovärav Aktiva

aktiva.ee

40

Aktiva.ee is an Estonian business information portal focused on supporting entrepreneurs at various stages, including startups, operating companies, and those expanding internationally. The platform offers practical guidance, resources, and insights to help businesses succeed, with content tailored to the Estonian market and language. The website is positioned as a trusted resource for business knowledge and development in Estonia, with a clear focus on entrepreneurship and business growth.

B

BNI

bnipodcast.com

64

The Official BNI Podcast website serves as a professional content platform delivering weekly audio discussions led by Dr. Ivan Misner, founder of BNI, the world's largest business networking organization. The site targets business professionals seeking networking education and referral strategies, positioning itself as an authoritative media outlet within the business networking niche. The business model revolves around content publishing, podcast distribution, and educational sponsorships, supported by partnerships with related training and audio program providers. Technically, the website is built on WordPress with a modern tech stack including Yoast SEO, Google Analytics, and various social sharing and marketing plugins. The site demonstrates good mobile optimization and SEO practices, though performance is moderate and accessibility features are basic. Security posture is solid with HTTPS enforced and some security best practices observed, but lacks advanced security headers and a formal vulnerability disclosure mechanism. From a security and compliance perspective, the site includes a cookie consent mechanism indicating GDPR awareness, but lacks a clearly linked privacy policy and terms of service pages. Contact information is limited to forms and subscription emails, with no explicit company emails or phone numbers found. The absence of WHOIS registration data for the domain is a notable concern, potentially indicating domain registration issues or privacy protection, which impacts trustworthiness. Overall, the website is professionally maintained with high-quality content and strong brand association with BNI. However, the missing WHOIS data and incomplete privacy documentation suggest areas for improvement in transparency and compliance. Strategic recommendations include enhancing security headers, publishing comprehensive privacy and terms policies, verifying domain registration legitimacy, and improving accessibility features to strengthen trust and compliance.

A

Artis Zelmenis

artiszelmenis.lv

33

Artis Zelmenis operates a small Latvian-based business website offering a variety of services including web development, SEO, legal assistance, photography, advertising, and educational content. The site targets local SMEs, individuals, and students, providing multilingual content in English, Latvian, and Russian. The business appears niche-focused with a stable presence since 2012. Technically, the website uses standard JavaScript libraries and social media SDKs for Facebook, Twitter, VK, and Draugiem.lv, alongside Google Analytics for traffic monitoring. The site shows moderate performance and basic mobile optimization but lacks modern frameworks or CMS indications. SEO is reasonably addressed with meta tags and multilingual support. Security posture is moderate but with notable gaps: no visible HTTPS enforcement, absence of security headers, and use of some HTTP resources that may cause mixed content issues. Privacy compliance is weak due to missing privacy and cookie policies. Contact information is limited to a contact form without explicit emails or phone numbers. Overall, the website is functional and professional but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user safety.

Baltic Legal operates a specialized immigration and legal consultancy website focused on residence permits and immigration services in Latvia and the broader European Union. The company offers services including residence permits via real estate investment, business investment, and bank deposits, alongside legal assistance in corporate and immigration law. The website is well-structured, multilingual, and provides detailed information about immigration policies, visa requirements, and investment options. Technically, the site uses standard web technologies with Google Analytics and Tag Manager for tracking, but lacks advanced security headers and cookie consent mechanisms. The WHOIS data is fully redacted as per EURid policy, which is typical for .eu domains and does not raise immediate concerns. Overall, the site presents a professional image with moderate technical maturity and some room for security and privacy improvements.

K

Kultuurkapital

kulka.ee

49

Kultuurkapital is a key Estonian non-profit government-related institution dedicated to supporting culture and cultural heritage through targeted funding and grants. The website provides extensive information about various cultural programs, expert groups, and funding opportunities, primarily targeting Estonian cultural organizations and artists. The domain is well-established since 2010 and registered with a reputable Estonian registrar, supporting the legitimacy of the organization. Technically, the website uses the Voog CMS platform and integrates Google Analytics and Tag Manager for user tracking. The site is moderately optimized for performance and mobile devices, with a clear navigation structure and professional design. However, explicit privacy and cookie policies are missing, and no contact emails or phone numbers are directly visible in the HTML content, which may impact user trust and privacy compliance. Security headers are not detected, indicating room for improvement in security posture. Overall, the website is professional and trustworthy but could enhance privacy compliance and security best practices.

I

International Table Tennis Federation

ittf.com

62

The International Table Tennis Federation (ITTF) operates as the global governing body for the sport of table tennis, providing comprehensive event management, rankings, anti-doping enforcement, and governance services. The website serves as the official platform for news, event calendars, and educational resources targeting players, officials, fans, and stakeholders worldwide. The organization maintains a professional digital presence with consistent branding and structured data to enhance search visibility. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for social media integration and video embedding. The site is mobile optimized and demonstrates good SEO practices, though performance is moderate. Analytics and marketing tools such as Google Analytics and AddThis are used for user tracking and engagement. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data or vulnerable libraries. However, it lacks some security headers and explicit incident response contacts. Privacy compliance is partially addressed with a comprehensive privacy policy but lacks a cookie consent mechanism, which may affect GDPR compliance. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces trust but is common for such organizations. Overall, the ITTF website is a credible, well-maintained platform with good content quality and technical implementation. Strategic improvements in security headers, privacy compliance, and transparency around incident response would enhance its security posture and trustworthiness.

E

Eesti Olümpiakomitee

eok.ee

35

Eesti Olümpiakomitee is the official umbrella organization for sports and Olympic activities in Estonia, providing support to athletes, organizing events, and promoting sports culture nationally. The website reflects a well-established non-profit entity with strong partnerships and sponsorships, targeting the Estonian sports community and general public interested in Olympic sports. Technically, the site uses a modern stack including Bootstrap, jQuery, and Voog CMS, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though some improvements in security headers and library updates are recommended. Privacy compliance is moderate with a clear cookie consent mechanism but lacking explicit privacy policy and terms of service pages. Overall, the site is professional, trustworthy, and functional with room for technical and compliance enhancements.

P

PD Instore

neoinstore.com

43

NEO Retail Displayware is a specialized retail merchandising company offering innovative pegboard hardware and signage solutions under the patented neoPEGS™ brand. Their products target retail businesses seeking modern, customizable, and cost-effective displayware. The website is built on WordPress using WPBakery Page Builder and includes standard web technologies such as jQuery and FontAwesome. The technical infrastructure is moderate in performance with good mobile optimization but basic accessibility and SEO features. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to absence of privacy and cookie policies. Contact information is clearly provided, enhancing business credibility. Overall, the website is professional and trustworthy but would benefit from improved privacy and security practices.

T

TESCO

tesco.cz

39

TESCO.cz is a Czech-based technology business specializing in servers and workstations, primarily offering Intel platform servers, server components, custom configurations, and maintenance services. The website presents a straightforward informational portal targeting businesses requiring reliable IT infrastructure hardware. The domain has a long history dating back to 1997, supporting the company's established market presence. Technically, the website uses jQuery and Google Analytics but lacks modern CMS or advanced frameworks. The site is basic in design and functionality, with limited mobile optimization and accessibility features. Security posture is moderate but lacks visible HTTPS confirmation and security headers, and no privacy or cookie policies are present, indicating compliance gaps. Contact information is clearly provided, but no forms or social media links are available. Overall, the site is functional but would benefit from enhanced security, privacy compliance, and technical modernization.

L

LINANTO LLC

control-webpanel.com

63

Control Web Panel (CWP) is a technology company specializing in providing a free and professional Linux web hosting control panel targeted at system administrators and web hosting providers. Founded in 2016 and operated by LINANTO LLC based in Georgia, the company offers both a free version and a paid PRO version with premium support options. The website serves as a comprehensive platform for product information, support, and community engagement, positioning CWP as a competitive alternative to paid control panels with a strong emphasis on security and usability. Technically, the website is built on WordPress with a modern tech stack including Bootstrap, jQuery, and various plugins for enhanced functionality. The site demonstrates good mobile optimization, clear navigation, and moderate performance. Analytics tools such as Google Analytics and Google Tag Manager are employed for user tracking, with basic privacy and cookie policies in place. From a security perspective, the site uses HTTPS and some security best practices but lacks comprehensive security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The domain registration data aligns well with the business claims, supporting the legitimacy of the website. Overall, the website presents a professional and trustworthy front for the business, though improvements in security headers, privacy compliance, and incident response transparency are recommended to enhance trust and compliance.

R

Race for the Cure | Home

raceforthecure.eu

52

Race for the Cure is a European event organization focused on hosting the largest run and walk events across Europe, primarily aimed at charity participation. The website presents a professional and consistent brand image with clear navigation and a focus on participant engagement. Technically, the site is built on ASP.NET WebForms with Telerik UI components and integrates Google Analytics and Tag Manager for tracking. The site is mobile optimized and uses modern web fonts and libraries, though accessibility features are basic. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but lacks explicit security headers and visible incident response or security policies. Privacy compliance is weak due to absence of privacy and cookie policies or consent mechanisms. Business credibility is moderate with good content quality but no explicit contact or company information disclosed. Overall, the site is functional and professional but would benefit from enhanced privacy, security, and transparency measures.

O

Olivia Garden

oliviagarden.eu

71

Olivia Garden is a professional hair styling tools brand offering products such as hair brushes, combs, and scissors. The website targets professional hair stylists and consumers interested in hair care innovations. The brand appears established with a consistent and professional online presence. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, Google Analytics, Cookiebot for consent management, and reCAPTCHA for bot protection, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response information are not publicly available. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website is professional, trustworthy, and well-optimized, with room for improvement in transparency of security policies and contact information.

H

HP Papers - Printing & Copier Paper

hp-papers.eu

66

HP Papers is a European-focused paper product brand specializing in printing and copier paper with a strong emphasis on sustainability and climate action. Their product range includes various paper types certified by ClimatePartner, FSC®, PEFC, and the EU Ecolabel, positioning them as a responsible and quality-conscious player in the manufacturing and retail sectors. The website is built on a modern WordPress infrastructure using Elementor and Astra theme, providing a good user experience with responsive design and clear navigation. However, the absence of explicit privacy and terms of service policies, as well as contact information, limits transparency and user trust. Security posture is adequate with HTTPS and reCAPTCHA usage but lacks visible security headers and formal security policies.

A

Alma Career

lmc.eu

67

Alma Career is a prominent HR and recruitment services provider operating primarily in Czechia and across Europe. The company offers a comprehensive suite of services including job portals, online education platforms, recruitment management tools, employee engagement surveys, and salary benchmarking. Their market position is strong, supported by multiple well-known brands such as Jobs.cz and Platy.cz, serving a broad audience of HR professionals, employers, and job seekers. The website reflects a mature digital presence with modern technologies and a professional design. Technically, the website is built using Next.js and React frameworks, leveraging modern web standards and optimized for performance and mobile responsiveness. The use of Google Tag Manager and Analytics indicates a moderate level of user tracking balanced with privacy compliance. The site employs security best practices including HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response contacts are not published. From a security perspective, the site demonstrates a good posture with no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS data for the domain introduces some uncertainty regarding domain legitimacy, although the strong brand presence and consistent business information mitigate this concern. Overall, the risk is moderate with recommendations to enhance transparency around security policies and incident response. Strategically, Alma Career should focus on publishing detailed security and incident response policies, consider a vulnerability disclosure program, and continue to monitor domain registration details to maintain trust. Enhancing accessibility and expanding data retention disclosures would further improve compliance and user trust.

Z

Zalohujme.cz

zalohujme.cz

48

Zalohujme.cz is a Czech environmental initiative focused on promoting the implementation of a deposit return system for PET bottles and beverage cans in the Czech Republic. The website provides comprehensive information about the benefits of such a system, its operation, and examples from other European countries. It targets the general public, environmental advocates, municipalities, and beverage producers. The platform serves as an educational and advocacy tool to support legislative changes and increase recycling rates. Technically, the website is built on WordPress and employs common web technologies including jQuery, Google Analytics, Google Tag Manager, Facebook Pixel, and Smartlook for user behavior tracking. The site is mobile-optimized with good SEO practices including structured data and meta tags. Performance is moderate, and accessibility is basic but functional. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks some security headers and explicit security policies. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited as no explicit privacy or cookie policies or consent mechanisms were found. Contact information is limited to an email address in the header, with no phone numbers or physical addresses provided. Overall, the website is legitimate and professional in its presentation and content, though the absence of WHOIS data and privacy policies slightly reduces trustworthiness. Strategic improvements in privacy compliance, security headers, and incident response transparency are recommended to enhance the site's security posture and user trust.

AIMS (Association of International Marathons and Distance Races) operates a comprehensive website dedicated to global running events, including marathons and ultradistance races. The organization provides race calendars, results, news, and publishes the Distance Running magazine, positioning itself as a key resource for the international running community. The website targets runners, race organizers, and athletics enthusiasts worldwide, offering a membership model and partnerships with sports, photo, registration, and medals partners. Technically, the site uses a mix of JavaScript libraries such as jQuery, Cycle2, Leaflet.js for maps, and Google Analytics for tracking, with a custom or unknown CMS. The site is mobile optimized and has a moderate performance profile.

T

Turundajate Liit ehk TULI

turundajateliit.ee

42

Turundajate Liit ehk TULI is a professional association in Estonia that unites marketing agencies and brands to develop and improve the marketing sector. The organization acts as a connector, promoter, and evaluator within the marketing industry, offering news, events, job postings, training, and competitions such as the Kuldmuna awards. The website reflects a well-established entity with a clear focus on the Estonian marketing community, providing relevant and regularly updated content. Technically, the site is built on WordPress with modern plugins and analytics tools, ensuring good performance and mobile optimization. Security measures include HTTPS, reCAPTCHA on forms, and standard security headers, though explicit security policies and vulnerability disclosures are absent. Overall, the site demonstrates a strong security posture and compliance with privacy regulations, including GDPR. Contact information and social media presence are clearly provided, enhancing business credibility.

AIMS (Association of International Marathons and Distance Races) operates as a recognized global organization dedicated to the promotion and coordination of marathon and long-distance running events worldwide. The website serves as a comprehensive hub for race calendars, news, results, directories, and publishes the Distance Running magazine, targeting runners, race organizers, and athletics enthusiasts globally. The organization is registered in Great Britain under MSC Publishing & Design Limited, with a domain age consistent with its operational history since 2016. Technically, the website employs a mix of legacy and modern web technologies including jQuery 1.12.4, Cycle2 plugins, Leaflet for mapping, and Google Analytics for user tracking with IP anonymization. The site is mobile responsive with good navigation and content quality, though some technical debt is evident in the use of outdated JavaScript libraries. SEO and accessibility are basic but functional. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks DNSSEC and security headers, and uses an outdated jQuery version with known vulnerabilities. No privacy or cookie policies are present, indicating compliance gaps with GDPR and related regulations. Contact information is limited to a physical address with no emails or phone numbers explicitly provided. No incident response or security policy information is available. Overall, the website is professional and trustworthy with a solid business foundation but requires improvements in privacy compliance, security hardening, and transparency to enhance user trust and regulatory adherence.

T

Think Pink Europe

thinkpinkeurope.org

59

Think Pink Europe is a non-profit organization dedicated to raising awareness and funds to combat breast cancer across Europe. The organization runs major campaigns such as Race for the Cure and Pink@Work, engaging the public and corporate sectors to support breast cancer research and patient care. Their website reflects a well-structured, content-rich platform with clear calls to action for donations and participation in events. Technically, the site is built on a mature ASP.NET framework with modern front-end libraries and integrates Google Analytics and Tag Manager for tracking. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers are missing and no incident response information is published. Overall, the site demonstrates a professional and trustworthy presence suitable for its non-profit mission.

S

SPWeb s.r.o.

firmsys.cz

50

Firmsys.cz is a Czech Republic based technology company specializing in providing compliance and business systems focused on whistleblowing and cookie law adherence. The company, operated by SPWeb s.r.o., offers SaaS solutions tailored for firms, schools, public authorities, and other entities required to comply with EU directives such as EU Directive 2019/1937 and ePrivacy regulations. With over 800 clients and more than a decade of IT service experience, Firmsys positions itself as a reliable partner for legal and compliance system needs. The website is professionally designed, mobile-optimized, and provides clear navigation and comprehensive content in Czech language. Contact and legal information are transparently presented, enhancing trustworthiness. Technically, the site employs modern frameworks like Bootstrap and integrates multiple analytics and marketing tools including Google Analytics, Facebook Pixel, and Seznam Retargeting. Security measures include HTTPS enforcement and Google reCAPTCHA for form protection, although some HTTP security headers are not explicitly detected. Privacy compliance is well addressed with a detailed cookie consent mechanism and GDPR policy. Overall, the site demonstrates a mature digital presence with good security posture and compliance awareness.

M

MR.PARKIT

mrparkit.com

71

MR.PARKIT operates an online parking reservation platform focused on the Czech cities of Prague and Brno, offering users the ability to select parking garages on a map and book parking spaces for days or weeks. The business targets drivers seeking convenient, stress-free parking solutions and positions itself as a local service provider with a user-friendly digital presence. The website is professionally designed with good content relevance and clear navigation, supporting a positive user experience. Technically, the site leverages modern technologies including Google Maps API for location services, Cookiebot for consent management, and integrates multiple analytics and advertising platforms such as Google Analytics, Bing Ads, and Facebook Pixel. Hosting is provided by a Czech hosting provider, and the domain is well aged and consistent with the business profile. Security posture is solid with HTTPS enforced and cookie consent implemented, though there is room for improvement in DNSSEC adoption and security headers. Privacy compliance is strong, with a comprehensive cookie policy and GDPR-aligned consent mechanisms. However, the site lacks visible contact information, terms of service, and explicit security policies, which could be enhanced to improve trust and compliance. Overall, MR.PARKIT presents a credible and functional online service with moderate technical maturity and good privacy practices.

A

AddTex

addtex.eu

55

AddTex is an EU-funded Erasmus Plus project focused on advancing digital and green innovations in the advanced textile industry through innovative learning and training. The project collaborates with a network of 12 partners across 10 European countries to develop educational resources such as MOOCs and training platforms aimed at students, educators, and industry professionals, particularly SMEs. The website is built on WordPress with Elementor and integrates modern web technologies and analytics tools. Security posture is solid with HTTPS and cookie consent mechanisms, though security headers and incident response policies are absent. WHOIS data is privacy-protected by EURid, consistent with EU project norms. Overall, the site is professional, content-rich, and trustworthy, supporting its educational mission.

A

Abalon s.r.o.

novorocenky-elektronicky.cz

34

The website www.novorocenky-elektronicky.cz represents a small Czech company, Abalon s.r.o., specializing in electronic New Year greeting cards primarily targeting business customers. The site offers original and customizable electronic PF cards created by multiple artists. The business model is B2B e-commerce with a niche focus on seasonal greeting cards. The website content is minimal and currently displays a placeholder message about the next offer release in August 2025. Technically, the site is built on WordPress with common JavaScript libraries and Google Analytics for tracking. HTTPS is enforced, but no advanced security headers or explicit privacy/cookie policies are present on the main domain. Contact information is limited to a phone number, with no emails or social media links visible. WHOIS data is missing, which raises concerns about domain registration transparency and trustworthiness.

A

Abalon s.r.o.

pf.cz

37

The website www.pf.cz represents Abalon s.r.o., a small Czech company specializing in the design and sale of original, artistically crafted New Year and Christmas greeting cards. The business targets corporate clients and organizations looking for unique and charitable greeting card options. The site offers customization services, free proofreading, and sample cards, positioning itself as a niche provider in the Czech market. Technically, the website is built on WordPress and employs modern JavaScript libraries such as jQuery, Slick Carousel, and Video.js, with SEO optimization via Yoast and analytics through Google Analytics. HTTPS is enforced, ensuring secure connections, but the absence of security headers and cookie consent mechanisms indicates room for improvement in security and privacy compliance. The lack of WHOIS data reduces domain trustworthiness, though the website content and business information appear professional and consistent. Overall, the site demonstrates good digital maturity with moderate performance and mobile optimization.

D

DAMI development s.r.o.

damidev.com

67

DAMI development s.r.o. is a Czech Republic based software development company specializing in mobile and web application development with over 13 years of market presence. They serve businesses and startups by delivering software solutions that enhance internal processes and cost efficiency. Their key services include development for multiple mobile platforms (Android, iOS, TV, wearables), web applications, third-party hardware/software integration, and innovative technologies such as IoT, augmented reality, and machine learning. The company showcases a professional website with clear navigation, client references, and modern technology usage, indicating a mature digital presence. However, the absence of WHOIS data raises concerns about domain registration legitimacy, which should be verified.

K

Online Kasino Česko ⚡️ Nejlepší Kasina v České Republice

kasinoczech10.com

49

The website kasinoczech10.cz is a Czech-language online casino affiliate and review platform focused on providing detailed information about online casinos available to Czech players. It offers curated casino reviews, bonus offers, payment method guides, and game type information to help users make informed decisions. The site targets adult Czech players interested in online gambling and operates primarily through affiliate marketing partnerships with various casinos. Technically, the site is built on WordPress, uses Cloudflare DNS, and integrates Google Analytics, Google Tag Manager, and OneSignal for analytics and notifications. The site is mobile-optimized with a good user experience and clear navigation. Security posture is solid with HTTPS enforced and no visible sensitive data exposure, but lacks explicit security headers and formal privacy or cookie policies. The domain is relatively new (created in 2023) but consistent with the business age and model. Overall, the site is professional and trustworthy within its niche but would benefit from enhanced privacy compliance and security policy disclosures.

N

Národní technické muzeum

muzeum-plasy.cz

48

Muzeum Plasy operates as a specialized cultural and educational institution under the National Technical Museum of the Czech Republic, focusing on the preservation and exhibition of building heritage and historical construction techniques. The website provides detailed information about exhibitions, events, educational programs, and visitor information, targeting cultural tourists, students, and researchers interested in architectural history. The business model is non-profit and government-affiliated, emphasizing education and cultural preservation. Technically, the website is built on WordPress 6.2.6 with modern web technologies including jQuery, Google Analytics, and lazy loading for images. The site is mobile-optimized and features good navigation and content structure. However, there is room for improvement in security headers and privacy compliance. The site uses HTTPS with a good SSL configuration but lacks explicit privacy and cookie policies, which are important for GDPR compliance. From a security perspective, the site shows a moderate security posture with no visible vulnerabilities or exposed sensitive data. The absence of security headers and vulnerability disclosure policies are notable gaps. The WHOIS data is unavailable, which limits domain trust verification, but the association with the National Technical Museum and professional content suggests legitimacy. Overall, the website is well-designed and professional, serving its educational and cultural mission effectively. Strategic improvements in privacy compliance, security headers, and transparency would enhance trust and security posture, supporting long-term sustainability and compliance with evolving regulations.

Kavárna MUZEUM is a small café business located within the National Technical Museum in Prague, focusing on coffee culture, bakery, and gastronomy. The website presents a clear business description targeting museum visitors and coffee enthusiasts, offering lunch menus, bakery products, and catering services. The site uses concrete5 CMS with jQuery and Google Analytics for tracking visitor data. While the website content is well structured and visually appealing, it lacks critical privacy and cookie policies, explicit contact information, and security headers. The absence of WHOIS data for the domain raises concerns about domain registration transparency and trustworthiness. Overall, the business appears legitimate and niche-focused, but the digital maturity and security posture require improvement to enhance trust and compliance.

J

JMP s.r.o.

valty.cz

42

VALTY.cz is a Czech Republic based retailer specializing in custom mattress systems combining flexible slatted frames and thinner mattresses tailored to individual needs. The company has a strong market presence with over 30 years of experience and multiple physical store locations. Their business model focuses on quality materials, expert advice, and made-to-measure products, targeting consumers seeking ergonomic and hygienic sleep solutions. Technically, the website is built on WordPress with modern plugins and frameworks, optimized for SEO and mobile use. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though security headers could be improved. Privacy compliance is basic with a cookie consent banner but no explicit privacy or terms pages. Overall, the site is professional and trustworthy with clear contact information and partner ecosystem.

J

JMP s.r.o.

toppery.cz

43

Toppery.cz is a Czech-based retailer and manufacturer specializing in mattress toppers, mattress protectors, travel mattresses, and mattress covers. The company operates both an e-commerce platform and four physical stores across major Czech cities, targeting consumers seeking enhanced sleep comfort and hygiene solutions. The website is professionally designed, localized in Czech, and provides detailed product information and contact details, supporting a medium-sized retail business model with a strong local presence. Technically, the website is built on WordPress 6.4.3 with Bootstrap and jQuery frameworks, integrating SEO best practices via Yoast SEO and leveraging Google Analytics and Tawk.to for analytics and customer engagement. The site is mobile-optimized and performs moderately well, though some accessibility features could be improved. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms, but lacks visible security headers and does not publish a privacy policy or incident response information. No WAF or blocking mechanisms are detected, and the domain registration data aligns well with the business claims, indicating legitimacy. Overall, the security posture is adequate but could be enhanced with additional headers and compliance documentation. The overall risk is moderate with no critical issues detected. Strategic improvements in privacy compliance and security headers would strengthen trust and regulatory adherence, supporting continued growth and customer confidence.

J

JMP s.r.o.

rajpolstaru.cz

40

Ráj polštářů is a Czech Republic based retail and e-commerce business specializing in high-quality pillows and bedding products. The company operates an online shop complemented by four physical stores across major Czech cities, offering anatomical, classic, and children's pillows. Their business model focuses on providing quality materials, expert consultation, and custom bedding solutions, positioning them as a trusted local retailer with a solid market presence since 2015. Technically, the website is built on WordPress with modern plugins and frameworks such as Bootstrap and Yoast SEO, ensuring good SEO and mobile responsiveness. The site uses HTTPS and integrates Google Analytics and Tawk.to for analytics and customer support, respectively. Security posture is good with SSL and no visible vulnerabilities, though security headers and explicit policies are missing. Privacy compliance is basic with a cookie consent banner but no visible privacy or terms of service pages. Overall, the website is professional and trustworthy with room for improvement in privacy and security policy transparency.

J

JMP s.r.o.

rozkladacipostele.cz

53

JMP s.r.o. operates the website rozkladaci-postele.cz, specializing in the retail and e-commerce sale of folding beds and mattresses primarily targeting customers in the Czech Republic. The company maintains a medium-sized business with multiple physical stores and an online presence, offering a wide range of products with a focus on quality Czech manufacturing. The website is professionally designed, mobile-optimized, and uses modern web technologies including WordPress, Bootstrap, and various plugins for SEO, analytics, and live chat support. Security posture is solid with HTTPS enforced and no visible critical vulnerabilities, though security headers and formal policies are lacking. Privacy compliance is basic with a cookie consent banner but no published privacy or terms of service pages. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site is functional, trustworthy, and well-positioned in its niche.

M

MUDr. Marie Součková

ortopediesouckova.com

61

Lékařské podiatrické centrum, led by MUDr. Marie Součková, is a specialized private healthcare provider in Prague focusing on orthopedics and podiatry services for children and adults. The center offers a comprehensive range of treatments including podiatry, orthopedic care, pedicure services, diabetic footwear (SHAPER), and educational courses. The business holds a reputable market position as a pioneer in private comprehensive care for the musculoskeletal system in the Czech Republic. Technically, the website is built on Joomla CMS with modern frontend frameworks like Bootstrap and UIkit, supported by jQuery and Google Analytics for tracking. Hosting is provided by WEDOS Internet, a reputable Czech provider. The site demonstrates good mobile optimization and SEO practices, though performance is moderate. Privacy compliance is well addressed with a clear cookie consent mechanism and GDPR-aligned privacy policy. From a security perspective, the site uses HTTPS with good SSL configuration but lacks advanced security headers and explicit incident response or security policies. No vulnerabilities or blocking mechanisms were detected, indicating a stable security posture. Domain WHOIS data aligns well with the business claims, supporting legitimacy. Overall, the website presents a professional, trustworthy, and user-friendly digital presence for a specialized healthcare provider, with room for improvement in security hardening and formal policy disclosures.

A

Autosalon Klokočka

klokocka.cz

53

Autosalon Klokočka is a medium-sized authorized automotive dealership and service provider based in the Czech Republic, specializing in brands such as Volkswagen, Audi, ŠKODA, Kia, and SEAT. The company offers a comprehensive range of services including new and used vehicle sales, authorized servicing, financing, leasing, and vehicle buyback. The website reflects a professional and consistent brand presence with clear navigation and relevant content targeted at automotive customers in the region. Technically, the site employs modern analytics and marketing tools such as Google Analytics, Hotjar, and Ecomail, alongside live chat and reCAPTCHA for user interaction and security. The site is mobile-optimized and demonstrates good SEO practices. Security posture is solid with HTTPS enforced and CAPTCHA on forms, though it lacks some advanced security headers and published incident response information. The absence of WHOIS registration data is a notable concern, reducing domain trustworthiness, but the overall business credibility remains high due to the professional presentation and authorized brand partnerships. Strategic improvements in security headers, incident response transparency, and domain registration verification are recommended to enhance trust and compliance.

R

ROSSMANN

rossmann.cz

69

ROSSMANN.cz is the online presence of ROSSMANN, a large retail chain specializing in drugstore products in the Czech Republic. The website offers a broad assortment of quality goods at competitive prices, including current promotions, flyers, and customer contests. The site targets retail consumers in the Czech market and positions itself as a well-established player in the retail sector. Technically, the website employs modern JavaScript frameworks and libraries, including React components, Google Tag Manager, and Cookiebot for cookie consent management. The site is mobile-optimized and uses preloading techniques for fonts and images to enhance performance. Security-wise, HTTPS is enforced, and cookie consent is implemented, but no explicit security headers or privacy policy pages were detected in the provided content. The WHOIS data is missing, which reduces domain trustworthiness, but the website content and branding suggest a legitimate business. Overall, the site demonstrates good digital maturity with room for improvement in security and privacy transparency.

R

RSJ

rsj.com

56

RSJ is a financial group operating primarily in the Czech Republic with a strong presence in global derivative markets including London, Chicago, New York, Frankfurt, and Tokyo. The company manages a diversified portfolio of investments spanning financial derivatives trading, real estate development, private equity, and emerging sectors such as biotechnology and healthy food production. The website clearly communicates its business scope and warns investors about fraudulent schemes misusing its brand. Technically, the site employs modern web technologies including Google Analytics and Tag Manager, with a cookie consent mechanism supporting GDPR compliance. Security posture is solid with HTTPS enforced, but lacks published security policies or incident response contacts. WHOIS data is missing, which raises concerns about domain registration legitimacy despite the professional website presence. Overall, RSJ presents as a credible financial entity with room for improvement in transparency and security disclosures.

Alfasilver.cz is the official website for Alfasilver HA+, a medical device product designed for wound care, including treatment of abrasions, minor burns, and skin injuries. The product is distributed by Glenmark Pharmaceuticals Distribution, s. r. o., based in Prague, Czech Republic. The website targets consumers seeking effective and easy-to-use wound care solutions, offering sprays and creams with antimicrobial properties and tissue hydration support. The site also provides educational content and retail partner links for product purchase. Technically, the website employs a modern frontend stack including Bootstrap 4, jQuery, and integrates Google Analytics and Google Tag Manager for user tracking and analytics. Cookie consent is managed via CookieScript, ensuring GDPR compliance with granular user consent options. The site is mobile-optimized and features clear navigation and professional design, though no CMS or backend platform is explicitly detected. Hosting and domain registration are consistent with the business location and history. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms but lacks visible advanced security headers. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms domain legitimacy with a registration date in 2016 and no privacy protection, aligning with the business profile. Contact information is clearly provided, including company address, phone, and official emails, with a dedicated channel for reporting adverse effects. Overall, Alfasilver.cz presents a trustworthy, professional, and compliant online presence for a niche healthcare product. Strategic improvements could include enhanced security headers and explicit security policies to further strengthen trust and compliance.

O

OnlyU - Web s články o vztazích, společnosti a zdraví.

onlyu.cz

55

OnlyU is a Czech-language media website focused on publishing articles related to relationships, society, and health. The site targets Czech-speaking users interested in these topics and monetizes primarily through advertising networks such as Google Adsense and Taboola. The website is built on WordPress CMS and integrates multiple third-party analytics and marketing tools, including Google Analytics, Gemius, and ShareThis, indicating a mature digital marketing infrastructure. However, the absence of publicly available WHOIS data limits the ability to fully verify domain ownership and legitimacy. The site implements a cookie consent banner, showing some compliance with GDPR requirements, but lacks an explicit privacy policy or terms of service in the analyzed content. Technically, the site shows moderate performance and good mobile optimization but has minor backend issues such as visible PHP warnings. Security posture is moderate with HTTPS enabled but missing security headers and some code hygiene issues. Overall, the website is functional and professionally presented but would benefit from improved transparency, security hardening, and compliance documentation.

P

PlastisolTransfer24.com

plastisoltransfer24.com

63

PlastisolTransfer24.com is a German-based company specializing in the production and distribution of high-quality textile transfers, serving primarily B2B customers such as textile printing companies and promotional firms across Germany, Austria, Switzerland, and the UK. The company emphasizes rapid delivery, offering express shipping within 24 hours, and holds OEKO-TEX certification, underscoring its commitment to environmental and social responsibility. Their product portfolio includes a wide range of transfer types including plastisol, blockout, water, neon, digital, DTF, and specialty transfers like glitter and holographic options. Technically, the website is built on the Magento 2 e-commerce platform, leveraging RequireJS, jQuery, and various Magento UI components. It integrates modern payment solutions such as Stripe and employs Google Tag Manager, Google Analytics, and Microsoft Clarity for analytics and marketing purposes. The site is mobile-optimized with good SEO practices and a comprehensive cookie consent mechanism supporting GDPR compliance. From a security perspective, the site enforces HTTPS, uses clientTransferProhibited domain status to prevent unauthorized transfers, and implements CAPTCHA on login forms. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no public security or incident response policies are found. The domain registration is consistent with the business claims, having been registered in 2012, aligning with the company's stated experience. Overall, the website presents a professional and trustworthy front with good content quality, technical implementation, and privacy compliance. Strategic improvements could include enhancing security headers, publishing a formal security policy, and enabling DNSSEC to further strengthen trust and security posture.