Security Directory

T

TRÜFFEL GÜSE GMBH & CO. KG

trueffel-guese.de

42

Trüffel Güse GmbH & Co. KG is a small German retail company specializing in premium truffles and chocolates, offering a variety of gift packages and corporate presents. The company operates a physical store in Hannover and maintains an online presence with a website built on TYPO3 CMS. Their market position is strengthened by multiple European and World Chocolate Awards, indicating product quality and recognition in the confectionery niche. The target audience includes individual consumers and corporate clients seeking high-quality chocolate gifts. Technically, the website uses modern frameworks such as Bootstrap and jQuery, with Google Analytics and Tag Manager for user tracking, and implements basic GDPR-compliant cookie consent mechanisms. The site is mobile optimized and provides clear navigation and contact information, though it lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled and IP anonymization in analytics, but missing explicit security headers and published security policies. Overall, the website is professional and trustworthy with room for improvement in security and compliance documentation.

Opito Labs GmbH is a specialized design studio combining extensive experience in IT, software development, and event technology. Their market position is that of a niche provider offering integrated hardware and software solutions for live streaming, event networking, lighting design, and technical event management. The company targets corporate clients, especially in automotive and large-scale event sectors, with a strong emphasis on reliability and intuitive technology. Technically, the website employs modern frameworks like Bootstrap and jQuery, with moderate performance and good mobile optimization. Security posture is moderate, with HTTPS implied but no visible security headers or explicit security policies. Privacy compliance is partial, with a cookie consent mechanism present but no formal privacy or terms of service pages. Overall, the business credibility is high due to clear contact information, client references, and professional presentation.

B

Billy Burrito

billy-burrito.de

40

Billy Burrito is a small, specialized mobile band offering live walk-act and marching band performances primarily in German-speaking countries. Their services target event organizers seeking energetic, creative musical entertainment without the need for technical setups. The website is well-structured, visually appealing, and provides comprehensive information about the band’s offerings and testimonials, supporting a positive market position in their niche. Technically, the site uses modern front-end frameworks like Bootstrap and integrates Google Analytics for user tracking, but lacks advanced security headers and cookie consent mechanisms, which are important for GDPR compliance. Security posture is moderate with HTTPS enabled but missing several best practice headers. Overall, the site is functional and professional but could improve privacy and security transparency. The domain WHOIS data is limited but shows no suspicious patterns, supporting legitimacy. Strategic recommendations include implementing cookie consent, enhancing security headers, and publishing detailed privacy and security policies to improve compliance and trust.

R

radio ffn

ffn.de

54

radio ffn is a well-established regional radio broadcaster serving Niedersachsen, Germany, offering music, entertainment, regional news, and traffic updates. The website reflects a mature digital presence with a modern CMS (TYPO3), integrated streaming services, and active social media engagement. The business model centers on media broadcasting and advertising services, targeting a broad general audience in the region. Technically, the site employs multiple analytics and advertising technologies, managed with a consent mechanism to comply with privacy regulations. Security posture is solid with HTTPS and a Content Security Policy, though additional security headers could enhance protection. No critical vulnerabilities or blocking mechanisms were detected, indicating stable and accessible operations.

N

Nxtbook Media

nxtbook.com

62

Nxtbook Media is a digital content experience platform provider specializing in responsive and replica digital publishing solutions. Their platforms, PageRaft and nxtbook, enable clients to create engaging digital publications such as magazines, catalogs, brochures, and more. The company serves a diverse audience including publishers, marketers, educational institutions, and associations, positioning itself as a trusted partner with a strong portfolio of notable clients and over 40 industry awards. Technically, the website is built on WordPress with a modern tech stack including jQuery, Yoast SEO, and multiple analytics and marketing integrations, demonstrating a mature digital infrastructure. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though explicit security headers and policies could be improved. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. Overall, the website is professional, well-branded, and trustworthy, though the absence of WHOIS data limits domain registration transparency.

A

ALOKON s.r.o.

alokon.cz

41

ALOKON s.r.o. is a Czech-based small manufacturing company specializing in the development and production of mounting systems for solar and photovoltaic panels, as well as aluminum scaffolding and metalworking services including waterjet cutting. The company targets both domestic and international markets, exporting to several European countries. Their business model focuses on quality materials and custom solutions for solar energy infrastructure. The website reflects a niche industrial business with a moderate market position and a focus on technical product offerings. Technically, the website is built on the GetSimple CMS platform and uses legacy JavaScript libraries such as jQuery 1.8.0 and 1.11.2, which may pose security risks. The site is served over HTTPS with no visible SSL issues and includes Google Analytics and Google Tag Manager for user tracking. Mobile optimization and accessibility are basic but functional. SEO practices are present but could be improved with more modern techniques and structured data. From a security perspective, the site lacks important security headers and uses outdated libraries, increasing vulnerability exposure. There are no visible privacy or cookie policies, nor any contact information for security incidents or data protection officers, which impacts compliance with GDPR and other regulations. The absence of WHOIS data reduces trust in domain legitimacy. Overall, the security posture is moderate but requires improvements to meet best practices. The overall risk assessment suggests the business is legitimate but would benefit from enhanced transparency, updated technical components, and improved compliance documentation. Strategic recommendations include updating JavaScript libraries, implementing security headers, publishing privacy and cookie policies, and providing clear contact information for security and data protection matters.

A

ANAFRA a.s.

anafra.net

59

ANAFRA a.s. is a Czech-based IT company specializing in providing comprehensive IT infrastructure services including virtual private servers, hosting, colocation, cloud storage solutions via Nextcloud, IT management, and server hardware integration. They hold a strong market position as the only Supermicro system integrator in Czechia, offering tailored IT solutions and robust pre-sales and after-sales support. Their target audience primarily consists of businesses and IT professionals seeking reliable IT infrastructure and hardware solutions. The company has been operational since 2006, indicating a mature presence in the technology sector. From a technical perspective, the website employs a modern technology stack including jQuery, Google Tag Manager, Microsoft Clarity, MailerLite for marketing automation, and Limetalk for live chat support. The site is mobile-optimized with good SEO practices and moderate performance. However, it lacks some advanced accessibility features and security headers, which could be improved to enhance security and compliance. Security posture is solid with HTTPS enforced and no exposed sensitive data detected. The use of multiple tracking and marketing scripts indicates moderate user tracking, but the absence of a cookie consent mechanism and explicit privacy policies suggests compliance gaps, especially concerning GDPR. No incident response or security policy information is publicly available, which could be a risk factor. Overall, ANAFRA’s website is professional and trustworthy with good business credibility and technical implementation. Strategic improvements in privacy compliance, security headers, and transparency around security policies would strengthen their security posture and regulatory compliance, reducing potential risks.

E

EXTÉRIA FRANCHISING s.r.o.

exteriamarket.cz

48

EXTÉRIA FRANCHISING s.r.o. operates a unique franchising concept in the Czech Republic specializing in occupational safety (BOZP) and fire protection (PO). The company offers franchise licenses, business growth methodologies, and technical implementation support, targeting entrepreneurs and business managers seeking to establish or grow their BOZP-related businesses. The website is professionally designed, mobile-optimized, and rich in multimedia content including video interviews and testimonials, reinforcing its market position as a leading BOZP franchise in the region. Technically, the website is built on WordPress using modern frameworks such as Bootstrap and Kadence Blocks. It integrates Google Analytics, Google Tag Manager, Facebook Pixel, and Google reCAPTCHA for analytics, marketing, and security purposes. The site employs HTTPS with a strong SSL configuration and includes a comprehensive cookie consent mechanism, reflecting good privacy compliance practices. From a security perspective, the site uses HTTPS and reCAPTCHA to protect forms but lacks explicit security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data for the domain reduces trustworthiness from a domain registration standpoint, though the website content and business information appear legitimate and professional. Overall, the website presents a low risk with strong business credibility and privacy compliance. Strategic improvements in security headers and domain registration transparency would further enhance trust and security posture.

N

NoBugs s.r.o.

nobugs.cz

45

NoBugs s.r.o. is a Czech-based small technology company specializing in the creation and rental of professional websites with monthly payment plans. Their business model focuses on providing affordable, customized web solutions including hosting, domain registration, SEO optimization, and customer support. The company targets small to medium businesses or individuals seeking cost-effective web presence solutions. The website is professionally designed, mobile-optimized, and integrates modern technologies such as Bootstrap, jQuery, FontAwesome, and Google Analytics for tracking visitor data. However, the absence of privacy and cookie policies indicates a gap in privacy compliance. Security posture is moderate with HTTPS usage and form validation but lacks explicit security headers and vulnerability disclosure mechanisms. The WHOIS data is missing, which raises concerns about domain legitimacy and transparency, impacting overall trust. Strategic improvements in privacy compliance, security headers, and domain registration transparency are recommended to enhance trust and security posture.

E

extranet Joanna Paździerska

extranet.pl

71

extranet Joanna Paździerska is a Polish small business specializing in creating modern websites and digital solutions primarily for companies and public institutions. Their offerings include CMS-based website development, dedicated IT solutions, email hosting, and digital accessibility audits. The company positions itself as a niche provider with a focus on quality and client-specific customization. Technically, the website is built on a proprietary CMS (netadmin v7.32) and leverages common web technologies such as PHP, jQuery, and Google Analytics for tracking. The site is mobile-optimized and includes accessibility features, reflecting a mature digital presence. Security-wise, the site enforces HTTPS, uses Cloudflare Turnstile for spam protection, and implements cookie consent mechanisms, though it lacks explicit security policies and incident response contacts. The absence of WHOIS data limits domain trust assessment, but the detailed contact information and professional presentation support legitimacy. Overall, the website demonstrates a solid technical and business foundation with room for enhanced security transparency.

C

Cheminées Poujoulat

poujoulat.com

60

Cheminées Poujoulat is a well-established French company specializing in metal chimney flues and stacks, serving residential, commercial, and industrial markets across Europe. The company positions itself as a European market leader with a broad product range and multiple international subsidiaries. The website reflects a mature digital presence with multilingual support and comprehensive product information. Technically, the site uses modern JavaScript libraries and tracking tools, with good mobile optimization and SEO practices. Security posture is moderate, with cookie consent mechanisms in place but lacking explicit security headers and dedicated security policies. The absence of WHOIS domain registration data is a notable gap, reducing domain trust verification. Overall, the website is professional and trustworthy but could improve in security transparency and domain registration clarity.

C

Cambridge University Press & Assessment

admissionstesting.org

66

The website serves as an official notice that the Cambridge Assessment Admissions Testing website is now closed. It provides clear information about the transition of various admissions tests to other organizations such as OCR and UAT-UK, and directs users to relevant external resources. The site is hosted on HubSpot CMS and employs standard marketing and analytics tools including Google Analytics and HubSpot tracking pixels. Privacy and cookie policies are present and appear comprehensive and GDPR compliant. Security posture is good with HTTPS enforced and no visible vulnerabilities, though explicit security headers and incident response information are absent. WHOIS data for the domain could not be retrieved due to malformed query responses, but the domain is a subdomain of a reputable Cambridge English domain, supporting legitimacy. Overall, the site is professional, informative, and trustworthy, with moderate technical sophistication and good privacy compliance.

O

Oxford, Cambridge and RSA

ocr.org.uk

66

Oxford, Cambridge and RSA (OCR) is a well-established awarding body providing a wide range of educational qualifications including GCSEs, A Levels, Cambridge Nationals, and Cambridge Technicals. The organization operates under the Cambridge Assessment umbrella, positioning itself as a trusted and authoritative provider in the UK education sector. The website offers comprehensive resources, past papers, and support for both students and educators, reflecting a strong commitment to educational excellence and accessibility. Technically, the website employs a mature technology stack including jQuery, JW Player, Google Analytics, Google Tag Manager, and OneTrust for consent management. The site is well-structured with good mobile optimization, accessibility, and SEO practices. The presence of multiple third-party analytics and marketing tools indicates a data-driven approach to user engagement and experience enhancement. From a security perspective, the site enforces HTTPS and integrates consent management for privacy compliance. However, there is room for improvement in implementing additional HTTP security headers and updating legacy libraries such as jQuery. No critical vulnerabilities or exposed sensitive data were detected, indicating a solid security posture. Overall, the website is professional, trustworthy, and compliant with relevant privacy regulations. The lack of WHOIS data for the exact queried domain is due to it being a subdomain, which is typical for large organizations. The domain and website content align well, supporting the legitimacy of the entity. Strategic recommendations include enhancing security headers, updating legacy scripts, and continuous privacy compliance monitoring.

C

Cambridge University Press & Assessment

cambridgeassessment.org.uk

66

Cambridge University Press & Assessment operates the Cambridge Assessment Network and Research website, providing educational assessment qualifications, professional development courses, and research services. The organization holds a leading position in the global education sector, targeting educators, assessment professionals, and learners worldwide. Their business model focuses on delivering high-quality assessment products and professional training, supported by extensive research and innovation. The website demonstrates a mature technical infrastructure, utilizing modern JavaScript libraries such as jQuery and JWPlayer, integrated with Google Tag Manager, Google Analytics, Microsoft Clarity, and Crazy Egg for analytics and user behavior tracking. The site employs OneTrust for cookie consent management, reflecting a commitment to privacy compliance. The design is professional, mobile-optimized, and accessible, with clear navigation and rich content. Security posture is strong, with HTTPS enforced and multiple security headers present. No critical vulnerabilities or exposed sensitive data were detected. However, the site lacks publicly available security policies or incident response information, which could enhance transparency and trust. Privacy compliance is well addressed through cookie banners and a comprehensive privacy policy. Overall, the website is trustworthy, professionally maintained, and aligned with the organization's educational mission. Strategic recommendations include publishing explicit security and incident response policies, enhancing vulnerability disclosure transparency, and maintaining up-to-date third-party libraries to sustain security and compliance.

M

ManageXValue

managexvalue.com

71

ManageXValue is a specialized SaaS platform offering quantitative methodologies and tools to help business decision-makers and investment professionals manage growth and risk effectively. The company provides key solutions including Investment Fund Analytics, Quantitative Risk Management, and Strategic Impact Valuation, positioning itself as a niche player in the finance and technology sectors. The website is professionally designed using modern web technologies such as React, Next.js, and Material-UI, with integration of Stripe for payment processing and Google Analytics for user tracking. Privacy and terms of service pages are present, and a cookie consent mechanism is implemented, indicating basic compliance with privacy regulations. Security posture is good with HTTPS and Content-Security-Policy headers, though additional security headers and explicit security policies could enhance trust. The domain registration is consistent with the business founding date and shows no suspicious patterns, supporting legitimacy. Overall, the website demonstrates a solid technical foundation and business credibility, suitable for its target audience of finance and risk management professionals.

N

NET Média Zrt.

portfolio.hu

54

Portfolio.hu is a leading Hungarian online financial and economic news portal operated by NET Média Zrt. The website offers a wide range of content including micro- and macroeconomic news, analyses, forums for professionals, financial conferences, industry forums, investor clubs, and trader courses. It targets Hungarian-speaking financial professionals, investors, and the general economic audience. The business model combines advertising revenue with premium subscription content and event services. Technically, the site uses modern JavaScript libraries, Firebase for messaging and analytics, and integrates multiple third-party advertising and tracking services with a consent management platform to comply with GDPR. The site is well-designed, mobile-optimized, and provides extensive financial data and news content.

S

Startupticker

startupticker.ch

59

Startupticker.ch is a well-established Swiss media platform focused on delivering high-quality news, reports, and event information related to the Swiss startup ecosystem. It serves entrepreneurs, investors, and innovation stakeholders by providing timely and relevant content, supported by a network of reputable partners and sponsors. The platform offers a variety of services including news articles, event calendars, venture capital reports, and an ecosystem directory, positioning itself as a key information hub in Switzerland's startup landscape. Technically, the website employs a modern tech stack including jQuery, Bootstrap, and Google Analytics, ensuring a responsive and user-friendly experience across devices. Security-wise, the site uses HTTPS and basic security headers but lacks advanced headers and a formal security policy or incident response contact, which are areas for improvement. Overall, the website is professional, trustworthy, and content-rich, with minor gaps in privacy compliance and security best practices.

E

escape GmbH

escape-germany.de

65

escape GmbH is a German software development agency with over 20 years of experience specializing in digital enterprise platforms, workflow innovation, and intelligent marketing solutions. The company targets businesses and organizations seeking tailored digital tools and services, offering end-to-end project support from consulting to maintenance. Their market position is supported by a portfolio of reputable clients including BMW, Leica, and Vodafone. Technically, the website is built on the Cellms CMS platform, leveraging jQuery and includes modern analytics tools such as Google Analytics and Matomo. Mobile optimization and SEO are well addressed, though some accessibility features could be improved. Security posture is solid with HTTPS and cookie consent mechanisms in place, but could benefit from enhanced security headers and updated libraries. Overall, the site is professional, trustworthy, and compliant with GDPR requirements.

O

Ostbelgien.Net

ostbelgien.net

62

Ostbelgien.net is a well-established regional lifestyle and real estate portal serving the Ostbelgien region in Belgium. Founded in 2008, it offers comprehensive listings and information on gastronomy, events, travel accommodations, real estate, and leisure activities, targeting both local residents and tourists. The website is professionally designed with consistent branding and provides useful services such as newsletters and interactive maps. Technically, the site runs on ASP.NET Kentico CMS, uses jQuery and Flexslider for UI components, and integrates Google Analytics for traffic monitoring. It employs Cloudflare DNS but lacks DNSSEC and some security headers, indicating room for security improvements. The site uses HTTPS and a cookie consent mechanism compliant with GDPR, reflecting a good privacy posture. However, no explicit security policies or incident response contacts are published, which could be enhanced to improve trust and compliance. Overall, the domain registration data aligns well with the website's business claims, supporting its legitimacy and stable market presence.

P

Penzion Závada

penzionzavada.cz

47

Penzion Závada is a small hospitality business offering stylish and discreet accommodation near Opava, Czech Republic. The website presents the business professionally with clear contact information, reservation forms, and detailed descriptions of rooms, surroundings, and amenities. The business targets tourists and visitors seeking quality lodging and leisure activities such as golf. Technically, the website is built on WordPress with Elementor and uses modern plugins for SEO, GDPR compliance, and video embedding. Security posture is good with HTTPS and cookie consent mechanisms, though security headers could be enhanced. The absence of WHOIS data is a concern for domain legitimacy but does not detract from the apparent professionalism of the site. Overall, the website is well-structured, user-friendly, and compliant with privacy regulations.

V

Výkup starožitností

vykupstarozitnosti.eu

41

Výkup starožitností is a Czech Republic based small family-owned antique dealer with over 30 years of experience. The company offers direct purchase of antiques, paintings, furniture, porcelain, and coins, as well as auction consignments and appraisal services. The website is professionally designed using WordPress and Elementor, providing clear navigation and relevant content targeted at individuals and collectors within the Czech Republic. Contact information including phone, email, and physical addresses are clearly presented, enhancing business credibility. Privacy and cookie policies are implemented with GDPR compliance. The site uses Google Analytics and Sklik for marketing and retargeting purposes. Hosting is provided by a reputable Czech provider, WEDOS Internet, a.s., consistent with the business location and language.

T

Techlink

techlink.be

64

Techlink is a Belgian professional federation representing manufacturers, distributors, installers, and companies active in technical maintenance and energy management within the multifunctional installation ecosystem. The organization offers a wide range of services including certification, e-tools, information dissemination, networking, training, personalized advice, working groups, and webinars. With over 3,500 members, Techlink positions itself as a key player in the energy transition sector in Belgium. The website is built on Drupal 10 and integrates modern web technologies such as Google Analytics, Google Tag Manager, Google reCAPTCHA, and CookieHub for cookie consent management. The site is well-structured, mobile-optimized, and provides a professional user experience with clear navigation and relevant content. However, explicit privacy and terms of service policies are not prominently found, which could be improved. From a security perspective, the site uses HTTPS and includes reCAPTCHA on login forms to prevent automated abuse. Cookie consent is managed via CookieHub, indicating some level of GDPR compliance. The absence of explicit security headers and a published security policy or incident response contact are areas for enhancement. WHOIS data is not publicly available due to restrictions, which slightly impacts trust but is common for .be domains. Overall, Techlink's website demonstrates a solid technical and business foundation with room for improvement in privacy transparency and security policy disclosures.

The website 'Centrum Grodno' represents a Polish non-profit organization, the Centrum Współpracy Międzynarodowej w Grodnie, operated by the Fundacja Europejski Fundusz Rozwoju Wsi Polskiej. It focuses on educational, cultural, and environmental projects, targeting children, youth, and adults interested in nature and culture. The site offers information about workshops, musical groups, and conferences related to environmental protection and renewable energy. Technically, the site is built on the ProcessWire CMS, uses Bootstrap and Revolution Slider for UI, and integrates Google Analytics and Tag Manager for tracking. The site is mobile responsive and has a moderate performance profile. Security-wise, HTTPS is enabled, but no advanced security headers are detected, and privacy compliance is minimal with no cookie consent mechanism. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but is common for non-profits. Overall, the site is professional and trustworthy but could improve privacy and security practices.

G

GD

simplygd.com

50

GD is a Czech-based marketing and digital agency specializing in increasing sales through targeted online marketing, measurement, evaluation, and optimization. Established in 2013, the agency offers services including SEO analysis, custom e-shop and website development, and marketing consultations. Their market position is that of a trusted regional partner with a focus on long-term client relationships. Technically, the website is built on Joomla CMS with Helix Ultimate framework, leveraging common marketing and analytics tools such as Google Analytics and Facebook Pixel. The site is mobile optimized and demonstrates good SEO practices. Security posture is solid with HTTPS and cookie consent mechanisms, though additional security headers and explicit security policies could enhance protection. The WHOIS data aligns well with the business claims, indicating legitimacy and stability. Overall, the website presents a professional and trustworthy digital presence with moderate to good technical and security maturity.

V

Vzdělávací institut pro Moravu

vim-jmk.cz

55

Vzdělávací institut pro Moravu is a regional educational institute focused on providing training, support services, and career counseling primarily in the South Moravia region of the Czech Republic. Their offerings include educational events, GDPR support for schools, mental health awareness campaigns, and extracurricular programs. The website is built on Drupal 9 and integrates modern web technologies such as Bootstrap, jQuery, and lazy loading for images, reflecting a moderate to good level of digital maturity. Privacy compliance is well addressed with GDPR-aligned policies and cookie consent mechanisms. Security posture is solid with HTTPS enforced and anonymized analytics, though some security headers and explicit policies could be improved. Overall, the website presents a professional and trustworthy image suitable for its educational audience.

The website dipsy.gov.cz serves as the official digital application system for secondary school admissions in the Czech Republic. Operated by the Ministry of Education and the Centrum pro zjišťování výsledků vzdělávání (CZVV), it provides a secure and user-friendly platform for submitting electronic applications, viewing admission results, and accessing related educational information. The site targets students, parents, and educational institutions, positioning itself as a critical government service in the education sector. The business model is a public service, funded and maintained by government entities, ensuring broad accessibility and trust. Technically, the website is built on a modern Angular framework (version 16.2.10) with PrimeNG UI components, delivering a responsive and accessible user experience optimized for both desktop and mobile devices. The use of HTTPS and Google Analytics for traffic monitoring indicates a mature digital infrastructure. The site includes comprehensive privacy and cookie policies aligned with GDPR requirements, reflecting a strong commitment to user data protection. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, though explicit security headers and published incident response policies are not evident. No vulnerabilities or exposed sensitive data were detected in the content. The domain is a gov.cz domain managed by CZ.NIC, which enhances its legitimacy despite the absence of public WHOIS data. Overall, the security posture is solid but could be improved by adding explicit security policies and vulnerability disclosure channels. The overall risk assessment is low, with the site demonstrating high professionalism, trustworthiness, and compliance with privacy regulations. Strategic recommendations include enhancing security header implementation, publishing security and incident response policies, and establishing a vulnerability disclosure process to further strengthen trust and resilience.

H

Hnízdo Ostrava

hnizdoostrava.cz

54

Hnízdo Ostrava is a coworking and event space provider based in Ostrava, Czech Republic, offering flexible workspaces, podcast studios, and event hosting services. The website presents a professional and well-structured digital presence targeting creatives, students, and event organizers. Technically, the site is built on WordPress with modern plugins and tracking tools, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA implemented, though some security headers and privacy policies are missing, which could be improved. Overall, the site is trustworthy and functional but would benefit from enhanced privacy compliance and domain registration transparency.

D

dejmezenamsanci.cz

dejmezenamsanci.cz

38

Dejme ženám šanci is a non-profit program website focused on supporting women, featuring information about the program, conferences, news, supported projects, and media galleries. The site is built on WordPress and uses common web technologies including jQuery, Google Analytics, and Google Tag Manager. The website is accessible without any WAF or security blocking mechanisms detected. However, the absence of WHOIS data raises concerns about domain registration legitimacy. The site lacks privacy and cookie policies, and no explicit contact information is provided, which impacts compliance and trust. Security headers are not detected, indicating room for improvement in security posture.

Z

Zprávy Aktuálně.cz

zpravyaktualne.cz

41

Zprávy Aktuálně.cz is a Czech online news and magazine portal providing fresh news and lifestyle content across multiple categories such as housing, auto, health, finance, and women's topics. The website is built on WordPress with a modern theme and plugins, integrating Google Analytics and Google Tag Manager for traffic analysis. The site is professionally designed with good navigation and mobile optimization, targeting a general Czech-speaking audience interested in current events and lifestyle topics. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks explicit security headers and formal privacy or cookie policies. The domain registration is consistent and legitimate, supporting the business's credibility.

E

Extéria, s.r.o.

exteria.cz

44

Extéria, s.r.o. is a Czech Republic-based company specializing in occupational safety (BOZP) and fire protection (PO) services. The company offers comprehensive consulting, documentation, training, accident investigation, and representation services primarily targeting businesses and institutions. Their market position is supported by an active client base and franchising opportunities, indicating a medium-sized, established regional presence. The website is professionally designed, mobile-optimized, and rich in relevant content, reflecting a mature digital presence. Technically, the site runs on WordPress with modern plugins and analytics tools, ensuring good performance and user experience. Security measures include HTTPS, Google reCAPTCHA, and a detailed cookie consent mechanism, although some security headers are missing. Privacy compliance is strong with a clear privacy policy and cookie management. Overall, the site demonstrates a high level of professionalism and trustworthiness, though WHOIS data is privacy-protected, limiting domain registration transparency.

D

Dům zahraniční spolupráce

naerasmusplus.cz

61

Dům zahraniční spolupráce (DZS) is a Czech government-affiliated organization under the Ministry of Education, Youth and Sports, serving as the national agency for international education cooperation. The website presents itself as an authoritative source for educational programs and international collaboration, targeting students, educators, and government bodies. The business model is primarily government-funded, focusing on educational program administration and information dissemination. The site is medium-sized and consistent with its branding and content quality.

P

Planet Lover

planetlover.org

48

Planet Lover is a Slovak non-profit organization specializing in environmental education and sustainability consulting. The organization targets schools, teachers, students, and businesses, offering free educational programs, workshops, and conferences to promote a greener future. Their market position is strengthened by partnerships with universities, businesses, and international climate education initiatives. The website reflects a professional and consistent brand with comprehensive content and active social media engagement. Technically, the website is built on WordPress using Elementor and SEO plugins, with a moderate performance profile and good mobile optimization. The presence of cookie consent mechanisms and privacy policies indicates GDPR compliance. However, DNSSEC is not enabled, and explicit security headers are not detected, suggesting room for security enhancements. Security posture is generally good with HTTPS enforced and no exposed sensitive data, but the absence of a published security policy and incident response contacts is a gap. Overall, the website is trustworthy, safe, and well-maintained, with recommendations to improve DNS security and security headers to further strengthen its security stance.

B

Banícke múzeum v Rožňave

banmuz.sk

41

Banícke múzeum v Rožňave is a regional cultural institution under the Košice self-governing region in Slovakia, specializing in mining, metallurgy, and fine arts exhibitions. It serves a broad audience including the general public, students, and researchers, offering museum exhibitions, educational activities, and a museum shop. The website is professionally designed using Joomla CMS with Bootstrap and integrates Google Analytics and Facebook SDK for analytics and social media engagement. The site is multilingual and provides clear contact information and privacy compliance mechanisms. Security posture is solid with HTTPS and cookie consent, though security headers are lacking. Overall, the website is trustworthy and well-maintained, reflecting the institution's public service nature.

Správa Národného parku Veľká Fatra is the official managing body of the Veľká Fatra National Park in Slovakia, providing comprehensive information about the park's nature, tourism, environmental education, and visitor guidelines. The website serves as a government portal targeting tourists, schools, and the general public interested in nature conservation. The site is built on WordPress with modern plugins and includes structured data for SEO and accessibility. It features a cookie consent mechanism and integrates Google Analytics for visitor tracking. Security posture is good with HTTPS and no visible vulnerabilities, though some security headers could be improved. Contact information and legal disclaimers are clearly presented, enhancing trust and compliance. Overall, the website is professional, informative, and trustworthy, supporting the park's mission and public engagement.

B

Baterkáreň

baterkaren.sk

44

Baterkáreň is a Slovak social enterprise operating the first community reuse center in Slovakia, combining a zero waste shop, educational programs, and volunteer opportunities to promote sustainable living. The website is professionally designed, mobile-optimized, and rich in relevant content, targeting environmentally conscious individuals and local communities. Technically, it is built on WordPress with WooCommerce, enhanced by SEO and marketing tools such as Yoast SEO, Google Analytics, Facebook Pixel, and Brevo. Security posture is strong with HTTPS, DNSSEC, and cookie consent mechanisms, though it lacks a dedicated security policy or incident response page. Overall, the site demonstrates a mature digital presence aligned with its mission and audience.

The website represents Stowarzyszenie Kujawsko-Pomorski Ośrodek Wsparcia Inicjatyw Pozarządowych TŁOK, a Polish non-profit organization founded in 2006 that supports NGOs and local communities through advisory services, training, project writing, and social dialogue facilitation. The organization operates regionally within Poland, focusing on social economy and community development. The website is professionally designed with clear navigation and regularly updated content, targeting NGOs and social initiatives. Technically, the site uses a custom CMS with common JavaScript libraries such as jQuery, Google Analytics, and Facebook SDK integrations. Hosting is provided by OVH SAS, a reputable provider. Security posture is moderate with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is basic with a privacy policy and cookie consent mechanism but no terms of service or incident response information. Overall, the site is trustworthy and functional but could improve security and compliance aspects.

Cafe24 Corp. operates an e-commerce platform primarily targeting store owners, administrators, and suppliers. The website analyzed is a login portal facilitating access for different user roles within the platform. The company is established since 2017 and operates in the e-commerce sector, with a large organizational size and a focus on providing platform services for online store management. The website's technical infrastructure includes standard web technologies such as JavaScript, CSS, and integration with Google Analytics and Google Tag Manager for tracking and marketing purposes. Hosting and domain registration are managed by Gabia, Inc., a reputable registrar. From a security perspective, the website uses HTTPS as implied by URLs, and the domain status includes clientTransferProhibited, which protects against unauthorized domain transfers. However, no explicit security headers such as Content-Security-Policy or HSTS were detected in the provided data, and DNSSEC is not enabled, representing areas for improvement. Privacy and cookie policies are not present on this login page, which may impact compliance with GDPR and other privacy regulations. No contact information or incident response details are visible, limiting transparency and user trust. Overall, the website presents a basic but functional login interface with moderate technical implementation and business credibility. The absence of privacy and security policy disclosures and limited contact information reduce the privacy compliance score and security posture. There is no indication of adult or explicit content, making the site safe for general audiences. The domain registration data supports legitimacy and consistency with the business claims. Strategic recommendations include implementing comprehensive privacy and cookie policies, enhancing security headers and DNSSEC, and providing clear contact and incident response information to improve trust and compliance.

웹

웹퍼블릭

webpublic.co.kr

66

웹퍼블릭 is a specialized e-commerce design agency focused on providing customized and responsive shopping mall skins and web design services primarily for the Korean market. Established in 2018, the company leverages the Cafe24 platform to deliver tailored design solutions for online retailers. Their market position is that of a niche service provider with a clear focus on shopping mall design and related services. Technically, the website is built on the Cafe24 ecosystem, utilizing modern web technologies such as jQuery, Google Analytics, and custom fonts, ensuring a good user experience and mobile optimization. Security posture is solid with HTTPS enforced and basic security headers present, though there is room for improvement in privacy compliance and incident response transparency. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

(

(주)플러스앤

cjtone.co.kr

45

PlusN (플러스앤) is a South Korean company specializing in corporate travel welfare services, including corporate resorts, B2B travel welfare malls, camping sites, MICE events, facility distribution and consignment, and leisure ticket sales. The company positions itself as the leading corporate resort provider with over 30 years of experience, serving a broad range of clients including public enterprises, government agencies, financial institutions, and broadcasters. The website reflects a professional and modern digital presence with multimedia content and clear navigation.

울

울산 HD FC

uhdfc.com

54

Ulsan HD FC operates a professional football club website primarily targeting football fans and community members in South Korea. The site offers comprehensive club information, player rosters, match schedules, news updates, ticketing options, and merchandise shopping. The website is well-branded with consistent use of official logos and sponsorship from Hyundai group companies, indicating a medium-sized sports organization with a solid market presence. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.3 and integrates Google Analytics and Tag Manager for user tracking. While the site is mobile-optimized and provides good user experience, it lacks visible privacy and cookie policies, which impacts compliance and trust. Security-wise, the absence of security headers and use of outdated libraries present vulnerabilities. The WHOIS data is missing or inaccessible, which raises concerns about domain registration transparency despite the active and professional website content. Overall, the site is functional and content-rich but requires improvements in security, privacy compliance, and domain registration transparency to enhance trust and reduce risk.

W

WooRank

woorank.com

71

WooRank is a technology company specializing in SEO and digital marketing tools designed to optimize online presence and generate leads. Positioned as a medium-sized enterprise under Bridgeline Digital, WooRank offers a comprehensive SaaS platform with features including website reviews, keyword tracking, competitor analysis, and lead generation tools. The company targets digital marketers, agencies, and businesses seeking to improve their SEO performance and sales outcomes. Technically, WooRank leverages modern web technologies such as Webflow CMS, Google Analytics, Microsoft Clarity, and Facebook Pixel, ensuring a fast, mobile-optimized, and accessible user experience. The website demonstrates strong digital maturity with integrated privacy compliance mechanisms including cookie consent and GDPR adherence. Security posture is solid with HTTPS enforcement and no visible vulnerabilities, though explicit security headers could be enhanced. Overall, WooRank presents a professional and trustworthy online presence with active social media engagement and recognized industry partnerships.

A

Acquia

widencollective.com

72

Acquia operates a community platform hosted as a Salesforce Experience Cloud site, focusing on digital asset management and cloud services. The website targets enterprise users, developers, and marketers who utilize Acquia's digital experience solutions. The platform integrates multiple payment gateways and analytics tools, reflecting a mature digital infrastructure. The site is well-branded and professionally designed, with consistent use of Salesforce Lightning Design System and embedded Salesforce services. Security posture is strong with HTTPS and a strict Content-Security-Policy, though additional security headers could enhance protection. Privacy and cookie policies are not explicitly found in the provided content, indicating an area for improvement. Overall, the domain is legitimate as a subdomain of acquia.com, a reputable technology company.

E

EKS, z.s.

ekskurzy.cz

60

EKS, z.s. operates a professional website focused on career counseling and development services primarily targeting individuals seeking career guidance in the Czech Republic. The website is built on a modern WordPress platform with WooCommerce and Elementor, indicating a mature digital infrastructure suitable for service delivery and client engagement. The presence of a comprehensive cookie consent mechanism and privacy policy demonstrates a commitment to GDPR compliance and user privacy. Security posture is strong with HTTPS enforced and standard security headers present, though the absence of explicit security and incident response policies suggests room for improvement. Overall, the website is professional, trustworthy, and well-structured, though the lack of WHOIS registrant data slightly reduces domain trustworthiness.

D

Digitální studio Napadlo

napadlo.cz

53

Digitální studio Napadlo is a Czech-based digital marketing and web development agency established in 2017, offering services such as website creation, corporate identity design, branding, and PPC campaigns. The company positions itself as a professional studio with 15 years of experience in online marketing, focusing on client growth and brand building. The website is well-structured, professionally designed, and optimized for SEO, targeting Czech businesses seeking digital marketing solutions. Technically, the site is built on WordPress using Elementor and WooCommerce, with integrations for Google Analytics, Facebook Pixel, and SmartLook for analytics and marketing tracking. The hosting is linked to a Czech hosting provider, and the domain registration is consistent with the business claims. Security posture is good with HTTPS enabled and no exposed sensitive data, but lacks some security headers and explicit privacy and cookie policies. Overall, the site is accessible without WAF or blocking mechanisms, providing a good user experience and professional appearance.

M

Milotů.cz

janmilota.cz

46

Milotů.cz is a Czech web development agency specializing in custom website creation for businesses and non-profit organizations. With over 12 years of experience and more than 200 completed projects, the company positions itself as a trusted provider of web design, programming, and website management services. The website reflects a professional and modern digital presence, targeting firms and non-profits seeking tailored web solutions. Technically, the site is built on WordPress with modern JavaScript frameworks like Alpine.js and employs performance optimizations such as WP Rocket. It integrates common analytics and marketing tools including Google Analytics, Facebook Pixel, and Hotjar, while maintaining GDPR compliance through a comprehensive cookie consent mechanism and privacy policy. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the domain registration data aligns with the website's claims, supporting legitimacy and trustworthiness.

K

KHKMSK

khkmsk.cz

43

KHKMSK is a regional chamber of commerce serving the Moravian-Silesian region in the Czech Republic. The organization focuses on supporting businesses with international expansion, membership services, and hosting events. The website reflects a professional and consistent brand presence with clear navigation and multilingual support. Technically, the site is built on WordPress using modern frameworks such as Bootstrap and integrates Google Analytics and reCAPTCHA for analytics and security. HTTPS is enforced, and cookie consent mechanisms are implemented, indicating a good privacy posture. However, the absence of WHOIS data and explicit contact emails or phone numbers on the site slightly reduces trustworthiness. Overall, the site demonstrates a solid business and technical foundation with room for enhanced security headers and more transparent contact information.

M

MS Pakt

trautom.cz

44

TRAUTOM is a newly established project (2024) focused on supporting citizens, companies, and educational institutions in the Moravskoslezský region of the Czech Republic. It provides career counseling, labor market analytics, and educational strategy services, funded by the European Union under the Just Transition Operational Program. The project is implemented by MS Pakt with key partners including Vysoká škola báňská and the Moravskoslezský automobilový klastr. The website reflects a professional and regionally focused initiative with clear service offerings and active communication channels such as news and blogs. Technically, the site is built on WordPress with the Divi theme, leveraging common analytics and marketing tools with GDPR-compliant cookie consent mechanisms. Security posture is good with HTTPS and security headers in place, though formal security policies and incident response information are not published. Overall, the domain registration aligns with the project timeline and shows no suspicious patterns, supporting the legitimacy of the site.

C

Cesta k zaměstnání

cestakzamestnani.cz

49

The website 'Cesta k zaměstnání' is an educational platform primarily targeting Czech high school students to assist them in navigating the job search process. It offers modules on CV creation, job searching, interview preparation, employment contracts, and labor law basics. The site is relatively new, launched in 2022, and uses modern web technologies such as Vue.js. It is hosted on a Czech hosting provider inferred from the nameservers. The content is well-structured and relevant to its educational purpose, with a consistent branding approach and legal review noted on the site. However, it lacks explicit privacy and terms of service pages and does not provide direct contact or security policy information.

M

Moravskoslezský pakt zaměstnanosti, z.s.

infoprokarieru.cz

47

Info pro kariéru is a Czech regional non-profit organization focused on helping elementary school students choose future careers. Operated by Moravskoslezský pakt zaměstnanosti, z.s., it provides career counseling, labor market information, and organizes excursions to support career development. The website is well-branded, regionally recognized, and supported by EU funding and the city of Ostrava. Technically, the site is built on WordPress with modern web technologies, including GDPR-compliant cookie management and analytics tools like Google Analytics and Hotjar. The site is mobile-optimized and SEO-friendly, though accessibility could be improved. Security posture is good with HTTPS and consent mechanisms, but lacks some security headers and explicit security policies. Overall, the site is trustworthy, professional, and serves its educational mission effectively.