Security Directory

F

FCC průmyslové systémy s.r.o.

fccps.cz

46

FCC průmyslové systémy s.r.o. is a Czech-based technical and commercial company specializing in industrial automation, embedded computing, robotics, and machine vision solutions. With over 30 years of experience in the Czech market, the company offers a broad portfolio of products and services including industrial systems, custom machinery, and training seminars. Their market position is stable and well-established, targeting industrial enterprises seeking advanced automation technologies. The website reflects a professional digital presence with modern frontend technologies and mobile responsiveness. However, the absence of WHOIS data and explicit privacy policies indicates areas for improvement in transparency and compliance. Security posture is moderate with cookie consent implemented but lacking advanced HTTP security headers and documented incident response. Overall, the site is trustworthy and business-focused but would benefit from enhanced security and privacy documentation.

M

Město Pelhřimov

mupe.cz

44

The website mestopelhrimov.cz serves as the official online portal for the city of Pelhřimov in the Czech Republic. It provides comprehensive information about city administration, cultural institutions, sports facilities, educational establishments, and public services. The site targets residents, tourists, and local stakeholders seeking municipal information and services. The business model is that of a government entity providing public information and services, positioning itself as the authoritative source for city-related content. Technically, the website employs a modern tech stack including HTML5, CSS3, JavaScript, Google Analytics, Google Tag Manager, and Google reCAPTCHA for security. It uses the VismoWeb5 CMS platform and integrates translation services and a chatbot for enhanced user experience. The site is mobile optimized, accessible, and SEO friendly, though performance is moderate. From a security perspective, the site enforces HTTPS and uses reCAPTCHA to mitigate bot traffic. It implements a GDPR-compliant cookie consent mechanism with granular user controls. However, it lacks visible security headers and does not publish explicit security or incident response policies. No vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, the website is trustworthy and professional, suitable for its government function. The absence of WHOIS data limits domain registration trust analysis but does not detract from the site's legitimacy. Strategic recommendations include enhancing security headers, publishing security policies, and providing clear contact information for incident response to further strengthen trust and compliance.

M

Město Havlíčkův Brod

muhb.cz

52

The website www.muhb.cz serves as the official online presence for the city of Havlíčkův Brod, Czech Republic. It provides comprehensive information about city governance, public services, news updates, and tourist information. The site targets residents, local businesses, tourists, and public officials, offering a broad range of municipal services and resources. The business model is government/public service with a medium-sized municipal scope and a historical foundation dating back to the 13th century. Technically, the site employs a modern technology stack including Bootstrap, jQuery, FontAwesome, and Google Analytics, built on the CPedit CMS platform. The site is mobile-optimized, accessible, and SEO-friendly, with a moderate performance profile. Security measures include HTTPS enforcement and use of Google reCAPTCHA, though security headers are not detected, indicating room for improvement. From a security perspective, the site demonstrates good practices such as cookie consent management and secure form handling but lacks visible security headers and an incident response contact. The absence of WHOIS data reduces domain registration trustworthiness, but the website content and official branding strongly support legitimacy. Overall, the site is a well-maintained municipal portal with good content quality and user experience. Strategic recommendations include enhancing security headers, publishing incident response information, and improving domain registration transparency to strengthen trust and compliance.

M

Město Pelhřimov

mestopelhrimov.cz

44

The website mestopelhrimov.cz serves as the official digital presence for the city of Pelhřimov in the Czech Republic. It provides comprehensive information about municipal offices, cultural institutions, event calendars, tourist information, and various public services. The site targets residents, tourists, and local businesses, positioning itself as a key government portal for the region. The business model is typical for a municipal government, focusing on information dissemination and public service facilitation. Technically, the website employs modern web standards including HTML5, CSS3, and JavaScript, with integrations such as Google Analytics, Google Tag Manager, and Google reCAPTCHA v3 for security and analytics. The CMS appears to be a custom solution (VismoWeb5) developed by WEBHOUSE, s.r.o. The site is mobile optimized, accessible, and includes a GDPR-compliant cookie consent mechanism. Performance is moderate, with room for improvement in security headers and technical optimizations. From a security perspective, the site uses HTTPS and integrates reCAPTCHA to mitigate automated abuse. However, no explicit HTTP security headers were detected, and no security.txt or incident response policies are published. The WHOIS data is unavailable, likely due to privacy protection, which is common for municipal domains. No vulnerabilities or exposed sensitive data were found in the HTML content. Overall, the security posture is good but could be enhanced with additional headers and transparency. The overall risk assessment is low, with the site appearing legitimate and professionally maintained. Strategic recommendations include implementing security headers, publishing security and incident response policies, improving WHOIS transparency if possible, and continuing regular audits of third-party scripts. These steps will enhance trust, compliance, and security resilience.

S

StyleShout

styleshout.com

52

StyleShout is a niche online platform specializing in providing free and premium responsive website templates primarily targeting web designers, developers, and small businesses. Established in 2006, the site has a long-standing presence and offers a curated collection of modern, minimalistic templates to facilitate quick and easy website creation. The business model leverages free template distribution supplemented by premium offerings and affiliate marketing partnerships, positioning StyleShout as a trusted resource in the web design community. Technically, the website is built on WordPress 6.8.3, utilizing common web technologies such as PHP, jQuery, and Google Fonts. It integrates multiple third-party services including Google Analytics, Google Tag Manager, Facebook SDK, and Adsense for analytics and monetization. Hosting is provided by Hostinger, a reputable provider. The site demonstrates good mobile optimization and SEO practices, though accessibility features are basic. From a security perspective, the site benefits from HTTPS encryption and domain transfer protection but lacks advanced security headers and DNSSEC, which are recommended for enhanced protection. Privacy compliance is basic, with a privacy policy and terms of service present but no cookie consent mechanism or explicit GDPR compliance indicators. Incident response and vulnerability disclosure policies are not evident. Overall, StyleShout presents a professional and trustworthy online presence with solid business credibility and technical infrastructure. Strategic improvements in security headers, privacy compliance, and cookie consent would enhance its security posture and regulatory adherence.

S

SiteOrigin

siteorigin.com

60

SiteOrigin is a well-established provider of free and premium WordPress themes and plugins, founded in 2004. The company offers a suite of tools including a drag-and-drop Page Builder, Widgets Bundle, CSS editor, and premium addons under SiteOrigin Premium. Their market position is strong within the WordPress ecosystem, supported by over 2.5 million installs and active community engagement through forums and social media. The website is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content for WordPress users and developers. Technically, the site runs on WordPress with a modern tech stack including jQuery, Google Analytics, Google Tag Manager, and Cloudflare DNS services. The site uses HTTPS with a good SSL configuration but lacks DNSSEC. Performance is moderate with good mobile optimization. SEO and accessibility are basic to good, with room for improvement in accessibility features. From a security perspective, the site benefits from HTTPS and domain registration protections but lacks visible security headers and published security policies or incident response information. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is limited as no explicit privacy or cookie policies were found, and GDPR compliance is not clearly indicated. Contact information such as emails or phone numbers is not explicitly provided, which may impact user trust. Overall, SiteOrigin presents a trustworthy and professional online presence with a solid business model and technical foundation. Strategic improvements in privacy compliance, security policy transparency, and contact information availability would enhance their security posture and user trust.

A

Art Jameel

hayyjameel.org

56

Hayy Jameel is a prominent arts complex and creative hub located in Jeddah, Saudi Arabia, developed and managed by Art Jameel. The organization focuses on fostering culture-oriented communities by hosting exhibitions, cinema events, learning programs, residencies, and cultural festivals. The website reflects a well-established non-profit entity with a clear mission to promote arts and culture in the region. Technically, the site is built on WordPress with modern frameworks and libraries, ensuring good performance, mobile optimization, and SEO compliance. Security posture is solid with HTTPS enforcement and domain locking, though DNSSEC is not enabled and no explicit security or incident response policies are published. Privacy compliance is basic, with cookie and terms of use policies present but lacking consent mechanisms. Overall, the site is professional, trustworthy, and serves its target audience effectively.

V

Vitart

soundofvitart.cz

40

Vitart is a small, professionally equipped recording studio located in Příbram, Czechia, specializing in music recording, mixing, mastering, and production services including scenic and film music. The website is built on WordPress with Elementor and integrates Google Analytics for tracking. The technical infrastructure is modern and performance is moderate with good mobile optimization. Security posture is adequate with HTTPS enabled but lacks security headers and formal privacy or cookie policies, indicating compliance gaps. No WAF or blocking mechanisms were detected, and the domain registration data is consistent and legitimate. Overall, the website presents a credible local business with room for improvement in privacy and security compliance.

L

Lean Industry

leanindustry.cz

46

Lean Industry is a Czech-based consulting company specializing in lean manufacturing, Industry 4.0, and management consulting services. With over 15 years of experience, they target industrial and manufacturing firms to improve operational efficiency and reduce costs. Their website reflects a professional and consistent brand image, offering services such as management consulting, lean production methods, and tailored education programs. The company presents itself as a trusted partner with client testimonials and a broad portfolio of client logos. Technically, the website is built on WordPress using the Divi theme, incorporating modern web technologies including jQuery, Google Tag Manager, and Mailchimp for marketing automation. The site is mobile-optimized and includes accessibility and SEO best practices. Security measures include HTTPS enforcement and CAPTCHA protection on contact forms, although some security headers are missing. The security posture is solid with no visible vulnerabilities or exposed sensitive data. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism aligned with GDPR requirements. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy, which slightly impacts trustworthiness. Overall, Lean Industry's digital presence is professional and secure, supporting their business model effectively. Strategic improvements in security headers and domain transparency would enhance their security and credibility further.

C

CEE Automotive Supply Chain

ceeautomotive.eu

65

CEE Automotive Supply Chain 2025 is a professional event platform focused on the automotive industry in Central and Eastern Europe, particularly the V4 countries and Austria. It organizes conferences, networking evenings, and B2B matchmaking meetings to connect automotive professionals and companies. The platform leverages the b2match event system and integrates Google Analytics and Tag Manager for visitor insights with GDPR-compliant consent mechanisms. The website is well-structured, mobile-optimized, and provides comprehensive event information and partner details. Security posture is solid with HTTPS and cookie consent, though explicit security policies and incident response details are absent. WHOIS data is not publicly available due to EURid privacy policies, which is typical for EU domains and does not detract from legitimacy. Overall, the site presents a trustworthy and professional digital presence for the event.

F

FasterFish s.r.o.

fasterfish.cz

60

FasterFish s.r.o. is a Czech-based consulting and organizational development company founded in 2020. The company specializes in helping businesses and individuals improve efficiency, collaboration, and engagement through methodologies such as Vektoring and synergogika. Their services include workshops, coaching, leadership development, and conferences aimed at fostering healthy corporate culture and sustainable growth. The website is professionally designed, well-structured, and provides comprehensive information about their offerings and client testimonials, positioning them as a trusted partner in their niche market. Technically, the website is built on WordPress and leverages common web technologies including jQuery, Google Analytics, Facebook Pixel, and LinkedIn Insight Tag for analytics and marketing. Hosting and domain registration are managed by WEDOS, a Czech provider, ensuring regional consistency. The site implements HTTPS with a valid SSL certificate and includes a GDPR-compliant cookie consent mechanism, reflecting a mature digital infrastructure. From a security perspective, the website enforces HTTPS and uses cookie consent banners to comply with privacy regulations. However, no explicit security headers were detected in the HTML content, and there is no publicly available security policy or incident response information. The site does not expose sensitive data and uses secure forms for contact and newsletter subscriptions. Overall, the security posture is good but could be enhanced by adding security headers and incident response details. The domain WHOIS data aligns well with the website's business claims, showing consistent registration details and appropriate domain age. No suspicious patterns or privacy protection obfuscations were found, supporting the legitimacy of the business. The website content is safe for general audiences, with no adult or questionable material detected. Strategically, FasterFish should consider enhancing their security posture by implementing recommended HTTP security headers and publishing a formal security policy. Maintaining transparency in data protection and incident response will further build trust with clients and partners. Continued focus on content quality and user experience will support their market position as a specialized organizational development consultancy.

O

OLTIS Group

irfc.eu

66

The International Railway Forum & Conference (IRFC) website represents a well-established event organizer, OLTIS Group, focusing on the European railway and transport sector. The site provides comprehensive information about the conference, including speakers, sponsors, venue, and ticketing. The business is positioned as a key player in the international rail event market, supported by government patronage and European institutions, enhancing its credibility and reach. Technically, the website is built on WordPress with a modern tech stack including jQuery, Google Analytics, and Google Maps API. The site is mobile-optimized and offers a good user experience with clear navigation and professional design. However, some technical improvements could be made in accessibility and performance optimization. From a security perspective, the site uses HTTPS and employs Google reCAPTCHA for forms, but lacks explicit security headers and published security policies. Privacy compliance is partial, with a privacy policy present but no cookie consent mechanism detected. No critical vulnerabilities or suspicious content were found. Overall, the website presents a moderate risk profile with good business credibility but room for improvement in security and privacy compliance. Strategic enhancements in security policies, cookie consent, and security headers would strengthen trust and compliance.

A

ABF Expo Praha spol. s r.o.

energosummit.cz

54

Czechbus is a well-established Central European trade fair specializing in buses, public transport, telematics, and service technology. Organized by ABF Expo Praha spol. s r.o., it targets B2B professionals in the transportation sector and is held at the PVA EXPO PRAHA venue in Letňany. The website presents a professional and consistent brand image with clear navigation and relevant content for its audience. Technically, the site uses a mix of modern and somewhat outdated technologies, including Bootstrap and jQuery 1.12.4, with multiple analytics tools integrated. Security posture is adequate with HTTPS and cookie consent mechanisms but lacks advanced security headers and explicit security policies. Privacy compliance is basic, with no visible privacy or terms of service pages. Overall, the site is trustworthy and safe for general audiences.

C

CE-PA spol. s r.o.

konferencefenomen.cz

45

The website konferencefenomen.cz represents CE-PA spol. s r.o., organizing the Fenomén business conference series in the Moravia region of the Czech Republic. It is positioned as the largest business conference on Moravia, focusing on business, HR, innovation, and AI, targeting professionals and elites in the Czech business community. The site offers event information, video recaps, photo galleries, and ticket sales via WooCommerce. The business model centers on event organization and ticketing services. The domain is relatively new, created in 2022, consistent with the conference's recent editions.

Z

Z-Group bus a.s.

karierazavolantem.cz

42

Z-Group bus a.s. is a well-established transportation company in the Czech Republic, operating since 1992. It provides a wide range of bus transportation services including regional, urban, and international routes, serving millions of passengers annually. The company also focuses on recruitment and career opportunities for bus drivers across multiple regions. The website reflects a professional and consistent brand image with clear business information and partner affiliations. Technically, the site is built on WordPress with modern JavaScript libraries and includes GDPR-compliant cookie management and Google Analytics integration. Security posture is strong with HTTPS and reCAPTCHA, though some security headers could be improved. The absence of WHOIS data limits domain trust verification but does not detract from the overall legitimacy of the business. Strategic recommendations include enhancing security headers, adding a terms of service page, and publishing a security.txt file for vulnerability disclosures.

Munck Asfalt is a Danish company specializing in asphalt production and paving services for various infrastructure projects including motorways, country roads, municipal roads, bridges, industrial areas, and parking lots. The company targets both private and business customers, positioning itself as a local/regional supplier with its own asphalt factories. The website is built on the SiteSuite CMS platform and integrates modern web technologies such as jQuery, Google Analytics, Google Tag Manager, and Cookiebot for GDPR compliance. The digital maturity is moderate with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS usage and cookie consent management, but lacks visible security headers and explicit security policies. Privacy compliance is supported by Cookiebot, though no dedicated privacy policy or terms of service pages were found. Overall, the website presents a professional and trustworthy image consistent with a small business in the energy and transportation sector.

D

DTL - Danske Vognmænd

dtl.eu

64

DTL - Danske Vognmænd is a Danish transport association providing news, political advocacy, member benefits, consulting, and training services to transport companies and truck owners in Denmark. The website is professionally designed with clear navigation and is targeted at transport professionals and companies. The technical infrastructure includes modern web technologies such as HTML5, CSS3, JavaScript, FontAwesome icons, and tracking tools like Google Analytics and Facebook Pixel. Cookie consent is managed via CookieHub, indicating attention to privacy compliance, although no explicit privacy policy or terms of service pages were found in the provided content. Security posture is moderate with HTTPS enabled and no visible security headers, suggesting room for improvement in security best practices. Overall, the website is trustworthy and serves its business purpose effectively, but could enhance compliance and security transparency.

M

Město Roudnice nad Labem

roudnicenl.cz

46

Město Roudnice nad Labem operates an official municipal website serving residents, tourists, and local businesses by providing timely news, public service information, event announcements, and access to official documents. The site positions itself as a trusted government resource with a clear focus on community engagement and transparency. The business model is public service oriented, with a medium-sized municipal scope in the Czech Republic. The website is well-branded and consistent with government standards, featuring partner and certification logos that enhance trust. Technically, the website employs modern frontend technologies including Bootstrap, jQuery, and Fancybox, supported by Google Analytics and Tag Manager for user tracking and marketing insights. The site is mobile optimized and performs moderately well, though there is room for improvement in accessibility and SEO. Hosting and domain registration are consistent with Czech providers, and the domain age supports the site's legitimacy. From a security perspective, the site enforces HTTPS and implements a detailed cookie consent mechanism compliant with GDPR. However, explicit security headers and incident response policies are not evident, suggesting opportunities to strengthen security posture. No vulnerabilities or suspicious patterns were detected in the content or WHOIS data. Overall, the website presents a low-risk profile with strong business credibility and privacy compliance. Strategic recommendations include enhancing security headers, publishing security policies, and improving accessibility to further solidify trust and compliance.

J

JK Machinery s.r.o.

jk-machinery.cz

41

JK Machinery s.r.o. is a Czech-based manufacturing company specializing in the design and production of agricultural machinery and technology solutions. With over 30 years of experience, the company offers comprehensive services including equipment manufacturing, technology design, installation, and after-sales support. Their market presence spans 42 countries with a strong client base exceeding 2500 satisfied customers. The website reflects a professional and consistent brand image, targeting agricultural businesses and food industry enterprises globally. Technically, the website is built on WordPress with modern frameworks such as Bootstrap and utilizes popular analytics and marketing tools including Google Analytics, Facebook Pixel, and Hotjar. The site is mobile-optimized and demonstrates good SEO practices. Hosting is provided by Active24, a reputable provider, and the site uses HTTPS with a valid SSL certificate ensuring secure communications. From a security perspective, the site employs Google reCAPTCHA on its contact forms to mitigate spam and abuse. However, it lacks explicit security headers and does not provide a public security policy or incident response information. Privacy and cookie policies are present and indicate GDPR compliance, though more detailed data retention policies are not disclosed. No vulnerabilities or suspicious content were detected during analysis. Overall, JK Machinery's website is a well-maintained digital asset that supports its business objectives effectively. The security posture is solid but could be enhanced by implementing additional security headers and publishing incident response and vulnerability disclosure policies. The company demonstrates strong business credibility and international reach, making it a trustworthy entity in its sector.

A

Aseta Group s.r.o.

inexcz.cz

50

Aseta Group s.r.o. is a well-established facility management company operating in the Czech Republic with over 30 years of experience. The company offers a broad range of services including technical building management, cleaning, waste management, outdoor maintenance, substitute fulfillment, and security services. Their market position is strong, supported by a large workforce and numerous active contracts, indicating a significant presence in the facility management sector. The website reflects a professional and consistent brand image, targeting businesses and institutions requiring comprehensive facility services. Technically, the website uses modern technologies such as jQuery, Tailwind CSS, and Google Analytics, with a custom or Nette-based CMS. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers and explicit security policies. The absence of WHOIS data is a notable gap, reducing trustworthiness and requiring further verification. Overall, the site is professional and trustworthy but could improve transparency in domain registration and security disclosures.

Ú

Ústecká komunitní nadace

komunitninadace.cz

58

Ústecká komunitní nadace is a well-established non-profit community foundation based in Ústí nad Labem, Czech Republic, with roots dating back to 1993. The organization focuses on supporting local community projects through grants and donations, aiming to improve the quality of life in the Ústecký region. Their website reflects a professional and consistent brand image, providing clear information about their mission, donors, and supported projects. The foundation maintains active partnerships with reputable organizations and has a visible presence on major social media platforms. Technically, the website is built on WordPress using the Elementor framework, incorporating modern web technologies such as Google Analytics, Facebook Pixel, and lazy loading for images. The site is mobile-optimized and demonstrates good SEO practices, although some accessibility features could be enhanced. Performance is moderate, with room for improvement in loading speed and security headers. From a security perspective, the site uses HTTPS with a strong SSL configuration but lacks several recommended security headers. No critical vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear GDPR and cookie policies, including consent mechanisms. However, the site does not publish explicit security policies, incident response contacts, or vulnerability disclosure information, which could be areas for future enhancement. Overall, the website presents a trustworthy and credible image for a non-profit organization, with a solid technical foundation and good privacy practices. Strategic improvements in security headers, incident response transparency, and accessibility would further strengthen their digital maturity and risk posture.

Město Štětí operates an official municipal website serving as the primary information portal for the city and its residents. The site provides comprehensive details about city administration, local services, events, and contact information. It targets local citizens and visitors seeking official information. The website is built on Joomla CMS with modern frontend technologies including Bootstrap, jQuery, and Swiper.js, ensuring a responsive and user-friendly experience. The presence of GDPR-compliant cookie consent and clear contact details reflects a commitment to privacy and transparency. However, the absence of WHOIS data limits domain registration trust verification. Security posture is solid with HTTPS and cookie management, but lacks published security policies or incident response contacts. Overall, the site is professional, trustworthy, and well-maintained, serving its public sector role effectively.

Jasnet, spol. s r.o. is a small Czech Republic-based company specializing in graphic design, multimedia presentations, IT hardware and software sales, network management, and production and advertising services. Their website presents a clear overview of their business offerings and contact information, targeting local businesses and organizations in need of multimedia and IT solutions. The company appears to be a local service provider with a focus on creative and technical services. Technically, the website uses Google Tag Manager and Google Analytics for tracking and marketing purposes, but lacks advanced technical frameworks or CMS platforms. The site is accessible without any WAF or security challenges, but lacks modern security headers and visible SSL configuration details. The website design and content quality are basic, with no detected forms or advanced user interaction features. From a security perspective, the absence of WHOIS data reduces transparency and trust slightly, although the website provides detailed contact information and company registration numbers. No privacy, cookie, or terms of service policies are present, indicating gaps in compliance with GDPR and other privacy regulations. The security posture is moderate but could be improved by implementing HTTPS, security headers, and publishing privacy-related policies. Overall, the website is functional and safe for general audiences but would benefit from enhanced security measures, privacy compliance, and improved technical implementation to increase trust and professionalism.

H

Hospic sv. Štěpána Litoměřice

prohospic.cz

42

The website prohospic.cz represents a small non-profit hospice organization based in Litoměřice, Czech Republic, focused on providing home-based palliative care for terminally ill patients. It serves as an informational and donation platform, targeting local donors and families seeking hospice services. The site is professionally designed with consistent branding and clear donation options, including detailed explanations of donation impacts. Technically, the site uses a custom CMS by Jasnet, with common JavaScript libraries such as jQuery and Modernizr, and integrates Google Analytics and Tag Manager for visitor tracking. Mobile optimization and user experience are good, though some technical debt is present due to outdated libraries. Security posture is moderate; HTTPS is implied but no explicit security headers were detected, and the use of outdated jQuery versions poses potential risks. Privacy compliance is basic but includes a cookie consent mechanism and a privacy policy page. No terms of service or incident response policies are published, which could be improved. Overall, the domain registration data is consistent and supports the legitimacy of the organization. Strategic improvements in security and compliance would enhance trust and resilience.

F

FW Africa

foodbusinessafrica.com

47

Food Business Middle East & Africa, operated by FW Africa, is a leading media publication and event organizer focused on the food and beverage industry across Africa and the Middle East. The website serves as a comprehensive platform providing industry news, insights, and advertising opportunities targeting business owners, CEOs, and professionals in the sector. It holds a strong market position as the No.1 food and beverage industry magazine and website in the region, supported by a consistent brand presence and professional content quality. Technically, the website is built on WordPress using the Pressbox theme and Divi Builder framework, integrating modern technologies such as Google Tag Manager, Google Analytics, Matomo Analytics, and advanced advertising plugins. The site demonstrates good performance, mobile optimization, and SEO practices, ensuring a positive user experience and accessibility. From a security perspective, the site enforces HTTPS with strong SSL configuration and includes essential security headers. Privacy and cookie policies are present and GDPR compliant, with consent mechanisms implemented. However, explicit security policies, incident response contacts, and vulnerability disclosure mechanisms are absent, representing areas for improvement. Overall, the website presents a low-risk profile with a mature digital presence, though the lack of WHOIS data and some security policy disclosures slightly reduce trustworthiness. Strategic recommendations include publishing security and incident response policies, adding vulnerability disclosure information, and enhancing transparency around data protection officers to strengthen compliance and trust.

I

Italyexport

italyexport.net

62

Italyexport is a specialized magazine dedicated to promoting Italian products worldwide, with a focus on sectors such as food, hardware, houseware, and horeca. Established in 1984, it serves as a key promotional platform for Italian exporters targeting international markets. The website is built on WordPress using the Divi theme and integrates modern marketing and analytics tools such as Google Tag Manager and Google Analytics. It demonstrates good digital maturity with GDPR compliance and cookie consent mechanisms in place. Security posture is adequate with HTTPS enforced, though some security headers are not explicitly detected. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the professional presentation and long-standing business history support legitimacy. Overall, the website is a credible resource for Italian export promotion, though improvements in published contact and security policies would enhance trust.

C

Chrysler Center

mintzedge.com

63

MintzEdge is a resource platform aimed at entrepreneurs, providing insights and tools to support the growth and development of startups and small businesses. The website is professionally designed using Squarespace, featuring relevant content targeted at entrepreneurial audiences. The business operates from New York, USA, and maintains a LinkedIn presence, enhancing its credibility. Technically, the site employs modern web technologies including Google Analytics for tracking and OneTrust for cookie consent, indicating a moderate level of digital maturity. Security posture is generally good with HTTPS enforced and cookie consent mechanisms in place; however, the absence of security headers and privacy policy pages suggests room for improvement. The lack of WHOIS data for the domain raises concerns about domain registration legitimacy, which should be verified to ensure trustworthiness. Overall, the site presents a professional and business-focused front but would benefit from enhanced transparency and security practices.

V

Verdo

verdo.com

64

Verdo is an energy solutions company specializing in sustainable energy production, energy savings, and bioenergy fuel sales. The website presents a professional and consistent brand image targeting general and business audiences interested in sustainable energy. The technical infrastructure includes modern analytics and marketing tools such as Google Analytics, Microsoft Clarity, and LinkedIn marketing integrations, supported by a cookie consent mechanism that complies with GDPR principles. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and branding mitigate some risk. Security posture is moderate with room for improvement in security headers and published security policies. Overall, the website is functional and professional but requires enhanced transparency and security practices to improve trust and compliance.

H

Hospic sv. Štěpána, z.s.

hospiclitomerice.cz

45

Hospic sv. Štěpána Litoměřice is a well-established non-profit healthcare organization providing comprehensive hospice and palliative care services in the Czech Republic since 2004. The website serves as an informative platform for patients, families, healthcare professionals, and donors, detailing services such as inpatient care, home hospice, counseling, and educational programs. The organization maintains a strong community presence and partnerships with governmental and charitable entities. Technically, the website is built on ASP.NET WebForms with modern JavaScript libraries and integrates Google Analytics and Facebook Pixel for user tracking. The site is mobile-optimized and professionally designed, offering a good user experience. Security posture is adequate with HTTPS enforced and secure form handling, though it lacks some advanced security headers and a published vulnerability disclosure policy. Privacy compliance is partial, with a cookie consent mechanism present but no explicit privacy or terms of service pages. Overall, the site is trustworthy and credible, reflecting the organization's mission and operational maturity.

B

Běhy pro hospice

behyprohospice.cz

54

Běhy pro hospice is a Czech non-profit platform established in 2017 that organizes charity running events and personal challenges to support hospice care across the Czech Republic. The website encourages public participation through runs and donations, aiming to fulfill the wish of many terminally ill people to remain at home at the end of life. The platform is partnered with Nadacni fond Avast, enhancing its credibility and reach. Technically, the website uses AngularJS framework with integration of Google Tag Manager and Google Analytics for tracking. The site is mobile optimized and provides a good user experience with clear navigation and calls to action. Hosting and domain registration are consistent with the Czech market and business focus. From a security perspective, the site uses HTTPS and asynchronous loading of tracking scripts, but lacks visible security headers and cookie consent mechanisms, which are recommended for GDPR compliance. No critical vulnerabilities or exposed sensitive data were detected. Privacy policy is present but cookie policy and terms of service are missing or not clearly linked. Overall, the website presents a trustworthy and professional front for a small non-profit organization with moderate technical maturity. Strategic improvements in privacy compliance and security headers would enhance its posture and user trust.

Palla Media, s.r.o. is a small Czech media company that has announced the termination of its brand effective March 13, 2025. The website serves primarily as an informational portal to communicate this change to its audience and maintain contact channels under a different brand. The company operates in the media sector and targets a general audience including existing clients and partners. The business model appears to be service-oriented media provision with a local market focus. Technically, the website employs modern web technologies including Google Tag Manager, Google Analytics, Bootstrap 5, and jQuery. Hosting is provided by VAS Hosting, with domain registration consistent with the company's location and founding date. The site is mobile optimized and includes cookie consent mechanisms compliant with GDPR requirements. Performance is moderate with good SEO and basic accessibility features. From a security perspective, the website enforces HTTPS and uses cookie consent with opt-in for analytics and advertising cookies. However, no explicit security policy or incident response information is published, and security headers are not detected in the provided data. No vulnerabilities or exposed sensitive data were found. The security posture is adequate but could be improved with additional policies and headers. Overall, the website is professional and trustworthy with moderate risk. Strategic recommendations include publishing security and incident response policies, enhancing security headers, and maintaining transparency in data protection practices to improve compliance and trust.

T

tiptop GROUP

tiptop-group.de

51

tiptop GROUP is a German-based company specializing in comprehensive building and industrial cleaning services, including facility maintenance and security services. The website presents a professional image with clear service offerings and multiple subsidiary brands, positioning itself as a regional expert in the real estate services sector. The technical infrastructure is modern, leveraging WordPress with Elementor, Google Tag Manager, and performance optimization plugins, indicating a mature digital presence. Security posture is adequate with HTTPS and anti-spam measures, but lacks published privacy policies and incident response contacts, which are critical for compliance and trust. Overall, the site is functional and professional but would benefit from enhanced privacy and security disclosures to improve compliance and user trust.

E

Event Engine CMS Ltd

eventengine.tv

66

Event Engine CMS Ltd is a specialized web development company focused on delivering custom web applications and software solutions for the events industry. Founded in 2016 and based in Great Britain, the company offers a range of products including a CMS platform (Rondayvoo CMS), live streaming and networking solutions (Rondayvoo Live), and AI-powered content assistants (Rondayvoo AI). Their market position is that of a niche provider trusted by notable event brands and professional conference organizers. The website reflects a professional and consistent brand image with excellent content quality and clear service offerings. Technically, the website is built on WordPress using modern frameworks such as the Bricks theme builder and The SEO Framework plugin. It employs standard web technologies including JavaScript, jQuery, and integrates Google Analytics and Google Tag Manager for analytics. The site is mobile-optimized and SEO-friendly, though performance is moderate. Hosting appears to be via NameCheap, consistent with the registrar information. From a security perspective, the site uses HTTPS with a valid SSL certificate and has domain transfer protections enabled. However, the contact form's Google reCAPTCHA implementation is broken due to an invalid site key, which poses a risk of spam. Additionally, security headers are not detected, and there is no visible incident response or vulnerability disclosure information. Privacy and cookie policies are present and appear GDPR compliant. Overall, the website demonstrates a solid business credibility and technical maturity with minor security and compliance gaps. Strategic improvements in security controls and transparency would enhance trust and reduce risk.

The website 'eefhsrv.com' represents 'Event Engine', a technology platform focused on event services. The site is built on WordPress with a basic but consistent branding and content structure. It leverages modern web technologies including Bootstrap and Google Analytics, indicating a moderate level of digital maturity. However, the content is minimal, with no privacy policy, terms of service, or contact information readily available, which limits transparency and user trust. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published policies. Overall, the site is functional but would benefit from enhanced compliance and security documentation to improve trust and regulatory adherence.

E

Entwässerungsbetrieb Lutherstadt Wittenberg

abwasser-wittenberg.de

58

The Entwässerungsbetrieb Lutherstadt Wittenberg is a municipal utility specializing in wastewater management and treatment services for the Lutherstadt Wittenberg region in Germany. The website serves as an informational portal providing details on wastewater treatment plants, sewer networks, disposal services, environmental protection, and customer service. It is part of the Stadtwerke Lutherstadt Wittenberg group, indicating a stable local market position with a medium-sized operational scale. The company emphasizes environmental responsibility and community service. Technically, the website is built on the TYPO3 CMS platform, utilizing modern JavaScript libraries such as jQuery and Swiper.js, and integrates accessibility tools like eyeAble. The site is mobile-optimized, well-structured, and includes SEO best practices. Security-wise, the site enforces HTTPS and implements a robust cookie consent mechanism, though it lacks explicit security headers and published incident response policies. Overall, the website demonstrates a good security posture with room for improvement in formal security documentation and header implementation. The domain WHOIS data is minimal but consistent with the business profile, and no suspicious indicators are present. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and continuous monitoring of third-party scripts to maintain security and compliance.

Konzertbüro Leipzig, operating under the agency name SADLERMUSIC since 2002, is a small German event management company specializing in organizing live concerts across various genres. The company offers comprehensive services including event planning, PR, technical and gastronomic support, and ticketing. The website is built on WordPress with a focus on event calendar management and SEO optimization, reflecting a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no exposed sensitive data, but lacks advanced security headers and explicit privacy policies. Overall, the website is professional and functional but could improve in privacy compliance and contact transparency to enhance trust and security.

Karsan is a well-established Turkish automotive manufacturer specializing in commercial vehicles such as minibuses, buses, and electric minibuses. With over 50 years of experience, the company positions itself as a key player in the Turkish transportation manufacturing sector, targeting commercial vehicle buyers and industry partners. The website reflects a professional and consistent brand image with multilingual support, indicating an international market focus. Technically, the site employs modern frameworks like Bootstrap and integrates common analytics and marketing tools such as Google Analytics and Facebook Pixel. Security measures include HTTPS enforcement and standard security headers, though there is a lack of publicly available security policies or incident response information. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the overall business credibility remains high based on website content and contact information. Strategic recommendations include publishing security policies and incident response contacts to enhance trust and compliance.

P

PT Jakarta International Expo

jiexpo.com

51

Jakarta International Expo (JIEXPO) is a large-scale event venue provider based in Indonesia, offering convention, exhibition, and theatre facilities. The website presents a professional and consistent brand image targeting event organizers and exhibitors in the hospitality sector. The technical infrastructure is built on WordPress with modern plugins and tracking tools, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks advanced security headers and formal privacy or cookie policies. WHOIS data is incomplete, which slightly impacts trustworthiness but the website content and branding support legitimacy. Overall, the site is functional and well-structured but could improve privacy compliance and security transparency.

M

Michael Heilemann

binarybonsai.com

58

The website binarybonsai.com serves as a personal portfolio and blog for Michael Heilemann, a design professional affiliated with Squarespace. The site showcases blog content focused on design, architecture, and personal insights, targeting a general audience interested in these topics. The business model is primarily personal branding and content sharing, with no commercial transactions or services offered directly through the site. The market position is that of an individual professional with a strong online presence supported by social media profiles and a well-maintained blog. Technically, the site is built on the Squarespace platform, leveraging its CMS capabilities, integrated Google Analytics and Tag Manager for visitor tracking, and Typekit for fonts. The site demonstrates moderate performance and good mobile optimization, with basic accessibility features. SEO is adequately addressed through meta tags and structured data. The hosting and infrastructure are managed by Squarespace, ensuring reliable uptime and standard security measures. From a security perspective, the site enforces HTTPS and has domain transfer and update locks enabled, indicating a basic but effective security posture. However, it lacks DNSSEC and HSTS headers, which are recommended to enhance DNS and transport security. No formal security policies, incident response plans, or vulnerability disclosure mechanisms are published, which is typical for a personal portfolio site but represents an area for improvement. Privacy compliance is minimal, with no privacy or cookie policies present, which could be a concern depending on visitor jurisdiction. Overall, the site is low risk, professionally maintained, and trustworthy as a personal portfolio. Strategic recommendations include implementing DNSSEC, enabling HSTS, publishing privacy and cookie policies to improve compliance, and considering a vulnerability disclosure statement to enhance transparency and trust.

N

N+P Informationssysteme GmbH

spartacus-fm.de

60

N+P Informationssysteme GmbH operates the SPARTACUS Facility Management software platform, a comprehensive CAFM solution designed to optimize facility management processes such as maintenance, space management, energy controlling, and cost tracking. Established in 1996, the company holds a solid market position with over 200 customers and a strong presence in Germany. The website reflects a professional and consistent brand image, targeting facility management professionals and organizations seeking integrated software solutions. Technically, the site is built on TYPO3 CMS with modern JavaScript libraries and integrates marketing and analytics tools such as HubSpot, Google Analytics, and Usercentrics for consent management. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some HTTP security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and GDPR adherence. Overall, the website demonstrates a mature digital presence aligned with business goals and compliance requirements.

N

N+P Informationssysteme GmbH

nuptools.de

58

N+P Informationssysteme GmbH operates the NuPTools website offering proprietary productivity software components designed to enhance IT core systems in manufacturing and construction industries. With over 30 years of experience, the company provides tailored IT solutions including automation tools for Autodesk Inventor, Vault, APplus, and PRO.FILE, supporting digital transformation initiatives such as Industry 4.0 and BIM. The website is built on TYPO3 CMS and integrates modern marketing and analytics technologies including HubSpot, Google Analytics, and Usercentrics for GDPR-compliant cookie management. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though security headers and explicit policies could be improved. Overall, the site presents a professional, trustworthy digital presence aligned with the company's business focus and market position.

M

MacAlister Elliott & Partners Ltd

macalister-elliott.com

56

MacAlister Elliott & Partners Ltd is a specialized consultancy focused on sustainable fisheries and aquaculture, providing expert services to governments, communities, and businesses worldwide. The company positions itself as a leader in environmental sustainability within the blue economy sector, offering a broad range of services including business planning, impact assessments, seafood supply chain improvements, and community support. The website reflects a professional and consistent brand image with clear service offerings and a target audience of stakeholders in fisheries and aquaculture. Technically, the website is built on WordPress with modern web technologies including Google Analytics and Tag Manager for tracking, Typekit fonts for typography, and various plugins for enhanced functionality such as maps and menus. The site is mobile optimized and demonstrates good SEO practices with structured data and meta tags. Performance is moderate with room for improvement in accessibility features. From a security perspective, the site uses HTTPS and anti-spam measures but lacks visible security headers and published security policies. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a concern for domain legitimacy and trustworthiness, warranting further investigation. Overall, the website is professional and trustworthy in content and presentation but would benefit from enhanced privacy compliance, security policy publication, and domain registration transparency to improve its security posture and user trust.

C

Control Union Global

petersoncontrolunion.com

75

Control Union Global is a large international service provider specializing in testing, inspection, certification, laboratory services, collateral management, and pest control. Operating in over 80 countries, the company targets businesses requiring trustworthy trade and compliance services. The website reflects a professional and consistent brand image with comprehensive privacy and cookie policies, indicating a mature approach to privacy compliance. Technically, the site is built on WordPress with modern technologies including Bootstrap, jQuery, and various analytics and tracking tools such as Google Analytics, Hotjar, and Sentry. The security posture is good with HTTPS enforced and cookie consent implemented, though some security headers are not detected and no explicit security or incident response policies are published. The WHOIS data is unavailable or privacy protected, which slightly reduces trust but is common for global enterprises. Overall, the website is well-structured, mobile-optimized, and provides a good user experience with clear navigation and relevant content.

8

80:20 Procurement

lscustoms.com

65

LS Customs is a UK-based customs consultancy specializing in bespoke customs compliance solutions primarily for the energy sector. The company positions itself as a trusted partner to businesses needing to comply with HMRC regulations, offering expert advice and implementation of customs processes. The website reflects a professional and well-branded business with ISO certifications and client testimonials that reinforce its credibility. Technically, the site is built on WordPress using Elementor and JetEngine plugins, with modern SEO and analytics tools integrated, including Google Analytics and Google Tag Manager. Security is well managed with HTTPS and appropriate security headers, although privacy and cookie policies are notably absent, representing a compliance gap. The WHOIS data for the domain is missing or unregistered, which raises concerns about domain legitimacy despite the professional web presence. Overall, the website is accessible, well-designed, and business-focused, but the lack of WHOIS data and privacy documentation should be addressed to improve trust and compliance.

I

Interrijn

interrijn.com

65

Interrijn is a well-established European water logistics and transportation company with over 50 years of experience, specializing in port logistics, floating storage, inland shipping, and project cargo including RoRo services. The company positions itself as a smart, green, and reliable partner for European supply chains, focusing on sustainable water-based transportation solutions. Their website reflects a professional and consistent brand image, targeting businesses requiring efficient cargo transport and storage solutions across European inland and seaports. Technically, the website is built on WordPress using the Enfold theme and integrates modern JavaScript libraries and Google Analytics for tracking. The site is mobile-optimized and provides clear navigation and comprehensive content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible security headers, which could be improved. The absence of WHOIS registration data is a notable anomaly that slightly impacts trust but does not overshadow the professional presentation and active business presence. Overall, Interrijn demonstrates a mature digital presence aligned with its business operations.

Z

Zentrum für Berufungspastoral

berufung.org

46

Zentrum für Berufungspastoral is a German non-profit organization dedicated to vocation pastoral care within the Catholic Church. The website provides resources, events, and contact information for diocesan vocation pastoral offices primarily targeting young people and church members in Germany and neighboring countries. The organization has an established presence since 2000, reflected by the domain age and consistent content. Technically, the site runs on TYPO3 CMS version 4.7 with common JavaScript libraries and Google Analytics for tracking, though the CMS version is outdated and may pose security risks. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks modern security headers and DNSSEC. Privacy compliance is basic but present, with a privacy policy and cookie banner. Overall, the site is professional, trustworthy, and safe for general audiences.

T

ThePay, a.s.

thepay.cz

64

ThePay, a.s. operates a payment gateway service primarily targeting e-commerce businesses in the Czech Republic and Slovakia. The company offers a variety of modern payment methods including card payments, PSD2-compliant payments, QR code payments, and supports multiple currencies. With over 3,000 clients, ThePay is positioned as a reliable and flexible payment solution provider in its market segment. The website reflects a professional and consistent brand image with clear navigation and multilingual support. Technically, the site employs modern analytics and tracking tools such as Google Analytics, Facebook Pixel, and Leady.cz, and implements cookie consent mechanisms to comply with privacy regulations. Security posture is solid with HTTPS enforced and PCI DSS certification displayed, although some security headers are missing and no explicit privacy policy or terms of service pages were found in the provided content. Overall, the site is well-structured and trustworthy, but could improve transparency and compliance documentation.

N

NordLab

nordlab.fi

53

NordLab is a publicly owned clinical laboratory service provider operating in northern Finland, serving healthcare professionals and patients with reliable and high-quality laboratory and sample collection services. The organization is owned by four northern welfare areas and focuses on ensuring the availability of advanced and trustworthy laboratory services to support regional healthcare. The website reflects a professional and regionally focused healthcare entity with clear service offerings and patient guidance. Technically, the site is built on WordPress with modern web technologies including jQuery, FontAwesome, and integrates Google Analytics and a chatbot service for enhanced user interaction. The site is mobile optimized and demonstrates good SEO and accessibility practices, though some accessibility features could be improved. Security posture is solid with HTTPS enforced and GDPR compliance evident through cookie consent mechanisms and a detailed privacy policy. However, the site lacks explicit security headers and published security or incident response policies, representing areas for enhancement. Overall, the domain registration data aligns well with the business claims, supporting the legitimacy and trustworthiness of the entity. The website is safe, professional, and well-suited for its healthcare audience.

N

National Heritage Institute (Národní památkový ústav)

zamek-slatinany.cz

43

The website represents the official online presence of the Slatiňany State Chateau, managed by the National Heritage Institute of the Czech Republic. It serves as a cultural heritage and tourism portal providing detailed visitor information, historical context, event announcements, and online ticketing options. The site targets tourists and cultural enthusiasts interested in historic sites and government-managed heritage locations. The business model is governmental and non-profit, focusing on preservation and public engagement. Technically, the website employs a modern tech stack including jQuery, Leaflet.js for maps, Google Analytics and Tag Manager for analytics, and uses Typekit and Google Fonts for typography. The site is hosted by REG-WEBGLOBE and uses HTTPS with cookie consent mechanisms that allow granular user control, indicating a mature digital infrastructure. Mobile optimization and accessibility are well addressed. From a security perspective, the site uses HTTPS and cookie consent but lacks explicit security policy pages and incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data is consistent with the business claims, showing a domain age appropriate for the institution. Overall, the site demonstrates a good security posture but could improve transparency on security policies. The overall risk is low given the official nature and absence of suspicious elements. Strategic recommendations include publishing a dedicated privacy policy on the main domain, adding security headers, and providing incident response contact details to enhance trust and compliance.

N

Nadace sester Boromejek

nadacesesterboromejek.cz

47

Nadace sester Boromejek is a Czech non-profit foundation dedicated to supporting individuals and organizations committed to helping others, particularly through the activities of the Boromejka sisters. The foundation facilitates financial and material donations, supports social and ecological projects such as the Hangáry Goretti initiative, and provides assistance to various charitable organizations. The website is professionally designed using WordPress with Elementor and Astra theme, featuring clear navigation and calls to action for donations. Social media presence on Facebook, Instagram, and YouTube enhances outreach and trust. Technically, the website employs modern web technologies and includes Google Analytics and Cookiebot for analytics and privacy compliance. The site is mobile-optimized and uses HTTPS, ensuring secure communication. However, explicit security headers are not fully implemented, and no detailed security or incident response policies are publicly available. The absence of WHOIS data for the domain reduces trustworthiness from a registration perspective, though the website content and social media presence suggest legitimate operations. Overall, the security posture is moderate with room for improvement in security headers and transparency. Privacy compliance is good with cookie consent mechanisms in place. The lack of explicit contact information and WHOIS data are notable gaps. Strategic recommendations include enhancing security headers, publishing detailed security and privacy policies, and verifying domain registration details to improve trust and compliance.