Security Directory

Kulturouseveru.cz is a regional cultural information portal focused on the Šluknovsko area in the Czech Republic. It provides schedules of cultural events, contact details for organizers, venues, and performers, serving local residents and visitors interested in cultural activities. The website has been operational since 2006, indicating a stable presence in its niche. The business model centers on providing free access to cultural event information, likely supported by local advertising. Technically, the site uses basic HTML and CSS with Google Analytics for visitor tracking. Hosting and domain registration are managed by WEDOS, a reputable Czech provider. The site lacks modern CMS or advanced frameworks, reflecting a simple but functional infrastructure. Security posture is moderate; HTTPS is assumed but no advanced security headers or protections are evident. Privacy and cookie policies are absent, indicating compliance gaps with GDPR. Contact information is clearly provided, enhancing business credibility. Overall, the site is safe, with no adult or questionable content detected. Recommendations include implementing privacy and cookie policies, enhancing security headers, and improving GDPR compliance to strengthen trust and security.

A

AU-MEX s.r.o.

osmo.cz

57

The website www.osmo.cz represents AU-MEX s.r.o., a company specializing in natural wood coatings and protective products under the OSMO brand. The business targets both consumers and professionals interested in natural oils and waxes for wood protection, offering a range of products including interior and exterior wood paints, maintenance items, and accessories. The site supports e-commerce functions and provides educational content such as blogs and usage calculators. Technically, the website employs established frontend technologies like Bootstrap, jQuery, and integrates tracking tools such as Google Analytics and Facebook SDK. It is mobile-optimized and presents a professional design with clear navigation. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks visible security headers and explicit privacy policy documentation, which are areas for improvement. The absence of WHOIS registration data reduces domain trustworthiness, though the website content and business information appear legitimate and consistent. Overall, the site is functional and professional but would benefit from enhanced security and compliance transparency.

D

DAF Trucks N.V.

daf.com

69

DAF Trucks N.V. is a prominent European commercial vehicle manufacturer specializing in a comprehensive range of trucks including the DAF Euro 6 XF, CF, and LF series. As a wholly-owned subsidiary of PACCAR Inc., DAF maintains a strong market position with extensive dealer networks and related services such as used trucks sales, bodybuilder information, and component supply. The website reflects a mature digital presence with professional design, clear navigation, and localized market sites for global reach. Technically, the site employs modern web technologies including jQuery, Google Tag Manager, and OneTrust for cookie consent management, indicating a commitment to privacy compliance and user experience. The site is mobile-optimized and SEO-friendly, though some improvements in accessibility and security headers could enhance its posture. Security-wise, the site uses HTTPS and cookie consent mechanisms but lacks explicit security policies or incident response contacts on the landing page. No vulnerabilities or exposed sensitive data were detected. The WHOIS data is unavailable or protected, which is common for large enterprises but slightly reduces transparency. Overall, the website is trustworthy, professional, and compliant with privacy regulations, serving its target audience effectively. Strategic recommendations include enhancing security headers, publishing security policies, and providing clearer contact information for security incidents.

R

RSJ Foundation

nadacersj.com

48

Nadace RSJ is a Czech non-profit foundation dedicated to supporting gifted children, mental health of youth, education, and philanthropy. The foundation operates under the parent company Finanční skupina RSJ and has a clear market position within the Czech philanthropic and educational sectors. The website is professionally designed, mobile-optimized, and provides clear navigation and contact information. Technically, the site uses modern frameworks such as Bootstrap and GSAP, with Google Analytics for user insights. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks DNSSEC and security headers, which are recommended for improvement. Privacy compliance is basic, with no explicit privacy policy or terms of service pages found. Overall, the site is trustworthy and safe for general audiences.

C

CRYSTAL CONSULTING, s.r.o.

crystalconsulting.sk

57

Crystal Consulting, s.r.o. is a Slovak-based IT company specializing in the development of web applications, SaaS software delivery, consulting, system integration, and outsourcing services primarily targeting public administration and healthcare sectors. The company offers certified software solutions such as Crystal Office for administrative automation and various agenda systems for public governance. Their market position is that of a reputable regional provider with ISO certifications underscoring their quality and security commitment. The website is professionally designed, mobile-optimized, and provides clear contact and business information, supporting a trustworthy digital presence. Technically, the site uses a custom CMS (BUXUS) with modern JavaScript libraries and Bootstrap framework, ensuring moderate performance and good SEO practices. Security posture is solid with HTTPS enforced and cookie consent implemented, though the absence of HTTP security headers and incident response contacts suggests room for improvement. Overall, the domain registration data aligns well with the business claims, reinforcing legitimacy and trust. No adult or questionable content is present, making the site safe for general audiences.

P

Perfalytics, Inc.

perfalytics.com

64

Freshpaint is a healthcare-focused privacy platform designed to help healthcare marketers and organizations manage their data in compliance with HIPAA regulations. The company offers a suite of services including a BAA-supported platform, safe-by-default data blocking, complete visitor journey tracking, and secure server-side connections to ensure sensitive health information is never shared with non-compliant advertising and analytics tools. Positioned as a specialized SaaS provider, Freshpaint targets healthcare marketers seeking to balance high-performance marketing with stringent privacy requirements. The website reflects a professional and consistent brand image, emphasizing trust and compliance.

A

AU-MEX s.r.o.

au-mex.cz

58

AU-MEX s.r.o. is a Czech company specializing in the wholesale and retail of wood products including wooden terraces, facades, floors, and protective coatings under the OSMO brand. With over 28 years of experience, the company positions itself as a reliable supplier with direct sourcing from manufacturers worldwide, offering a broad product range and logistics services. The website reflects a mature business with consistent branding and a professional online presence, including an e-commerce platform and active social media channels. Technically, the site uses modern web technologies such as Bootstrap, Google Tag Manager, and analytics tools, with a cookie consent mechanism in place. Security posture is adequate with HTTPS enforced but lacks some security headers and explicit security policies. WHOIS data is unavailable, which slightly impacts trust but the business information on the site is consistent and credible.

R

Racing Club de Strasbourg Alsace

rcstrasbourgalsace.fr

55

The Racing Club de Strasbourg Alsace official website serves as a comprehensive digital platform for fans, partners, and stakeholders of the professional football club. It provides detailed information about the club's teams, schedules, ticketing, merchandise, and corporate hospitality. The site demonstrates a strong market position within French professional football, leveraging digital channels to engage its audience effectively. Technically, the website is built on WordPress with a modern tech stack including jQuery, Font Awesome, and Google Analytics, ensuring a good user experience and SEO optimization. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved and WordPress updated to the latest version. Privacy compliance is moderate, with cookie policies present but no explicit privacy or terms of service pages detected. Overall, the site is professional, trustworthy, and safe for general audiences.

C

Centrum pro rodinu Ráj z.s.

raj-pavlovice.cz

55

Centrum pro rodinu Ráj z.s. is a Czech non-profit organization established in 2008, dedicated to supporting families through educational programs, leisure activities, and community events. The organization targets families, parents, and children primarily in the Pavlovice u Přerova region. Their offerings include courses, summer camps, counseling, and volunteer opportunities, positioning them as a trusted local family center. The website is built on Joomla CMS with a moderate technical infrastructure including Bootstrap and jQuery, hosted on a Czech hosting provider. It features a clean, mobile-optimized design with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and CSRF protections, but lacks some security headers and a cookie consent mechanism. Privacy compliance is partially addressed with a GDPR page but no cookie banner. Contact information is clearly provided, enhancing business credibility. Overall, the site is professional, trustworthy, and safe for general audiences.

C

ComArr, spol. s r.o.

comarr.cz

50

ComArr, spol. s r.o. is a Czech technology company specializing in IT solutions and software products primarily serving business customers in the transportation and IT sectors. Established in 1991, the company offers a range of services including software development, freight forwarding databases, helpdesk systems, medical transport dispatch, IT management outsourcing, and security systems. Their market position is that of a well-established local player with over 30 years of experience and strong partnerships with leading technology vendors. The website reflects a professional and consistent brand image with clear service offerings and customer support contacts. Technically, the website employs modern web technologies such as Bootstrap, jQuery, Google reCAPTCHA, and analytics tools, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and some security headers present, though additional headers and policies could enhance protection. Privacy compliance is partially addressed with a cookie consent banner but lacks a formal privacy policy or terms of service. Overall, the website is trustworthy and business-focused, with no adult or questionable content detected.

I

INVEST4EXCELLENCE

invest4excellence.eu

54

INVEST4EXCELLENCE is a European university alliance project focused on sustainable development research and innovation. The alliance comprises five universities across different European regions collaborating to develop integrated research strategies and educational tools. The website serves as a platform for disseminating project deliverables, publications, and tools such as a green competence self-assessment. The target audience includes academic partners, researchers, and regional stakeholders interested in sustainability and innovation. Technically, the website uses modern web technologies including jQuery, Bootstrap, Owl Carousel, and Google Analytics. It is mobile-optimized and includes accessibility features. However, some security best practices such as security headers are missing, and explicit privacy and terms policies are not found, which could be improved. The security posture is moderate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit data protection disclosures. No vulnerabilities or suspicious content were detected. The domain WHOIS data is unavailable due to EURid privacy restrictions, but the website content and partner affiliations indicate legitimacy. Overall, the website is professional and functional with good content quality and moderate security and privacy compliance. Strategic improvements in security headers, privacy policy publication, and incident response information would enhance trust and compliance.

H

House of trichomes

houseoftrichomes.cz

54

House of Trichomes is a Czech Republic-based e-commerce retailer specializing in CBD and cannabis-related products, including oils, flowers, seeds, and vapes. The company emphasizes certified, organic, and legal cannabis products, targeting mature consumers interested in health and wellness. The website is professionally designed, mobile-optimized, and offers multilingual and multi-currency support, primarily serving the Czech and European markets. Technically, the site runs on the Shoptet e-commerce platform, utilizing JavaScript, jQuery, Google Analytics, and Facebook SDK for tracking and marketing. Security posture is moderate with HTTPS enforced and cookie consent implemented, but the use of an outdated jQuery version and missing security headers present potential vulnerabilities. WHOIS data is unavailable, which limits domain trust verification. Overall, the site is functional, compliant with GDPR, and trustworthy from a business perspective, but improvements in security and domain transparency are recommended.

A

Asociace Aquaponických Farem, spolek

aaqp.eu

42

Asociace Aquaponických Farem, spolek is a non-profit association dedicated to uniting Central European aquaponic farms. The organization focuses on ecological farming, quality food production, climate change adaptation, and fostering collaboration among stakeholders. Their services include monitoring aquaponic systems, providing consultancy, and supporting farm implementation and operation. The website reflects a professional and consistent brand image targeting aquaponics practitioners and enthusiasts in the Czech Republic and surrounding regions. Technically, the site employs modern web technologies such as jQuery, Google Analytics, and Adobe Typekit fonts, with a moderate performance profile and good mobile optimization. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though security headers are lacking and could be improved. Privacy compliance is well addressed with GDPR-aligned policies and cookie management. Overall, the domain registration is privacy protected as per EURid policies, consistent with the non-profit nature of the entity. No suspicious indicators were found, and the site is accessible without WAF or blocking mechanisms.

E

Empath Labs Inc.

empathlabs.com

10

Empath Labs Inc. is a healthcare technology company specializing in pediatric patient engagement programs designed to improve adherence, retention, and emotional support for children undergoing medical treatments. Their market position is strong within pediatric healthcare, supported by over 165,000 families and 500 hospitals leveraging their programs. Key services include innovative social robots and toys that aid children with chronic illnesses such as diabetes, cancer, and sickle cell disease. The company targets healthcare providers, clinical trial participants, and families, operating primarily in the United States. Technically, the website is built on the Webflow platform, utilizing modern JavaScript libraries such as jQuery, GSAP for animations, and Google Analytics for user tracking. The site is well-optimized for performance and mobile responsiveness, with a professional design and clear navigation. Privacy compliance is robust, featuring a comprehensive privacy policy and a cookie consent mechanism that respects GDPR requirements. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to mitigate bot activity. However, it lacks explicit security headers and published security policies or incident response contacts, which are areas for improvement. The absence of WHOIS registration data for the domain is a notable concern, potentially impacting trustworthiness despite the professional presentation and clear business identity. Overall, Empath Labs presents a credible and professional online presence with strong content quality and privacy compliance. The primary risk lies in the missing domain registration transparency, which should be addressed to enhance legitimacy and trust. Strategic recommendations include publishing security policies, adding security headers, and verifying domain WHOIS information to strengthen the company's security posture and business credibility.

E

ESSEC Alumni

essecalumni.com

57

ESSEC Alumni operates as the official alumni network for ESSEC Business School, providing a comprehensive platform for graduates, students, faculty, and recruiters to connect, engage, and access career and lifelong learning services. The website is well-branded, professionally designed, and offers a variety of services including event management, job boards, mentoring, and community clubs. Technically, the site leverages modern web technologies such as Vue.js, Google Tag Manager, and Matomo analytics, ensuring a responsive and interactive user experience. Security posture is solid with HTTPS enforced and secure login mechanisms, although some security headers could be improved. Privacy compliance is evident with clear privacy and cookie policies and GDPR considerations. However, the absence of WHOIS data for the domain introduces a trust concern that should be addressed. Overall, the site is a credible and valuable resource for the ESSEC community.

T

The Conference Forum

patientsaspartners.org

59

Patients as Partners in Clinical Research and Patient Access is a specialized platform operated by The Conference Forum, focusing on elevating the patient voice within clinical research and healthcare access. The website offers a range of services including conferences, editorial content, podcasts, and webinars aimed at healthcare professionals, patient advocates, and industry stakeholders. The platform positions itself as a niche leader in patient engagement communication within the healthcare sector, with a business model centered on content and event marketing. Founded in 2018, the organization maintains a consistent and professional brand presence with good content quality and user experience. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Slick Carousel, Select2, and integrates multiple analytics and tracking tools such as Google Analytics, Microsoft Clarity, and LinkedIn Insight Tag. Hosting is provided by Bluehost Inc., and the site is secured with HTTPS and Google reCAPTCHA v3 for form protection. Mobile optimization and SEO practices are good, though accessibility features are basic. Performance is moderate, with opportunities for improvement in security headers and DNS security. From a security perspective, the site enforces HTTPS and uses CAPTCHA to protect forms, but lacks DNSSEC and important security headers like Content-Security-Policy. There is no published security policy or incident response contact, and no cookie consent mechanism is present, which may impact GDPR compliance. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the business age and domain registration details, indicating a legitimate and stable online presence. Overall, the website is professional and trustworthy with moderate security posture and privacy compliance. Strategic improvements in security headers, DNSSEC, and privacy mechanisms would enhance the site's security and compliance standing. The absence of direct contact emails or phone numbers limits immediate user contact options, relying instead on subscription forms. The site is safe for general audiences with no adult or explicit content detected.

T

The Conference Forum

clinicaltrialaccess.com

58

The website clinicaltrialaccess.com is a specialized platform operated by The Conference Forum, focusing on community-based clinical trials. It offers a range of services including events, editorial content, podcasts, webinars, and marketing services aimed at healthcare professionals, clinical trial sites, and pharmaceutical stakeholders. The platform positions itself as a niche content and event marketing provider within the healthcare and clinical research sector. Technically, the site employs a modern tech stack with popular JavaScript libraries and analytics tools, hosted on Amazon AWS infrastructure with CDN support. The design is professional, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Security posture is solid with HTTPS enforced and use of reCAPTCHA, though improvements such as enabling DNSSEC and adding security headers are recommended. Privacy compliance is partial, with a privacy policy present but lacking cookie consent mechanisms. Overall, the domain registration is consistent with the business launch timeline and shows no suspicious indicators. The site is safe for general audiences and does not contain adult or explicit content.

Š

ŠMT a.s.

cz-smt.cz

54

ŠMT a.s. is a well-established Czech manufacturer specializing in heavy horizontal boring, milling machines, and lathes, serving a global industrial market with over 100 years of experience. The company offers a broad range of heavy machining equipment and related services including modernization and repairs, targeting industrial manufacturers and engineering firms worldwide. Their market position is strong with customers in over 40 countries and partnerships with major industrial brands. Technically, the website is built on Joomla CMS with Gantry 5 framework, employing modern frontend technologies and providing a good user experience with mobile optimization and SEO best practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some security headers and explicit policies could be improved. The absence of WHOIS data limits domain trust verification, but the website content and business information appear professional and credible. Overall, the site demonstrates a mature digital presence aligned with the company's industrial manufacturing business.

T

Továrna Vír

tovarnavir.cz

53

Továrna Vír is a project focused on the revitalization of the former Rotter factory area in Vír, Czech Republic. The website presents a multifaceted business model combining real estate redevelopment, hospitality, cultural and sporting activities, and sustainable farming. The project targets visitors, local community members, investors, and businesses seeking unique event spaces and coworking facilities. The site is professionally designed with clear navigation and good mobile optimization, reflecting a medium-sized enterprise with a strong local presence. Technically, the website employs modern web technologies including jQuery, Google Fonts, and Google Analytics, hosted likely on a Czech hosting provider with a CMS platform inferred as WebSynergy. Performance and SEO are moderate to good, with room for improvement in accessibility and security headers. The site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent but lacks advanced security headers and explicit incident response or security policy documentation. No vulnerabilities or exposed sensitive data were detected. The absence of WHOIS data reduces domain trustworthiness, though the website content and social media presence support legitimacy. Overall, the website scores well in content quality, technical implementation, and privacy compliance but should improve transparency in domain registration and security policies to enhance trust and compliance.

B

Bike-Arena

bikearena.cz

44

Bike-Arena is a specialized retail business based in Příbram, Czech Republic, focusing on the sale and servicing of bicycles, electric bikes, and cycling accessories. The company operates both an e-commerce platform and a physical store, offering additional services such as bike rental, maintenance, and test rides. Their market position is that of a regional expert catering to recreational, sport, and competitive cyclists. The website is well-structured, professionally designed, and provides comprehensive product and service information targeted at cycling enthusiasts. Technically, the website employs modern JavaScript libraries including jQuery, jQuery UI, and Select2, alongside Google Tag Manager and analytics tools. It is mobile-optimized with responsive design and includes cookie consent mechanisms aligned with GDPR requirements. The site uses HTTPS, ensuring encrypted communications, but lacks some recommended HTTP security headers which could enhance protection. From a security perspective, the site demonstrates good practices such as secure login forms and consent management but does not publish explicit security policies or incident response contacts. The absence of WHOIS data reduces transparency slightly but is mitigated by clear business contact information and a physical address. No critical vulnerabilities or exposed sensitive data were detected. Overall, Bike-Arena presents a trustworthy and professional online presence with moderate technical maturity and a solid security posture. Strategic improvements in security headers and transparency around security policies would further strengthen their risk profile.

Price-check.com is a professional SaaS platform operated by E-solutions, s.r.o., specializing in real-time price monitoring and comparison for products across European online markets. The service targets online retailers and distributors, providing comprehensive data analytics, alerts, and reporting to support pricing strategies in B2C, B2B, and contractor environments. The website is well-structured, multilingual, and showcases a solid client base through references and logos. Technically, the site employs modern web technologies including Google Tag Manager, Google Analytics, and responsive design elements, ensuring good user experience and SEO optimization. Security posture is adequate with HTTPS enforced and cookie consent implemented, though the absence of security headers and explicit privacy policies indicates room for improvement. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the active and professional website presence. Overall, the site scores well on content quality and business credibility but should address compliance and transparency gaps to enhance trust.

Česká Asociace Univerzitního Sportu (ČAUS) is a Czech non-profit organization dedicated to promoting university sports and organizing academic sports competitions within the Czech Republic. The website serves as the official platform for disseminating information about competitions, events, and representation of Czech students in sports at various levels. The organization has a well-established presence since 2006 and maintains partnerships with national and international sports bodies. The site targets students, university sports participants, and organizers within the academic sports community.

S

SOHO1 Caffé Bistro

soho1caffe.sk

65

SOHO1 Caffé Bistro is a modern hospitality business located in Žilina, Slovakia, offering restaurant dining, café services, brunch, catering, food delivery, and event hosting. The website reflects a small but professional local business with a focus on fresh ingredients and a pleasant atmosphere. The digital infrastructure uses modern web technologies including JavaScript modules, Google Fonts, Google Analytics, and Facebook Pixel, indicating a moderate level of digital maturity. The site is mobile optimized and provides clear navigation and content relevant to its target audience. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks explicit security headers and published security policies. WHOIS data confirms the legitimacy of the business with consistent registration details. Overall, the website is trustworthy and professionally maintained, though improvements in security transparency and content hygiene are recommended.

C

Champagne L. Albert Guichon

champagne-albertguichon.fr

58

Champagne L. Albert Guichon is a small family-owned vineyard and champagne producer located in Mardeuil, France, with a heritage dating back to 1929. The company specializes in cultivating traditional champagne grape varieties and producing a range of champagne cuvées. Their market position is that of a boutique producer emphasizing quality and environmental responsibility, as evidenced by their HVE certification. The website reflects a professional and consistent brand image, targeting wine enthusiasts and hospitality clients. Technically, the website employs a modern technology stack including Bootstrap, jQuery, FontAwesome, and integrates Google Analytics and a robust cookie consent mechanism via Consentmanager.net. The site is mobile-optimized with good SEO practices and moderate performance. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though some security headers could be improved. The security evaluation shows good practices in data protection and privacy compliance, including GDPR adherence and cookie consent. However, the absence of WHOIS data limits domain trust assessment. Overall, the site is trustworthy and professionally maintained, with clear contact information and social media presence. Strategically, the company should consider enhancing security headers, publishing a vulnerability disclosure policy, and improving WHOIS transparency to strengthen trust and compliance further.

R

RVF Ressorts & Visseries des Flandres

rvf.com

57

RVF Ressorts & Visseries des Flandres is a French manufacturer specializing in industrial and precision springs with nearly 100 years of history since its founding in 1923. The company offers a wide range of custom springs including compression, torsion, traction, spiral, flat, and shaped wire springs, serving diverse industrial sectors such as automotive, agriculture, building, medical, and luxury goods. The website reflects a professional and established business with ISO9001 and IATF 16949 certifications, indicating a commitment to quality and industry standards. Technically, the website employs modern web technologies including Bootstrap, jQuery, FontAwesome Pro, and Owl Carousel, with Google Analytics integrated for user tracking. The site is mobile-optimized and SEO-friendly, providing a good user experience. However, some accessibility features could be enhanced. Security-wise, the site uses HTTPS but lacks visible security headers and explicit security or incident response policies, which are areas for improvement. The WHOIS data for the domain www.rvf.com is notably missing, which is inconsistent with the company's long operational history and raises some trust concerns. Despite this, the website content, contact information, and certifications support the legitimacy of the business. Privacy and cookie policies are present and appear GDPR compliant, reflecting awareness of data protection regulations. Overall, RVF presents as a credible and professional manufacturing company with a solid digital presence but should address WHOIS transparency and enhance security policies to improve trust and compliance.

D

DLA Grand-Est

dla-grandest.org

10

DLA Grand-Est is a regional non-profit organization dedicated to supporting social utility structures in the Grand Est region of France. The website presents a professional and well-structured platform offering information about their services, including accompaniment for social utility employers, training for volunteers, and calls for service providers. The organization positions itself as a key regional player in social and employment development within the non-profit sector. Technically, the website employs modern web technologies such as Bootstrap for responsive design, jQuery for interactivity, FontAwesome for icons, and Google Analytics for visitor tracking. The site is mobile-optimized and includes standard SEO and accessibility features, though some accessibility aspects could be improved. The presence of a cookie consent banner and a comprehensive privacy policy indicates good privacy compliance. From a security perspective, the site uses HTTPS with a presumably strong SSL configuration. However, no explicit security headers were detected, and there is no visible security policy or incident response contact information. The WHOIS data is unavailable due to a malformed request or privacy restrictions, which slightly reduces trust in domain legitimacy but does not outweigh the professional presentation and compliance indicators. Overall, the website is a credible and professional platform for a regional non-profit organization with a good security posture and privacy compliance. The main risk is the lack of WHOIS transparency and absence of explicit security policies, which should be addressed to enhance trust and security maturity.

C

CBS spol, s.r.o.

malovanemapy.sk

43

CBS spol, s.r.o. operates the website malovanemapy.sk, specializing in the creation and sale of hand-painted maps tailored for municipalities, microregions, sports centers, hotels, and resorts primarily in Slovakia. Their unique business model combines traditional artistic craftsmanship with modern technology to produce accurate and visually appealing maps that serve both tourists and local residents. The company leverages sponsorship and advertising partnerships to support the costly production process, enhancing community involvement by including local children in the artwork. The website reflects a niche market position with a strong local cultural focus and trust signals such as testimonials and FSC certification.

E

EQUINET s.r.o.

jezdeckainzerce.cz

42

Jezdeckainzerce.cz is an established Czech online classified ads portal specializing in equestrian products and services. Operated by EQUINET s.r.o., it serves a niche market of horse owners, riders, and equestrian service providers. The platform offers free and premium listings, supported by advertising revenue and partnerships with related equestrian media projects such as Jezdci.cz and EquiTV.cz. The website features a modern design with responsive elements and integrates Google Analytics and cookie consent mechanisms, reflecting a moderate level of digital maturity. Security measures include HTTPS enforcement and form validation with reCaptcha, though some security headers are missing. The absence of WHOIS data reduces transparency but does not negate the professional presentation and business legitimacy. Overall, the site is a valuable resource within its niche, with room for improvement in security and privacy disclosures.

LD Studio is a Czech Republic-based small technology service provider specializing in custom web development, e-commerce solutions, graphic design, and complementary digital marketing and printing services. The company positions itself as a partner offering personalized and modern digital solutions primarily targeting businesses and individuals seeking professional web and graphic design services. The website reflects a professional and consistent brand image with clear contact information and client testimonials, indicating a trustworthy and established presence in its regional market. Technically, the website employs a moderate technology stack including jQuery, Swiper.js, and ASP.NET Web Forms, with Google Analytics integrated under privacy-conscious settings. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy and terms of service pages, which are areas for improvement. Performance is moderate, and SEO practices appear adequate. From a security perspective, the site benefits from HTTPS and minimal exposure of sensitive data but would benefit from enhanced security headers and more transparent privacy policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact details suggest legitimate business operations. No critical vulnerabilities or adult content were detected, and the site is fully accessible without WAF or blocking mechanisms. Overall, LD Studio presents a credible and professional digital agency with room for improvement in security and compliance transparency. Strategic enhancements in privacy documentation and security headers would strengthen its security posture and trustworthiness.

Price-check.cz is a professional online price monitoring and comparison tool operated by E-solutions, s.r.o., targeting e-commerce businesses including B2C and B2B sellers and suppliers. The platform offers real-time data monitoring with frequent updates, alerting, reporting, and comprehensive analytics to support pricing strategies. The website is well-designed, mobile-optimized, and provides a good user experience with clear navigation and relevant content. Technically, it leverages modern web technologies including Google Tag Manager, Google Analytics, and Vue.js components, ensuring a moderate to good performance level. Security posture is solid with HTTPS enforced and cookie consent implemented, though it lacks explicit security headers and published privacy or security policies. The absence of WHOIS data limits domain trust verification, but the presence of multiple reputable brand references and professional presentation supports legitimacy. Overall, the site is a credible resource for price monitoring in the Czech and European markets.

B

Bike-Arena

bike-arena.cz

44

Bike-Arena is a specialized retailer and service provider for bicycles and e-bikes located in Příbram, Czech Republic. The company offers a broad range of products including bicycles from brands like Trek, Giant, and Maxbike, alongside accessories, rentals, and maintenance services. Their business model combines e-commerce with a physical storefront, targeting cycling enthusiasts and local customers. The website is well-structured, providing clear navigation, product categories, and informative blog content to engage visitors. Technically, the website employs modern JavaScript libraries such as jQuery, jQuery UI, and Select2, and integrates Google Tag Manager and Google Analytics for marketing and analytics purposes. The site is mobile-optimized and uses HTTPS with good SSL configuration, ensuring secure data transmission. Cookie consent mechanisms are implemented, reflecting GDPR compliance. However, some security headers are missing, and no explicit security or incident response policies are published. From a security perspective, the site demonstrates good practices including secure login forms and consent management. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of WHOIS data limits domain trust assessment, but the professional presentation and contact transparency support legitimacy. No signs of WAF or content blocking were found, allowing full content access. Overall, Bike-Arena presents a trustworthy and professional online presence with solid technical and privacy compliance foundations. Strategic improvements in security headers, incident response transparency, and vulnerability disclosure would further enhance their security posture and trustworthiness.

C

Carelli

carelli.sk

53

Carelli is a well-established furniture retail company operating primarily in the Czech Republic, with a history dating back to 1994. The company specializes in offering high-quality, designer furniture and interior solutions, targeting consumers who value premium and custom-made home furnishings. Their business model includes showroom sales, online catalog browsing, and delivery and installation services, positioning them as a reputable player in the retail furniture sector. The website reflects a professional and consistent brand image with clear navigation and relevant content for their target audience. Technically, the website employs modern web technologies including Bootstrap for responsive design, jQuery for interactivity, and advanced tracking tools such as Google Analytics and Facebook Pixel. The site is mobile-optimized and includes cookie consent mechanisms aligned with GDPR requirements. Performance is moderate with good SEO and accessibility basics in place. From a security perspective, the site uses HTTPS with a strong SSL configuration and implements cookie consent for privacy compliance. However, it lacks explicit security headers and publicly available security policies or incident response information. No vulnerabilities or exposed sensitive data were detected in the provided content. The WHOIS data aligns well with the business claims, indicating legitimacy and consistency. Overall, Carelli's website demonstrates a solid digital presence with good privacy compliance and a trustworthy business profile. Strategic improvements in security headers and transparency around security policies could further enhance their security posture and customer trust.

T

ThePrime.cz

theprime.cz

48

ThePrime.cz is a specialized subscription-based news portal focused on the Czech and Slovak real estate markets, operated by journalist Robert McLean. It provides market news, investment insights, event information, and multimedia content targeting real estate professionals and investors in the region. The business model centers on subscription revenue and content delivery through a WordPress-based platform. Technically, the website employs a modern WordPress CMS with various plugins for analytics, payment processing, and content management. The site is moderately optimized for performance and mobile devices, with good SEO practices and structured data implementation. Security posture is adequate with HTTPS and cookie consent mechanisms, but could benefit from enhanced security headers and published security policies. No critical vulnerabilities or blocking mechanisms were detected, and the domain registration data aligns well with the website's regional focus and business age. Overall, the site presents a professional and trustworthy presence in its niche market.

F

FestivalyVina

festivalyvina.cz

41

FestivalyVina operates the largest wine festival tour in the Czech Republic, organizing and promoting multiple wine-related events across various cities. The website serves as an official portal providing event calendars, galleries, and information about wine producers, targeting wine enthusiasts and the general Czech public interested in wine culture. Technically, the site uses established JavaScript libraries such as jQuery and Swiper.js, integrates Google Analytics for visitor tracking, and loads resources over HTTPS, indicating a modern but moderately optimized infrastructure. Security posture is adequate but could be improved by implementing security headers and publishing privacy and cookie policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and partner affiliations suggest a legitimate business. Overall, the site is professional, content-rich, and well-branded but requires enhancements in privacy compliance and security transparency.

G

Ghoda s.r.o.

ghoda.cz

42

Ghoda s.r.o. operates a specialized e-commerce platform focused on horse cosmetics, repellents, and feed supplements, primarily serving the Czech Republic market. The company positions itself as a trusted partner for equine care products, offering a curated selection of reputable brands and supporting a partner reseller program. The website demonstrates a solid digital presence with clear business information, active social media links, and customer engagement through newsletters and articles. Technically, the website employs modern web technologies including Bootstrap 5, jQuery, and Google Tag Manager, ensuring responsive design and moderate performance. The presence of cookie consent mechanisms and privacy policies indicates compliance with GDPR requirements. However, the absence of WHOIS data limits transparency regarding domain registration details. From a security perspective, the site uses HTTPS and implements cookie consent but lacks visible security headers and a published security policy or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Advertising and tracking are managed with user consent, balancing marketing needs with privacy. Overall, the website is professional, trustworthy, and well-structured, though improvements in domain transparency and security header implementation are recommended to enhance trust and compliance.

A

ARSY line, s.r.o.

webproskoly.cz

57

ARSY line, s.r.o. operates the website www.webproskoly.cz, providing specialized web hosting and content management solutions tailored for Czech primary and kindergarten schools. The company offers a subscription-based model with no upfront investment, focusing on modern, accessible, and legislatively compliant web platforms. Their services include modules for photo galleries, news updates, event calendars, and integration with school meal systems, targeting educational institutions in the Czech Republic. The website demonstrates a professional and consistent brand presence with strong customer testimonials and clear contact information. Technically, the site employs a modern technology stack including jQuery, Google Tag Manager, Facebook Pixel, and proprietary CMS components. It is optimized for mobile devices and accessibility, with good SEO practices and performance. The site uses HTTPS and consent-based cookie management, reflecting a good security posture, though some security headers could be improved. No critical vulnerabilities or exposed sensitive data were detected. The security posture is solid with HTTPS enforcement and CAPTCHA on forms, but lacks explicit published security policies or incident response contacts. Privacy compliance is strong with a comprehensive privacy policy and cookie consent mechanism. The absence of WHOIS data limits domain trust assessment, but the website content and business information appear legitimate and professional. Overall, the website is a well-executed niche educational service platform with good technical and security practices, though improvements in transparency around security policies and WHOIS data availability would enhance trust and compliance.

P

PMS ČR

pmscr.cz

55

The website pms.gov.cz is the official portal for the Probační a mediační služba (Probation and Mediation Service) of the Czech Republic, a government agency under the Ministry of Justice. It provides a wide range of services including probation supervision, mediation between victims and offenders, juvenile justice, electronic monitoring, parole, community service, and victim support. The site targets the general public, legal professionals, victims, and offenders, positioning itself as a key national public service entity in the justice sector. The content is comprehensive, professionally presented, and consistent with government standards.

C

Centrum pro dětský sluch Tamtam, o. p. s.

tamtam.cz

47

Centrum pro dětský sluch Tamtam, o. p. s. is a Czech non-profit organization dedicated to supporting families with children who have hearing impairments. The website clearly targets this audience, providing resources, information, and community support. The organization maintains a professional online presence with consistent branding and active social media channels on Facebook and Instagram. The business model is focused on advocacy and support rather than commercial activities, positioning it as a trusted entity within its niche in the Czech Republic. Technically, the website employs modern web technologies including Bootstrap for responsive design, Google Fonts for typography, and Google Maps API for location services. Google Analytics is used for visitor tracking, indicating a moderate level of digital maturity. The site is mobile-optimized and offers a good user experience with clear navigation and relevant content. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms, reflecting awareness of privacy regulations such as GDPR. However, explicit security headers are not detected, and no public security policy or incident response information is available. The absence of WHOIS data for the domain is a concern, as it reduces trust in the domain's legitimacy. Despite this, the website content and contact information appear legitimate and professional. Overall, the website scores well in content quality, technical implementation, and privacy compliance, but the lack of WHOIS transparency and some security best practices slightly reduce its security posture. Strategic recommendations include improving security headers, publishing a security policy, and verifying domain registration details to enhance trust and compliance.

C

Centrum pro rodinu a sociální péči z. s.

prorodiny.cz

54

Centrum pro rodinu a sociální péči z. s. is a well-established non-profit organization based in Ostrava, Czech Republic, dedicated to supporting families, relationships, individuals with disabilities, caregivers, and seniors. The organization offers a broad range of services including counseling, education, social support, and community engagement, with a strong focus on inclusivity and social welfare. Their website reflects a mature digital presence with rich content, active event calendars, and social media integration, positioning them as a trusted local entity in the social care sector. Technically, the website employs modern JavaScript libraries and Google Analytics with consent management, ensuring a good user experience and moderate performance. Security posture is adequate with HTTPS and cookie consent but lacks some advanced security headers and explicit privacy policies. The absence of WHOIS data for the domain is a notable concern that slightly impacts trustworthiness, though the website content and social presence strongly indicate legitimacy. Overall, the site is professional, content-rich, and user-friendly, serving its target audience effectively.

B

Broadcast Sport

broadcastsportevents.co.uk

63

Broadcast Sport is a specialized media company focused on the sports broadcasting industry, offering an online news portal, quarterly magazine, and hosting the Broadcast Sport Summit event. The website targets professionals in sports media including producers, broadcasters, athletes, and brands. The company positions itself as a niche leader in sports media innovation and networking. Technically, the website uses a modern tech stack with jQuery, Google Analytics, and a proprietary CMS (SHOWOFF by ASP.events). It is mobile optimized, accessible, and performs moderately well. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and privacy policies are missing. Overall, the site is professional and trustworthy but could improve compliance and security transparency.

E

Eiffage

eiffage.ca

63

Eiffage Canada operates as a multiskilled construction group focused on sustainable infrastructure development and local economic contribution. The company is part of the larger Eiffage Group, a well-established European construction and engineering conglomerate. Their Canadian website emphasizes quality, health and safety, environmental responsibility, and strong corporate values. The site targets construction industry clients, local communities, and suppliers in Canada, offering services in maintenance, rehabilitation, and new construction works. Technically, the website is built on the Jahia CMS platform, utilizing modern JavaScript libraries such as jQuery and APIs from YouTube and Vimeo for media integration. It employs Google Analytics and TagCommander for analytics and marketing, alongside OneTrust for cookie consent management, indicating a mature digital infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, with comprehensive metadata and structured data enhancing search visibility. From a security perspective, the site enforces HTTPS, uses reCAPTCHA for form protection, and displays a security alert warning users about impersonation attempts, reflecting a proactive security posture. However, the absence of WHOIS data for the domain www.eiffage.ca is a notable anomaly, though the website content and external links strongly associate it with the legitimate Eiffage Group. No critical vulnerabilities or exposed sensitive data were detected. Overall, Eiffage Canada's website presents a professional, secure, and compliant digital presence aligned with its business objectives. The main risk lies in the missing WHOIS data, which should be investigated further to ensure domain registration transparency and trustworthiness.

Y

Young Entrepreneurs in Science

youngentrepreneursinscience.com

10

Young Entrepreneurs in Science (YES) is a well-established non-profit educational program based in Germany, focused on equipping master’s students, doctoral candidates, and postdocs with entrepreneurial skills through free workshops and training programs. Supported by government ministries and business partners, YES aims to foster a cultural shift in science towards entrepreneurship and innovation. The website reflects a professional and consistent brand presence with clear messaging and a strong partnership ecosystem, including the Falling Walls Foundation as a parent organization. Technically, the site is built on WordPress with modern technologies and integrates multiple analytics and marketing tools, though it lacks a cookie consent mechanism and some security headers. Security posture is generally good with HTTPS and no exposed sensitive data, but could be improved by adding security policies and incident response contacts. Overall, the website is trustworthy, well-designed, and serves its target audience effectively.

L

Liechtenstein Marketing

liechtenstein-business.li

64

The website www.liechtenstein-business.li serves as an official platform promoting Liechtenstein as a prime business and economic location. It provides comprehensive information on the economic advantages, company formation processes, business news, and the financial and industrial sectors of Liechtenstein. The site targets businesses, entrepreneurs, and professionals interested in establishing or expanding operations in Liechtenstein. The business model is governmental and marketing-oriented, positioning Liechtenstein as a competitive and attractive business hub. Technically, the website is built on the Concrete5 CMS and utilizes modern web technologies including jQuery, Matomo and Google Analytics for tracking, Google Tag Manager, and Usercentrics for consent management. The site is mobile optimized with good SEO practices and a clear navigation structure, although accessibility features are basic. Performance is moderate, with no critical technical issues detected. From a security perspective, the site enforces HTTPS, employs standard security headers, and integrates consent mechanisms for cookies, reflecting a good security posture. No vulnerabilities or exposed sensitive data were found. However, the site lacks explicit security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for enhanced security maturity. Overall, the website is professional, trustworthy, and compliant with GDPR requirements. It effectively supports Liechtenstein's business promotion objectives while maintaining a secure and user-friendly environment. Strategic recommendations include adding explicit security and incident response policies, improving accessibility, and providing terms of service to further enhance compliance and user trust.

D

Designsensor AG

designsensor.ch

52

Designsensor AG is a Swiss-based creative studio specializing in brand experience design, strategic design, and digital product design. The company positions itself as a strategic partner for businesses seeking to enhance their brand presence and customer engagement through human-centered and innovative design solutions. Their market position is that of a specialized boutique agency with a focus on measurable business impact through design. Technically, the website is built on WordPress with modern plugins such as Yoast SEO Premium and WPBakery Page Builder, incorporating Google Analytics and reCAPTCHA for analytics and security respectively. The site is mobile-optimized and demonstrates good SEO practices, though some accessibility features could be improved. Security posture is solid with HTTPS and reCAPTCHA usage, but lacks explicit security headers and documented security policies. Privacy compliance is limited due to the absence of visible privacy and cookie policies, which is a notable gap. Overall, the website is professional, trustworthy, and well-structured, but could benefit from enhanced privacy and security disclosures.

G

Geo:Pro for Shopify

geoproapp.com

54

GeoProApp.com is a recently established SaaS business launched in 2023, providing geolocation-based access management tools specifically designed for Shopify store owners. The website offers features such as geolocation redirects, country blocking, and market redirects to help merchants control customer access and tailor shopping experiences based on location. The business targets e-commerce merchants using Shopify, positioning itself as a niche provider in this space. The website is professionally designed with good mobile optimization and clear navigation, though it lacks comprehensive privacy and cookie policies, which are critical for compliance and trust. Technically, the site uses modern frontend technologies including Tailwind CSS and JavaScript ES modules, with hosting and DNS services provided by Cloudflare. Google Analytics and Google Tag Manager are employed for user tracking, indicating moderate data collection practices. However, the absence of DNSSEC and security headers suggests room for improvement in security hardening. The domain registration is consistent with the business launch timeline, registered via a reputable registrar without privacy protection, which aligns with the business type. From a security perspective, the site uses HTTPS (implied by Cloudflare DNS and standard Shopify app practices), but lacks visible security headers and formal security or incident response policies. No forms or direct data collection points were detected on the main page, reducing immediate attack surface but also limiting user engagement options. The lack of privacy and cookie policies represents a compliance gap, especially under GDPR. Overall, the security posture is moderate but could be enhanced with standard best practices. The overall risk assessment is moderate with no critical vulnerabilities detected. Strategic recommendations include implementing DNSSEC, adding privacy and cookie policies, publishing contact and incident response information, and deploying security headers. These improvements will enhance compliance, trust, and security posture, supporting sustainable growth in the competitive Shopify app market.

S

S4 Snowsport GmbH

s4-fieberbrunn.at

43

S4 Snowsport GmbH is a well-established sports service provider based in Fieberbrunn, Tirol, Austria, specializing in winter and summer sports activities including ski and snowboard courses, equipment rental, bike tours, and outdoor sports. The company has a strong local presence and targets sports enthusiasts and families visiting the Tirol region. The website is built on WordPress with a modern theme and SEO plugin, showing good digital maturity and responsive design. Security posture is adequate with HTTPS enabled and no visible vulnerabilities, but lacks some security headers and formal security policies. Privacy compliance is incomplete due to missing privacy and cookie policies. Overall, the website is professional and trustworthy, supporting the company's business credibility.

P

Paddle

paddle.be

45

Paddle is a well-established CMS platform provider founded in 2003, specializing in flexible and secure content management solutions primarily for governments, public sector organizations, hospitals, and non-profits. The company offers its CMS as both Platform-as-a-Service and Software-as-a-Service, with a strong emphasis on accessibility, security, and ease of use. Their market position is supported by a significant user base and numerous modules and integrations, reflecting a mature and scalable product offering. The website content is professionally crafted, multilingual, and includes customer testimonials and support options, enhancing trust and credibility. Technically, the website leverages Drupal CMS and integrates multiple modern analytics and marketing tools such as Google Analytics, Matomo, Hotjar, and Facebook Pixel, all implemented with asynchronous loading and consent mechanisms to respect user privacy. The site demonstrates good mobile optimization, accessibility, and SEO practices, although some security headers are not explicitly detected. The SSL configuration is good, ensuring secure communications. From a security perspective, the site enforces HTTPS and implements cookie consent, but lacks publicly visible security policies, incident response contacts, or vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms a consistent and legitimate domain registration dating back to 2003, reinforcing the trustworthiness of the business. Overall, Paddle's website reflects a professional, secure, and privacy-conscious digital presence suitable for its target sectors. Strategic improvements could include publishing explicit security policies, incident response contacts, and vulnerability disclosure information to further enhance security posture and compliance.

P

PKS Kaffeemaschinen AG

pauli.ch

58

PKS Kaffeemaschinen AG is a specialized Swiss company with over 40 years of experience in selling and servicing professional coffee machines for the hospitality and commercial sectors. Their website reflects a focused business model targeting restaurants, bars, hotels, offices, and care homes, offering high-quality coffee equipment and tailored coffee concepts. The company positions itself as a trusted partner with strong industry relationships, notably with Thermoplan, a leading coffee machine manufacturer. Technically, the website is built on a modern platform (Duda), uses contemporary JavaScript libraries, and integrates analytics tools such as Google Analytics and Snowplow. The site is mobile-optimized and performs moderately well. Security posture is good with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Privacy compliance is basic with a cookie consent mechanism and a privacy policy page, but lacks detailed GDPR compliance indicators and terms of service. Overall, the website is professional, trustworthy, and well-aligned with the company's business objectives.

S

Skio

skio.com

60

Skio is a subscription platform designed to serve Shopify brands that have outgrown their existing subscription solutions. The company focuses on reducing churn, increasing customer lifetime value, and delivering engaging subscriber experiences. With over 1,000 Shopify brands as clients, including notable names like Grüns, Supergoop, and Dog is Human, Skio positions itself as a specialized SaaS provider in the e-commerce subscription space. The website is built using Framer CMS and integrates modern analytics and tracking tools such as Google Analytics, Microsoft Clarity, and LinkedIn Insight, indicating a mature digital infrastructure. However, the absence of explicit privacy and cookie policies, as well as contact information, suggests areas for compliance and trust improvement. Security measures include HTTPS and domain registration protections, but lack DNSSEC and security headers, which could enhance overall security posture. Overall, Skio presents a professional and focused business with moderate technical and security maturity, suitable for its target market but with room for compliance and security enhancements.