Security Directory

S

Spreadshop

spod.com

63

Spreadshop operates a mature and well-established ecommerce print-on-demand platform branded as Spreadconnect, enabling merchants to create and sell custom merchandise integrated with major ecommerce platforms such as Shopify, WooCommerce, TikTok, and others. The platform emphasizes fast fulfillment, high-quality printing, and worldwide shipping, targeting both growing brands and seasoned sellers. The website demonstrates a high level of digital maturity with modern web technologies including React and Next.js, supported by Adobe Experience Manager for content delivery. Security posture is strong with HTTPS enforcement and security headers, though explicit security policies and incident response details are not published. Privacy compliance is robust with comprehensive privacy and cookie policies and consent mechanisms. The absence of WHOIS data is a notable anomaly but does not detract significantly from the overall legitimacy given the professional presentation and extensive trust signals. Strategic recommendations include publishing security policies, adding vulnerability disclosure information, and enhancing direct contact options for security and data protection inquiries.

T

teeinblue

teeinblue.com

65

Teeinblue is a specialized SaaS provider offering a product personalization tool tailored for print-on-demand merchants on the Shopify platform. The company positions itself as a leading solution in this niche, enabling merchants to add customizable options such as images, text, and maps to their products. The website reflects a professional and consistent brand image, targeting Shopify merchants seeking enhanced product customization capabilities. Technically, the site leverages Shopify's infrastructure, integrates multiple analytics and marketing tools, and employs modern JavaScript frameworks and third-party services like Crisp chat and PageFly builder. Security posture is solid with HTTPS enforced and domain status protections, though DNSSEC is not enabled and security headers are not explicitly detected. Privacy compliance is weak due to the absence of visible privacy and cookie policies or consent mechanisms. Overall, the website is functional, professional, and trustworthy but would benefit from enhanced privacy and security disclosures.

S

SD Software-Design GmbH

software-design.de

63

SD Software-Design GmbH is a German IT company specializing in custom software development, including web portals, cloud software, cross-platform mobile apps, and data-driven systems. With over 13 years of experience, the company serves a diverse clientele including SMEs, startups, public sector entities, and associations primarily in Germany, Austria, and Switzerland. Their offerings extend to IT consulting, digital marketing, and data analysis, supported by multiple certifications and memberships that reinforce their market credibility. The website reflects a professional and comprehensive digital presence with clear service descriptions and strong trust signals. Technically, the site employs modern web technologies, is mobile-optimized, and demonstrates good SEO and accessibility practices. Security posture is robust with HTTPS, security headers, and privacy compliance, although no explicit incident response or vulnerability disclosure policies were found. Overall, the company presents a mature, trustworthy, and client-focused IT service provider profile.

A

AssoConnect

assoconnect.com

67

AssoConnect is a French SaaS company providing a comprehensive management platform tailored for associations. Their services include membership and donation collection, accounting management, communication tools, payment processing, and website creation. The platform targets associations of all sizes and sectors, boasting over 40,000 users, positioning it as a market leader in France. Technically, the website is built on modern frameworks such as React and Gatsby, hosted on Azure CDN, and optimized for performance and mobile devices. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, though explicit security policies and incident response details are not publicly disclosed. Overall, the website is professional, trustworthy, and compliant with GDPR, reflecting a mature digital presence.

B

Burge Agency

burgeagency.com

53

Burge Agency is a well-established creative and design agency based in Winchester, Hampshire, UK, founded in 2009. The company specializes in branding, graphic design, website design, packaging, advertising campaigns, and print media, serving a diverse clientele including both large and small brands. Their website reflects a professional and consistent brand image with a comprehensive portfolio showcasing their work. Technically, the website is built on WordPress with Bootstrap and uses modern web technologies and analytics tools, indicating a moderate to good level of digital maturity. Security-wise, the site uses HTTPS and has domain transfer protections but lacks DNSSEC and security headers, which are recommended for enhanced security. Privacy compliance is weak due to the absence of visible privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from improved privacy and security practices.

H

Hugo na cestách

hugonacestach.info

42

Hugo na cestách is a Czech educational and cultural project centered around travel and heritage exploration within the Czech Republic and occasionally abroad. The website offers rich content including travel reports, photo galleries, and cultural insights, targeting a general audience interested in Czech history, architecture, and nature. The project appears to be run by an individual or small team, with the author identified as Michal Plaňanský. The site maintains a consistent brand and provides social media links to Google+, Facebook, and Twitter, enhancing its outreach. Technically, the website uses standard HTML5, CSS3, and JavaScript with jQuery and Lightbox libraries for interactive image galleries. The site is moderately optimized for performance and mobile use but lacks advanced SEO and accessibility features. There is no evidence of a CMS or modern frameworks. Security posture is limited due to missing HTTPS confirmation and absence of security headers. Privacy and cookie policies are not present, indicating compliance gaps. The WHOIS data is incomplete due to unsupported TLD WHOIS service, with no registrant or domain creation information available. This reduces trustworthiness from a domain registration perspective, although the website content itself appears legitimate and professional. No signs of malicious content or adult material were found. Overall, the site is a niche educational resource with good content quality but requires improvements in security, privacy compliance, and technical modernization to enhance trust and user experience.

G

Girasole, z. s.

girasole.cz

58

Girasole, z. s. is a Czech non-profit organization providing healthcare and social services focused on home hospice care, personal assistance, and emergency care for seriously ill and elderly individuals in the Hustopeče region. Their mission is to support patients and families to live dignified lives at home during serious illness. The website reflects a local healthcare service provider with a clear focus on palliative and hospice care, supported by community and regional partnerships.

C

Centrum sociálních a zdravotních služeb Poděbrady

centrum-podebrady.info

63

Centrum sociálních a zdravotních služeb Poděbrady is a well-established non-profit organization providing comprehensive social and health care services primarily in the Středočeský kraj region of the Czech Republic. Founded in 1976, it serves seniors, disabled individuals, and foster families with a broad range of services including home health care, hospice care, social assistance, and foster care support. The organization maintains a strong regional presence with multiple branches and partnerships with government ministries and local authorities. The website reflects a professional and community-focused business model with clear service offerings and active engagement through news updates and social media. Technically, the website is built on WordPress CMS, leveraging modern web technologies such as Bootstrap for responsive design, Leaflet for interactive maps, and Splide.js for sliders. It integrates analytics tools like Google Analytics and Hotjar for user behavior insights and employs CookieYes for GDPR-compliant cookie consent management. The site demonstrates good mobile optimization, SEO practices, and accessibility basics, although there is room for improvement in security headers and accessibility features. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms. Cookie consent is implemented with detailed categories, enhancing privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of explicit security headers and a vulnerability disclosure policy suggests opportunities to strengthen the security posture further. Overall, the domain appears legitimate and consistent with the organization's profile, despite limited WHOIS data due to privacy protections. The website is accessible without WAF or blocking mechanisms, providing a trustworthy and professional online presence. Strategic recommendations include enhancing security headers, formalizing vulnerability disclosure, and improving accessibility compliance to further solidify trust and security.

O

Oblastní charita Pardubice

charitapardubice.cz

58

Oblastní charita Pardubice is a regional non-profit organization operating under the national Charita Česká republika network. It provides a wide range of social and healthcare services including home health care, hospice care, personal assistance, social activation for families, and volunteer coordination. The organization targets residents of the Pardubice region, donors, and volunteers, maintaining a strong community presence and partnerships with governmental and private entities. The website reflects a mature digital presence with good content quality and clear navigation, supporting its mission effectively. Technically, the site uses modern JavaScript libraries, integrates donation widgets, and employs Google Analytics and Facebook Pixel for tracking, with a cookie consent mechanism in place. Security posture is solid with HTTPS enforced, though additional security headers and explicit security policies could enhance protection. Overall, the domain registration and WHOIS data align well with the organization's profile, indicating legitimacy and trustworthiness.

C

Charita Česká Kamenice

charita-ceska-kamenice.cz

54

Charita Česká Kamenice is a well-established non-profit organization founded in 2009, operating under the umbrella of Charita Česká republika. The organization provides a broad range of social and humanitarian services including hospice care, social rehabilitation, sheltered housing, and support for vulnerable groups such as seniors, disabled individuals, families, children, youth, and the homeless. Their market position is regional with strong partnerships with government bodies and charitable foundations, enhancing their credibility and funding sources. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the website employs standard web technologies including JavaScript, CSS, and HTML5, with fonts loaded from Google Fonts and Adobe Typekit. The site appears to be custom-built or uses a proprietary CMS, likely provided by VIZUS.CZ, the web development company credited in the footer. Performance is moderate with good mobile optimization and basic accessibility features. SEO is basic but sufficient for their audience. The site uses HTTPS with a good SSL configuration, and a cookie consent mechanism is implemented to comply with privacy regulations. From a security perspective, the website shows good practices such as HTTPS enforcement and cookie consent management. However, there is no explicit security policy or incident response contact information available, which could be improved. No vulnerabilities or exposed sensitive data were detected in the HTML content. The WHOIS data is consistent with the organization's claims, showing a domain age appropriate for the business history and no privacy protection masking the registrant. Overall, the website is safe, trustworthy, and compliant with GDPR requirements. It effectively serves its purpose as an informational and engagement platform for a non-profit social service organization. Strategic recommendations include enhancing security headers, publishing a security policy, and improving accessibility features to further strengthen their digital maturity and trustworthiness.

H

Hospic Žďár nad Sázavou

hospiczdislavy.cz

61

Hospic Žďár nad Sázavou operates as a small non-profit healthcare organization specializing in hospice and palliative care services within the Czech Republic. The website serves as an informational and engagement platform for patients, families, volunteers, and donors, providing details about their services and ways to support the hospice. The organization appears to have a localized market presence with a focus on compassionate end-of-life care. Technically, the website is built on the Wix platform, leveraging Wix's content management and hosting infrastructure. The site uses standard Wix scripts and assets, ensuring moderate performance and good mobile optimization. However, the technical implementation lacks advanced security headers and comprehensive privacy documentation, which are areas for improvement. From a security perspective, the site enforces HTTPS and includes a cookie consent mechanism, indicating some attention to user privacy and security. Nonetheless, the absence of security headers, vulnerability disclosure policies, and WHOIS transparency limits the overall security posture. There are no indications of exposed sensitive data or vulnerabilities in the visible content. Overall, the website is functional and professionally presented but would benefit from enhanced privacy compliance, security best practices, and transparent business information to strengthen trust and compliance with regulatory standards.

E

Ewalds

ewalds.sk

61

Ewalds.sk is a well-established Slovakian e-commerce retailer specializing in home accessories and decorations, operating since 1997. The company offers a broad range of products with over 3000 decorations in stock and supports both retail consumers and wholesale buyers. Their business model combines online sales with a physical showroom, enhancing customer trust and market presence. The website is professionally designed with clear navigation and mobile optimization, supporting a positive user experience. Technically, the site leverages modern JavaScript frameworks (Vue.js), integrates Google Tag Manager, Google Analytics, Hotjar, and Facebook Pixel for marketing and analytics, and uses AWS infrastructure. Privacy compliance is robust, featuring a comprehensive cookie consent mechanism and GDPR-aligned policies. Security posture is good with HTTPS enforced and CSRF protections, though some HTTP security headers could be improved. No critical vulnerabilities or suspicious activities were detected. Overall, the site demonstrates a mature digital presence with strong business credibility and compliance.

A

Autoplachty Gejza Vajda s.r.o.

autoplachtyvajda.sk

44

Autoplachty Gejza Vajda s.r.o. is a Slovak company established in 1992 specializing in manufacturing autoplachty (truck tarpaulins), large-format digital printing, and rental of storage halls. The company serves customers primarily in Slovakia and Europe, offering tailored products with a focus on quality and innovation. Their website reflects a professional business with clear service offerings and contact information. Technically, the site uses modern web technologies including PHP, JavaScript, and CookieYes for cookie consent, and is built on the MODX CMS platform. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and formal security policies. No critical vulnerabilities or blocking mechanisms were detected, indicating a stable and accessible online presence. Overall, the site demonstrates a solid digital maturity for a small manufacturing business.

R

Renovabis e.V.

renovabis.de

61

Renovabis e.V. is a well-established German non-profit organization dedicated to providing aid and support to people in Eastern Europe, focusing on social and pastoral renewal. Founded in 1993 by the German Bishops' Conference, it operates through donations, project funding, and educational initiatives. The website reflects a professional and trustworthy presence with comprehensive content, clear navigation, and consistent branding. It targets donors, partners, and communities interested in charitable work in Eastern Europe. Technically, the website employs modern web technologies including JavaScript, CSS, and integrates third-party services such as Usercentrics for consent management, Google Tag Manager for analytics, and Algolia for search functionality. The site is mobile-optimized, accessible, and performs moderately well. Hosting appears to be based in Germany, aligning with the organization's location. From a security perspective, the site enforces HTTPS and uses consent management to comply with GDPR. While explicit security headers are not detected, no vulnerabilities or exposed sensitive data were found. The organization demonstrates good privacy compliance with a clear privacy policy and cookie consent mechanism. Contact information is transparent and includes multiple channels. Overall, Renovabis presents a low-risk profile with strong business credibility and privacy practices. Recommendations include enhancing security headers, publishing a security policy, and adding a vulnerability disclosure mechanism to further strengthen security posture.

D

Darklace Limited

kvpzr.cz

47

Adell Casino is an online gambling platform operated by Darklace Limited, licensed in Cyprus. The website offers a variety of casino games including slots, live dealer games, jackpots, and video poker, targeting adult players primarily in Czech and German languages. The platform provides demo modes, multiple payment options, and various bonuses to attract and retain players. Technically, the site is built on modern frameworks such as Next.js and React, hosted behind Cloudflare DNS services, and shows moderate performance and good mobile optimization. However, the site lacks explicit privacy and terms of service pages, security headers, and incident response contact information, which are critical for compliance and trust. The WHOIS data shows a suspicious domain creation date in the future, which raises concerns about legitimacy. Overall, the site is functional and professional but requires improvements in security posture and compliance documentation.

The website 'Kniha milosrdenství' is a small non-profit religious platform focused on Christian mercy and prayer, providing spiritual reflections, downloadable materials, and news updates primarily for the Czech Christian community. The domain is well-established since 2012 and hosted on Czech infrastructure, supporting its legitimacy and stable presence. Technically, the site uses basic HTML, CSS, and JavaScript with Google Analytics for visitor tracking but lacks modern CMS or advanced frameworks. Security posture is moderate with no visible security headers or privacy policies, and no HTTPS confirmation from the provided data, indicating room for improvement. Privacy compliance is low due to missing cookie and privacy policies and no consent mechanisms. Overall, the site is safe with no adult or questionable content, but it would benefit from enhanced security and privacy practices to improve trust and compliance.

P

Pěší pouť k Božímu milosrdenství - Pěší pouť

pout.cz

41

The website pout.cz is dedicated to organizing and providing information about the annual walking pilgrimage to Slavkovice, Czech Republic, focused on spiritual and religious activities related to Divine Mercy. The site targets a niche audience interested in religious pilgrimages and community events. The business model is non-commercial and community-driven, with offerings including event information, registration forms, and merchandise such as T-shirts. The domain is well established since 2006, supporting the site's legitimacy and history. Technically, the website uses a traditional HTML/CSS/JavaScript stack with jQuery libraries and embeds Google Forms for data collection. The site is hosted likely via the registrar Active24, a Czech hosting provider. The design and navigation are basic but functional, with moderate performance and limited mobile optimization. SEO and accessibility features are minimal but present. From a security perspective, the site uses HTTPS but lacks visible security headers and employs multiple versions of jQuery, which may introduce vulnerabilities. There are no privacy or cookie policies, and no explicit contact emails or phone numbers are provided, which impacts compliance and trust. The embedded Google Forms handle user data collection without visible privacy disclosures, representing a compliance gap. Overall, the website is safe and appropriate for general audiences, with no adult or questionable content. The domain registration data is consistent with the website's purpose and location. Strategic improvements in security headers, privacy compliance, and technical modernization would enhance the site's security posture and user trust.

A

as4u.cz, s.r.o.

stetsko.cz

60

The website www.stetsko.cz serves as a regional informational portal for the Štětí area in the Czech Republic, providing cultural, natural, and event-related information to residents and tourists. It is supported by local government entities and regional partners, offering a comprehensive calendar of events, news updates, and photo galleries. The business model is informational and promotional, focusing on community engagement and tourism support. Technically, the site is built on the Public4u CMS platform, utilizing jQuery and standard web technologies. It is mobile-optimized with a moderate performance profile and basic accessibility features. The site uses HTTPS and includes cookie consent mechanisms, but lacks advanced security headers and explicit security policies. From a security perspective, the site demonstrates a reasonable posture with HTTPS enforcement and cookie consent but lacks detailed security policies, incident response contacts, and vulnerability disclosures. The absence of WHOIS data for the domain reduces trust and raises questions about domain legitimacy, although the website content and partner affiliations suggest a legitimate regional service. Overall, the site is safe, professional, and trustworthy for general audiences, with recommendations to improve security headers, domain registration transparency, and privacy documentation to enhance compliance and trustworthiness.

P

Podřipské muzeum v Roudnici nad Labem - příspěvková organizace města Roudnice n. L.

podripskemuzeum.cz

57

Podřipské muzeum in Roudnice nad Labem is a public cultural institution operated as a contributory organization of the city. It focuses on preserving and presenting the history and culture of the Podřipsko region through permanent and temporary exhibitions, workshops, lectures, and public events. The museum targets local residents and visitors interested in regional heritage and cultural education. The website reflects a small but professionally managed institution with clear contact information and active social media presence. Technically, the website is built on the Webnode platform, leveraging modern web technologies including HTTPS, CDN hosting via Amazon Cloudfront, and Google Tag Manager for analytics. The site is mobile-optimized with good design and navigation, though some SEO and accessibility features could be enhanced. The cookie consent mechanism is implemented, but privacy and terms of service pages are missing, indicating partial compliance with GDPR requirements. From a security perspective, the site uses HTTPS and basic security headers but lacks advanced headers and a security.txt file for vulnerability disclosure. No WHOIS data is available, which limits domain trust assessment, but the website content and contact details suggest legitimacy. Overall, the security posture is moderate with room for improvement in compliance and security best practices. The overall risk is low given the nature of the institution and the website content. Strategic recommendations include adding privacy and terms policies, improving security headers, and publishing vulnerability disclosure information to enhance trust and compliance.

Ř

Říp, o.p.s.

vyletnarip.cz

42

Výlet na Říp is a regional tourism and cultural information website focused on the Podřipsko area in the Czech Republic. It provides visitors with detailed guides on local attractions, cycling routes, cultural events, and historical sites. The site targets tourists, cyclists, and families seeking leisure and educational activities in the region. The business operates as a small-scale informational platform supported by the regional organization Říp, o.p.s., with a clear focus on promoting local tourism and culture. Technically, the website employs modern web technologies including Google Fonts, Google Analytics, and Google Tag Manager, hosted by Wedos. The site is mobile-optimized with good SEO practices and a clear navigation structure. However, it lacks some advanced security headers and explicit privacy or terms of service pages, which are areas for improvement. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism compliant with GDPR principles, though no formal privacy policy was found. No critical vulnerabilities or suspicious activities were detected. The WHOIS data confirms domain legitimacy with consistent registration details and appropriate domain age. Overall, the website presents a trustworthy and professional platform for regional tourism promotion, with moderate technical maturity and a solid security baseline. Strategic enhancements in privacy documentation and security headers would further strengthen its compliance and trustworthiness.

Geveko Markings is a well-established company specializing in the development, manufacturing, and distribution of road marking materials and solutions globally. The website reflects a mature business with a comprehensive product portfolio targeting municipalities, contractors, and businesses involved in traffic safety and infrastructure. The company emphasizes quality, sustainability, and innovation with over 100 years of industry experience. Technically, the website is built on modern web standards using a CMS platform (Swift CMS), with responsive design and good SEO practices. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. However, the absence of WHOIS registration data for the domain raises concerns about domain legitimacy and registration transparency, which should be investigated further to ensure trustworthiness.

G

Geveko Markings Poland Sp. z o.o.

geveko-markings.pl

61

Geveko Markings Poland Sp. z o.o. is a medium-sized company specializing in road marking materials and solutions, operating primarily in Poland and Eastern Europe. The company recently integrated Farby Maestria Polska Sp. z o.o., enhancing its market presence and product portfolio. Their offerings include solvent-based paints, two-component materials, prefabricated road marking elements, thermoplastic materials, and road repair products. The website reflects a professional B2B supplier with a strong focus on technical documentation and customer support. Technically, the website uses modern web technologies including JavaScript, CSS, and Google Tag Manager for analytics and marketing. It is mobile-optimized and uses a CMS platform likely Swift CMS. Performance is moderate with good SEO and accessibility basics. However, security headers are not visibly implemented, and no dedicated security policy or incident response contacts are published. Security posture is generally good with HTTPS enforced and no visible vulnerabilities or exposed sensitive data. The cookie consent mechanism is comprehensive and GDPR compliant. The absence of WHOIS data for the domain is a concern but does not currently undermine the legitimacy of the business, which is supported by consistent branding, certifications, and clear contact information. Overall, the website and business present a trustworthy and professional image with room for improvement in security header implementation and transparency around security policies and incident response.

Geveko Markings is a well-established company specializing in the development, manufacturing, and distribution of road marking materials and solutions globally. With over 100 years of industry experience, the company offers a comprehensive product portfolio including preformed materials, hot-applied materials, paints, beads, aggregates, and equipment. Their website reflects a strong market position with detailed product lines, solutions for various traffic and safety needs, and a global presence through multiple regional domains. Technically, the website is built on a modern CMS platform (Swift CMS) with responsive design, good SEO, and accessibility features. The use of Google Tag Manager indicates moderate user tracking with privacy compliance mechanisms in place. Security posture is strong with HTTPS enforced and multiple security headers present, although public security policies and incident response information are not disclosed. The absence of WHOIS data suggests privacy protection, which is justified for a large enterprise. Overall, the website is professional, trustworthy, and business-focused with no signs of malicious activity or content blocking.

Geveko Markings is a well-established company specializing in the development, manufacturing, and distribution of horizontal road and surface markings tailored to various segments. The company offers a broad portfolio of solutions including regulatory traffic markings, parking and traffic area markings, decorative surfacing, accessibility and safety markings, road and surface repair, and event/sports-related markings. With a global presence and nearly a century of industry experience, Geveko Markings positions itself as a trusted supplier in the transportation sector. The website reflects a professional and comprehensive digital presence, supporting multiple regions and languages, and providing clear contact and corporate information. Technically, the website employs modern web technologies including HTML5, CSS3, JavaScript, and integrates Google Tag Manager for analytics and marketing. The site is mobile-optimized, accessible, and SEO-friendly, with a well-structured navigation system. The use of a proprietary CMS (Swift) and various JavaScript libraries enhances user experience. Security posture is good with HTTPS enforced and privacy compliance evident through detailed privacy and cookie policies with consent mechanisms. However, the absence of visible security headers and lack of explicit incident response or security policy pages suggest areas for improvement. The WHOIS data for the domain www.geveko-markings.co.uk is unavailable due to a Nominet UK naming rules error, which is unusual and raises questions about domain registration legitimacy. Despite this, the website content and business information appear consistent and professional. This discrepancy warrants further investigation to confirm domain ownership and legitimacy. Overall, Geveko Markings demonstrates a strong business and digital presence with good security and privacy practices. Strategic recommendations include enhancing security headers, publishing explicit security and incident response policies, and resolving WHOIS data issues to strengthen trust and compliance.

Geveko Markings is a well-established company specializing in the development, manufacturing, and distribution of road marking materials and solutions globally. With over 100 years of experience, the company offers a comprehensive range of products including preformed materials, hot-applied materials, paints, plural components, beads, aggregates, and equipment. Their market position is strong, supported by a consistent brand presence and a wide regional footprint with dedicated country-specific domains. The target audience primarily consists of businesses and organizations involved in road infrastructure and traffic management. Technically, the website is built with modern web technologies, including responsive design and accessibility features, and integrates Google Tag Manager for analytics with privacy-conscious consent defaults. Security posture is good with HTTPS enforced and no visible vulnerabilities, although some security headers could be improved and explicit security policies are absent. The WHOIS data for the domain is missing, which raises some concerns about domain registration transparency, but the overall business credibility remains high due to the professional website, certifications, and social media presence. Strategic recommendations include enhancing security headers, publishing incident response and vulnerability disclosure policies, and verifying domain registration details to improve trust.

Geveko Markings Germany GmbH is a well-established company specializing in the development, production, and distribution of horizontal road marking materials tailored to various sizes, materials, colors, and forms to meet segment-specific requirements. With over 100 years of experience and ISO 9001 certification, the company holds a strong market position in the transportation sector, serving primarily B2B customers focused on traffic safety and infrastructure. The website reflects a mature digital presence with comprehensive content, clear navigation, and multi-channel contact options. Technically, the site uses modern web technologies including Bootstrap, Google Analytics, Hotjar, and Facebook Pixel, hosted by Kortermann Hosting in Germany. Security posture is good with HTTPS enforced and privacy compliance evident through cookie consent mechanisms and a detailed privacy policy. No critical vulnerabilities or suspicious patterns were detected, indicating a trustworthy and professional online presence.

Geveko Markings is a well-established company specializing in the development, manufacturing, and distribution of road marking materials globally. With over 100 years of experience, the company offers a comprehensive range of products including preformed materials, hot-applied materials, paints, beads, aggregates, and equipment. Their market position is strong, supported by ISO9001 certification and a broad international presence with multiple regional domains. The website is professionally designed, mobile-optimized, and provides clear navigation and rich content tailored to business and municipal clients. Technically, the site uses modern web technologies and Google Tag Manager for analytics, with a good security posture including HTTPS enforcement. However, explicit security headers and incident response information are not prominently published, and the WHOIS data for the domain is missing, which raises some concerns about domain registration transparency. Overall, the site is trustworthy and professional but would benefit from enhanced security disclosures and WHOIS transparency.

A

add enterprise

addenterprise.com

54

add enterprise is a Saudi Arabia-based event planning and management company specializing in creating immersive and memorable experiences. Established in 2014, the company serves a broad audience including public and private entities across 18 countries and 4 continents. Their services encompass creative planning, production, design, operations, digital innovation, and integrated event management. The website demonstrates a professional digital presence with a modern tech stack based on Next.js and React, offering good mobile optimization and user experience. Security posture is moderate with HTTPS enabled and domain protection statuses, but lacks DNSSEC and explicit security policies. Privacy compliance is basic with privacy and cookie policies present but no active consent mechanisms. Overall, the site is trustworthy and well-positioned in its market segment.

ش

شركة رابط التواصل للخدمات التسويقية

bind.sa

59

Bind is a Saudi Arabia-based marketing communications company specializing in strategic communication, media, public relations, digital marketing, creative services, and production. The company targets brands and businesses seeking integrated marketing solutions to connect with their audiences effectively. The website presents a professional image with clear branding and showcases notable clients, indicating a solid market position in the regional media sector. Technically, the site uses modern JavaScript frameworks including Vue.js with inertia.js, and Laravel Nova for backend administration, supported by Google Tag Manager for analytics. Performance and mobile optimization are good, though accessibility features are basic. Security posture is strong with HTTPS enforced and no exposed sensitive data, but lacks some security headers and explicit incident response information. Privacy compliance is partial with privacy and cookie policies present but no active consent mechanism. Overall, the domain registration aligns with the business, though WHOIS data is incomplete, slightly reducing trust confidence.

The website aloula.sba.sa appears to be a minimal or placeholder site with very limited accessible content. It uses modern JavaScript technologies such as Nuxt.js and is hosted via Akamai CDN, with performance monitoring and analytics scripts like Boomerang and Google Tag Manager integrated. However, the site lacks visible business information, contact details, privacy or cookie policies, and any user-facing content. The absence of WHOIS data for the domain raises concerns about the legitimacy and registration status of the domain. Security posture is weak due to missing security headers and lack of visible security policies. Overall, the site is accessible but provides minimal information, resulting in a low trust and credibility score.

The website tartu.ee is currently inaccessible due to a Cloudflare Turnstile security challenge page that requires human verification before access. The domain is registered to Haridus- ja Teadusministeerium (EENet), an Estonian government educational and research network, consistent with the domain's representation of the city of Tartu. Due to the WAF challenge, no substantive website content, contact information, or policies are accessible for analysis. The technical infrastructure relies on Cloudflare services for security and performance. The security posture is limited by the lack of DNSSEC and absence of visible security headers, but the domain registration is legitimate and consistent with the entity. Privacy and cookie policies are not found, indicating compliance gaps. Overall, the website cannot be fully assessed until the WAF challenge is passed.

P

PAKKA s.r.o.

pakka.cz

44

PAKKA s.r.o. operates as a specialized retail business focused on swimming pools and related accessories in Pardubice, Czech Republic. The company is an authorized partner of Albixon a.s., a leading European manufacturer of pools and enclosures, positioning itself as a trusted provider with over 15 years of experience in the industry. Their offerings include custom pool enclosures, pool chemicals, robotic and manual pool cleaners, and comprehensive pool maintenance products. The website reflects a professional retail presence targeting both consumers and businesses interested in pool products in the region. Technically, the website is built using modern web standards including HTML5, CSS3, JavaScript, and Bootstrap framework, with additional libraries such as Swiper.js for carousels and SVGInject for image handling. The site is hosted on a Czech hosting provider, with good mobile optimization and moderate performance. SEO and accessibility are adequately addressed, though some improvements could be made. From a security perspective, the site enforces HTTPS and includes a Content-Security-Policy header to upgrade insecure requests. However, other important security headers are missing, and there is no visible privacy or cookie policy, which indicates compliance gaps with GDPR and related regulations. No forms or analytics scripts are present, minimizing data collection risks but also limiting user engagement and tracking capabilities. Overall, the website is trustworthy and professionally presented but would benefit from enhanced privacy compliance and security hardening. The domain registration data is consistent and transparent, supporting the legitimacy of the business. Strategic improvements in privacy policy implementation, security headers, and user data protection would strengthen the company's digital maturity and customer trust.

G

GTM West

gtmwest.com

9

GTM West is a travel industry event platform focused on connecting travel advisors and suppliers primarily in the western region. The website provides detailed sections about the event's mission, agenda, advisory board, and participant qualifications, targeting travel professionals. Technically, the site is built on Squarespace, leveraging modern web technologies and third-party analytics tools such as Google Tag Manager and LinkedIn Insight. The site is well-designed, mobile-optimized, and uses HTTPS with HSTS for secure communications. However, the absence of WHOIS registration data raises concerns about domain legitimacy and transparency. Additionally, the lack of privacy, cookie, and terms of service policies indicates gaps in compliance and user trust. Overall, the site is functional and professional but would benefit from enhanced transparency and compliance documentation.

FINEP CZ a.s. is a well-established Czech real estate developer specializing in new residential apartments, cooperative housing, and commercial spaces primarily in Prague and surrounding areas. The company offers a comprehensive suite of services including financial advisory and interior design consultancy, positioning itself as a full-service real estate provider. The website reflects a mature digital presence with detailed project information, pricing, and customer engagement features such as newsletter subscription and contact forms. Technically, the site employs modern JavaScript frameworks and tracking tools with appropriate consent mechanisms, ensuring GDPR compliance. Security posture is solid with HTTPS enforcement and secure form handling, though formal security policies and incident response contacts are not publicly documented. Overall, the site is professional, trustworthy, and user-friendly, supporting the company's market position as a leading Czech real estate developer.

T

TravelPulse Canada

travelpulse.ca

48

TravelPulse Canada operates as a media platform delivering travel news, videos, and deals targeted primarily at Canadian travelers and travel industry stakeholders. The website presents a professional and consistent brand image with a focus on travel-related content. Technically, the site employs modern JavaScript libraries, video players, and multiple analytics and advertising services, indicating a mature digital infrastructure. Security posture is adequate with HTTPS enforced, though some security headers and policies could be improved. The absence of WHOIS data and privacy/cookie policies in the provided content limits full trust and compliance assessment. Overall, the site appears legitimate and functional but would benefit from enhanced transparency and security practices.

N

Create beautiful forms to fill your Notion databases - NoteForms

noteforms.com

60

NoteForms is a technology startup founded in 2023 that offers a SaaS platform enabling users to create beautiful forms integrated with Notion databases. The website is built using modern JavaScript frameworks (Nuxt.js) and hosted on AWS infrastructure, indicating a contemporary technical foundation. Google Tag Manager is used for analytics and tracking, reflecting standard digital marketing practices. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers, which are recommended for enhanced protection. Privacy and cookie policies are absent, which is a compliance gap. Overall, the website is functional and professional but would benefit from improved privacy compliance and security practices.

R

Rittal GmbH & Co. KG

rittal.com

63

Rittal GmbH & Co. KG operates a professional website focused on industrial manufacturing solutions including enclosures, power distribution, climate control, IT infrastructure, software, and automation services. The company targets industrial and manufacturing sectors globally, as evidenced by multiple language versions of the site. The website demonstrates a moderate level of digital maturity with modern frontend technologies such as Vue.js and good SEO practices. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate gaps in transparency and privacy compliance. Security posture is moderate with no explicit security headers detected, and no visible incident response or vulnerability disclosure information. Overall, the website is professional and trustworthy in content but would benefit from enhanced security and privacy disclosures to improve compliance and user trust.

N

NRK and Meteorologisk institutt

yr.no

67

Yr is a reputable weather forecasting website operated as a collaboration between NRK, the Norwegian Broadcasting Corporation, and the Norwegian Meteorological Institute. It provides comprehensive weather forecasts including hourly updates, long-term forecasts, precipitation maps, and weather warnings for over 10 million locations worldwide. The site targets a broad audience including the general public and outdoor enthusiasts, positioning itself as a leading weather information provider in Norway with global reach. The business model is public service oriented, offering free access to weather data and related content.

T

Turancar.cz

turancar.cz

54

Turancar.cz operates as a specialized dealer and service provider for ISUZU buses and related products in the Czech Republic. The company focuses on sales of various ISUZU bus models, warranty and post-warranty servicing, and supplying original spare parts including industrial engines. Their market position is that of a niche transportation sector player catering to bus operators, municipalities, and schools. The website is professionally designed using modern web technologies such as Next.js and React, providing a good user experience with clear navigation and mobile optimization. Privacy compliance is well addressed with GDPR policies and cookie consent mechanisms in place. However, the absence of WHOIS registration data reduces domain trustworthiness, although the website content and contact information appear legitimate and professional. Security posture is moderate with HTTPS assumed but lacking explicit security headers and incident response information.

T

TRANSPORT.SK, TRANSPORT-LOGISTIKA.CZ – LUXUR MEDIA SK, S.R.O.

topczechtransport.cz

41

Top Czech Transport is a newly established platform focused on organizing a reader poll for the best commercial vehicle brands in Czechia and Slovakia. It is backed by the magazine TRANSPORT and LOGISTIKA and operated by LUXUR MEDIA SK, S.R.O. The website serves as a hub for voting and industry engagement, targeting transport and logistics professionals and enthusiasts. The platform leverages WordPress CMS with modern UI components such as Smart Slider 3, ensuring a visually appealing and responsive user experience. However, the site lacks critical privacy and cookie policies, which are essential for GDPR compliance and user trust. Security posture is moderate with HTTPS enabled but missing security headers and incident response contacts. Social media integration is present, enhancing outreach and engagement. Overall, the website is functional and professional but requires improvements in privacy compliance and security best practices to enhance trust and regulatory adherence.

E

ESA logistika s.r.o.

esa-logistics.cz

48

ESA logistika s.r.o. is a well-established logistics service provider founded in 2010, operating primarily in the Central and Eastern European (CEE) region. The company offers a comprehensive range of logistics services including transportation solutions, value-added services (VAS), distribution, warehousing, customs declarations, and outsourcing. Their market position is that of a reputable and recognized player in the logistics sector within the Czech Republic and surrounding countries. The website reflects a professional business model targeting corporate clients requiring integrated logistics solutions. Technically, the website is built on WordPress using the Divi theme, with integration of Facebook Pixel for marketing purposes. The site demonstrates good SEO practices with multilingual support and structured data, but lacks explicit privacy and cookie policies, which impacts compliance and user trust. Security posture is moderate, with no detected security headers or incident response information, indicating room for improvement in security best practices. Overall, the website is functional, professionally designed, and provides relevant business information, but would benefit from enhanced privacy compliance and security transparency.

DKV Mobility is a well-established European B2B provider specializing in tank cards, toll services, and fleet management solutions. The company targets fleet operators and businesses with vehicle fleets, offering efficient and comprehensive mobility services across Europe. The website reflects a professional and consistent brand presence with a focus on user experience and compliance with privacy regulations such as GDPR. Technically, the site employs modern JavaScript frameworks including Preact and integrates Usercentrics for consent management, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced, proper security headers, and no visible vulnerabilities or exposed sensitive data. However, the absence of WHOIS registrant data and lack of explicit security policies or incident response information slightly reduce trustworthiness. Overall, the site is secure, privacy-compliant, and professionally maintained, suitable for its business audience.

F

Formbricks GmbH

formbricks.com

72

Formbricks GmbH operates an open source experience management platform positioned as a privacy-first alternative to Qualtrics. Founded in 2022, the company targets product teams and developers seeking customizable survey and feedback tools with strong privacy controls and self-hosting options. The website demonstrates a modern, professional design with clear messaging and trust signals including client logos and testimonials from reputable industry figures. Technically, the site leverages Next.js and React frameworks, hosted with Cloudflare DNS, and employs HTTPS with good SSL configuration. Security posture is solid but could be improved by enabling DNSSEC and publishing explicit security policies. Privacy compliance is strong with a comprehensive privacy policy, though cookie consent mechanisms and terms of service are absent. Overall, the site reflects a mature digital presence for a young technology company with a focus on open source and privacy.

S

Smotly I Création de sites web e-commerce et vitrine, SEO, SEA

smotly.com

41

Smotly is a French web agency specializing in the creation of e-commerce and showcase websites, along with SEO and SEA digital marketing services. The website is built on WordPress using Elementor and incorporates modern web technologies such as Google Tag Manager and Google Ads for marketing and analytics. The site is accessible without any WAF or security challenges, indicating good availability. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. The website lacks visible privacy, cookie, and terms of service policies, which impacts compliance with GDPR and other privacy regulations. No contact information or incident response details are present, limiting direct communication channels for users or security reporting.

P

Planorama

planorama.dk

65

Planorama is a Danish company specializing in advanced course management software designed to automate and streamline all aspects of course administration, including communication, invoicing, e-learning, and evaluations. The platform integrates seamlessly with existing websites, ERP systems, CRM, marketing, and BI tools, positioning itself as a comprehensive solution for businesses offering educational services. The website content is professional, well-structured, and targeted primarily at organizations seeking to improve their course delivery and management efficiency. Technically, the website leverages Umbraco CMS, JavaScript libraries including jQuery, and integrates third-party analytics and marketing tools such as Google Analytics, Prism, and VGO tracking. The site demonstrates good mobile optimization and SEO practices, although accessibility features are basic. Performance is moderate, with room for improvement in security headers and SSL configuration transparency. From a security perspective, the site uses HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, explicit security policies and incident response contacts are not found, and WHOIS data is unavailable, which slightly reduces trust from a domain registration standpoint. No critical vulnerabilities or exposed sensitive data were detected in the analyzed content. Overall, Planorama presents a credible and professional online presence with a solid business model and technical foundation. Strategic improvements in security transparency, WHOIS data availability, and accessibility could further enhance trust and compliance.

D

DAV NORDIC A/S

davnordic.se

63

DAV NORDIC A/S is a medium-sized Nordic company specializing in traffic safety and sustainable steel infrastructure solutions. The company offers project-optimized products focusing on economy, work environment, and quality, targeting infrastructure and transportation sectors primarily in Denmark and Sweden. Their website is professionally designed, multilingual, and provides clear contact information and product categories. Technically, the site is built on WordPress, uses Google Tag Manager and Cookiebot for analytics and consent management, and is hosted on Danish DNS servers. Security posture is good with HTTPS enforced and cookie consent implemented, though DNSSEC is not enabled and some security headers are missing. No explicit security or incident response policies are published. The domain is well-established since 2016, consistent with the business profile, and shows no suspicious patterns. Overall, the website is trustworthy, compliant with GDPR, and provides a good user experience.

T

TnG Air

zatopime.cz

59

TnG Air is a Czech manufacturer specializing in air-to-water heat pumps and photovoltaic systems, serving customers primarily in the Czech Republic and Slovakia. The company emphasizes a comprehensive service model including design, delivery, installation, and after-sales support, backed by a 10-year warranty and a dedicated service network. Their market position is strengthened by over 10,000 installations and 26 years of technology development. The website is professionally designed, mobile-optimized, and rich in content, targeting residential and commercial property owners seeking energy-efficient heating and solar solutions. Technically, the website leverages modern JavaScript libraries, Google Analytics, Hotjar for user behavior analysis, and is built on the Solidpixels CMS platform. It employs HTTPS with good SSL configuration and includes cookie consent mechanisms aligned with GDPR. However, the absence of WHOIS data and missing HTTP security headers present areas for improvement in trust and security posture. Security-wise, the site demonstrates good practices such as secure forms with validation and anti-spam tokens, but lacks explicit security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected. The overall risk is moderate with recommendations to enhance HTTP security headers and publish security policies. Overall, TnG Air's digital presence reflects a mature, trustworthy energy solutions provider with room to improve domain transparency and security hardening to further boost customer confidence.

M

Maschinenfabrik Berthold HERMLE AG

hermle.de

58

Maschinenfabrik Berthold HERMLE AG is a leading German manufacturer specializing in CNC milling machines, portal milling machines, and custom CNC special machines with nearly 90 years of industry experience. The company serves diverse sectors including medical technology, general machinery, optics, aerospace, and automotive industries, emphasizing precision, performance, and comprehensive service. Their business model integrates manufacturing with extensive customer support, training, and aftermarket services, positioning them as a technology leader in precision machining. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and integrating marketing and analytics tools such as Facebook Pixel, Leadinfo, and eTracker, with a strong focus on GDPR-compliant cookie management. Security posture is robust with HTTPS enforced and no visible vulnerabilities, though formal security policies and incident response contacts are not explicitly published. Overall, the site presents a professional, trustworthy, and well-structured digital presence aligned with the company's market position and business objectives.

Č

Časopis CzechIndustry

casopisczechindustry.cz

54

Časopis CzechIndustry is a specialized magazine focusing on Czech industry, commerce, transport, and construction sectors. It serves a niche audience of industry professionals and stakeholders by providing news, expert interviews, and event information relevant to the Czech industrial landscape. The website content is well-structured and relevant, reflecting a small but focused publishing business. Technically, the site is built on the Webnode CMS platform, leveraging AWS Cloudfront CDN and Google Analytics for tracking with IP anonymization, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies, which are important for compliance and trust. The absence of WHOIS data reduces transparency and trustworthiness, although the presence of clear contact information and consistent branding supports legitimacy. Overall, the site is functional and professional but would benefit from enhanced security and compliance measures.

T

Truck1 Sp.z.o.o.

truck1.eu

56

Truck1.eu operates as a well-established European online marketplace specializing in the sale of used trucks, light commercial vehicles, construction, and agricultural machinery. Founded in 2003 and headquartered in Poland, the company connects trusted dealers worldwide with buyers seeking commercial vehicles and related equipment. The platform offers a broad inventory exceeding 300,000 listings and supports multiple languages and currencies, catering to a global audience. Its business model focuses on providing a comprehensive digital marketplace with additional promotional and paid services for sellers. Technically, the website employs a modern technology stack including Google Tag Manager, Google Analytics, Facebook Pixel, TikTok Analytics, and other major advertising and tracking tools. The site is secured with HTTPS and implements standard security headers, ensuring a secure browsing experience. Mobile optimization and SEO practices are well addressed, although accessibility features could be enhanced further. The website is performant with moderate loading speeds and a professional design. From a security perspective, Truck1.eu demonstrates good practices such as enforcing HTTPS, using security headers, and securing user input forms. However, it lacks publicly available security policies, incident response contacts, and vulnerability disclosure mechanisms, which are recommended for improving transparency and readiness. The extensive use of third-party tracking scripts indicates a high level of user data collection, which is partially mitigated by a comprehensive privacy and cookie policy compliant with GDPR. Overall, Truck1.eu presents a low-risk profile with strong business credibility and technical maturity. Strategic recommendations include publishing detailed security policies, establishing incident response contacts, and enhancing accessibility and privacy transparency to further strengthen trust and compliance.