Security Directory

K

Koloo

koloo.cz

44

Koloo is a Czech-based marketing technology company offering a widget/plugin designed to increase conversions and sales for e-commerce and local business websites. The company targets small to medium-sized businesses such as online shops, cafes, restaurants, and service providers. Their business model is subscription-based SaaS with tiered pricing plans and a free demo option. The website is professionally designed, content-rich, and provides clear information about services, pricing, and customer testimonials, establishing a credible market presence since 2014. Technically, the website employs a modern tech stack including jQuery, Google Fonts, Google Analytics, Facebook Pixel, Smartlook, and Google reCAPTCHA for security. The site is HTTPS secured with a valid SSL certificate and demonstrates good mobile responsiveness and SEO practices. However, it lacks some security headers and a cookie consent mechanism, which are areas for improvement. From a security perspective, the site shows good practices such as HTTPS enforcement and form validation but could enhance its posture by implementing additional HTTP security headers and a security.txt file. The absence of WHOIS data limits domain trust verification, though the website content and business information are consistent and professional. Overall, Koloo presents a trustworthy and functional marketing tool website with moderate technical sophistication and a solid business foundation. Strategic improvements in security headers and privacy compliance would further strengthen its security posture and regulatory adherence.

E

EDU LK

edulk.cz

56

EDULK.cz is an established regional educational and informational portal serving the Liberecký kraj region in the Czech Republic. Founded in 2010, it provides comprehensive resources for schools, educators, students, and parents including news, school directories, event calendars, job listings, and educational projects. The portal is co-financed by the European Social Fund and the Czech state budget, indicating a strong governmental affiliation and trustworthiness. Technically, the website uses a custom CMS with modern JavaScript libraries such as jQuery and Google Tag Manager for analytics. The site is mobile optimized, accessible, and SEO friendly with good content quality and clear navigation. Security posture is solid with HTTPS enforced and cookie consent implemented, though security headers and explicit security policies could be improved. No critical vulnerabilities or suspicious patterns were detected. Overall, the site demonstrates a mature digital presence with a focus on regional educational support.

Hejkal is a small local business based in Havlíčkův Brod, Czech Republic, operating a café, grocery store, publishing house, and organizing an annual autumn book fair. The website serves as an informational portal for these services, targeting local customers and visitors interested in cultural events and retail offerings. The business model combines hospitality, retail, and media/publishing sectors, positioning itself as a community hub for food, books, and events. Technically, the website is built on WordPress 4.9.28 using the Twenty Seventeen theme, with jQuery 1.12.4 and Google Fonts integration. The site is accessible over HTTPS, but lacks modern security headers and uses outdated libraries, indicating moderate digital maturity. Mobile optimization and accessibility are basic, with room for improvement in SEO and user experience. Security posture is moderate with HTTPS enabled but missing key security headers and no visible vulnerability disclosures or incident response contacts. Privacy compliance is weak due to absence of privacy and cookie policies, which is a compliance risk under GDPR. Contact information is clearly presented, enhancing business credibility despite the lack of WHOIS transparency. Overall, the website is functional and serves its purpose for a small local business but requires updates in security, privacy compliance, and technical modernization to improve trust and resilience.

Podzvičinsko, z. s. operates the website www.podkrkonosi.eu as a regional tourism portal for the Podkrkonoší area in the Czech Republic. The site provides visitors with information on local events, attractions, and cultural highlights, targeting tourists and regional visitors. The business model focuses on promoting tourism and supporting local cultural and recreational activities. The website is well-branded and consistent, with clear contact information and partnerships with regional and governmental organizations, indicating a credible and established presence. Technically, the website employs a moderate technology stack including jQuery 1.10.2, Bootstrap 4.4.1, Google Maps API, and Font Awesome. It is mobile-optimized and uses HTTPS, but lacks some modern security headers and uses an outdated jQuery version, which could pose security risks. Performance is moderate, and SEO and accessibility are basic but functional. Security posture is generally good with HTTPS enforced, but the absence of security headers and outdated libraries suggest room for improvement. Privacy compliance is weak due to missing privacy and cookie policies, which is a notable compliance gap. No incident response or vulnerability disclosure information is present. Overall, the website is safe, professional, and trustworthy for general audiences, with no adult or questionable content. The domain WHOIS data is unavailable or privacy protected, but the website content and partner affiliations support legitimacy. Strategic recommendations include adding privacy and cookie policies, updating libraries, and implementing security headers to enhance security and compliance.

D

Dativery

dativery.com

55

Dativery is a technology company specializing in business application integrations and automation solutions, primarily serving e-commerce and accounting sectors. Their platform connects various applications such as e-shops, payment gateways, and accounting software to streamline business processes and reduce operational costs. The website presents a professional and modern interface, indicating a mature digital presence with a focus on usability and clear service offerings. Technically, the site is built on WordPress using the Bricks Builder theme and employs Matomo for analytics, reflecting a commitment to privacy-conscious tracking. Security posture is generally good with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and explicit privacy policies suggests room for improvement. The lack of WHOIS registration data is a concern for domain legitimacy, but the overall business presentation and service portfolio indicate a credible operation. Strategic recommendations include enhancing transparency with privacy and cookie policies, adding security headers, and verifying domain registration details to bolster trust.

W

wisecode srl unipersonale

histats.com

66

Histats.com is a web analytics and hit counter service provider offering free and professional visitor tracking tools primarily targeted at website owners and webmasters. The company, identified as wisecode srl unipersonale, has been operating since 2005 and provides a variety of services including real-time stats, log analysis, and geolocation tracking. The website is monetized through advertising networks and integrates multiple third-party ad and tracking services. Technically, the site uses modern JavaScript libraries such as jQuery and Lodash, Google Fonts, and Google Analytics, with a basic but functional mobile experience. Security posture is good with HTTPS enforced and a GDPR-compliant consent management platform in place. However, the absence of WHOIS registration data raises concerns about domain legitimacy, although the website content and business information appear professional and trustworthy.

The website dopravniinfo.gov.cz serves as the official traffic information portal for the Czech Republic, operated by the Ředitelství silnic a dálnic ČR (Road and Motorway Directorate). It provides real-time updates on traffic conditions, accidents, road closures, and other relevant transportation data, targeting the general public and road users within the country. The platform integrates advanced mapping technologies and fleet vehicle data to offer accurate and timely traffic insights. Technically, the site employs modern web technologies including React and Material-UI, ensuring a responsive and user-friendly experience across devices. Security-wise, the site uses HTTPS and has a cookie consent mechanism, but lacks visible security headers and explicit security policies, which are areas for improvement. The absence of WHOIS data is notable but likely due to registry policies for government domains. Overall, the site is trustworthy, professional, and serves a critical public function with moderate technical maturity and a good security posture.

D

Droptop GmbH

linevast.de

41

Linevast Hosting, operated by Droptop GmbH since 2013, is a German-based web hosting provider offering a range of services including web hosting, managed servers, domain registration, and various add-ons such as Redis and Elasticsearch. The company emphasizes quality, reliability, and personalized customer service, supported by an ISO 27001 certified data center. Their market position is that of a trusted, small-sized technology provider focused on the German market. Technically, the website uses modern web technologies including Bootstrap, jQuery, and FontAwesome, with Cloudflare DNS services. The site is mobile-optimized and well-structured, though it lacks a CMS and advanced analytics tools. Security posture is strong with ISO certification and HTTPS, but could be improved by adding security headers and a vulnerability disclosure policy. Privacy compliance is good, with clear privacy and cookie policies and GDPR adherence. Overall, the website is professional, trustworthy, and well-aligned with its business goals.

M

Městská knihovna v Praze

mlp.cz

55

Městská knihovna v Praze operates as a major public library serving the city of Prague, offering a wide range of cultural and educational services including lending books, music, films, and artworks, as well as hosting cultural events and providing free e-book downloads. The website is professionally designed, multilingual, and provides user account functionality. Technically, the site uses established JavaScript libraries and APIs, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent, but lacks some advanced security headers and uses an outdated jQuery version. WHOIS data is unavailable, which slightly impacts trust but the official city affiliation and professional presentation support legitimacy. Overall, the site is a reliable public service portal with room for security and technical improvements.

C

CzechTourism

czechtourism.cz

63

CzechTourism is the official national tourism organization of the Czech Republic, focused on promoting the country as a travel destination through various marketing activities and projects. The website serves as a digital platform to communicate these efforts to tourists and industry stakeholders. Technically, the site employs modern frontend technologies such as Vue.js and integrates Google services like Tag Manager and reCAPTCHA, indicating a moderate level of digital maturity. Security posture is adequate with HTTPS implied and reCAPTCHA usage, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. Overall, the site appears trustworthy and professional, but the absence of WHOIS data and privacy documentation slightly reduces confidence.

N

Next analytica

nextanalytica.io

62

Next analytica is a Czech-based technology company specializing in server-side tracking solutions designed to enhance marketing campaign performance by increasing data accuracy and speed. Their offerings include proprietary server-side analytics products, Looker Studio reporting, margin import tools, and web analytics consulting. The company targets marketing professionals, e-commerce platforms, and agencies, positioning itself as a trusted provider with a strong regional presence and a medium-sized team of experts. Technically, the website is built on Webflow CMS, leveraging modern cloud infrastructure primarily hosted on Microsoft Azure and AWS, with integrations to Google Tag Manager, Facebook Pixel, and other marketing tools. The site demonstrates good performance, mobile optimization, and SEO practices. Security-wise, the site enforces HTTPS, provides cookie consent mechanisms compliant with GDPR, and uses server-side tracking to improve data control. However, it lacks explicit security headers and published incident response policies. WHOIS data is unavailable due to privacy protection, which is justified for this business type. Overall, the website is professional, trustworthy, and well-structured, with room for improvement in security transparency and accessibility.

Q

QCM

qcm.cz

66

QCM is a Czech Republic-based IT company specializing in digital solutions for public procurement management and electronic communication. Established in 2001, it has developed a suite of software products and services used by major public institutions and private entities involved in public procurement. The company offers products such as E-ZAK, PVU, Qlex, and Portál dodavatele, alongside training, administration, and legal advisory services. Their market position is strong within the Czech public sector, supported by a medium-sized team and a large client base exceeding 15,700 users. Technically, the website is built on modern web technologies including JavaScript frameworks, Google Fonts, Google Tag Manager, Microsoft Clarity, and Facebook Pixel for analytics and marketing. The site is mobile-optimized, fast-loading, and uses HTTPS with reCAPTCHA for form security. The CMS appears to be Puxdesign, indicating a custom or specialized platform. SEO and accessibility are well implemented, contributing to a professional digital presence. From a security perspective, the site enforces HTTPS and uses standard security measures such as CAPTCHA and cookie consent banners. However, it lacks explicit security headers and does not publish a security policy or incident response contacts, which are areas for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is strong with a clear GDPR policy and cookie management. Overall, QCM presents a trustworthy and professional online presence with a mature business model focused on government digitalization. Strategic recommendations include enhancing security headers, publishing security policies, and adding vulnerability disclosure mechanisms to further strengthen trust and compliance.

M

MJM agro, a. s.

mjm.cz

68

MJM agro, a. s. is a Czech agricultural company established in 1997, specializing in precision agriculture systems such as Prefarm, along with a broad portfolio of agricultural products including crop protection agents, fertilizers, seeds, animal feed, and energy products. The company serves agricultural enterprises, farms, and small growers, positioning itself as a reliable partner in the agricultural sector. It is part of the Reticulum Holding group, indicating a stable corporate structure. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to its target audience. Technically, the website employs a moderate technology stack including jQuery, Bootstrap, and Cookiebot for cookie consent management. It uses Google Analytics and Seznam.cz retargeting for marketing and analytics purposes. The site is mobile responsive and has good SEO practices, although some accessibility features could be enhanced. Security-wise, HTTPS is enforced and reCAPTCHA is used for bot protection, but the absence of security headers and outdated JavaScript libraries suggest room for improvement. The security posture is solid but not exemplary, with no critical vulnerabilities detected in the visible content. Privacy compliance is well addressed with a comprehensive cookie consent mechanism and clear privacy policy documentation. However, the lack of WHOIS data for the domain reduces trust slightly, although the website content and business information appear legitimate and professional. Overall, MJM agro's website is a well-structured, professional platform that effectively supports its business objectives. Strategic improvements in security headers, updated libraries, and enhanced accessibility would further strengthen its digital maturity and trustworthiness.

Imki is a French technology company specializing in augmented creative AI solutions tailored for the luxury and fashion industries. The company offers bespoke AI tools that integrate brand DNA and product attributes to accelerate and enhance the creative process, reducing time to market and minimizing waste. Imki has established partnerships with notable brands such as The Kooples, Jonak, and Turkish industrial leaders in denim manufacturing, positioning itself as an innovator in its niche market. The website reflects a professional and modern digital presence built on WordPress, with strong SEO and accessibility features, and multimedia content showcasing use cases and collaborations. Security posture is solid with HTTPS and cookie consent mechanisms, though some advanced security headers and policies are absent. Overall, Imki demonstrates a mature digital infrastructure and credible business model with good compliance to privacy regulations.

K

Kipaş Textiles

kipastextiles.com

62

Kipaş Textiles is a large-scale textile manufacturing company based in Turkey, operating as a subsidiary of Kipaş Holding. The company boasts the largest fully integrated textile production facility in Europe, offering a wide range of products including yarns, fashion textiles, deco, technical textiles, and fiber production. The website reflects a professional corporate presence with clear segmentation of business areas and a focus on B2B clients in the textile industry. Technically, the website is built on WordPress using the Enfold theme, with standard modern web technologies and Google Tag Manager for analytics. The site is mobile optimized and provides a good user experience with clear navigation and relevant content. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and DNSSEC. Privacy compliance is basic with presence of cookie and KVKK policies but no active consent mechanism. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the website is trustworthy and professional but could improve in security and privacy transparency.

O

Operátor ICT, a.s.

pidlitacka.cz

60

Operátor ICT, a.s. operates the Lítačka e-shop and smart card system for public transportation in Prague and the Central-Bohemian Region. The website serves as a comprehensive platform for purchasing tickets, ordering smart cards, and accessing travel information. It is well integrated with official city and regional transport authorities, reflecting a strong market position in the regional transportation sector. The target audience includes residents, students, seniors, and tourists who use public transport services. Technically, the website is built on modern frameworks such as Next.js and React, with a backend CMS powered by Strapi, and assets served via Azure CDN. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers could be improved and a public security policy is absent. Privacy compliance is generally good with a clear privacy policy and terms of service, but lacks an explicit cookie consent mechanism. Overall, the website is professional, trustworthy, and well-maintained, supporting the business's credibility and operational needs.

The website 'Gib Antikommunismus keine Chance' is a German-language political initiative advocating for a factual discussion about socialism and communism, opposing modern anti-communism. It operates as a non-profit campaign platform providing informational content, public calls to action, and a signature collection mechanism. The site targets politically engaged individuals interested in leftist political discourse. Technically, the site is built on WordPress 5.5.17 with standard plugins and libraries such as jQuery and Font Awesome, hosted on German nameservers consistent with the domain's origin. The website is mobile-optimized with moderate performance and basic SEO and accessibility features. Security posture is adequate with HTTPS enforced and no visible vulnerabilities, but lacks advanced security headers and explicit privacy compliance mechanisms. No advertising or tracking technologies are present, indicating a privacy-conscious approach. WHOIS data is transparent and consistent with the website's claims, enhancing legitimacy. Overall, the site is functional and trustworthy but would benefit from improved privacy compliance and security hardening.

W

white label eCommerce

the-white-label.com

61

white label eCommerce is a small German-based company specializing in providing white label ticketing and e-commerce software solutions. Their platform targets businesses and organizations seeking independent and modern ticketing and e-commerce capabilities under their own brand. The website is built on WordPress using modern technologies such as Bootstrap, Font Awesome, and Visual Composer, indicating a moderate level of digital maturity. SEO and marketing tools like Yoast SEO and Google Tag Manager are implemented to enhance visibility and user engagement. Security posture is adequate with HTTPS enabled and domain transfer protections, but lacks advanced DNS security and security headers. Privacy compliance is basic, with a cookie consent mechanism present but no explicit privacy or terms of service pages found. Overall, the website is professional and trustworthy but could improve transparency and security practices.

T

Tinycc

tinycc.com

69

Tinycc is a well-established URL shortening and link management service founded in 2004, offering branded short URLs, retargeting pixels, analytics, and custom domain management to marketing professionals and businesses. The company positions itself as a reliable and feature-rich platform with a strong client base including notable brands. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, and Bing Ads tracking, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforced and domain transfer protection, though improvements like DNSSEC and security headers are recommended. Privacy compliance is strong with clear policies and cookie consent mechanisms. Overall, Tinycc demonstrates a mature digital presence with high trustworthiness and professional content.

Imki is a French technology company specializing in augmented creative AI solutions tailored for the luxury and fashion industries. Their bespoke AI tools integrate brand DNA to accelerate creative processes and product development, helping brands reduce time to market and minimize waste. The company is positioned as an innovative leader with recognized partnerships and awards, including the CES Innovation Award. Technically, the website is built on WordPress with modern plugins and scripts, hosted on AWS infrastructure, and demonstrates good SEO, accessibility, and mobile optimization. Security posture is strong with HTTPS, secure hosting, and cookie consent mechanisms, though DNSSEC is not enabled and some security headers could be improved. Overall, Imki presents a professional, trustworthy, and compliant digital presence aligned with its business goals.

AlwaysInDemand.com is a specialized educational and career awareness platform focused on promoting HVAC industry careers and providing scholarship opportunities through the HVAC HERO Scholarship program. The website is operated by the EGIA Foundation, a non-profit entity, and targets students and individuals interested in entering the HVAC trade. The platform offers resources, a trade school directory, and scholarship application information, positioning itself as a niche resource in the energy and education sectors. Technically, the website is built on WordPress and leverages common web technologies such as jQuery, Google Analytics, and Facebook Pixel for tracking and analytics. Hosting appears to be on Amazon AWS infrastructure, indicated by the DNS servers. The site is mobile optimized with good SEO practices and structured data implementation, although accessibility features are basic. From a security perspective, the site uses HTTPS with a good SSL configuration and domain registration protections such as clientDeleteProhibited status. However, it lacks DNSSEC and security headers like CSP or HSTS, which are recommended for enhanced security. No privacy or cookie policies are explicitly presented, and no consent mechanisms are detected, which may pose compliance risks. Contact information is limited to a contact form with no direct emails or phone numbers visible. Overall, the website is professionally designed and trustworthy with moderate security posture and some compliance gaps. Strategic improvements in privacy policy publication, cookie consent, and security header implementation would enhance the site's security and compliance standing.

HVAC Distributor University is a specialized educational platform launched in late 2024, focused on providing training and development resources for HVAC distributors and their sales teams. The platform offers a variety of services including online courses, live training sessions, resource libraries, and membership packages. It is affiliated with EGIA, a recognized industry association, which enhances its credibility and market positioning. The website is professionally designed with clear navigation and relevant content tailored to its niche audience. Technically, the site is built on WordPress, hosted by Nexcess, and uses modern web technologies such as jQuery and FontAwesome. While performance and mobile optimization are good, there is room for improvement in accessibility and security headers. Security posture is solid with HTTPS enforced, but the absence of DNSSEC and security headers slightly reduces the overall security score. Privacy compliance is partial; a comprehensive privacy policy is linked but no cookie consent mechanism is present. Contact information is clearly provided, including phone, email, and physical address, supporting business credibility. Overall, the website presents a trustworthy and professional front for its business model, with minor technical and compliance enhancements recommended.

S

SWISS ELEMENTIC

swisselementic.com

56

SWISS ELEMENTIC operates an innovative Drive-in Boatwash service in Switzerland, offering boat hull cleaning up to 16 meters in length directly in the water. The company positions itself as a pioneer in the Swiss market with a focus on ecological and efficient boat maintenance, reducing the need for harmful antifouling paints and improving fuel efficiency. Their business model includes direct service offerings with booking and subscription options, targeting boat owners seeking convenient and environmentally friendly cleaning solutions. The website is professionally designed using WordPress with modern page builders and includes multilingual support, social media integration, and a cookie consent mechanism, reflecting a mature digital presence. Security posture is good with HTTPS enforced and cookie consent implemented, though some security headers and DNSSEC are missing. No privacy policy or terms of service documents were found, which is a compliance gap. Overall, the domain registration is consistent with the business timeline and shows no suspicious patterns, supporting legitimacy.

EGIA is a well-established organization founded in 2003, specializing in contractor training, financing solutions, utility services, and nonprofit workforce development within the HVAC and energy sectors. The company operates multiple subsidiary platforms including Contractor University, HVAC Distributor University, OPTIMUS Financing, and the EGIA Foundation, positioning itself as a comprehensive service provider in its industry. The website reflects a mature digital presence with consistent branding and clear navigation aimed at contractors, distributors, manufacturers, and utility partners. Technically, the site is built on WordPress with WooCommerce and Gravity Forms, leveraging modern web technologies and providing a moderate performance experience with good mobile optimization. Security posture is adequate with HTTPS and reCAPTCHA implemented, though there is room for improvement in security headers and formal security policies. Privacy compliance is weak due to the absence of explicit privacy and cookie policies. Overall, the website is professional, trustworthy, and safe for general audiences, with a strong business credibility score.

G

Gorgias

gorgias.help

67

Gorgias is a technology company specializing in conversational AI platforms tailored for ecommerce businesses. Their platform integrates AI agents, helpdesk solutions, chat, and FAQ automation to enhance customer support and drive sales. Positioned as a leading solution trusted by over 15,000 brands, Gorgias targets ecommerce merchants seeking to automate and improve customer interactions. The website reflects a mature digital presence with professional design, clear messaging, and extensive use of modern marketing and analytics technologies. The technical infrastructure leverages Webflow CMS, Google Analytics, Amplitude, Facebook Pixel, and advanced A/B testing tools like VWO, indicating a high level of digital maturity and performance optimization. Security posture is strong with HTTPS enforcement, security headers, and cookie consent mechanisms, although explicit security policies and incident response contacts are not publicly disclosed. WHOIS data is unavailable, which slightly impacts trust but the overall business credibility remains high based on website content and technology use. Strategic recommendations include publishing detailed security and incident response policies and establishing a vulnerability disclosure program to enhance transparency and trust.

DIGITALECUADOR CIA LTDA is a small Ecuadorian technology company specializing in domain registration, web hosting, DNS server management, and web design services. The website targets individuals and businesses within Ecuador, offering localized services primarily through a WHMCS-powered platform. The business model focuses on providing essential internet infrastructure and web presence solutions to its regional market. The website content is primarily in Spanish with options for English and Portuguese, indicating a regional multilingual approach. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, Bootstrap framework, FontAwesome icons, and Google Fonts. The use of WHMCS indicates a mature client management and e-commerce platform. The site shows moderate performance and good mobile optimization but lacks advanced SEO and accessibility features. Security measures include CSRF tokens and Google reCAPTCHA integration, but no advanced security headers or explicit SSL/TLS configuration details were found in the provided content. From a security perspective, the site demonstrates basic protections but lacks published privacy, cookie, or terms of service policies, which impacts compliance posture. No incident response or vulnerability disclosure information is available. WHOIS data aligns well with the website's business identity, supporting legitimacy. No suspicious or malicious indicators were detected. Overall, the security posture is moderate but could be improved with enhanced policies, security headers, and transparency. The overall risk assessment suggests a functional and legitimate business website with room for improvement in privacy compliance and security best practices. Strategic recommendations include publishing comprehensive privacy and cookie policies, implementing security headers, enhancing contact transparency, and establishing vulnerability disclosure mechanisms to strengthen trust and compliance.

CARAVAN-NEWS.de is a German online media portal specializing in news, tests, guides, and travel information related to caravans, motorhomes, and automotive topics. The site targets caravan enthusiasts and travelers primarily in Germany, offering regularly updated content and advertising space. The business operates as a small media entity under WITTMANN-MEDIA.de, with a consistent brand presence and a focused niche market. Technically, the website uses a modern tech stack including jQuery, Foundation CSS, Google Fonts, and Google Analytics, with responsive design and basic SEO optimizations. Security posture is moderate; HTTPS is used, but no explicit security headers were detected, and no dedicated security or incident response pages are present. Privacy compliance is adequate with a GDPR-compliant privacy policy and cookie consent banner. Overall, the site is professional and trustworthy but could improve security and transparency aspects.

S

SuperSparReisen.de

super-spar-reisen.de

52

SuperSparReisen.de is an online travel agency specializing in last minute travel deals, package holidays, hotel bookings, flights, and vacation homes primarily targeting German-speaking customers. The website offers a range of travel services with a focus on affordability and convenience, positioning itself as a niche player in the budget travel market. The business model revolves around providing users with easy access to travel packages and related services through a modern web platform. Technically, the site is built using Angular framework with Bootstrap and other popular front-end libraries, ensuring a responsive and user-friendly experience. However, some areas such as cookie consent and privacy compliance could be improved to meet GDPR standards more fully. Security-wise, the site uses HTTPS but lacks advanced security headers and published policies, indicating room for enhancement in security posture. Overall, the website is functional, professional, and trustworthy but would benefit from stronger privacy and security practices.

W

WITTMANN MEDIA

unternehmen-heute.de

56

UNTERNEHMEN-HEUTE.de is a German-language online news portal operated by WITTMANN MEDIA, focusing on business, finance, technology, politics, motor industry, and environmental news. The website provides regularly updated news articles, press releases, and multimedia content targeting German-speaking professionals and the general public interested in these sectors. The business model centers on news publishing and press release distribution, supplemented by advertising and partner promotions. The site holds a niche position within the German media landscape with a small operational size. Technically, the website employs a custom or unknown CMS with a technology stack including jQuery, Google Analytics, Google Tag Manager, CookieConsent2, Google Fonts, and embedded YouTube videos. The site shows moderate performance and basic mobile optimization. SEO and accessibility features are present but basic. The site uses multiple external resources and CDNs for fonts, scripts, and media. From a security perspective, the website uses HTTPS (assumed but not explicitly confirmed in HTML), implements a cookie consent mechanism, and includes Google site verification. However, it lacks explicit security headers such as CSP, HSTS, and X-Frame-Options, which are recommended for enhanced security. No incident response or vulnerability disclosure policies are found. The WHOIS data indicates a consistent domain registration with no privacy protection, aligning with the website operator's identity. Overall, the website is functional, professionally designed, and trustworthy for its intended audience. Security posture is moderate with room for improvement in headers and policies. Privacy compliance is basic but present. Strategic recommendations include enhancing security headers, publishing terms of service, and adding more comprehensive contact information to improve trust and compliance.

G

Grief and Hope Los Angeles

griefandhopela.com

59

Grief and Hope Los Angeles is a small non-profit volunteer organization focused on raising funds to support artists and art workers affected by the Los Angeles fires in January 2025. The website is hosted on Squarespace and uses a clean, professional design with clear calls to action directing visitors to donate via GoFundMe. The technical infrastructure is modern and secure, with HTTPS and HSTS enabled, but lacks advanced security headers and privacy compliance features. No contact information or privacy policies are present, which limits trust and compliance. The domain WHOIS data is unavailable, raising questions about domain registration status and legitimacy, though the website content and hosting suggest a genuine community effort.

M

MJM agro, a. s.

prefarm.cz

44

MJM agro, a. s. operates the Prefarm precision agriculture system, providing advanced agricultural services such as soil sampling, remote sensing, yield mapping, and variable application equipment primarily targeting agronomists and farmers in the Czech Republic. The company has a solid market presence since 1997 and is part of Reticulum Holding, a reputable parent company. The website reflects a professional and consistent brand image with clear service offerings and partner affiliations. Technically, the site uses a modern but somewhat dated technology stack including Bootstrap and jQuery 1.11.3, with Google Analytics and reCAPTCHA integrated for analytics and security. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security posture is moderate; while HTTPS is implied, no explicit security headers were detected, and the use of an outdated jQuery version presents a potential risk. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy page in Czech language. However, WHOIS data is missing, which reduces domain trustworthiness and raises questions about domain registration transparency. Overall, the website is functional, professional, and trustworthy but could improve security and transparency aspects.

E

EKOFRUKT Slaný, spol. s r.o.

ekofrukt.cz

51

EKOFRUKT Slaný, spol. s r.o. is a Czech-based manufacturer specializing in the production and development of cereal bars, including protein, muesli, nut, fruit, flapjack, and cereal bars. The company emphasizes private label manufacturing with over 30 years of tradition and exports to more than 20 countries in Europe. Their product portfolio is supported by multiple certifications such as IFS Food, Kosher, BIO, HACCP, FSC, and Rain Forest Alliance, underscoring their commitment to quality and sustainability. The website is professionally designed, mobile-optimized, and provides comprehensive information about their offerings and certifications.

WITTMANN MEDIA LTD is a small media and digital marketing company specializing in SEO consulting, content marketing, responsive web design, and programming services. The company presents a professional portfolio of online magazine projects and targets businesses seeking to improve their online presence. The website is well-structured with good design quality and clear navigation, optimized for mobile devices. Technically, the site uses modern web technologies including HTML5, CSS3, PHP, Bootstrap, and Google Analytics, but lacks a CMS and advanced accessibility features. Security posture is moderate with no visible vulnerabilities but missing security headers and unclear SSL configuration. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is trustworthy and professional but would benefit from enhanced security and compliance measures.

LG Pro Plumber operates a specialized online platform targeting HVAC and plumbing contractors who are LG Pro Dealers. The website facilitates participation in an incentive promotion for LG Heat Pump Water Heaters, providing dealer registration, training resources, and payment processing via ACH. The business model is B2B with a focus on dealer engagement and volume-based rewards. The site is relatively new, consistent with the domain registration date in 2025, and leverages WordPress with Gravity Forms for its digital infrastructure. Hosting is supported by AWS DNS services, indicating a reliable hosting environment. The website design is professional and consistent with LG branding, offering a good user experience with clear content relevant to its target audience.

U

Urząd Miasta Łodzi

lodz.pl

60

The website lodz.pl serves as the official digital portal for the city of Łódź, Poland, providing residents, visitors, and businesses with comprehensive information about city news, events, public services, and cultural activities. It is positioned as a key communication channel for municipal affairs and community engagement. The site targets a broad audience including local citizens, tourists, and stakeholders interested in city developments. Technically, the website is built on TYPO3 CMS, leveraging modern web technologies and third-party analytics and advertising tools. The infrastructure is hosted by OVH SAS, a reputable provider, and the domain has a long history dating back to 1995, indicating a mature online presence. Security-wise, the site enforces HTTPS and uses several security best practices, though it lacks some security headers and explicit privacy and cookie policies. The absence of a security.txt file and vulnerability disclosure mechanisms suggests room for improvement in transparency and incident response readiness. Overall, the site is professional, trustworthy, and well-branded, but could enhance privacy compliance and security posture to meet higher standards.

H

HiFlow

hiflow.ch

54

HiFlow is a Swiss association and innovation ecosystem based in Geneva, offering a collaborative space for startups, SMEs, and independent professionals. It provides flexible office spaces, event venues, exhibitions, and a unique material database showroom. The website is built on WordPress with modern technologies and includes a cookie consent mechanism compliant with GDPR. Social media presence and partner ecosystem reinforce its community engagement. Security posture is good with HTTPS and cookie controls, though formal security and incident response policies are not publicly available. Overall, the site is professional, accessible, and trustworthy.

É

Équipement De Vie

equipementdevie.com

70

Équipement De Vie is a small UK-based e-commerce business specializing in high-performance sailing shoes designed for both sea and land use. The company operates a professionally designed Shopify storefront with a clear brand identity and product focus. Their market position is niche, targeting sailing enthusiasts and customers seeking premium deck shoes. The website features essential e-commerce functionalities including product listings, customization options, and ambassador programs. Technically, the site leverages modern web technologies and Shopify's Broadcast theme, ensuring good performance and mobile optimization. Security posture is solid with HTTPS enforced and domain transfer protections in place, though DNSSEC is not enabled and some security headers could be improved. Privacy compliance is addressed with visible privacy and cookie policies and consent mechanisms. However, explicit contact information and security policies are not prominently available. Overall, the website is trustworthy and professionally maintained, suitable for its business model and audience.

S

Similarweb Ltd.

similarweb.com

57

Similarweb Ltd. operates a sophisticated AI-powered digital data intelligence platform that delivers real-time market intelligence, competitive insights, and consumer trend analysis to a broad audience of business professionals, marketers, investors, and researchers. Positioned as a leader in the digital analytics and market intelligence sector, Similarweb offers a comprehensive suite of services including web intelligence, sales intelligence, app intelligence, and data-as-a-service solutions. Their platform supports strategic decision-making and business growth through actionable digital insights. Technically, the website leverages a modern technology stack centered on React 17, integrated with advanced analytics tools such as Google Analytics (GA4) and Matomo, and employs robust privacy and consent management via Cookiebot. Hosting infrastructure appears to be secured and scalable, utilizing AWS services with Web Application Firewall (WAF) protections. The site demonstrates excellent performance, mobile optimization, and SEO practices, reflecting a mature digital presence. From a security perspective, Similarweb enforces HTTPS, employs security best practices including consent management and script integrity, and shows no signs of exposed sensitive data or vulnerabilities. However, explicit security headers like X-Frame-Options and X-Content-Type-Options were not confirmed and could be audited further. The absence of a public vulnerability disclosure policy is noted as an area for improvement. Overall, the website presents a low-risk profile with strong business credibility and technical maturity. The lack of WHOIS transparency due to privacy protection is typical for enterprises but slightly reduces trustworthiness. Strategic recommendations include enhancing security header implementation, establishing a public vulnerability disclosure channel, and maintaining rigorous third-party script audits to sustain security and compliance.

The website at crunch.id is currently inaccessible to the public, presenting a 403 Forbidden error page that blocks access to any meaningful content. The domain is registered through an Indonesian registrar, PT Jagat Informasi Solusi, with a creation date in 2021, indicating a relatively new domain consistent with a small or startup business. The hosting provider is SiteGround, a reputable hosting company. However, the lack of accessible content, absence of privacy and cookie policies, and no visible contact or business information severely limit the ability to assess the business or technical maturity of the site. The technical infrastructure appears minimal with basic HTML and CSS and no advanced frameworks or analytics detected. Security posture is weak due to missing security headers and no DNSSEC, although domain status flags provide some protection against hijacking. Overall, the site appears to be either under development, restricted, or improperly configured for public access.

D

DSAD

dsad.com

66

DSAD is a specialized domain name aftermarket news and auction listing website, established with a domain age dating back to 2001, indicating a long-standing presence in the domain aftermarket industry. The site provides regularly updated content including auction recaps, domain auction lists, and advertising opportunities primarily through affiliate marketing and Google Adsense. The target audience consists of domain investors, buyers, and sellers interested in aftermarket domain sales. Technically, the website is built on WordPress with a modern tech stack including jQuery, Bootstrap, and various plugins for forms and social sharing. Hosting and DNS services are provided by GoDaddy and Cloudflare respectively, with HTTPS enabled and basic security headers in place. However, DNSSEC is not enabled, and no advanced security headers or vulnerability disclosures are present.

P

Prinsh | Tips & Tricks Seputar Teknologi

prinsh.com

69

Prinsh.com is a technology-focused blog primarily targeting Indonesian-speaking audiences, offering tutorials, tips, and hacking-related content. The website is built on the Blogger platform, hosted by Google, and employs HTTPS for secure communication. The content is well-structured with good SEO practices and mobile optimization, making it accessible and user-friendly for its target audience. However, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. Security headers are minimal, and there is a lack of formal privacy, terms of service, and contact information pages, which impacts the overall trust and compliance posture. Advertising is managed through Google Adsense, with no advanced tracking or analytics detected beyond this.

I

Institut plánování a rozvoje hlavního města Prahy

dtm-praha-sck.cz

60

The website portal.dtm-praha-sck.cz serves as the official portal for the Digital Technical Map (DTM) of Prague and the Central Bohemian Region. Operated by the Institute of Planning and Development of the Capital City of Prague, it provides access to public data packages, documentation, data validation tools, metadata, georeports, and statistics related to the digital technical map. The portal is positioned as a central hub for government entities, municipalities, and infrastructure managers, supported by European Union funding and national recovery plans. Technically, the site is built on modern frameworks such as Nuxt.js and Vue.js, with PrimeVue components and Tailwind CSS for styling, ensuring a responsive and accessible user experience. Security posture is strong with HTTPS enforcement, security headers, and CAPTCHA integration, although explicit security policies and incident response contacts are not published. The absence of WHOIS data is a notable gap, but the website's content and official affiliations suggest legitimacy. Overall, the portal demonstrates a mature digital infrastructure supporting government geospatial data services.

C

Centrum dopravního výzkumu, v. v. i.

cdv.cz

59

Centrum dopravního výzkumu, v. v. i. is a Czech public research institution specializing in transport research, diagnostics, safety, and sustainable infrastructure under the Ministry of Transport. The organization offers a broad range of services including laboratory testing, transport engineering, smart city solutions, and driver therapeutic programs. It holds accreditations and certifications, including the HR Award, underscoring its professional standing. The website is well-structured, professionally designed, and targets government agencies, municipalities, and transport professionals. Technically, the site uses modern web technologies such as Bootstrap, jQuery, and integrates analytics tools like Google Analytics and Facebook Pixel. Privacy and cookie policies are comprehensive and GDPR compliant, with active consent mechanisms. Security posture is moderate with HTTPS usage and no exposed sensitive data, but lacks visible security headers, suggesting room for improvement. WHOIS data is unavailable, limiting domain registration trust verification, but the website's professional content and external references support legitimacy. Overall, the site scores well on content quality, technical implementation, and privacy compliance, making it a credible and trustworthy resource in the transportation research sector.

L

Wine Tasting Events - Wine & Food Festivals | LocalWineEvents.com

localwineevents.com

52

LocalWineEvents.com is a niche online platform dedicated to listing and promoting local wine tasting events, food festivals, and related culinary experiences. The website targets wine enthusiasts and food lovers seeking unique local events and ticket purchasing options. The business model revolves around event aggregation and ticket sales, positioning itself as a specialized marketplace within the hospitality sector. The site presents a professional design with good content relevance and user experience, optimized for mobile devices and SEO. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Technically, the site employs modern tools such as Google Tag Manager and Google Maps API but lacks visible security headers and privacy compliance mechanisms. Overall, while the platform serves its niche well, it requires improvements in security posture and compliance to enhance trust and credibility.

A

Art for You

artforyou.ch

68

Art for You is a Swiss-based e-commerce business specializing in selling posters and art prints created by Swiss artists. The company emphasizes sustainable and ecological production, targeting art enthusiasts and customers interested in unique Swiss art. The website is built on the Shopify platform, leveraging modern web technologies and integrations such as Facebook Pixel and Mailchimp for marketing and analytics. The site is well-structured, mobile-optimized, and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced and appropriate security headers, though explicit security policies and incident response contacts are not published. Privacy and cookie policies are present and indicate GDPR compliance. Overall, the business appears legitimate and trustworthy with consistent WHOIS data and a clear market niche.

D

Dinamo Typefaces

abcdinamo.com

70

Dinamo Typefaces is a Berlin-based specialized type design studio offering a range of retail and bespoke typefaces, design software, research, and consultancy services. The company targets design professionals and clients seeking custom font solutions, positioning itself as a niche player with a strong international presence. The website reflects a professional and modern digital presence with excellent design quality, clear navigation, and mobile optimization. Technically, the site uses modern JavaScript frameworks (Vue.js), lazy loading, and secure HTTPS connections, supported by strong security headers and CSRF protections on forms. However, there is room for improvement in privacy compliance, particularly regarding cookie consent mechanisms and publishing explicit security policies or incident response information. Overall, the security posture is strong with no evident vulnerabilities or exposed sensitive data. The domain registration data is consistent with the business claims, enhancing trustworthiness. Strategic recommendations include enabling DNSSEC, adding cookie consent, publishing security and incident response policies, and establishing a vulnerability disclosure process.

H

Hacker Architects & Interior Design

hackerarchitects.com

62

Hacker Architects & Interior Design is a professional architecture studio based in Portland, Oregon, specializing in creating meaningful and sustainable spaces that connect people with their environment. The website serves as a portfolio and blog showcasing diverse projects across sectors such as education, cultural, residential, hospitality, and office design. The firm positions itself as a medium-sized regional player with a focus on clarity, meaning, and environmental integration in design. Technically, the website is built on the Squarespace platform, leveraging modern web technologies including jQuery, Typekit fonts, and ElfSight widgets. The site is mobile-optimized and provides a good user experience with clear navigation and professional content presentation. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though it lacks advanced security headers and formal privacy or cookie policies, which are compliance gaps. The absence of WHOIS data for the domain raises questions about domain registration legitimacy, but the professional nature of the site and contact information support its credibility. Overall, the site is well-constructed but would benefit from enhanced privacy compliance and security best practices.

R

RUBY PRESS GmbH

ruby-press.com

62

Ruby Press GmbH operates a specialized e-commerce platform focused on publishing and selling books related to architecture, art, and cultural spatial practices. Established in 2008 and based in Berlin, Germany, the company targets academics, architects, and cultural practitioners with a curated selection of niche publications. The website demonstrates a professional and consistent brand presence with clear product listings and company information. Technically, the site is built on WordPress with WooCommerce, leveraging modern web technologies such as jQuery and Google Fonts, and hosted likely via IONOS SE. Performance and mobile optimization are adequate, though accessibility features are basic. Security posture is moderate with HTTPS enforced and domain transfer protection enabled, but lacks DNSSEC and explicit security headers. Privacy compliance is basic with a cookie consent banner and privacy policy present, though GDPR compliance is not explicitly stated. Overall, the website is trustworthy and professionally maintained, with room for security and privacy enhancements.

Z

ZeroEnergy Design, P.C.

zeroenergy.com

58

ZeroEnergy Design, P.C. is a small professional services firm specializing in sustainable architecture, design, and engineering. Their focus is on creating beautiful, healthy buildings that improve the living environment, with expertise in net-zero, passive house, multifamily, and institutional projects. The company targets clients seeking environmentally responsible building solutions and operates primarily in the United States. The website is professionally designed using the Squarespace platform, featuring good content quality, clear navigation, and mobile optimization. Technical infrastructure includes modern web technologies such as Google Tag Manager and reCAPTCHA, ensuring a moderate level of digital maturity. Security posture is strong with HTTPS and HSTS enabled, though some security headers and policies could be improved. Privacy compliance is limited due to the absence of explicit privacy and cookie policies. The WHOIS data is missing or unavailable, which raises concerns about domain registration transparency but does not currently detract from the website's legitimacy based on content and business presence. Overall, the website presents a trustworthy and professional image with room for improvement in privacy and security disclosures.

C

COREhub, S.R.L.

sessionize.com

66

Sessionize.com is a professional SaaS platform specializing in Call for Papers, Schedule, and Speaker Management software for conferences and events. Founded in 2016 and registered under COREhub, S.R.L., the platform serves a global audience including over 246,000 speakers and 9,700 events. The website presents a clear, well-structured, and visually appealing interface that targets event organizers and speakers, offering a comprehensive suite of event management tools. The business model is subscription-based with tiered pricing for community, professional, and bulk event usage. Technically, the website leverages modern cloud infrastructure hosted on Microsoft Azure, uses popular libraries such as FontAwesome and Google Fonts, and integrates telemetry and analytics tools like Microsoft Application Insights, Google Analytics, and Microsoft Clarity. The site is mobile optimized and accessible, with good SEO practices and fast performance. However, no CMS or major frameworks were explicitly detected. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks DNSSEC and explicit security headers. There is no visible security policy, incident response information, or vulnerability disclosure mechanism published. Privacy and cookie policies are not found on the landing page, indicating gaps in privacy compliance. The WHOIS data is transparent and consistent with the business profile, enhancing trustworthiness. Overall, Sessionize.com is a credible and professional platform with strong business credibility and technical implementation. The main areas for improvement include publishing comprehensive privacy and cookie policies, enhancing security headers, and providing clear security and incident response policies to strengthen compliance and user trust.