Security Directory

I

Italieonline s.r.o

italieonline.eu

47

Ita.travel is an established online travel agency specializing in holidays in Italy, offering a wide range of accommodations including apartments, hotels, and campsites. The company has been operating since 1997 and is a member of several reputable travel associations, which enhances its market credibility. The website targets tourists seeking Italian holiday experiences, providing booking services, travel insurance, and travel tips. Technically, the website uses modern web technologies, is mobile-optimized, and implements basic privacy compliance mechanisms such as cookie consent and a privacy policy. Security posture is good with HTTPS enabled, but lacks visible advanced security headers and explicit incident response information. Overall, the site is professional, trustworthy, and safe for general audiences.

A

Adria Databanka

adriadatabanka.com

69

Adria Databanka operates as an online accommodation booking platform specializing in apartments and robinson houses in Croatia. The website targets tourists and travelers seeking verified accommodation by the sea with easy online booking options. The business appears to be a small hospitality sector player based in the Czech Republic, focusing on niche Croatian holiday rentals. Technically, the website is built on modern frameworks such as Next.js and React, incorporating third-party services like Cookiebot for cookie consent, Google Tag Manager for analytics, and Tawk.to for live chat support. The site demonstrates good mobile optimization and SEO practices, though accessibility features could be improved. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms but lacks visible security headers and explicit incident response policies. The absence of WHOIS registration data raises concerns about domain legitimacy, though the website content and compliance measures suggest a professional operation. Overall, the site scores moderately well on content quality, technical implementation, and privacy compliance but has room for improvement in business credibility and security posture.

P

Pozorování ptáků CZ

pozorovaniptaku.cz

47

Pozorovaniptaku.cz is a Czech Republic-based informational website dedicated to birdwatching. It offers detailed catalogs of water birds, locations for birdwatching, rare bird information, quizzes, and opportunities to observe birds with ornithologists. The site targets birdwatching enthusiasts and nature lovers within the Czech Republic, providing educational and community-oriented content. Technically, the website is built on WordPress using Oxygen Builder, Bootstrap 4, and JavaScript libraries such as Leaflet for interactive maps. It integrates Google Analytics for visitor tracking and uses Google Fonts for typography. The site is hosted by Aerohosting, a Czech hosting provider, and employs HTTPS for secure connections. Security posture is moderate, with HTTPS enabled but lacking security headers and visible privacy or cookie policies, indicating compliance gaps. No forms or contact emails are present on the homepage, limiting direct user engagement channels. Overall, the website is well-structured, SEO-optimized, and provides valuable content for its niche audience but would benefit from enhanced privacy compliance and security hardening.

H

Hotel Svatý Tomáš

hotel-svatytomas.cz

49

Hotel Svatý Tomáš is a small, established hospitality business founded in 2005, offering romantic wellness hotel services in the Šumava region near Lipno, Czech Republic. The website provides detailed information about accommodation, wellness facilities, restaurant services, and special packages targeting tourists and couples seeking a romantic getaway. The business positions itself as a niche wellness and hospitality provider with a focus on natural surroundings and luxury experience. Technically, the website is built on WordPress using modern plugins and themes, supporting multilingual content in Czech, English, and German. The site is mobile optimized and includes SEO best practices such as structured data and meta tags. Security posture is adequate with HTTPS and cookie consent implemented, though security headers and explicit security policies are absent. Overall, the website is professional, trustworthy, and compliant with basic privacy requirements, though it lacks explicit privacy and terms of service pages. The domain registration data is consistent and supports the legitimacy of the business.

T

Trans Europe Halles

teh.net

63

Trans Europe Halles is a well-established non-profit network uniting over 170 grassroots arts and culture centres across more than 40 European countries. Founded in 1983, it focuses on reclaiming abandoned spaces and transforming them into vibrant cultural hubs, promoting social and environmental justice. The organization supports its members through events, workshops, and community initiatives, positioning itself as a key player in the European cultural sector. Technically, the website is built on modern web technologies including Wagtail CMS, Bootstrap, and JavaScript frameworks, with good mobile optimization and SEO practices. The presence of Google Analytics and Mailchimp indicates active user engagement and marketing efforts. However, some technical improvements could be made, such as adding explicit security headers and publishing security policies. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms, reflecting good privacy compliance with GDPR. Nonetheless, the absence of WHOIS registration data raises concerns about domain legitimacy and ownership transparency. No direct contact emails or phone numbers were found, which may impact business credibility. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website presents a professional and trustworthy front for a cultural non-profit organization, but verification of domain registration and enhanced security disclosures are recommended to strengthen trust and compliance.

E

European Network of Cultural Centres (ENCC)

encc.eu

45

The European Network of Cultural Centres (ENCC) is a well-established non-profit organization uniting 178 socio-cultural organizations across 39 countries in Europe and beyond. Their primary focus is on training, cooperation, and advocacy to transform cultural practices and territories. The website reflects a professional and consistent brand image, targeting cultural centers and networks as its audience. The business model revolves around network collaboration and advocacy services, supported by EU co-funding. Technically, the website uses modern technologies including Alpine.js and Twill CMS, hosted by OVH SAS, with good mobile optimization and accessibility. Security posture is solid with HTTPS and CSRF protection, though some security headers are missing. Privacy compliance is good with a clear privacy policy, but lacks a cookie consent mechanism. Overall, the site is trustworthy and professionally maintained.

Ú

Úřad městské části Praha 13

praha13.cz

61

The website www.praha13.cz serves as the official online presence of the municipal district Prague 13, providing residents and visitors with comprehensive information about local government services, news, events, and contact details. It positions itself as a trusted source for public administration and community engagement within the Prague 13 district. The site offers a variety of services including document downloads, appointment scheduling, legal assistance, and access to municipal departments. The target audience primarily consists of local citizens and stakeholders interested in municipal affairs. Technically, the website is built on WordPress CMS, enhanced with SEO plugins like Yoast and integrated with Google Tag Manager for analytics. It employs modern web technologies and demonstrates good mobile responsiveness and accessibility. The presence of a virtual assistant chatbot and cookie consent mechanisms indicates a focus on user experience and privacy compliance. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks explicit security headers in the provided data. No vulnerabilities or exposed sensitive data were detected. Privacy policies and cookie consent are implemented, supporting GDPR compliance. However, the absence of WHOIS registration data limits domain trust verification, although the official nature and consistent branding of the site mitigate concerns. Overall, the website reflects a mature digital infrastructure suitable for a government entity, with room for improvement in security header implementation and domain registration transparency. The risk profile is low, with no critical security issues identified.

beIN SPORTS operates a comprehensive knowledge base for its US and Canada audience, providing support and information about its sports broadcasting and streaming services. The website is powered by Zendesk, indicating a mature customer support infrastructure. The company maintains a strong brand presence with multiple platforms and official social media channels. Technically, the site uses modern web technologies and is mobile optimized, though some SEO and accessibility improvements could be made. Security posture is good with HTTPS enforced, but lacks some security headers and published security policies. Privacy compliance is partial, with no cookie consent mechanism detected. Overall, the site is professional and trustworthy, serving a large sports media audience effectively.

B

beIN EN

beinmediagroup.com

70

beIN MEDIA GROUP is a global leader in TV production and broadcasting, operating 34 to 60 channels across 5 continents and multiple languages. The company targets a broad audience of sports fans and media consumers worldwide, offering services including TV production, distribution, and media rights acquisition. The website reflects a professional media enterprise with consistent branding and a clear market position as a major international media group. Technically, the website is built on WordPress 6.5 with modern web technologies such as Bootstrap and jQuery. It employs Google Tag Manager and Cookiebot for analytics and consent management, indicating a mature digital infrastructure. The site is mobile optimized and SEO friendly, though accessibility features could be enhanced. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place. However, the absence of explicit security headers and incident response information suggests room for improvement. No vulnerabilities or exposed sensitive data were detected. Privacy compliance is well addressed with clear privacy and cookie policies, and GDPR compliance is evident. Overall, the website presents low risk with a high degree of professionalism and trustworthiness. The lack of WHOIS data due to privacy protection is typical for large media companies and does not raise immediate concerns. Strategic recommendations include enhancing security headers, publishing a security.txt file, and improving accessibility compliance.

Swan advokater DA is a Norwegian law firm established in 2015, providing legal services primarily to both corporate and private clients across Norway. Their expertise spans multiple legal areas including advisory, negotiation, dispute resolution, and litigation. The firm is positioned as a regional player with a focus on the Asker and Bærum areas but offers services nationwide. The website reflects a professional and consistent brand image with clear contact information and service descriptions tailored to their target audience. Technically, the website is built on WordPress using common plugins such as Yoast SEO and Jetpack, indicating a moderate level of digital maturity. The site is reasonably optimized for SEO and mobile devices, with good navigation and user experience. However, the absence of HTTPS in canonical URLs and lack of visible security headers highlight areas for improvement in security configuration. From a security perspective, the site implements a cookie consent mechanism compliant with GDPR principles but lacks a dedicated privacy policy and security incident response information. No advanced security frameworks or certifications are evident. The overall security posture is moderate but requires enhancements to meet best practices, particularly regarding SSL implementation and security headers. Overall, the website is trustworthy and professional but would benefit from improved security measures and comprehensive privacy documentation to enhance compliance and user trust.

A

AS Vinmonopolet

vinmonopolet.no

55

AS Vinmonopolet operates as the Norwegian government monopoly for retailing wine, spirits, and strong ale, holding exclusive rights to sell these products to consumers in Norway. Established in 1922, it maintains a strong market position as the sole authorized retailer in this sector, emphasizing responsible trade, quality, and societal responsibility. The website reflects a mature and professional digital presence, offering extensive product information, educational content, and customer services including live chat support integrated via Salesforce. The target audience is adult consumers in Norway seeking alcoholic beverages and related knowledge.

S

Sundqvist AS

sundqvistnorge.no

63

Sundqvist AS is a Norwegian representative of Sundqvist AB, specializing in premium kitchen tools and accessories distributed across the Nordic and Baltic regions. Established in 1963, the company serves retailers and restaurant wholesalers with a portfolio of high-quality kitchen knives, glassware, and related products. The website reflects a professional retail business with clear branding and a focus on premium kitchenware. Technically, the site uses modern web technologies including Bootstrap and JavaScript libraries for enhanced user experience and responsiveness. Security posture is adequate with HTTPS and cookie consent mechanisms in place, though there is room for improvement in security headers and explicit security policies. Overall, the site is trustworthy and well-positioned in its market segment, though the lack of publicly available WHOIS data slightly limits domain trust verification.

V

Vinofil

vinofil.no

53

Vinofil.no is a Norwegian niche website dedicated to wine enthusiasts, offering wine tips, podcasts, articles, and coverage of new releases from Vinmonopolet. Founded in 2023, it is operated by Svein Lindin, a wine journalist and sommelier with extensive experience. The website uses WordPress with modern plugins and themes, optimized for SEO and mobile devices. While the site employs HTTPS and standard security practices, it lacks explicit privacy and cookie policies, which are important for GDPR compliance. Contact options are limited to a newsletter signup form, and no direct emails or phone numbers are published. Advertising is managed via Google AdSense and tracking through Google Tag Manager. The domain registration is consistent with the business age and shows no suspicious patterns, indicating legitimacy.

M

MCO - Motorsykler & MC-utstyr

mcoslo.no

67

MCO - Motorsykler & MC-utstyr operates a professional e-commerce platform specializing in the sale of new and used motorcycles from major brands such as BMW, Honda, Yamaha, and Suzuki, alongside motorcycle gear and accessories. The company maintains physical stores in Oslo and Drammen, targeting motorcycle enthusiasts and buyers in Norway. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations for marketing, analytics, and customer engagement. Privacy compliance is well addressed with a comprehensive privacy policy and cookie consent mechanism. However, the WHOIS data reveals a suspicious future domain creation date, which raises concerns about domain legitimacy despite the professional presentation and consistent branding.

M

MGP

mgp.fr

61

MGP is a French mutual insurance organization specializing in providing health and social protection services to agents of the Ministry of the Interior and various security forces including police, administration, penitentiary, customs, and private security. The website demonstrates a strong market position as an official partner for the Ministry of the Interior's complementary health insurance starting in 2026. The business model is based on mutual aid principles without profit motives, focusing on tailored insurance offers and prevention actions. Technically, the site uses modern CMS (Jahia), integrates advanced analytics (Piwik PRO), and live chat support (LivePerson), ensuring a good user experience with mobile optimization and accessibility features. Security posture is strong with HTTPS, security headers, and consent management for cookies, although explicit security policy and incident response contacts are not found. The domain WHOIS data is not publicly available, likely due to privacy protection, but the website's professionalism and certifications support its legitimacy. Overall, MGP's digital presence is professional, secure, and compliant with privacy regulations, serving a specialized government-related audience effectively.

3Decor design s.r.o. operates an e-commerce website specializing in exclusive 3D design motifs for interior decoration, including wallpapers, paintings, furniture, and other home design elements. The company targets a niche market with limited edition products, primarily serving customers interested in unique interior design solutions in the Czech Republic. The website is professionally designed with clear navigation and relevant content, supporting a small business model focused on retail sales. Technically, the website uses JavaScript libraries such as Prototype.js and custom scripts, with Google Analytics integrated for visitor tracking. The site shows moderate performance and basic mobile optimization but lacks advanced accessibility features. No CMS or hosting provider information is discernible from the content. Security practices include HTTPS usage and secure login forms, but no advanced security headers or policies are evident. From a security perspective, the site lacks visible privacy and cookie policies, GDPR compliance indicators, and incident response information. The absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. No critical vulnerabilities or exposed sensitive data were detected, but improvements in security headers and privacy transparency are recommended. Overall, the website presents a moderate risk profile with good business credibility but limited transparency in domain registration and privacy compliance. Strategic improvements in security posture and privacy policies would enhance trust and compliance.

C

Constructys

constructys.fr

61

Constructys is a French sectoral operator for professional training in the construction industry, providing funding and support for vocational development. The website is built on WordPress using the Divi theme and integrates Matomo analytics for visitor tracking. The technical infrastructure is modern but lacks some security best practices such as security headers and visible privacy policies. The absence of WHOIS data limits domain legitimacy verification, but the professional content and branding suggest a legitimate organization. Security posture is moderate with room for improvement in SSL configuration and compliance transparency. Overall, the site serves its business purpose well but should enhance privacy and security disclosures to improve trust and compliance.

B

bde&co.

bdeandco.com

63

bde&co. is a specialized PR and social media marketing agency focused on serving international design-forward brands. The company offers purposeful and results-driven public relations, social media management, and consulting services. Their market position is niche, targeting design-conscious clients with a professional and consistent brand presence. The website is built on the Squarespace platform, leveraging modern web technologies including Google Tag Manager and Facebook Pixel for analytics and marketing. The technical infrastructure is solid with HTTPS and HSTS enabled, ensuring secure communications. However, the absence of WHOIS data raises questions about domain registration legitimacy. Privacy compliance is basic, with a privacy policy present but no cookie consent mechanism detected. Overall, the website is professional and trustworthy from a content and design perspective but would benefit from improved privacy and legal disclosures.

E

Extreme

extreme.fr

51

Extreme is an independent creative agency established in 1997, operating primarily in the media and branding sector. The company offers a broad range of services including design, branding, activation, social media, luxury, corporate events, and media relations. With a presence in multiple international cities and a network of related agencies and subsidiaries, Extreme positions itself as a significant player in the creative agency market. The website reflects a professional and consistent brand image targeting business clients and partners. Technically, the site is built on WordPress with modern JavaScript libraries and frameworks, delivering a moderate performance and good mobile optimization. Security posture is solid with HTTPS enabled and no visible vulnerabilities, though improvements can be made by adding security headers and cookie consent mechanisms. Privacy compliance is partially met with a comprehensive privacy policy but lacks explicit cookie consent. Overall, the domain's WHOIS data supports the legitimacy and long-standing operation of the business.

C

CRESS Auvergne-Rhône-Alpes

ambition-ess.org

52

The website 'Ambition ESS Auvergne Rhône Alpes' serves as a comprehensive regional portal dedicated to the Social and Solidarity Economy (ESS) in the Auvergne Rhône-Alpes region of France. It provides a wide range of services including news, job and volunteer offers, event listings, thematic resources, and territorial filtering to support ESS actors. The platform is funded and supported by recognized regional authorities and organizations, notably the CRESS Auvergne-Rhône-Alpes. Technically, the site is built on Drupal 8 with modern front-end technologies and integrates Matomo analytics for privacy-conscious user tracking. The site is well-structured, mobile-optimized, and accessible, with clear navigation and professional design. Security-wise, HTTPS is enforced and cookie consent mechanisms are in place, though some security headers could be improved and explicit security policies are absent. The WHOIS data is incomplete or unavailable, which slightly reduces domain trustworthiness, but the overall content and partner endorsements strongly indicate legitimacy. No adult or questionable content is present, making the site safe for general audiences.

V

Visual Capitalist

voronoiapp.com

56

Voronoi by Visual Capitalist is a specialized media platform focused on delivering data-driven visual stories and visualizations sourced from top creators worldwide. The platform offers a curated feed of charts and maps, enabling users to explore data narratives with transparency and engagement features such as sign-in, saving favorites, commenting, and following creators. The presence of mobile applications for iOS and Android further extends its reach and usability. Technically, the website leverages modern web technologies including React and Next.js, ensuring a responsive and performant user experience. Integration with analytics tools like Google Tag Manager and Hotjar indicates a mature approach to user behavior tracking and optimization. However, the site lacks explicit privacy and cookie policies, which is a gap in compliance and user transparency. From a security perspective, the site enforces HTTPS and uses asynchronous loading of third-party scripts, which is positive. Nonetheless, the absence of security headers and clear incident response contacts suggests room for improvement. The missing WHOIS registration data is a notable concern, as it raises questions about domain legitimacy despite the professional appearance and association with Visual Capitalist. Overall, the website presents a good user experience and technical foundation but requires enhancements in privacy compliance, security best practices, and domain registration transparency to strengthen trust and reduce risk.

L

Liga lidských práv

llp.cz

51

Liga lidských práv is a Czech non-profit organization dedicated to human rights advocacy and education. The website serves as an informational platform targeting the general public interested in human rights issues. The organization appears established with a domain age dating back to 2002, indicating longstanding presence in the sector. The site uses WordPress with the Divi theme and integrates multiple analytics and marketing tools such as Google Analytics, Matomo, and Mailchimp, reflecting moderate digital maturity. However, explicit privacy and terms of service documents are not found, which may impact compliance and user trust. Security posture is adequate with HTTPS enabled but lacks visible security headers and formal security policies. Overall, the website is professionally designed, mobile-optimized, and content relevant to its mission, but could improve transparency and security documentation.

1. jinačí s. r. o. is a small Czech bakery business with a traditional yet unconventional approach to baking, as reflected in their website content and branding. The company operates locally with a focus on community projects, zero waste initiatives, and sweet postal services. The website is built on WordPress using the Mesmerize theme, employing standard web technologies such as jQuery and Google Fonts. The site is moderately optimized for mobile devices and has basic SEO and accessibility features. Security posture is adequate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. No contact emails or phone numbers are provided on the homepage, limiting direct communication channels. Overall, the website presents a basic but consistent business presence with room for improvement in privacy compliance and security best practices.

C

Cukrářství Pudová

cukrarstvipudova.cz

58

Cukrářství Pudová is a small retail confectionery business based in the Czech Republic, specializing in cakes, pastries, and confectionery products for various occasions. The company emphasizes its 18+ years of experience and offers both online ordering and physical pickup options in Opava and Dolní Benešov. The website is built on the Shoptet e-commerce platform, leveraging standard web technologies including jQuery and Google Analytics for tracking. The site is well-structured, mobile-optimized, and includes essential business information and social media presence, enhancing customer trust and engagement. Security posture is adequate with HTTPS enforced and cookie consent implemented, though improvements can be made by adding security headers and formal security policies. The absence of WHOIS data is a notable gap, reducing domain trustworthiness, but the overall website professionalism and content quality support a positive business credibility. Strategic recommendations include enhancing security headers, publishing a vulnerability disclosure policy, and verifying domain registration details to improve trust and compliance.

K

Klia cz S.r.o.

klia.cz

45

Klia cz S.r.o. operates as a wholesale importer and distributor of flowers and related accessories across the Czech Republic, serving primarily flower shops and wholesale customers. The company maintains multiple branches in key Czech cities and offers an online catalog and e-shop services. Their business model focuses on regular imports from major flower markets such as Aalsmeer in the Netherlands, ensuring a broad and high-quality product range. The website is professionally designed, with clear navigation and good mobile optimization, reflecting a mature digital presence. Technically, the site uses a mix of jQuery plugins and Google Analytics for tracking, but some components like jQuery are outdated, posing potential security risks. Security posture is generally good with HTTPS and cookie consent mechanisms, though the absence of security headers and outdated libraries are areas for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall business credibility remains high based on content and contact transparency. Strategic recommendations include updating technical components, enhancing security headers, and improving domain registration transparency.

M

Město Kravaře

kravare.cz

47

Město Kravaře operates an official municipal website serving the residents and visitors of the town Kravaře in the Czech Republic. The site provides comprehensive information including news, event calendars, municipal services, and contact details. It targets local citizens, tourists, and public officials, positioning itself as a trusted source for local government communication and services. The business model is public service with a focus on community engagement and information dissemination. Technically, the website uses a combination of jQuery, Bootstrap, Swiper.js, and other JavaScript libraries, likely running on a custom or specialized CMS platform (GCM CMS). The site is mobile-optimized with good navigation and content structure, though performance is moderate. Accessibility is basic and SEO practices are adequately implemented. From a security perspective, HTTPS is enforced and a cookie consent mechanism is present, indicating awareness of privacy regulations. However, no explicit security headers or incident response policies are publicly visible, and WHOIS data is missing, which raises some concerns about domain registration transparency. No vulnerabilities or malicious content were detected. Overall, the website is professional, trustworthy, and serves its purpose well. The main risks relate to the lack of WHOIS transparency and potential improvements in security headers and policies. Strategic recommendations include enhancing security posture, publishing incident response information, and verifying domain registration details to increase trust.

E

E-marchespublics : Appel d'offre public et dématérialisation des marchés publics

e-marchespublics.com

50

The website www.e-marchespublics.com is a French-language platform specializing in public tenders and the digital dematerialization of public procurement processes. It targets enterprises and public sector buyers in France, offering services such as access to over 600,000 public tenders annually, secure electronic submission of offers, alerts, and automatic form filling. The platform is positioned as a key player in the French public procurement market, providing comprehensive access to tender documents and related services. Technically, the site employs modern web technologies including Google Tag Manager, Didomi Consent Management Platform, Bootstrap, and jQuery UI, ensuring a responsive and user-friendly experience. Security-wise, the site enforces HTTPS and integrates consent management for GDPR compliance, although explicit privacy and security policy pages are not detected. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, but the website content and service offerings appear professional and legitimate. Overall, the site demonstrates a moderate to good security posture with room for improvement in publishing security policies and enhancing security headers.

S

Střední odborná škola ochrany osob a majetku s.r.o.

sosoom-ostrava.cz

48

Střední odborná škola ochrany osob a majetku s.r.o. is a private secondary school in the Czech Republic specializing in security and legal education, preparing students for careers in police, military, customs, and firefighting. The institution offers four-year programs culminating in maturity exams and provides requalification courses for adults in security professions. The website reflects a niche educational provider with a clear focus on practical training and career readiness in security-related fields. Technically, the site uses modern JavaScript libraries and frameworks such as jQuery, Nette Framework, Flatpickr, and Google reCAPTCHA v3, indicating a moderate to good level of digital maturity. The site is mobile-optimized and includes standard SEO and accessibility features. Security posture is solid with HTTPS enforced and spam protection via reCAPTCHA, though explicit security headers are missing. Privacy and cookie policies are present and GDPR compliant, with a consent mechanism implemented. However, the absence of WHOIS data reduces domain trustworthiness, and no incident response or vulnerability disclosure information is provided. Overall, the site is professional, trustworthy, and well-suited for its educational purpose.

O

Obchodní akademie a Česko - anglická základní škola s.r.o.

obaka-ostrava.cz

47

Obchodní akademie a Česko - anglická základní škola s.r.o. Ostrava is a private educational institution specializing in secondary education that combines economics and sports, particularly football and coaching. The school targets young athletes and students interested in balancing academic studies with sports training, offering specialized programs such as the Football Academy and Coaching Academy. The institution maintains a niche market position within the Czech Republic's education sector, emphasizing collaboration with FC Baník Ostrava and providing scholarship opportunities for high-performing students. Technically, the website employs a modern JavaScript stack including jQuery, Flatpickr, Google reCAPTCHA v3, and Slick Carousel, integrated within the Nette Framework. The site is mobile-optimized with good SEO practices and includes a cookie consent mechanism compliant with GDPR. However, some security headers are missing, and no explicit incident response or vulnerability disclosure policies are published. From a security perspective, the site enforces HTTPS and uses Google reCAPTCHA to protect forms, indicating a reasonable security posture. The absence of security.txt and incident response contacts suggests room for improvement in transparency and readiness. The WHOIS data is unavailable, likely due to privacy protection, which is common for private educational entities. Contact information is clear and professional, supporting the site's legitimacy. Overall, the website is well-designed, content-rich, and trustworthy, with moderate technical and security maturity. Strategic improvements in security headers, incident response transparency, and accessibility could enhance the site's security and compliance posture.

F

Fundación Parentes

beleaderprogram.com

47

BeLeader is an educational program operated by Fundación Parentes, aimed at personal and professional development of pupils across various school stages. The program integrates character formation and cultural sensitivity, positioning itself as a complementary educational initiative within partner schools. The website is professionally designed using WordPress and the Divi theme, supporting multiple languages and embedding multimedia content to enhance engagement. The technical infrastructure is modern and hosted by OVH sas, with standard web technologies and analytics tools in use. Security posture is adequate with HTTPS enabled and domain protections, though improvements are needed in DNS security and HTTP headers. Privacy compliance is basic with policies present but lacking explicit consent mechanisms. Contact information is limited to forms without direct emails or phone numbers. Overall, the site is trustworthy and serves its educational mission effectively.

F

Fundación Parentes

fundacionparentes.org

47

Fundación Parentes is a Spanish non-profit organization founded in 2019 focused on promoting equal opportunities through education, social cooperation, and cultural initiatives. The organization operates internationally with a network of educational entities and partners, offering consulting, training, and development projects aimed at vulnerable populations and educational institutions. The website is professionally designed using WordPress with modern SEO and performance optimizations, reflecting a mature digital presence. Security posture is good with HTTPS and some security headers, though improvements are recommended such as enabling DNSSEC and adding CSP and HSTS headers. Privacy compliance is limited due to the absence of a clear privacy policy and terms of service, though a cookie consent mechanism is implemented. Overall, the website is trustworthy and well-positioned in its sector but would benefit from enhanced transparency and security practices.

M

Mateřská škola Světýlko s.r.o.

svetylko.com

62

Mateřská škola Světýlko s.r.o. is a private kindergarten based in Třebíč, Czech Republic, founded in 2011. The institution focuses on providing quality preschool education with an emphasis on cooperation with families, individual approach to children, and fostering a friendly atmosphere. The website serves as an information portal for parents and prospective clients, offering details about the school, enrollment procedures, events, and contact information. The business operates locally with a clear target audience of families seeking early childhood education services.

BODOS Czechia a.s. is a well-established logistics and transportation company based in the Czech Republic, with a history dating back to 1945. The company operates a large fleet of 200 trucks and offers extensive storage facilities exceeding 7,500 square meters. Their services include freight transport, transport outsourcing, storage, vehicle washing, fuel station services, and vehicle servicing. The website reflects a professional and consistent brand image targeting businesses requiring logistics solutions. Technically, the site uses modern web technologies including JavaScript libraries like GLightbox and a spam protection tool called Mailguard. The hosting is managed through websupport.cz, a Czech hosting provider, and the site is accessible via HTTPS, indicating basic security measures. However, no explicit security headers or advanced security policies are published.

O

Oleje a maziva Total - Autorizovaný distributor | Oleje-Total.cz

oleje-total.cz

49

The website oleje-total.cz operates as an authorized distributor of Total brand lubricants and oils, targeting automotive and industrial customers primarily in the Czech Republic. It offers a broad range of products including motor oils, industrial oils, and lubricants for various vehicle types and machinery. The business model is e-commerce focused, providing direct sales through an online platform with clear categorization and product offerings. The site positions itself as a trusted distributor with consistent branding and a professional online presence. Technically, the website utilizes a BohemiaSoft CMS platform with a technology stack including jQuery, Google Tag Manager, Google Analytics, and other common JavaScript libraries. The site is mobile optimized with good SEO practices and a moderate performance profile. Accessibility features are basic but present. Security measures include HTTPS, cookie consent with granular preferences, and CSRF protection, though some security headers are missing and the jQuery version is outdated, which could pose risks. From a security standpoint, the site demonstrates a reasonable posture with encrypted connections and user consent mechanisms. However, the absence of WHOIS data for the domain raises concerns about domain legitimacy and trustworthiness. No direct contact emails or phone numbers were found, limiting direct communication channels. There is no evidence of formal security policies or incident response contacts, which could be improved to enhance trust and compliance. Overall, the website is functional, professional, and compliant with privacy regulations, but the lack of domain registration transparency and some technical security gaps suggest moderate risk. Strategic improvements in domain registration visibility, security header implementation, and updated libraries are recommended to strengthen the security posture and business credibility.

P

Práce Mubea

pracemubea.cz

45

Práce Mubea is a Czech-language website focused on employment and job opportunities, likely affiliated with the Mubea company or brand. The site targets local job seekers and provides career-related content. Technically, the website is built on WordPress using popular plugins such as WPBakery Page Builder and Slider Revolution, and integrates Google Analytics and Google Tag Manager for analytics and marketing purposes. The site implements a comprehensive cookie consent mechanism via Cookiebot, reflecting a good level of privacy compliance. Security-wise, the site uses HTTPS but lacks visible security headers and explicit security policies, which could be improved. The absence of WHOIS data limits domain trust assessment, but the website content and technology stack appear legitimate and professional. Overall, the site scores moderately well in content quality, technical implementation, and business credibility, with room for improvement in privacy and security transparency.

N

Novibra s.r.o.

novibrajobs.cz

42

Novibra s.r.o. is a medium-sized manufacturing company specializing in high-speed spindles for the textile industry, operating as part of the Rieter group. The website serves as a career and corporate information portal targeting job seekers and industry professionals in the Czech Republic. It presents company culture, leadership, production insights, and job openings with a professional and consistent brand image. Technically, the site is built on WordPress using Elementor and Smart Slider 3, hosted by Wedos, and incorporates modern web technologies and Google Analytics for user tracking. Security posture is adequate with HTTPS and reCAPTCHA but lacks explicit security headers and published security policies. Privacy compliance is limited due to missing privacy and cookie policies. Overall, the site is trustworthy and professionally maintained but could improve compliance and security transparency.

The website lsletovice.cz currently serves a 403 Forbidden error page, indicating that access to the content is blocked or restricted. No business or contact information, privacy policies, or terms of service are available on the site. The domain is registered with REG-WEDOS, a Czech hosting provider, and has been active since 1999, suggesting a legitimate and established registration. However, the lack of accessible content severely limits the ability to assess the company's business operations, services, or security posture. Technically, the site lacks visible security headers, SSL configuration details, or analytics, and does not provide any user interaction elements such as forms or contact methods. Overall, the website appears to be either under maintenance, restricted, or misconfigured, resulting in a poor user experience and low trustworthiness.

G

Gatema Holding s.r.o.

gatema.cz

64

Gatema Holding s.r.o. is a Czech Republic-based company with over 30 years of experience specializing in manufacturing printed circuit board prototypes and providing IT services including ERP Helios implementation and custom ERP integration solutions. The company targets European businesses requiring high-quality PCB manufacturing and enterprise IT solutions. The website reflects a professional and consistent brand image with clear navigation and comprehensive service descriptions. Technically, the site employs modern web technologies such as Google Analytics, Facebook Pixel, and Cookie-Script for privacy compliance, alongside Typekit fonts for branding consistency. Security posture is strong with HTTPS enforced and reCAPTCHA implemented, though security headers and explicit security policies are absent. The WHOIS data is unavailable, which reduces domain trustworthiness, but the website content and business information appear legitimate and well-maintained. Overall, Gatema demonstrates a mature digital presence suitable for its business scope.

A

ALPS Electric Czech, s.r.o.

alps.cz

54

ALPS Electric Czech, s.r.o. is a subsidiary of the multinational ALPS ALPINE CO., LTD., specializing in the development and manufacturing of electronic components and automotive infotainment systems. The website serves as a corporate portal providing information for suppliers, potential employees, and business partners. It reflects a medium-sized manufacturing entity with a clear B2B focus. Technically, the site is built on WordPress using the Divi theme, enhanced with SEO and GDPR compliance plugins, indicating a moderate level of digital maturity. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Overall, the site is professional, well-structured, and trustworthy, with no signs of blocking or WAF interference. WHOIS data is unavailable, likely due to privacy protection, but the website content aligns with a legitimate corporate entity. Strategic recommendations include enhancing security headers and publishing explicit security policies to further strengthen trust and compliance.

S

Síť brněnských otevřených škol

otevreneskoly.cz

54

The website 'Síť brněnských otevřených škol' represents a public educational project managed by the Magistrát města Brna, aiming to create open schools as centers of education and community engagement. The site provides information about the project, news updates, and contact details, targeting parents, children, and the general public interested in educational activities in Brno. The business model is a government-funded initiative focusing on local community education and lifelong learning opportunities. Technically, the website employs modern web technologies including JavaScript, Google Tag Manager for analytics, and the Nette PHP framework. The site is mobile-optimized with responsive design and good accessibility features. Performance is moderate, with proper meta tags and SEO considerations. However, some security best practices such as security headers are missing. From a security perspective, the site uses HTTPS with good SSL configuration and does not expose sensitive data. The absence of security headers and a vulnerability disclosure policy are areas for improvement. Privacy compliance is basic, with privacy and cookie policies present but lacking an explicit cookie consent mechanism. Contact information is clearly provided, enhancing business credibility. Overall, the website is trustworthy and professional but could benefit from enhanced security measures and improved privacy compliance. The missing WHOIS data reduces domain trustworthiness, though the official city affiliation supports legitimacy. Strategic recommendations include implementing security headers, adding incident response contacts, and improving cookie consent mechanisms.

W

Witzenmann USA LLC

witzenmann-usa.com

67

Witzenmann USA LLC is a specialized manufacturer and engineering partner providing flexible metal elements such as hoses, expansion joints, and bellows primarily for automotive, aerospace, and technical building equipment sectors. The company operates as part of the global Witzenmann Group with a strong international presence. The website demonstrates a mature digital infrastructure with modern technologies, good mobile optimization, and comprehensive content tailored to industrial clients. Security posture is solid with HTTPS and consent management, though explicit security policies and incident response details are absent. The domain WHOIS data is missing, which is unusual but the website's professionalism and contact transparency support legitimacy. Overall, the site is trustworthy and well-positioned in its market niche.

W

Witzenmann Sverige AB

witzenmann.se

62

Witzenmann Sverige AB is a specialized manufacturer and supplier of flexible metal elements including metal hoses, compensators, metal bellows, pipe supports, and automotive components. The company serves a broad range of industrial sectors such as automotive technology, energy, aerospace, and technical building equipment, positioning itself as a trusted engineering partner with a global footprint. The website reflects a mature digital presence with multi-language support, comprehensive product and solution information, and clear contact channels. Technically, the site employs modern web technologies and integrates a consent management platform to ensure privacy compliance. Security posture is adequate but could be improved by implementing additional HTTP security headers and publishing explicit security policies. The absence of WHOIS data for the exact www-prefixed domain is likely a technical artifact rather than a legitimacy concern. Overall, the website is professional, trustworthy, and business-focused, supporting Witzenmann's market position as a reputable industrial supplier.

W

Witzenmann Korea Co., Ltd.

witzenmann.co.kr

66

Witzenmann Korea Co., Ltd. operates a professional website offering a broad range of flexible metal products including hoses, expansion joints, bellows, and automotive parts, targeting industrial sectors such as automotive, aerospace, construction, and energy. The company is part of the global Witzenmann Group with a strong international presence. The website demonstrates good content quality, clear navigation, and multi-language support, reflecting a mature digital presence. Technically, the site uses modern web technologies and integrates a consent management platform and Google Tag Manager for analytics and privacy compliance. Security posture is moderate with no visible security headers and unknown SSL configuration, suggesting room for improvement. The absence of WHOIS data is a notable anomaly that requires further investigation to confirm domain legitimacy. Overall, the site is trustworthy and professional but would benefit from enhanced security measures and verification of domain registration status.

B

BTFLEX S.r.l.

bt-flex.com

58

BTFLEX S.r.l., part of the Witzenmann Group, is a medium-sized manufacturing company specializing in flexible metallic elements for various industrial sectors including automotive, aerospace, HVAC, and energy. The company offers both custom and series production solutions and maintains a strong international presence with subsidiaries and partner sites worldwide. The website is professionally designed, multilingual, and provides comprehensive product and solution information targeting industrial clients and OEMs. Technically, the site uses modern web technologies, including Usercentrics for consent management and Google Tag Manager for analytics, ensuring compliance with privacy regulations. Security posture is strong with HTTPS enforced and security headers present, though explicit security policies and incident response details are not published. Overall, the website reflects a credible and established business with good digital maturity.

W

Witzenmann

witzenmann.co.uk

67

Witzenmann is a global manufacturing and engineering company specializing in flexible metal elements such as hoses, expansion joints, metal bellows, and automotive components. The company serves diverse industrial sectors including automotive, aerospace, technical building equipment, and hydrogen applications. Their website demonstrates a strong global presence with multiple localized domains and a comprehensive product and solutions portfolio. Technically, the website uses modern web technologies, including Usercentrics for consent management and Google Tag Manager for analytics, and is well optimized for mobile devices. Security posture is moderate with HTTPS enforced and consent mechanisms in place, but lacks visible security headers and detailed incident response information. The WHOIS data for the UK domain is unavailable due to registration issues, which slightly impacts trustworthiness. Overall, the website is professional, content-rich, and trustworthy, serving industrial clients and OEMs effectively.

W

Witzenmann Española S.A.

witzenmann.es

64

Witzenmann Española S.A. is a large manufacturing company specializing in flexible metal elements, including flexible metal hoses, expansion joints, bellows, pipe supports, and automotive and aerospace components. The company operates globally with a strong presence in multiple countries and offers tailored engineering solutions for various industrial sectors such as automotive, aerospace, energy, and building technology. Their website reflects a professional and comprehensive digital presence with multilingual support and detailed product and solution offerings. Technically, the website uses modern web technologies including HTML5, CSS3, JavaScript, and integrates a consent management platform (Usercentrics) and Google Tag Manager for analytics and tracking. The site is mobile-optimized, accessible, and SEO-friendly, providing a good user experience. However, some security headers are not explicitly detected, and there is no visible security.txt or vulnerability disclosure page. Security posture is moderate to good, with HTTPS enforced and cookie consent mechanisms in place. The absence of explicit security policies or incident response contacts is a minor gap. No vulnerabilities or suspicious content were detected. The WHOIS data is unavailable due to registry restrictions, but the website's professionalism and global footprint strongly indicate legitimacy. Overall, the site is trustworthy, well-maintained, and compliant with privacy regulations. Strategic recommendations include enhancing security headers, publishing explicit security policies, and adding vulnerability disclosure information to further improve trust and security posture.

Den Nationale Whistleblowerordning is a Danish government-operated whistleblower reporting platform managed by Datatilsynet. It provides a secure channel for employees and partners to report serious legal violations and other critical issues encountered in their work environment. The service is positioned as a national authority resource, offering guidance, protection, and multiple reporting methods including anonymous submissions. The website is primarily in Danish with some English support, targeting whistleblowers within Denmark's jurisdiction. Technically, the website is built on ASP.NET Web Forms with jQuery and standard web technologies. It demonstrates good mobile optimization, accessibility, and SEO practices. The site uses HTTPS but lacks advanced security headers and DNSSEC, indicating room for security enhancements. No advertising or tracking technologies are present, aligning with its government service nature. From a security perspective, the site enforces HTTPS and uses secure form handling but does not publish a security policy or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the provided content. Privacy compliance is supported by a privacy and cookie policy, though no explicit cookie consent mechanism is implemented. Contact information is clearly provided, enhancing trust and credibility. Overall, the website is a trustworthy, professional government platform with a solid technical foundation and good content quality. Strategic improvements in security headers, cookie consent, and incident response transparency would further strengthen its security posture and compliance.

Vinařství Winberg Mikulov is a small, regionally focused winery based in South Moravia, Czech Republic, specializing in quality white and red wines. The website supports their business model by offering an e-shop for wine sales, accommodation services, and event hosting such as tastings and teambuilding. The site is professionally designed using Bootstrap and includes mobile optimization and clear navigation. However, the technical infrastructure uses some outdated components such as the legacy Google Analytics ga.js script. Security posture is moderate with HTTPS implied but lacking explicit security headers and modern analytics. Privacy compliance is limited with no dedicated privacy or cookie policy pages, though terms and conditions are present. The site enforces age verification for alcohol sales, indicating regulatory awareness. Overall, the domain registration data aligns well with the business claims, supporting legitimacy. Some suspicious external links embedded in the footer code suggest possible SEO spam or injection, which should be addressed.

Ubytování Březí is a small hospitality business operating in the South Moravia region of the Czech Republic, offering family-friendly accommodation in newly built guesthouses with amenities such as private kitchens and bathrooms. The business also provides wine tasting experiences and caters to group bookings. The website reflects a local accommodation provider with a modest online presence, targeting regional visitors traveling between Brno and Vienna. The domain has been registered since 2009, indicating a stable and established operation. Technically, the website is built with basic HTML and CSS, utilizing Google Fonts for typography. There is no evidence of a CMS or advanced frameworks, and the site appears to be hosted by vas-hosting.com. Performance and mobile optimization are basic, with no detected accessibility features or SEO enhancements beyond meta tags. No analytics or tracking scripts are present, indicating minimal data collection and user tracking. From a security perspective, the site lacks HTTPS confirmation in the provided data, security headers, and privacy or cookie policies, which are critical for GDPR compliance and user trust. No forms or incident response contacts are found, and no vulnerability disclosures or certifications are indicated. The contact information is clearly provided, but the absence of security best practices and compliance documentation represents a risk. Overall, the website is functional and relevant for its business purpose but requires significant improvements in security posture, privacy compliance, and technical modernization to enhance trustworthiness and regulatory adherence.

V

Vinařství Jiří Šilinek

silinek.eu

51

Vinařství Jiří Šilinek is a small family-owned winery located in the Pálava region of the Czech Republic, specializing in producing and selling quality wines, offering wine tastings, and providing accommodation services. The website reflects a professional and regionally focused business with a clear emphasis on tradition and quality. The digital infrastructure is built on the Rocketoo e-commerce platform, utilizing Bootstrap and jQuery, with integration of Google Analytics and Google Ads for marketing and analytics purposes. Privacy and cookie policies are well implemented, including GDPR compliance and user consent mechanisms. Security posture is generally good with HTTPS enforced and age verification for alcohol sales, though some security headers are missing. WHOIS data is unavailable due to privacy protection, which is typical for small businesses. Overall, the site is trustworthy, well-branded, and suitable for its target mature audience.