Security Directory

A

A & B Engineering

abeng.co.uk

66

A & B Engineering is a privately owned mechanical and electrical engineering company based in the Northwest UK, with annual sales around £60 million. They provide comprehensive M&E/MEP services across multiple sectors including healthcare, education, residential, commercial, retail, hospitality, industrial, and public sector projects. The company emphasizes quality, sustainability, and safety, holding BIM Level 2 accreditation and recognized by regional construction awards. Their website reflects a mature digital presence with modern technologies and a professional design. Technically, the site uses jQuery, FontAwesome, and cloud-based CDN hosting, with moderate performance and good mobile optimization. Security posture is solid with HTTPS and cookie consent mechanisms, though explicit security headers and incident response policies are absent. WHOIS data is unavailable due to domain registration issues, but the website content and business information indicate legitimacy. Overall, the company demonstrates a strong market position and credible online presence.

D

Douglas Land Surveys Ltd

douglas-land-surveys.co.uk

61

Douglas Land Surveys Ltd is a well-established land surveying company based in Dundee, Scotland, with over 25 years of experience. The company offers a comprehensive range of surveying services including topographic surveys, 3D laser scanning, hydrographic surveys, volumetric works, boundary resolution, and title deed preparation. Their client base includes individual property owners and large-scale developments such as wind farms and hydroelectric schemes, primarily serving the Scottish mainland, islands, and parts of northern England and Ireland. The business model focuses on providing professional, reliable, and timely surveying services with a strong emphasis on quality and client satisfaction.

B

Bethel House of Whitewater

bethelhouseinc.org

53

Bethel House of Whitewater is a small nonprofit organization dedicated to preventing homelessness among local children and families. Founded in 1994, it offers a range of support programs including transitional housing, emergency financial assistance, case management, and a client toiletry pantry. The organization relies heavily on community donations and volunteers to fulfill its mission, positioning itself as a grassroots community pillar with a strong local presence. The website reflects this mission with clear calls to action for support and volunteering, and maintains active social media channels to engage the community. Technically, the website is built on the Duda platform, utilizing modern web technologies such as jQuery, service workers, and CDN hosting via Cloudfront. The site is mobile optimized and performs moderately well, though accessibility and SEO could be improved. Analytics are implemented via Snowplow, indicating some level of user behavior tracking, but privacy compliance is lacking as no privacy or cookie policies are present. From a security perspective, the site enforces HTTPS and uses service workers, but lacks important security headers and formal security policies or incident response contacts. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data is unavailable or privacy protected, which is typical for nonprofits and does not raise immediate concerns. Overall, the site is trustworthy and professional but would benefit from enhanced privacy and security compliance. Strategically, Bethel House should prioritize implementing comprehensive privacy and cookie policies, improve security headers, and consider publishing a vulnerability disclosure or security.txt file to enhance trust and compliance. These steps will strengthen their security posture and align with best practices for nonprofit organizations handling sensitive client information.

T

Top10casino.nl

top10casino.nl

44

Top10casino.nl is a specialized Dutch media website focused on providing detailed reviews, rankings, and guides for legal online casinos in the Netherlands. Established in 2021, it serves Dutch adult players by offering trustworthy information about licensed gambling operators, bonuses, games, and responsible gambling practices. The site operates primarily on an affiliate marketing business model, promoting licensed casinos with clear disclosures and expert editorial content authored by named professionals. Technically, the website uses a modern Bootstrap framework, jQuery, and Amazon Cloudfront CDN, with Google Analytics integrated for user tracking. Age verification and ad consent mechanisms are implemented via custom JavaScript to comply with Dutch regulations. Security posture is good with HTTPS enforced, but the site lacks explicit privacy and cookie policies and some security headers. Overall, the site is professional, trustworthy, and compliant with Dutch gambling laws, targeting adults 24+ with safe gambling content.

Č

Čaklā bite

caklabite.lv

48

Čaklā bite is a Latvian small business specializing in the online retail of certified organic honey and various bee products. The website offers a range of natural honey types, creamed honey, and honey with nuts, targeting general consumers interested in organic and natural food products. The business leverages e-commerce to reach customers with a focus on quality and fast delivery. The website is built on the Mozello CMS platform and uses Amazon Cloudfront CDN for content delivery, indicating a moderate level of technical infrastructure and digital maturity. The site is mobile-optimized and provides a clear product catalog with images and pricing, enhancing user experience. Security posture is adequate with HTTPS enforced and cookie consent implemented; however, the absence of security headers and explicit privacy policies suggests room for improvement. Overall, the site presents a trustworthy and professional front for a niche retail business but would benefit from enhanced security and compliance documentation.

Mil.Press FLOT is a well-established Russian media portal specializing in naval and military news, history, and educational content. The website serves a niche audience of military professionals, enthusiasts, and researchers, offering a broad range of articles, forums, and multimedia resources. The business operates primarily as a media publisher with advertising as a key revenue stream, supported by related media outlets under the Mil.Press brand. Technically, the site is built on Bitrix CMS with standard JavaScript libraries and integrates multiple analytics and advertising scripts, indicating a moderate level of digital maturity. However, the site lacks modern security headers and DNSSEC, which lowers its security posture. Privacy and cookie policies are absent, reflecting a gap in compliance with modern data protection standards. Overall, the domain's long age and consistent registration data support the site's legitimacy, but improvements in security and privacy transparency are recommended.

W

WebVitalize.io

webvitalize.io

54

WebVitalize.io is a technology-focused SaaS platform specializing in real-time monitoring and predictive analytics of Core Web Vitals, essential metrics for website performance and SEO. The platform offers a comprehensive dashboard, competitor analysis, deployment monitoring, and proactive alerting services aimed at web developers, SEO professionals, and digital marketers. The website presents a professional and modern interface with clear messaging and partner endorsements, positioning itself as a niche player in the web performance analytics market. Technically, the site leverages modern JavaScript frameworks (likely Vue.js), integrates with Google Tag Manager, Datadog for logging, and uses Cloudfront CDN for hosting, indicating a mature and scalable infrastructure. Security posture is solid with HTTPS enforced and reCAPTCHA integration, though explicit security headers and published security policies are absent. WHOIS data is unavailable due to privacy protection, which is typical for SaaS startups, but no suspicious patterns were detected. Overall, the site is trustworthy, well-implemented, and compliant with basic privacy standards.

B

Bux.sk

bux.sk

66

Bux.sk is a Slovak online bookstore offering a broad selection of books from local and international authors. The website is professionally designed with good content quality and targets general consumers interested in purchasing books online. The technical infrastructure includes modern tracking and analytics tools such as Google Analytics, Adform, and Cookiebot for consent management, indicating a mature digital presence. Security posture is strong with HTTPS enforced and multiple security headers present, though explicit security and incident response policies are not publicly available. Privacy compliance is well addressed through a comprehensive cookie consent mechanism and GDPR-aligned privacy policy. Overall, the website presents a trustworthy and professional e-commerce platform with room for improvement in transparency of contact and security policies.

M

Messe München GmbH

analytica.de

60

analytica.de is the official website for the analytica trade fair, a world-leading event for laboratory technology, analytics, and biotechnology organized by Messe München GmbH. The site serves a large professional audience including market leaders and decision-makers in the industry, providing comprehensive information about upcoming events, exhibitor registration, and conference programs. The website demonstrates a high level of digital maturity with modern web technologies, strong privacy compliance via Usercentrics CMP, and integration of analytics and advertising tools. Security posture is robust with HTTPS, security headers, and no detected vulnerabilities. Overall, the site is professional, trustworthy, and well-optimized for performance and accessibility.

S

Sbírka Bílá pastelka

bilapastelka.cz

57

The website bilapastelka.cz represents a well-established charitable campaign focused on supporting people with visual impairments in the Czech Republic. It operates as a non-profit initiative, encouraging donations and volunteer participation to fund training programs, guide dog services, and employment opportunities for the visually impaired. The site is professionally designed, with clear navigation and integration of donation widgets, social media links, and volunteer statistics, reflecting a mature digital presence. Technically, the website is built on the Webnode CMS platform, leveraging modern web technologies including HTTPS, CDN delivery via Amazon Cloudfront, and analytics tools such as Google Analytics and Google Tag Manager. The site demonstrates good mobile optimization and basic accessibility features, although there is room for improvement in security headers and explicit privacy documentation. From a security perspective, the site enforces HTTPS and provides a cookie consent mechanism with granular user options, aligning with GDPR requirements. However, the absence of explicit privacy policies, terms of service, and security.txt files indicates gaps in compliance and vulnerability disclosure practices. No critical vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website presents a trustworthy and professional front for its charitable mission, but the lack of WHOIS data and formal privacy documentation slightly reduces its trust score. Strategic improvements in security headers, privacy policy publication, and domain registration transparency would enhance its security posture and compliance standing.

S

Spot by NetApp

spotinst.com

63

Spot by NetApp, now part of Flexera, offers advanced cloud operations solutions focused on optimization and cost management. Their platform leverages AI and analytics to provide continuous cloud infrastructure optimization, targeting enterprises and cloud teams using AWS, Azure, and Google Cloud. The website demonstrates a mature digital presence with comprehensive content, clear navigation, and strong branding aligned with Flexera. Technically, the site is built on WordPress, hosted on AWS infrastructure, and employs modern SEO and performance optimizations. Security posture is solid with HTTPS, domain locking, and cookie consent mechanisms, though DNSSEC is not enabled and no explicit security policy is published. Overall, the site reflects a trustworthy and professional SaaS business with a strong market position in cloud cost optimization.

S

Spot by NetApp

spot.io

63

Spot by NetApp, now part of Flexera, is a mature and reputable provider of cloud operations solutions focused on optimization and cost management. Their platform leverages AI and advanced analytics to automate cloud infrastructure optimization, targeting enterprises and cloud teams using AWS, Azure, and Google Cloud. The website reflects a strong market position with comprehensive product offerings including FinOps, Kubernetes infrastructure optimization, and cloud commitment management. Technically, the site is built on WordPress with modern SEO and performance optimizations, hosted on AWS infrastructure. Security posture is good with HTTPS and cookie consent mechanisms, though explicit security policies and vulnerability disclosures are absent. Overall, the site is professional, trustworthy, and well-aligned with its business objectives.

N

Narozeninové dorty

narozeninove-dorty.cz

58

Narozeninové dorty is a small Czech-based cake business specializing in birthday, wedding, children's, and specialty cakes. The website showcases a variety of cake images and provides basic contact information including an email address and regional location. The business appears to target general consumers looking for custom cakes in the Karlovy Vary region. Technically, the website is built on the Webnode CMS platform, uses HTTPS with Google Analytics for visitor tracking, and is hosted via Cloudfront CDN. However, the site lacks advanced security headers and privacy policies, indicating room for improvement in compliance and security posture. The absence of WHOIS data reduces transparency but is likely due to privacy protection, which is common for small businesses. Overall, the site is functional with moderate technical maturity but requires enhancements in privacy compliance and security best practices.

E

Ericsson Nikola Tesla d.d.

ericsson.hr

67

Ericsson Nikola Tesla d.d. is a well-established regional provider of telecommunications products, innovative ICT solutions, and related services. The company targets telecommunication service providers, government agencies, and various industries requiring digital transformation and ICT innovation. The website reflects a mature digital presence with professional design, clear navigation, and comprehensive content highlighting their key services and business achievements. Technically, the site is built on WordPress with modern plugins and tracking tools, demonstrating a moderate to good performance and mobile optimization. Security posture is solid with HTTPS, reCAPTCHA, and error monitoring, though it lacks some advanced security headers and explicit security policies. Privacy compliance is partially addressed with a cookie consent mechanism but lacks a visible privacy policy and terms of service. Overall, the domain registration is consistent and transparent, supporting the legitimacy of the business.

F

fwd: Bundesvereinigung Veranstaltungswirtschaft e.V.

we-transform-future.live

62

The website www.we-transform-future.live represents the event platform 'wtf25' organized by 'fwd: Bundesvereinigung Veranstaltungswirtschaft e.V.', a non-profit association focused on the event industry in Germany. The platform offers a professional event experience with workshops, panels, and networking opportunities centered on future-oriented themes such as sustainability, business, politics, and people. The site targets event professionals, decision makers, and newcomers, providing relevant content and resources including event programs and partner information. Technically, the site is built on the Multiscreensite CMS platform, leveraging modern JavaScript libraries like jQuery and analytics tools such as Google Analytics and Snowplow. It uses HTTPS with good SSL configuration and includes privacy compliance features like cookie consent and GDPR-aligned privacy policies. However, explicit security headers and incident response information are absent, representing areas for improvement. Overall, the site is well-designed, accessible, and trustworthy, with a strong social media presence and clear business identity.

Ř

Římskokatolická farnost Klimkovice

farnostklimkovice.cz

56

The website www.farnostklimkovice.cz represents the Roman Catholic parish of Klimkovice, a small non-profit religious organization serving its local community. The site provides parish news, religious service schedules, historical information, and contact details. It targets local parishioners and visitors interested in the parish's activities and spiritual services. The business model is community and faith-based, with no commercial intent. Technically, the website is built on the Webnode CMS platform and uses Cloudfront CDN for content delivery. It incorporates Google Analytics with IP anonymization for visitor tracking. The site is mobile-optimized and has a moderate performance profile. However, it lacks advanced accessibility features and comprehensive SEO optimization. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks important security headers such as Content-Security-Policy and Strict-Transport-Security. There are no visible vulnerabilities or exposed sensitive data. Privacy compliance is weak due to the absence of privacy and cookie policies. Contact information is clearly presented, enhancing business credibility. Overall, the website is safe, professional, and trustworthy for its intended audience. The lack of WHOIS data suggests privacy protection, which is typical for small non-profits. Strategic improvements in privacy compliance and security headers would enhance the site's security posture and regulatory adherence.

O

OREON

somelierskepotreby.cz

61

The website somelierskepotreby.cz operates as an e-commerce platform specializing in sommelier supplies and wine accessories, targeting consumers and professionals interested in wine-related products primarily in the Czech Republic and EU. The business offers a range of products including wine cooling containers, racks, serving accessories, glassware, bottles, and gift sets, with additional services such as product branding. The site is professionally designed with clear navigation and multi-language support, enhancing user experience and accessibility. Technically, the website is built on the Shoptet CMS platform, utilizing common web technologies such as jQuery, Google Tag Manager, Google Analytics, Microsoft Clarity, and Facebook SDK. It leverages Amazon Cloudfront CDN for content delivery and integrates modern payment APIs like Google Pay and Apple Pay. Performance is moderate with good mobile optimization and basic accessibility features. From a security perspective, the site enforces HTTPS and implements cookie consent mechanisms aligned with GDPR requirements. However, it lacks explicit security headers such as Content-Security-Policy and X-Frame-Options, and uses an outdated jQuery version which could pose vulnerabilities. No critical security issues or exposed sensitive data were detected. Overall, the website presents a trustworthy and professional front for its niche retail business, though the absence of WHOIS data limits domain transparency and trust assessment. Strategic improvements in security headers and technology updates are recommended to enhance security posture and compliance.

The website myjackpot.pl is currently a parked domain page indicating that the domain is for sale. It does not provide any business services or content beyond advertising and a call to purchase the domain. The technical infrastructure is minimal, relying on basic JavaScript and Amazon Cloudfront CDN for content delivery. There is no evidence of a CMS or advanced frameworks. Security posture is weak with no HTTPS enforcement or security headers detected, and no privacy or cookie policies are present. The site lacks contact information and business legitimacy indicators, which significantly reduces trustworthiness. Overall, the site functions solely as a domain resale landing page with minimal technical or business maturity.

R

ROCKETMOTORS

rocketmotors.sk

10

ROCKETMOTORS is a Slovakian e-commerce retailer specializing in motor vehicles such as ATVs, motorcycles, electric vehicles for children, and related accessories. The company targets general consumers interested in motorized recreational and utility vehicles. Their market position is that of a niche regional player with a comprehensive product offering and a customer-centric approach. The website is built on the Shoptet e-commerce platform, leveraging modern web technologies and integrations with Google Analytics, Facebook SDK, and other marketing tools. The technical infrastructure is solid, with good mobile optimization and moderate performance. Security posture is good with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. Privacy compliance is well addressed with clear policies and GDPR adherence. Overall, the website presents a professional and trustworthy front for the business.

DMP is a Czech Republic-based small retail e-commerce business specializing in the sale of indoor plants, pots, and gardening accessories. The company sources plants directly from growers and targets a B2B audience, offering professional advice on plant care. The website is built on the Shopify platform, leveraging modern e-commerce technologies and integrations such as Judge.me for customer reviews, Heatmap.com for user behavior analytics, and multiple marketing pixels including Google Analytics and Facebook Pixel. The site is well-optimized for performance and mobile usage, with a consistent branding approach and good content relevance. Security posture is solid with HTTPS enforcement and captcha protections, though explicit security policies and incident response contacts are not present. Privacy compliance is partially addressed with cookie consent mechanisms but lacks a visible privacy policy page. The domain registration data is consistent with the business profile, indicating legitimacy and appropriate domain age. Overall, the website presents a professional and trustworthy online presence for a niche indoor plant retailer.

S

SkvěléČesko.cz s.r.o.

skvelecesko.cz

54

SkvěléČesko.cz s.r.o. operates an online platform dedicated to booking leisure and recreational activities across the Czech Republic. The website offers a wide range of services including sports, wellness, family activities, and unique experiences, targeting both local residents and tourists. The business model focuses on providing a seamless online reservation system with instant ticket delivery and customer support, positioning itself as a trusted intermediary between customers and service providers. Technically, the website employs modern JavaScript libraries and integrates multiple analytics and marketing tools such as Google Analytics, Microsoft Clarity, Bing UET, and Facebook Pixel. The site is well-structured with comprehensive metadata, JSON-LD structured data, and good SEO practices. Mobile optimization and user experience are strong, though some accessibility features could be enhanced. The site uses HTTPS with excellent SSL configuration but lacks explicit security headers, which is a recommended improvement. From a security perspective, the platform demonstrates good privacy compliance with clear cookie consent mechanisms and detailed privacy policies aligned with GDPR. No critical vulnerabilities or exposed sensitive data were detected. However, the absence of WHOIS data limits the ability to fully verify domain legitimacy and ownership, which slightly impacts trustworthiness. No incident response or security policy pages were found. Overall, SkvěléČesko.cz presents a professional, user-friendly, and secure online service for leisure activity bookings in the Czech market. Strategic recommendations include enhancing security headers, verifying domain registration details, and improving accessibility compliance to further strengthen trust and security posture.

R

RJFM

rjfm.net

56

RJFM is a well-established local radio station based in Montluçon, France, providing regional news, music hits, and podcasts primarily targeting local residents. The website reflects a professional media outlet with a consistent brand presence and a focus on delivering local content digitally. The business operates a multi-channel digital presence including streaming, podcasts, and mobile applications, positioning itself as a key local media player in the Allier region. Technically, the website uses modern web technologies and CDNs to deliver content efficiently, with good mobile optimization and basic accessibility features. Security posture is adequate with HTTPS, domain locking, and reCAPTCHA integration, though improvements such as DNSSEC and enhanced security headers are recommended. Privacy compliance is basic but includes cookie consent and a privacy policy in French. Overall, the site is trustworthy and safe for general audiences, with no adult or explicit content detected.

C

CUT BY FRED

cutbyfred.com

69

CUT BY FRED is a French e-commerce business specializing in natural, vegan hair care products designed by hairdresser Frédéric Birault. The website positions itself as an expert in natural hair care, targeting consumers seeking clean and locally made hair products. The brand emphasizes product quality, ethical manufacturing, and caters to diverse hair types. Technically, the website is built on Shopify, leveraging modern JavaScript frameworks and multiple marketing and analytics integrations such as Klaviyo, Yotpo, and Google Tag Manager. The site is mobile-optimized with good SEO and accessibility basics. Security posture is solid with HTTPS enforced and domain protections in place, though DNSSEC is not enabled and some security headers are missing. Privacy compliance is strong with clear cookie consent and privacy policies in French, aligned with GDPR requirements. No direct contact information or explicit security policies were found, which could be improved. Overall, the site is professional, trustworthy, and well-positioned in its niche market.

P

Patrick Roger

patrickroger.com

68

Patrick Roger operates a premium chocolatier e-commerce website based in France, offering a variety of chocolate products and merchandising items. The website is professionally designed and hosted on Shopify, featuring rich content, clear navigation, and strong branding consistency. The company targets general consumers interested in luxury chocolates and related products. Technically, the site leverages modern e-commerce technologies including Shopify's platform, Cloudfront CDN, and integrates analytics and marketing tools such as Google Tag Manager and Facebook Pixel. Security measures include HTTPS enforcement and hCaptcha for form protection, contributing to a solid security posture. However, the absence of WHOIS registration data for the domain introduces some uncertainty regarding domain legitimacy, though the overall site professionalism mitigates immediate concerns. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms.

S

Domov | Sparklond

sparklond.sk

42

Sparklond.sk is a Slovak-based educational website specializing in professional welding training and certification. The business offers a variety of welding courses, including beginner to expert levels, with a focus on practical skills and coaching. The website features testimonials and video references to build trust and demonstrate effectiveness. The domain is relatively new, created in 2022, and uses DNSSEC with a valid registrar and hosting provider, indicating legitimacy. Technically, the site uses modern front-end libraries such as Bootstrap, Owl Carousel, and integrates third-party services like Google Tag Manager and Smartsupp Live Chat. Security measures include HTTPS and a Content-Security-Policy header, though the CSP is permissive and could be hardened. Privacy compliance is weak, with no visible privacy or cookie policies, which is a notable gap. Overall, the website is professionally designed, mobile-optimized, and provides clear contact information, but should improve privacy disclosures and tighten security headers.

A

AFS Intercultural Programs Philippines

afs.ph

60

AFS Intercultural Programs Philippines operates as a non-profit organization specializing in intercultural learning and study abroad programs primarily targeting secondary school students, families, and volunteers. The organization holds a strong market position as a leading provider of educational exchange opportunities in the Philippines, supported by scholarships, volunteer programs, and a global competence certificate. Their digital presence is professional, well-branded, and optimized for search engines, reflecting a mature and user-friendly website experience. Technically, the website is built on WordPress with modern plugins such as Yoast SEO and Google reCAPTCHA Enterprise, leveraging Amazon Cloudfront CDN for content delivery. The site demonstrates good mobile optimization, accessibility, and performance, although there is room for improvement in publishing explicit security policies and incident response information. From a security perspective, the site employs HTTPS with strong SSL configuration and security headers, uses reCAPTCHA to protect forms, and avoids exposing sensitive data. However, it lacks a dedicated security policy or vulnerability disclosure mechanism, which could enhance trust and compliance. Privacy compliance is well addressed with clear privacy and cookie policies and consent mechanisms. Overall, the website is trustworthy, professionally managed, and secure, with minor gaps in security transparency. The domain registration data aligns well with the organization's identity, reinforcing legitimacy and credibility.

A

Aquapark Kravaře

aquapark-kravare.cz

53

Aquapark Kravaře is a modern recreational aquapark located in the Czech Republic, offering a variety of water attractions such as a 65-meter toboggan, wild river, whirlpool, and massage features. The facility also hosts a swimming school and provides additional wellness services like sauna and massages. The website is professionally designed with good content quality and clear navigation, targeting families and general visitors seeking leisure activities. Technically, the site uses a Webnode CMS platform, leverages AWS Cloudfront CDN for hosting, and integrates Google Tag Manager for analytics. The site is mobile-optimized and performs moderately well. Security posture is adequate with HTTPS enforced and cookie consent implemented, but lacks advanced security headers and explicit incident response contacts. The absence of WHOIS data for the domain raises concerns about domain registration legitimacy, impacting overall trust. Privacy policies are present and GDPR compliant, but terms of service and direct contact details are limited. Overall, the site is functional and safe for general audiences but would benefit from enhanced security practices and clearer business contact information.

Schneider Electric is a global leader in energy management and automation solutions, offering a broad range of products including the APC branded offers featured on this website. The company targets business customers requiring reliable and connected energy solutions. The website demonstrates a mature technical infrastructure leveraging modern web technologies such as SystemJS, Web Components, and cloud-based CDNs, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforced and use of sanitization libraries, although explicit security policies and incident response information are not visible on this page. Privacy compliance is limited on this page, with no visible privacy or cookie policies, which should be addressed to improve user trust and regulatory adherence. Overall, the website is professional and trustworthy, but the absence of WHOIS data and registrant information is unusual and warrants further verification.

A

Awen Amenca z.s.

awenamenca.cz

55

Awen Amenca is a small non-profit organization based in the Czech Republic focused on reducing school segregation by empowering Roma parents, advocating for equal access to education, and organizing community leadership. Their website clearly communicates their mission, activities, and impact, targeting Roma communities, parents, schools, and municipalities. The organization operates campaigns to enroll Romani children in quality mainstream schools and supports legal advocacy against discrimination. Technically, the website is built on the Webnode CMS platform, uses AWS Cloudfront CDN for hosting, and integrates Google Analytics and ShareThis for tracking and social sharing. The site is mobile optimized with good design and navigation, though accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and published policies. WHOIS data is unavailable, which limits domain trust assessment. No privacy or cookie policies are found, indicating compliance gaps. Overall, the website is functional and professional but could improve transparency and security compliance.

F

Frank Bold Advisory

frankboldadvisory.cz

10

Frank Bold Advisory is a professional consulting firm specializing in ESG reporting, energy management, and strategic communication with a focus on sustainability and compliance with European standards such as CSRD and EU taxonomy. The company positions itself as a leader in ESG advisory with direct involvement in European ESG standard development and a decade of experience. Their services target businesses seeking to improve sustainability reporting and energy efficiency. Technically, the website is built on modern platforms like Webflow, uses multiple analytics tools including Google Analytics and Matomo, and implements cookie consent mechanisms, reflecting a mature digital presence. Security posture is generally good with HTTPS and consent management, but lacks visible security headers and published security policies. The absence of WHOIS data for the domain is a notable concern for domain legitimacy verification, though the professional content and branding suggest a legitimate business. Overall, the website is well-designed, content-rich, and trustworthy, with recommendations to enhance security transparency and verify domain registration details.

T

Technické služby Velké Popovice, příspěvková organizace

tsvp.cz

57

Technické služby Velké Popovice is a municipal service organization providing essential technical and environmental services to the local community of Velké Popovice, Czech Republic. Their offerings include sewer cleaning, waste collection, water supply, and sewage management. The website serves as an information portal for residents, providing updates, service announcements, and contact details. The organization operates as a public entity, likely funded by local government and service fees, positioning itself as a key local utility provider. Technically, the website is built on the Webnode CMS platform, utilizing Cloudfront CDN for content delivery and Google Analytics for visitor tracking with IP anonymization enabled. The site is accessible, with a moderate performance profile and basic mobile optimization. However, it lacks advanced SEO and accessibility features. No blocking or WAF mechanisms were detected, indicating open access. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks security headers and formal privacy or cookie policies, which are critical for GDPR compliance. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information suggest legitimacy. Overall, the security posture is moderate but could be improved with better compliance and security controls. The overall risk is moderate with recommendations to implement privacy and cookie policies, add security headers, and verify domain registration details. Enhancing compliance and security transparency will improve trust and reduce potential risks.

P

Pudeto

pudeto.cz

48

Pudeto is a Czech-based online marketing agency founded in 2019, specializing in outsourced marketing services for e-commerce and online businesses. They offer PPC, web analytics, social media marketing, audits, and email marketing, supported by proprietary tools such as Pobo.cz and Cenový automat. The website is professionally designed using WordPress with the Enfold theme and optimized for performance and mobile devices. Security posture is good with HTTPS and reCAPTCHA integration, but lacks explicit privacy and cookie policies. Contact is primarily via a contact form, with no direct emails or phone numbers publicly listed. The domain registration data aligns well with the business claims, indicating legitimacy.

O

optik studio Jana Čížková s.r.o.

optik.studio

58

Optik Studio Jana Čížková s.r.o. is a small retail optical business based in the Czech Republic, specializing in the sale of branded eyewear and providing expert optical services. The website presents a professional and consistent brand image, targeting consumers seeking quality eyeglasses and optical care in Prague. The company maintains an active blog and social media presence, enhancing customer engagement. Technically, the website is built on the Webnode CMS platform, hosted via Amazon Cloudfront CDN, and employs modern web technologies including Google Analytics and Tag Manager for tracking. The site is mobile-optimized and performs moderately well, with good SEO practices in place. Security-wise, the site uses HTTPS with a valid SSL certificate and implements a cookie consent banner, but lacks advanced security headers and explicit privacy or security policies. WHOIS data is unavailable due to privacy protection, which is common and justified for this business type. Overall, the website is trustworthy and functional but could improve in privacy transparency and security hardening.

C

Citybikes

citybikes.cz

58

Citybikes.cz is a Czech Republic-based e-commerce retailer specializing in urban bicycles, electric bikes, and related accessories. Established since 2006, the company targets urban cyclists, families, and seniors seeking sustainable and healthy transportation options. The website offers a broad catalog of products including folding bikes, children's bikes, and bike accessories, supported by repair and conversion services. Technically, the site is built on the Shoptet platform, leveraging common web technologies such as jQuery, Google Analytics, and Facebook Pixel for marketing and analytics. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is solid with HTTPS enforced and cookie consent implemented, though some security headers could be improved. The absence of WHOIS data for the domain is a notable concern, impacting domain legitimacy trust scores. Overall, the website is professional and trustworthy from a user perspective but would benefit from enhanced transparency on domain registration and security policies.

A

Medicare.pl - Kliknij po zdrowie (dawniej allecco.pl)

allecco.pl

62

Medicare.pl is a large Polish online pharmacy platform offering a wide range of approximately 18,000 products including medicines, cosmetics, supplements, and medical devices. The business model combines e-commerce with physical pickup points in over 800 pharmacies across 364 cities, targeting general consumers seeking convenient access to health-related products. The website is built on the AptusShop CMS platform and leverages modern technologies such as Google Tag Manager, Cookiebot for consent management, and various marketing tools like Prefixbox and Edrone. Hosting and content delivery are supported by Amazon Cloudfront CDN, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and multiple security headers present, although explicit privacy policies and terms of service are not found in the provided content. WHOIS data is unavailable from the Polish NASK registry, which slightly reduces trust but is common for privacy-protected domains in this sector. Overall, the website demonstrates a professional and trustworthy e-commerce presence in the healthcare industry.

B

BIG EVIL CORPORATION

bigevilcorporation.co.uk

58

BIG EVIL CORPORATION is a small UK-based independent videogame studio specializing in creating new games for retro consoles, particularly the SEGA Mega Drive and Genesis. Their business model focuses on niche market segments of retro gaming enthusiasts, offering original games developed using authentic 1990s SEGA development tools. The company maintains an active online presence with social media channels and a dedicated development blog, supporting community engagement and marketing efforts. Technically, the website is built on the 123-reg Website Builder platform, leveraging common web technologies such as JavaScript, jQuery, and Google Analytics for tracking. The site is hosted securely with HTTPS and uses CDN services for content delivery, though mobile optimization and accessibility are basic and could be improved.

A

Asociace pracovníků pedagogicko-psychologických poraden, z.s.

apppp.cz

55

The website www.apppp.cz represents the Asociace pracovníků pedagogicko-psychologických poraden, z.s., a professional association dedicated to supporting and developing pedagogical-psychological counseling services in the Czech Republic. The site targets specialists and professionals in the educational counseling sector, providing information about the association, its mission, and contact avenues primarily through a contact form. The business model is non-profit and focused on professional development and collaboration within the education sector. The website is well-branded and content is relevant and professionally presented in Czech language. Technically, the website is built on the Webnode platform, leveraging AWS Cloudfront CDN for hosting static assets, and uses standard web technologies including HTML5, CSS, and JavaScript. The site is mobile-optimized with moderate performance and basic SEO and accessibility features. HTTPS is enforced, ensuring secure communication. However, no advanced security headers were detected, and privacy compliance is limited by the absence of a dedicated privacy policy page. From a security perspective, the site shows a moderate security posture with HTTPS and cookie consent mechanisms in place. The lack of security headers and absence of direct contact emails or phone numbers for security or incident response reduces the overall security maturity. WHOIS data is unavailable, likely due to privacy protection or domain registration issues, which slightly impacts trustworthiness but does not contradict the professional nature of the site content. Overall, the website is a credible and professional platform for a small non-profit educational association, with room for improvement in privacy compliance, security headers, and transparency of contact information. Strategic recommendations include adding a privacy policy, implementing security headers, and providing direct contact details for enhanced trust and compliance.

T

TypoConsult A/S

typo3.dk

57

TYPO3.dk serves as the Danish community portal for the TYPO3 CMS, an established open source enterprise content management system with over 25 years of history. The website is managed and hosted by TypoConsult A/S, a Danish company specializing in TYPO3 CMS services. The portal provides information, news, and resources tailored to the Danish TYPO3 user base and promotes digital sovereignty through open source software. The site is well-positioned within the technology sector, targeting organizations and developers interested in TYPO3 CMS in Denmark. Technically, the website leverages TYPO3 CMS as its content management system, uses Cloudfront CDN for asset delivery, and integrates Simple Analytics for privacy-focused user tracking. The site demonstrates good performance, mobile optimization, and accessibility, with modern web standards and SEO best practices implemented. Hosting is provided by TypoConsult A/S, ensuring local and specialized support. From a security perspective, the site enforces HTTPS with strong SSL configuration and uses script integrity attributes. However, it lacks several recommended security headers such as Content-Security-Policy and X-Frame-Options, which could enhance protection against common web attacks. No privacy or cookie policies are published, representing a compliance gap with GDPR requirements. No incident response or vulnerability disclosure information is provided, limiting transparency in security management. Overall, TYPO3.dk is a trustworthy and professional community portal with strong business credibility and technical maturity. To improve its security posture and compliance, the site should implement security headers, publish privacy and cookie policies, and provide clear incident response contacts. These steps will enhance user trust and align the site with best practices in security and privacy.

M

Místní akční skupina Bobrava

masbobrava.cz

43

Místní akční skupina Bobrava is a Czech regional non-profit organization focused on supporting local municipalities, schools, entrepreneurs, non-profits, and the general public within the Bobrava region. The organization provides information on funding opportunities, promotes regional products and services, and engages the community through news updates and events. Their website reflects a professional and community-oriented approach with clear navigation and relevant content. Technically, the site is built on WordPress with common plugins and frameworks such as Bootstrap, and it employs Google reCAPTCHA for form security and a GDPR-compliant cookie consent mechanism. Security posture is solid with HTTPS enforced and no obvious vulnerabilities detected, though additional security headers could enhance protection. The absence of WHOIS data limits domain trust assessment, but the website's content and structure suggest legitimacy. Overall, the site is well-maintained, user-friendly, and compliant with privacy regulations.

D

Decile Group

decilegroup.com

64

Decile Group is a modern venture capital service provider specializing in accelerating VC firms, launching institutional-grade funds instantly, and providing AI-powered management platforms. Their offerings include training programs, fund management SaaS, back-office solutions, and a fund of funds investment vehicle. The company targets emerging and established venture capital managers, limited partners, and individuals seeking careers in VC. Technically, the website is built on a modern stack with Ruby on Rails backend, Stimulus JS, Turbo, and CDN hosting, delivering fast performance and excellent mobile optimization. Security posture is solid with HTTPS and CSRF protections, though improvements are recommended in DNSSEC, security headers, and explicit security policies. Privacy compliance is partially met with a clear privacy policy but lacks cookie consent mechanisms. Overall, the domain registration is consistent and trustworthy, supporting the legitimacy of the business.

J

Jsmon

jsmon.sh

65

Jsmon is a newly founded technology startup (2024) offering a modern JavaScript security platform focused on continuous external application security and monitoring. The platform aims to provide developers and security teams with advanced scanning, monitoring, and automation capabilities to stay ahead of JavaScript-related threats. The website is professionally designed using Framer and hosted with Cloudfront CDN, indicating a modern technical infrastructure. Analytics and customer engagement tools like Google Analytics and Intercom are integrated, supporting digital maturity. Security posture is adequate with HTTPS enabled and domain transfer protection, but lacks advanced security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. Overall, the website is functional and professional but would benefit from enhanced transparency and security documentation.

3

3D Sets

3dsets.com

62

3D Sets is a niche e-commerce business specializing in downloadable 3D printable RC car scale models. The company offers a range of products including trucks, buggies, boats, and accessories, supported by detailed build guides and an active community presence on social media platforms such as Facebook, YouTube, and Instagram. The website is professionally designed with excellent content quality, clear navigation, and strong branding consistency, targeting hobbyists and 3D printing enthusiasts. Technically, the site is built on WordPress with WooCommerce, leveraging modern analytics and marketing tools like Google Analytics, Hotjar, and Google Tag Manager. Hosting appears to be Czech-based, consistent with domain registration data. Security posture is good with HTTPS enforced, though additional HTTP security headers could improve protection. Privacy compliance is basic, with cookie consent implemented but no explicit privacy or terms of service pages found. Overall, the site demonstrates high professionalism and trustworthiness with no signs of content blocking or WAF interference.

D

Deutsche Gesellschaft für Neurologie e. V.

dgn.org

56

The Deutsche Gesellschaft für Neurologie e. V. (DGN) operates the website www.dgn.org as the largest neurological professional society in Europe, serving over 13,000 members. The site provides comprehensive resources including guidelines, news, events, a media library, and a dedicated job market platform (DGN-Neurojobs). The organization targets neurologists and medical professionals, positioning itself as a key player in the healthcare sector in Germany. Technically, the website employs modern web technologies such as React, Bootstrap, and FontAwesome, hosted on Amazon Cloudfront CDN, ensuring moderate performance and good mobile optimization. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though security headers and incident response policies are not explicitly published. Privacy compliance is well addressed with clear privacy and cookie policies, including GDPR adherence. Overall, the website is professional, trustworthy, and well-aligned with its business objectives.

C

Credspark

credspark.com

9

CredSpark is a technology company specializing in transforming content into personalized interactive experiences that generate unique data insights and increase audience engagement. Positioned as a niche provider in the interactive content space, CredSpark targets businesses seeking to enhance their digital marketing and customer engagement strategies. The website is built on WordPress using the Astra theme and Elementor plugins, leveraging modern web technologies and CDN services for content delivery. The technical infrastructure includes performance monitoring via New Relic and analytics through Google Tag Manager, indicating a mature digital presence. Security posture is generally good with HTTPS enforced and some security headers present, though improvements are recommended in CSP and other headers. The absence of WHOIS registration data raises some concerns about domain transparency, but the website's professional content and policies mitigate trust issues. Overall, CredSpark presents a credible and professional online presence with room for security enhancements.

V

Veslice Liteboat v zastoupení ANVI TRADE s.r.o.

veslice.cz

45

The website veslice.cz represents Veslice Liteboat in the Czech Republic, operated by ANVI TRADE s.r.o., specializing in the distribution and sales of recreational and racing rowing boats, including coastal rowing and rowing boats with sails. The business targets a general audience interested in watersports and recreational rowing, offering a niche product line with a focus on innovation, stability, and ease of use. The company has a small but professional online presence with clear product listings and social media integration. Technically, the site is built on WordPress with WooCommerce and uses modern plugins such as Yoast SEO and Slider Revolution, hosted likely by WEDOS, a Czech hosting provider. The site is mobile optimized and SEO friendly but lacks explicit privacy and cookie policies, which is a compliance gap. Security posture is good with HTTPS enabled but could be improved by adding security headers and incident response information. Overall, the domain registration data is consistent and trustworthy, supporting the legitimacy of the business.

V

Východoslovenské múzeum v Košiciach

vsmuzeum.sk

56

Východoslovenské múzeum v Košiciach is a regional cultural institution dedicated to preserving and showcasing Eastern Slovakia's heritage through exhibitions, events, and educational programs. The museum targets a broad audience including local residents, tourists, and cultural enthusiasts. It operates as a government-funded non-profit entity with a medium organizational size and a stable market position in the Slovak cultural sector. The website reflects this mission with clear information about exhibitions, volunteer opportunities, and visitor information. Technically, the site is built on the Webnode CMS platform, hosted on AWS Cloudfront, and employs modern web technologies such as responsive design and cookie consent mechanisms. While the site is generally well-structured and user-friendly, it lacks advanced security headers and explicit security or incident response policies. The security posture is adequate with HTTPS and cookie consent but could be improved by implementing additional security best practices. Overall, the website is trustworthy, professionally maintained, and compliant with GDPR at a basic level, making it a reliable digital presence for the museum.

The Tampa Bay Times website, operated by Times Publishing Company, is a leading regional news media outlet serving the Tampa Bay area and broader Florida region. Established in 1884, the company offers a comprehensive portfolio of news content, including digital and print newspapers, magazines, and consumer events, reaching over one million people weekly. The website features a professional design with clear navigation and extensive content relevant to local news, sports, viewpoints, and culture. The business model relies on subscriptions, advertising, and community engagement. Technically, the site employs a modern technology stack including React, various analytics and advertising SDKs, and is hosted with Amazon Cloudfront CDN, ensuring good performance and mobile optimization. Security posture is strong with HTTPS enforcement and security headers, though explicit privacy and cookie policies are not evident in the provided content. Overall, the site demonstrates high professionalism and trustworthiness, supported by multiple Pulitzer Prizes and structured data markup.

M

Marine Corps Times

marinecorpstimes.com

69

Marine Corps Times is a specialized media publication focused on delivering news and information about the U.S. Marine Corps, military affairs, and the Department of Defense. It holds a strong market position as a trusted source for Marines, veterans, and military stakeholders, offering news articles, subscription magazines, and special features. The website demonstrates a professional design with good content quality and consistent branding, targeting a niche military audience. Technically, the site employs modern web technologies including Google Tag Manager, Prebid.js for ads, and AWS Cloudfront for content delivery, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and use of performance/security monitoring scripts, though explicit security headers and privacy policies are not clearly visible in the provided content. The absence of WHOIS data for the domain is a notable anomaly, reducing trust slightly, but the website's content and external references support its legitimacy. Overall, the site is safe, professional, and relevant to its audience, but could improve transparency around privacy and security policies.

A

Air Force Times

airforcetimes.com

68

Air Force Times is a specialized media outlet providing independent news coverage focused on Air Force personnel and related military topics. The website offers a variety of content including news, benefits information, opinion pieces, and special projects, targeting airmen, veterans, and military families. The site is professionally designed with consistent branding and clear navigation, supporting a medium-sized media business model reliant on advertising and subscriptions. Technically, the site uses modern web technologies including Google Tag Manager, Prebid.js for ads, and Cloudfront CDN for hosting, delivering moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and no obvious vulnerabilities, though some security headers are not explicitly detected. Privacy compliance is limited as no explicit privacy or cookie policies were found in the provided content. The WHOIS data is missing or protected, which reduces domain trustworthiness, but the website content and structure align with a legitimate media brand. Overall, the site is a credible and professional military news source with room for improvement in privacy transparency and security header implementation.

T

The Marshall Project

themarshallproject.org

64

The Marshall Project is a nonprofit news organization specializing in investigative journalism and reporting on the U.S. criminal justice system. It operates multiple newsletters and local network projects, positioning itself as a trusted source for criminal justice news and analysis. The website demonstrates a mature digital presence with a modern tech stack including JavaScript ES modules, Ruby on Rails backend indications, and CDN hosting via Amazon Cloudfront. Analytics tools like Google Analytics and Parsely are used for user engagement tracking. Security posture is strong with HTTPS enforced and CSRF protections in place, though explicit security headers and cookie consent mechanisms could be improved. WHOIS data is unavailable due to query failure, but the website's professionalism and nonprofit status support its legitimacy. Overall, the site is well-designed, content-rich, and trustworthy for its audience.