Security Directory

Oblastná organizácia cestovného ruchu Žitný ostrov – Csallóköz is a regional tourism organization focused on promoting and developing tourism in the Žitný ostrov area of Slovakia. The organization supports cultural, social, and sports events, manages tourist information centers, and facilitates local transport connecting attractions. The website reflects a well-structured and professionally designed platform targeting tourists and local visitors interested in the region. Technically, the site uses a mix of modern and legacy technologies, including jQuery 1.11.3, Swiper.js, and Google Analytics, hosted on Websupport with DNSSEC enabled and HTTPS enforced, indicating a secure and reliable infrastructure. Security posture is generally good, though improvements are recommended in security headers and updating legacy libraries. Privacy compliance is partial, with a cookie consent mechanism present but no visible privacy policy or terms of service. Overall, the website is trustworthy and credible, supported by consistent WHOIS data and official partnerships.

B

Baťův kanál | unikátní vodní cesta jižní Moravou

batacanal.cz

51

Baťův kanál is a tourism-focused website promoting a historic waterway in the Czech Republic, offering boat trips, rentals, and related services. The site targets tourists and boating enthusiasts in the region, providing rich content and multiple service offerings. Technically, the site uses a traditional tech stack including jQuery and Bootstrap, with modern security practices such as HTTPS and security headers. However, the WHOIS data is unavailable, limiting domain trust verification. Privacy and terms policies are not explicitly found, though cookie consent is implemented. Overall, the site is professional and secure but could improve transparency and update some technologies.

C

Clearmont, spol. s r.o.

zavirace.cz

57

Zavirace.cz is a Czech Republic based e-commerce retailer specializing in door hardware products such as door closers, door strips, door fittings, and panic hardware. The company operates as an authorized reseller of high-quality German brands Dormakaba and Geze, targeting manufacturers, developers, locksmith companies, housing cooperatives, and end customers. The website demonstrates a professional digital presence with clear product offerings, contact information, and customer support channels. Technically, the site is built on the Shoptet CMS platform, utilizing common web technologies including jQuery, Google Analytics, and Facebook SDK for marketing and analytics. Security posture is generally good with HTTPS enforced and cookie consent implemented, though some security headers are missing and the jQuery version is outdated. The absence of WHOIS registration data reduces transparency and slightly impacts trustworthiness. Overall, the site is well-structured, user-friendly, and compliant with privacy regulations, serving a niche retail market effectively.

BENCOLOR.CZ is a Czech Republic-based e-commerce business specializing in the sale of paints, automotive refinishing products, protective work equipment, and related accessories. The website offers a broad catalog of products including spray guns, polishing compounds, masking tapes, and industrial coatings, targeting both professional and retail customers in the automotive and household paint sectors. The business model is primarily online retail with a niche focus on automotive and industrial paint supplies. The company maintains a professional online presence with clear navigation and categorized product offerings.

Y

YATE

yate.cz

40

YATE is a well-established Czech brand specializing in outdoor, camping, fitness, and archery equipment, with over 30 years of market presence. The company operates both a physical store and an e-commerce platform, manufacturing some products and distributing several partner brands. Their website is professionally designed, mobile-optimized, and provides a good user experience with clear navigation and comprehensive product offerings. Technically, the site uses a modern e-commerce platform (Shoptet) and integrates multiple analytics and marketing tools with user consent mechanisms, reflecting a mature digital infrastructure. Security posture is solid with HTTPS and CSRF protections, though some security headers could be improved. The absence of WHOIS data is a notable gap, slightly impacting trustworthiness but not detracting from the overall legitimacy of the business. Strategic recommendations include enhancing security headers, maintaining up-to-date libraries, and verifying domain registration details.

C

Ľudovo-Umelecké Čičmany | cicmany.net

cicmany.net

48

The website cicmany.net represents a small local business focused on traditional Slovak folk art, retail of handmade products, hospitality services including a restaurant and accommodation, and an online shop via a partner domain. The business targets tourists and visitors interested in cultural and artisanal experiences in the Čičmany region. The website is well-structured with good content quality and user experience, featuring clear navigation and mobile optimization. Technically, it uses older but functional JavaScript libraries and includes Google Analytics for visitor tracking. Security posture is moderate with HTTPS assumed but lacking explicit security headers and privacy policies. The absence of WHOIS data for the domain raises concerns about domain legitimacy and registration consistency, which impacts overall trustworthiness. No adult or questionable content is present, making the site safe for general audiences.

P

pekne.net

pekne.net

47

pekne.net is a Slovak e-commerce website specializing in traditional woolen and linen clothing inspired by folk embroidery, targeting customers interested in authentic Slovak cultural garments. The site offers a range of products including knitted accessories, embroidered dresses, and gift packaging. The business operates in the retail sector with a niche market focus, maintaining consistent branding and a professional online presence. Technically, the website employs common web technologies such as jQuery, Font Awesome, and Google Analytics, but uses an outdated jQuery version which poses some security risks. The site is mobile optimized and SEO friendly with clear navigation and good content quality. Security posture is moderate; HTTPS is implied but no security headers were detected, and no explicit security or incident response policies are published. Privacy compliance is basic with GDPR-related policies and cookie consent implemented. Overall, the website is trustworthy for general audiences with no adult or questionable content detected.

MedaBarf is a Czech Republic-based e-commerce retailer specializing in premium BARF (Biologically Appropriate Raw Food) products for dogs and cats. The company offers a range of frozen and dry BARF products, supplements, and treats, targeting pet owners who seek high-quality, natural pet nutrition. The website is built on the Shoptet platform and employs standard web technologies including jQuery and Facebook SDK for marketing and tracking purposes. The site is well-structured with clear navigation, product information, and pricing, supporting a positive user experience. Security posture is adequate with HTTPS enforced and CSRF protections in place, though additional security headers and incident response information are lacking. Privacy and cookie policies are comprehensive and GDPR compliant, reflecting good privacy practices. However, the absence of WHOIS registrant data limits domain trust verification. Overall, MedaBarf presents a professional and trustworthy online presence within its niche market.

P

Proteinové tyčinky pro psy

psiprotein.cz

57

Proteinové tyčinky pro psy is a Czech small business specializing in manufacturing and selling high-quality protein bars for dogs. Their products are handmade in South Bohemia using natural ingredients without chemicals or additives, targeting dog owners who value healthy and natural pet treats. The website is built on the Shoptet e-commerce platform, featuring a professional design, clear navigation, and multi-language support (Czech and English). The company maintains active social media profiles on Instagram and Facebook, enhancing customer engagement and trust. Technically, the website uses a mix of legacy and modern technologies including jQuery 1.11.3, Google Analytics GA4, Facebook SDK, and payment integration via GoPay. While the site is mobile-optimized and accessible, the use of an outdated jQuery version poses a security risk. Security best practices such as HTTPS, CSRF tokens, and cookie consent are implemented, but some security headers are not explicitly detected. Privacy compliance is basic, with a cookie consent mechanism present but no clear privacy policy page found. The WHOIS data is unavailable, indicating domain privacy protection, which is common for small businesses. No signs of malicious activity or suspicious domains were found. Overall, the site is trustworthy and professionally maintained but could improve security and privacy transparency. Strategic recommendations include upgrading outdated libraries, publishing a comprehensive privacy policy, enhancing security headers, and formalizing incident response information to strengthen compliance and customer trust.

C

Contipro a.s.

contiproshop.cz

54

Geloren.cz is the official e-commerce website for Geloren, a brand of joint supplements and veterinary products produced by Contipro a.s., a Czech biotechnology company established in 1990. The company is a leading global manufacturer of hyaluronic acid used in cosmetics and pharmaceuticals. The website targets consumers seeking health supplements for humans and animals, offering direct online sales with clear product information and customer support. The site is professionally designed, mobile-optimized, and includes comprehensive privacy and cookie policies, reflecting a mature digital presence. Technically, the website leverages the Shoptet e-commerce platform with common web technologies such as jQuery, Bootstrap, and Slick Carousel. It integrates multiple tracking and advertising services including Google Analytics, Facebook Pixel, and Adform, with user consent mechanisms in place. The site enforces HTTPS and uses CSRF tokens for form security but lacks explicit security headers, which could be improved. No WHOIS data was retrievable, which slightly impacts trust but the website content and contact details support legitimacy. Security posture is generally good with encrypted connections and secure form handling, though the absence of security headers and incident response contacts are areas for enhancement. Privacy compliance is strong with accessible policies and cookie consent. Overall, the website presents a trustworthy and professional front for Contipro's Geloren products, suitable for its target market. Strategic recommendations include implementing additional security headers, publishing incident response information, and ensuring WHOIS data transparency to enhance trust. Regular updates to third-party libraries and continued adherence to privacy regulations will further strengthen the site's security and compliance.

C

CityChangers

citychangers.eu

45

CityChangers is a Czech-based non-profit initiative focused on improving urban mobility and transportation planning through community engagement and sharing best practices. The platform connects citizens with city leadership to foster projects such as cycling infrastructure, school streets, and sustainable logistics. Supported by European Union funding, the initiative targets local governments, civic groups, and the general public interested in urban development. Technically, the website employs common web technologies including jQuery, Bootstrap, and Google services, with a moderate performance and good mobile optimization. Security posture is solid with HTTPS and reCAPTCHA usage, though some improvements like security headers and updated libraries are recommended. Privacy compliance is well addressed with cookie consent and a privacy policy in Czech. Overall, the site is professional, trustworthy, and serves its community-oriented mission effectively.

C

Cyklovize 2030

stavbycyklo.cz

43

Cyklovize 2030 is a Czech Republic based project focused on promoting healthy, affordable, and ecological transportation through cycling infrastructure development. The website serves as a national platform to encourage cycling as a daily transport mode, targeting city residents, families, and local governments. Supported by the Czech Insurance Bureau's Damage Prevention Fund, it positions itself as a key advocate for safer cycling networks. Technically, the site uses a traditional web stack including jQuery, Bootstrap, and Google Fonts, with moderate performance and good mobile optimization. Security-wise, HTTPS is implemented and cookie consent mechanisms are in place, but the use of an outdated jQuery version and lack of security headers present risks. The absence of a privacy policy and WHOIS data limits full trust assessment. Overall, the site is professional and trustworthy but would benefit from technical and compliance improvements.

P

Partnerství pro městskou mobilitu z. s.

dobramesta.cz

45

Partnerství pro městskou mobilitu z. s. is a Czech non-profit organization dedicated to promoting urban mobility, cycling, and sustainable transport solutions. The website serves as an information hub for municipalities, non-profit sectors, and stakeholders interested in urban mobility projects, education, and advocacy. It features news, events, project descriptions, and educational resources, positioning the organization as a key player in the Czech urban mobility landscape. Technically, the website employs a custom CMS with a technology stack including jQuery, Bootstrap, and various JavaScript libraries for UI and interactivity. It integrates Google Analytics for visitor tracking and Google reCAPTCHA for form security. The site is mobile-optimized and uses HTTPS with a good SSL configuration, although some libraries like jQuery are outdated, which could pose security risks. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers and explicit contact information for security or incident response. The absence of WHOIS data due to privacy protection reduces transparency but is justified for a non-profit entity. No vulnerabilities or malicious content were detected. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively. Strategic improvements in security headers, updating libraries, and publishing security policies would enhance its security posture and trustworthiness.

V

Vinotéka Kurdějov

vinotekakurdejov.cz

50

Vinotéka Kurdějov operates a professional e-commerce platform focused on selling wines from the Kurdějov terroir and surrounding regions. The business also offers complementary services such as wine courses, corporate services, and event hosting at associated venues like Art Wine Hall and Hotel Kurdějov. The website is well-structured, with clear navigation and product categorization, targeting adult consumers interested in quality regional wines. Technically, the site leverages the Shoptet e-commerce platform with standard web technologies including jQuery, Google Analytics, and Facebook SDK. Security posture is solid with HTTPS enforcement and CSRF protections, though some improvements in security headers and library updates are recommended. Privacy compliance is evident through cookie consent mechanisms and a privacy policy page. However, the absence of WHOIS data limits domain trust assessment. Overall, the site presents a trustworthy and professional online presence with moderate technical maturity and good compliance practices.

W

WELDPOINT

weldpoint.cz

59

WELDPOINT.cz is a Czech Republic-based e-commerce platform specializing in professional and hobby welding equipment, including welding machines, torches, cutting tools, and protective gear. The website targets both businesses and individual hobbyists, offering a broad product range with exclusive brands and authorized service. The platform is built on the Shoptet CMS, integrating various modern web technologies such as jQuery, Google Analytics, Facebook SDK, and parcel point services, indicating a moderate to advanced digital maturity. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though there is room for improvement in security headers and explicit incident response policies. The absence of WHOIS data reduces transparency but does not detract significantly from the professional presentation and trust signals on the site. Overall, the site is well-structured, GDPR compliant, and provides a good user experience with clear navigation and relevant content.

LABYRINT & RAKETA operates an e-commerce website specializing in books and magazines, primarily targeting children and educational audiences in the Czech Republic. The site offers a variety of products including subscriptions and individual issues, leveraging the Shoptet e-commerce platform. The business appears to be a small-sized niche player with a consistent brand presence and a focus on quality content for families and educators. Technically, the website uses a mature but somewhat dated technology stack including jQuery 1.11.3 and jQuery UI 1.8.24, integrated with Facebook SDK and Google Analytics GA4 for marketing and analytics. The site is mobile optimized and includes standard SEO and accessibility features, though some improvements could be made in updating libraries and enhancing accessibility. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, with cookie consent mechanisms in place for GDPR compliance. However, explicit security headers are not confirmed, and the use of older JavaScript libraries may pose some risk. The absence of WHOIS data for the domain is a notable concern for transparency and trust, although the website content and contact information suggest a legitimate business. Overall, the website presents a professional and trustworthy front for its niche market, but the lack of WHOIS transparency and some technical debt in the technology stack suggest areas for improvement. Strategic recommendations include updating JavaScript libraries, explicitly implementing security headers, and clarifying domain registration information to enhance trust.

D

Data Protected

kottke.org

58

kottke.org is a long-established independent media blog focused on curated hypertext content, culture, art, and technology. It operates a membership model supported by Memberful and affiliate marketing. The site is hosted by Arcustech and uses Cloudflare DNS. Technically, it employs a custom CMS with legacy jQuery and modern JavaScript libraries for enhanced user experience. Security posture is good with HTTPS and security headers, though DNSSEC is not enabled and privacy compliance is incomplete due to missing policies. The site is accessible without WAF blocking and contains safe, general audience content.

G

gamehouse.cz

gamehouse.cz

54

Gamehouse.cz is a Czech Republic based e-commerce retailer specializing in video games, toys, and IT components. The website targets gamers, toy buyers, and tech enthusiasts primarily in the Czech market. It offers a broad product catalog including consoles, games, accessories, and related merchandise. The business model is retail-focused with additional services such as authorized repairs and personal pickup locations. The site demonstrates a consistent brand presence and customer trust with over 25 years of experience claimed. Technically, the site is built on the Shoptet CMS platform, leveraging modern web technologies including jQuery, Google Analytics 4, Google Tag Manager, and Facebook SDK for marketing and analytics. The site is mobile optimized and provides a good user experience with clear navigation and professional design. Security posture is strong with HTTPS enforced, CSRF protection on forms, and standard security headers. However, no explicit security or incident response policies are published, which could be improved. Privacy compliance is addressed with cookie consent mechanisms and a privacy policy page in Czech. The absence of WHOIS data is a concern for domain legitimacy and reduces trust scores, but the website content and business operations appear legitimate and professional. Overall, the site is a well-maintained e-commerce platform with moderate to good security and privacy practices, serving a local Czech audience effectively.

U

USM Events Pty Ltd

runawaysydneyhalf.com.au

61

USM Events Pty Ltd operates the HOKA Runaway Sydney Half Marathon, a well-established and popular half marathon event in Sydney with over 30 years of history. The website serves runners and enthusiasts by providing event details, registration links, fundraising opportunities, and rich multimedia content. The business holds a strong market position in the Australian running event sector, supported by reputable partners such as HOKA and Blue Dinosaur. The website demonstrates a good level of digital maturity with modern technologies including Bootstrap, jQuery, Google Tag Manager, and Facebook Pixel integrated for marketing and analytics purposes. Hosting and DNS services are provided via Cloudflare, enhancing performance and security. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though advanced security headers and explicit incident response contacts are absent. Privacy compliance is strong, linking to a comprehensive privacy policy hosted on Ironman.com. Overall, the site is professional, trustworthy, and well-optimized for its audience.

I

IRONMAN New Zealand Limited

aucklandmarathon.co.nz

65

The Auckland Marathon website represents IRONMAN New Zealand Limited's flagship running event, showcasing a well-established and reputable marathon with a history dating back to 2000. The site effectively targets runners and sports enthusiasts with detailed race information, multiple race options, and strong branding partnerships including Barfoot & Thompson and ASICS. The business model centers on event management, sponsorship, and merchandise sales, positioning itself as New Zealand's premier marathon event. Technically, the website employs a mature technology stack including SilverStripe CMS, Bootstrap, jQuery, and integrates marketing and analytics tools such as Google Tag Manager and Facebook Pixel. Hosting and DNS services leverage Cloudflare for performance and security. The site is mobile-optimized with good SEO practices, though some technical debt is noted with older jQuery versions and lack of DNSSEC. From a security perspective, the site enforces HTTPS and uses cookie consent mechanisms compliant with GDPR. However, it lacks some advanced security headers and does not publish a vulnerability disclosure or security policy. The absence of DNSSEC and use of older libraries present moderate risks. No critical vulnerabilities or exposed sensitive data were detected. Overall, the website is professional, trustworthy, and well-maintained with a strong business credibility score. Strategic improvements in security posture and transparency would further enhance trust and compliance.

UltraGuest is a niche technology service offering free customizable guestbooks for events such as weddings, sports teams, blogs, and websites. The service has been operational since 2003 and claims millions of users daily, positioning itself as a longstanding player in the guestbook service market. The website content is well structured with clear navigation and relevant information about features and usage, targeting individuals and groups seeking simple guestbook solutions. Technically, the site uses older but functional technologies including jQuery 1.11.3, Bootstrap 3.3.5, and a jFlow slider plugin, hosted with DNS services via Cloudflare and domain registration through Amazon Registrar. Performance and mobile optimization are basic but adequate for the service offered. Security posture is limited with no visible security headers or HTTPS enforcement information, and no privacy or cookie policies are present, indicating compliance gaps. No contact information or social media presence is provided, which limits business credibility and user trust. Overall, the site is functional and trustworthy but would benefit from modernization and improved security and privacy practices.

PCBWay is a China-based PCB prototype and fabrication manufacturer offering a comprehensive suite of services including PCB prototyping, assembly, flexible and rigid-flex PCBs, CNC machining, and 3D printing. The company targets electronics engineers, OEMs, and hardware developers globally, positioning itself as a competitive and reliable provider with fast turnaround times and direct manufacturer pricing. The website reflects a mature digital presence with interactive quoting forms, live chat support, and detailed product information. Technically, the site uses established JavaScript libraries and is served over HTTPS, ensuring secure communication. However, the absence of WHOIS data and some missing security headers slightly reduce the overall trust score. The site demonstrates good privacy compliance with visible privacy and cookie policies and offers multiple contact channels for customer support. Overall, PCBWay presents a professional and trustworthy online platform for PCB manufacturing services.

U

United States Senate

senate.gov

70

The United States Senate official website serves as a comprehensive informational portal for legislative activities, senator contacts, committee schedules, and historical archives. It targets U.S. citizens, government officials, researchers, and the general public seeking authoritative Senate information. The site is positioned as the primary official source for Senate-related content, offering extensive resources and public disclosures. Technically, the website employs a traditional web stack with jQuery, custom sliders, and Adobe Dynamic Tag Management for analytics. The site is mobile-optimized with good accessibility and SEO practices, though performance is moderate. The absence of a modern CMS or advanced frameworks suggests a stable but somewhat dated technical infrastructure. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. However, it lacks visible security headers and published security policies, which are recommended for enhanced protection and transparency. Privacy compliance is partial, with a clear privacy policy but no cookie consent mechanism detected. Overall, the website is trustworthy and professional, reflecting its government entity status. Strategic improvements in security headers, privacy consent, and incident response disclosures would strengthen its security posture and compliance standing.

M

Mount Olive Software LLC

ctrl-c.club

46

Ctrl-C.club is a small, community-driven Linux server platform founded in 2014 and operated by Mount Olive Software LLC in the US. It offers free SSH and web hosting accounts to users interested in Linux, programming, and text-based internet protocols such as Gemini. The website serves a niche audience of enthusiasts and hobbyists, providing tools for web development, chat, gaming, and collaborative projects. The community is active with events like Webjam and various user-driven initiatives. Technically, the site uses older jQuery libraries and supports multiple platforms including SSH, IRC, and Gemini, but lacks modern CMS or frameworks. Security posture is moderate with no HTTPS enforcement or security headers detected, and privacy compliance is minimal due to absence of privacy and cookie policies. The domain registration is consistent and legitimate, supporting the site's credibility. Overall, the site is functional and trusted within its niche but would benefit from improved security and compliance measures.

djcbsoftware.oy is a small software consultancy based in Helsinki, Finland, specializing in Linux-based server and embedded software development. The company has a long-standing presence since 2000 and focuses on network/security, cryptographic services, and embedded devices such as music players, cameras, and microphones. The website reflects a niche technology consultancy with open-source software contributions, targeting developers and technology companies requiring embedded and server software expertise. Technically, the website uses older but stable technologies such as Bootstrap 3.3.5 and jQuery 1.11.3, with Google Analytics integrated for visitor tracking. The site is moderately optimized for mobile and accessibility but lacks modern SEO and performance enhancements. Security posture is basic; DNSSEC is enabled at the domain level, but no security headers or HTTPS enforcement details are visible in the HTML content. Privacy and cookie policies are absent, and no direct contact emails or phone numbers are provided, limiting transparency. Overall, the site is functional and professional but would benefit from improved security and privacy compliance measures.

Chicken Farmers of Ontario operates a secure login portal primarily serving chicken farmers and stakeholders within Ontario's agricultural sector. The website functions as a member access point with support services such as password reset and a dedicated support hotline. The organization is positioned as a provincial regulatory body with a medium-sized operational footprint, founded in 2013. The website's technical infrastructure includes legacy technologies such as jQuery 1.11.3 and integrates Google Analytics for user tracking. While the site employs some security best practices like password hashing and domain transfer prohibitions, it lacks modern security headers, DNSSEC, and visible HTTPS enforcement, which are critical for protecting user data and ensuring compliance.

The website smlog.co.kr represents 주식회사 스퀘어스, a South Korean technology company specializing in ad fraud prevention solutions and marketing analytics. Established in 2011, the company positions itself as a market leader with over 13 years of experience, offering services such as real-time ad fraud detection, automated bidding solutions, and integrated ad management tools. The site targets online advertisers and marketing professionals seeking to optimize ad spend and prevent invalid clicks. Technically, the website employs a modern tech stack including Bootstrap, jQuery, Google Tag Manager, and multiple analytics platforms, ensuring a responsive and user-friendly experience across devices. Security posture is solid with HTTPS enforced and domain registration consistent with company information, though some improvements in security headers and privacy compliance are recommended. Overall, the site is professional, trustworthy, and well-structured, supporting the company's business objectives effectively.

B

Betamagic

betamagic.nl

44

Betamagic is a small technology company specializing in developing sleek, intuitive, and powerful Mac and iOS applications. Their product portfolio includes News Explorer, Movie Explorer Pro, Download Buddy, and Core Data Lab, targeting Apple platform users who seek high-quality native applications. The company has established a niche market position with innovative offerings such as the world's first all Apple platform newsreader and a next-generation movie catalog app. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their audience. Technically, the website employs a traditional tech stack including HTML5, CSS3, Bootstrap 3, and jQuery 1.11.3. Hosting is provided by team.blue nl B.V., a reputable registrar and hosting provider. The site is moderately optimized for performance and mobile devices, with basic accessibility and good SEO practices. However, some modernization opportunities exist, such as updating jQuery and enhancing mobile responsiveness. From a security perspective, the website benefits from HTTPS and DNSSEC, indicating a secure domain and transport layer. Nonetheless, the absence of security headers and a cookie consent mechanism suggests room for improvement in security best practices and privacy compliance. No critical vulnerabilities or exposed sensitive data were detected. The WHOIS data aligns well with the business history, supporting legitimacy. Overall, Betamagic presents a trustworthy and professional online presence with a solid business foundation. Strategic enhancements in privacy compliance, security headers, and technology updates would further strengthen their security posture and user trust.

R

Regionalverband FrankfurtRheinMain

klimaenergie-frm.de

62

The Klima-Energie-Portal is a regional public sector website operated by the Regionalverband FrankfurtRheinMain, providing comprehensive information, data, and interactive maps related to climate, energy, and sustainability in the FrankfurtRheinMain region. It serves residents, municipalities, and stakeholders interested in regional climate initiatives and energy projects. The portal offers detailed content on regional energy concepts, climate change impacts, and sustainability activities, positioning itself as an authoritative regional resource. Technically, the website is built on the IKISS CMS framework, utilizing jQuery, Flexslider, and Slicknav for UI components. The site is moderately performant with good mobile optimization and accessibility features. SEO practices are well implemented with comprehensive metadata and Open Graph tags. The site employs a cookie consent mechanism and uses Matomo analytics, indicating a privacy-conscious approach. From a security perspective, the site uses HTTPS and has no visible critical vulnerabilities or exposed sensitive data. However, it lacks explicit security headers and documented security policies. The domain registration is consistent with the website's public sector nature, managed by Advantic GmbH, the site designer, enhancing trustworthiness. Overall, the website is professional, trustworthy, and well-suited for its informational purpose. Strategic improvements in security headers and explicit incident response policies could further enhance its security posture.

R

Regionalverband FrankfurtRheinMain

region-frankfurt.de

66

The Regionalverband FrankfurtRheinMain website serves as the official regional government portal for the FrankfurtRheinMain metropolitan area in Germany. It provides comprehensive information and services related to regional planning, mobility, climate and energy initiatives, sustainability, digitalization, and workforce development. The site targets local citizens, municipalities, businesses, and stakeholders interested in regional development and public services. The business model is that of a public administration entity focused on regional coordination and information dissemination. Technically, the website employs a mature but somewhat dated technology stack including jQuery 1.11.3, jQuery UI, Flexslider, and Slicknav, running on the ikiss CMS platform. The site is mobile-optimized, accessible, and SEO-friendly with proper metadata and structured navigation. Performance is moderate, with room for modernization especially in updating JavaScript libraries. From a security perspective, the site enforces HTTPS and implements a cookie consent mechanism aligned with GDPR requirements. However, it lacks explicit security headers and a vulnerability disclosure policy. No exposed sensitive data or vulnerabilities were detected in the HTML content. The WHOIS data aligns well with the website's governmental nature, showing consistent registration and no privacy protection, enhancing trustworthiness. Overall, the website is professional, trustworthy, and compliant with privacy regulations, though it could improve security posture by adding security headers and updating legacy libraries. The absence of direct contact information and terms of service pages is noted but typical for government portals. The site is safe for general audiences with no adult or questionable content.

K

kugelmann Maschinenbau e.K.

kugelmann.com

61

kugelmann Maschinenbau e.K. is a family-owned German manufacturer specializing in municipal technology machinery, particularly winter service equipment such as snow plows and spreaders. The company targets municipalities and winter service operators, offering a range of specialized machines with a strong regional presence in Germany and the Alpine region. The website reflects a professional and consistent brand image with good content quality and clear navigation, though it lacks advanced SEO and accessibility features. Technically, the website uses legacy JavaScript libraries like jQuery 1.11.3 and integrates Google reCAPTCHA for form security. While HTTPS is enforced, the absence of modern security headers and the use of outdated libraries present potential security risks. The site lacks cookie consent mechanisms and explicit privacy compliance indicators, which may expose it to GDPR compliance issues. From a security perspective, the site demonstrates basic best practices such as HTTPS and CAPTCHA usage but should update its tech stack and implement security headers to enhance protection. No incident response or vulnerability disclosure policies are published, limiting transparency in security management. Overall, the website is functional and trustworthy for its business domain but would benefit from technical modernization and improved privacy compliance to strengthen its security posture and regulatory adherence.

Kelvin Power Tools is a well-established UK-based specialist supplier of professional power tools and accessories, serving trade users since 1977. The company offers a wide range of top brands including Bosch, DeWalt, Festool, and Paslode, positioning itself as a trusted retailer in the construction and professional tools market. Their website reflects a mature e-commerce platform with a focus on customer service, free delivery, and product variety. Technically, the website employs a modern tech stack including Bootstrap, jQuery, and multiple analytics and tracking tools such as Google Analytics, Bing UET, and Smartlook. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. However, some security best practices like security headers and cookie consent mechanisms are missing, which could be improved. From a security perspective, the site uses HTTPS and integrates reCAPTCHA v3 for form protection, indicating a reasonable security posture. The absence of WHOIS data limits the ability to fully verify domain legitimacy, but the website content and trust signals such as Trusted Shops ratings and secure payment options support its credibility. Overall, Kelvin Power Tools presents a professional and trustworthy online presence with room for improvement in privacy compliance and security hardening. Strategic recommendations include implementing security headers, cookie consent, and publishing explicit security policies to enhance user trust and regulatory compliance.

RCE Medien GmbH & Co. KG is a German media company specializing in event data processing and publication solutions, serving municipalities, medium-sized businesses, tourism associations, and publishing houses. With approximately 30 years of market presence, it positions itself as the largest event data center in the German-speaking region, offering a suite of products including RCE-Event, RCE-Freizeitplaner, and consulting services. The website reflects a professional business model focused on B2B services with a clear target audience in the public and media sectors. Technically, the website is built on the Contao Open Source CMS and employs several JavaScript libraries such as jQuery 1.11.3, Google Analytics, and Google Tag Manager. While the site is accessible and moderately optimized for mobile and SEO, it uses outdated libraries that may pose security risks. The site lacks advanced accessibility features and comprehensive SEO optimization. From a security perspective, the site uses HTTPS and anonymizes IPs in Google Analytics, but it lacks critical security headers and uses an outdated jQuery version with known vulnerabilities. There is no visible cookie consent mechanism or published security and incident response policies, indicating room for improvement in compliance and security posture. Overall, the website is functional and professional but would benefit from technical modernization, enhanced security practices, and improved privacy compliance to strengthen trust and reduce risk.

L

Landkreis Calw

kreis-calw.de

61

Landkreis Calw operates as a local government authority in Germany, providing a broad range of public services including administration, education, economic development, and cultural activities. The website serves residents and businesses in the Calw district with online services, contact information, and news updates. The site is well-structured and professionally designed, targeting a general audience with clear navigation and relevant content. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.3, alongside accessibility tools like ReadSpeaker, indicating moderate digital maturity. Security posture is adequate but could be improved by updating libraries and implementing security headers. Privacy compliance is well addressed with a cookie consent mechanism and a privacy policy, reflecting GDPR awareness. Overall, the site is trustworthy and functional, though some modernization and enhanced security practices are recommended.

P

Plus Hosting Grupa d.o.o.

parlametar.hr

53

Parlametar is a Croatian government-focused digital platform that provides detailed analysis and tracking of parliamentary activities, including voting records and speech transcripts of Croatian Parliament members. The platform targets citizens, journalists, and political analysts interested in transparent and accessible parliamentary data. It operates as an informational service with a specialized niche in political data visualization and analysis. Technically, the website employs a modern yet somewhat dated technology stack including Bootstrap 3 and jQuery 1.11.3, with performance and mobile optimization rated as good. Security posture is adequate with HTTPS enforced and no visible sensitive data exposure, but lacks some security headers and cookie consent mechanisms. The domain is registered with a reputable Slovenian hosting provider, consistent with the website's operational profile. Overall, the site is professional, trustworthy, and serves a clear public interest function.

O

OLIMEX LTD

olimex.com

60

OLIMEX LTD is a technology company specializing in the design and manufacture of open source hardware development boards, including products such as OLinuXino, Arduino-compatible boards, and other embedded system components. The company targets developers, engineers, and hobbyists interested in open source hardware and embedded systems. Their business model focuses on manufacturing and direct sales through their website, supported by community engagement via forums and documentation. The company has been operating since 1997, positioning itself as a niche player in the open source hardware market. Technically, the website is built on a custom content management system with usage of legacy JavaScript libraries like jQuery 1.11.3, and integrates modern analytics tools such as Google Tag Manager and Facebook Pixel. The site is served over HTTPS with a valid SSL certificate, providing a secure browsing experience. Mobile optimization and SEO are good, though accessibility features are basic. The website content is well-structured and professionally presented, with clear navigation and active news updates. From a security perspective, the site enforces HTTPS and uses secure form submission methods. However, it lacks important security headers and does not publish privacy or cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data for the domain raises some concerns about domain registration transparency, although the website content and social media presence support legitimacy. No vulnerability disclosure or incident response information is provided, limiting the site's security maturity. Overall, OLIMEX LTD's website is professional and trustworthy in terms of content and business credibility but requires improvements in privacy compliance, security best practices, and domain registration transparency to enhance its security posture and regulatory adherence.

Webmention Rocks! is a niche technical website providing a validator and test suite for the Webmention protocol, primarily targeting developers and implementers within the IndieWeb and web standards communities. The site offers a variety of tests for endpoint discovery, updates, deletes, and receiver functionality, and encourages users to submit implementation reports to the W3C. It is open source and hosted on Linode, with a domain registered in 2016 and privacy protection enabled. From a technical perspective, the website uses a classic web stack including jQuery 1.11.3 and Semantic UI for styling and interactivity. The site is moderately performant, mobile optimized, and has a clear navigation structure. However, accessibility and SEO optimizations are basic. No CMS is detected, indicating a custom or static site. Security posture is moderate; the domain uses clientTransferProhibited status to prevent unauthorized transfers but lacks DNSSEC and visible security headers. No privacy or cookie policies are present, and no contact information is provided for security incidents or general inquiries. There are no signs of vulnerabilities or malicious content, and the site content is safe for general audiences. Overall, the website is a credible and useful tool within its niche but would benefit from improved security practices, privacy compliance, and contact transparency to enhance trust and compliance.

VITON s.r.o. is a Czech manufacturer specializing in industrial coatings and surface treatment products for metals, wood, concrete, and other materials. The company holds ISO 9001 certification and has a market presence of over 20 years, targeting industrial and construction sectors. Their product portfolio includes epoxyester paints, fire-retardant coatings, and protective lacquers, supported by a proprietary toning system vitocolormix®. The website reflects a professional business with clear contact information and product details, although some business history details like founding year are not explicitly stated. Technically, the website employs legacy JavaScript libraries such as jQuery 1.11.3 and jQuery UI, alongside modern tracking tools like Google Analytics and Facebook Pixel. The site is mobile-optimized with good navigation and SEO practices but lacks advanced accessibility features. Security practices include HTTPS usage and client-side form validation, but the absence of security headers and outdated libraries present potential risks. Security posture is moderate; no critical vulnerabilities are evident from the content, but the lack of privacy and cookie policies, combined with missing WHOIS registration data, reduces overall trust. Advertising and tracking scripts are present without explicit consent mechanisms, indicating privacy compliance gaps. The domain WHOIS data is unavailable, which raises concerns about domain legitimacy and registration status. Overall, the website is functional and business-focused but would benefit from improved security practices, updated technical stack, and enhanced privacy compliance to strengthen trust and regulatory adherence.

N

Nakup na Dobro

nakupnadobro.cz

56

Nakup na Dobro is a Czech Republic-based e-commerce business specializing in sustainable and meaningful gifts. The website offers a variety of eco-friendly products, including gift packages, food items, fashion, and household goods, targeting consumers interested in socially responsible shopping. The business positions itself as a niche leader in sustainable gifts within its regional market. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies such as JavaScript, jQuery, and integrates marketing and analytics tools like Google Analytics, Facebook SDK, and LinkedIn Insight Tag. The site demonstrates good digital maturity with responsive design and cookie consent mechanisms, reflecting GDPR compliance. Security posture is solid with HTTPS enforced and CSRF protections in forms, though some security headers are missing and some libraries are outdated, suggesting room for improvement. WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not detract significantly from the site's legitimacy. Overall, Nakup na Dobro presents a professional, trustworthy online retail presence with a focus on sustainability and social impact.

ITES RACING s.r.o. operates the website ites.cz, a Czech e-commerce platform specializing in slot car racing products and accessories. The company offers a range of products including slot cars in various scales, sets, track parts, accessories, and spare parts. The website targets hobbyists and enthusiasts of slot car racing, positioning itself as a niche market leader in the Czech Republic. The business model is retail-focused, leveraging an online storefront powered by the Shoptet e-commerce platform. Technically, the website employs a modern tech stack including jQuery, Google Analytics (GA4), Google Tag Manager, Facebook SDK, and Smartsupp Chat for customer interaction. The site is well-structured with good SEO and mobile optimization, though accessibility features are basic. Performance is moderate, with CDN usage for static assets. The site uses HTTPS with good SSL configuration and standard security headers, though some headers like Content-Security-Policy are not confirmed. From a security perspective, the site demonstrates good practices such as HTTPS enforcement, CSRF protection on login forms, and cookie consent mechanisms aligned with GDPR. However, there is no published security policy or incident response contact information, and no vulnerability disclosure or security.txt file is found. The WHOIS data for the domain is unavailable, which reduces trustworthiness and raises questions about domain registration legitimacy. Overall, the website is professional, trustworthy, and safe for general audiences. The lack of WHOIS data and absence of explicit security policies are notable gaps. Strategic recommendations include verifying domain registration, publishing security and incident response policies, implementing a security.txt file, and enhancing accessibility and security headers. These steps will improve trust, compliance, and security posture.

R

Radio Čas s.r.o.

pohodak.cz

57

Pohoďák.cz is an e-commerce website specializing in selling branded merchandise for media brands such as Radio Čas Rock, Radio Čas, and Televize Rebel. The site targets fans of these media outlets, offering a variety of products including clothing, accessories, and promotional items. The business operates primarily in the Czech Republic and leverages the Shoptet e-commerce platform for its online store. The website is professionally designed with clear navigation and good content quality, catering well to its niche audience. Technically, the site uses standard web technologies including jQuery, Google Tag Manager, and Facebook SDK, with a moderate performance profile and good mobile optimization. Security practices include HTTPS enforcement and cookie consent mechanisms, though some security headers are missing and the jQuery version is outdated. The absence of WHOIS data reduces domain transparency and trust slightly, but the overall business presentation is credible and professional. Privacy policies and terms of service are present and comprehensive, supporting GDPR compliance. No adult or explicit content is present, making the site safe for general audiences.

K

Kliping d.o.o.

kliping.si

53

Kliping d.o.o. is an established international media monitoring and analysis agency founded in 2002, headquartered in Slovenia with subsidiaries across the Adriatic region. The company specializes in tracking classical and digital media, providing clients with timely media analyses, insights, and strategic recommendations. Their services include monitoring, analysis, planning, and mobile applications tailored for business intelligence and media presence evaluation. The website reflects a professional and consistent brand image with clear navigation and relevant content targeting businesses requiring media intelligence services. Technically, the site is built on Contao CMS and leverages modern JavaScript libraries and Google Analytics for tracking, with a cookie consent mechanism ensuring GDPR compliance. Security posture is solid with HTTPS enforced and anonymized analytics, though some security headers and explicit security policies are absent. Overall, the domain age and WHOIS data support the legitimacy of the business, with no suspicious indicators detected.

D

DEMISPORT

demisport.cz

55

DEMISPORT operates an e-commerce platform specializing in sports and football equipment, primarily targeting teams and referees in the Czech Republic. The website offers custom printed football jerseys and a wide range of sports apparel suitable for different seasons. The business appears to be a small regional player with a focused niche in sports retail. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies such as jQuery, Bootstrap, and Google Tag Manager. The site is mobile optimized and includes standard SEO and accessibility features, though some accessibility aspects could be improved. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks some recommended security headers and uses an outdated JavaScript library, which could pose risks. The absence of WHOIS data reduces domain trustworthiness, but the website content and contact information suggest a legitimate business. Overall, the site is professional and functional with moderate risk due to missing WHOIS transparency and minor technical security gaps.

R

Rehasport

rehasport.cz

58

Rehasport.cz is a Czech Republic-based e-commerce platform specializing in rehabilitation and sports medicine products. The website offers a wide range of products from well-known brands such as Thera-Band, Mueller Sports Medicine, and Temtex, targeting both consumers and professionals in the healthcare and fitness sectors. The platform supports over 10,000 pickup locations, indicating a strong market presence and distribution network. Technically, the website is built on the Shoptet e-commerce platform, utilizing common web technologies including jQuery, Google Analytics, and Facebook SDK for marketing and analytics purposes. The site is mobile-optimized with good navigation and content quality, providing a professional user experience. Security-wise, the site enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security policy and incident response contact information, which could be improved. WHOIS data is not publicly available, likely due to privacy protection, which slightly impacts trust but is common for e-commerce businesses. Overall, the website is legitimate, professional, and secure with room for enhanced transparency and security documentation.

Dětská hřiště is a Czech-based e-commerce retailer specializing in children's playground equipment, including complete playgrounds, modules, and accessories. The website targets parents and municipalities looking for quality, safe, and entertaining playground solutions. The business appears established with over 15 years of experience and a solid customer base. Technically, the site is built on the Shoptet platform, leveraging common web technologies such as jQuery, Google Analytics, and Facebook SDK. The site is mobile-optimized with good navigation and content quality. Security posture is adequate with HTTPS enabled and secure login forms, though some improvements like adding security headers and updating libraries are recommended. Privacy and cookie policies are present and GDPR compliant. The absence of WHOIS data limits domain trust assessment, but the website content and business presence suggest legitimacy.

Oase-Filtrace.cz is a specialized e-commerce retailer focused on water garden and aquarium products, including filtration systems, pumps, and accessories. The website targets garden owners and pond enthusiasts primarily in the Czech Republic. The business model centers on online retail with additional customer support and services such as OASE servicing and training. The site demonstrates a good level of content quality, clear navigation, and consistent branding, supporting a positive market position within its niche. Technically, the website is built on the Shoptet e-commerce platform, utilizing jQuery 1.11.3, Google Analytics (GA4), and Facebook SDK for tracking and marketing. The site is mobile-optimized with good SEO practices and basic accessibility features. Performance is moderate, with room for improvement in modernizing the tech stack and enhancing security headers. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, indicating a baseline security posture. However, the absence of advanced security headers and the use of an outdated jQuery version present potential vulnerabilities. No explicit security or incident response policies are published, which could be improved to enhance trust and compliance. Overall, the website is professional and trustworthy in appearance and function, but the lack of WHOIS data and domain registration details reduces the domain's trustworthiness score. Strategic improvements in security practices and transparency would strengthen the site's risk profile and business credibility.

Dětská hřiště JungleGym is a Czech-based e-commerce retailer specializing in children's playground equipment including slides, playhouses, and swings. The company emphasizes quality, safety, and professional installation services, leveraging over 15 years of experience and Dutch quality standards. Their website is built on the Shoptet platform, featuring a well-structured catalog, customer reviews, and clear contact information. Technically, the site uses standard web technologies such as jQuery and integrates Google Analytics and Facebook SDK for marketing and analytics purposes. Security posture is generally good with HTTPS enforced and cookie consent implemented, though there is room for improvement in security headers and updating legacy libraries. The absence of WHOIS data reduces domain trustworthiness, but the professional presentation and transparent contact details mitigate concerns. Overall, the website is suitable for families and customers seeking reliable children's playground products.

T

Teas spol. s r.o.

skladovevozy.cz

51

Skladovevozy.cz is an established Czech online marketplace specializing in the sale of new, demo, and reference vehicles from authorized dealers across the Czech Republic. The platform offers a wide range of vehicle brands and models, targeting consumers and businesses seeking stock vehicles with minimal mileage. The business is operated by Teas spol. s r.o., a company founded in 2011, with a clear presence and legitimacy supported by consistent WHOIS data and company registration details. Technically, the website employs a custom-built platform using jQuery and other JavaScript libraries, integrates Google Analytics for tracking, and uses CookieFirst for GDPR-compliant cookie consent management. The site is served over HTTPS, ensuring secure data transmission. Security posture is moderate with room for improvement in security headers and updated libraries. Privacy compliance is supported by a cookie consent banner and a basic user rules PDF document. Overall, the website presents a professional and trustworthy front for its niche automotive market.

G

Good Sailors s.r.o.

ceskeparky.cz

58

The website ceskeparky.cz operates as an e-commerce platform focused on selling souvenirs that support Czech national parks and ecological projects. The business is run by Good Sailors s.r.o. and collaborates with national parks and environmental organizations, including endorsement by the Czech Ministry of Environment. The platform targets eco-conscious consumers and visitors to Czech natural reserves, offering products such as clothing, books, and accessories with nature-inspired motifs. The business model integrates charitable contributions from sales proceeds to support conservation efforts. Technically, the website is built on the Shoptet e-commerce platform, utilizing technologies such as jQuery 1.11.3, Google Analytics, and Facebook SDK for tracking and marketing. The site is mobile-optimized, accessible, and SEO-friendly with proper metadata and structured content. Performance is moderate, with room for improvement in updating legacy libraries. From a security perspective, the site enforces HTTPS and uses CSRF tokens in forms, with a cookie consent mechanism compliant with GDPR. However, no explicit security headers were detected, and the WHOIS data is missing, which reduces transparency and trust. No vulnerabilities or malware were found, and the site maintains a good security posture overall. Overall, the website presents a professional and trustworthy front for a niche retail business with a strong social and environmental mission. Strategic improvements in security headers, WHOIS transparency, and technology updates would enhance its security and credibility further.

I

Instituto Nacional de Estatística (Statistics Portugal)

ine.pt

73

Instituto Nacional de Estatística (Statistics Portugal) is the official national statistics authority of Portugal, providing comprehensive statistical data, publications, and demographic, economic, and social indicators. The website serves a broad audience including researchers, policymakers, government entities, and the general public. It operates as a governmental public service with a strong market position as the primary source of official statistics in Portugal. Key services include data dissemination, interactive applications, microdata access, and thematic studies. The site is well-branded, consistent, and includes trust signals such as ISO certifications and GDPR compliance. Technically, the website uses a mature but somewhat dated technology stack including jQuery 1.11.3 and Bootstrap 3.x, with custom scripts and Matomo analytics for user tracking. The site is mobile optimized, accessible, and SEO friendly, though some modernization opportunities exist. Performance is moderate, and the hosting provider is not explicitly identified. Security posture is strong with HTTPS enforced and ISO 27001 certification, but lacks explicit HTTP security headers and a published vulnerability disclosure policy. Overall, the security posture is robust with good privacy compliance and business credibility. No critical vulnerabilities or blocking mechanisms were detected. The domain WHOIS data aligns perfectly with the official entity, confirming legitimacy. The site includes cookie consent mechanisms and a comprehensive privacy policy, supporting GDPR compliance. Social media presence and multiple trusted external links enhance credibility and user engagement. The website is safe for general audiences, with no adult or questionable content. Recommendations include implementing security headers, publishing a security.txt file, and providing explicit incident response contacts to further enhance security and transparency.