Security Directory

M

Mulhouse

mulhousecestvous.fr

66

Mulhouse C'est Vous is a French local government participatory platform operated by the Ville de Mulhouse, designed to facilitate citizen engagement, project collaboration, and community participation. The platform offers a variety of services including project proposals, consultations, event calendars, and newsletters targeting citizens, associations, municipal agents, and institutions within Mulhouse. The website is well-established since 2015 and maintains a consistent brand and professional content quality. Technically, it leverages modern web technologies such as React, Bootstrap, and Google APIs, integrated within a Symfony-based backend and the Cap Collectif participatory platform framework. Security posture is solid with HTTPS enforcement, CAPTCHA protection, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is strong with comprehensive GDPR-aligned policies and a named Data Protection Officer. Overall, the site is trustworthy, well-maintained, and serves its public sector mission effectively.

F

France Travail

pole-emploi.fr

57

France Travail is a French governmental employment platform providing a comprehensive range of services including job offer searches, allocation and aid estimations, online registration for job seekers, and dedicated employer services. The website is well-branded, professionally designed, and targets job seekers and employers across France. It serves as a national public employment service with a large user base and extensive content offerings. Technically, the site uses modern web technologies including JavaScript frameworks, Dynatrace monitoring, and Piano Analytics for performance and user behavior tracking. The site is mobile-optimized and accessible, with good SEO practices. Security posture is strong with HTTPS enforced and secure form practices, though explicit security headers and incident response information are not visible. Privacy and cookie policies are comprehensive and GDPR compliant. Overall, the site is trustworthy and safe, with no suspicious or adult content detected.

S

Santé publique France

santepubliquefrance.fr

57

Santé publique France is the official French national public health agency, providing authoritative information, surveillance, and prevention services related to public health. The website serves a broad audience including the general public, healthcare professionals, and policymakers. It is positioned as a key government institution in the healthcare sector in France, offering publications, studies, and health data. Technically, the site uses modern JavaScript libraries, Google reCAPTCHA for bot protection, and New Relic for performance monitoring, indicating a moderate level of digital maturity. The site is mobile-optimized and uses HTTPS, but lacks some advanced security headers and explicit privacy policy documentation in the provided content. Security posture is good with no evident vulnerabilities, but could be improved with better security headers and published incident response information. Overall, the site is trustworthy and professional, with a strong business credibility as a government entity.

I

Institut national de l’information géographique et forestière

ign.fr

61

The Institut national de l’information géographique et forestière (IGN) is a French government entity specializing in the production and dissemination of geographic and forestry data. The website serves a diverse audience including individuals, professionals, public policy actors, educators, and students. It offers a comprehensive range of cartographic services, data access, and applications, positioning itself as the authoritative national geographic data provider in France. The business model is public service-oriented, focusing on data accessibility and support for various user needs. Technically, the website is built on Drupal 10, leveraging modern web technologies such as JavaScript and CSS, with good mobile optimization and accessibility features. The site demonstrates moderate performance and good SEO practices. Security posture is strong with HTTPS enforced and appropriate security headers, although there is room for improvement in publishing explicit security policies and incident response information. Overall, the website is professional, trustworthy, and compliant with privacy regulations including GDPR. The lack of publicly available WHOIS data is typical for .fr domains and does not detract from the legitimacy of the site. The presence of official contact information, social media channels, and comprehensive policies further enhance credibility. Strategic recommendations include enhancing security transparency and formalizing vulnerability disclosure mechanisms.

A

Assistance publique - Hôpitaux de Paris (AP-HP)

aphp.fr

66

Assistance publique - Hôpitaux de Paris (AP-HP) is the largest public healthcare institution in Europe, operating 38 hospitals and serving millions of patients annually. The website provides comprehensive information on patient care, research, education, and innovation, targeting patients, healthcare professionals, researchers, and partners. The digital infrastructure is built on Drupal CMS with modern web technologies, ensuring good performance, accessibility, and mobile optimization. Security posture is strong with HTTPS, security headers, and cookie consent mechanisms, although explicit security policies and incident response details are not publicly available. WHOIS data is missing, which is unusual but likely due to AFNIC policies or privacy protection, not indicating malicious intent. Overall, the website is professional, trustworthy, and compliant with GDPR.

The website 'Produire bio en Bretagne' serves as an informational and support platform dedicated to organic farming in the Brittany region of France. Operated by FRAB, it provides educational content, technical resources, testimonials, and event information to assist farmers considering or undergoing conversion to organic agriculture. The site is positioned as a regional authoritative resource with a clear focus on organic agriculture principles and practices. Technically, the website is built on WordPress using the Total theme and Visual Composer, with integrations such as Google Analytics and Revolution Slider. Hosting is provided by OVH, a reputable provider, and the domain registration is consistent with the business's history and location. Security posture is adequate with HTTPS enforced and some privacy considerations, though there is room for improvement in implementing security headers and explicit cookie consent mechanisms. Overall, the site is professional, well-branded, and trustworthy, targeting agricultural professionals and stakeholders in organic farming.

blackpills studio is a media production company specializing in the development, production, and international distribution of premium short-form series. The company positions itself as an international content producer with a focus on mobile and SVOD platforms, targeting a general audience interested in original series. The website reflects a small-sized media business founded in 2006, with consistent branding and a professional online presence hosted on the MyPortfolio platform and OVH infrastructure. Technically, the site uses modern web technologies including HTTPS, JavaScript, and Typekit fonts, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS and cookie consent mechanisms, but lacks advanced security headers and formal privacy or security policies. No contact information or detailed compliance documentation is present, which limits transparency and user trust. Overall, the site is functional and professional but could improve in privacy compliance and security best practices.

Smulders is a well-established multidisciplinary construction company specializing in the engineering, production, delivery, and assembly of heavy, technically complex steel structures, with a strong focus on offshore wind farm integration. Operating primarily in Belgium and neighboring countries, it serves industrial and energy sectors as a comprehensive EPC contractor. The company benefits from a large workforce and a reputable market position supported by its parent company, Eiffage. The website reflects a professional corporate identity with clear messaging and comprehensive service descriptions. Technically, the site uses modern web technologies including Google Tag Manager and Matomo Analytics, with good mobile optimization and SEO practices. Security posture is solid with HTTPS enforcement and cookie consent mechanisms, though some advanced security headers and explicit security policies are absent. Overall, the site is trustworthy, compliant with GDPR, and provides a positive user experience.

Y

Home | YOTTABE

yottabe.com

57

The website www.yottabe.com is hosted on the Wix platform and appears to be a small or new business site with minimal content and no clear business description or contact information. The lack of WHOIS registration data raises concerns about the domain's legitimacy and ownership. Technically, the site uses standard Wix scripts and polyfills but lacks advanced security configurations and privacy compliance features. The absence of privacy policies, cookie consent mechanisms, and contact details further diminishes trustworthiness. Overall, the site demonstrates a low level of digital maturity and security posture, with significant gaps in compliance and transparency.

S

Slovenská produkčná, a.s.

prezenu.sk

62

The website zenske.joj.sk is a Slovak lifestyle media portal targeting contemporary women with content focused on fashion, health, relationships, and entertainment. It is operated by Slovenská produkčná, a.s., a recognized media company in Slovakia. The site features a professional design, consistent branding, and a clear navigation structure that supports user engagement. The business model is primarily advertising-driven, leveraging multiple ad networks and analytics platforms integrated with a consent management system to comply with privacy regulations. Technically, the site uses modern JavaScript libraries and ad bidding frameworks, ensuring moderate performance and good mobile optimization. Security posture is solid with HTTPS enforced and standard security headers present, though explicit security and incident response policies are not published. Privacy compliance is supported by a visible cookie consent mechanism, but a dedicated privacy policy page was not found in the analyzed content. Overall, the domain registration data aligns well with the website's business claims, supporting high legitimacy and trustworthiness.

M

Meteored

theweather.com

69

Theweather.com, operated under the Meteored brand, is a professional weather information service providing 14-day forecasts, hourly updates, meteorological news, and videos primarily targeting the US market and global users. The site offers extensive weather data for over 200,000 cities worldwide and supports multiple languages and regional partner sites. It also provides weather widgets and mobile applications across major platforms including Android, iOS, Huawei, and Windows. The business model is advertising-supported, leveraging multiple ad networks and tracking technologies integrated with a GDPR-compliant consent management platform. Technically, the website employs modern JavaScript frameworks, Google Tag Manager, header bidding with Prebid.js, and integrates video content via Dailymotion. The site is well-optimized for performance and mobile responsiveness, with good SEO and accessibility basics. Hosting appears to be managed via Meteored's own services or trusted CDNs. Privacy and cookie policies are comprehensive and prominently linked, with active consent mechanisms. Security posture is strong with HTTPS enforced, security headers implemented, and no visible vulnerabilities or exposed sensitive data. However, the site lacks explicit published security policies or incident response contacts, and no vulnerability disclosure or security.txt files were found. The WHOIS data for the domain is unavailable, indicating privacy protection or recent registration, which slightly reduces trust but is mitigated by the professional site presentation and brand recognition. Overall, theweather.com is a credible and professionally managed weather information platform with good technical and security practices. Strategic recommendations include publishing explicit security policies and incident response contacts, adding vulnerability disclosure mechanisms, and enhancing accessibility features to further improve trust and compliance.

S

Stadt Rheine

rheine.de

56

Stadt Rheine operates as the official municipal government website for the city of Rheine in Germany, providing a broad range of public services, cultural information, and tourism resources. The site targets residents, visitors, and businesses, offering online forms, event information, and administrative contacts. The website is well-structured with comprehensive navigation and modern design elements, reflecting a medium-sized government entity with a strong local presence. Technically, the site employs modern JavaScript libraries such as Swiper.js and ExtJS, uses a recognized CMS (Recon CMS), and implements cookie consent via Klaro, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and basic security headers present, though additional headers and a published incident response policy would enhance trust. Privacy compliance is strong with clear privacy and cookie policies and GDPR adherence. Overall, the site is professional, trustworthy, and safe for general audiences.

P

Przelewy24

przelewy24.pl

74

Przelewy24 is a well-established Polish online payment service provider offering a variety of payment methods including BLIK, Google Pay, and Apple Pay. The website targets businesses seeking to integrate efficient and diverse payment solutions into their e-commerce platforms. The company positions itself as a key player in the Polish online payments market, providing reliable and fast payment processing services. The website content is professional, well-structured, and localized in Polish, indicating a mature digital presence. Technically, the site employs modern JavaScript libraries, Google Tag Manager, Microsoft Clarity, and Cookiebot for consent management, reflecting a good level of digital maturity and compliance with privacy regulations. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms effectively, though it lacks some advanced security headers and explicit security policies. No WHOIS data is available due to privacy protection, which is justified for a financial services provider. Overall, the site demonstrates a strong security posture and compliance with GDPR, with room for improvement in transparency and incident response readiness.

The website kulturnipecka.cz is currently a parked domain landing page primarily used for domain resale or parking purposes. It lacks any substantive business content, contact information, or privacy and security policies. The domain's WHOIS data is suspicious, showing a future creation date and registrar details consistent with domain parking services. Technically, the site relies on iframe embedding and external ad/tracking scripts from questionable domains, with no HTTPS enforcement or security headers, resulting in a poor security posture. Overall, the site does not represent an active or legitimate business presence and poses risks related to trust and security.

The website mairie-venoy.fr serves as the official online presence for the Mairie de Venoy, a local government entity in France. It provides residents and visitors with municipal information, administrative procedures, community news, and contact details. The site targets local citizens and those interested in the commune's affairs, offering a basic but functional information portal. The business model is typical of government websites, focusing on public service and information dissemination rather than commercial activities. From a technical perspective, the website employs traditional web technologies including HTML, CSS, and JavaScript libraries such as Prototype.js and Scriptaculous, alongside LightboxJS2 for image display. Hosting is provided by OVH, a reputable provider. However, the site lacks modern CMS frameworks and shows signs of aging technology, with limited mobile optimization and basic accessibility features. Performance is moderate, and SEO practices are minimal. Security posture is moderate but could be significantly improved. The site uses HTTPS and includes Google Analytics for visitor tracking but lacks critical security headers and modern security practices. No privacy or cookie policies are present, indicating non-compliance with GDPR requirements. The use of outdated JavaScript libraries may expose the site to vulnerabilities. Contact information is minimal, limited to a single email address, with no phone or physical address provided. Overall, the website is functional and trustworthy as a local government portal but requires updates to its security, privacy compliance, and technical infrastructure to meet modern standards and improve user experience. Strategic improvements in these areas will enhance trust, compliance, and operational resilience.

M

Mairie de Montigny la Resle

mairie-montigny-la-resle-89.fr

57

The website www.mairie-montigny-la-resle-89.fr serves as the official online presence for the town hall of Montigny la Resle, a small commune in the Bourgogne region of France. It provides residents and visitors with essential information about municipal services, local news, administrative procedures, health advisories, and community events. The site is well-structured and targets local citizens and stakeholders, offering a comprehensive resource for civic engagement and public service access. Technically, the website employs standard web technologies including HTML5, CSS3, JavaScript, and jQuery, with Google Fonts for typography. It is mobile-optimized and accessible, featuring responsive design and navigation aids. However, the technology stack is somewhat dated, notably with an older jQuery version, and lacks advanced security headers. Performance is moderate, with no evident tracking or analytics scripts, indicating a privacy-conscious approach. From a security standpoint, the site uses HTTPS, which is mandatory, but does not implement additional security headers that could enhance protection against common web threats. There is no visible privacy or cookie consent mechanism, which is a compliance gap under GDPR. The WHOIS data is unavailable, which slightly reduces trust but is not uncommon for .fr domains. No vulnerabilities or sensitive data exposures were detected. Overall, the website is a trustworthy and functional municipal portal with good content quality and user experience. Strategic improvements in security headers, privacy compliance, and updating libraries would enhance its security posture and regulatory adherence.

M

Mairie de Gurgy

gurgy.net

58

The website www.gurgy.net serves as the official municipal portal for the town of Gurgy, France, providing residents and visitors with news, administrative information, community services, and event announcements. It targets local citizens and stakeholders, offering a centralized platform for municipal communication and public service access. The site maintains a consistent and professional presentation aligned with government standards, including clear navigation and relevant content. Technically, the site employs standard web technologies such as HTML5, CSS3, JavaScript, Google Fonts, and integrates third-party services like Google Analytics and Meteo France weather widgets. Cookie consent is managed via the tarteaucitron library, ensuring compliance with privacy regulations. The site is mobile-optimized and SEO-friendly, though it lacks some advanced accessibility features and security headers. From a security perspective, the site uses HTTPS and manages user consent for cookies, but it does not implement several recommended security headers or provide incident response contact information. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data for the domain is a concern, as it reduces trust in domain legitimacy despite the website's official appearance. Overall, the website is functional, trustworthy, and serves its purpose well, but improvements in security headers, WHOIS transparency, and incident response readiness are advised to enhance its security posture and trustworthiness.

B

Botnation AI

botnation.ai

63

Botnation AI is a well-established technology company specializing in no-code chatbot creation platforms enhanced with AI capabilities. Founded in 2017 and registered in Switzerland, the company offers a SaaS model targeting businesses and agencies seeking to deploy conversational AI solutions across multiple channels such as websites, social media, and messaging apps. Their platform emphasizes ease of use, integration with CRM and APIs, and includes live chat features for seamless human handover. The website demonstrates a mature digital presence with comprehensive content, strong branding, and multiple certifications including GDPR, PCI-DSS, and ISO standards, reinforcing their commitment to security and compliance. Technically, the website is hosted on AWS infrastructure with a modern tech stack including JavaScript and jQuery, optimized for performance and mobile responsiveness. SEO and accessibility are well addressed with structured data and meta tags. Security posture is strong with HTTPS enforced and no visible vulnerabilities, though improvements could be made by enabling DNSSEC and adding security headers. Privacy compliance is mostly met, but the absence of a cookie consent mechanism and incident response contacts are notable gaps. Overall, Botnation AI presents a trustworthy and professional online presence with a clear business model and strong market positioning in the chatbot technology sector. The site is safe for general audiences and free from adult or questionable content. Strategic recommendations include enhancing privacy controls, improving DNS security, and publishing incident response details to further strengthen trust and compliance.

B

Behavee

behavee.com

64

Behavee is a Czech digital marketing agency specializing in services for e-commerce shops and lead generation. The website presents a professional image with clear branding and a focus on online marketing services. The technical infrastructure is based on the Wix platform, leveraging Wix's Thunderbolt framework and standard polyfills for compatibility. Microsoft Clarity is used for analytics and user behavior tracking. Security posture is moderate with HTTPS usage implied, but lacks explicit security headers and formal privacy or cookie policies. The absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness. Overall, the website is functional and well-designed but would benefit from enhanced transparency and security practices.

Č

ČVIRO

cviro.sk

54

ČVIRO is a small Slovak vehicle rental company specializing in utility vehicles such as vans, pickups, buses, refrigerated trucks, and tractors. The website presents basic information about the business and its offerings, targeting individuals and businesses in need of utility vehicle rentals. The domain is well established since 2006, with consistent WHOIS data and DNSSEC enabled, indicating legitimacy and good domain security practices. Technically, the website uses basic HTML, CSS, and JavaScript with Google Analytics for tracking. However, it lacks modern web design features such as mobile responsiveness and accessibility enhancements. Security posture is weak with no visible security headers or HTTPS enforcement details, and privacy compliance is poor due to the absence of privacy and cookie policies. Contact information is limited to phone numbers and one email address, with no physical address or social media presence. Overall, the site is functional but requires improvements in security, privacy compliance, and technical modernization.

The website www.canalplus.com is currently inaccessible due to a security mechanism or Web Application Firewall (WAF) that blocks content delivery, presenting an 'Access Denied' message with minimal page content. This prevents a full analysis of the website's business, technical, and security posture. The WHOIS lookup for the domain failed to return any registration data, which is unusual for a well-known brand, raising concerns about domain registration legitimacy or privacy protection usage. No privacy, cookie, or terms of service policies were detected on the page, and no contact or business information is available. The technical footprint is minimal, with only inline JavaScript and CSS present, and no external analytics or advertising scripts detected.

G

GoDaddy Operating Company, LLC

vakita.com

73

The website is a professionally designed domain aftermarket sales landing page operated by GoDaddy Operating Company, LLC. It offers the domain vakita.com for sale with options to buy outright or lease to own, supported by secure payment methods and transaction assistance. The site leverages modern web technologies including React and Next.js, hosted on GoDaddy infrastructure, and demonstrates good digital maturity with responsive design and SEO optimization. Security posture is strong with HTTPS and secure payment integrations, though explicit security headers and terms of service pages are absent. Privacy and cookie policies are present and GDPR compliant. Overall, the site is trustworthy and well-positioned in the domain aftermarket e-commerce sector.

T

telecentro.com

telecentro.com

51

The website telecentro.com currently serves as a parked domain with no active business content or services. It displays a sales banner indicating the domain may be for sale and contains advertising blocks powered by Google Adsense and Bodis. The site lacks any meaningful business description, contact information, or user engagement features. Technically, the site uses basic HTML, CSS, and JavaScript with no detected CMS or advanced frameworks. The hosting is managed by Bodis, a domain parking service provider. Security posture is minimal with no DNSSEC enabled and no security headers detected. Privacy compliance is weak, with a privacy policy page present but no cookie consent mechanism or GDPR indicators. Overall, the site is low trust and low content quality, suitable only as a placeholder or domain sale page.

M

Město Vítkov

kulturavitkov.cz

55

Kulturavitkov.cz is a municipal cultural event portal for the town of Vítkov in the Czech Republic. It provides residents and visitors with information about local cinema screenings, concerts, theater performances, exhibitions, and other cultural activities. The platform integrates online ticket sales through a partner e-commerce site, facilitating easy access to event participation. The website is well-branded with official municipal logos and links to verified social media pages, reinforcing its local government affiliation. Technically, the site is built using modern web technologies including React and Next.js, with Material UI for styling. It is mobile optimized and provides a good user experience with clear navigation and event information. Performance is moderate, and the site uses HTTPS with appropriate security headers, indicating a solid security posture. However, the absence of a cookie consent mechanism and lack of visible privacy or incident response policies suggest areas for compliance improvement. Security-wise, the site enforces HTTPS and includes standard security headers, but lacks explicit vulnerability disclosure or incident response information. The WHOIS data is unavailable, likely due to privacy protection, which slightly reduces transparency but does not contradict the site's municipal nature. Overall, the site is trustworthy and serves its purpose effectively, though it could enhance privacy compliance and transparency. The overall risk is low given the nature of the site and its content, but strategic improvements in privacy and security policy disclosures are recommended to strengthen user trust and regulatory compliance.

J

JitroDesign

jitrodesign.com

50

JitroDesign is a small, specialized graphic design studio showcasing a portfolio of projects focused on cultural heritage, music albums, and art publications. The website is hosted on the Cargo Collective platform and uses modern web technologies including jQuery and Handlebars.js. The site is accessible without any WAF or security challenges and uses HTTPS, ensuring basic transport security. However, it lacks privacy and cookie policies, security headers, and explicit contact information, which are areas for improvement. The domain is well-established since 2011, registered through a reputable registrar, and aligns with the business's maturity. Overall, the site presents professional content with good design quality and moderate SEO and accessibility features.

N

NetCURD

netcurd.fr

40

NetCURD is a small French marketing and communication agency founded in 2015, serving clients primarily in the Rennes and Nantes regions. The company offers a comprehensive suite of services including marketing strategy consulting, graphic design for web and print, web development with WordPress and e-commerce solutions, and digital marketing services such as SEO, SEA, social media management, and email campaigns. Their market position is that of a regional agency providing 360° accompaniment to business growth. The website is professionally designed, mobile optimized, and uses modern technologies such as Next.js and SVG graphics. Hosting is provided by Infomaniak Network SA, a reputable provider.

P

Paris Saint-Germain

psg.fr

69

Paris Saint-Germain's official website serves as a comprehensive digital platform for fans and stakeholders to access the latest news, live match updates, and exclusive content related to the club's various sports activities including men's and women's football, handball, judo, and esports. The site is professionally designed with consistent branding and targets a global audience of sports enthusiasts and PSG supporters. Technically, the website leverages modern frameworks such as Next.js and React, ensuring fast performance and excellent mobile optimization. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, though it lacks explicit security policies and incident response information. Overall, the website demonstrates a mature digital presence with room for improvement in transparency and security disclosures.

E

E-BAAN,SE

hapra.cz

49

HAPRA Design is a Czech digital agency specializing in web design, e-commerce development, SEO, social media management, and online marketing services. With over 20 years of experience, the company offers comprehensive digital solutions aimed at businesses seeking to enhance their online presence. Their service portfolio includes website and e-shop creation, content management, PPC advertising, and technical maintenance, positioning them as a full-service digital partner. The website reflects a professional and consistent brand image with clear navigation and relevant content tailored to their target audience. Technically, the site employs a modern technology stack including PHP, MySQL, JavaScript libraries such as jQuery, Bootstrap framework, and integrates marketing and analytics tools like Google Tag Manager and Facebook SDK. The site is mobile-optimized and uses a custom CMS named publishWEB. Performance is moderate with good SEO practices and basic accessibility features. From a security perspective, the website enforces HTTPS and includes a cookie consent mechanism aligned with GDPR requirements. However, no explicit security headers were detected, and no public security or incident response policies are available. The WHOIS data is missing, which limits domain trust verification, but the website content and business information appear legitimate and professional. Overall, the site scores well on content quality, technical implementation, privacy compliance, and business credibility, with recommendations to enhance security headers, publish security policies, and improve accessibility compliance to further strengthen their security posture and trustworthiness.

Z

ZOO JH s.r.o.

zoonahradecku.cz

46

ZOO Na Hrádečku is a private zoological garden located in the Czech Republic, operating since 2014 with a focus on conservation, education, and public engagement. The zoo hosts over 200 animal species, including endangered ones, and offers various visitor experiences such as guided tours, animal adoptions, and educational programs. It operates without subsidies, relying on ticket sales, merchandise, and donations. The website reflects a well-established regional institution with strong community and conservation partnerships. Technically, the website uses standard web technologies including HTML5, CSS3, JavaScript, and jQuery libraries, hosted by a reputable Czech registrar and hosting provider. The site is mobile-optimized with good SEO practices and clear navigation, though some advanced security headers and explicit security policies are not evident. Cookie consent and privacy policies are implemented, indicating awareness of GDPR compliance. From a security perspective, the site uses HTTPS and cookie consent mechanisms but lacks visible advanced security headers or incident response information. No vulnerabilities or suspicious content were detected. WHOIS data confirms domain legitimacy and consistency with the business profile. Overall, the site presents a trustworthy, professional online presence for a medium-sized private zoo with good content quality and privacy compliance. Strategic improvements in security policy transparency and technical security controls are recommended to enhance the security posture and trust further.

E

Eezy LLC

brusheezy.com

60

Brusheezy, operated by Eezy LLC, is a well-established online platform offering a vast collection of free and premium Photoshop brushes and related graphic design resources. The website targets graphic designers and digital artists seeking high-quality Photoshop assets. It operates a freemium business model, providing free downloads alongside premium subscription options for unlimited access. The site enjoys a strong market position within the digital media resource niche, supported by a vibrant community and a network of related sites such as Vecteezy and Videezy. Technically, Brusheezy employs a modern technology stack including JavaScript libraries, analytics tools like Google Analytics and Snowplow, and advertising frameworks such as Freestar and Google DoubleClick. The site is mobile-optimized with good SEO practices and uses HTTPS to secure user interactions. Privacy and cookie policies are present and indicate GDPR compliance, enhancing user trust. From a security perspective, the site demonstrates good practices including HTTPS enforcement and CSRF protection in forms. However, it lacks explicit security headers and a published security policy or vulnerability disclosure program, which are recommended for further strengthening its security posture. No vulnerabilities or suspicious activities were detected in the content or scripts. Overall, Brusheezy presents a low-risk profile with a professional online presence and comprehensive content offerings. The main concern is the absence of WHOIS data transparency, which slightly impacts trust but does not detract significantly from the site's legitimacy. Strategic improvements in security policy publication and WHOIS transparency would enhance its credibility and compliance standing.

I

iSport.cz

isport.cz

63

iSport.cz is a prominent Czech sports news portal providing up-to-date sports news, live results, videos, and premium subscription content. It serves a broad audience of sports enthusiasts primarily in the Czech Republic and is part of the larger Deník Sport media group. The website offers comprehensive coverage of football, hockey, tennis, MMA, and other sports, with a strong focus on live event updates and multimedia content. Technically, the site employs modern web technologies including advanced analytics, consent management, and advertising frameworks, ensuring a responsive and user-friendly experience across devices. Security posture is robust with HTTPS enforcement and consent compliance, although explicit security policies and incident response contacts are not publicly disclosed. Overall, the site demonstrates a mature digital presence with strong business credibility and compliance adherence.

B

BIKEMAX

bikemax.cz

59

BIKEMAX.cz operates as the largest bicycle and electric bike gallery in the Czech Republic, offering a wide range of bicycles, accessories, and related services including bike servicing and franchise opportunities. The company targets cycling enthusiasts and general consumers within the Czech market, leveraging a medium-sized e-commerce retail business model. The website reflects a professional and consistent brand presence with clear navigation and comprehensive product categories. Technically, the website is built on the Shoptet e-commerce platform, utilizing modern JavaScript libraries and tracking tools such as Google Analytics, Facebook SDK, and Microsoft Clarity. The site demonstrates good mobile optimization and SEO practices, although some accessibility features could be enhanced. Performance is moderate, with a well-structured technical stack supporting the business operations. From a security perspective, the site enforces HTTPS and includes cookie consent mechanisms aligned with GDPR compliance. While basic security headers are likely present, explicit security policies and incident response contacts are absent, representing areas for improvement. No critical vulnerabilities or exposed sensitive data were detected during analysis. Overall, the website presents a trustworthy and professional front for BIKEMAX's retail operations. However, the absence of WHOIS registration data introduces some uncertainty regarding domain legitimacy. Strategic recommendations include enhancing security header implementation, publishing a security policy, and providing incident response contact information to strengthen trust and compliance.

S

Singula soft s.r.o.

singula.cz

39

Singula soft s.r.o. is a Czech Republic based small technology company specializing in custom software development and process automation using modern low-code and no-code platforms, notably as a partner of Tabidoo. Their website presents a professional image with clear business descriptions, team contacts, and service offerings focused on digital transformation for small businesses and entrepreneurs. The technical infrastructure is modern, leveraging JavaScript and Google Tag Manager for analytics, with a responsive design and cookie consent mechanisms in place. Security posture is good with HTTPS enforced and no visible vulnerabilities, though the absence of security headers and privacy policy are notable gaps. The WHOIS data is unavailable, which impacts domain trust but the website content and business information appear legitimate. Overall, the site scores well on content quality, technical implementation, and business credibility, with room for improvement in privacy compliance and security best practices.

Běhy Zlín, z.s. is a small non-profit organization based in the Czech Republic focused on organizing running competitions and running school workshops primarily in the Zlín region. The website serves as a hub for event information, registration, news updates, and community engagement. It targets local runners and sports enthusiasts, providing event schedules, partner information, and educational content. The organization has been active since 2014, with a consistent domain registration and transparent business information. Technically, the website uses modern web technologies including JavaScript libraries like jQuery, Moment.js, and Swiper.js, and is built on the Nette PHP framework. It is mobile optimized and provides a good user experience with clear navigation and content relevance. Security-wise, the site enforces HTTPS and implements a cookie consent mechanism with granular controls, but lacks explicit security headers and incident response policies. Overall, the site is trustworthy, professional, and compliant with GDPR requirements.

S

ShopMania

shop-mania.cz

69

ShopMania.cz is a Czech Republic-based e-commerce price comparison and product review platform established since 2005. It aggregates millions of products from hundreds of online stores, providing users with detailed product information, price comparisons, reviews, and promotional offers. The website targets general consumers in the Czech market seeking informed shopping decisions. Technically, the site employs modern JavaScript libraries including Swiper.js for UI components, Google Tag Manager, Google Analytics, and Facebook SDK for marketing and analytics. The site is mobile-optimized with good navigation and content quality. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though some security headers and incident response information are not publicly disclosed. WHOIS data is privacy-protected, which is common for commercial sites, but no registrant details are available for verification. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for Czech online shoppers.

M

Městské informační centrum Havířov

michavirovshop.cz

52

MIC Havířov shop is an e-commerce platform operated by the Municipal Information Center of Havířov, offering a variety of collectible souvenirs, textile goods, and publications related to the city of Havířov. The website targets local residents and tourists interested in purchasing local memorabilia conveniently online or at their physical location. The business model is primarily retail-focused with a local government affiliation, positioning it as a trusted source for authentic Havířov merchandise. Technically, the website is built on the Upgates e-commerce platform, utilizing modern web technologies such as HTML5, CSS3, JavaScript, jQuery, and Bootstrap. The site is mobile-optimized with good navigation and SEO practices, although performance is moderate. Security is well-handled with HTTPS enforced and secure form validation, but lacks some advanced security headers and explicit security policies. From a security and compliance perspective, the site implements a comprehensive cookie consent mechanism aligned with GDPR requirements and provides basic privacy and terms of service documentation. However, the absence of WHOIS registration data raises concerns about domain legitimacy and trustworthiness, which should be further investigated. No major vulnerabilities or tracking technologies were detected, indicating a privacy-conscious approach. Overall, the website presents a professional and trustworthy front for a local government-affiliated e-commerce business, with room for improvement in domain transparency and security header implementation. Strategic recommendations include verifying domain registration, enhancing security policies, and publishing vulnerability disclosure information to strengthen trust and compliance.

MKW-air, s.r.o. is a small Czech aviation company specializing in sightseeing flights, observation flights, introductory flights, photo flights, and ultralight pilot training based at Plzeň - Letkov airport. The company has been operating since 2008 and presents itself as a local aviation service provider with a focus on the Western Czech region. The website content is primarily in Czech and targets aviation enthusiasts, tourists, and prospective pilots. Technically, the website uses basic HTML 4.0 Transitional with CSS and JavaScript, including Google Analytics for user tracking. The site lacks modern CMS or frameworks and shows basic mobile and accessibility features. Security posture is moderate with no visible HTTPS confirmation or security headers, and no privacy or cookie policies are published, indicating compliance gaps. Contact information is clearly provided, enhancing business credibility. Overall, the website is functional but would benefit from modernization and improved security and privacy compliance.

ABCproZDRAVÍ.cz is a Czech Republic-based small e-commerce business specializing in health products, dietary supplements, and cosmetics. Operating since 1995, the company offers a range of products focused on healthy nutrition, immunity strengthening, and weight management. The website provides product listings, descriptions, and an online shopping cart, targeting health-conscious consumers in the Czech market. The business model centers on direct online sales with expert advisory services. Technically, the website is built with basic HTML, CSS, and JavaScript without modern frameworks or CMS detected. Performance and mobile optimization are moderate to basic, with room for improvement in accessibility and SEO. Security posture is average; HTTPS is assumed but no advanced security headers or anti-CSRF protections are evident. Privacy compliance is basic, with cookie consent implemented but no detailed GDPR policy found. The absence of WHOIS data limits domain trust verification, though the website content and business claims appear consistent and legitimate. Overall, the site is functional but would benefit from technical and security enhancements to improve trust and user experience.

S

spoilercentrum.cz

spoilercentrum.cz

48

Spoilercentrum.cz is a Czech Republic-based online retailer specializing in automotive tuning parts and accessories. The website offers a wide range of products including spoilers, filters, suspension components, and custom carbon fiber parts targeting car enthusiasts and vehicle owners interested in aftermarket modifications. The business operates primarily as an e-commerce platform with a niche focus on automotive tuning. Technically, the website uses standard web technologies including HTML, CSS, JavaScript, and jQuery 1.7.2, with some legacy components such as an older jQuery version. The site is moderately optimized for performance and mobile use, with basic SEO and accessibility features. Security posture is adequate with HTTPS enabled and cookie consent implemented, but lacks advanced security headers and uses outdated libraries which could pose risks. The absence of WHOIS data limits domain trust assessment, though the website provides clear contact information and integrates trusted Czech e-commerce widgets. Overall, the site is functional and professional but could benefit from technical and security improvements to enhance trust and compliance.

The website www.deky.eu is a Czech e-commerce platform specializing in the sale of bedding products including blankets, pillows, bed sheets, and mattress protectors. It emphasizes Czech manufacturing and quality products suitable for allergy sufferers. The site is structured with clear navigation and product categorization, targeting general consumers in the Czech Republic seeking home textile products. Technically, the site uses standard web technologies such as jQuery and custom JavaScript, with basic mobile optimization and SEO practices. However, there is no evidence of HTTPS enforcement or advanced security headers, which poses a moderate security risk. Privacy compliance is limited, with no explicit privacy policy page found, though a cookie consent mechanism is implemented. Contact information is not clearly provided, which may impact user trust and support accessibility. Overall, the site appears legitimate and functional but would benefit from enhanced security and privacy measures.

M

- MojeNákupy.cz

mojenakupy.cz

40

MojeNákupy.cz is a Czech online retail store specializing in a broad assortment of household, garden, and tool products. The website offers shopping without mandatory registration and free shipping for orders exceeding 10,000 CZK. The business targets Czech consumers seeking convenient online access to diverse product categories including cleaning supplies, electronics, and pest control. The market position appears to be a niche local e-commerce retailer with a basic but functional online presence. Technically, the site uses standard web technologies including HTML, CSS, JavaScript, Facebook SDK, and Heureka widgets for social and marketing integration. The site lacks advanced CMS or modern frameworks and shows basic mobile optimization and SEO practices. Security posture is moderate with HTTPS assumed but no visible security headers or advanced protections. Privacy and cookie policies are not found, indicating compliance gaps. WHOIS data is missing, reducing trust and raising concerns about domain legitimacy. Overall, the site is functional for retail but requires improvements in security, privacy compliance, and transparency to enhance business credibility and user trust.

A

ALTER s.r.o.

alter-hk.cz

49

ALTER s.r.o. is a Czech Republic-based company specializing in the wholesale and manufacturing of cleaning, disinfecting, and hygiene products. With over 24 years of market presence, the company serves primarily registered business customers, offering a broad range of products including cleaning agents, packaging materials, and gastro supplies. The website reflects a well-established regional wholesaler with a clear B2B business model and a focus on professional clientele. Technically, the website employs standard web technologies including HTML, CSS, JavaScript, and jQuery, but uses an outdated jQuery version which poses security risks. The site is moderately optimized for performance and mobile use, with basic accessibility and good SEO practices. Security posture is moderate; HTTPS is used, and cookie consent mechanisms are implemented, but there is a lack of modern security headers and the use of outdated libraries. WHOIS data is unavailable, which slightly reduces trustworthiness, but the website content and contact information support legitimacy. Overall, the site is functional and professional but would benefit from technical and security updates.

P

PT SERVIS

ptservis.cz

43

PT SERVIS operates an e-commerce website focused on sports nutrition, healthy nutrition, bodybuilding, fitness, and aerobic products primarily targeting fitness enthusiasts and health-conscious consumers in the Czech Republic. The website offers a broad catalog of supplements, fitness equipment, and related health products, supported by promotional campaigns and customer engagement tools such as live chat and discount coupons. Technically, the site uses standard web technologies including JavaScript, jQuery, and CSS, with integrations for marketing and tracking services. The site is secured with HTTPS and includes a cookie consent mechanism, but lacks a publicly accessible privacy policy and terms of service pages, which are important for compliance and user trust. The absence of WHOIS data for the domain is a notable concern, limiting the ability to verify domain legitimacy and age. Overall, the website presents a professional and functional e-commerce platform with moderate technical maturity and security posture.

L

Lékárna Srdcovka

lekarnasrdcovka.cz

45

Lékárna Srdcovka operates as a local and online pharmacy based in Prostějov, Czech Republic, offering a wide range of health-related products including over-the-counter medicines, supplements, and cosmetics. The business targets Czech-speaking customers seeking convenient access to pharmaceutical products both online and in physical stores. The website supports e-commerce transactions and provides services such as e-prescription reservations, positioning itself as a trusted regional healthcare retailer. Technically, the website employs standard web technologies including HTML, CSS, JavaScript, and jQuery, with integration of Facebook Pixel for marketing and tracking. The site is mobile-optimized and provides a good user experience with clear navigation and relevant content. However, there is room for improvement in security headers and cookie consent mechanisms to enhance privacy compliance. From a security perspective, the site uses HTTPS and secure form submissions but lacks visible security headers and explicit incident response or security policies. The absence of WHOIS data for the domain reduces trust from a domain registration standpoint, though the website content and contact information suggest a legitimate business. Overall, the site maintains a moderate security posture with recommendations to improve privacy and security practices. The overall risk assessment is moderate with a score of 74 out of 100, reflecting good content quality and business credibility but some technical and compliance gaps. Strategic recommendations include implementing security headers, adding cookie consent, publishing security policies, and investigating the missing WHOIS data to improve domain trustworthiness.

H

Hawaj.cz • ověřený český e-shop • 17 let s vámi | Hawaj.cz

hawaj.cz

49

Hawaj.cz is a Czech e-commerce retailer specializing in garden furniture, pools, whirlpools, solar showers, toys, pet supplies, and related leisure products. The website positions itself as an established player with 17 years of market presence, targeting Czech consumers seeking home and garden products. The site features a professional design with clear navigation and a broad product catalog. Technically, the site uses modern JavaScript libraries, Bootstrap 4, and integrates multiple marketing and analytics tools such as Facebook Pixel, Google Tag Manager, Hotjar, and Biano Pixel. HTTPS is enforced, and cookie consent mechanisms are in place, indicating a baseline of security and privacy awareness. However, the absence of explicit privacy policy and terms of service pages, as well as missing WHOIS registrant data, reduce overall trust and compliance posture. No WAF or content blocking was detected, and the content is safe for general audiences.

M

Mega levné pneu

megalevnepneu.cz

48

Mega levné pneu is a Czech Republic-based retailer specializing in the sale of tires and wheels for a wide range of vehicles including motorcycles, cars, trucks, and agricultural machinery. The company also offers onsite tire services (pneuservis) near Prague, emphasizing fast service and ecological tire disposal. The website presents a professional and content-rich platform targeting vehicle owners and fleet operators in the region. Technically, the site uses legacy technologies such as windows-1250 charset and jQuery, with moderate performance and basic mobile optimization. Security posture is moderate with HTTPS usage and cookie consent but lacks visible security headers and explicit privacy policies. The absence of WHOIS data reduces domain trustworthiness, though the website content and contact information appear legitimate. Overall, the site is functional and credible but would benefit from enhanced security and compliance transparency.

H

Hydro

hydro.com

75

Hydro is a global leader in aluminium production and renewable energy, operating in over 40 countries with a workforce of 32,000 employees. The company focuses on sustainable business practices, offering low-carbon and recycled aluminium products alongside renewable energy solutions. Their website reflects a mature digital presence with comprehensive global office information and professional branding. Technically, the site employs modern JavaScript frameworks, telemetry via Microsoft Application Insights, and cookie consent management through Cookiebot, indicating a commitment to user privacy and performance monitoring. Security posture is strong with HTTPS enforced and telemetry for error tracking, though explicit security policies and vulnerability disclosures are absent. The WHOIS data for the domain www.hydro.com is missing, which is unusual for a corporate domain and slightly reduces trustworthiness. Overall, the website is professional, secure, and compliant with privacy norms, but could improve transparency around security policies and domain registration details.

A

Adis Transition

adis-transition.com

49

Adis Transition is a small French consulting business specializing in management de transition and operational leadership within high technology and industrial sectors. The company leverages nearly 30 years of experience to support business leaders in transforming and optimizing industrial performance. Their services include general management, operational diagnostics, R&D direction, and industrial transformation. The website is professionally designed using WordPress, featuring modern technologies such as Google reCAPTCHA v3 for form protection. While the site is well-structured and content-rich, it lacks explicit privacy and terms of service pages, and no WHOIS registration data is available, which raises some legitimacy concerns. Security posture is moderate with HTTPS enabled but missing key security headers. Overall, the site is safe, business-focused, and trustworthy, but improvements in transparency and security practices are recommended.

domainsite.com is a legacy domain registrar website that has merged with Name.com, Inc. The site serves primarily as an informational placeholder directing users to Name.com for domain management and registration services. The business operates in the domain registration sector, targeting domain owners and registrants. The merger consolidates services under the Name.com brand, maintaining user credentials and domain products without disruption. Technically, the website uses Bootstrap 3 and basic JavaScript, hosted likely on AWS infrastructure, with minimal SEO and accessibility features. Security posture is moderate with domain status locks in place but lacks DNSSEC and security headers. No privacy or cookie consent mechanisms are present, and no direct contact or incident response information is provided on this page. Overall, the domain registration and business information are consistent and legitimate, reflecting a stable and established registrar entity.

R

Ready for Boarding

readyforboarding.cz

10

Ready for Boarding is a travel-focused website offering content and e-commerce services related to travel, primarily targeting Czech and Polish speaking audiences. The site provides travel guides, tips, and sells travel-related products through WooCommerce. It maintains a professional online presence with multilingual support and integrates multiple marketing and analytics tools such as Google Analytics, Meta Pixel, and PixelYourSite. The technical infrastructure is based on WordPress CMS with a moderate performance profile and good mobile optimization. Security posture is adequate with HTTPS enforced and cookie consent mechanisms in place, though some security headers could be improved. The absence of WHOIS data suggests privacy protection, which is common for small businesses. Overall, the website is legitimate, well-maintained, and compliant with GDPR requirements.