Security Directory

S

Svazek obcí Východní Krkonoše

vychodnikrkonose.cz

49

Svazek obcí Východní Krkonoše is a regional association of municipalities in the Eastern Krkonoše area of the Czech Republic, focused on regional development, tourism, and community support. The organization provides services such as meeting room rentals, coworking spaces, and event equipment, and manages multiple projects aimed at enhancing tourism and sustainable regional growth. The website reflects a well-established entity with a domain age since 2004, consistent with its operational history. Technically, the website employs modern web standards including HTML5, CSS3, Bootstrap for responsive design, and Font Awesome for icons. It is hosted by Active24, a known Czech hosting provider, and uses HTTPS with good performance optimizations such as Google PageSpeed. The site is mobile-friendly and has good SEO practices, though accessibility features are basic. From a security perspective, the site uses HTTPS and implements a cookie consent banner compliant with GDPR. However, no explicit security headers or incident response policies are found, and no vulnerability disclosure or security.txt files are present. No critical vulnerabilities or exposed sensitive data were detected in the content analyzed. Overall, the website is professional, trustworthy, and suitable for its target audience of local municipalities and regional stakeholders. Strategic improvements in security headers and explicit security policies would enhance its security posture and compliance.

M

Multi Digital

multidigital.ch

62

Multi Digital is a Swiss-based digital agency specializing in the development, programming, and implementation of web and software solutions tailored to regional, national, and international clients. The company emphasizes user-friendly, personalized digital experiences that support client strategies. As part of the Galledia Group, Multi Digital benefits from a strong regional presence and professional backing. The website reflects a modern, professional design with clear navigation and comprehensive service offerings including software development, e-commerce, marketing, and web design. Technically, the site uses modern frameworks like Bootstrap, integrates Google Tag Manager and Metricool for analytics and marketing, and employs a robust cookie consent mechanism compliant with GDPR. Security posture is solid with HTTPS enforced and no visible vulnerabilities, though some security headers and policies could be improved. Overall, the domain registration aligns well with the business claims, supporting legitimacy and trustworthiness.

M

Město Pardubice

pardubice.eu

57

Pardubice.eu is the official web portal for the city of Pardubice, Czech Republic, serving tourists, citizens, entrepreneurs, and local government stakeholders. It provides comprehensive information on tourism, events, city news, public services, and contact resources. The website is well-positioned as a trusted government portal with consistent branding and a clear focus on serving its community. Technically, the site employs modern web technologies including JavaScript frameworks, Google Tag Manager, Facebook Pixel, and Microsoft Clarity for analytics and user experience enhancement. The site is hosted by a reputable Czech provider and demonstrates good mobile optimization and accessibility. Security-wise, the site enforces HTTPS and uses cookie consent mechanisms aligned with GDPR, though it lacks explicit security policies or incident response contacts. No critical vulnerabilities or exposed sensitive data were detected. Overall, the site is professional, trustworthy, and compliant with privacy regulations, making it a reliable resource for its audience.

G

Giant interactive s.r.o.

giant.cz

54

Giant interactive s.r.o. is a Czech digital agency specializing in e-commerce, web, and mobile application development with over 17 years of experience. The company positions itself as a market leader providing comprehensive digital solutions including strategy, web presence, e-commerce platforms, mobile apps, and online marketing services. Their client portfolio includes notable companies and they have received multiple industry awards, indicating strong market presence and credibility. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, React JS, and integrates Google Tag Manager for analytics. The site is well-optimized for mobile devices and offers a professional user experience with clear navigation and multimedia content. Cookie consent mechanisms are implemented, reflecting awareness of privacy regulations. From a security perspective, the site uses HTTPS with good SSL configuration and secure forms with anti-spam features. However, explicit security headers like Content-Security-Policy and X-Frame-Options are not evident, and no published privacy policy or incident response information is found, which are areas for improvement. Overall, the website is professional and trustworthy, but the absence of WHOIS data and privacy policy reduces the confidence level. It is recommended to verify domain registration details and publish comprehensive privacy and security policies to enhance trust and compliance.

N

Non Gamstop Casinos - OXON AA

oxonaa.org.uk

53

The website oxonaa.org.uk operates as an affiliate and informational platform specializing in non Gamstop casinos targeted at UK players seeking alternatives to UKGC-regulated gambling sites. It provides curated casino reviews, bonus information, and payment guidance, positioning itself as a niche player in the UK gambling affiliate market. The site leverages WordPress CMS with modern SEO and performance optimizations, including WP Rocket and Google Analytics integration. Security posture is adequate with HTTPS enforced but lacks visible security headers and formal privacy or cookie policies, representing compliance gaps. The WHOIS data presents an anomaly with a future domain creation date, which raises questions about registration data accuracy but does not directly undermine the site's apparent legitimacy. Overall, the site is professional and functional but should improve privacy compliance and security transparency to enhance trust and regulatory adherence.

A

ARISE

ariseglobalnetwork.org

67

ARISE is a UN Office for Disaster Risk Reduction (UNDRR) established network that connects private sector entities globally to promote disaster risk reduction and resilience. The platform serves as a hub for knowledge sharing, innovation, and collaboration among businesses, investors, insurers, and infrastructure stakeholders. It aligns its mission with major global frameworks such as the Sendai Framework, Sustainable Development Goals, and the Paris Climate Agreement. The website demonstrates a mature digital presence built on Drupal 10, with good performance, mobile optimization, and accessibility. Security posture is solid with HTTPS and Cloudflare protections, though explicit security policies and vulnerability disclosures are absent. WHOIS data is unavailable, which slightly reduces domain trust but is mitigated by the UN affiliation and professional content. Overall, the site is a credible and authoritative resource for private sector disaster resilience initiatives.

D

Domains By Proxy, LLC

esm.sh

56

esm.sh is a specialized open source CDN service focused on delivering modern JavaScript and TypeScript modules (ESM) globally with no build steps required. It targets web developers and Deno users by providing fast, smart, and global CDN capabilities with support for import maps, on-the-fly transformation of TSX, Vue, and Svelte files, and compatibility with Deno's module system. The project is hosted on GitHub and powered by Cloudflare, indicating a modern and scalable technical infrastructure. The website is well-structured with comprehensive documentation and usage examples, supporting a developer-centric audience. However, it lacks formal privacy, cookie, and terms of service policies, which are important for compliance and user trust.

M

Materasso Hotels

materasso-hotels.com

56

Materasso Hotels is a specialized supplier of hotel beds, mattresses, and furniture, targeting the hospitality industry with a focus on quality sleep solutions. The company offers a range of product classes from Economy to Luxury, serving over 200 hotels, primarily in Central Europe. Their website is professionally designed, multilingual, and optimized for user experience and SEO, reflecting a mature digital presence. Technically, the site leverages WordPress with modern JavaScript libraries, Google Analytics, and Tag Manager for marketing and analytics purposes. Security measures include HTTPS enforcement and cookie consent mechanisms, though some advanced security policies and incident response information are not publicly available. The absence of WHOIS registration data for the domain is a notable concern, suggesting a need for verification of domain legitimacy. Overall, the business appears credible and well-positioned in its market segment, with recommendations to improve transparency around security policies and domain registration.

H

HERHSIANG Information Co., LTD.

tgb.com.tw

8

The website tgb.com.tw/webmail serves as a corporate webmail login portal primarily targeting employees or users associated with the tgb.com.tw domain. The business behind the site is HERHSIANG Information Co., LTD., a Taiwanese company providing webmail services. The site is minimalistic, focusing on secure user authentication with features such as XSRF tokens and two-step verification code mechanisms. However, it lacks publicly visible privacy, cookie, or terms of service policies, and no contact information is provided on the page. From a technical perspective, the site uses standard web technologies including HTML, CSS, JavaScript, jQuery, and jQuery UI. The performance and mobile optimization are basic, with no advanced frameworks or CMS detected. Security best practices are partially implemented, but the absence of visible HTTPS enforcement and security headers reduces the overall security posture. No analytics or advertising scripts are present, indicating a focus on internal use rather than marketing. Security-wise, the site shows some good practices such as hidden XSRF tokens and password input protections, but the lack of explicit HTTPS enforcement and security headers is a concern. There is no evidence of vulnerability disclosure or incident response policies. The domain registration data is consistent and legitimate, registered through TWNIC with no suspicious patterns. Overall, the website is functional for its intended purpose but would benefit from enhanced security measures, privacy compliance, and improved user trust signals. Strategic recommendations include implementing HTTPS with HSTS, adding security headers, publishing privacy and cookie policies, and providing clear contact information to improve credibility and compliance.

A

ASP Group s.r.o.

aspgroup.cz

61

ASP Group s.r.o. is a well-established distributor specializing in branded ATVs, motorcycles, and related accessories across Central and Eastern Europe. With over 24 years of market experience, the company holds a strong position as one of the largest distributors in its sector. The website reflects a professional and comprehensive digital presence, offering detailed product categories, brand partnerships, and dealer support services. The multilingual approach and dedicated e-commerce platforms further enhance its market reach. Technically, the website is built on WordPress with modern frameworks like Bootstrap and integrates essential marketing and analytics tools such as Google Tag Manager and Google Analytics. The site is mobile-optimized, accessible, and SEO-friendly, indicating a mature digital infrastructure. Cookie consent and privacy policies are implemented in compliance with GDPR, reflecting a commitment to privacy and regulatory adherence. From a security perspective, the site uses HTTPS and cookie consent management but lacks explicit security headers and a public security policy or incident response contact. No vulnerabilities or exposed sensitive data were detected in the content. The absence of WHOIS data slightly reduces domain trustworthiness, but the overall professional presentation and contact transparency mitigate concerns. Overall, ASP Group's website demonstrates a solid business and technical foundation with good security hygiene and privacy compliance. Strategic improvements in security headers and transparency around incident response would further strengthen its posture.

M

Metropolitní kapitula u sv. Víta v Praze

varhannifestival.cz

10

The website www.varhannifestival.cz represents the 14th International Organ Festival held at the St. Vitus Cathedral in Prague, organized by the Metropolitan Chapter of St. Vitus in Prague. It targets classical music enthusiasts and cultural tourists, providing detailed event information, artist lineups, and ticket purchasing options. The festival is well-established and supported by notable figures such as the Archbishop of Prague and the President of the Czech Republic, indicating strong cultural significance and trust. Technically, the website is built on the Solidpixels CMS platform, utilizing modern web technologies including Google Tag Manager and Google Fonts. It features responsive design, good accessibility, and SEO optimization. Performance is moderate with asynchronous script loading enhancing user experience. However, no hosting provider or domain age information is available due to missing WHOIS data. From a security perspective, the site enforces HTTPS and avoids exposing sensitive data. Yet, it lacks important security headers and published policies such as privacy, cookie, and terms of service, which are critical for GDPR compliance and user trust. No incident response or vulnerability disclosure information is provided, representing an area for improvement. Overall, the website is professional, content-rich, and trustworthy in terms of business credibility but requires enhancements in privacy compliance and security documentation. The absence of WHOIS data is a notable concern that should be addressed to improve domain legitimacy and trustworthiness.

T

The metropolitan chapter of St. Vitus in Prague

kapitula.cz

55

The Metropolitan Chapter of St. Vitus in Prague is a historic religious and cultural institution established in 973, making it the oldest legal entity with continuous activity in the Czech lands. The organization manages the St. Vitus Cathedral and other historic monuments, organizes cultural events such as organ festivals and choirs, and maintains a significant library and archive. The website reflects a professional and well-maintained digital presence, leveraging modern web technologies and a specialized CMS platform. However, the absence of WHOIS data and lack of visible privacy and cookie policies indicate areas for improvement in transparency and compliance. Security posture is generally strong with HTTPS and modern libraries, but could benefit from enhanced security headers and incident response information. Overall, the site serves as a credible and authoritative source for cultural and religious information related to the chapter.

Ú

Úrad verejného zdravotníctva Slovenskej republiky

uvzsr.sk

10

The website https://uvzsr.sk/ represents the official portal of the Úrad verejného zdravotníctva Slovenskej republiky (Public Health Authority of the Slovak Republic). It serves as a comprehensive information hub for public health topics, regional offices, and services relevant to citizens, businesses, and professionals in Slovakia. The site is positioned as a key government entity providing authoritative public health information and services. The business model is that of a government-funded public health organization, with no commercial intent. The website content is well-structured, targeting a broad audience including the general public and specialized professionals.

I

Instituto Português do Mar e da Atmosfera

ipma.pt

53

The Instituto Português do Mar e da Atmosfera (IPMA) is a Portuguese government entity specializing in meteorology, oceanography, climate monitoring, and seismic activity. The website serves as the national authoritative source for weather forecasts, marine conditions, seismic alerts, and climate data, targeting the general public, researchers, and governmental sectors. It provides comprehensive scientific and public service information, including interactive maps and detailed forecasts. The site is well-branded and consistent with its government affiliation, offering a professional and trustworthy user experience. Technically, the website is built on the OpenCms content management system and utilizes JavaScript libraries such as Leaflet for mapping and jQuery for interactivity. It integrates Google Analytics for user tracking but lacks explicit cookie consent mechanisms. The site performs moderately well with basic mobile optimization and accessibility features. However, some technologies like jQuery are outdated, and security headers are not visibly implemented, which could be improved. From a security perspective, the site uses HTTPS and does not expose sensitive data. There are no detected vulnerabilities or WAF challenges, indicating a stable security posture. However, the absence of privacy and cookie policies, as well as incident response information, suggests gaps in compliance and transparency. The WHOIS data confirms the domain's legitimacy as a government entity, reinforcing trust. Overall, the IPMA website is a credible and authoritative source for meteorological and oceanographic information in Portugal, with room for improvement in privacy compliance, security best practices, and modernization of technical components.

S

SYLVA

bioaerosol.eu

51

SYLVA is a European Union and SERI funded scientific project focused on real-time observation of aeroallergens, providing valuable environmental data and research outputs. The website serves as a portal for stakeholders including researchers and public health officials, offering access to data portals and project information. The technical infrastructure is modern and lightweight, utilizing htmx and Pico CSS for responsive and accessible design. Embedded iframes provide interactive data visualization and mapping services. Security posture is adequate with HTTPS usage but lacks explicit security headers and privacy policies, which are recommended for improvement. The domain WHOIS data is privacy protected by EURid, typical for .eu domains, and the website content aligns with the domain's purpose, supporting legitimacy. Overall, the site is professional and trustworthy but could enhance compliance and security transparency.

S

solidpixels.

solidpixels.cz

65

solidpixels. is a Czech-based technology company offering a proprietary SaaS platform for creating professional websites, landing pages, e-shops, and content hubs. The company targets businesses and professionals seeking high-quality, fast, and functional web solutions, positioning itself as a premium provider trusted by thousands of clients. The website demonstrates a strong market presence with client testimonials, social media engagement, and a comprehensive service offering. Technically, the site uses modern web technologies including responsive design, lazy loading, and integrates Google Analytics and Tag Manager for analytics and marketing. The platform is built on a proprietary CMS, solidpixels, indicating a mature digital infrastructure. Security posture is good with HTTPS enforced and cookie consent implemented, though explicit security headers and policies are not evident. The absence of WHOIS registrant data is a concern for domain legitimacy verification, but the professional content and business presence mitigate this risk. Overall, the website is well-designed, user-friendly, and compliant with GDPR, making it a trustworthy platform for its target audience.

T

TAKTIQ COMMUNICATIONS s.r.o.

taktiq.com

46

Taktiq Communications s.r.o. is a Czech-based communication agency specializing in media relations, creative projects, content creation, and communication training. The company targets businesses and organizations seeking professional communication and PR services. Their website reflects a professional and consistent brand image, showcasing key services and client testimonials. Technically, the site uses modern technologies including Blazor and Google Fonts, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS usage but lacks visible security headers and published security policies. Privacy compliance is weak due to absence of privacy and cookie policies. The WHOIS data is missing or unavailable, which raises concerns about domain registration legitimacy despite the professional website presence.

C

Chrudimka.cz

chrudimka.cz

51

Chrudimka.cz is a Czech regional online media portal delivering daily news focused on culture, sports, and leisure activities, primarily targeting a younger audience. The website presents a professional and consistent brand image with regularly updated content and multiple categories including culture, sport, free time, competitions, and local news about Chrudim. The business model revolves around content publishing and advertising partnerships with book publishers and local event promoters. Technically, the site is built on WordPress CMS with common performance and analytics plugins, featuring lazy loading and responsive design for mobile users. Security posture is adequate with HTTPS enabled and cookie consent implemented, though security headers are missing and no explicit incident response or security policies are found. WHOIS data is unavailable, which slightly impacts trust but the site content and structure indicate a legitimate local media presence. Overall, the site is well-maintained with good content quality and user experience, suitable for its target audience and business scope.

S

S úsměvem pro vás

susmevemprovas.cz

56

S úsměvem pro vás is a small Czech Republic based consortium of companies specializing in advertising, graphic design, photography, publishing, and printing services. The website is built on the Wix platform, leveraging Wix Thunderbolt technology, and presents a professional and consistent brand image targeting local/regional clients. The technical infrastructure is modern but basic, with moderate performance and good mobile optimization. Security posture is adequate with HTTPS enforced but lacks advanced security headers and privacy compliance features. The absence of WHOIS data reduces transparency but does not indicate direct risk. Overall, the business appears legitimate with room for improvement in privacy and security practices.

A

Autoservis Dubina Pardubice

autoservisdubina.cz

41

Autoservis Dubina Pardubice is a small automotive service provider based in the Czech Republic, specializing in comprehensive car servicing, repairs, diagnostics, and spare parts sales. The company targets local vehicle owners and offers a broad range of services including chiptuning, tire service, air conditioning, and technical inspections. The website is built on Joomla CMS and uses common JavaScript libraries, presenting a professional and consistent brand image. However, the site lacks privacy and cookie policies, which impacts compliance with GDPR regulations. Security posture is moderate with no visible HTTPS verification or security headers, indicating room for improvement. Overall, the website is functional and trustworthy but would benefit from enhanced security and privacy measures.

M

Město Pardubice

ipardubice.cz

46

Pardubice.eu is the official web portal of the city of Pardubice, Czech Republic, serving as a comprehensive information hub for tourists, citizens, entrepreneurs, media, and city officials. The website offers a wide range of services including event calendars, tourist guides, public announcements, and contact information, positioning itself as the primary digital gateway to the city's offerings and administrative resources. The portal is well-branded with consistent city imagery and messaging, reflecting its government affiliation and public service mission. Technically, the website employs modern web technologies including JavaScript frameworks, CSS, and multiple analytics and tracking tools such as Google Tag Manager, Microsoft Clarity, Hotjar, and Facebook Pixel. It features responsive design optimized for mobile devices and includes accessibility considerations. The site uses a cookie consent management system compliant with GDPR, allowing users to control their privacy preferences. From a security perspective, the site enforces HTTPS and integrates cookie consent mechanisms, but could improve by adding explicit security headers like Content-Security-Policy and X-Frame-Options. No vulnerabilities or exposed sensitive data were detected. The WHOIS data confirms the domain is registered through a reputable Czech registrar, consistent with the website's official nature. Overall, Pardubice.eu demonstrates a strong digital presence with excellent content quality, good technical implementation, and solid privacy compliance. It is a trustworthy and professional government portal with no signs of malicious activity or content safety concerns.

The Buckeye Trail Association is a well-established non-profit organization dedicated to maintaining and promoting a 1440+ mile hiking trail circling Ohio. The website serves as an information hub for hikers, volunteers, and supporters, offering resources such as maps, event details, volunteer portals, and donation opportunities. The organization has a strong community focus with active event management and volunteer engagement. Technically, the website uses basic web technologies including CSS and JavaScript, with Google Analytics for visitor tracking. Hosting is provided via iPowerWeb, and the domain is long-standing, created in 1998, which aligns with the organization's history. Security posture is moderate with HTTPS enabled and domain transfer protection, but lacks DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the site is functional and trustworthy but could improve in compliance and security best practices.

The website at coloradotrail.org is currently inaccessible due to a security mechanism blocking access, presenting an 'Access Denied' page with network and browser verification scripts. This prevents any meaningful extraction of business, contact, or policy information. The domain is registered with GoDaddy.com, LLC since 1997, indicating a long-standing registration. However, without access to actual site content, no assessment of business operations or services can be made. The technical infrastructure appears to include JavaScript-based verification, but no CMS or analytics technologies are detectable. Security posture cannot be evaluated due to lack of accessible content and headers. Overall, the site is effectively blocked from analysis, resulting in a low AI score and unknown compliance or security status.

E

Erlebnis Akademie AG

treetop-walks.com

46

The website treetop-walks.com represents Erlebnis Akademie AG, a medium-sized German company specializing in treetop walks and nature experience paths. The business targets general audiences interested in outdoor leisure activities and operates primarily in the hospitality sector. The website is built on WordPress with Yoast SEO optimization and hosted by Hetzner Online GmbH, a reputable German hosting provider. The technical infrastructure is modern and moderately performant with good mobile optimization. Security posture is basic with HTTPS enabled but lacks advanced security headers and DNSSEC. Privacy compliance is minimal with no explicit privacy or cookie policies detected. The website uses common analytics and tracking services including Microsoft Clarity, Google Tag Manager, and Facebook Pixel. Overall, the site is professional and trustworthy but could improve in privacy transparency and security hardening.

W

William H. Coleman, Inc.

whcoleman.com

44

William H. Coleman, Inc. is a well-established event management firm specializing in the travel industry, with a domain registered since 1998. The company positions itself as a leading organizer of travel-related events, targeting travel professionals and industry participants. Their website reflects a professional and consistent brand image, supported by active social media channels and clear contact information. Technically, the site is built on WordPress using modern themes and plugins, with integrations for analytics and social media. Performance and mobile optimization are good, though accessibility is basic. Security posture is moderate with HTTPS enabled but lacking DNSSEC and security headers. Privacy compliance is weak due to missing privacy and cookie policies. Overall, the business credibility is high, but improvements in security and compliance are recommended.

4hosting.cz is a Czech-based small webhosting provider offering a range of hosting plans and domain registration services primarily targeting small to medium businesses and individual customers. The company emphasizes quality and affordability with a history dating back to 2004 and domain registration since 2008. Their services include webhosting packages, domain registration, and e-commerce platform rentals via their partner 4shop.cz. Technically, the website is built with standard HTML, CSS, and JavaScript, with no advanced frameworks detected. The site is moderately optimized for SEO and basic mobile responsiveness but lacks advanced accessibility features. Security posture is moderate with HTTPS usage implied but missing explicit security headers and no published security policies or incident response contacts. Privacy compliance is partially addressed with a GDPR information page but lacks cookie consent mechanisms. Overall, the website is professional and trustworthy but could improve in security and privacy transparency.

B

Bookolo System

bookoloengine.com

58

Bookolo System provides an administrative login interface likely for managing booking or scheduling services. The website is minimalistic, focusing on secure access for internal users rather than public-facing content. The technical infrastructure uses modern JavaScript libraries such as Tom Select, Stimulus, and Nette Framework components, indicating a contemporary web application design. However, the absence of WHOIS data raises concerns about domain legitimacy and registration status. Security posture is moderate with basic form protections but lacks visible security headers and privacy compliance documentation. Overall, the site is functional for its purpose but requires enhancements in security and compliance to improve trustworthiness.

A

AKP marketing, s.r.o.

vseproakce.cz

50

Platforma Všeproakce is a Czech event industry platform focused on community building, education, and providing services and tools for event professionals. It serves a sizable community of over 16,000 event specialists and enthusiasts, offering consulting, mentoring, and event planning support. The website is professionally designed, mobile-optimized, and uses modern web technologies including the Solidpixels CMS framework. It integrates cookie consent mechanisms and links to relevant social media channels, enhancing user engagement and compliance. However, the absence of a publicly accessible WHOIS record and missing privacy and terms of service pages represent gaps in transparency and compliance. Security posture is generally good with HTTPS enforced, but could be improved by adding security headers and incident response information.

G

Gasgrid Finland Oy

gasgridportal.fi

62

Gasgrid Finland Oy operates the Finnish gas transmission system and provides a dedicated portal for market parties to manage their accounts and services. The website serves as a secure login gateway for authorized users, reflecting a B2B business model focused on energy infrastructure management within Finland. The domain registration and hosting infrastructure align well with the company's profile, indicating a legitimate and consistent online presence. Technically, the website employs modern web technologies including AWS Amplify for authentication and AWS DNS services, suggesting a cloud-based hosting environment. The site is functional but minimalistic, with basic mobile optimization and limited SEO features. The absence of visible analytics or tracking scripts indicates a focus on privacy and minimal user tracking. From a security perspective, the site uses HTTPS and provides a secure login form with password visibility toggling. However, no security headers were detected in the provided HTML, and there is a lack of publicly accessible privacy, cookie, or security policies. No vulnerability disclosure or incident response information is available, which could be improved to enhance trust and compliance. Overall, the website presents a moderate risk profile with a solid business credibility foundation but room for improvement in privacy compliance, security best practices, and content richness. Strategic enhancements in these areas would strengthen the portal's trustworthiness and regulatory alignment.

R

REN - Redes Energéticas Nacionais

ren.pt

67

REN - Redes Energéticas Nacionais is a leading Portuguese company responsible for the transmission of electricity and natural gas at very high voltages and pressures, managing the national electric and gas systems. The company serves a broad audience including investors, suppliers, and the general public, positioning itself as a key player in Portugal's energy infrastructure sector. The website reflects a mature digital presence with comprehensive information on services, sustainability, innovation, and corporate governance. Technically, the site uses modern web technologies including jQuery, Highcharts, Cookiebot for consent management, and Umbraco CMS, delivering a responsive and accessible user experience. Security posture is strong with HTTPS enforced, anti-CSRF cookies, and cookie consent mechanisms, though some security headers could be improved. Privacy compliance is robust with clear GDPR-aligned policies and consent dialogs. Overall, REN's website demonstrates high professionalism, trustworthiness, and alignment with its business stature.

Р

Регіональна Газова Компанія

rgc.ua

57

Регіональна Газова Компанія (РГК) є провідним українським підприємством у сфері газорозподілу, виробництва газового обладнання та інжинірингових послуг. Компанія обслуговує значну частину газової інфраструктури України, пропонуючи інноваційні рішення, включаючи проекти з чистої енергії, такі як водень та біометан. РГК має сильну позицію на ринку, підтримує кілька дочірніх сервісних доменів і активно комунікує через соціальні мережі. Технічно сайт використовує сучасні веб-технології, включаючи Google Analytics та Tag Manager, має адаптивний дизайн і базові SEO та доступності. З точки зору безпеки, сайт використовує HTTPS, але не має розширених захисних заголовків або публічних політик безпеки. Відсутні контактні дані для інцидентів безпеки. Загалом, сайт є професійним, безпечним і орієнтованим на бізнес аудиторію.

The website www.psgaz.pl is currently inaccessible to direct content analysis due to a Cloudflare Turnstile CAPTCHA challenge page that blocks automated and direct access. No meaningful business content, contact information, or policies are publicly visible. The WHOIS data for the domain is unavailable, indicating privacy protection or lack of public registration data. This limits the ability to verify the legitimacy or business details of the domain. Technically, the site uses Cloudflare services for security and performance but lacks visible security headers or metadata. Overall, the site appears to be either under protection, newly registered, or inactive with minimal public presence.

The website www.nationalgas.com is currently inaccessible due to a Cloudflare Turnstile security challenge page, which blocks access to any meaningful content or business information. The domain WHOIS data is unavailable or the domain appears unregistered, raising significant legitimacy concerns. Without access to the actual website content, no business description, contact information, or security policies can be analyzed. The technical infrastructure relies on Cloudflare for security and bot mitigation, but no further technology stack or CMS details are discernible. The security posture cannot be properly assessed due to the lack of accessible content and headers. Overall, the site is effectively blocked from analysis, resulting in a low trust and security score.

The website tsoua.com is currently inaccessible due to a Cloudflare Turnstile human verification challenge page that blocks direct access to any business content. The domain was registered in 2019 via PublicDomainRegistry.com without privacy protection, indicating some transparency in ownership, but no registrant details are publicly available. Due to the WAF challenge, no privacy policies, contact information, or business descriptions are accessible, preventing a full assessment of the company's operations or market position. The technical infrastructure relies on Cloudflare for security and performance, but no further technology stack details are available. Security posture cannot be fully evaluated given the lack of accessible content and headers. Overall, the site appears to be in a protective mode, possibly to mitigate automated threats or abuse, but this limits external analysis and trust evaluation.

S

Sociální služby Česká Třebová

ssct.cz

44

Sociální služby Česká Třebová is a regional social services provider based in the Czech Republic, offering a range of care services including senior home care, palliative care, weekly daycare, caregiving, and respite care. The organization targets local residents and families requiring social support and healthcare services. The website is built on WordPress using the Neve theme and includes plugins such as Smart Slider 3 and Cookie Notice, reflecting a moderate level of digital maturity. The site is well-structured, mobile-optimized, and provides clear navigation and contact information, primarily phone numbers. Security posture is adequate with HTTPS enabled and cookie consent implemented, though it lacks advanced security headers and publicly available security policies. Overall, the website is trustworthy and professional, supporting the organization's mission effectively.

I

IBBY Canada

ibbycongress2026.org

64

IBBY Canada operates the website for the 40th IBBY World Congress 2026, an international event focused on children's literature. The site serves as an information hub and registration portal for attendees, leveraging the Shopify platform for e-commerce functionality. The website is well-structured, visually consistent, and targets professionals and enthusiasts in the children's literature community globally. Technically, the site is built on a modern, secure Shopify infrastructure with good performance and mobile optimization. Security best practices such as HTTPS and security headers are implemented, though privacy compliance could be improved with explicit cookie consent and detailed GDPR-aligned privacy policies. The absence of WHOIS data limits domain registration trust analysis, but the professional presentation and social media presence support legitimacy. Overall, the site is a credible, well-maintained platform for a niche educational event.

S

SPORTISIMO s. r. o.

loap.cz

63

LOAP.CZ is a Czech Republic based e-commerce retailer specializing in outdoor and sportswear products. The company positions itself as a pioneer in the Czech outdoor fashion and equipment market with over 25 years of experience. The website offers a broad range of products including clothing, footwear, camping gear, and accessories targeting outdoor enthusiasts. The business model is direct-to-consumer retail with a focus on quality and affordability. The website is professionally designed, mobile optimized, and provides clear navigation and relevant content for its target audience.

G

GardenBros

garden-brothers.cz

57

GardenBros is a small Czech Republic-based business specializing in garden maintenance, design, and realization services. The company emphasizes quality, attention to detail, and fair pricing, targeting homeowners and garden owners seeking professional care. Their website reflects a local service provider with a focus on customer satisfaction and collaboration with other professionals in related fields. Technically, the website is built on the Webnode platform, hosted via AWS Cloudfront CDN, and uses modern web technologies including HTTPS and JavaScript. The site is mobile-optimized and includes basic SEO and accessibility features. Security posture is moderate with HTTPS enabled and cookie consent implemented, but lacks visible security headers and explicit incident response contacts. WHOIS data is unavailable, which impacts trust and transparency. Overall, the website is functional and professional but could improve in security and compliance transparency.

S

SCAN4BIM s.r.o.

scan4bim.cz

53

SCAN4BIM s.r.o. is a small Czech Republic-based company specializing in 3D laser scanning and building documentation services, primarily targeting construction professionals and property owners needing accurate digital data for reconstruction and project planning. The website is built using the Wix platform, indicating a moderate level of digital maturity with basic mobile optimization and standard web technologies. The site content is focused and relevant to its niche service offering but lacks comprehensive business and privacy information. Security posture is adequate with HTTPS enabled and no obvious vulnerabilities, but the absence of security headers and privacy policies indicates room for improvement. The missing WHOIS data reduces trust in domain legitimacy, though the website itself appears professional and functional. Overall, the site presents a basic but legitimate online presence for a specialized service provider.

M

Město Aš

info-as.cz

52

The website www.info-as.cz serves as an official tourism and local information portal for the city of Aš in the Czech Republic. It provides comprehensive details about local activities, events, cultural sites, accommodation, and gastronomy, targeting tourists, families, and local visitors. The site is well-structured with clear navigation and offers multilingual support. It integrates modern JavaScript libraries and tracking tools such as Google Analytics and Tag Manager, with a cookie consent mechanism ensuring GDPR compliance. However, the absence of WHOIS data limits transparency regarding domain ownership, which slightly impacts trustworthiness. Technically, the website employs a modern tech stack including jQuery, Swiper.js, and LightGallery, delivering a moderate performance with good mobile optimization. Security posture is adequate with HTTPS enforced and consent management in place, but lacks explicit security headers and dedicated security or incident response policies. Contact information is available via a GDPR-compliant form, though no direct company emails or phone numbers are explicitly listed. Social media presence on Instagram and Facebook enhances engagement and trust. Overall, the site is professional, content-rich, and user-friendly, suitable for its purpose as a local tourism hub. The main risk lies in the lack of domain registration transparency and missing formal security policies. Strategic improvements in security headers, terms of service, and WHOIS transparency would enhance credibility and security posture.

William H. Coleman, Inc. operates a member login portal primarily serving its clients, likely in the energy sector. The website provides essential member services such as login, sign-up, password recovery, and contact options. The company has an established presence since 2012, supported by a domain registration consistent with its business age and sector. The site is built on ASP.NET Web Forms technology with Bootstrap for styling and includes basic client-side validation and CAPTCHA to enhance security. The technical infrastructure suggests hosting on Microsoft Azure DNS with GoDaddy as the registrar. Security posture is moderate with HTTPS enforced and CAPTCHA implemented, but lacks modern security headers and uses an outdated Google Analytics script. Privacy compliance is basic with a privacy policy and terms of service linked but no cookie consent mechanism. Overall, the website is functional and professional but could benefit from security and privacy enhancements.

A

Asociace výrobců minerální izolace (AVMI)

avmi.cz

57

The website www.avmi.cz represents the Asociace výrobců minerální izolace (AVMI), an association focused on mineral and thermal insulation for buildings. The site provides information about insulation materials such as mineral wool, polystyrene, and PUR foam, targeting general audiences interested in building insulation solutions. The business appears to be a small association operating primarily in the Czech Republic, with a professional web presence built on the Wix platform. Technical infrastructure relies on Wix's hosting and content management system, with standard JavaScript libraries and analytics tools such as Google Tag Manager and Sentry for error monitoring. Security posture is moderate, with HTTPS implied but lacking explicit security headers and privacy policies. The absence of WHOIS data reduces domain trustworthiness, but the website content and design indicate a legitimate business entity. Overall, the site is safe, professional, and relevant to its industry, but improvements in privacy compliance and security best practices are recommended.

Biogen Slovakia s.r.o. operates as a subsidiary of the global biotechnology leader Biogen Inc., focusing on innovative therapies for neurological and rare diseases. The website serves healthcare professionals and patients in Slovakia, providing comprehensive information about therapeutic areas, corporate responsibility, and career opportunities. The digital infrastructure is built on Adobe Experience Manager, leveraging modern JavaScript libraries and cookie consent management tools to ensure compliance and user experience. Security posture is solid with HTTPS enforcement and cookie management, though some HTTP security headers could be improved. Privacy policies and cookie consent mechanisms are comprehensive and GDPR compliant, enhancing trust. Overall, the website reflects a professional and credible corporate presence with good technical implementation and user experience.

S

Strom - shop

stromshop.cz

71

Stromshop.cz is an established e-commerce platform specializing in the sale of John Deere branded products in the Czech Republic. Founded in 2013, it serves as the official John Deere online shop offering a wide range of products including garden machinery, clothing, toys, and accessories. The website demonstrates a consistent brand presence and targets consumers interested in John Deere merchandise. Technically, the site uses ASP.NET WebForms with Kentico CMS, integrates Google Tag Manager and reCAPTCHA for tracking and security, and shows moderate performance with good mobile optimization. Security practices include HTTPS and CSRF protection, though some security headers are not explicitly confirmed. Privacy and cookie policies are present, indicating basic GDPR compliance, but no explicit security policy or incident response information is found. Overall, the site is professional, trustworthy, and safe for general audiences.

H

Najděte si skvělého terapeuta — Hedepy online terapie

hedepy.cz

10

Hedepy.cz is an established online therapy platform founded in 2020, offering clients access to a wide network of vetted therapists primarily in the Czech Republic and other European countries. The platform emphasizes personalized therapist matching and provides a mobile app for convenient access to therapy sessions. With over 50,000 clients served and 700+ therapists, Hedepy positions itself as a trusted player in the online mental health space. The website content is professionally designed, mobile-optimized, and includes positive client testimonials and insurance partnerships, enhancing its credibility. Technically, the website leverages modern web technologies including React and Next.js, hosted on Vercel, with integrated error monitoring via Sentry and analytics through Google Tag Manager. The platform supports multiple languages and regional domains, indicating a mature digital infrastructure. Performance and SEO optimizations are well implemented, contributing to a positive user experience. From a security perspective, the site enforces HTTPS and uses monitoring tools but lacks visible security headers and published security policies or incident response contacts. Privacy and cookie policies are not clearly accessible, which is a compliance gap. No vulnerabilities or suspicious domains were detected, and no WAF or blocking mechanisms interfere with content access. Overall, Hedepy.cz demonstrates a solid business and technical foundation with room for improvement in privacy compliance and security transparency. Strategic enhancements in these areas would strengthen trust and regulatory adherence.

A

Amazing places for your holiday | Amazing Places

amazingplaces.cz

57

The website 'Amazing Places' offers curated travel content focused on handpicked holiday destinations within the Czech Republic. It targets general audiences interested in exploring unique and interesting places for vacations. The business model appears to be content curation and travel inspiration, likely monetized through advertising or affiliate partnerships, though no explicit monetization details are visible. The site uses modern web technologies including Vue.js and Vuetify, with integration of Google Analytics and Tag Manager for visitor tracking. The technical infrastructure is moderately mature, with good mobile optimization and SEO practices, but lacks visible security headers and explicit privacy or cookie policies, which are important for compliance and user trust. The absence of WHOIS data limits the ability to verify domain ownership and registration legitimacy, introducing moderate risk in trust assessment. Overall, the site is functional and professional but could improve in transparency and security compliance.

The website stockphotos.com is currently inaccessible due to a Cloudflare Turnstile CAPTCHA challenge page that blocks direct access to its content. As a result, no business-specific content, contact information, or policies are available for analysis. The domain is long-established, created in 1995, and registered with RegistryGate GmbH, showing legitimacy and consistency with the domain name. The site uses Cloudflare for security and performance, but DNSSEC is not enabled. Due to the blocking mechanism, technical, security, and privacy compliance assessments cannot be performed accurately. The content safety rating is safe as no adult or explicit content is detected on the challenge page.

C

Camperguru

camperguru.com

67

Camperguru is a specialized online platform founded in 2015 that curates and offers a verified collection of the best camping spots across Europe. The business targets camping enthusiasts and outdoor travelers, providing inspiration, detailed listings, and a mobile app companion for easier navigation and planning. The platform leverages a community-driven ambassador program to maintain high-quality content and unique outdoor stay options such as glamping, winery camping, and family-friendly sites. Technically, the website is built on WordPress with modern JavaScript frameworks and integrates Google Tag Manager for analytics. It is hosted with a reputable registrar and uses Cloudflare DNS, ensuring good performance and security. The site enforces HTTPS and includes a GDPR-compliant privacy and cookie policy with an opt-in consent mechanism. Security headers are not fully verified but the overall security posture is good with no visible vulnerabilities or exposed sensitive data. No direct contact information or terms of service were found, which could be improved for better business credibility. Overall, Camperguru presents a professional, trustworthy, and user-friendly platform with a strong market position in the European camping niche.

M

MAFRA, a.s.

metro.cz

62

Metro.cz is a well-established Czech online news portal operated by MAFRA, a.s., providing comprehensive news coverage focused on Prague and regional areas. The site offers a variety of content including articles, podcasts, photo galleries, and user community features, supported primarily through advertising revenue. Technically, the website employs modern web technologies and integrates multiple analytics and advertising platforms, ensuring good performance and user experience. Security posture is strong with HTTPS enforcement and consent management, though additional security headers could enhance protection. Privacy compliance is robust with clear policies and consent mechanisms. Overall, the site is professional, trustworthy, and safe for general audiences, though the absence of WHOIS data limits domain registration trust analysis.

M

MAFRA, a.s.

lidovky.cz

63

Lidovky.cz is a prominent Czech news portal operated by MAFRA, a.s., offering a wide range of news, analyses, interviews, and premium content to a general audience interested in current affairs. The website demonstrates a mature digital infrastructure with integration of multiple advertising and analytics technologies, including Google Analytics, Gemius, and advanced consent management via Didomi. The site is well-designed with excellent content quality, clear navigation, and mobile optimization. Security posture is good with HTTPS enforced and consent mechanisms in place, though some improvements in security headers and incident response transparency are recommended. The absence of WHOIS data is a notable gap but does not detract significantly from the overall legitimacy given the strong business branding and content quality. Strategic recommendations include enhancing security headers, publishing vulnerability disclosure information, and improving accessibility features to further strengthen trust and compliance.