Security Directory

I

iCollection

i-collection.com

49

iCollection is a Latvian-based fabric retailer specializing in a wide range of fabrics including wool, silk, cotton, and designer fabrics primarily sourced from Italian designers. The company operates an e-commerce platform targeting retail customers and wholesale buyers interested in quality textiles. The website is professionally designed with good navigation and mobile optimization, supporting multiple languages and currencies to cater to a diverse audience. The business has been established since 2013, with a consistent online presence and transparent contact information including a physical address and phone number. Social media presence is maintained on Facebook and Instagram, enhancing customer engagement. From a technical perspective, the website utilizes common web technologies such as jQuery, Bootstrap, and Font Awesome, running on the OpenCart CMS platform. Hosting and domain registration are managed through GoDaddy, with the domain age supporting the business's longevity. Performance is moderate with good mobile responsiveness, though SEO and accessibility features are basic. Security posture is adequate with HTTPS enabled but lacks advanced security headers and DNSSEC, indicating room for improvement in hardening the site against potential threats. Security evaluation reveals no critical vulnerabilities or blocking mechanisms such as WAFs, but the absence of cookie consent mechanisms and security policies suggests partial compliance with privacy regulations like GDPR. Incident response and security contact information are not publicly available, which could hinder timely handling of security issues. Overall, the website is trustworthy and functional but would benefit from enhanced security and privacy compliance measures. The overall risk assessment is moderate with recommendations focusing on improving DNS security, implementing security headers, adding cookie consent, and publishing clear security policies. These steps will strengthen the site's security posture, improve regulatory compliance, and enhance customer trust.

O

OU ATLANTIC GROUP

atlantic.lv

50

Atlantic Travel is a Latvian travel agency operating since 2002, providing a wide range of travel services including flight and bus bookings, last minute deals, excursions, exotic trips, visa assistance, and travel insurance. The company targets travelers primarily from Latvia and neighboring regions, offering packaged tours and related services. The website reflects a medium-sized business with consistent branding and a professional online presence. Technically, the site uses modern JavaScript libraries and multiple analytics tools, ensuring good user experience and mobile optimization. Security posture is solid with HTTPS and reCAPTCHA usage, though security headers and explicit privacy policies are lacking. WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the website is trustworthy and safe for general audiences.

Violas ziedi is a small local e-commerce business specializing in flower delivery services in Daugavpils, Latvia. The website offers a variety of flower bouquets, decorative flower boxes, and floral compositions. The business targets general consumers looking for convenient and timely flower delivery with free delivery over a certain amount. The site is primarily in Russian with Latvian language support, reflecting its local market focus. Technically, the website is built on WordPress with WooCommerce and uses common libraries such as jQuery and Bootstrap. The site is moderately optimized for mobile and SEO, though it uses outdated versions of WordPress and WooCommerce, which may pose security risks. The site employs HTTPS with SSL for secure data transmission, especially for payment processing. From a security perspective, the site has basic protections but lacks important security headers and cookie consent mechanisms, which are important for GDPR compliance. No incident response or vulnerability disclosure information is provided. The absence of WHOIS data due to query limits limits the ability to fully verify domain legitimacy. Overall, the website is functional and professional for its business purpose but would benefit from technical and security updates to improve compliance, security posture, and trustworthiness.

L

Light House Hotel

lhj.lv

61

Light House Hotel is a boutique hospitality business located in Jurmala, Latvia, offering uniquely themed guestrooms inspired by various countries, complemented by a Mediterranean cuisine restaurant and banquet services. The website presents a professional and consistent brand image targeting tourists seeking a distinctive lodging experience by the Riga Gulf. The technical infrastructure is based on SilverStripe CMS with common JavaScript libraries and includes Google Analytics for visitor tracking. The site is mobile optimized with a cookie consent mechanism indicating GDPR awareness. Security posture is moderate with HTTPS implied but lacking visible security headers and explicit security policies. WHOIS data could not be retrieved due to query limits, limiting domain registration verification. Overall, the website is functional, trustworthy, and suitable for its business purpose.

S

Smeceres sils

smeceressils.lv

46

The website represents a local sports and recreational facility named "Smeceres sils" located in Latvia. It offers various outdoor sports services including roller and moto tracks, bicycle and roller ski rentals, and hosts sports competitions. The site targets sports enthusiasts and local visitors interested in outdoor activities. The business model is focused on facility usage and event hosting, positioning itself as a regional sports and recreation hub. Technically, the website uses a traditional jQuery-based stack with additional UI and timepicker plugins. It includes a cookie consent mechanism via PrivacyWire, indicating some level of privacy compliance. However, there is no evidence of modern frameworks or CMS platforms, and performance and mobile optimization are basic. The site lacks visible security headers and HTTPS status is unknown, which poses potential security risks. Security posture is moderate with cookie consent implemented but missing critical security headers and no visible HTTPS confirmation. No incident response or security policy information is available. The WHOIS data could not be retrieved due to query limits, limiting domain trust analysis. Contact information and privacy policies are present, supporting basic compliance and business credibility. Overall, the website is functional and provides relevant content for its audience but would benefit from improved security measures, HTTPS implementation, and enhanced technical modernization to increase trust and compliance.

B

Baltic Council

balticcouncil.lv

52

Baltic Council is a regional education service provider specializing in facilitating study abroad programs, language courses, exam preparation, and educational events primarily targeting students and educational institutions in the Baltic region. The website is professionally designed, multilingual, and provides clear navigation and contact information, supporting a medium-sized business model focused on education services. Technically, the site employs modern web technologies including Google Maps API, Cookiebot for cookie consent, Facebook Pixel, and Google Tag Manager, indicating a mature digital infrastructure. Security posture is strong with HTTPS enforced and privacy compliance mechanisms in place, although explicit security policies and incident response contacts are not found. Overall, the website presents a trustworthy and professional front with good privacy and advertising transparency.

Z

Zivju Lete

zivjulete.lv

45

Zivju Lete is a local seafood café and retail shop based in Riga, Latvia, offering a variety of seafood dishes and traditional local delicacies. The website supports three languages (Latvian, English, Russian) and provides a booking system integrated via a third-party iframe widget. The business targets general consumers interested in seafood dining and shopping in the city center. Technically, the website uses a range of popular JavaScript libraries and plugins to enhance user experience, including jQuery, Owl Carousel, and Moment.js. The site is moderately optimized for mobile and SEO but lacks advanced accessibility features. Security-wise, the site uses HTTPS but lacks visible security headers and explicit privacy or cookie policies, which are critical for GDPR compliance. No WHOIS data was available due to query limits, limiting domain legitimacy verification. Overall, the site is functional and professional but would benefit from improved security and privacy compliance measures.

F

Formiko Hydraulics Ltd

formiko.lv

42

Formiko Hydraulics Ltd is a Latvian manufacturer specializing in hydraulic rotators and related components primarily serving forestry, agriculture, construction, and material handling sectors. The company emphasizes high-quality, cost-effective solutions and maintains a strong export orientation, exporting 99% of its products. The website reflects a professional business presence with detailed product offerings, export promotion activities, and multiple contact points for customer engagement. Technically, the website employs a modern technology stack including jQuery, Bootstrap, Font Awesome, and Google reCAPTCHA Enterprise for form security. The site is mobile-optimized with good navigation and content quality, although some accessibility features are basic. Performance is moderate, and SEO practices are adequately implemented. From a security perspective, HTTPS is enforced and forms are protected with reCAPTCHA, but the absence of security headers and privacy/cookie policies indicates room for improvement. No critical vulnerabilities or exposed sensitive data were detected. The lack of WHOIS data limits domain registration trust analysis, but the website content and contact information support legitimacy. Overall, the site presents a credible and professional business front with moderate technical maturity and a good security baseline. Strategic enhancements in privacy compliance and security headers would strengthen trust and compliance posture.

S

SIA "Justina"

stpetershotel.lv

43

The website hotelforums.lv represents a small hospitality business operating in Riga, Latvia, offering hotel and apartment accommodations including Forums Boutique Hotel and apartments Laipu and Audeju. The business targets tourists and business travelers seeking comfortable and affordable lodging in Riga's historic center. The site provides detailed descriptions, customer testimonials, and online booking forms, supporting a user-friendly experience. Technically, the site uses a range of JavaScript libraries including jQuery, Google Analytics, Google Tag Manager, and Google reCAPTCHA to support functionality and tracking. The design is professional and mobile-optimized with good navigation clarity. Security posture is moderate with HTTPS usage and CAPTCHA integration, but lacks visible security headers and explicit privacy or cookie policies, which are areas for improvement. WHOIS data was unavailable due to query limits, limiting domain registration verification. Overall, the site is credible and functional but could enhance compliance and security transparency.

Audums Plus is a Latvian textile retailer operating since 1992, offering a broad range of fabrics, curtains, sewing accessories, and home textile products through both physical stores and an online e-commerce platform. The website targets consumers and businesses in Latvia seeking quality textile products with convenient delivery options. Technically, the site uses legacy JavaScript libraries such as jQuery 1.11.1 and several jQuery plugins, indicating a moderate level of digital maturity but with room for modernization. The website is mobile-optimized and provides a good user experience with clear navigation and relevant content. Security-wise, the site enforces HTTPS and implements cookie consent mechanisms, but lacks visible HTTP security headers and uses outdated libraries, which could expose it to vulnerabilities. WHOIS data is unavailable due to query limits, limiting domain legitimacy verification. Overall, the site is functional and professional but would benefit from technical and security improvements.

S

SIA "heise marketing"

medicine.lv

47

medicine.lv is a Latvian health portal operated by SIA "heise marketing" that provides comprehensive information on medical and pharmaceutical companies, health news, expert Q&A, forums, and product tests. It targets Latvian-speaking healthcare professionals and the general public interested in health and wellness. The website is well-established in the Latvian healthcare media space with a broad content offering and partnerships with official health institutions. Technically, the site uses a modern tech stack including jQuery, Bootstrap, and various media and analytics libraries, with good mobile optimization and SEO practices. Security posture is adequate with HTTPS and cookie consent mechanisms, though some security headers are missing. The site uses advertising networks such as Setupad and Google Ads, and tracking via Facebook Pixel and Matomo. WHOIS data is unavailable due to query limits, limiting domain trust verification, but the site content and business information appear professional and legitimate. Overall, the site is safe, well-maintained, and serves as a trusted health information resource in Latvia.

G

Green Motors

greenmotors.lv

53

Green Motors is a Latvian automotive dealership specializing in Škoda vehicles, offering a range of services including new and used car sales, servicing, leasing, and insurance. The website targets Latvian consumers interested in Škoda automobiles and related services, positioning itself as a local trusted dealer with a focus on customer experience. The digital infrastructure incorporates modern technologies such as Google Tag Manager, Cookiebot for consent management, and Google reCAPTCHA for security. The site is mobile-optimized and uses HTTPS to secure communications. However, the absence of visible privacy policies, terms of service, and direct contact information limits transparency and user trust. Security measures are adequate with CSRF tokens and secure cookies, but security headers are not explicitly detected. Overall, the website demonstrates a moderate level of digital maturity with room for improvement in privacy compliance and business transparency.

V

VERTE AUTO SIA

verteauto.lv

46

VERTE AUTO SIA operates as an official ŠKODA dealership and full-service auto center based in Riga, Latvia. The company provides a comprehensive range of automotive services including new and used ŠKODA vehicle sales, servicing, repairs, leasing, insurance, and spare parts. Positioned as a modern and reputable dealer in the Baltic region, VERTE AUTO targets ŠKODA customers seeking quality vehicles and after-sales services. The website reflects a professional business with clear branding and multiple customer engagement channels.

C

Cargobus

cargobus.lv

45

Cargobus is a regional courier and parcel delivery service operating primarily in Latvia, the Baltic states, and Europe. Established in 1992 and owned by T Grupp OÜ, the company offers courier services from courier to courier, courier to terminal, and additional related services. The website is professionally designed with good content quality and clear navigation targeting both business and individual customers in the region. The presence of partner logos and social media links enhances trust and market positioning. Technically, the website uses a modern tech stack including jQuery, Google Maps API, Google Tag Manager, and multiple tracking pixels such as Facebook and TikTok. It employs HTTPS and Google reCAPTCHA for security, though it lacks some advanced security headers and explicit incident response information. The site is mobile optimized and SEO friendly but could improve accessibility and cookie consent mechanisms. From a security perspective, the site demonstrates good baseline security practices with encrypted connections and no visible vulnerabilities. However, the absence of security headers and incident response details suggests room for improvement. Privacy compliance is basic with privacy and cookie policies present but lacking active consent mechanisms. Overall, the website is trustworthy and professional with a solid business foundation. The lack of WHOIS data limits domain registration verification, but the business information and website content align well. Strategic recommendations include enhancing security headers, implementing cookie consent, and publishing security policies to improve compliance and trust.

S

SIA 'Z222'

riepugaraza.lv

50

Riepu Garāža is a specialized automotive tire and wheel retailer operating primarily in Latvia with multiple service centers in Riga and an extensive online presence. The company offers a wide range of new and used tires, wheels, accessories, and related automotive services including tire mounting, wheel repair, and air conditioning refill. Their business model combines retail sales with service offerings, targeting vehicle owners and businesses requiring automotive tire solutions. The website demonstrates a solid market position with comprehensive product listings, multiple physical locations, and delivery services across Latvia and the Baltics. Technically, the website employs modern JavaScript libraries and tracking tools, ensuring a good user experience with mobile optimization and clear navigation. Security posture is adequate with HTTPS and cookie consent mechanisms, though there is room for improvement in security headers and incident response transparency. Overall, the site is professional, trustworthy, and compliant with GDPR requirements, though WHOIS data is unavailable due to query limits, limiting domain registration verification.

O

Ogres novada Kultūras centrs

okultura.lv

42

The website www.okultura.lv serves as the official cultural center portal for the Ogre municipality in Latvia, providing comprehensive information on cultural events, exhibitions, and community activities. It targets local residents and visitors interested in cultural happenings, offering event calendars, venue rental information, and news updates. The site reflects a public sector entity focused on promoting local culture and community engagement. Technically, the website employs a modern JavaScript stack including jQuery, Slick Carousel, and Google Translate integration, ensuring a responsive and accessible user experience across devices. The presence of cookie consent and privacy policy pages indicates compliance with GDPR requirements. Security-wise, while HTTPS is implied and cookie consent is implemented, explicit security headers and advanced security policies are not evident, suggesting room for improvement in security hardening. The absence of WHOIS data due to query limits restricts domain trust verification, but the website content and contact details support legitimacy. Overall, the site is professionally designed, content-rich, and trustworthy for its intended audience.

A

A-T Trade Music SIA

attrademusic.lv

51

A-T Trade Music SIA operates the website attrademusic.lv, a well-established Latvian retail business specializing in musical instruments, studio equipment, and accessories. The company positions itself as the largest music instrument and studio equipment store in Latvia, targeting musicians and related customers primarily in Latvia and neighboring countries. The website offers a comprehensive product catalog, news updates, and multiple social media channels, reflecting a mature digital presence. Technically, the website employs a range of JavaScript libraries including jQuery, Nivo Slider, and Select2, alongside tracking and marketing tools such as Google Analytics, Google Tag Manager, and Facebook Pixel. The site is mobile-optimized with responsive design and includes cookie consent mechanisms, indicating compliance with GDPR requirements. However, some technologies like jQuery are outdated, and security headers are not visibly implemented, which could pose risks. From a security perspective, the site uses HTTPS and cookie consent banners, but lacks visible security headers and incident response contact information. No vulnerabilities or exposed sensitive data were detected in the HTML content. The absence of a terms of service page and security.txt file suggests room for improvement in compliance and transparency. WHOIS data could not be retrieved due to query limits, but the website content and branding suggest a legitimate business. Overall, the website is professional, trustworthy, and functional with moderate technical sophistication. Strategic improvements in security headers, updated libraries, and enhanced compliance documentation would strengthen its security posture and trustworthiness.

Parfum24.lv is an e-commerce retailer specializing in perfumes, cosmetics, and related beauty products targeting Latvian and Russian-speaking consumers. The website offers a wide range of branded products with significant discounts and emphasizes original products sourced from official suppliers. The platform supports user login, subscription, and social media integration, indicating a moderate level of digital maturity. Technically, the site uses common JavaScript libraries such as jQuery and tracking tools including Google Analytics, Google Tag Manager, Facebook SDK, and Yandex Metrika, reflecting standard marketing and analytics practices. Security-wise, the site enforces HTTPS but lacks visible advanced security headers and comprehensive privacy or cookie policies, which are critical for GDPR compliance and user trust. The absence of WHOIS data limits domain legitimacy verification, but the presence of clear contact information and professional content supports moderate trust. Overall, the site is functional and professionally presented but would benefit from enhanced security and privacy compliance measures.

K

Koncertzāle "Latvija"

koncertzalelatvija.lv

42

Koncertzāle "Latvija" is a modern concert hall located in Ventspils, Latvia, offering a wide range of cultural events including concerts, children's events, and guided excursions. The venue positions itself as a significant regional cultural hub with excellent acoustics and a curated repertoire, targeting a general audience interested in music, arts, and education. The business model revolves around event hosting and ticket sales, with partnerships for ticketing and virtual tours. Technically, the website employs modern web technologies such as HTML5, CSS3, JavaScript, jQuery UI, and Mapbox GL JS for interactive maps. It integrates Google Analytics and Google Tag Manager for user tracking and performance monitoring. The site is mobile-optimized with good navigation and SEO practices, although accessibility features are basic. The presence of cookie consent and a privacy policy indicates awareness of GDPR compliance. From a security perspective, the site uses HTTPS with a good SSL configuration but lacks visible security headers in the HTML content. There is no public incident response or vulnerability disclosure information, which could be improved. No vulnerabilities or exposed sensitive data were detected in the content. The WHOIS data could not be retrieved due to query limits, limiting domain registration trust analysis. Overall, the website is professional, trustworthy, and well-suited for its cultural and event-driven purpose. Strategic recommendations include enhancing security headers, publishing incident response contacts, and adding a security.txt file to improve transparency and security posture.

P

Poligons "Sigulda"

poligon-1.lv

48

Poligon-1 is a Latvian-based laser tag entertainment provider operating primarily in Sigulda. The company offers a variety of active leisure services including laser tag games, action quests, labyrinth games, and event hosting for children, adults, and corporate groups. Their website is multilingual, professionally designed, and includes comprehensive information about their arenas, equipment, pricing, and booking options. Technically, the site uses modern JavaScript libraries and integrates with popular analytics and social media platforms. Security posture is moderate with HTTPS implied but lacks explicit security headers. Privacy and cookie policies are present with consent mechanisms, indicating good compliance with GDPR. However, WHOIS data is unavailable due to query limits, limiting domain trust verification. Overall, the business appears legitimate and well-positioned in the local hospitality and active leisure market.

V

Viesnīca Latvija, AS

skylinebar.lv

52

Skyline Bar is a premium cocktail bar located in Riga, Latvia, offering panoramic city views, signature cocktails, and brunch events. The business targets a mature audience interested in nightlife and hospitality experiences. The website is professionally designed using WordPress with modern technologies such as jQuery, Google reCAPTCHA, and MetaSlider for enhanced user experience. Contact information and social media presence are clearly provided, supporting business credibility. However, the absence of a privacy policy and terms of service pages indicates room for improvement in compliance and transparency. Security posture is solid with HTTPS and CAPTCHA protections, but lacks visible security headers and formal security policies. WHOIS data could not be retrieved due to query limits, limiting domain trust verification. Overall, the site is functional, visually appealing, and trustworthy for its hospitality sector audience.

I

ID Mēbeles

idmebeles.lv

46

ID Mēbeles is a Latvian-based furniture retailer operating primarily through an e-commerce platform complemented by a physical showroom in Riga. The company offers a wide range of furniture products for various home and office spaces, targeting Latvian consumers seeking quality and affordable furniture. Their business model combines online sales with in-person consultation and showroom experience, supported by delivery services across Latvia. The website is well-structured, visually appealing, and provides comprehensive product information, customer testimonials, and clear contact details, enhancing trust and user engagement. Technically, the website employs modern web technologies including jQuery, Bootstrap, and Google Tag Manager, ensuring responsive design and moderate performance. The presence of cookie consent mechanisms and privacy policies indicates attention to privacy compliance. However, security headers are not visibly implemented, suggesting room for improvement in security hardening. The site uses HTTPS, which is a fundamental security requirement. From a security perspective, the site shows good practices such as encrypted connections and no exposed sensitive data in the HTML. The cookie consent banner with granular controls supports GDPR compliance. The absence of WHOIS data limits domain registration verification, but the website content and business information appear consistent and legitimate. No signs of malicious activity or suspicious content were detected. Overall, the website presents a professional and trustworthy online presence for a medium-sized retail business. Strategic recommendations include enhancing security headers, conducting regular vulnerability assessments, and possibly publishing a security.txt file to improve vulnerability disclosure transparency. These steps would strengthen the security posture and further build customer trust.

L

Liapor s.r.o.

dumjednimtahem.cz

53

Dům jedním tahem is a Czech company specializing in low-energy prefabricated family houses made from ceramic concrete. The company emphasizes rapid construction, excellent insulation, and long durability. Their website offers free project designs, catalogs, consultations, and virtual tours, targeting individuals and families interested in energy-efficient homes in the Czech Republic. The business is positioned as a medium-sized regional player with a professional online presence and consistent branding. Technically, the website uses a variety of JavaScript libraries including jQuery, Google Tag Manager, and Slick Carousel, with good mobile optimization and SEO practices. The site enforces HTTPS and implements a cookie consent mechanism, reflecting a good security posture. However, no explicit security headers were detected, and WHOIS data for the domain is missing, which slightly reduces trustworthiness. Security-wise, the site shows good compliance with GDPR, including detailed privacy policies and consent forms. There are no visible vulnerabilities or exposed sensitive data. The absence of WHOIS data is a concern but does not negate the legitimacy suggested by the website content and business information. Overall, the website is professional, secure, and compliant, with minor improvements recommended in security headers and domain registration transparency.

K

KH ISMM Kopřivnice

khkoprivnice.cz

52

KH ISMM Kopřivnice is a regional handball sports club based in Kopřivnice, Czech Republic. The website serves as a hub for team information, match schedules, results, youth programs, and club history, targeting handball enthusiasts, players, and the local community. The club operates as a non-profit entity focused on sports development and community engagement. Technically, the website employs a variety of JavaScript libraries including jQuery, Nivo Slider, and Owl Carousel, and is built on the Web Bez starosti CMS platform. The site is mobile responsive and provides a good user experience with clear navigation and relevant content. Security posture is moderate with HTTPS enabled but lacks advanced security headers and formal privacy or cookie policies. WHOIS data is unavailable, which raises concerns about domain registration transparency. Overall, the site is professional and trustworthy but would benefit from improved compliance and security practices.

B

Born To Swim s.r.o.

borntoswim.cz

57

Born To Swim s.r.o. operates a Czech-based e-commerce platform specializing in swimming gear and accessories. The company targets swimmers and sports enthusiasts, offering a comprehensive range of products including swim fins, goggles, caps, and training aids. The website positions itself as a trusted local brand with a focus on quality and customer service. Technically, the site is built on the Shoptet platform, utilizing common web technologies such as jQuery, Bootstrap, and tracking tools like Google Tag Manager and Facebook Pixel. The site is mobile-optimized and provides a good user experience with clear navigation and professional design. Security-wise, the website enforces HTTPS and includes cookie consent mechanisms, but lacks explicit security headers and uses an outdated jQuery version, which could pose risks. WHOIS data is unavailable, which slightly impacts trustworthiness, but the visible business information and contact details support legitimacy. Overall, the site is well-structured, compliant with GDPR, and safe for general audiences.

ExtraChorvatsko.cz is a Czech language travel guide website focused on providing detailed information about traveling to Croatia. It offers practical advice on transportation, accommodation options, and popular tourist destinations, targeting Czech-speaking travelers planning independent vacations. The site leverages affiliate marketing by linking to accommodation portals, generating revenue through referrals. Technically, the website is built on WordPress with common plugins such as Contact Form 7 and a weather widget, hosted likely by Wedos, a Czech hosting provider. While the site is mobile-optimized and has good content quality, it lacks advanced SEO and accessibility features. Security posture is moderate with HTTPS enabled but missing important security headers and no active analytics tracking despite plugin presence. Privacy compliance is weak due to the absence of privacy and cookie policies. Overall, the site is functional and trustworthy but would benefit from improved security and compliance measures.

P

Prabos plus a.s.

prabos.cz

47

Prabos plus a.s. is a Czech manufacturer specializing in the production and sale of safety and professional footwear, with a heritage dating back to 1860. The company targets professionals and workers requiring durable and secure footwear for extreme conditions. Their market position is supported by direct sales through their website, complemented by after-sales services and warranty support. The website reflects a mature digital presence with modern technologies and integration of multiple marketing and analytics tools. Security posture is solid with HTTPS and secure forms, though there is room for improvement in security headers and explicit security policies. The absence of WHOIS data is a notable gap in domain legitimacy verification, but the overall business credibility remains high based on website content and trust signals. Strategic recommendations include enhancing security headers, publishing incident response information, and verifying domain registration details to improve trust.

GRENA, a.s. is a Czech manufacturing company specializing in insulating vermiculite boards and fire-resistant materials, serving industrial and commercial sectors with a well-established market presence since 1999. Their website offers product information, e-commerce capabilities, and company news, targeting primarily Czech-speaking customers with some English support. The technical infrastructure uses modern web technologies including jQuery, Bootstrap, and Google Tag Manager, with a custom CMS by FlexiSystems. The site is mobile-optimized and SEO-friendly, though accessibility could be improved. Security posture is solid with HTTPS and cookie consent implemented, but lacks advanced security headers and explicit security policies. WHOIS data confirms domain legitimacy and long-term operation. Overall, the website is professional, trustworthy, and business-focused.

A

ACI - Auto Components International, s. r. o.

aci.cz

56

ACI - Auto Components International, s. r. o. is a well-established Czech company specializing in automotive components and accessories. Founded in 2000, it serves both B2B and B2C markets with a broad product range including auto parts, classic car components, original manufacturer parts, trailers, and air conditioning systems. The company targets automotive professionals and vehicle owners primarily in the Czech Republic. The website reflects a professional and consistent brand image with clear navigation and relevant content. Technically, the site uses a custom CMS with ASP pages and relies on jQuery libraries and Google Fonts, hosted on Dial Telecom infrastructure. While the site is functional and moderately optimized for performance and mobile, some outdated libraries and missing security headers present potential risks. Security posture is adequate but could be improved with modern best practices and explicit policies. Contact information is comprehensive, including phone, email, physical address, and social media links, enhancing business credibility. Cookie consent is implemented, but privacy and terms policies are not clearly found. Overall, the site is trustworthy and professionally maintained with room for security and compliance enhancements.

F

Federal Cars spol. s r.o.

federalcars.cz

57

Federal Cars spol. s r.o. is a Czech Republic based automotive dealership specializing in multiple car brands including Volvo, Peugeot, Mazda, Honda, and Citroen. The company operates through a structured website with dedicated subdomains for each brand, offering new and used car sales as well as servicing. The website targets general consumers in the Liberec region and positions itself as an authorized dealer with a focus on quality and ecological vehicles. Technically, the site uses jQuery and jQuery UI libraries, has a cookie consent mechanism, and is moderately optimized for mobile and SEO. However, the absence of WHOIS data and lack of visible security headers reduce transparency and security posture. No privacy policy or terms of service pages were found, which impacts compliance. Overall, the site is functional and professional but could improve in security and compliance documentation.

C

Chefarena.cz

chefarena.cz

56

Chefarena.cz operates a unique gastronomic studio near Prague, offering cooking courses led by top Czech chefs, children’s culinary classes, and private or corporate event hosting. The business positions itself as a niche leader in culinary education with a focus on personalized experiences and a family atmosphere. The website is professionally designed using WordPress and WooCommerce, integrating modern SEO and performance tools, and complies with GDPR and cookie regulations through a comprehensive consent mechanism. Social media presence and partnerships with related hospitality businesses enhance its market reach. Security posture is solid with HTTPS, reCAPTCHA, and cookie consent, though some security headers could be improved. Overall, the site is trustworthy, well-maintained, and serves its target audience effectively.

A

Asklepion

asklepion.cz

48

Asklepion is a leading clinical and aesthetic medicine institute in the Czech Republic, offering a wide range of specialized medical services including dermatology, stomatology, plastic surgery, and more. The website reflects a mature digital presence with comprehensive service descriptions, customer testimonials, and an integrated e-commerce platform for related products. Technically, the site employs modern web technologies such as Bootstrap, jQuery, and Google Analytics, ensuring a responsive and user-friendly experience. Security measures include HTTPS enforcement and reCAPTCHA integration, although there is room for improvement in security headers and explicit incident response policies. Overall, the site is professional, trustworthy, and compliant with GDPR, making it a reliable resource for patients and clients.

C

Cyklovize 2030

stavbycyklo.cz

43

Cyklovize 2030 is a Czech Republic based project focused on promoting healthy, affordable, and ecological transportation through cycling infrastructure development. The website serves as a national platform to encourage cycling as a daily transport mode, targeting city residents, families, and local governments. Supported by the Czech Insurance Bureau's Damage Prevention Fund, it positions itself as a key advocate for safer cycling networks. Technically, the site uses a traditional web stack including jQuery, Bootstrap, and Google Fonts, with moderate performance and good mobile optimization. Security-wise, HTTPS is implemented and cookie consent mechanisms are in place, but the use of an outdated jQuery version and lack of security headers present risks. The absence of a privacy policy and WHOIS data limits full trust assessment. Overall, the site is professional and trustworthy but would benefit from technical and compliance improvements.

A

Alma Career Czechia s.r.o.

kdejinde.cz

58

The website kdejinde.jobs.cz serves as the official career portal for the ČEZ Group, a leading energy company in the Czech Republic. It provides job listings, career information, and educational content targeted at students, graduates, and job seekers interested in the energy sector. The portal is professionally designed with consistent branding and clear navigation, reflecting the stature of its parent company, ČEZ, a.s. The site integrates multiple subsidiaries and partner companies, showcasing a broad ecosystem within the energy industry. The content is comprehensive and relevant, supporting the recruitment and employer branding efforts of the group. Technically, the website employs modern web technologies including React, jQuery, and Google Tag Manager, supported by a proprietary CMS from Alma Career. The site is mobile-optimized, accessible, and performs moderately well. It uses a robust cookie consent mechanism compliant with GDPR, ensuring user privacy and transparency. Analytics and marketing tools are implemented responsibly, with clear consent management. From a security perspective, the site enforces HTTPS and employs cookie consent best practices. While explicit security headers like CSP or X-Frame-Options are not evident, no critical vulnerabilities or exposed sensitive data were found. The absence of WHOIS data suggests privacy protection, which is justified for a corporate recruitment portal. Overall, the site demonstrates a strong security posture and compliance with privacy regulations. The overall risk assessment is low, with the site representing a legitimate, well-maintained corporate career portal. Strategic recommendations include enhancing security headers, increasing visibility of incident response contacts, and continuous monitoring of third-party scripts. These measures will further strengthen the site's security and trustworthiness.

P

Partnerství pro městskou mobilitu z. s.

dobramesta.cz

45

Partnerství pro městskou mobilitu z. s. is a Czech non-profit organization dedicated to promoting urban mobility, cycling, and sustainable transport solutions. The website serves as an information hub for municipalities, non-profit sectors, and stakeholders interested in urban mobility projects, education, and advocacy. It features news, events, project descriptions, and educational resources, positioning the organization as a key player in the Czech urban mobility landscape. Technically, the website employs a custom CMS with a technology stack including jQuery, Bootstrap, and various JavaScript libraries for UI and interactivity. It integrates Google Analytics for visitor tracking and Google reCAPTCHA for form security. The site is mobile-optimized and uses HTTPS with a good SSL configuration, although some libraries like jQuery are outdated, which could pose security risks. From a security perspective, the site demonstrates good practices such as HTTPS enforcement and cookie consent mechanisms compliant with GDPR. However, it lacks visible security headers and explicit contact information for security or incident response. The absence of WHOIS data due to privacy protection reduces transparency but is justified for a non-profit entity. No vulnerabilities or malicious content were detected. Overall, the website is professional, trustworthy, and well-structured, serving its target audience effectively. Strategic improvements in security headers, updating libraries, and publishing security policies would enhance its security posture and trustworthiness.

K

KLAS Jaroměřice, spol. s r.o.

klasjaromerice.cz

49

KLAS Jaroměřice, spol. s r.o. is a small family-owned agricultural company based in the Czech Republic, founded in 1992 after the dissolution of a state farm. The company focuses on traditional agricultural primary production including crop cultivation and land management services such as land purchase and rental. Historically, it also engaged in animal husbandry but ceased pig farming in 2009 for economic reasons. The website presents a professional and clear overview of the business, targeting local landowners and agricultural stakeholders. Technically, the site uses legacy JavaScript libraries including jQuery 1.10.2 and integrates Google Analytics for visitor tracking. The site includes a GDPR cookie consent banner but lacks a formal privacy policy or terms of service pages. Security posture is moderate with no HTTPS or security headers data available for review, and outdated libraries pose potential vulnerabilities. WHOIS data is unavailable, limiting domain legitimacy verification. Overall, the site is functional and trustworthy for its business scope but would benefit from improved security and compliance documentation.

Česká pošta, s.p. operates the official e-commerce platform postshop.cz, offering postal supplies such as envelopes, cardboard boxes, postal vouchers, and data security products including chip cards and readers. The website targets both general consumers and businesses within the Czech Republic, positioning itself as a trusted retail channel for postal and related products. The business is well-established with a domain age dating back to 2001, reflecting a mature market presence. Technically, the website is built on ASP.NET Web Forms with a frontend leveraging jQuery and various slider plugins. Hosting and domain registration are managed by Active24, a known provider. The site performs moderately well with basic mobile optimization and SEO practices. Google Tag Manager is used for analytics, indicating some level of digital maturity. From a security perspective, the site uses HTTPS but lacks visible security headers such as Content-Security-Policy or X-Frame-Options. There is no cookie consent mechanism, which is a compliance gap under GDPR. No direct contact emails or phone numbers are present on the main page, limiting immediate user support access. No vulnerabilities or exposed sensitive data were detected in the HTML content. Overall, the website is professional and trustworthy with good content quality and business credibility. However, improvements in privacy compliance and security best practices are recommended to enhance user trust and regulatory adherence.

F

Franklin Electric

franklin-electric.com

74

Franklin Electric is a well-established global manufacturer and distributor specializing in systems and technologies for moving and protecting critical resources such as water, fuel, and electricity. The company serves a diverse range of sectors including residential, commercial, agricultural, industrial, municipal, and energy applications. With over 80 years of history and multiple industry recognitions, Franklin Electric holds a strong market position as a leader in its field. The website reflects a professional corporate presence with clear navigation and comprehensive content about its products, services, and corporate social responsibility initiatives. Technically, the site employs modern JavaScript libraries, Google Tag Manager, and Microsoft Application Insights for analytics and telemetry, indicating a mature digital infrastructure. Security posture is solid with HTTPS enforced and cookie consent mechanisms in place, though there is room for improvement in security headers and incident response transparency. Overall, the website is trustworthy and well-maintained, supporting the company's credibility and business objectives.

O

OpenSubtitles.org

opensubtitles.org

65

OpenSubtitles.org operates a large, multilingual subtitle database platform providing free subtitle downloads and uploads for movies and TV series. The website targets a broad audience of movie and TV content consumers worldwide, offering advanced search features, API support, and community engagement through forums and blogs. The business model includes free access with optional VIP membership for ad removal. Technically, the site uses a mature stack with jQuery and various third-party scripts, including Google reCAPTCHA for login security and Cloudflare Insights for performance monitoring. Security posture is moderate with HTTPS enforced but missing some recommended security headers. The WHOIS data is malformed and incomplete, limiting domain trust verification. Overall, the site is functional, content-rich, and safe for general audiences but could improve privacy compliance and security headers.

S

Středisko volného času Rosice - RUBIKO

svcrubiko.cz

58

Středisko volného času Rosice - RUBIKO is a local leisure and educational center based in Rosice, Czech Republic, providing a variety of programs such as courses, camps, workshops, and community events primarily targeting children, youth, and families. The organization operates as a non-profit entity focused on youth education and leisure activities within the local community. The website reflects this mission with clear navigation and relevant content about their services and upcoming events. Technically, the site uses a combination of legacy and modern web technologies including jQuery, Google Maps API, and Google Analytics, with a moderate performance profile and good mobile optimization. Security-wise, the site enforces HTTPS and implements a comprehensive cookie consent mechanism aligned with GDPR requirements, although it lacks advanced security headers and explicit security policies. The absence of WHOIS data for the domain reduces trustworthiness from a domain registration perspective, but the website content and contact information support its legitimacy. Overall, the site is professional, user-friendly, and compliant with privacy regulations, serving its community effectively.

A

ARVAL CZ s.r.o.

arvalauto.cz

54

ARVAL CZ s.r.o. operates a professional vehicle leasing and sales platform in the Czech Republic, specializing in operational leasing of new and used vehicles. The company targets both individual and business customers, offering a wide range of vehicle brands and flexible leasing options. The website is well-structured, with clear navigation and comprehensive content supporting the business model. Technically, the site employs modern JavaScript libraries and tracking tools, including Google Tag Manager and Adform, alongside a robust cookie consent mechanism ensuring GDPR compliance. Security posture is generally strong with HTTPS enforced and no exposed sensitive data, though the absence of explicit security headers suggests room for improvement. The lack of publicly available WHOIS data for the domain slightly reduces trust but is likely due to registry policies rather than malicious intent. Overall, the site presents a credible and professional digital presence for a medium-sized transportation leasing business.

Fundacja na Rzecz Wsparcia Innowacji w JST is a Polish non-profit organization dedicated to supporting local government units (JST) through innovative solutions, training, consulting, and software tools. The foundation targets municipalities, counties, and regions in Poland, aiming to modernize and improve public administration efficiency. Their key services include public relations support, social consultation platforms, legal and economic consulting, and specialized training programs. The website reflects a professional and consistent brand image with clear contact channels and client references from Polish local governments. Technically, the website is built on WordPress 6.6.2 with a modern tech stack including jQuery, Bootstrap, and various UI libraries. It uses HTTPS with Google reCAPTCHA v3 for form protection and integrates Google Analytics and Facebook SDK for tracking and marketing. The site is mobile-optimized and performs moderately well, though accessibility features are basic. No advanced security headers or DNSSEC are implemented, which presents some security improvement opportunities. From a security perspective, the site has a moderate posture with HTTPS and anti-bot measures but lacks published security policies, incident response contacts, and vulnerability disclosure mechanisms. No critical vulnerabilities or exposed sensitive data were detected. The domain registration is consistent with the business claims, showing a legitimate and stable presence since 2016. Overall, the website is a credible and professional platform for a specialized non-profit serving Polish local governments. Strategic improvements in privacy compliance, security headers, and incident response transparency would enhance trust and security posture.

S

San Joaquin Delta College

deltacollege.edu

66

San Joaquin Delta College is a well-established public community college serving the San Joaquin Valley and Mother Lode regions. The institution offers over 200 degrees and certificates, focusing on trade skills, academic transfer, and workforce development. The website reflects a strong regional presence with comprehensive educational services and student support. The target audience includes prospective and current students, faculty, staff, and the local community. The college positions itself as an affordable and flexible educational option with a broad range of academic and personal growth programs. Technically, the website is built on Drupal 7 with a mature technology stack including jQuery, Flexslider, and Font Awesome. It integrates marketing and analytics tools such as Google Tag Manager and LiveChat for user engagement and tracking. The site is mobile optimized and accessible, with good SEO practices and clear navigation. Performance is moderate, typical for a content-rich educational site. From a security perspective, the site enforces HTTPS and uses some security best practices, but lacks explicit security headers and a vulnerability disclosure policy. No incident response contacts or security policies are publicly available. The domain WHOIS data is consistent with the institution's identity, showing no privacy protection and a legitimate registration period. Overall, the security posture is solid but could be improved with enhanced headers and transparency. The website is safe for general audiences, with no adult or questionable content. Social media presence is strong and official. Privacy compliance is basic, with a privacy and cookie policy present but no explicit consent mechanism. Business credibility is high, supported by accreditation and clear contact information. Strategic recommendations include improving security headers, publishing incident response contacts, implementing cookie consent, and maintaining up-to-date software to enhance security and compliance.

S

Schiedam - Nieuwsbrieven

nieuwsbriefschiedam.nl

56

The website nieuwsbriefschiedam.nl serves as an official local government portal for newsletters related to the city of Schiedam, Netherlands. It provides community news, cultural updates, subsidy information, and other local government communications. The site is relatively new, established in 2023, and is registered to Gemeente Schiedam, confirming its official status. The target audience includes residents, local businesses, and stakeholders interested in Schiedam's municipal affairs. Technically, the website is built on WordPress 6.6.2 with modern plugins such as Yoast SEO and Advanced Custom Fields Pro, indicating a mature and maintainable infrastructure. The site is mobile-optimized, accessible, and SEO-friendly, though performance is moderate. No major technical issues or vulnerabilities were detected in the provided content. From a security perspective, the site uses HTTPS and DNSSEC, which are positive indicators. However, no explicit security headers were detected, and there is a lack of visible privacy and cookie policies, which are important for GDPR compliance. No contact information for security incidents or data protection officers was found, representing an area for improvement. Overall, the website is trustworthy and professional, with a clear government affiliation and consistent branding. The main risks relate to privacy compliance and security hardening. Strategic recommendations include implementing comprehensive privacy and cookie policies, adding security headers, and providing clear contact channels for security and privacy matters.

L

Liapor s.r.o.

djt.cz

53

Dům jedním tahem is a Czech company specializing in the design and construction of low-energy prefabricated family houses made from ceramic concrete. The company offers a range of housing options including classic, premium, and modular homes, emphasizing quick construction, excellent insulation, and long durability. Their business model includes providing free project designs, printed catalogs, and personalized consultations, targeting individuals and families in the Czech Republic seeking sustainable and modern housing solutions. The website reflects a mature digital presence with professional design, clear navigation, and GDPR-compliant data collection practices. Technically, the website employs a variety of JavaScript libraries such as jQuery, Slick Carousel, and Google Tag Manager for analytics and marketing. The site is mobile-optimized and includes cookie consent mechanisms, indicating awareness of privacy regulations. However, explicit security headers are not detected, and WHOIS data is unavailable, which slightly impacts transparency and trust. From a security perspective, the site uses HTTPS and has implemented cookie consent and form validation, but lacks visible advanced security policies or incident response information. No vulnerabilities or suspicious content were detected. Overall, the site presents a secure and professional front but could improve in security header implementation and WHOIS transparency. The overall risk assessment is moderate to low, with recommendations to enhance security headers, update libraries regularly, and provide clearer security policies to strengthen trust and compliance.

C

Chodovské technicko-ekologické služby s.r.o.

chotes.cz

36

Chodovské technicko-ekologické služby s.r.o. is a municipal service company founded in 2000 by the city of Chodov, Czech Republic. It specializes in communal services including waste collection, public lighting operation, road maintenance, and environmental management. The company holds a strong regional position as a trusted partner for local government and residents, offering a broad range of public utility services. The website reflects a professional municipal service provider with clear service offerings and local community focus. Technically, the website employs modern JavaScript libraries and frameworks such as jQuery, Leaflet, and the Nette framework, providing a responsive and user-friendly experience. The site includes GDPR-compliant cookie consent mechanisms and links to a comprehensive privacy policy document. Security posture is adequate with HTTPS enforced and email obfuscation implemented, though the absence of visible HTTP security headers and incident response contacts suggests room for improvement. The lack of WHOIS data reduces domain trustworthiness, but the overall business credibility remains high due to consistent branding, certifications, and official partner links. Strategic recommendations include enhancing security headers, publishing incident response contacts, and improving WHOIS transparency to strengthen trust and compliance.

C

Ceeinno

ceeinno.eu

45

Ceeinno is a small-scale innovation support entity based in the Czech Republic, with its website first published in 2016. The site presents basic information about the company and its mission to support innovation but lacks detailed business descriptions, contact information, or comprehensive policies. Technically, the website is built on WordPress, utilizing common plugins such as Mailchimp and Yoast SEO, and includes Google Analytics for user tracking. The site demonstrates moderate technical maturity with basic mobile optimization and SEO features but lacks advanced security headers and explicit privacy or cookie policies. Security posture is limited, with no visible incident response or vulnerability disclosure mechanisms. Overall, the website is accessible and safe, but improvements in compliance, security, and business transparency are recommended to enhance trust and professionalism.

U

United States Geological Survey

usgs.gov

73

The United States Geological Survey (USGS) is a premier federal scientific agency providing comprehensive research and data on natural hazards, water resources, energy, minerals, ecosystems, and environmental health. Positioned as the authoritative source for earth science information in the United States, USGS serves government agencies, researchers, educators, and the public with timely and relevant scientific data. The website reflects this mission with rich content, authoritative descriptions, and a focus on public service. Technically, the USGS website is built on Drupal 10, leveraging modern web technologies including jQuery UI, Google Tag Manager, Google Analytics, and Hotjar for analytics and user experience insights. The site demonstrates good performance, excellent mobile optimization, and accessibility features, ensuring broad usability. The use of HTTPS and security headers indicates a strong security posture, although explicit security policies and incident response information are not prominently published. Security-wise, the site benefits from robust SSL configuration and standard security headers, with no visible vulnerabilities or exposed sensitive data. However, the absence of a published vulnerability disclosure policy or security.txt file and limited incident response contact details suggest areas for improvement in transparency and readiness. Privacy compliance is well addressed with clear privacy and cookie policies, including consent mechanisms and GDPR considerations. Overall, the USGS website is a highly credible, professional, and secure government resource. The incomplete WHOIS data is typical for .gov domains and does not detract from the site's legitimacy. Strategic recommendations include publishing detailed security policies, incident response procedures, and vulnerability disclosure information to enhance trust and compliance further.

M

MicronesiaTour.com

micronesiatour.com

55

MicronesiaTour.com serves as the official travel and tourism website for the Micronesia region, including Guam, Northern Mariana Islands, Palau, FSM, and Marshall Islands. It provides comprehensive travel information, destination guides, event announcements, and cultural insights aimed at attracting tourists and promoting regional tourism. The website is positioned as a key regional tourism portal with a clear focus on hospitality and government tourism sectors. Technically, the site is built on Drupal 7 with a range of JavaScript libraries and integrates Google Analytics for visitor tracking. While the site is mobile-optimized and well-structured, it uses some outdated libraries and lacks advanced security headers and cookie consent mechanisms. The domain is well aged and registered with a reputable registrar, enhancing its credibility. However, the absence of explicit contact information and privacy compliance features are notable gaps. Overall, the website is functional and professional but would benefit from security and privacy improvements.

N

New Orleans Jewish Community Center

nojcc.org

66

The New Orleans Jewish Community Center (JCC) is a well-established non-profit organization serving the New Orleans and Metairie communities. It offers a broad range of services including fitness centers, aquatics programs, early childhood education, summer camps, and cultural events focused on Jewish heritage and community engagement. The website reflects a community-oriented business model targeting local families and individuals interested in health, education, and cultural enrichment. The organization maintains partnerships with recognized entities such as the Jewish Community Centers Association, Jewish Federation of Greater New Orleans, and United Way, enhancing its market position and trustworthiness. Technically, the website is built on the Accrisoft CMS platform and employs a modern technology stack including jQuery libraries, Google Tag Manager, Google Analytics 4, Facebook Pixel, and Hotjar for analytics and user behavior tracking. The site is mobile optimized with good navigation and SEO practices, though performance is moderate. Security posture is solid with HTTPS enabled and no exposed sensitive data, but lacks visible security headers and explicit incident response or security policies. From a security and compliance perspective, the site does not expose vulnerabilities in the HTML content and uses secure analytics tools. However, the absence of WHOIS data due to a malformed WHOIS response limits domain trust assessment. Privacy compliance is basic with a privacy policy present but no explicit cookie policy banner. No incident response or vulnerability disclosure information is publicly available. Overall, the site is safe with no adult or malicious content detected. Strategically, the organization should enhance transparency by publishing security policies, improving cookie consent mechanisms, and implementing security headers. Addressing these gaps will strengthen user trust and compliance posture while maintaining its strong community presence.